JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.3.48.138

45.3.48.138 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 24%: ?

24%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.3.48.138

Whois 45.3.48.138

IP Abuse Reports for 45.3.48.138:

This IP address has been reported a total of 32 times from 16 distinct sources. 45.3.48.138 was first reported on November 7th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 lostswordfish.com	2026-05-30 10:06:04 (1 week ago)	Wordfence waf block on ncrsol	Web App Attack
🇫🇷 Security_Whaller	2026-05-30 01:20:05 (1 week ago)	Malicious activity detected on Honeypot.	Brute-Force Hacking Web App Attack
Anonymous	2026-05-29 02:09:08 (1 week ago)	[ssd5.kdns.gr] httpd-login-spray-site: sites=hparxo.gr; logs=/var/log/httpd/domains/hparxo.gr.log; s ... show more [ssd5.kdns.gr] httpd-login-spray-site: sites=hparxo.gr; logs=/var/log/httpd/domains/hparxo.gr.log; samples=site_wide=true \| distinct_ips=22 \| /wp-login.php show less	Hacking Web App Attack
🇬🇧 PeravixGroup	2026-05-11 10:25:10 (3 weeks ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇵🇱 cheatmaster.store	2026-02-26 06:23:22 (3 months ago)	Automated report: This IP address has been identified as an active public open proxy. Classification ... show more Automated report: This IP address has been identified as an active public open proxy. Classification: Open Proxy \| Spoofing \| VPN/Anonymizer \| Bad Web Bot. Country: United States Threat level: High. This host is listed across multiple public proxy databases and poses a risk of abuse, credential stuffing, scraping, and spoofed traffic. Reported by automated threat intelligence pipeline. Do not whitelist without manual verification. show less	Web Spam Port Scan Web App Attack
🇺🇸 oncord	2026-01-30 23:59:17 (4 months ago)	Form spam	Web Spam
🇺🇸 nowyouknow	2026-01-29 08:15:07 (4 months ago)	(From [email protected]) If you’re tired of the 9-to-5 grind or just want a way to put some ... show more (From [email protected]) If you’re tired of the 9-to-5 grind or just want a way to put some extra cash in your pocket every week, I have something for you. Companies are currently looking for remote writers to handle: Article Writing Blog Posts Social Media Content Live Chat Support No experience is necessary and full training is provided. But before you apply, you need to see which role you’re best suited for. Go here to take the Writing Job Quiz. ---> http://PaidToWrite.Online/ Once you finish the quiz, you’ll get a breakdown of the best opportunities available for you right now. Visit -----> http://PaidToWrite.Online/ show less	Phishing Web Spam
Anonymous	2025-12-26 15:48:33 (5 months ago)	Bot / scanning and/or hacking attempts: [0/0] init, POST /wp-login.php?wp_lang=en_US HTTP/2.0, GET / ... show more Bot / scanning and/or hacking attempts: [0/0] init, POST /wp-login.php?wp_lang=en_US HTTP/2.0, GET /wp-login.php HTTP/2.0, POST /xmlrpc.php HTTP/1.1, [2/2] done show less	Hacking Web App Attack
🇨🇭 backslash	2025-12-17 14:40:10 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇮🇩 Burayot	2025-12-05 02:57:53 (6 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 45.3.48.138 (US/United States/-): 1 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 45.3.48.138 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:44:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.48.138 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.48.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:44:49.801333 2025] [security2:error] [pid 26654:tid 26654] [client 45.3.48.138:14939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.h-vpastoralcharge.org"] [uri "/.env"] [unique_id "aSah4cOareFpgOOdowvkHAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:25:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.48.138 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.48.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:25:53.944273 2025] [security2:error] [pid 18699:tid 18699] [client 45.3.48.138:49247] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fgrotary.org"] [uri "/.env"] [unique_id "aSZlMe58bvm1uCVUcEr9AwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:31:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.48.138 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.48.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:31:50.834253 2025] [security2:error] [pid 9979:tid 9979] [client 45.3.48.138:45071] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jspd.com"] [uri "/.svn/wc.db"] [unique_id "aSZYhs3DWDSIiScjgpgzYQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:33:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.48.138 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.48.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:32:51.584891 2025] [security2:error] [pid 243930:tid 244020] [client 45.3.48.138:23407] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.uoexpanse.com"] [uri "/.svn/wc.db"] [unique_id "aSQmQyGfGLJwz49-AzKHrAAAAIo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:59:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.48.138 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.48.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:59:36.770702 2025] [security2:error] [pid 22419:tid 22419] [client 45.3.48.138:20713] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.marklex.com"] [uri "/.env"] [unique_id "aSP0SL728l6l1eM2aGAZ9gAAACI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 181.47.9.103

🇨🇳 180.76.128.183

🇳🇱 176.65.139.66

🇮🇩 165.154.151.176

🇩🇪 139.59.128.146

🇻🇳 116.110.14.186

🇧🇪 91.86.88.24

🇺🇸 73.36.177.174

🇫🇷 51.255.131.231

🇮🇩 34.101.84.106

🇺🇸 34.48.165.236

🇧🇷 147.15.20.173

🇺🇸 144.172.94.169

🇵🇭 138.84.97.103

🇺🇸 129.212.184.120

🇨🇳 106.75.144.186

🇨🇦 85.217.149.13

🇺🇸 64.62.156.143

🇺🇸 52.91.175.93

🇵🇭 45.64.81.78