JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.3.49.152

45.3.49.152 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.3.49.152

Whois 45.3.49.152

IP Abuse Reports for 45.3.49.152:

This IP address has been reported a total of 30 times from 11 distinct sources. 45.3.49.152 was first reported on January 16th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mind5t0rm	2026-03-09 04:14:53 (2 months ago)	(WPLOGIN) WP Login Attack 45.3.49.152 (US/United States/-): 3 in the last 3600 secs; Ports: ; Direc ... show more (WPLOGIN) WP Login Attack 45.3.49.152 (US/United States/-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 45.3.49.152 - - [09/Mar/2026:11:14:20 +0700] "GET /wp-login.php?wp_lang=en_US HTTP/2.0" 200 2451 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" 45.3.49.152 - - [09/Mar/2026:11:14:20 +0700] "POST /wp-login.php?wp_lang=en_US HTTP/2.0" 302 0 "https://zerowaterthailand.com/wp-login.php?wp_lang=en_US" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" 45.3.49.152 - - [09/Mar/2026:11:14:51 +0700] "GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.zerowaterthailand.com%2Fwp-admin%2F&reauth=1 HTTP/2.0" 200 2445 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" show less	Port Scan
🇱🇻 garmtech.com	2026-03-01 10:35:25 (3 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇱🇻 garmtech.com	2026-02-08 22:59:43 (3 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇺🇸 oncord	2026-01-05 20:56:26 (4 months ago)	Form spam	Web Spam
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:17 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-09 11:39:39 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.49.152 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.49.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 06:39:32.496710 2025] [security2:error] [pid 7856:tid 7856] [client 45.3.49.152:9509] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rocky-ridgeco.com"] [uri "/.git/HEAD"] [unique_id "aTgKdG1yowaP22erV2_zrgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 08:11:39 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.49.152 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.49.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 03:11:34.383552 2025] [security2:error] [pid 19055:tid 19055] [client 45.3.49.152:57805] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "badwaterclaims.com"] [uri "/.svn/wc.db"] [unique_id "aTfZtuWDNKggmJuGG8yQIAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 13:38:13 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.49.152 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.49.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 08:38:09.525027 2025] [security2:error] [pid 26525:tid 26554] [client 45.3.49.152:18893] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "inal.org"] [uri "/.env"] [unique_id "aTWDQe7ey1gIqhBIf89m7AAAARc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 12:26:05 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.49.152 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.49.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:26:00.051157 2025] [security2:error] [pid 17406:tid 17406] [client 45.3.49.152:22335] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bletnslb.org"] [uri "/.git/HEAD"] [unique_id "aTVyWLPSlW2LNqsM5Au_ngAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 13:13:49 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.49.152 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.49.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 08:13:42.805977 2025] [security2:error] [pid 19744:tid 19744] [client 45.3.49.152:33201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rsrtelecom.net"] [uri "/.git/HEAD"] [unique_id "aTQsBnSUsAkOMTlNAZnACQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 08:18:26 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.49.152 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.49.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 03:18:19.577849 2025] [security2:error] [pid 21800:tid 21800] [client 45.3.49.152:43327] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "orozco-wallraff.legal"] [uri "/.svn/wc.db"] [unique_id "aTPmy0GrsddnwGv5QBWu8QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 02:43:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.49.152 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.49.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 21:43:17.052250 2025] [security2:error] [pid 19705:tid 19705] [client 45.3.49.152:34829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fancycleaners.com"] [uri "/.svn/wc.db"] [unique_id "aTJGxZTJaSUg3hCwMgMS7QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-04 23:36:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.49.152 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.49.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 18:36:46.075600 2025] [security2:error] [pid 6426:tid 6426] [client 45.3.49.152:14129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "indoorfreeflight.com"] [uri "/.svn/wc.db"] [unique_id "aTIbDmA_oqVHY6BwqBhp0wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nowyouknow	2025-10-24 19:43:32 (7 months ago)	(From [email protected]) Your website alivebydesignchiropractic.com has some issues that...	Phishing Web Spam
🇨🇦 wil.com	2025-10-17 18:42:53 (7 months ago)	GlobalProtect login attempts with user robinsonr.	VPN IP Brute-Force

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.211.155.31

🇭🇰 144.48.241.162

🇸🇬 143.198.221.127

🇭🇰 103.210.21.178

🇮🇳 103.117.12.178

🇵🇱 87.251.64.158

🇺🇸 3.139.70.180

🇧🇷 205.210.31.197

🇬🇧 193.163.125.154

🇮🇩 103.122.34.142

🇸🇬 94.231.206.11

🇳🇱 77.83.39.240

🇺🇸 162.216.150.229

🇫🇷 159.26.112.56

🇵🇱 138.124.20.112

🇱🇹 45.227.254.170

🇷🇺 37.128.240.47

🇧🇪 34.79.211.51

🇧🇷 177.11.196.84

🇸🇪 151.177.88.203