JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.3.51.248

45.3.51.248 was found in our database!

This IP was reported 54 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.3.51.248

Whois 45.3.51.248

IP Abuse Reports for 45.3.51.248:

This IP address has been reported a total of 54 times from 20 distinct sources. 45.3.51.248 was first reported on October 3rd 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇳 ThreatBook.io	2026-05-10 22:52:38 (3 weeks ago)	ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/45.3.51.248 2026 ... show more ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/45.3.51.248 2026-05-10 14:22:49 /general/mytable/intel_view/video_file.php?MEDIA_DIR=../../../inc/&MEDIA_NAME=oa_config.php 2026-05-10 00:29:09 / show less	Web App Attack
🇨🇳 ThreatBook.io	2026-04-16 22:40:51 (1 month ago)	ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/45.3.51.248 2026 ... show more ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/45.3.51.248 2026-04-16 09:47:05 /video/index.php?c=search&catid=23%20and%20(select%201%20from%20(select%20count(),concat(md5(1),floor(rand(0)2))x%20from%20information_schema.tables%20group%20by%20x)a) show less	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇳🇱 jjnxpct	2026-02-11 04:53:23 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /config/.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /config/.env] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 16:10:30 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.51.248 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.51.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 11:10:21.296745 2026] [security2:error] [pid 21045:tid 21054] [client 45.3.51.248:32513] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "12am.us"] [uri "/frontend/.env"] [unique_id "aYtYbUbhlAcrdkcO_sPbpQAAAMQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:31:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.51.248 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.51.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:31:22.570423 2026] [security2:error] [pid 19991:tid 19991] [client 45.3.51.248:44745] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirt.us"] [uri "/backend/.env"] [unique_id "aYqmiuoO0Cd8lZFt_Cl4jgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:28:02 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.51.248 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.51.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:27:50.671611 2026] [security2:error] [pid 23732:tid 23732] [client 45.3.51.248:24995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keithbowles.com"] [uri "/.git/config"] [unique_id "aYptdpGkETkulaIaOOVZVAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 22:40:39 (3 months ago)	Blocking for trying to access an exploit file: /.env.production	Hacking
🇺🇸 TPI-Abuse	2026-02-09 22:21:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.51.248 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.51.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:21:14.350570 2026] [security2:error] [pid 25754:tid 25754] [client 45.3.51.248:49649] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hotspringstips.com"] [uri "/admin/.git/config"] [unique_id "aYpd2ufHIQYqgYGKKuF18wAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:09:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.51.248 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.51.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:09:22.870833 2026] [security2:error] [pid 25145:tid 25145] [client 45.3.51.248:44111] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karenjoyce.com"] [uri "/admin/.git/config"] [unique_id "aYpNAjjE8r-NNgxP0yvAWwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-02-02 22:59:40 (4 months ago)	ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/45.3.51.248 202 ... show more ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/45.3.51.248 2026-02-02 06:39:09 /?debug=command&expression=%23context%5b%22xwork.MethodAccessor.denyMethodExecution%22%5d%3dfalse%2c%23f%3d%23_memberAccess.getClass%28%29.getDeclaredField%28%22allowStaticMethodAccess%22%29%2c%23f.setAccessible%28true%29%2c%23f.set%28%23_memberAccess%2ctrue%29%2c%23a%[email protected]@getRuntime%28%29.exec%28%22netstat%20-an%22%29.getInputStream%28%29%2c%23b%3dnew%20java.io.InputStreamReader%28%23a%29%2c%23c%3dnew%20java.io.BufferedReader%28%23b%29%2c%23d%3dnew%20char%5b50000%5d%2c%23c.read%28%23d%29%2c%23genxor%3d%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29.getWriter%28%29%2c%23genxor.println%28%23d%29%2c%23genxor.flush%28%29%2c%23genxor.close%28%29 2026-02-02 06:39:09 / show less	Web App Attack
Anonymous	2025-12-15 08:24:07 (5 months ago)	botnet	DDoS Attack
🇵🇱 sefinek.net	2025-12-13 18:36:40 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇨🇳 ThreatBook.io	2025-12-04 22:23:29 (6 months ago)	ThreatBook Intelligence: http_proxy,vpn_proxy more details on https://threatbook.io/ip/45.3.51.248 2 ... show more ThreatBook Intelligence: http_proxy,vpn_proxy more details on https://threatbook.io/ip/45.3.51.248 2025-12-04 16:16:43 /api/swagger.json 2025-12-04 16:16:42 /swagger/docs/v1 2025-12-04 16:16:44 /v3/api-docs 2025-12-04 16:16:40 /prod-api/v2/api-docs 2025-12-04 16:16:41 /v2/api-docs 2025-12-04 16:16:41 /swagger/v1/swagger.json show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 14:03:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.51.248 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.51.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 09:03:08.850638 2025] [security2:error] [pid 17220:tid 17220] [client 45.3.51.248:55131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.wisconsinstatehuntingexpo.com"] [uri "/.git/HEAD"] [unique_id "aShaHBp5-7_U2bQy_u7F3gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 54 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2405:201:200c:243:c006:6414:935f:9acc

🇯🇵 216.246.22.64

🇻🇪 190.114.246.145

🇳🇱 45.148.10.151

🇮🇩 222.124.205.34

🇳🇱 172.211.56.214

🇨🇳 119.117.74.207

🇷🇴 92.118.39.236

🇩🇪 91.186.212.104

🇺🇸 45.156.129.121

🇦🇱 45.66.230.14

🇺🇸 216.25.89.99

🇮🇩 202.6.231.187

🇧🇪 198.235.24.246

🇬🇧 45.82.76.102

🇧🇪 34.156.205.200

🇺🇸 20.106.206.77

🇸🇬 198.38.91.141

🇲🇼 196.11.86.134

🇲🇰 185.226.0.83