JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 196.117.174.113

196.117.174.113 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 60%: ?

60%

ISP	2G/3G/4G Mobile Costumers
Usage Type	Fixed Line ISP
ASN	AS36925
Domain Name	orange.ma
Country	🇲🇦 Morocco
City	Casablanca, Casablanca-Settat

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 196.117.174.113

Whois 196.117.174.113

IP Abuse Reports for 196.117.174.113:

This IP address has been reported a total of 20 times from 15 distinct sources. 196.117.174.113 was first reported on April 7th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-04 06:43:26 (1 week ago)	git/env leak probe	Web App Attack
🇵🇱 rafamiga	2026-06-04 06:40:00 (1 week ago)	196.117.174.113 [04/Jun/2026:06:40:14 +0000] "GET /backend/.env HTTP/1.1" 404 19 "Mozilla/5.0 (Macin ... show more 196.117.174.113 [04/Jun/2026:06:40:14 +0000] "GET /backend/.env HTTP/1.1" 404 19 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 47990 "backend not found" "/backend/.env" 0ms 196.117.174.113 [04/Jun/2026:06:40:15 +0000] "GET /api/.env HTTP/1.1" 404 19 "https://duckduckgo.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15" 47991 "backend not found" "/api/.env" 0ms 196.117.174.113 [04/Jun/2026:06:40:15 +0000] "GET /.env.staging HTTP/1.1" 404 19 "https://www.yahoo.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 47992 "backend not found" "/.env.staging" 0ms 196.117.174.113 [04/Jun/2026:06:40:16 +0000] "GET /.env.prod HTTP/1.1" 404 19 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15" 47993 "backend not found" "/.env.prod" 0ms show less	Port Scan Brute-Force
🇺🇸 Matthew Ping	2026-06-04 04:00:02 (1 week ago)	ModSecurity rule 949110 triggered on wp3. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
🇬🇧 consul.to	2026-06-04 03:53:25 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 03:51:31 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 196.117.174.113 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 196.117.174.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 23:51:23.313892 2026] [security2:error] [pid 4137:tid 4137] [client 196.117.174.113:56479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iostation.com"] [uri "/.env"] [unique_id "aiD2O0Yge55aTGiL8ULUxQAAAC0"], referer: https://duckduckgo.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 03:20:24 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 196.117.174.113 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 196.117.174.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 23:20:18.005643 2026] [security2:error] [pid 16929:tid 16929] [client 196.117.174.113:58490] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brideweddinggarter.com"] [uri "/.env"] [unique_id "aiDu8pS7jV8p1qay23CehAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 inlink.ltd	2026-06-04 03:13:30 (1 week ago)	dot file probe	Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-04 03:08:01 (1 week ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,ice02,wa01]	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 03:01:50 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 196.117.174.113 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 196.117.174.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 23:01:43.444567 2026] [security2:error] [pid 14146:tid 14146] [client 196.117.174.113:55861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "10bestcountryclubs.com"] [uri "/.env"] [unique_id "aiDqlz-fuu3o-WscJb0VOgAAABU"], referer: https://www.yahoo.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 updown.io	2026-06-04 02:38:32 (1 week ago)	{"level":"info","ts":1780537445.8425615,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1780537445.8425615,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"196.117.174.113","remote_port":"53653","client_ip":"196.117.174.113","proto":"HTTP/1.1","method":"GET","host":"status-c0053-31f9bea8-eae0-40fb-9e5d-ad0aa5075ff2.provacy.com","uri":"/.env.local","headers":{"Accept-Encoding":["gzip, deflate"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8"],"Connection":["keep-alive"],"Accept-Language":["en-US,en;q=0.9"],"Upgrade-Insecure-Requests":["1"],"Referer":["https://www.bing.com/"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"]}},"bytes_read":0,"user_id":"","duration":0.000064904,"size":0,"status":308,"resp_headers":{"Content-Type":[],"Server":["Caddy"],"Connection":["close"],"Location":["https://status-c0053-31f9bea8-eae0-40fb-9e5d-ad0aa5075ff2.provacy.com/.env.local"]}} {"level":"info","ts":1780537446.3171184,"lo ... show less	DDoS Attack Web App Attack
🇨🇭 zynex	2026-06-04 02:22:57 (1 week ago)	URL Probing: /html/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 02:21:46 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 196.117.174.113 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 196.117.174.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 22:21:43.340552 2026] [security2:error] [pid 26241:tid 26247] [client 196.117.174.113:59900] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tmsx2.com"] [uri "/.env"] [unique_id "aiDhN6FymMcEokj8w5XkZwAAAEQ"], referer: https://www.yahoo.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 thilo	2026-06-04 02:00:27 (1 week ago)	Probe for vulnerabilities. Path attempted: /.env.local	Web App Attack
🇮🇩 Burayot	2026-06-04 01:48:29 (1 week ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 196.117.174.113 (MA/Morocco/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 196.117.174.113 (MA/Morocco/-): 1 in the last 3600 secs show less	Web App Attack
🇩🇪 EGP Abuse Dept	2026-06-04 01:44:22 (1 week ago)	Scanning for web/db/file exploits on qpall.com	SQL Injection Bad Web Bot Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 223.197.178.95

🇧🇷 205.210.31.181

🇺🇸 205.210.31.57

🇮🇳 182.95.181.22

🇮🇳 182.95.126.26

🇰🇷 175.212.92.43

🇺🇸 159.65.222.96

🇺🇸 158.222.117.152

🇨🇳 140.206.194.6

🇳🇵 113.199.251.68

🇮🇳 112.196.0.228

🇨🇳 111.59.125.171

🇰🇷 110.93.135.234

🇳🇱 89.190.159.181

🇳🇱 64.89.162.130

🇺🇸 64.23.178.126

🇨🇦 35.215.50.83

🇮🇳 2401:4900:bde1:68f0:306c:f33c:d06d:a2e1

🇹🇭 202.183.226.58

🇪🇨 186.68.83.104