JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.3.42.196

45.3.42.196 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 38%: ?

38%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.3.42.196

Whois 45.3.42.196

IP Abuse Reports for 45.3.42.196:

This IP address has been reported a total of 26 times from 17 distinct sources. 45.3.42.196 was first reported on September 19th 2024, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 stinpriza	2026-06-28 01:17:53 (17 hours ago)	Web App Attack	Web App Attack
🇬🇧 poundawebsiteltd	2026-06-27 18:49:35 (23 hours ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 45.3.42.196 - - [27/Jun/2026:19:49:30 +0100] POS ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 45.3.42.196 - - [27/Jun/2026:19:49:30 +0100] POST /wp-login.php HTTP/1.1 200 7364 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15 show less	Web App Attack
🇩🇪 DocNetzwerk	2026-06-27 06:18:09 (1 day ago)	(wordpress) Failed wordpress login from 45.3.42.196 (GB/United Kingdom/-)	Brute-Force
🇫🇷 tilellit.pro	2026-06-26 01:36:30 (2 days ago)	Fail2Ban banned 45.3.42.196 for security violations in jail wp-armour. Log: 2026/06/26 01:36:30 [err ... show more Fail2Ban banned 45.3.42.196 for security violations in jail wp-armour. Log: 2026/06/26 01:36:30 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 45.3.42.196 \| Target: wplogin" , client: 45.3.42.196, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇩🇪 LRob.fr	2026-06-23 18:15:18 (5 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-09 03:30:49 (2 weeks ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇮🇹 [email protected]	2026-05-16 15:12:28 (1 month ago)	[Sat May 16 17:12:27.713524 2026] [authz_core:error] [pid 716011:tid 716071] [remote 45.3.42.196:162 ... show more [Sat May 16 17:12:27.713524 2026] [authz_core:error] [pid 716011:tid 716071] [remote 45.3.42.196:16277] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php show less	Brute-Force Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (3 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-03-03 07:07:44 (3 months ago)	"GET /.aws/credentials HTTP/1.1"	Hacking Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 11:28:43 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-11-27 07:20:10 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.42.196 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.42.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 02:20:06.585801 2025] [security2:error] [pid 30679:tid 30679] [client 45.3.42.196:38507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.franzexpress.com"] [uri "/.env"] [unique_id "aSf7pp8tTlRdSVih3ssbQQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:27:49 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.42.196 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.42.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:27:44.621539 2025] [security2:error] [pid 19455:tid 19455] [client 45.3.42.196:46501] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.enlightened-workplace.com"] [uri "/.git/HEAD"] [unique_id "aSU-UO9FLKftRfNb6wE6iAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:50:31 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.42.196 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.42.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:50:26.325067 2025] [security2:error] [pid 7018:tid 7018] [client 45.3.42.196:56349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.bencramerinc.com"] [uri "/.svn/wc.db"] [unique_id "aSU1kqCOMc9DJ7HcyjhMiwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:09:07 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.42.196 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.42.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:09:03.428279 2025] [security2:error] [pid 1817000:tid 1817014] [client 45.3.42.196:49825] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.worldecom.org"] [uri "/.git/HEAD"] [unique_id "aSUr35iXM9qjzOaPIgQhVwAAAUI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:45:45 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.42.196 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.42.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:45:35.878465 2025] [security2:error] [pid 2064:tid 2064] [client 45.3.42.196:15233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.englishmagic.us"] [uri "/.git/HEAD"] [unique_id "aSUmX5kcEBTntlbRgoxdNQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 174.35.25.178

🇨🇳 61.136.246.87

🇺🇸 47.251.250.101

🇰🇷 211.186.79.173

🇺🇸 172.253.9.209

🇸🇨 45.194.67.26

🇲🇽 38.58.38.25

🇨🇳 27.16.195.28

🇺🇸 2a09:bac5:9447:4e6::7d:4f

🇮🇳 209.38.120.71

🇳🇱 185.223.235.2

🇺🇿 185.213.229.41

🇫🇮 172.253.83.215

🇰🇷 125.244.114.221

🇯🇵 72.63.213.206

🇰🇷 61.43.121.132

🇭🇰 47.243.201.196

🇳🇱 45.148.10.151

🇺🇸 20.39.62.227

🇺🇸 205.210.31.111