JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 197.221.251.135

197.221.251.135 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 12%: ?

12%

ISP	MPLS ADSL Broadband
Usage Type	Fixed Line ISP
ASN	AS37204
Hostname(s)	16.135.telone.co.zw
Domain Name	telone.co.zw
Country	🇿🇼 Zimbabwe
City	Harare, Harare

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 197.221.251.135

Whois 197.221.251.135

IP Abuse Reports for 197.221.251.135:

This IP address has been reported a total of 21 times from 18 distinct sources. 197.221.251.135 was first reported on September 26th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-26 12:44:56 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 197.221.251.135 (16.135.telone.co.zw): 1 in the ... show more (mod_security) mod_security (id:240335) triggered by 197.221.251.135 (16.135.telone.co.zw): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 08:44:49.256676 2026] [security2:error] [pid 30808:tid 30808] [client 197.221.251.135:6375] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.221.251.135 (+1 hits since last alert)\|my-spec.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "my-spec.com"] [uri "/xmlrpc.php"] [unique_id "aj50QRLfQ0HHYRBvTTtUUAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Oakley	2026-05-27 20:19:13 (1 month ago)	(confirmed_bot_sig) Confirmed bot	Hacking
🇳🇱 maxxsense	2026-04-07 06:33:27 (2 months ago)	197.221.251.135 (ZW/Zimbabwe/16.135.telone.co.zw), 12 distributed imapd attacks on account [redacted ... show more 197.221.251.135 (ZW/Zimbabwe/16.135.telone.co.zw), 12 distributed imapd attacks on account [redacted] show less	Brute-Force
🇺🇸 xmission.com	2026-03-22 17:22:08 (3 months ago)	Blocked by UFW (TCP on 9050) Source port: 64189 TTL: 42 Packet length: 64 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 9050) Source port: 64189 TTL: 42 Packet length: 64 TOS: 0x08 This report (for 197.221.251.135) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 matt	2026-03-02 20:58:11 (3 months ago)	DDOS attack with query parameters attempting to overload WordPress site.	DDoS Attack
🇩🇪 DocNetzwerk	2026-03-01 04:15:46 (3 months ago)	(smtpauth) Failed SMTP AUTH login from 197.221.251.135 (ZW/Zimbabwe/16.135.telone.co.zw)	Brute-Force
🇵🇦 iphezimbra	2026-03-01 03:29:23 (3 months ago)	Fail2Ban reported IP from jail zimbra-smtp on <hostname>	Brute-Force SSH
🇨🇿 lp	2026-02-28 22:29:05 (4 months ago)	Email account brute force: 4 attempts were recorded from 197.221.251.135 2026-02-28T21:59:31+01:00 w ... show more Email account brute force: 4 attempts were recorded from 197.221.251.135 2026-02-28T21:59:31+01:00 warning: unknown[197.221.251.135]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-02-28T21:59:31+01:00 warning: unknown[197.221.251.135]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-02-28T22:12:23+01:00 warning: unknown[197.221.251.135]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-02-28T22:12:24+01:00 warning: unknown[197.221.251.135]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Brute-Force
Anonymous	2026-02-28 08:46:14 (4 months ago)	SMTP brute force - auth failed	Brute-Force Exploited Host
Anonymous	2026-02-28 08:25:46 (4 months ago)	2026-02-28T09:25:39.302471+01:00 posta.profi-net.cz postfix/smtps/smtpd[26558]: warning: unknown[197 ... show more 2026-02-28T09:25:39.302471+01:00 posta.profi-net.cz postfix/smtps/smtpd[26558]: warning: unknown[197.221.251.135]: SASL PLAIN authentication failed: (reason unavailable), [email protected] 2026-02-28T09:25:45.485849+01:00 posta.profi-net.cz postfix/smtps/smtpd[26558]: warning: unknown[197.221.251.135]: SASL LOGIN authentication failed: (reason unavailable), [email protected] ... show less	Email Spam Brute-Force Exploited Host
🇮🇹 Progetto1	2026-02-28 08:10:05 (4 months ago)	Mail - Multiple failed login attempts	Brute-Force Exploited Host
🇭🇺 Lacika555	2026-02-28 08:09:39 (4 months ago)	RdpGuard detected brute-force attempt on SMTP	Brute-Force
🇫🇷 dwmp	2026-02-28 07:38:49 (4 months ago)	Feb 28 08:38:48 webcore postfix/smtpd[4081079]: warning: unknown[197.221.251.135]: SASL CRAM-MD5 aut ... show more Feb 28 08:38:48 webcore postfix/smtpd[4081079]: warning: unknown[197.221.251.135]: SASL CRAM-MD5 authentication failed: authentication failure Feb 28 08:38:48 webcore postfix/smtpd[4081079]: warning: unknown[197.221.251.135]: SASL PLAIN authentication failed: authentication failure Feb 28 08:38:49 webcore postfix/smtpd[4081079]: warning: unknown[197.221.251.135]: SASL LOGIN authentication failed: authentication failure ... show less	Brute-Force
🇩🇪 kivitendo.de	2026-02-28 07:37:43 (4 months ago)	Feb 28 07:37:37 weitan postfix/submission/smtpd[3004003]: warning: unknown[197.221.251.135]: SASL PL ... show more Feb 28 07:37:37 weitan postfix/submission/smtpd[3004003]: warning: unknown[197.221.251.135]: SASL PLAIN authentication failed: Feb 28 07:37:43 weitan postfix/submission/smtpd[3004003]: warning: unknown[197.221.251.135]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... show less	Brute-Force
🇳🇱 maxxsense	2026-02-28 07:02:23 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 197.221.251.135 (ZW/Zimbabwe/16.135.telone.co.zw)	Brute-Force

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 135.116.20.17

🇮🇳 117.251.22.198

🇸🇬 43.156.176.180

🇩🇪 43.131.23.64

🇺🇸 24.128.153.212

🇬🇧 194.50.235.141

🇺🇸 100.0.189.230

🇺🇸 91.230.168.19

🇮🇹 79.9.131.136

🇺🇸 43.159.148.221

🇫🇷 185.213.27.134

🇺🇸 173.62.71.241

🇺🇸 172.56.213.189

🇺🇸 165.227.93.100

🇻🇳 160.187.146.79

🇺🇸 98.160.166.116

🇫🇷 91.196.152.34

🇫🇷 85.204.70.112

🇳🇱 45.148.10.157

🇺🇸 24.188.183.92