JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 196.65.25.140

196.65.25.140 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 15%: ?

15%

ISP	ADSL_Maroc_telecom
Usage Type	Fixed Line ISP
ASN	AS36903
Domain Name	menara.ma
Country	🇲🇦 Morocco
City	El Jadida, Casablanca-Settat

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 196.65.25.140

Whois 196.65.25.140

IP Abuse Reports for 196.65.25.140:

This IP address has been reported a total of 12 times from 3 distinct sources. 196.65.25.140 was first reported on October 8th 2025, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-22 12:41:38 (21 hours ago)	(mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 08:41:31.710387 2026] [security2:error] [pid 17457:tid 17457] [client 196.65.25.140:64818] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.garon.us"] [uri "/.env"] [unique_id "ajkte9ogNekL1vu4xBD9jAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 09:51:28 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 05:51:24.995008 2026] [security2:error] [pid 1170:tid 1170] [client 196.65.25.140:57277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "firstexplorer.us"] [uri "/.env"] [unique_id "ajkFnOEqBT_amJ0wXpfNLAAAAEw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 08:15:51 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 04:15:43.687552 2026] [security2:error] [pid 11582:tid 11582] [client 196.65.25.140:62780] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "englishmagic.us"] [uri "/.env"] [unique_id "ajjvLwElulfv3_Hv7-_LsgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 07:36:30 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 03:36:26.003333 2026] [security2:error] [pid 8317:tid 8317] [client 196.65.25.140:57600] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "egret.us"] [uri "/.env"] [unique_id "ajjl-qD9WM4LPWj6FS7fowAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 04:38:49 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 00:38:41.976045 2026] [security2:error] [pid 13689:tid 13689] [client 196.65.25.140:60535] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ctrussell.us"] [uri "/.env"] [unique_id "aji8UeyYTvlIhE7t0hzG4QAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 23:27:39 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 19:27:36.034548 2026] [security2:error] [pid 22837:tid 22837] [client 196.65.25.140:59234] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brtc.us"] [uri "/.env"] [unique_id "ajhzaACk1ihWTSXw-65RawAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 21:10:25 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 17:10:17.364841 2026] [security2:error] [pid 27692:tid 27692] [client 196.65.25.140:60605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bccnews.us"] [uri "/.env"] [unique_id "ajhTOdkevT3Kq6gFCh7fdwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 19:09:05 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 15:08:57.791859 2026] [security2:error] [pid 22275:tid 22275] [client 196.65.25.140:65070] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.arofish.us"] [uri "/.env"] [unique_id "ajg2yYiK9Sxwsi6bGKX3tQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 CBJ	2026-06-21 16:41:37 (1 day ago)	fail2ban: apache-filepath-recon ...	Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 14:58:46 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 196.65.25.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 10:58:40.493861 2026] [security2:error] [pid 22064:tid 22082] [client 196.65.25.140:62757] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aafm.us"] [uri "/.env"] [unique_id "ajf8IB_LBqPsVHf5tunCZwAAAEw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2025-10-09 08:09:24 (8 months ago)	Blocked by UFW (TCP on 9101) Source port: 59954 TTL: 112 Packet length: 52 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 9101) Source port: 59954 TTL: 112 Packet length: 52 TOS: 0x08 This report (for 196.65.25.140) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2025-10-08 16:03:24 (8 months ago)	Blocked by UFW (TCP on 9101) Source port: 55641 TTL: 112 Packet length: 52 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 9101) Source port: 55641 TTL: 112 Packet length: 52 TOS: 0x08 This report (for 196.65.25.140) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇪 140.99.201.22

🇻🇳 123.19.68.9

🇹🇷 88.248.248.242

🇲🇾 60.53.155.96

🇷🇴 2.57.121.25

🇵🇱 194.180.49.219

🇨🇳 180.212.92.223

🇱🇹 141.98.9.130

🇫🇷 91.231.89.70

🇸🇦 64.137.215.128

🇩🇪 45.135.141.18

🇮🇩 223.25.108.2

🇲🇽 187.191.48.23

🇩🇪 187.77.91.73

🇹🇭 182.52.109.76

🇺🇸 162.216.150.208

🇨🇳 124.117.194.39

🇨🇳 115.190.44.249

🇮🇳 103.54.101.248

🇷🇴 92.118.39.62