JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 41.141.241.227

41.141.241.227 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 22%: ?

22%

ISP	ADSL_Maroc_telecom
Usage Type	Fixed Line ISP
ASN	AS36903
Domain Name	menara.ma
Country	🇲🇦 Morocco
City	Marrakesh, Marrakesh-Safi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 41.141.241.227

Whois 41.141.241.227

IP Abuse Reports for 41.141.241.227:

This IP address has been reported a total of 12 times from 6 distinct sources. 41.141.241.227 was first reported on May 16th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-16 14:20:46 (1 month ago)	(mod_security) mod_security (id:212750) triggered by 41.141.241.227 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212750) triggered by 41.141.241.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 10:20:39.098881 2026] [security2:error] [pid 9436:tid 9462] [client 41.141.241.227:63532] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\bon(?:abort\|blur\|change\|click\|dblclick\|dragdrop\|error\|focus\|keydown\|keypress\|keyup\|load\|mouse(?:down\|move\|out\|over\|up)\|move\|readystatechange\|reset\|resize\|select\|submit\|unload)\\\\b[^a-zA-Z0-9_]{0,}?=" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "69"] [id "212750"] [rev "3"] [msg "COMODO WAF: XSS Attack Detected\|\|bobchaos.com\|F\|2"] [data "Matched Data: onerror= found within REQUEST_URI: /search?q=</script>'\\x22><img src=x onerror=prompt(1)>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "bobchaos.com"] [uri "/search"] [unique_id "agh9N3UpHlGUMpRqGY-WXAAAANg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-16 13:23:22 (1 month ago)	(mod_security) mod_security (id:212750) triggered by 41.141.241.227 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212750) triggered by 41.141.241.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 09:23:18.677617 2026] [security2:error] [pid 17007:tid 17007] [client 41.141.241.227:58826] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\bon(?:abort\|blur\|change\|click\|dblclick\|dragdrop\|error\|focus\|keydown\|keypress\|keyup\|load\|mouse(?:down\|move\|out\|over\|up)\|move\|readystatechange\|reset\|resize\|select\|submit\|unload)\\\\b[^a-zA-Z0-9_]{0,}?=" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "69"] [id "212750"] [rev "3"] [msg "COMODO WAF: XSS Attack Detected\|\|batesstrategygroup.com\|F\|2"] [data "Matched Data: onerror= found within REQUEST_URI: /search?q=</script>'\\x22><img src=x onerror=prompt(1)>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "batesstrategygroup.com"] [uri "/search"] [unique_id "aghvxlcqtCsfwTzKeohJyAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-16 12:56:27 (1 month ago)	(mod_security) mod_security (id:212750) triggered by 41.141.241.227 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212750) triggered by 41.141.241.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 08:56:21.709467 2026] [security2:error] [pid 28478:tid 28478] [client 41.141.241.227:62158] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\bon(?:abort\|blur\|change\|click\|dblclick\|dragdrop\|error\|focus\|keydown\|keypress\|keyup\|load\|mouse(?:down\|move\|out\|over\|up)\|move\|readystatechange\|reset\|resize\|select\|submit\|unload)\\\\b[^a-zA-Z0-9_]{0,}?=" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "69"] [id "212750"] [rev "3"] [msg "COMODO WAF: XSS Attack Detected\|\|atomicmc.com\|F\|2"] [data "Matched Data: onerror= found within REQUEST_URI: /search?q=</script>'\\x22><img src=x onerror=prompt(1)>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "atomicmc.com"] [uri "/search"] [unique_id "aghpdbjESEG7zx7frcgD0wAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-16 12:32:11 (1 month ago)	(mod_security) mod_security (id:212750) triggered by 41.141.241.227 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212750) triggered by 41.141.241.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 08:32:04.904607 2026] [security2:error] [pid 1240:tid 1240] [client 41.141.241.227:56361] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\bon(?:abort\|blur\|change\|click\|dblclick\|dragdrop\|error\|focus\|keydown\|keypress\|keyup\|load\|mouse(?:down\|move\|out\|over\|up)\|move\|readystatechange\|reset\|resize\|select\|submit\|unload)\\\\b[^a-zA-Z0-9_]{0,}?=" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "69"] [id "212750"] [rev "3"] [msg "COMODO WAF: XSS Attack Detected\|\|aquatech-ind.com\|F\|2"] [data "Matched Data: onerror= found within REQUEST_URI: /search?q=</script>'\\x22><img src=x onerror=prompt(1)>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "aquatech-ind.com"] [uri "/search"] [unique_id "aghjxA5bN8ZnHcaO5Hx9zwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-16 12:16:27 (1 month ago)	(mod_security) mod_security (id:212750) triggered by 41.141.241.227 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212750) triggered by 41.141.241.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 08:16:22.634165 2026] [security2:error] [pid 1233:tid 1233] [client 41.141.241.227:62698] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\bon(?:abort\|blur\|change\|click\|dblclick\|dragdrop\|error\|focus\|keydown\|keypress\|keyup\|load\|mouse(?:down\|move\|out\|over\|up)\|move\|readystatechange\|reset\|resize\|select\|submit\|unload)\\\\b[^a-zA-Z0-9_]{0,}?=" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "69"] [id "212750"] [rev "3"] [msg "COMODO WAF: XSS Attack Detected\|\|ankitoner.com\|F\|2"] [data "Matched Data: onerror= found within REQUEST_URI: /search?q=</script>'\\x22><img src=x onerror=prompt(1)>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "ankitoner.com"] [uri "/search"] [unique_id "aghgFrfP2Mlw__IjH5hb-wAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 barns101	2026-05-16 12:04:00 (1 month ago)	Cross-site scripting attempt	Web App Attack
🇺🇸 TPI-Abuse	2026-05-16 03:19:42 (1 month ago)	(mod_security) mod_security (id:212750) triggered by 41.141.241.227 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212750) triggered by 41.141.241.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 23:19:38.234761 2026] [security2:error] [pid 15808:tid 15808] [client 41.141.241.227:57152] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\bon(?:abort\|blur\|change\|click\|dblclick\|dragdrop\|error\|focus\|keydown\|keypress\|keyup\|load\|mouse(?:down\|move\|out\|over\|up)\|move\|readystatechange\|reset\|resize\|select\|submit\|unload)\\\\b[^a-zA-Z0-9_]{0,}?=" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "69"] [id "212750"] [rev "3"] [msg "COMODO WAF: XSS Attack Detected\|\|alexgitlin.com\|F\|2"] [data "Matched Data: onerror= found within REQUEST_URI: /search?q=</script>'\\x22><img src=x onerror=prompt(1)>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "alexgitlin.com"] [uri "/search"] [unique_id "agfiSq9ZawnDIeioNHN42gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 COMAITE	2026-05-16 03:12:05 (1 month ago)	XSS (Cross Site Scripting) attempt from 41.141.241.227.	Web App Attack
🇺🇸 TPI-Abuse	2026-05-16 02:58:22 (1 month ago)	(mod_security) mod_security (id:212750) triggered by 41.141.241.227 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212750) triggered by 41.141.241.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 22:58:15.459585 2026] [security2:error] [pid 3465:tid 3465] [client 41.141.241.227:58692] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\bon(?:abort\|blur\|change\|click\|dblclick\|dragdrop\|error\|focus\|keydown\|keypress\|keyup\|load\|mouse(?:down\|move\|out\|over\|up)\|move\|readystatechange\|reset\|resize\|select\|submit\|unload)\\\\b[^a-zA-Z0-9_]{0,}?=" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "72"] [id "212750"] [rev "3"] [msg "COMODO WAF: XSS Attack Detected\|\|advancedmotorsports.com\|F\|2"] [data "Matched Data: onerror= found within REQUEST_URI: /search?q=</script>'\\x22><img src=x onerror=prompt(1)>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "advancedmotorsports.com"] [uri "/search"] [unique_id "agfdR7a8Bmb4IjEU7lbjSAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-05-16 02:38:31 (1 month ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 41.141.241.227 (MA/Morocco/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 41.141.241.227 (MA/Morocco/-): 1 in the last 3600 secs show less	Web App Attack
🇬🇧 Aetherweb Ark	2026-05-16 00:55:09 (1 month ago)	(mod_security) mod_security (id:949110) triggered by 41.141.241.227 (MA/Morocco/-): N in the last X ... show more (mod_security) mod_security (id:949110) triggered by 41.141.241.227 (MA/Morocco/-): N in the last X secs show less	Web App Attack
🇺🇸 nyt	2026-05-16 00:18:13 (1 month ago)	XSS, XSS	Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇿 197.250.143.242

🇷🇴 193.46.255.86

🇺🇸 165.227.62.247

🇺🇸 147.81.197.239

🇲🇦 102.53.15.17

🇱🇧 85.112.89.100

🇷🇴 80.94.92.178

🇧🇬 78.128.112.74

🇺🇸 65.49.1.128

🇻🇳 2402:800:6110:7deb:5778:f936:71b1:beed

🇸🇬 194.5.82.136

🇯🇴 188.123.170.176

🇺🇸 162.216.150.247

🇺🇸 153.53.245.223

🇺🇸 152.32.235.85

🇰🇪 105.163.2.248

🇸🇪 85.224.221.249

🇧🇷 45.205.1.241

🇺🇸 40.77.167.132

🇩🇪 31.76.27.20