JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 197.219.146.95

197.219.146.95 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 75%: ?

75%

ISP	Movitel, SA
Usage Type	Fixed Line ISP
ASN	AS37342
Hostname(s)	dynamic-adsl.movitel.co.mz
Domain Name	movitel.co.mz
Country	🇲🇿 Mozambique
City	Maputo, Maputo City

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 197.219.146.95

Whois 197.219.146.95

IP Abuse Reports for 197.219.146.95:

This IP address has been reported a total of 21 times from 12 distinct sources. 197.219.146.95 was first reported on June 9th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 screwlooseit.com.au	2026-06-12 01:35:14 (4 hours ago)	Blocked by CSF 13 firewall - Rule: XMLRPC MZ/Mozambique/dynamic-adsl.movitel.co.mz	Web App Attack
Anonymous	2026-06-11 19:59:13 (9 hours ago)		Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-11 16:53:18 (12 hours ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 integrantservices.com	2026-06-11 16:22:50 (13 hours ago)	(wordpress) Failed wordpress login from 197.219.146.95 (MZ/Mozambique/dynamic-adsl.movitel.co.mz)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 15:53:23 (13 hours ago)	(mod_security) mod_security (id:240335) triggered by 197.219.146.95 (dynamic-adsl.movitel.co.mz): 1 ... show more (mod_security) mod_security (id:240335) triggered by 197.219.146.95 (dynamic-adsl.movitel.co.mz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 11:53:17.192810 2026] [security2:error] [pid 30063:tid 30086] [client 197.219.146.95:51740] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.219.146.95 (+1 hits since last alert)\|gabegabel.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gabegabel.com"] [uri "/xmlrpc.php"] [unique_id "airZ7cFMd4Zncyb9P4i1zgAAAJE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-06-11 15:07:46 (14 hours ago)	Unauthorized access to webpage admin	Web App Attack
Anonymous	2026-06-11 12:57:11 (16 hours ago)	[redacted] 197.219.146.95 - - [11/Jun/2026:14:56:25 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 197.219.146.95 - - [11/Jun/2026:14:56:25 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 197.219.146.95 - - [11/Jun/2026:14:56:37 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 197.219.146.95 - - [11/Jun/2026:14:56:48 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)" [redacted] 197.219.146.95 - - [11/Jun/2026:14:56:59 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 197.219.146.95 - - [11/Jun/2026:14:57:10 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 08:01:23 (21 hours ago)	(mod_security) mod_security (id:240335) triggered by 197.219.146.95 (dynamic-adsl.movitel.co.mz): 1 ... show more (mod_security) mod_security (id:240335) triggered by 197.219.146.95 (dynamic-adsl.movitel.co.mz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 04:01:19.675358 2026] [security2:error] [pid 28298:tid 28298] [client 197.219.146.95:63039] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.219.146.95 (+1 hits since last alert)\|frogdesignmexico.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "frogdesignmexico.com"] [uri "/xmlrpc.php"] [unique_id "aiprT67M7KiGmfmI9MKQ1QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 07:01:18 (22 hours ago)	(mod_security) mod_security (id:240335) triggered by 197.219.146.95 (dynamic-adsl.movitel.co.mz): 1 ... show more (mod_security) mod_security (id:240335) triggered by 197.219.146.95 (dynamic-adsl.movitel.co.mz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 03:01:13.521672 2026] [security2:error] [pid 24566:tid 24566] [client 197.219.146.95:50586] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.219.146.95 (+1 hits since last alert)\|doreenkimura.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "doreenkimura.com"] [uri "/xmlrpc.php"] [unique_id "aipdOWNq9qliWjyOZBeybAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-10 20:57:07 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 19:05:30 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 197.219.146.95 (dynamic-adsl.movitel.co.mz): 1 ... show more (mod_security) mod_security (id:240335) triggered by 197.219.146.95 (dynamic-adsl.movitel.co.mz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 15:05:22.720697 2026] [security2:error] [pid 26092:tid 26092] [client 197.219.146.95:57084] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.219.146.95 (+1 hits since last alert)\|mrccertification.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mrccertification.com"] [uri "/xmlrpc.php"] [unique_id "aim1ci5I24OOXNHjsszA1wAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Marc	2026-06-10 16:02:15 (1 day ago)	197.219.146.95 - - [10/Jun/2026:18:01:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3703 "-" "WordPress. ... show more 197.219.146.95 - - [10/Jun/2026:18:01:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3703 "-" "WordPress.com; https://wordpress.com" 197.219.146.95 - - [10/Jun/2026:18:02:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3703 "-" "Jetpack/12.1; WordPress/6.2; http://site61729306.com" 197.219.146.95 - - [10/Jun/2026:18:02:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3703 "-" "Jetpack by WordPress.com" show less	Brute-Force Web App Attack
Anonymous	2026-06-10 14:06:40 (1 day ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-10 10:23:20 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 197.219.146.95 (dynamic-adsl.movitel.co.mz): 1 ... show more (mod_security) mod_security (id:240335) triggered by 197.219.146.95 (dynamic-adsl.movitel.co.mz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 06:23:15.132803 2026] [security2:error] [pid 22566:tid 22566] [client 197.219.146.95:50353] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.219.146.95 (+1 hits since last alert)\|bradleybarefoot.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bradleybarefoot.com"] [uri "/xmlrpc.php"] [unique_id "aik7ExQyVAy3g_p7G8PcIgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 08:42:11 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 197.219.146.95 (dynamic-adsl.movitel.co.mz): 1 ... show more (mod_security) mod_security (id:240335) triggered by 197.219.146.95 (dynamic-adsl.movitel.co.mz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 04:42:01.484326 2026] [security2:error] [pid 27081:tid 27081] [client 197.219.146.95:63677] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.219.146.95 (+1 hits since last alert)\|abcollie.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "abcollie.com"] [uri "/xmlrpc.php"] [unique_id "aikjWY1M4-9qTkHfFa6TCwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.214.56.78

🇫🇮 147.185.133.192

🇳🇬 102.88.137.80

🇮🇹 93.34.84.136

🇳🇱 45.148.10.183

🇳🇱 212.192.216.2

🇺🇸 205.210.31.97

🇨🇱 190.151.5.26

🇳🇱 103.251.165.133

🇭🇰 103.230.240.59

🇩🇪 69.5.169.232

🇺🇸 18.227.107.145

🇪🇸 5.45.167.120

🇰🇷 218.157.205.238

🇱🇻 217.60.3.128

🇺🇸 162.216.150.58

🇷🇴 94.156.152.50

🇫🇷 91.231.89.6

🇹🇼 59.120.181.134

🇸🇬 47.237.167.49