JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.56.173.143

45.56.173.143 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 0%: ?

ISP	Web2Objects LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62874
Domain Name	web2objects.com
Country	🇺🇸 United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.56.173.143

Whois 45.56.173.143

IP Abuse Reports for 45.56.173.143:

This IP address has been reported a total of 12 times from 3 distinct sources. 45.56.173.143 was first reported on April 21st 2023, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 madaello	2026-03-06 16:10:33 (3 months ago)	[Fri Mar 06 17:10:33.377919 2026] [ssl:error] [pid 2109943:tid 2109943] [client 45.56.173.143:53715] ... show more [Fri Mar 06 17:10:33.377919 2026] [ssl:error] [pid 2109943:tid 2109943] [client 45.56.173.143:53715] AH02032: Hostname www.imperatrice.to.it provided via SNI and hostname 93.55.83.202 provided via HTTP have no compatible SSL setup for policy 'secure' ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-01-17 14:43:59 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 09:43:54.963060 2026] [security2:error] [pid 4679:tid 4679] [client 45.56.173.143:52863] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/example.htaccess"] [unique_id "aWugKoGQQp8J8Myg4GeAEAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 20:59:16 (5 months ago)	(mod_security) mod_security (id:221260) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:221260) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 15:58:34.480634 2025] [security2:error] [pid 21770:tid 21779] [client 45.56.173.143:34249] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|whm.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.kettlehill.com"] [uri "/cgi-bin/status/status.cgi"] [unique_id "aVLreu1IUNfWG5lsn0G3xwAAAYY"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 05:47:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 00:46:47.786870 2025] [security2:error] [pid 31256:tid 31280] [client 45.56.173.143:36503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.net"] [uri "/wp-config.php.bak"] [unique_id "aS0rx228JkE_f6YcP87sYgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 10:27:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 05:26:58.596621 2025] [security2:error] [pid 32259:tid 32259] [client 45.56.173.143:39655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aRWychvDzK3aEUVKwzjCcQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 16:42:18 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 12:42:10.312992 2025] [security2:error] [pid 30109:tid 30133] [client 45.56.173.143:58835] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.kettlehill.net"] [uri "/.git/config"] [unique_id "aN1Z4pmcYLK3QOnvb--FQwAAAZE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 02:44:01 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 22:43:58.026377 2025] [security2:error] [pid 872117:tid 872256] [client 45.56.173.143:42377] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.staging.kettlehill.com"] [uri "/.env.backup"] [unique_id "aIWSbn4Thc83i_H3CwXqsQAAApM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 21:38:14 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 17:38:08.379516 2025] [security2:error] [pid 3570310:tid 3570310] [client 45.56.173.143:42421] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.farmers123.com"] [uri "/api/.env"] [unique_id "aDjTwLSDAmIPe6nJ2oKLuwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-04 08:37:48 (1 year ago)	(mod_security) mod_security (id:240950) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240950) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 04 04:37:41.288841 2025] [security2:error] [pid 3755576:tid 3755576] [client 45.56.173.143:35707] [client 45.56.173.143] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)\|\|cpanel.nbcnewsradio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cpanel.nbcnewsradio.com"] [uri "/jira/secure/QueryComponentRendererValue!Default.jspa"] [unique_id "aBcnVSrMu8y9zw3hKAqsUQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-19 05:29:44 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 19 01:29:14.973476 2025] [security2:error] [pid 22650:tid 22668] [client 45.56.173.143:57127] [client 45.56.173.143] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.blog.spinningdesigns.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "blog.spinningdesigns.com"] [uri "/...\\\\...\\\\...\\\\...\\\\...\\\\...\\\\...\\\\...\\\\...\\\\windows\\\\win.ini"] [unique_id "aAM0qsLYwl69KqC_78icOwAAAE8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-27 15:02:34 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.56.173.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 27 10:00:34.763967 2025] [security2:error] [pid 27303:tid 27386] [client 45.56.173.143:47679] [client 45.56.173.143] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.com"] [uri "/errors/errors.log"] [unique_id "Z8B-ElqvcS75O-zsMlKkOQAAAUM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Dorian GRANDHAY	2023-04-21 07:25:22 (3 years ago)	45.56.173.143 (US/United States/-), 5 distributed cpanel attacks on account [-] in the last 3600 sec ... show more 45.56.173.143 (US/United States/-), 5 distributed cpanel attacks on account [-] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: [2023-04-21 09:13:57 +0200] info [webmaild] 45.56.173.143 - - "POST /mgmt/tm/util/bash HTTP/1.1" FAILED LOGIN webmaild: user name not provided or invalid user [2023-04-21 09:25:18 +0200] info [whostmgrd] 45.158.185.195 - - "POST /mgmt/shared/authn/login HTTP/1.1" FAILED LOGIN whostmgrd: user name not provided or invalid user [2023-04-21 09:25:20 +0200] info [whostmgrd] 45.192.141.212 - - "POST /mgmt/tm/util/bash HTTP/1.1" FAILED LOGIN whostmgrd: user name not provided or invalid user [2023-04-21 08:54:52 +0200] info [cpaneld] 45.134.184.16 - - "GET /server/ HTTP/1.1" FAILED LOGIN cpaneld: user name not provided or invalid user [2023-04-21 09:14:05 +0200] info [webmaild] 192.186.151.135 - - "POST /mgmt/shared/authn/login HTTP/1.1" FAILED LOGIN webmaild: user name not provided or invalid user IP Addresses Blocked: show less	Port Scan

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 2001:448a:408b:341b:703b:c0db:6045:f9a0

🇺🇸 172.253.86.123

🇺🇸 147.185.132.237

🇨🇳 115.190.171.196

🇺🇸 98.248.218.102

🇧🇬 79.124.49.226

🇺🇸 75.80.65.214

🇷🇺 46.236.189.245

🇧🇷 2804:14c:189:85a7:dda7:bd5a:d3b3:ad03

🇰🇷 211.223.107.86

🇫🇷 207.180.226.249

🇺🇸 165.22.34.238

🇺🇸 107.175.186.44

🇲🇦 105.190.115.34

🇧🇪 104.155.29.73

🇺🇸 66.228.32.88

🇺🇸 216.73.217.32

🇸🇬 194.5.82.122

🇧🇷 152.237.208.37

🇮🇳 103.117.12.77