JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.3.54.185

45.3.54.185 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.3.54.185

Whois 45.3.54.185

IP Abuse Reports for 45.3.54.185:

This IP address has been reported a total of 17 times from 7 distinct sources. 45.3.54.185 was first reported on November 4th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-08 06:49:10 (4 weeks ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-01-05 20:32:18 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇮🇹 VHosting	2026-01-02 12:35:13 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇨🇭 backslash	2025-12-30 12:40:17 (5 months ago)	block ruleset 486D2EE5E731CC049D1E480D68D04DFFE28AADF1	Bad Web Bot
🇳🇱 homeshowdomain.nl	2025-11-25 23:00:53 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-25	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-25 07:00:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:59:56.708389 2025] [security2:error] [pid 15857:tid 15857] [client 45.3.54.185:31329] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.amybeam.info"] [uri "/.svn/wc.db"] [unique_id "aSVT7BFweUM6S9Yh_XuYWAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:36:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:35:55.601876 2025] [security2:error] [pid 27695:tid 27695] [client 45.3.54.185:44677] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.meghanmack.com"] [uri "/.env"] [unique_id "aSVOS4areZxfmCyW4cs8oQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:15:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:15:08.877106 2025] [security2:error] [pid 1647141:tid 1647221] [client 45.3.54.185:19317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "colinarchibald.com"] [uri "/.svn/wc.db"] [unique_id "aSUDHNffCdpZ5cNrCNdMawAAAVA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:36:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:36:01.376588 2025] [security2:error] [pid 29753:tid 29753] [client 45.3.54.185:38837] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.publicdomainphotosharing.com"] [uri "/.svn/wc.db"] [unique_id "aSQK4VND8Qb-catayTCC2QAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:56:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:56:34.248363 2025] [security2:error] [pid 21237:tid 21237] [client 45.3.54.185:60223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.vicsflooring.com"] [uri "/.svn/wc.db"] [unique_id "aSPlgpB6MdtLhnoSs3iHUwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-04 13:42:50 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 04 08:42:46.341353 2025] [security2:error] [pid 8176:tid 8176] [client 45.3.54.185:56351] [client 45.3.54.185] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|dualspiralsystems.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dualspiralsystems.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z6IZVrELa5_c3BpuPrnxLgAAAAc"], referer: https://dualspiralsystems.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-01-07 13:18:35 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 07 08:18:30.233722 2025] [security2:error] [pid 1902750:tid 1902750] [client 45.3.54.185:42433] [client 45.3.54.185] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|massivepro.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "massivepro.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z30ppt3p5OI8o38-l_VPngAAAAU"], referer: https://massivepro.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-01-02 05:41:02 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 02 00:40:55.495900 2025] [security2:error] [pid 7113:tid 7113] [client 45.3.54.185:55983] [client 45.3.54.185] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ohnosound.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ohnosound.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z3Ym5zZ1fk489qcS-x37cwAAAA4"], referer: https://ohnosound.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-12-03 01:00:40 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 45.3.54.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 20:00:34.556452 2024] [security2:error] [pid 26774:tid 26860] [client 45.3.54.185:51397] [client 45.3.54.185] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|earthtravel.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "earthtravel.net"] [uri "/wp-json/wp/v2/users"] [unique_id "Z05YMl2DZemoJ_63vrZOGwAAAQA"], referer: https://earthtravel.net show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 PulseServers	2024-11-10 00:51:05 (1 year ago)	Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com ... show more Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com - ISUS1 ... show less	DDoS Attack Exploited Host

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 180.71.9.31

🇰🇷 175.195.231.106

🇫🇮 147.185.133.41

🇨🇳 116.179.32.234

🇸🇪 93.158.91.33

🇳🇱 89.125.154.188

🇸🇪 82.196.106.164

🇺🇸 64.62.156.200

🇮🇳 49.248.223.6

🇬🇧 31.14.254.31

🇹🇼 198.235.24.100

🇺🇾 167.61.141.62

🇬🇧 87.74.80.204

🇸🇪 77.53.193.47

🇺🇸 72.167.50.103

🇺🇸 64.62.156.24

🇭🇰 47.86.232.51

🇷🇺 46.160.165.239

🇳🇱 45.148.10.141

🇸🇬 43.106.90.118