JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 41.248.45.68

41.248.45.68 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 34%: ?

34%

ISP	ADSL_Maroc_telecom
Usage Type	Fixed Line ISP
ASN	AS36903
Domain Name	menara.ma
Country	🇲🇦 Morocco
City	Tangier, Tanger-Tetouan-Al Hoceima

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 41.248.45.68

Whois 41.248.45.68

IP Abuse Reports for 41.248.45.68:

This IP address has been reported a total of 10 times from 5 distinct sources. 41.248.45.68 was first reported on June 3rd 2026, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 gobou-51	2026-06-05 11:33:59 (5 hours ago)	Spoofing detected via DMARC report. Total attempts: 1.	Web Spam Email Spam Bad Web Bot
🇩🇪 Marc	2026-06-04 07:27:00 (1 day ago)	41.248.45.68 - - [04/Jun/2026:09:26:38 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3220 "-" "Jetpack by W ... show more 41.248.45.68 - - [04/Jun/2026:09:26:38 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3220 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)" 41.248.45.68 - - [04/Jun/2026:09:26:49 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3219 "-" "Jetpack by WordPress.com" 41.248.45.68 - - [04/Jun/2026:09:26:59 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3220 "-" "Jetpack by WordPress.com" show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 23:07:38 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 41.248.45.68 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 41.248.45.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 19:07:34.380879 2026] [security2:error] [pid 19191:tid 19222] [client 41.248.45.68:56622] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.248.45.68 (+1 hits since last alert)\|whitecrosslibrary.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "whitecrosslibrary.com"] [uri "/xmlrpc.php"] [unique_id "aiCztmffpxnsEbLlVYlT4gAAAEw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 20:20:25 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 41.248.45.68 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 41.248.45.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 16:20:16.617170 2026] [security2:error] [pid 24512:tid 24512] [client 41.248.45.68:49281] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.248.45.68 (+1 hits since last alert)\|pharmaceuticalsalescertifications.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pharmaceuticalsalescertifications.com"] [uri "/xmlrpc.php"] [unique_id "aiCMgL4SBFuWKvsj9qnyEQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 17:23:31 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 41.248.45.68 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 41.248.45.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 13:23:28.122924 2026] [security2:error] [pid 9531:tid 9531] [client 41.248.45.68:5019] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.248.45.68 (+1 hits since last alert)\|shannonraevocalstudio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "shannonraevocalstudio.com"] [uri "/xmlrpc.php"] [unique_id "aiBjEDShKBNlPSv6eFYw3wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 16:22:27 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 41.248.45.68 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 41.248.45.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 12:22:19.746832 2026] [security2:error] [pid 1721:tid 1721] [client 41.248.45.68:58446] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.248.45.68 (+1 hits since last alert)\|drjasonkolber.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "drjasonkolber.com"] [uri "/xmlrpc.php"] [unique_id "aiBUu1fzggGusnmZMJAKoQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 15:39:14 (2 days ago)	Attac	Brute-Force
🇫🇷 SpaceHost-Server	2026-06-03 14:20:55 (2 days ago)	41.248.45.68 - - [03/Jun/2026:16:20:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "WordPress.co ... show more 41.248.45.68 - - [03/Jun/2026:16:20:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "WordPress.com; https://wordpress.com" 41.248.45.68 - - [03/Jun/2026:16:20:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)" 41.248.45.68 - - [03/Jun/2026:16:20:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "WordPress.com; https://wordpress.com" show less	Hacking Web App Attack
🇫🇷 SpaceHost-Server	2026-06-03 14:05:33 (2 days ago)	41.248.45.68 - - [03/Jun/2026:16:05:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack/13.0 ... show more 41.248.45.68 - - [03/Jun/2026:16:05:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack/13.0; WordPress/6.4; http://site95752949.com" 41.248.45.68 - - [03/Jun/2026:16:05:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "WordPress.com; https://wordpress.com" 41.248.45.68 - - [03/Jun/2026:16:05:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com" show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 10:21:43 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 41.248.45.68 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 41.248.45.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 06:21:39.806969 2026] [security2:error] [pid 29878:tid 29878] [client 41.248.45.68:51411] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.248.45.68 (+1 hits since last alert)\|carolinafootprints.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "carolinafootprints.com"] [uri "/xmlrpc.php"] [unique_id "aiAAM8S_mkd9L72SAcU6GQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 212.32.76.41

🇳🇱 185.223.235.10

🇨🇳 183.56.216.153

🇺🇸 172.172.119.99

🇺🇸 172.119.232.14

🇺🇸 107.197.183.81

🇺🇸 103.234.62.102

🇸🇬 103.187.147.165

🇮🇹 82.50.20.161

🇱🇹 81.30.98.142

🇩🇪 77.91.71.11

🇺🇸 66.180.194.227

🇺🇸 192.227.229.63

🇮🇹 190.106.185.47

🇹🇼 180.218.224.150

🇨🇳 120.77.205.149

🇸🇬 103.189.235.114

🇺🇸 23.21.227.240

🇨🇳 223.109.252.193

🇩🇪 213.209.159.241