JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.43.191.48

45.43.191.48 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	FASTPLANET LTD
Usage Type	Commercial
ASN	AS202496
Domain Name	fastplanet.com
Country	🇪🇸 Spain
City	Madrid, Madrid

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.43.191.48

Whois 45.43.191.48

IP Abuse Reports for 45.43.191.48:

This IP address has been reported a total of 14 times from 6 distinct sources. 45.43.191.48 was first reported on October 30th 2023, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 05:23:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 45.43.191.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.43.191.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 00:23:37.730645 2026] [security2:error] [pid 15808:tid 15808] [client 45.43.191.48:45973] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/wp-config.php.orig"] [unique_id "aWsc2fWOYfP8K6GBmQPnXgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 18:51:43 (5 months ago)	(mod_security) mod_security (id:211190) triggered by 45.43.191.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:211190) triggered by 45.43.191.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 13:51:18.417085 2025] [security2:error] [pid 22841:tid 22996] [client 45.43.191.48:45505] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.kettlehill.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.kettlehill.com"] [uri "/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp"] [unique_id "aVLNprvqJPp5jxktaSF6mQAAAMI"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇹 Erpelstolz	2025-11-25 12:38:08 (6 months ago)	VM 131: 45.43.191.48 - - [25/Nov/2025:13:38:05 +0100] "GET /admin/logs/errors.log HTTP/1.1" 404 8450	Web App Attack
🇺🇸 TPI-Abuse	2025-11-11 21:30:31 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 45.43.191.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.43.191.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 16:30:21.419938 2025] [security2:error] [pid 20975:tid 20975] [client 45.43.191.48:41257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autoconfig.nbcnewsradio.com"] [uri "/.env.stage"] [unique_id "aROq7SUF4yEqmK6EUATGIAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:33:25 (10 months ago)	(mod_security) mod_security (id:221260) triggered by 45.43.191.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:221260) triggered by 45.43.191.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:33:18.801532 2025] [security2:error] [pid 291259:tid 291315] [client 45.43.191.48:38807] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|www.staging.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.staging.kettlehill.com"] [uri "/cgi-bin/status"] [unique_id "aIVzzmQX5AgegSXcd9robAAAAQo"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 03:00:21 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 45.43.191.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.43.191.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 23:00:15.157885 2025] [security2:error] [pid 4002258:tid 4002258] [client 45.43.191.48:35563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.farmers123.com"] [uri "/.env.prod.local"] [unique_id "aDkfPxzgKYfWjzaFPoJSoAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-25 19:40:28 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
Anonymous	2024-08-28 01:58:47 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇸🇬 oncord	2024-08-25 16:55:30 (1 year ago)	Form spam	Web Spam
🇸🇬 oncord	2024-08-24 14:07:57 (1 year ago)	Form spam	Web Spam
🇸🇬 oncord	2024-08-15 05:01:04 (1 year ago)	Form spam	Web Spam
🇺🇸 ChamberofCommerce.com	2023-11-06 02:49:43 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-11-02 04:29:15 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-10-30 20:02:41 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 207.90.244.14

🇫🇷 193.32.126.232

🇹🇷 188.132.163.102

🇺🇸 107.223.175.20

🇮🇳 103.38.219.22

🇳🇱 45.148.10.147

🇮🇹 5.89.75.194

🇺🇸 2600:1f18:5b75:b802:141c:9e08:9d1b:7a49

🇬🇳 197.149.242.30

🇨🇱 190.3.170.36

🇵🇰 175.107.37.29

🇩🇪 128.14.225.164

🇻🇳 125.212.244.35

🇨🇳 112.32.138.180

🇮🇪 84.203.39.53

🇪🇸 79.116.173.197

🇺🇸 57.151.97.194

🇺🇸 52.146.90.191

🇺🇦 37.221.159.52

🇵🇰 210.56.27.220