JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.3.43.53

45.3.43.53 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.3.43.53

Whois 45.3.43.53

IP Abuse Reports for 45.3.43.53:

This IP address has been reported a total of 16 times from 9 distinct sources. 45.3.43.53 was first reported on October 24th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 Saec	2026-06-12 01:30:09 (3 days ago)	Jarvis auto-ban: CF honeypot path /xmlrpc.php (3× on saec.me)	Port Scan Web App Attack
Anonymous	2026-06-08 00:33:08 (1 week ago)	[redacted] 45.3.43.53 - - [08/Jun/2026:02:33:06 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "Wget ... show more [redacted] 45.3.43.53 - - [08/Jun/2026:02:33:06 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "Wget/1.21.4" [redacted] 45.3.43.53 - - [08/Jun/2026:02:33:06 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "curl/7.88.1" [redacted] 45.3.43.53 - - [08/Jun/2026:02:33:07 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "curl/7.88.1" [redacted] 45.3.43.53 - - [08/Jun/2026:02:33:07 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "curl/8.6.0" [redacted] 45.3.43.53 - - [08/Jun/2026:02:33:08 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "curl/8.6.0" ... show less	Hacking Web App Attack
🇫🇷 COMAITE	2026-02-06 02:39:28 (4 months ago)	Common web attack from 45.3.43.53.	Web App Attack
🇺🇸 TPI-Abuse	2025-12-30 10:22:29 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.43.53 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.43.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 05:21:46.965849 2025] [security2:error] [pid 21023:tid 21023] [client 45.3.43.53:21007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.trafficstopper.com"] [uri "/.git/HEAD"] [unique_id "aVOnutTGNPCbdMiKe6lxowAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:53:48 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.43.53 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.43.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:53:44.555307 2025] [security2:error] [pid 28750:tid 28750] [client 45.3.43.53:52519] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "woodwindstar.com"] [uri "/.env"] [unique_id "aVIXaI6XTslFBr9R3vioMgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:31:30 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.43.53 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.43.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:31:24.834829 2025] [security2:error] [pid 1042:tid 1042] [client 45.3.43.53:23747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "3-6trucking.com"] [uri "/.git/HEAD"] [unique_id "aVISLBRoQNN1ppSPFgYdFgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-21 18:33:30 (6 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/21 12:30:57	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-10-15 18:40:02 (7 months ago)	Failed Wordpress login	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-04-01 04:29:40 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 45.3.43.53 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 45.3.43.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 01 00:29:37.341322 2025] [security2:error] [pid 19017:tid 19070] [client 45.3.43.53:43717] [client 45.3.43.53] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|slelectric.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "slelectric.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z-trsVZfJNwbVS_k4xKwnAAAAVg"], referer: https://slelectric.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hazzard	2025-03-22 13:50:29 (1 year ago)	45.3.43.53 (GB/United Kingdom/England/London/-/[redacted]	Brute-Force
🇩🇪 Hazzard	2025-03-22 13:34:54 (1 year ago)	(imapd) Failed IMAP login from 45.3.43.53 (GB/United Kingdom/England/London/-/[redacted])	Brute-Force
🇺🇸 TPI-Abuse	2025-02-20 06:16:44 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 45.3.43.53 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 45.3.43.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 20 01:16:41.165646 2025] [security2:error] [pid 1936706:tid 1936706] [client 45.3.43.53:32781] [client 45.3.43.53] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|kunzteam.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kunzteam.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z7bIyZX1AyXp11mlaERo7QAAAAM"], referer: https://kunzteam.com show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 PulseServers	2024-11-10 00:50:33 (1 year ago)	Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com ... show more Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com - ISUK2 ... show less	DDoS Attack Exploited Host
🇺🇸 PulseServers	2024-11-09 03:25:53 (1 year ago)	Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com ... show more Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com - ISUS1 ... show less	DDoS Attack Exploited Host
🇺🇸 PulseServers	2024-11-08 00:47:09 (1 year ago)	Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com ... show more Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com - ISUS2 ... show less	DDoS Attack Exploited Host

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇬 197.50.229.82

🇨🇳 112.103.63.205

🇫🇷 85.217.140.42

🇮🇳 40.81.233.86

🇨🇳 223.85.54.40

🇬🇧 193.176.29.12

🇨🇳 117.40.114.21

🇺🇸 66.212.18.237

🇮🇪 52.169.217.131

🇱🇹 45.227.254.170

🇺🇸 23.251.114.140

🇺🇸 2604:a880:400:d1:0:4:9626:3001

🇰🇷 218.144.90.40

🇨🇴 191.97.12.90

🇳🇵 113.199.226.145

🇺🇸 103.143.10.140

🇮🇳 103.88.76.27

🇸🇦 82.197.58.135

🇨🇳 45.126.112.35

🇬🇧 31.14.254.90