JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 197.221.255.61

197.221.255.61 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 4%: ?

ISP	MPLS ADSL Broadband
Usage Type	Fixed Line ISP
ASN	AS37204
Domain Name	telone.co.zw
Country	🇿🇼 Zimbabwe
City	Harare, Harare

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 197.221.255.61

Whois 197.221.255.61

IP Abuse Reports for 197.221.255.61:

This IP address has been reported a total of 10 times from 7 distinct sources. 197.221.255.61 was first reported on December 28th 2020, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-21 15:32:50 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 197.221.255.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 197.221.255.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 11:32:46.241399 2026] [security2:error] [pid 29785:tid 29812] [client 197.221.255.61:23067] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.221.255.61 (+1 hits since last alert)\|cynosureinternetservices.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cynosureinternetservices.com"] [uri "/xmlrpc.php"] [unique_id "ajgEHknLnvn2PFRNtrXaIQAAAJY"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Bytemark	2024-10-14 08:24:34 (1 year ago)	197.221.255.61 - - [14/Oct/2024:09:24:33 +0100] "GET /wp-login.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 ... show more 197.221.255.61 - - [14/Oct/2024:09:24:33 +0100] "GET /wp-login.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 197.221.255.61 - - [14/Oct/2024:09:24:33 +0100] "GET /xmlrpc.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 197.221.255.61 - - [14/Oct/2024:09:24:34 +0100] "GET /wp-login.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-10-14 07:52:44 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 197.221.255.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 197.221.255.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 03:52:40.432122 2024] [security2:error] [pid 10459:tid 10459] [client 197.221.255.61:36731] [client 197.221.255.61] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|persnicketyinc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "persnicketyinc.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZwzNyFaFWyAnJJ0BI_Cj1QAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 findlab	2024-07-02 06:30:41 (1 year ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇬🇧 Bytemark	2024-04-30 17:30:37 (2 years ago)	197.221.255.61 - - [30/Apr/2024:18:30:36 +0100] "GET /wp-login.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 ... show more 197.221.255.61 - - [30/Apr/2024:18:30:36 +0100] "GET /wp-login.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 197.221.255.61 - - [30/Apr/2024:18:30:36 +0100] "GET /xmlrpc.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 197.221.255.61 - - [30/Apr/2024:18:30:36 +0100] "GET /wp-login.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" show less	Brute-Force Web App Attack
🇺🇸 ph	2024-04-30 10:45:43 (2 years ago)	Bad web bot attempting to run wp-login.php on non-WP site	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-04-10 10:38:10 (2 years ago)	(mod_security) mod_security (id:225170) triggered by 197.221.255.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 197.221.255.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 10 06:38:02.997757 2024] [security2:error] [pid 15858] [client 197.221.255.61:35023] [client 197.221.255.61] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|schwanpaint.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "schwanpaint.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZhZsCqjvgZjRlEaagaPJqwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 niceshops.com	2024-01-10 17:25:12 (2 years ago)	Web Attack ([10/Jan/2024:18:25:11.249] GET /wp-login.php)	Web App Attack
🇩🇪 IP Analyzer	2022-05-20 01:02:32 (4 years ago)	Unauthorized connection attempt from IP address 197.221.255.61 on Port 445(SMB)	Port Scan
🇩🇪 Little Iguana	2020-12-28 04:14:33 (5 years ago)	trying to access non-authorized port	Port Scan

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.147

🇺🇸 13.86.116.159

🇺🇸 167.99.5.1

🇰🇷 125.142.37.91

🇮🇩 103.253.245.115

🇳🇱 45.148.10.35

🇸🇬 8.219.111.165

🇺🇸 3.131.220.121

🇨🇳 222.88.163.204

🇺🇸 173.255.223.32

🇸🇬 172.217.44.216

🇮🇳 122.166.49.42

🇷🇺 95.163.236.133

🇫🇷 91.231.89.181

🇺🇸 64.62.156.107

🇫🇷 51.83.10.134

🇺🇸 47.253.5.130

🇭🇰 43.129.193.109

🇧🇪 34.62.181.187

🇺🇸 20.168.124.128