JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.88.13.48

45.88.13.48 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 3%: ?

ISP	RCS Technologies FZE LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35830
Domain Name	rcstech.ae
Country	🇸🇪 Sweden
City	Marsta, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.88.13.48

Whois 45.88.13.48

IP Abuse Reports for 45.88.13.48:

This IP address has been reported a total of 26 times from 14 distinct sources. 45.88.13.48 was first reported on December 22nd 2023, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-05-29 09:19:22 (6 days ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 45.88.13.48 (DE/Germany/-): 1 in the last 3600 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 45.88.13.48 (DE/Germany/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇫🇷 masterguru	2026-04-29 19:55:54 (1 month ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 45.88.13.48 (AE/United Arab Emirates/-): 1 in ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 45.88.13.48 (AE/United Arab Emirates/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇫🇷 masterguru	2026-04-03 00:30:00 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 45.88.13.48 (AE/United Arab Emirates/-): 1 in ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 45.88.13.48 (AE/United Arab Emirates/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇺🇸 TPI-Abuse	2025-12-10 06:54:23 (5 months ago)	(mod_security) mod_security (id:210350) triggered by 45.88.13.48 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210350) triggered by 45.88.13.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 01:54:17.849343 2025] [security2:error] [pid 12134:tid 12134] [client 45.88.13.48:63097] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|endicottmedia.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "endicottmedia.com"] [uri "/"] [unique_id "aTkZGQU5enCLd5AvTOV6kQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Spamectomy_Doctor_USA	2025-11-25 23:00:19 (6 months ago)	email spam phishing spoofing	Email Spam Port Scan Hacking Spoofing
🇪🇸 10dencehispahard SL	2025-11-13 07:46:23 (6 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-10-31 04:05:50 (7 months ago)	WordPress Brute Force	Brute-Force
🇧🇪 voormedia	2025-10-29 22:21:32 (7 months ago)	Accessed trap at '/wp-login.php'	Web App Attack
🇺🇸 kosada.com	2025-10-29 02:31:54 (7 months ago)	Web password guessing	Brute-Force
🇺🇸 TPI-Abuse	2025-10-28 16:40:35 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 45.88.13.48 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 45.88.13.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 12:40:27.084158 2025] [security2:error] [pid 4541:tid 4541] [client 45.88.13.48:14605] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|energycapitalinvestments.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "energycapitalinvestments.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQDx-1CLWImXgguo205eWwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-08-15 00:51:48 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇦🇺 oncord	2025-05-20 06:40:05 (1 year ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-03-25 16:49:47 (1 year ago)	(mod_security) mod_security (id:211120) triggered by 45.88.13.48 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:211120) triggered by 45.88.13.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 25 12:49:39.932954 2025] [security2:error] [pid 3899673:tid 3899673] [client 45.88.13.48:40619] [client 45.88.13.48] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack\|\|betweentwotearsandshit.com\|F\|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/w3-total-cache/lib/w3/pager.class.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "betweentwotearsandshit.com"] [uri "/wp-content/plugins/w3-total-cache/lib/W3/Pager.class.php"] [unique_id "Z-Leo0F093AD16tiVU7d0gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-23 08:19:58 (1 year ago)	(mod_security) mod_security (id:211120) triggered by 45.88.13.48 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:211120) triggered by 45.88.13.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 23 04:19:52.957354 2025] [security2:error] [pid 1671857:tid 1671857] [client 45.88.13.48:57101] [client 45.88.13.48] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack\|\|batesstrategygroup.com\|F\|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/w3-total-cache/lib/w3/pager.class.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "batesstrategygroup.com"] [uri "/wp-content/plugins/w3-total-cache/lib/W3/Pager.class.php"] [unique_id "Z9_EKGDNG9Y6ZCto3li3rgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-21 23:09:01 (1 year ago)	(mod_security) mod_security (id:211120) triggered by 45.88.13.48 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:211120) triggered by 45.88.13.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 21 19:08:54.503688 2025] [security2:error] [pid 16885:tid 16885] [client 45.88.13.48:64869] [client 45.88.13.48] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack\|\|b2c-llc.com\|F\|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/canto/includes/lib/download.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "b2c-llc.com"] [uri "/wp-content/plugins/canto/includes/lib/download.php"] [unique_id "Z93xhme-MNxEq9TaqJQ6HAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.181.108.114

🇺🇸 216.218.206.125

🇺🇸 207.90.244.20

🇺🇸 207.90.244.19

🇩🇪 159.195.28.149

🇬🇧 159.65.89.87

🇫🇮 147.185.133.7

🇺🇸 147.182.220.80

🇨🇳 120.84.10.151

🇸🇬 103.187.147.165

🇺🇸 47.251.242.234

🇸🇬 47.84.103.254

🇳🇱 31.14.32.8

🇯🇵 18.181.183.183

🇺🇸 2607:f8b0:4023:100d::122

🇸🇬 209.58.160.54

🇨🇳 182.40.195.233

🇺🇸 148.105.15.111

🇸🇬 104.28.156.107

🇲🇾 103.86.131.133