JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.3.33.18

45.3.33.18 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.3.33.18

Whois 45.3.33.18

IP Abuse Reports for 45.3.33.18:

This IP address has been reported a total of 36 times from 19 distinct sources. 45.3.33.18 was first reported on October 3rd 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 ShadowWhisperer	2026-05-23 16:14:48 (2 weeks ago)	DOCKER port scan / probe. GET /secrets	Port Scan
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-20 16:02:58 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 45.3.33.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 45.3.33.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 11:02:52.403959 2026] [security2:error] [pid 8314:tid 8314] [client 45.3.33.18:55703] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|scpublicity.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "scpublicity.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZiFrBVvduHPmrVmzANg3QAAABY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-20 08:24:31 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 45.3.33.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 45.3.33.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 03:24:09.738054 2026] [security2:error] [pid 8036:tid 8036] [client 45.3.33.18:11243] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|lozzy.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lozzy.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aZgaKUua5xsouDFaNm2_WwAAABE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-20 04:02:32 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 45.3.33.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 45.3.33.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 23:02:28.560954 2026] [security2:error] [pid 24824:tid 24824] [client 45.3.33.18:34247] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cobbwebb.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cobbwebb.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aZfc1Ate9Ar8nBRGgCRFMgAAAA4"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 04:03:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.33.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.33.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 23:03:15.884418 2026] [security2:error] [pid 15364:tid 15364] [client 45.3.33.18:14915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arteseros.com"] [uri "/frontend/.env"] [unique_id "aY1RAz6h1eHbMiDxi1ZaRgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ReporTR	2026-02-10 09:39:27 (3 months ago)	Repeated malicious activity detected by Fail2Ban jail 'plesk-modsecurity'. TCP connection completed. ... show more Repeated malicious activity detected by Fail2Ban jail 'plesk-modsecurity'. TCP connection completed. IP banned. show less	Hacking Web App Attack
🇩🇪 big-cloud.nl	2026-02-10 04:43:37 (3 months ago)	Try to access /admin/.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:57:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.33.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.33.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:56:56.486444 2026] [security2:error] [pid 1861721:tid 1861721] [client 45.3.33.18:49261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ic1.biz"] [uri "/wp/.git/config"] [unique_id "aYqsiNJIamAZRISJywS3eQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:14:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.33.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.33.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:13:59.458338 2026] [security2:error] [pid 6682:tid 6682] [client 45.3.33.18:56201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hunkworkout.com"] [uri "/app/.git/config"] [unique_id "aYqGV0OjPJkT3nGhpYwnigAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (3 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇺🇸 fbarela	2026-01-25 04:01:57 (4 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇨🇦 SSH-Admin	2025-12-27 13:45:08 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇪🇸 10dencehispahard SL	2025-12-10 06:51:39 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-11-24 06:47:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.33.18 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.33.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:47:47.090125 2025] [security2:error] [pid 16565:tid 16565] [client 45.3.33.18:9523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.agenesis7.com"] [uri "/.git/HEAD"] [unique_id "aSP_k1Las2JKFBdwbuR8JQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 185.16.214.226

🇳🇱 45.148.10.183

🇪🇹 196.188.168.148

🇧🇦 195.222.57.190

🇺🇸 170.106.101.97

🇺🇸 138.197.204.198

🇸🇬 101.47.27.73

🇺🇸 64.236.193.27

🇻🇳 58.187.66.22

🇻🇳 14.191.169.161

🇺🇸 207.58.174.163

🇦🇬 199.16.59.198

🇳🇱 185.226.197.32

🇹🇼 119.14.20.61

🇺🇸 91.230.168.66

🇷🇺 84.201.243.44

🇭🇰 45.194.37.246

🇫🇷 45.154.138.25

🇺🇸 24.199.119.136

🇮🇷 2.180.32.104