JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 196.117.44.81

196.117.44.81 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 30%: ?

30%

ISP	2G/3G/4G Mobile Costumers
Usage Type	Mobile ISP
ASN	AS36925
Domain Name	orange.ma
Country	🇲🇦 Morocco
City	Casablanca, Casablanca-Settat

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 196.117.44.81

Whois 196.117.44.81

IP Abuse Reports for 196.117.44.81:

This IP address has been reported a total of 10 times from 7 distinct sources. 196.117.44.81 was first reported on January 3rd 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 sid3windr	2026-06-09 18:56:13 (1 week ago)	GET /.env (Tarpitted for 1d15h8m31s, wasted 8.06MB)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 08:09:53 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 196.117.44.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 196.117.44.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 04:09:48.841541 2026] [security2:error] [pid 7021:tid 7047] [client 196.117.44.81:49179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "speakupstore.com"] [uri "/.env"] [unique_id "aiZ4zPKsGTqPrld9o-QTjAAAABE"], referer: https://duckduckgo.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 07:48:33 (1 week ago)	PSCSERV WPSCAN 196.117.44.81	Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-08 03:07:14 (1 week ago)	Scanning/Probing (33)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 02:56:52 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 196.117.44.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 196.117.44.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:56:47.535191 2026] [security2:error] [pid 2269:tid 2269] [client 196.117.44.81:49361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "murphylumber.ca"] [uri "/.env"] [unique_id "aiYvb7fW35bBTjdL83Z-pAAAACk"], referer: https://www.yahoo.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 02:09:53 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 196.117.44.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 196.117.44.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:09:46.098076 2026] [security2:error] [pid 20609:tid 20609] [client 196.117.44.81:57248] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "designamb.com"] [uri "/.env"] [unique_id "aiYkaoRdtJki1tXzUXpbFQAAAAc"], referer: https://duckduckgo.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 01:21:52 (1 week ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-12-18 15:03:18 (6 months ago)	Web attack	Bad Web Bot Web App Attack
Anonymous	2025-12-16 03:02:55 (6 months ago)	Web attack	Bad Web Bot Web App Attack
🇺🇸 Laurent Therond	2022-01-03 13:25:29 (4 years ago)	Jan 3 18:25:17 arrakis postfix/smtpd[2685024]: NOQUEUE: reject: RCPT from unknown[196.117.44.81]: 4 ... show more Jan 3 18:25:17 arrakis postfix/smtpd[2685024]: NOQUEUE: reject: RCPT from unknown[196.117.44.81]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [196.117.44.81]; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[196.117.44.81]> Jan 3 18:25:25 arrakis postfix/smtpd[2685034]: NOQUEUE: reject: RCPT from unknown[196.117.44.81]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [196.117.44.81]; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[196.117.44.81]> Jan 3 18:25:29 arrakis postfix/smtpd[2684948]: NOQUEUE: reject: RCPT from unknown[196.117.44.81]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [196.117.44.81]; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[196.117.44.81]> ... show less	Email Spam Brute-Force

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 65.21.109.140

🇸🇬 47.128.115.250

🇳🇱 45.148.10.141

🇮🇪 44.155.4.90

🇵🇹 213.58.230.160

🇬🇧 195.96.139.123

🇺🇸 172.253.214.28

🇨🇳 110.166.67.189

🇳🇱 45.198.224.244

🇺🇸 44.54.205.167

🇺🇸 2a04:c300:400::1bd

🇧🇪 198.235.24.184

🇺🇸 192.241.141.178

🇺🇸 172.232.15.250

🇩🇪 167.94.146.35

🇫🇮 147.185.133.147

🇨🇳 123.172.54.167

🇵🇰 72.255.33.27

🇩🇪 69.5.169.155

🇺🇸 44.212.63.170