JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.3.40.189

45.3.40.189 was found in our database!

This IP was reported 46 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.3.40.189

Whois 45.3.40.189

IP Abuse Reports for 45.3.40.189:

This IP address has been reported a total of 46 times from 19 distinct sources. 45.3.40.189 was first reported on December 26th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-22 13:20:24 (2 weeks ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇨🇳 ThreatBook.io	2026-04-16 22:56:46 (1 month ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/45.3.40.189 2026- ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/45.3.40.189 2026-04-16 19:20:24 /news/index.php?c=search&catid=23%20and%20(select%201%20from%20(select%20count(),concat(md5(1),floor(rand(0)2))x%20from%20information_schema.tables%20group%20by%20x)a) show less	Web App Attack
🇨🇳 ThreatBook.io	2026-04-11 22:56:24 (1 month ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/45.3.40.189 2026- ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/45.3.40.189 2026-04-11 08:44:48 /video/index.php?c=search&catid=23%20and%20(select%201%20from%20(select%20count(),concat(md5(1),floor(rand(0)2))x%20from%20information_schema.tables%20group%20by%20x)a) show less	Web App Attack
🇳🇱 homeshowdomain.nl	2026-03-02 22:59:43 (3 months ago)	Auto-ban: >3000 req/min op 2026-03-02	Web App Attack SSH Hacking
Anonymous	2026-02-15 12:04:03 (3 months ago)	Bot / scanning and/or hacking attempts: GET /api/.env HTTP/1.1, GET /admin/.env HTTP/1.1, GET /.env. ... show more Bot / scanning and/or hacking attempts: GET /api/.env HTTP/1.1, GET /admin/.env HTTP/1.1, GET /.env.save HTTP/1.1, GET /app/.env HTTP/1.1, GET /.env HTTP/1.1, GET /.env.staging HTTP/1.1, GET /.env.production HTTP/1.1 show less	Hacking Web App Attack
🇮🇩 Burayot	2026-02-15 10:58:44 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 45.3.40.189 (BR/Brazil/-): 1 in the ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 45.3.40.189 (BR/Brazil/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 07:13:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.40.189 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.40.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 02:07:19.198078 2026] [security2:error] [pid 401946:tid 401946] [client 45.3.40.189:32459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "orlando-windsor-villa.com"] [uri "/v2/.git/config"] [unique_id "aZFwpxsapaWw82ExZwa0mwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 07:05:13 (3 months ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇺🇸 mnsf	2026-02-15 06:06:48 (3 months ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇧🇪 voormedia	2026-02-15 05:58:34 (3 months ago)	Accessed trap at '/.env'	Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 05:51:07 (3 months ago)	Try to access /site/.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:50:12 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.40.189 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.40.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:50:05.475763 2026] [security2:error] [pid 20979:tid 20979] [client 45.3.40.189:53621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scermak.com"] [uri "/wp/.git/config"] [unique_id "aZFejXvpSznEBkXb2EBdswAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:14:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.40.189 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.40.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:14:02.751545 2026] [security2:error] [pid 15342:tid 15342] [client 45.3.40.189:44655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "odysseydogasporlari.com"] [uri "/config/.env"] [unique_id "aZFWGtPnr2ctV25qJ4ERUgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:23:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.40.189 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.40.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:23:05.673325 2026] [security2:error] [pid 1215:tid 1215] [client 45.3.40.189:53765] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "san-marino-resident-agent.com"] [uri "/test/.git/config"] [unique_id "aZFKKU9jLj5J_RBmVss-5AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:05:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.40.189 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.40.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:04:59.307296 2026] [security2:error] [pid 17306:tid 17306] [client 45.3.40.189:23033] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "powdercoatovens.net"] [uri "/.env.staging"] [unique_id "aZFF6wq5hjYdNEOm7bNo5wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 46 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.254.207.99

🇩🇪 167.94.146.50

🇺🇸 162.216.149.132

🇺🇸 66.132.172.151

🇺🇸 20.168.121.1

🇺🇸 20.115.45.115

🇸🇬 8.219.2.243

🇳🇱 176.65.149.31

🇩🇪 176.65.132.17

🇭🇰 165.154.62.25

🇺🇸 162.214.5.224

🇸🇦 94.96.139.33

🇺🇸 66.132.186.188

🇨🇳 60.188.58.133

🇳🇱 45.148.10.147

🇬🇧 37.156.65.133

🇷🇺 37.77.150.67

🇺🇸 20.169.107.67

🇮🇩 210.79.142.221

🇪🇨 186.68.83.105