JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 41.248.59.67

41.248.59.67 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 53%: ?

53%

ISP	ADSL_Maroc_telecom
Usage Type	Fixed Line ISP
ASN	AS36903
Domain Name	menara.ma
Country	🇲🇦 Morocco
City	Tangier, Tanger-Tetouan-Al Hoceima

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 41.248.59.67

Whois 41.248.59.67

IP Abuse Reports for 41.248.59.67:

This IP address has been reported a total of 11 times from 9 distinct sources. 41.248.59.67 was first reported on May 7th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-07 06:06:12 (4 days ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇺🇦 URAN Publishing Service	2026-06-07 04:21:41 (4 days ago)	41.248.59.67 - - [07/Jun/2026:07:21:39 +0300] "GET /.env HTTP/1.1" 404 772 "-" "Mozilla/5.0 (Linux; ... show more 41.248.59.67 - - [07/Jun/2026:07:21:39 +0300] "GET /.env HTTP/1.1" 404 772 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" 41.248.59.67 - - [07/Jun/2026:07:21:40 +0300] "GET /.env HTTP/1.1" 404 3369 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" ... show less	Web App Attack
Anonymous	2026-06-07 04:20:02 (4 days ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 04:15:51 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 41.248.59.67 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 41.248.59.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 00:15:43.721433 2026] [security2:error] [pid 5189:tid 5189] [client 41.248.59.67:43509] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "solcargomiami.com"] [uri "/.env"] [unique_id "aiTwbyWYYAGJZvVbe5IEagAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Phenix Info	2026-06-07 03:38:54 (5 days ago)	SmallGuard.fr - Forbidden Ext.	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 01:48:24 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 41.248.59.67 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 41.248.59.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 21:48:15.613754 2026] [security2:error] [pid 17833:tid 17833] [client 41.248.59.67:60738] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nnrentacar.com"] [uri "/.env"] [unique_id "aiTN3-eyw4BTqmTuMT6k5wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 london2038.com	2026-06-07 01:30:01 (5 days ago)	Probing for exploits 41.248.59.67 - - [07/Jun/2026:03:29:58 +0200] "GET /.env HTTP/1.1" 422 0 "-" "M ... show more Probing for exploits 41.248.59.67 - - [07/Jun/2026:03:29:58 +0200] "GET /.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" 41.248.59.67 - - [07/Jun/2026:03:29:57 +0200] "GET /.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" show less	Hacking Web App Attack
🇩🇪 MusicLibrary	2026-06-07 01:21:11 (5 days ago)	Attempted access to sensitive configuration files (.env, .git, etc.)	Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-07 00:48:40 (5 days ago)	IM360 WAF: Laravel Apps Leaking Secrets exploit attempt MV:androxgh0st	Web App Attack
🇱🇻 garmtech.com	2026-06-07 00:48:39 (5 days ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env	Web App Attack
🇺🇸 xmission.com	2026-05-07 13:54:39 (1 month ago)	Blocked by UFW (TCP on 9101) Source port: 64915 TTL: 110 Packet length: 52 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 9101) Source port: 64915 TTL: 110 Packet length: 52 TOS: 0x08 This report (for 41.248.59.67) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.84

🇳🇱 141.11.32.173

🇸🇬 138.2.98.41

🇺🇸 104.247.72.249

🇫🇷 85.217.140.31

🇺🇸 65.49.20.84

🇸🇬 43.156.250.119

🇧🇪 34.22.186.81

🇻🇳 14.224.227.189

🇰🇷 218.152.33.180

🇵🇭 112.201.70.30

🇺🇸 107.150.103.12

🇨🇳 101.89.141.184

🇺🇸 89.222.91.60

🇨🇦 85.217.149.5

🇺🇸 74.235.107.35

🇸🇬 52.221.35.151

🇩🇪 43.165.1.55

🇮🇩 2001:448a:7021:4406:f45a:e13a:f65e:678e

🇳🇱 89.21.67.184