AbuseIPDB » 45.61.97.207
45.61.97.207
This IP was reported 7 times. Confidence of
Abuse
is 0% : ?
ISP
HostRoyale LLC
Usage Type
Data Center/Web Hosting/Transit
ASN
AS46516
Hostname(s)
ip-45-61-97-207.fibre.fibrestream.ca
Domain Name
hostroyale.com
Country
๐บ๐ธ
United States of America
City
Leesburg, Virginia
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 45.61.97.207 :
This IP address has been reported a total of
7
times from
6 distinct
sources.
45.61.97.207 was first reported on
August 10th 2025 , and the most recent report was
1 month ago
Old Reports:
The most recent abuse report for this IP address is from
1 month ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฉ๐ช
knz.dev
2026-04-14 20:11:00
(1 month ago)
Attempted to access sensitive configuration file. Blocked by AWS WAF.
Request: GET /.env HTTP/1.1
...
show more
Attempted to access sensitive configuration file. Blocked by AWS WAF.
Request: GET /.env HTTP/1.1
Rule: AWS#AWSManagedRulesKnownBadInputsRuleSet#ExploitablePaths_URIPATH
show less
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-01-22 09:58:14
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 45.61.97.207 (ip-45-61-97-207.fibre.fibrestream ...
show more
(mod_security) mod_security (id:225170) triggered by 45.61.97.207 (ip-45-61-97-207.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 04:58:10.576332 2026] [security2:error] [pid 24213:tid 24213] [client 45.61.97.207:37271] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||michaelthompson.biz|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "michaelthompson.biz"] [uri "/wp-json/wp/v2/users"] [unique_id "aXH0suqG7liYhKTVDLGolwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
securejdprop
2025-10-11 15:55:25
(7 months ago)
This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET INFO Request to ...
show more
This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET INFO Request to Hidden Environment File - Inbound). Ip 45.61.97.207 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2025-10-11 15:55:23.874272662 +0000 UTC
show less
Web App Attack
๐ฎ๐ช
AutosOnShow
2025-09-27 08:49:05
(8 months ago)
blocked for webapp attack | path requested: /.env | seen at 2025-09-27 08:48:07.477 |
Web App Attack
๐บ๐ธ
FireballDWF
2025-09-15 12:10:09
(8 months ago)
404 NOT FOUND
Web App Attack
๐บ๐ธ
FireballDWF
2025-08-23 06:15:08
(9 months ago)
404 NOT FOUND
Web App Attack
๐จ๐ด
j458rjqwi348fhjq46
2025-08-10 17:46:19
(9 months ago)
Malicious IP detected by WAF with anomaly score 10.0. Attack types: Suspicious URL detected (extende ...
show more
Malicious IP detected by WAF with anomaly score 10.0. Attack types: Suspicious URL detected (extended rules), Exposure of environment file (.env), Suspicious short random path (+1 more). Activity: 126 requests to 4 URLs. Period: 2025-08-10 12:26:45 - 2025-08-10 12:26:45 (America/Bogota). Origin: US. Source: Automated WAF log analysis.
show less
Hacking
Web App Attack
Showing 1 to
7
of 7 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: