JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.61.97.217

45.61.97.217 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	HostRoyale LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46516
Hostname(s)	ip-45-61-97-217.fibre.fibrestream.ca
Domain Name	hostroyale.com
Country	🇺🇸 United States of America
City	Leesburg, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.61.97.217

Whois 45.61.97.217

IP Abuse Reports for 45.61.97.217:

This IP address has been reported a total of 9 times from 5 distinct sources. 45.61.97.217 was first reported on February 12th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 gnom4ik	2026-02-22 09:20:09 (3 months ago)	ban-reviewer auto report; ip=45.61.97.217; scenario=http:scan; verdict=valid_ban; confidence=0.85; c ... show more ban-reviewer auto report; ip=45.61.97.217; scenario=http:scan; verdict=valid_ban; confidence=0.85; categories=14,15,18,22; active_decisions=1; lookback_decisions=1; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=IP flagged for 'http:scan' scenario; Decision is a ban with duration of 8400 minutes (5 days); AbuseIPDB categories include Port Scan (14), Hacking (15), Brute-Force (18), SSH (22) - all relevant to scan/exploit patterns show less	Port Scan Hacking Brute-Force SSH
🇺🇸 TPI-Abuse	2026-01-22 09:59:06 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 45.61.97.217 (ip-45-61-97-217.fibre.fibrestream ... show more (mod_security) mod_security (id:225170) triggered by 45.61.97.217 (ip-45-61-97-217.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 04:58:58.441829 2026] [security2:error] [pid 29852:tid 29852] [client 45.61.97.217:39337] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|brazilianbottom.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "brazilianbottom.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXH04kSH0y0Z1wRQxVX5WgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 Jim Keir	2026-01-12 11:18:21 (4 months ago)	2026-01-12 11:18:20 45.61.97.217 File scanning, blocking 45.61.97.217 for 5 minutes	Web App Attack
🇮🇪 Jim Keir	2025-11-21 02:09:01 (6 months ago)	2025-11-21 02:09:00 45.61.97.217 File scanning, blocking 45.61.97.217 for 5 minutes	Web App Attack
🇬🇧 SecondEdge	2025-08-26 16:12:31 (9 months ago)	A web attack was detected from 45.61.97.217 (Canada / Ontario / Toronto) against 52.215.230.232 (Git ... show more A web attack was detected from 45.61.97.217 (Canada / Ontario / Toronto) against 52.215.230.232 (Git Variable Scan). show less	Web App Attack
🇺🇸 FireballDWF	2025-08-18 15:15:16 (9 months ago)	404 NOT FOUND	Web App Attack
🇺🇸 FireballDWF	2025-08-03 20:50:07 (10 months ago)	404 NOT FOUND	Web App Attack
🇺🇸 TPI-Abuse	2025-07-04 23:33:41 (11 months ago)	(mod_security) mod_security (id:225170) triggered by 45.61.97.217 (ip-45-61-97-217.fibre.fibrestream ... show more (mod_security) mod_security (id:225170) triggered by 45.61.97.217 (ip-45-61-97-217.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 04 19:33:38.214629 2025] [security2:error] [pid 8972:tid 8972] [client 45.61.97.217:52407] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.goglobex.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.goglobex.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aGhk0nMXLU1aOwcefkcPaAAAAAA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-02-12 07:13:04 (2 years ago)	(mod_security) mod_security (id:225170) triggered by 45.61.97.217 (ip-45-61-97-217.fibre.fibrestream ... show more (mod_security) mod_security (id:225170) triggered by 45.61.97.217 (ip-45-61-97-217.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 12 02:12:53.532102 2024] [security2:error] [pid 1708] [client 45.61.97.217:35165] [client 45.61.97.217] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|russiacoin.timelord2067.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "russiacoin.timelord2067.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZcnE9U5hRcAKpOqSAcH2igAAABM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 2a09:bac5:398e:16dc::247:71

🇧🇷 201.16.238.49

🇨🇱 200.89.69.247

🇺🇸 103.143.231.2

🇬🇧 81.98.60.94

🇳🇱 81.19.216.95

🇺🇸 74.82.47.4

🇺🇸 195.184.76.73

🇵🇰 175.107.212.45

🇭🇰 134.122.190.28

🇺🇸 132.148.73.100

🇮🇳 125.19.195.66

🇮🇳 103.149.154.141

🇮🇩 103.142.89.234

🇮🇩 103.139.193.187

🇺🇸 66.240.223.208

🇮🇪 63.35.126.25

🇨🇳 59.60.100.158

🇸🇳 41.208.189.78

🇧🇪 35.195.84.252