JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.61.97.156

45.61.97.156 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 0%: ?

ISP	HostRoyale LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46516
Hostname(s)	ip-45-61-97-156.fibre.fibrestream.ca
Domain Name	hostroyale.com
Country	🇺🇸 United States of America
City	Leesburg, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.61.97.156

Whois 45.61.97.156

IP Abuse Reports for 45.61.97.156:

This IP address has been reported a total of 6 times from 4 distinct sources. 45.61.97.156 was first reported on March 20th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 gnom4ik	2026-02-20 23:41:35 (3 months ago)	ban-reviewer auto report; ip=45.61.97.156; scenario=http:scan; verdict=valid_ban; confidence=0.85; c ... show more ban-reviewer auto report; ip=45.61.97.156; scenario=http:scan; verdict=valid_ban; confidence=0.85; categories=14,15,18,22; active_decisions=1; lookback_decisions=1; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=IP flagged for 'http:scan' scenario; Decision is a ban with duration of 7920 minutes (5.5 days); AbuseIPDB categories include Port Scan (14), Hacking (15), Brute-Force (18), SSH (22) which align with scan/exploit patterns show less	Port Scan Hacking Brute-Force SSH
🇺🇸 ne1for23	2026-01-16 14:49:13 (4 months ago)	Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" ... show more Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" resources improperly exposed externally and "protected" only by a lack of external DNS resolution. 45.61.97.156 - - [16/Jan/2026:14:49:12 +0000] "GET /.env HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36" "-" show less	Hacking
🇨🇴 j458rjqwi348fhjq46	2025-08-18 04:03:56 (9 months ago)	Malicious IP detected by WAF with anomaly score 10.0. Attack types: Exposure of environment file (.e ... show more Malicious IP detected by WAF with anomaly score 10.0. Attack types: Exposure of environment file (.env), Timestamp deviates by 1.3 hours, Suspicious short random path (+1 more). Activity: 210 requests to 2 URLs. Time: 2025-08-16 11:34:08 (America/Bogota). Origin: US. Source: Automated WAF log analysis. show less	Hacking Web App Attack
🇨🇴 j458rjqwi348fhjq46	2025-08-03 03:48:17 (10 months ago)	Malicious IP detected by WAF with anomaly score 10.0. Attack types: Suspicious URL detected (extende ... show more Malicious IP detected by WAF with anomaly score 10.0. Attack types: Suspicious URL detected (extended rules), Exposure of environment file (.env), Timestamp deviates by 1.3 hours. Activity: 19 requests to 2 URLs. Period: 2025-08-02 22:40:28 - 2025-08-02 22:40:28 (America/Bogota). Origin: US. Source: Automated WAF log analysis. show less	Hacking Web App Attack
🇻🇳 Xuan Can	2024-03-20 19:00:26 (2 years ago)	(mod_security) mod_security (id:6) triggered by 45.61.97.156 (CA/Canada/ip-45-61-97-156.fibre.fibres ... show more (mod_security) mod_security (id:6) triggered by 45.61.97.156 (CA/Canada/ip-45-61-97-156.fibre.fibrestream.ca): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 21 02:00:16.300013 2024] [security2:error] [pid 35409:tid 47787136657152] [client 45.61.97.156:59935] [client 45.61.97.156] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-login.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "63"] [id "6"] [severity "CRITICAL"] [hostname "kb.pavietnam.vn"] [uri "/wp-login.php"] [unique_id "ZfsyQBnwfrX2xayPjhCGsAAAAVM"], referer: https://kb.pavietnam.vn/ show less	Brute-Force SSH
🇻🇳 Xuan Can	2024-03-20 18:33:25 (2 years ago)	(mod_security) mod_security (id:6) triggered by 45.61.97.156 (CA/Canada/ip-45-61-97-156.fibre.fibres ... show more (mod_security) mod_security (id:6) triggered by 45.61.97.156 (CA/Canada/ip-45-61-97-156.fibre.fibrestream.ca): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 21 01:33:16.897965 2024] [security2:error] [pid 35409:tid 47787098834688] [client 45.61.97.156:53961] [client 45.61.97.156] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-login.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "63"] [id "6"] [severity "CRITICAL"] [hostname "kb.pavietnam.vn"] [uri "/wp-login.php"] [unique_id "Zfsr7BnwfrX2xayPjhCBdAAAAUE"], referer: https://kb.pavietnam.vn/wp-login.php?action=register show less	Brute-Force SSH

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 183.191.30.115

🇦🇫 149.54.62.22

🇺🇸 91.230.168.20

🇭🇰 199.45.154.184

🇨🇦 142.93.145.203

🇻🇳 123.31.18.242

🇯🇴 91.106.108.102

🇵🇹 80.172.227.24

🇷🇴 80.94.95.116

🇺🇸 67.205.181.73

🇺🇸 64.62.156.151

🇭🇰 47.86.234.44

🇰🇷 210.206.24.238

🇺🇸 199.119.65.153

🇻🇳 171.247.166.135

🇱🇹 62.60.130.60

🇺🇸 45.156.129.139

🇳🇱 45.148.10.151

🇨🇳 39.154.12.75

🇺🇸 34.145.177.55