JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.39.5.250

45.39.5.250 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 11%: ?

11%

ISP	Subnet Digital LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	subnetdigital.com
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.39.5.250

Whois 45.39.5.250

IP Abuse Reports for 45.39.5.250:

This IP address has been reported a total of 8 times from 4 distinct sources. 45.39.5.250 was first reported on August 31st 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Blue Pumpkin	2026-06-16 23:28:28 (1 week ago)	45.39.5.250 - - [16/Jun/2026:23:28:25 +0000] "GET /component/comprofiler/userprofile/SpookyBabe HTTP ... show more 45.39.5.250 - - [16/Jun/2026:23:28:25 +0000] "GET /component/comprofiler/userprofile/SpookyBabe HTTP/1.1" 200 11305 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-05-29 02:57:09 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 45.39.5.250 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 45.39.5.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 22:57:04.712046 2026] [security2:error] [pid 6823:tid 6823] [client 45.39.5.250:42245] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|badgerkelley.com\|F\|2"] [data ".php\|[email protected]"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "badgerkelley.com"] [uri "/wp-login.php\|[email protected]"] [unique_id "ahkAgHd-XvvWofSokm5drAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 15:21:00 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.39.5.250 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.39.5.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 10:20:54.734646 2026] [security2:error] [pid 5679:tid 5679] [client 45.39.5.250:50511] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/events../.git/config"] [unique_id "aWuo1gtatsWxXJNBikTMXQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 00:00:49 (6 months ago)	(mod_security) mod_security (id:221260) triggered by 45.39.5.250 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:221260) triggered by 45.39.5.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 19:00:32.084536 2025] [security2:error] [pid 29838:tid 29889] [client 45.39.5.250:56619] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|www.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.com"] [uri "/"] [unique_id "aSjmIKk7pKGM4pFjt3oxBQAAAMk"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 14:25:19 (7 months ago)	(mod_security) mod_security (id:210580) triggered by 45.39.5.250 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210580) triggered by 45.39.5.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 09:25:12.551172 2025] [security2:error] [pid 11035:tid 11035] [client 45.39.5.250:52059] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:style. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: etc/passwd found within ARGS:style: ../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "ftp.nbcnewsradio.com"] [uri "/webmail/calendar/minimizer/index.php"] [unique_id "aRXqSMD4840YIgj7igJIBQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 RoboSOC	2025-10-16 12:31:43 (8 months ago)	Apache Struts2 OGNL Expression Handling Script Injection Vulnerability, PTR: PTR record not found	Hacking
Anonymous	2025-09-01 16:30:04 (9 months ago)	\| A web attack returned code 200 (success).	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-08-31 03:31:32 (9 months ago)	(mod_security) mod_security (id:211190) triggered by 45.39.5.250 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:211190) triggered by 45.39.5.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 30 23:31:26.204069 2025] [security2:error] [pid 2607833:tid 2607847] [client 45.39.5.250:44947] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /cgi-bin/mj_wwwusr?passw&list=GLOBAL&user&func=help&extra=/../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.com"] [uri "/cgi-bin/mj_wwwusr"] [unique_id "aLPCDqijlFFRfeDleSJWEwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 194.88.98.126

🇺🇦 217.20.165.253

🇦🇺 172.217.33.30

🇺🇸 172.67.164.170

🇫🇮 147.185.133.41

🇺🇸 72.217.6.103

🇺🇸 64.62.197.198

🇫🇷 51.83.10.147

🇳🇱 45.8.17.28

🇰🇷 14.63.198.239

🇳🇱 185.99.99.95

🇳🇱 176.65.139.236

🇲🇾 173.239.236.120

🇺🇸 107.167.34.125

🇺🇸 71.6.240.109

🇺🇸 44.220.185.86

🇬🇧 195.206.182.199

🇵🇰 119.152.228.183

🇫🇷 85.217.140.16

🇬🇧 45.82.76.133