JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 196.119.179.90

196.119.179.90 was found in our database!

This IP was reported 50 times. Confidence of Abuse is 100%: ?

100%

ISP	2G/3G/4G Mobile Costumers
Usage Type	Fixed Line ISP
ASN	AS36925
Domain Name	orange.ma
Country	🇲🇦 Morocco
City	Rabat, Rabat-Sale-Kenitra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 196.119.179.90

Whois 196.119.179.90

IP Abuse Reports for 196.119.179.90:

This IP address has been reported a total of 50 times from 27 distinct sources. 196.119.179.90 was first reported on June 26th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-28 11:14:11 (1 hour ago)	(mod_security) mod_security (id:210492) triggered by 196.119.179.90 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 196.119.179.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 07:14:05.803976 2026] [security2:error] [pid 9952:tid 9952] [client 196.119.179.90:56199] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rocknwalktours.com"] [uri "/.env"] [unique_id "akEB_fVdSsLzM0akZ7OPeAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-28 11:04:10 (1 hour ago)	[SunJun2813:04:02.9929642026][security2:error][pid844853:tid844992][client196.119.179.90:0]ModSecuri ... show more [SunJun2813:04:02.9929642026][security2:error][pid844853:tid844992][client196.119.179.90:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"ristrutturazione-case.ch\"][uri\"/.env\"][unique_id\"akD_omcyCjtja9NhLSSd9gAAABg\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 09:51:51 (2 hours ago)	(mod_security) mod_security (id:210492) triggered by 196.119.179.90 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 196.119.179.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 05:51:47.043976 2026] [security2:error] [pid 14019:tid 14019] [client 196.119.179.90:54990] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "riccibuilders.net"] [uri "/.env"] [unique_id "akDus77oo8zMzfiO9V9VPQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 09:10:36 (3 hours ago)	(mod_security) mod_security (id:210492) triggered by 196.119.179.90 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 196.119.179.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 05:10:30.147159 2026] [security2:error] [pid 21015:tid 21015] [client 196.119.179.90:60875] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "roguetechhub.com"] [uri "/.env"] [unique_id "akDlBhoudQ40fG2F755_ywAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 07:26:15 (4 hours ago)	(mod_security) mod_security (id:210492) triggered by 196.119.179.90 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 196.119.179.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 03:26:08.494332 2026] [security2:error] [pid 11232:tid 11232] [client 196.119.179.90:55187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robtown.com"] [uri "/.env"] [unique_id "akDMkJa77LbQgJLHr__d1wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 RH5	2026-06-28 07:25:34 (5 hours ago)	Restricted URL probing (/.env) (UTC 2026-06-28 07:25)	Web App Attack
🇲🇽 octageeks.com	2026-06-28 04:22:43 (8 hours ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 02:25:49 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 196.119.179.90 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 196.119.179.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 22:25:45.072530 2026] [security2:error] [pid 30791:tid 30791] [client 196.119.179.90:53085] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ridefilmsinc.com"] [uri "/.env"] [unique_id "akCGKVk6Rzp8kOiI-RGsVgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 BiancaNL	2026-06-28 02:19:45 (10 hours ago)	Fail2Ban: jail=nginx-exploit-probes on <fqdn> (port=<port>)	Hacking
Anonymous	2026-06-28 02:05:02 (10 hours ago)	Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 01:12:57 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 196.119.179.90 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 196.119.179.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 21:12:54.056294 2026] [security2:error] [pid 21309:tid 21309] [client 196.119.179.90:54190] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rosoctechnologies.com"] [uri "/.env"] [unique_id "akB1FrnsX1pq3-RNYDPeOQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 andypiper	2026-06-28 01:01:04 (11 hours ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇩🇪 big-cloud.nl	2026-06-28 00:28:17 (11 hours ago)	Try to access /.env	Web App Attack
🇫🇮 inlink.ltd	2026-06-28 00:15:19 (12 hours ago)	dot file probe	Web App Attack
🇬🇧 consul.to	2026-06-28 00:07:54 (12 hours ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 50 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 209.99.190.200

🇩🇪 167.94.146.52

🇺🇸 138.197.41.107

🇺🇸 134.122.1.38

🇬🇭 102.223.92.101

🇵🇱 87.251.64.156

🇳🇱 62.164.177.224

🇲🇳 43.228.131.114

🇨🇳 1.95.142.15

🇺🇸 159.223.119.187

🇺🇸 147.182.200.182

🇺🇸 146.190.162.238

🇨🇳 101.96.195.253

🇷🇴 80.94.95.134

🇧🇬 78.128.112.74

🇺🇸 38.148.253.22

🇺🇸 34.48.160.121

🇺🇸 172.245.102.73

🇺🇸 172.174.5.146

🇮🇳 152.52.198.42