JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.3.52.192

45.3.52.192 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 52%: ?

52%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.3.52.192

Whois 45.3.52.192

IP Abuse Reports for 45.3.52.192:

This IP address has been reported a total of 17 times from 15 distinct sources. 45.3.52.192 was first reported on October 1st 2024, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-06-22 20:00:47 (5 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇫🇷 ELYAZ	2026-06-22 01:44:42 (1 day ago)	(y4) Failed scan -byebye- from 45.3.52.192 (BR/Brazil/-): (CF_ENABLE)	Hacking
🇬🇷 setupgr	2026-06-21 00:39:50 (2 days ago)	(mod_security) mod_security (id:900001) triggered by 45.3.52.192 (BR/Brazil/SÃ£o Paulo/SÃ£o Paulo/-/ ... show more (mod_security) mod_security (id:900001) triggered by 45.3.52.192 (BR/Brazil/SÃ£o Paulo/SÃ£o Paulo/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sun Jun 21 03:39:48.363407 2026] [security2:error] [pid 849641:tid 849673] [client 45.3.52.192:61173] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "75"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.setworldup.com"] [severity "CRITICAL"] [tag "security"] [hostname "mail.setworldup.com"] [uri "/wp-login.php"] [unique_id "ajcy1I53BW3tJhdlNdsrQQAAAUU"], referer: https://mail.setworldup.com/wp-login.php show less	Port Scan
🇺🇸 nationaleventpros.com	2026-06-16 13:05:28 (6 days ago)	WordPress login attempt	Brute-Force
🇩🇪 london2038.com	2026-06-16 03:49:01 (6 days ago)	Probing for exploits 45.3.52.192 - - [16/Jun/2026:05:47:17 +0200] "POST /wp-login.php HTTP/1.1" 301 ... show more Probing for exploits 45.3.52.192 - - [16/Jun/2026:05:47:17 +0200] "POST /wp-login.php HTTP/1.1" 301 0 "https://v97746.<REDACTED>/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 45.3.52.192 - - [16/Jun/2026:05:48:59 +0200] "POST /wp-login.php HTTP/1.1" 301 0 "https://v97746.<REDACTED>/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" show less	Hacking Web App Attack
Anonymous	2026-06-13 07:35:57 (1 week ago)	[ns41.kdns.gr] httpd-login-spray-site: sites=global; logs=/var/log/httpd/access_log; samples=site_wi ... show more [ns41.kdns.gr] httpd-login-spray-site: sites=global; logs=/var/log/httpd/access_log; samples=site_wide=true \| distinct_ips=26 \| /wp-login.php show less	Hacking Web App Attack
🇭🇺 bcsaba	2026-06-12 23:32:52 (1 week ago)	CMS (WordPress or Joomla) login attempt. 45.3.52.192 - - [13/Jun/2026:01:32:51 +0200] "POST /wp-logi ... show more CMS (WordPress or Joomla) login attempt. 45.3.52.192 - - [13/Jun/2026:01:32:51 +0200] "POST /wp-login.php HTTP/1.1" 200 3521 "https://REDACTED/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15" show less	Hacking Brute-Force Web App Attack
🇬🇧 spamverify.com	2026-06-12 04:11:26 (1 week ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
Anonymous	2026-06-11 01:20:17 (1 week ago)	Web attack blocked by Wordfence on helenehoenjet.nl (1 hit). Reported by CRMON.	Web App Attack
🇫🇷 pm33	2026-06-10 16:22:02 (1 week ago)	Wordpress login attempts	Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:21 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-24 08:52:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.52.192 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.52.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:52:09.439992 2025] [security2:error] [pid 19286:tid 19286] [client 45.3.52.192:9215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.visco174.com"] [uri "/.git/HEAD"] [unique_id "aSQcubbfXd4TS-Zx-ZiVFAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:08:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.52.192 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.52.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:08:29.824889 2025] [security2:error] [pid 25438:tid 25438] [client 45.3.52.192:33261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.artglass-jerusalem.net"] [uri "/.env"] [unique_id "aSPoTe5aE5arcmcryV1HlQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:49:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.52.192 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.52.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:49:34.410611 2025] [security2:error] [pid 12037:tid 12037] [client 45.3.52.192:51581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.passwordresearch.com"] [uri "/.svn/wc.db"] [unique_id "aSPj3phifXbTQN8fZBZUZgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 14:26:58 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 06:56:58	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 192.109.200.78

🇲🇳 192.82.88.93

🇩🇪 164.90.236.107

🇭🇰 156.245.232.27

🇺🇸 44.203.153.47

🇸🇦 5.163.67.102

🇮🇷 2.180.32.104

🇺🇸 2a04:c300:400::18a

🇰🇷 220.80.223.144

🇭🇰 199.45.154.191

🇧🇷 191.123.95.60

🇧🇷 190.111.187.189

🇦🇷 186.122.177.140

🇺🇸 147.185.132.249

🇳🇱 104.28.165.252

🇩🇪 93.240.38.192

🇵🇱 87.251.64.157

🇨🇦 85.217.149.49

🇮🇪 54.229.164.247

🇧🇷 205.210.31.186