JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.39.13.163

45.39.13.163 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 4%: ?

ISP	Subnet Digital LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	subnetdigital.com
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.39.13.163

Whois 45.39.13.163

IP Abuse Reports for 45.39.13.163:

This IP address has been reported a total of 8 times from 4 distinct sources. 45.39.13.163 was first reported on February 28th 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 bigorre.org	2026-06-21 16:18:53 (4 days ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇺🇸 TPI-Abuse	2026-01-17 06:30:09 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.39.13.163 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.39.13.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 01:30:00.611776 2026] [security2:error] [pid 23621:tid 23621] [client 45.39.13.163:46569] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.env.bak"] [unique_id "aWssaAD8fxwpTOkbllXbBAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 19:11:09 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 45.39.13.163 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.39.13.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 14:10:37.920690 2025] [security2:error] [pid 22842:tid 23020] [client 45.39.13.163:56469] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.kettlehill.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.kettlehill.com"] [uri "/translate.sql"] [unique_id "aVLSLVKoonkfA7MmLZcaHgAAARE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 08:57:34 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 45.39.13.163 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.39.13.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 03:56:56.064397 2025] [security2:error] [pid 25454:tid 25454] [client 45.39.13.163:60125] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/wp-config.php.inc"] [unique_id "aRWdWC6nhv9ErCApwxWkzgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:10:16 (10 months ago)	(mod_security) mod_security (id:210730) triggered by 45.39.13.163 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.39.13.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:09:37.247682 2025] [security2:error] [pid 146057:tid 146131] [client 45.39.13.163:50217] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.net\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.net"] [uri "/404.php.bak"] [unique_id "aIVuQQtdUXc7wYRdaLO1vgAAAYU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 01:00:39 (1 year ago)	(mod_security) mod_security (id:221260) triggered by 45.39.13.163 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:221260) triggered by 45.39.13.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 21:00:33.197719 2025] [security2:error] [pid 3873047:tid 3873047] [client 45.39.13.163:43453] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|webmail.farmers123.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.farmers123.com"] [uri "/cgi-bin/test"] [unique_id "aDkDMQDGIOciXN9cpmdLXAAAAAA"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-03-29 09:07:32 (1 year ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
Anonymous	2025-02-28 01:40:08 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.139

🇸🇬 208.109.13.31

🇵🇱 194.180.49.219

🇵🇱 185.79.139.16

🇮🇳 103.121.119.25

🇫🇷 92.205.50.247

🇫🇷 85.217.140.52

🇮🇷 2.188.35.66

🇧🇷 205.210.31.156

🇦🇷 186.148.80.186

🇰🇷 112.216.129.27

🇵🇱 94.154.31.74

🇫🇷 91.231.89.206

🇫🇷 91.231.89.203

🇫🇷 85.217.140.33

🇺🇸 64.251.13.157

🇷🇺 46.29.165.183

🇺🇸 136.107.177.49

🇺🇸 135.119.112.132

🇮🇳 122.185.146.166