JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.41.171.109

45.41.171.109 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 2%: ?

ISP	HostRoyale LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46516
Hostname(s)	ip-45-41-171-109.fibre.fibrestream.ca
Domain Name	hostroyale.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.41.171.109

Whois 45.41.171.109

IP Abuse Reports for 45.41.171.109:

This IP address has been reported a total of 7 times from 4 distinct sources. 45.41.171.109 was first reported on August 1st 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-25 22:00:03 (1 week ago)	\| A web attack returned code 200 (success).	Web App Attack Hacking SQL Injection
🇺🇸 TPI-Abuse	2026-03-01 20:13:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.41.171.109 (ip-45-41-171-109.fibre.fibrestre ... show more (mod_security) mod_security (id:210492) triggered by 45.41.171.109 (ip-45-41-171-109.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 01 15:11:44.581248 2026] [security2:error] [pid 3623:tid 3736] [client 45.41.171.109:39485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.staging.kettlehill.com"] [uri "/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php"] [unique_id "aaSdgF4WolzQRuAXATJxqAAAAUs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 07:32:52 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 45.41.171.109 (ip-45-41-171-109.fibre.fibrestre ... show more (mod_security) mod_security (id:210492) triggered by 45.41.171.109 (ip-45-41-171-109.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 02:32:44.498113 2026] [security2:error] [pid 17754:tid 17754] [client 45.41.171.109:45665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.nbcnewsradio.com"] [uri "/.env.webmail"] [unique_id "aWnpnFY5Hrua4H3JzSVJvQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 HandyTreff.de	2025-12-20 19:15:08 (5 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -19.325 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -19.325 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0. show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-01 15:24:05 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 45.41.171.109 (ip-45-41-171-109.fibre.fibrestre ... show more (mod_security) mod_security (id:210492) triggered by 45.41.171.109 (ip-45-41-171-109.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 01 11:24:00.123474 2025] [security2:error] [pid 27531:tid 27552] [client 45.41.171.109:43671] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.kettlehill.com"] [uri "/api/.env"] [unique_id "aQYmEH2WO2IkxYJ6zsIW0QAAARM"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 KuhA	2025-09-22 05:19:00 (8 months ago)	"POST /partymgr/control/getJSONuiLabelArray HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-08-01 06:40:09 (10 months ago)	(mod_security) mod_security (id:210730) triggered by 45.41.171.109 (ip-45-41-171-109.fibre.fibrestre ... show more (mod_security) mod_security (id:210730) triggered by 45.41.171.109 (ip-45-41-171-109.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 02:39:58.499785 2025] [security2:error] [pid 3331489:tid 3331593] [client 45.41.171.109:43933] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.staging.kettlehill.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.staging.kettlehill.com"] [uri "/translate.sql"] [unique_id "aIxhPjqSEPOvsBY_LS5ViAAAANU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 223.27.244.146

🇨🇴 190.61.46.179

🇮🇳 182.95.182.138

🇲🇲 103.59.163.133

🇫🇷 77.148.166.29

🇺🇸 64.94.153.220

🇨🇦 57.134.215.133

🇹🇭 1.20.176.51

🇩🇪 217.255.0.78

🇳🇱 195.178.110.31

🇩🇪 188.34.152.47

🇭🇳 181.78.44.68

🇨🇳 175.0.255.90

🇺🇸 135.148.217.213

🇺🇸 100.53.136.224

🇺🇸 100.48.93.143

🇷🇴 92.118.39.236

🇳🇱 89.38.96.216

🇳🇱 77.83.39.54

🇨🇳 58.209.234.84