JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.3.46.59

45.3.46.59 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 44%: ?

44%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.3.46.59

Whois 45.3.46.59

IP Abuse Reports for 45.3.46.59:

This IP address has been reported a total of 20 times from 12 distinct sources. 45.3.46.59 was first reported on November 10th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-01 21:59:06 (5 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-31. show less	Web App Attack SSH Hacking
🇳🇱 homeshowdomain.nl	2026-05-31 21:59:02 (6 days ago)	Auto-ban: >3000 req/min op 2026-05-31	Web App Attack SSH Hacking
🇧🇪 cmbplf	2026-05-31 02:28:01 (1 week ago)	363 requests with url.path /.git/config 348 requests with url.path .git/*	Brute-Force Bad Web Bot
🇨🇭 4server	2026-05-31 01:02:26 (1 week ago)	[SunMay3103:02:22.6482432026][security2:error][pid1028773:tid1029304][client45.3.46.59:0]ModSecurity ... show more [SunMay3103:02:22.6482432026][security2:error][pid1028773:tid1029304][client45.3.46.59:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"ristrutturazione-case.ch\"][uri\"/.git/config\"][unique_id\"ahuInsOHIhs9__tMqHaP7gAAAMI\"] show less	Hacking Web App Attack
🇨🇦 lakered	2026-05-31 00:11:10 (1 week ago)	Detectors: [NGINX] \| Reasons: Nginx Honeypot: Sensitive configuration file search \| Tech Evidence: J ... show more Detectors: [NGINX] \| Reasons: Nginx Honeypot: Sensitive configuration file search \| Tech Evidence: JA4H: 4c4eeb51ec84896cdff2ad78bc4b2310, Incomplete-Browser-Profile (Missing: Accept, Accept-Language), TLS-JA4-Spoofing-Detected (UA claims Browser but JA4 reports No-HTTP/2: t13d190900), JA4: t13d190900 \| UA: Mozilla/5.0 (Linux; Android 9; SM-G901F Build/PQ3A.190705.003) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/76.0.3809.89 Mobile Safari/537.36 show less	Hacking Web App Attack
🇺🇸 mnsf	2026-05-31 00:05:24 (1 week ago)	Abuse Detected (1)	Brute-Force Web App Attack
Anonymous	2026-05-30 23:45:02 (1 week ago)	suspicious request in access.log	Web App Attack
🇺🇸 OceanTreasure	2026-05-30 23:35:14 (1 week ago)	tcp/443; Git configuration exposure attempt: "GET /.git/config" @ 2026-05-30T23:30:07Z [proxy]	Web App Attack
🇱🇹 NotACaptcha	2026-04-30 02:18:07 (1 month ago)	webserver:443 [30/Apr/2026] "GET /.aws/credentials HTTP/1.1" 302 4276 "-" "Mozilla/5.0 (compatible; ... show more webserver:443 [30/Apr/2026] "GET /.aws/credentials HTTP/1.1" 302 4276 "-" "Mozilla/5.0 (compatible; Konqueror/4.1; DragonFly) KHTML/4.1.4 (like Gecko)" show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:10:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.46.59 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.46.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:10:41.512827 2025] [security2:error] [pid 4133561:tid 4133579] [client 45.3.46.59:20695] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.whitecrosslibrary.com"] [uri "/.git/HEAD"] [unique_id "aSP24c6lE8qghk7QOEVbUwAAAE4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:21:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.46.59 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.46.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:21:24.751060 2025] [security2:error] [pid 22895:tid 22895] [client 45.3.46.59:38549] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.method1.net"] [uri "/.git/HEAD"] [unique_id "aSPdRCHYUMOXN5ZQs6tP1AAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:55:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.46.59 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.46.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:55:43.524651 2025] [security2:error] [pid 18325:tid 18336] [client 45.3.46.59:10109] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.la.oplconnect.com"] [uri "/.svn/wc.db"] [unique_id "aSPXP7ibCkDUtlE56PAVWgAAAEk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 15:31:30 (6 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/14 09:28:52	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-11-02 14:07:53 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 06:57:06	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-10-12 08:21:00 (7 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 131.255.231.254

🇮🇩 103.41.247.76

🇺🇸 66.132.195.91

🇮🇹 57.131.50.125

🇷🇺 46.160.165.239

🇨🇳 43.226.39.182

🇹🇿 41.59.229.33

🇨🇳 8.148.200.68

🇺🇸 172.203.149.63

🇧🇷 170.254.163.58

🇳🇱 158.94.210.233

🇧🇷 143.95.213.196

🇹🇯 109.75.54.122

🇷🇴 92.118.39.236

🇷🇴 92.118.39.62

🇲🇦 81.192.46.36

🇲🇾 180.75.133.83

🇧🇷 152.254.185.121

🇨🇳 110.249.202.211

🇺🇸 76.223.176.17