JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.61.100.42

45.61.100.42 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	HostRoyale LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46516
Hostname(s)	ip-45-61-100-42.fibre.fibrestream.ca
Domain Name	hostroyale.com
Country	🇺🇸 United States of America
City	Floris, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.61.100.42

Whois 45.61.100.42

IP Abuse Reports for 45.61.100.42:

This IP address has been reported a total of 16 times from 5 distinct sources. 45.61.100.42 was first reported on November 27th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-07 11:45:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream ... show more (mod_security) mod_security (id:210492) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 07 06:45:29.628903 2026] [security2:error] [pid 26441:tid 26441] [client 45.61.100.42:57231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nbcnewsradio.com"] [uri "/.env.dev"] [unique_id "aYcl2WgJiVpzRGLr9hdCkwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 12:16:34 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream ... show more (mod_security) mod_security (id:210492) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 07:16:29.685356 2026] [security2:error] [pid 483:tid 663] [client 45.61.100.42:48783] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.kettlehill.com"] [uri "/.svn/login.php"] [unique_id "aX9EHQMxl-cQ0UzvOvSXGAAAAFE"], referer: https://kettlehill.kettlehill.com/.svn/login.php show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-03 01:58:35 (6 months ago)	(mod_security) mod_security (id:221260) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream ... show more (mod_security) mod_security (id:221260) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 20:58:30.184035 2025] [security2:error] [pid 1089:tid 1089] [client 45.61.100.42:50233] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|webdisk.farmers123.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.farmers123.com"] [uri "/403.shtml"] [unique_id "aS-ZRkD1K0WGZ82iTeIrFwAAAAw"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-17 11:10:57 (6 months ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-10-28 23:30:53 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream ... show more (mod_security) mod_security (id:210730) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 19:30:49.110817 2025] [security2:error] [pid 14145:tid 14145] [client 45.61.100.42:52809] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|nbcnewsradio.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nbcnewsradio.com"] [uri "/errors/errors.log"] [unique_id "aQFSKdFAVg7JdD6y8FwGhgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 RoboSOC	2025-10-15 00:01:53 (7 months ago)	Microsoft Windows win.ini Access Attempt Detected , PTR: ip-45-61-100-42.fibre.fibrestream.ca.	Hacking
🇺🇸 TPI-Abuse	2025-10-01 14:46:16 (8 months ago)	(mod_security) mod_security (id:211120) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream ... show more (mod_security) mod_security (id:211120) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 10:46:08.974494 2025] [security2:error] [pid 12475:tid 12492] [client 45.61.100.42:35005] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack\|\|ftp.kettlehill.com\|F\|2"] [data "Matched Data: https://example.com/? found within REQUEST_FILENAME: /wp-content/plugins/analytics-insights/tools/oauth2callback.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.com"] [uri "/wp-content/plugins/analytics-insights/tools/oauth2callback.php"] [unique_id "aN0-sGCKjmgjI9kURFKB8AAAAU0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-22 20:49:14 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream ... show more (mod_security) mod_security (id:210492) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 16:49:10.129318 2025] [security2:error] [pid 24038:tid 24038] [client 45.61.100.42:49907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.deandobkin.com"] [uri "/.svn/entries"] [unique_id "aNG2RrTxV2vrdNwsNqyAWQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-08-17 13:05:08 (9 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-08-05 17:45:36 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream ... show more (mod_security) mod_security (id:210492) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 05 13:45:30.475306 2025] [security2:error] [pid 11909:tid 11909] [client 45.61.100.42:53899] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nbcnewsradio.com"] [uri "/.git/config"] [unique_id "aJJDOs5R5L2JpaLCfN1EpAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-01 07:15:48 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream ... show more (mod_security) mod_security (id:210492) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 03:15:44.250481 2025] [security2:error] [pid 3705323:tid 3705348] [client 45.61.100.42:51605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.staging.kettlehill.com"] [uri "/.git/config"] [unique_id "aIxpoFSqWoxQtnj67bcJmAAAAEk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-06-01 06:47:57 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream ... show more (mod_security) mod_security (id:210730) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 02:47:32.577576 2025] [security2:error] [pid 2256139:tid 2256273] [client 45.61.100.42:38239] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.kettlehill.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.kettlehill.com"] [uri "/default.php.bak"] [unique_id "aDv3hHvRuSdZj0PHFrRCPQAAAQ8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-28 21:06:36 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream ... show more (mod_security) mod_security (id:210492) triggered by 45.61.100.42 (ip-45-61-100-42.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 28 17:06:32.690260 2025] [security2:error] [pid 1914897:tid 1914897] [client 45.61.100.42:34439] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "farmers123.com"] [uri "/.htpasswd"] [unique_id "aDd62E0g8hfyqreKTY8TBAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-12-13 12:46:20 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2024-12-04 16:55:38 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.22.143.66

🇺🇸 162.216.150.236

🇺🇸 137.184.217.238

🇪🇸 83.213.159.175

🇸🇬 45.78.202.217

🇷🇺 185.141.76.254

🇩🇪 165.22.82.165

🇩🇪 162.158.111.133

🇺🇸 147.185.132.72

🇿🇦 102.64.43.16

🇩🇪 213.209.159.226

🇺🇸 194.5.52.14

🇷🇴 80.94.92.171

🇺🇸 47.252.118.185

🇸🇬 38.60.198.25

🇬🇧 35.203.211.57

🇩🇪 213.209.159.158

🇧🇪 198.235.24.230

🇺🇸 162.216.150.114

🇵🇰 153.117.9.239