JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 41.140.143.206

41.140.143.206 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 23%: ?

23%

ISP	ADSL_Maroc_telecom
Usage Type	Fixed Line ISP
ASN	AS36903
Domain Name	menara.ma
Country	🇲🇦 Morocco
City	Fes, Fes-Meknes

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 41.140.143.206

Whois 41.140.143.206

IP Abuse Reports for 41.140.143.206:

This IP address has been reported a total of 9 times from 5 distinct sources. 41.140.143.206 was first reported on May 28th 2026, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-29 15:47:13 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 41.140.143.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 41.140.143.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 11:47:09.716114 2026] [security2:error] [pid 30140:tid 30140] [client 41.140.143.206:55656] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.140.143.206 (+1 hits since last alert)\|feiz.church\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "feiz.church"] [uri "/xmlrpc.php"] [unique_id "ahm0_WkPMdEtHX7ULnzcvQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇨 icp77	2026-05-29 14:02:00 (3 weeks ago)	Abuse DDoS	DDoS Attack Port Scan Brute-Force Exploited Host Web App Attack SSH FTP Brute-Force Hacking SQL Injection
🇩🇪 konseptit	2026-05-29 09:38:38 (3 weeks ago)	(wordpress) Failed wordpress login from 41.140.143.206 (MA/Morocco/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-05-29 08:39:08 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 41.140.143.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 41.140.143.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 04:39:04.417576 2026] [security2:error] [pid 25792:tid 25792] [client 41.140.143.206:63532] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.140.143.206 (+1 hits since last alert)\|accommodation-perthairport.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "accommodation-perthairport.com"] [uri "/xmlrpc.php"] [unique_id "ahlQqJ-FCAA59YpZIn3thgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-29 05:32:53 (3 weeks ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-05-29 04:04:58 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 41.140.143.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 41.140.143.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 00:04:52.999630 2026] [security2:error] [pid 11935:tid 11977] [client 41.140.143.206:30063] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.140.143.206 (+1 hits since last alert)\|bortec-corp.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bortec-corp.com"] [uri "/xmlrpc.php"] [unique_id "ahkQZOdAcM0iLhUpm_1UnwAAAEI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 01:59:48 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 41.140.143.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 41.140.143.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 21:59:44.003563 2026] [security2:error] [pid 30581:tid 30581] [client 41.140.143.206:64993] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.140.143.206 (+1 hits since last alert)\|oogeothermal.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "oogeothermal.com"] [uri "/xmlrpc.php"] [unique_id "ahjzEMcAHbzQKlSJPdvrBAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Apache	2026-05-28 23:57:34 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 41.140.143.206 (MA/Morocco/-): 5 in the last 30 ... show more (mod_security) mod_security (id:240335) triggered by 41.140.143.206 (MA/Morocco/-): 5 in the last 300 secs show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 23:56:05 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 41.140.143.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 41.140.143.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 19:55:58.875733 2026] [security2:error] [pid 3148:tid 3148] [client 41.140.143.206:53544] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.140.143.206 (+1 hits since last alert)\|jerielster.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jerielster.com"] [uri "/xmlrpc.php"] [unique_id "ahjWDjEiuJpgnsleoG4jewAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.73.160.6

🇳🇬 196.27.128.12

🇬🇧 193.163.125.234

🇷🇴 193.32.162.83

🇺🇸 152.32.207.197

🇺🇸 147.185.132.187

🇮🇹 91.80.74.131

🇺🇸 66.132.172.201

🇬🇧 35.203.211.177

🇧🇷 2804:2c3c:c142:bc00:296b:e1d2:54fe:1c09

🇰🇷 220.122.115.9

🇩🇪 213.209.159.108

🇨🇳 125.36.68.227

🇮🇪 3.255.74.246

🇧🇴 181.114.66.105

🇷🇺 178.178.194.136

🇨🇳 150.255.95.40

🇳🇵 103.207.83.171

🇮🇩 103.165.206.238

🇨🇳 42.121.161.198