JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.39.18.69

45.39.18.69 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 0%: ?

ISP	Subnet Digital LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	subnetdigital.com
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.39.18.69

Whois 45.39.18.69

IP Abuse Reports for 45.39.18.69:

This IP address has been reported a total of 6 times from 3 distinct sources. 45.39.18.69 was first reported on January 15th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-12-29 17:19:27 (5 months ago)	(mod_security) mod_security (id:218420) triggered by 45.39.18.69 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:218420) triggered by 45.39.18.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 12:12:18.350564 2025] [security2:error] [pid 12847:tid 12939] [client 45.39.18.69:49701] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in\|out\|err)\|(in\|out)put\|fd\|memory\|temp\|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found\|\|ftp.kettlehill.net\|F\|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "ftp.kettlehill.net"] [uri "/cgi-bin/php.exe"] [unique_id "aVK2cqLrABXCW5a44Sq-PAAAAZc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ps-center	2025-11-21 04:15:28 (6 months ago)	SS5: Web Attack HEAD /wp-login.php	Web Spam Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 09:49:04 (7 months ago)	(mod_security) mod_security (id:211190) triggered by 45.39.18.69 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:211190) triggered by 45.39.18.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 04:48:51.317269 2025] [security2:error] [pid 19270:tid 19270] [client 45.39.18.69:57449] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /ACSServer/DownloadFileServlet?show_file_name=../../../../../../etc/passwd&type=uploadfile&path=anything"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/ACSServer/DownloadFileServlet"] [unique_id "aRWpg1l2RZ8-TtXGOfEZNgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:10:57 (10 months ago)	(mod_security) mod_security (id:212620) triggered by 45.39.18.69 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:212620) triggered by 45.39.18.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:10:27.082494 2025] [security2:error] [pid 146057:tid 146130] [client 45.39.18.69:37193] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|ftp.kettlehill.com\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /?rsd=</script><script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "ftp.kettlehill.com"] [uri "/"] [unique_id "aIVucwtdUXc7wYRdaLO4fgAAAYQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 23:35:07 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 45.39.18.69 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.39.18.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 19:35:00.288893 2025] [security2:error] [pid 3763611:tid 3763611] [client 45.39.18.69:45777] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.farmers123.com"] [uri "/css../.git/config"] [unique_id "aDjvJCa21SOARRw-DSbugQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-15 02:40:21 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.39

🇹🇼 198.235.24.59

🇸🇬 172.217.97.30

🇸🇬 139.59.104.66

🇨🇳 125.124.175.173

🇺🇸 107.172.183.246

🇳🇬 102.88.21.136

🇷🇺 83.239.158.174

🇷🇴 80.94.92.130

🇺🇸 68.235.62.179

🇺🇸 64.62.197.61

🇭🇳 45.170.32.77

🇪🇬 41.128.181.199

🇺🇸 34.74.45.70

🇺🇸 8.231.44.57

🇨🇳 218.21.37.250

🇮🇳 167.71.239.213

🇯🇵 64.176.38.237

🇨🇳 60.166.159.224

🇮🇩 36.93.70.58