JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.3.43.96

45.3.43.96 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 40%: ?

40%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.3.43.96

Whois 45.3.43.96

IP Abuse Reports for 45.3.43.96:

This IP address has been reported a total of 29 times from 17 distinct sources. 45.3.43.96 was first reported on November 9th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 mrcrassi	2026-06-17 16:05:02 (2 days ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇷 ELYAZ	2026-06-17 14:06:28 (2 days ago)	(y4) Failed scan -byebye- from 45.3.43.96 (DE/Germany/-): (CF_ENABLE)	Hacking
🇫🇷 pm33	2026-06-16 19:37:24 (3 days ago)	Wordpress login attempts	Brute-Force
🇫🇷 ELYAZ	2026-06-14 17:30:50 (5 days ago)	(y4) Failed scan -byebye- from 45.3.43.96 (DE/Germany/-): (CF_ENABLE)	Hacking
🇬🇷 setupgr	2026-06-14 12:41:58 (5 days ago)	(mod_security) mod_security (id:900001) triggered by 45.3.43.96: 1 in the last 86400 secs; Ports: ; ... show more (mod_security) mod_security (id:900001) triggered by 45.3.43.96: 1 in the last 86400 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sun Jun 14 15:41:57.452814 2026] [security2:error] [pid 921870:tid 921951] [client 45.3.43.96:10409] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.babis.photo"] [severity "CRITICAL"] [tag "security"] [hostname "mail.babis.photo"] [uri "/wp-login.php"] [unique_id "ai6hlSiyK_EXlfCi56cVBwAAAEA"], referer: https://mail.babis.photo/wp-login.php show less	Port Scan
🇫🇷 tecnicorioja	2026-06-13 22:01:11 (6 days ago)	wp-login attack [13/Jun/2026:03:26:44	Brute-Force Web App Attack
🇩🇪 iNetWorker	2026-06-13 07:12:34 (6 days ago)	trolling for resource vulnerabilities	Web App Attack
🇬🇷 setupgr	2026-06-12 07:16:17 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 45.3.43.96: 1 in the last 86400 secs; Ports: ; ... show more (mod_security) mod_security (id:900001) triggered by 45.3.43.96: 1 in the last 86400 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 10:16:16.273698 2026] [security2:error] [pid 104036:tid 104261] [client 45.3.43.96:58319] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: gyrosplace.gr"] [severity "CRITICAL"] [tag "security"] [hostname "gyrosplace.gr"] [uri "/wp-login.php"] [unique_id "aiuyQCyuLlw2tzl8Q_B1GwAAAJY"], referer: https://gyrosplace.gr/wp-login.php show less	Port Scan
🇺🇸 koinkash.org	2026-06-10 20:10:29 (1 week ago)	They are fraudulent. Malicious threat actor requesting php file /wp-login.php	Web App Attack
🇫🇷 ELYAZ	2026-06-10 15:58:53 (1 week ago)	(y4) Failed scan -byebye- from 45.3.43.96 (DE/Germany/-): (CF_ENABLE)	Hacking
🇦🇺 oncord	2025-12-28 03:23:03 (5 months ago)	Form spam	Web Spam
🇮🇹 VHosting	2025-12-24 01:15:28 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇪🇸 10dencehispahard SL	2025-11-25 21:00:25 (6 months ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 06:24:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.43.96 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.43.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:24:06.780622 2025] [security2:error] [pid 16252:tid 16252] [client 45.3.43.96:20455] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.step1nutrition.com"] [uri "/.git/HEAD"] [unique_id "aSVLhggN67g4N6uDXBEQOgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 193.124.20.250

🇩🇪 172.253.1.208

🇨🇳 106.111.222.196

🇨🇳 43.226.36.171

🇨🇳 139.198.5.147

🇻🇳 125.212.217.143

🇨🇳 116.228.58.100

🇨🇳 116.179.32.196

🇯🇵 111.238.174.6

🇨🇳 111.77.115.116

🇳🇱 91.92.40.25

🇱🇹 81.30.98.62

🇳🇱 45.156.87.253

🇸🇬 43.134.74.12

🇨🇦 216.26.234.43

🇲🇽 187.190.35.163

🇳🇱 185.213.174.141

🇺🇸 185.98.170.34

🇷🇸 185.82.111.26

🇩🇪 172.71.144.104