JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.61.100.152

45.61.100.152 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 4%: ?

ISP	HostRoyale LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46516
Hostname(s)	ip-45-61-100-152.fibre.fibrestream.ca
Domain Name	hostroyale.com
Country	🇺🇸 United States of America
City	Floris, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.61.100.152

Whois 45.61.100.152

IP Abuse Reports for 45.61.100.152:

This IP address has been reported a total of 11 times from 3 distinct sources. 45.61.100.152 was first reported on November 27th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-01 01:55:57 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 45.61.100.152 (ip-45-61-100-152.fibre.fibrestre ... show more (mod_security) mod_security (id:210730) triggered by 45.61.100.152 (ip-45-61-100-152.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 21:55:14.776755 2026] [security2:error] [pid 6157:tid 6308] [client 45.61.100.152:48357] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.kettlehill.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.kettlehill.com"] [uri "/ftp.db"] [unique_id "ahzmgkvrUrV4Mon8bBqlqQAAAcs"], referer: http://ftp.kettlehill.com/ftp.db show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-08 20:57:27 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 45.61.100.152 (ip-45-61-100-152.fibre.fibrestre ... show more (mod_security) mod_security (id:210492) triggered by 45.61.100.152 (ip-45-61-100-152.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 16:57:22.766390 2026] [security2:error] [pid 111808:tid 111808] [client 45.61.100.152:34987] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.nbcnewsradio.com"] [uri "/.env.dev"] [unique_id "adbBMqrqJVIfMwb9Y8bGCgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 12:02:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 45.61.100.152 (ip-45-61-100-152.fibre.fibrestre ... show more (mod_security) mod_security (id:210492) triggered by 45.61.100.152 (ip-45-61-100-152.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 07:02:29.487378 2026] [security2:error] [pid 483:tid 668] [client 45.61.100.152:33185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kettlehill.net"] [uri "/_.htaccess"] [unique_id "aX9A1QMxl-cQ0UzvOvSSgwAAAFY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 13:47:48 (4 months ago)	(mod_security) mod_security (id:221260) triggered by 45.61.100.152 (ip-45-61-100-152.fibre.fibrestre ... show more (mod_security) mod_security (id:221260) triggered by 45.61.100.152 (ip-45-61-100-152.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 08:47:45.513694 2026] [security2:error] [pid 11460:tid 11460] [client 45.61.100.152:34945] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|autodiscover.nbcnewsradio.com:443\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.nbcnewsradio.com"] [uri "/cgi-bin/test-cgi"] [unique_id "aWuTAZc8ty6eRVGWUtDp-wAAABc"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 05:46:40 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 45.61.100.152 (ip-45-61-100-152.fibre.fibrestre ... show more (mod_security) mod_security (id:210730) triggered by 45.61.100.152 (ip-45-61-100-152.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 00:46:06.862246 2025] [security2:error] [pid 31256:tid 31277] [client 45.61.100.152:44775] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.com"] [uri "/translate.sql"] [unique_id "aS0rnm28JkE_f6YcP87sHAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-17 12:14:00 (6 months ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-11-12 19:28:55 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 45.61.100.152 (ip-45-61-100-152.fibre.fibrestre ... show more (mod_security) mod_security (id:210730) triggered by 45.61.100.152 (ip-45-61-100-152.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 12 14:28:48.633224 2025] [security2:error] [pid 20821:tid 20821] [client 45.61.100.152:34645] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.nbcnewsradio.com\|F\|2"] [data ".nbcnewsradio.com.db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.nbcnewsradio.com"] [uri "/www.nbcnewsradio.com.db"] [unique_id "aRTf8E13PHPfLa3VVAOjCAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-12-20 18:23:16 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2024-12-13 11:21:20 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2024-12-05 12:35:51 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2024-11-27 14:43:32 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 207.56.225.202

🇧🇷 200.108.174.4

🇹🇼 198.235.24.87

🇷🇴 193.32.162.13

🇸🇪 185.213.24.40

🇨🇳 123.133.67.2

🇦🇺 74.91.200.217

🇹🇭 61.90.27.244

🇮🇳 203.192.247.84

🇨🇳 183.228.208.235

🇮🇩 182.8.129.150

🇩🇪 176.65.132.24

🇨🇳 115.150.168.91

🇧🇷 45.165.238.2

🇳🇱 45.148.10.152

🇧🇷 191.189.174.174

🇸🇪 155.4.244.169

🇺🇸 148.153.56.170

🇺🇸 135.119.112.115

🇨🇳 124.70.28.114