JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.3.47.109

45.3.47.109 was found in our database!

This IP was reported 40 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.3.47.109

Whois 45.3.47.109

IP Abuse Reports for 45.3.47.109:

This IP address has been reported a total of 40 times from 20 distinct sources. 45.3.47.109 was first reported on December 21st 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-25 16:59:36 (1 week ago)	Known malicious PHP file or CMS probe	Web App Attack
Anonymous	2026-05-25 11:44:22 (1 week ago)	[osotir.org] httpd-login-spray-site: sites=agonistes.gr.synathlountes; logs=/var/log/httpd/domains/a ... show more [osotir.org] httpd-login-spray-site: sites=agonistes.gr.synathlountes; logs=/var/log/httpd/domains/agonistes.gr.synathlountes.log; samples=site_wide=true \| distinct_ips=26 \| /wp-login.php show less	Hacking Web App Attack
🇫🇷 Thaliruth	2026-02-12 02:35:43 (3 months ago)	[12/Feb/2026:03:35:42.659898 +0100] aY08fsJc-4d0a51d7_CmowAAABQ 45.3.47.109 34814 127.0.0.1 7080 ...	Hacking
🇹🇷 rtbh.com.tr	2026-02-12 00:11:30 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 TPI-Abuse	2026-02-11 20:53:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.47.109 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.47.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 15:53:42.256468 2026] [security2:error] [pid 12141:tid 12141] [client 45.3.47.109:45305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ardeeapps.com"] [uri "/.env.save"] [unique_id "aYzsVsVXK-o8wa3ygIfj-gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Valhalla	2026-02-11 19:20:07 (3 months ago)	/admin/.env	Hacking Web App Attack
🇫🇮 000rosiu	2026-02-11 16:09:37 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/1.1 (GET method) Endpoint: /.env Timestamp: 2026-02-11T16:03:36Z Ray ID: 9cc513c70a2ddca8 UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Report generated by Cloudflare-WAF-To-AbuseIPDB: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇹🇷 rtbh.com.tr	2026-02-10 20:11:30 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇮🇩 Burayot	2026-02-10 06:42:52 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 45.3.47.109 (FR/France/-): 1 in the ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 45.3.47.109 (FR/France/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 06:12:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.47.109 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.47.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:12:18.846719 2026] [security2:error] [pid 19929:tid 20020] [client 45.3.47.109:27029] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "koliosfoods.com"] [uri "/.git/config"] [unique_id "aYrMQln6EEqOJQgSnk0RbAAAANM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:17:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.47.109 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.47.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:17:12.765331 2026] [security2:error] [pid 19186:tid 19186] [client 45.3.47.109:53685] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iee-usa.com"] [uri "/wp/.git/config"] [unique_id "aYq_WMOQ1o1Q58l7mp-nDAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:44:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.47.109 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.47.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:44:14.786163 2026] [security2:error] [pid 18550:tid 18550] [client 45.3.47.109:20607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magazinesubscriptionsusa.com"] [uri "/config/.env"] [unique_id "aYqpjgAC945Qu_wQnE-t_wAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:49:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.47.109 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.47.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:49:38.476662 2026] [security2:error] [pid 5118:tid 5118] [client 45.3.47.109:17223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keyston.net"] [uri "/new/.git/config"] [unique_id "aYqAojKvH_FdR18pFtAJ7AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ne1for23	2026-02-09 23:14:55 (3 months ago)	Attempting to probe for sensitive information accidently exposed via git config. 45.3.47.109 - - [0 ... show more Attempting to probe for sensitive information accidently exposed via git config. 45.3.47.109 - - [09/Feb/2026:23:13:46 +0000] "GET /app/.git/config HTTP/1.1" 403 153 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" show less	Hacking
🇺🇸 TPI-Abuse	2026-02-09 23:12:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.47.109 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.47.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:12:26.067602 2026] [security2:error] [pid 21389:tid 21389] [client 45.3.47.109:38597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keeftone.com"] [uri "/admin/.env"] [unique_id "aYpp2uM7KJQmII1mF1XQmAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 40 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.36.214.46

🇺🇸 162.216.149.234

🇨🇳 157.255.29.89

🇷🇺 109.111.175.210

🇺🇸 107.197.183.81

🇮🇳 103.251.31.26

🇧🇬 78.128.113.74

🇩🇪 69.5.169.167

🇺🇸 68.169.41.107

🇫🇷 45.91.22.93

🇬🇧 35.203.210.137

🇲🇽 201.172.232.224

🇹🇼 198.235.24.93

🇸🇬 193.37.32.189

🇦🇲 176.32.193.16

🇫🇷 173.249.52.138

🇺🇸 165.227.110.45

🇺🇸 147.185.132.187

🇮🇳 143.110.177.172

🇩🇪 87.106.29.151