JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.3.49.254

45.3.49.254 was found in our database!

This IP was reported 76 times. Confidence of Abuse is 23%: ?

23%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.3.49.254

Whois 45.3.49.254

IP Abuse Reports for 45.3.49.254:

This IP address has been reported a total of 76 times from 26 distinct sources. 45.3.49.254 was first reported on November 4th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 marc	2026-05-26 22:07:00 (1 week ago)	Hacking web forms for spam	Web Spam Web App Attack Hacking
🇨🇭 backslash	2026-05-23 05:03:07 (1 week ago)		Bad Web Bot
🇩🇪 4server	2026-05-10 21:55:37 (3 weeks ago)	[SunMay1023:55:31.5937802026][security2:error][pid1561170:tid1561257][client45.3.49.254:0]ModSecurit ... show more [SunMay1023:55:31.5937802026][security2:error][pid1561170:tid1561257][client45.3.49.254:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\\|wget\\|python\\|nikto\\|sqlmap\\|acunetix\\|fimap\\|dirbuster\\|cmsmap\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"subitotraslochi.ch\"][uri\"/wp-json/gravitysmtp/v1/tests/mock-data\"][unique_id\"agD-090MXR9LiBuvWUyoXwAAAMA\"] show less	Port Scan Brute-Force Web App Attack
🇧🇪 cmbplf	2026-05-06 17:05:44 (4 weeks ago)	272 requests with url.path .env 134 requests with url.path phpinfo.php	Brute-Force Bad Web Bot
Anonymous	2026-04-18 22:49:01 (1 month ago)	Forum/form spam	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-02-28 22:50:45 (3 months ago)	Forum/form spam	Web Spam
🇦🇺 MAGIC	2026-02-27 02:26:01 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇬🇧 relianoid.com	2026-02-23 10:14:15 (3 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 TPI-Abuse	2026-02-12 02:37:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.49.254 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.49.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 21:37:45.801125 2026] [security2:error] [pid 365676:tid 365676] [client 45.3.49.254:14215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arsenaultartistmanagement.com"] [uri "/api/.env"] [unique_id "aY08-Qsxy2bPd20sF6AHPwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 01:16:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.49.254 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.49.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 20:16:26.127744 2026] [security2:error] [pid 29505:tid 29505] [client 45.3.49.254:48739] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arofish.us"] [uri "/wp/.git/config"] [unique_id "aY0p6gs6wZmrBXp8_Q8l7AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-02-11 21:04:51 (3 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 19:14:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.49.254 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.49.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 14:14:01.568244 2026] [security2:error] [pid 1942:tid 1942] [client 45.3.49.254:27311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arcadiapropertiesllc.com"] [uri "/.env.staging"] [unique_id "aYzU-efin7u43MnhmcC8igAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 17:12:30 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.49.254 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.49.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 12:12:27.364082 2026] [security2:error] [pid 12763:tid 12763] [client 45.3.49.254:62769] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18mstudio.com"] [uri "/backup/.git/config"] [unique_id "aYtm--XmNJ_QUcPQpc0_YgAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 06:23:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.49.254 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.49.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:23:37.478635 2026] [security2:error] [pid 32760:tid 311] [client 45.3.49.254:50053] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mailporte.com"] [uri "/.env.local"] [unique_id "aYrO6RsSiKm_x6NY5FWS7wAAAJA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 76 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.154.138.217

🇮🇩 103.3.221.186

🇷🇴 80.94.92.187

🇧🇷 45.205.1.5

🇸🇬 156.245.145.111

🇸🇬 156.245.144.121

🇺🇸 147.185.132.56

🇷🇺 94.243.11.55

🇷🇴 92.118.39.62

🇷🇴 80.94.92.128

🇱🇹 45.227.254.170

🇲🇳 43.228.131.114

🇫🇷 37.60.241.190

🇵🇱 31.179.197.26

🇨🇦 209.235.136.137

🇧🇷 205.210.31.240

🇹🇭 147.50.227.79

🇩🇪 69.5.169.243

🇩🇪 69.5.169.207

🇺🇸 20.127.202.128