JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.3.45.161

45.3.45.161 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 36%: ?

36%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.3.45.161

Whois 45.3.45.161

IP Abuse Reports for 45.3.45.161:

This IP address has been reported a total of 25 times from 13 distinct sources. 45.3.45.161 was first reported on October 1st 2024, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-26 09:27:46 (8 hours ago)	(y4) Failed scan -byebye- from 45.3.45.161 (IT/Italy/-): (CF_ENABLE)	Hacking
🇲🇽 octageeks.com	2026-06-26 04:09:39 (14 hours ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇮🇩 zam	2026-06-22 10:53:22 (4 days ago)	45.3.45.161 - - [22/Jun/2026:10:53:20 +0000] "POST /wp-login.php HTTP/1.1" 404 27293	Web App Attack
🇲🇽 octageeks.com	2026-06-22 04:06:58 (4 days ago)	Wordpress malicious attack:[octaflood]	Web App Attack
Anonymous	2026-06-20 02:27:08 (6 days ago)	[da.kdns.gr] httpd-login-spray-site: sites=vougioukas-texniki.gr; logs=/var/log/httpd/domains/vougio ... show more [da.kdns.gr] httpd-login-spray-site: sites=vougioukas-texniki.gr; logs=/var/log/httpd/domains/vougioukas-texniki.gr.log; samples=site_wide=true \| distinct_ips=17 \| /wp-login.php show less	Hacking Web App Attack
🇺🇸 lostswordfish.com	2026-06-16 20:58:04 (1 week ago)	Wordfence waf block on decarcerationnation	Web App Attack
🇱🇻 garmtech.com	2026-05-15 20:28:13 (1 month ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:58:03 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.45.161 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.45.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:57:55.743113 2025] [security2:error] [pid 26588:tid 26588] [client 45.3.45.161:55885] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.timquanconsulting.com"] [uri "/.env"] [unique_id "aSbrQ7OMooI5ASKIVH0NpgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:05:33 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.45.161 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.45.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:05:29.650147 2025] [security2:error] [pid 9705:tid 9705] [client 45.3.45.161:23325] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rainwaterconstruction.net"] [uri "/.svn/wc.db"] [unique_id "aSZueTrEdRinIXr0vSVOjQAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:02:59 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.45.161 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.45.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:02:55.087427 2025] [security2:error] [pid 9085:tid 9085] [client 45.3.45.161:32745] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.globalodit.com"] [uri "/.env"] [unique_id "aSZDrynLhbms-NJF6DQHWwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:08:15 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.45.161 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.45.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:08:08.820681 2025] [security2:error] [pid 25827:tid 25827] [client 45.3.45.161:47419] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.flugstad.com"] [uri "/.env"] [unique_id "aSQgeE4vsJHG4w2r0OHvlQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:43:37 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.45.161 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.45.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:43:18.916830 2025] [security2:error] [pid 30923:tid 30923] [client 45.3.45.161:41811] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.adona.org"] [uri "/.git/HEAD"] [unique_id "aSQMlmN-De9aVkgZi6BxFAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:58:39 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.45.161 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.45.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:58:32.239684 2025] [security2:error] [pid 22441:tid 22441] [client 45.3.45.161:51937] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thelittleprince.net.garbothemusical.net"] [uri "/.svn/wc.db"] [unique_id "aSP0CFOtYP4I1y9gB029oQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 15:15:00 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/14 09:13:57	Port Scan Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 20:35:38 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 45.3.45.161 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 45.3.45.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 15:35:34.790724 2025] [security2:error] [pid 21479:tid 21479] [client 45.3.45.161:56573] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ferreteria.imerka.com.mx\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ferreteria.imerka.com.mx"] [uri "/s3cmd.ini"] [unique_id "aRZBFooHDec9gTPN-Um9wQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 136.66.180.6

🇧🇩 103.183.62.0

🇺🇸 66.132.172.235

🇹🇼 61.219.232.138

🇲🇴 125.31.2.160

🇭🇰 101.36.106.78

🇧🇷 20.197.227.41

🇺🇸 20.102.108.84

🇺🇸 20.64.105.54

🇰🇷 222.239.251.12

🇺🇸 205.210.31.83

🇭🇰 199.45.155.102

🇺🇸 193.37.33.190

🇧🇼 168.167.81.76

🇺🇸 162.216.18.113

🇻🇳 115.78.9.138

🇳🇱 104.248.206.108

🇭🇰 104.208.108.166

🇮🇩 36.95.221.140

🇺🇸 34.181.169.58