JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.3.37.198

45.3.37.198 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 25%: ?

25%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.3.37.198

Whois 45.3.37.198

IP Abuse Reports for 45.3.37.198:

This IP address has been reported a total of 37 times from 18 distinct sources. 45.3.37.198 was first reported on November 19th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-17 04:50:18 (1 day ago)	45.3.37.198 - - [17/Jun/2026:12:50:17 +0800] "POST /xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 (X ... show more 45.3.37.198 - - [17/Jun/2026:12:50:17 +0800] "POST /xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
Anonymous	2026-06-17 03:43:15 (1 day ago)	[ns31.kdns.gr] httpd-login-spray-site: sites=vasilikisagkioti.gr; logs=/var/log/httpd/domains/vasili ... show more [ns31.kdns.gr] httpd-login-spray-site: sites=vasilikisagkioti.gr; logs=/var/log/httpd/domains/vasilikisagkioti.gr.log; samples=site_wide=true \| distinct_ips=64 \| /wp-login.php show less	Hacking Web App Attack
🇫🇷 Sklurk	2026-06-17 01:12:33 (1 day ago)	Web App Attack	Web App Attack
🇫🇷 Sklurk	2026-06-16 00:43:48 (2 days ago)	Web App Attack	Web App Attack
🇬🇧 PeravixGroup	2026-05-06 19:08:08 (1 month ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇧🇬 cheatmaster.store	2026-02-26 05:16:48 (3 months ago)	Automated report: This IP address has been identified as an active public open proxy. Classification ... show more Automated report: This IP address has been identified as an active public open proxy. Classification: Open Proxy \| Spoofing \| VPN/Anonymizer \| Bad Web Bot. Country: United States Threat level: High. This host is listed across multiple public proxy databases and poses a risk of abuse, credential stuffing, scraping, and spoofed traffic. Reported by automated threat intelligence pipeline. Do not whitelist without manual verification. show less	Web Spam Port Scan Web App Attack
🇮🇹 VHosting	2025-12-29 00:10:05 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 22:01:58 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.37.198 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.37.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 17:01:52.350329 2025] [security2:error] [pid 7555:tid 7555] [client 45.3.37.198:20297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "odysseydogasporlari.com"] [uri "/.env"] [unique_id "aVBXUL2SKb220eD4CiyyxQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 21:46:33 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.37.198 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.37.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:46:27.792836 2025] [security2:error] [pid 15941:tid 15941] [client 45.3.37.198:42581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mycherishedteddies.com"] [uri "/.env"] [unique_id "aVBTszYl-vzaclAMDFt1fgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 21:26:21 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.37.198 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.37.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:26:15.174835 2025] [security2:error] [pid 4420:tid 4454] [client 45.3.37.198:11551] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "omniuscorp.com"] [uri "/.git/HEAD"] [unique_id "aVBO9x_dRAN9LoEXXjlUwAAAAEI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 20:03:10 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.37.198 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.37.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 15:03:03.240912 2025] [security2:error] [pid 2822:tid 2822] [client 45.3.37.198:36481] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lajoze.com"] [uri "/.git/HEAD"] [unique_id "aVA7d00ymHIlxNzH-VOHrwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 19:41:27 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.37.198 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.37.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 14:41:21.745710 2025] [security2:error] [pid 24649:tid 24649] [client 45.3.37.198:28103] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thetallships.com"] [uri "/.env"] [unique_id "aVA2YWlWfAy6n6MmqlzoIQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 17:06:47 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.37.198 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.37.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 12:06:41.669946 2025] [security2:error] [pid 18902:tid 18902] [client 45.3.37.198:41687] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kletzer.com"] [uri "/.svn/wc.db"] [unique_id "aVASIWGdMrrnFPgKjoaDxwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-26 13:16:44 (5 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 211.92.215.26

🇬🇧 35.203.210.93

🇰🇷 210.114.22.126

🇷🇺 188.19.74.46

🇺🇸 172.253.0.28

🇺🇸 135.232.216.53

🇮🇳 103.208.70.170

🇮🇳 103.19.136.6

🇳🇱 96.62.250.243

🇳🇱 45.142.193.118

🇲🇾 195.86.192.66

🇺🇸 172.253.214.26

🇻🇳 42.96.19.37

🇮🇩 36.64.33.82

🇺🇸 20.12.202.181

🇳🇱 185.226.197.14

🇨🇳 120.48.34.72

🇨🇳 101.76.248.214

🇮🇹 87.27.5.54

🇺🇸 66.132.186.217