JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.61.97.3

45.61.97.3 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	HostRoyale LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46516
Hostname(s)	ip-45-61-97-3.fibre.fibrestream.ca
Domain Name	hostroyale.com
Country	🇺🇸 United States of America
City	Leesburg, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.61.97.3

Whois 45.61.97.3

IP Abuse Reports for 45.61.97.3:

This IP address has been reported a total of 9 times from 3 distinct sources. 45.61.97.3 was first reported on January 25th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 18:17:11 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 45.61.97.3 (ip-45-61-97-3.fibre.fibrestream.ca) ... show more (mod_security) mod_security (id:210492) triggered by 45.61.97.3 (ip-45-61-97-3.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 13:17:06.892915 2026] [security2:error] [pid 14560:tid 14560] [client 45.61.97.3:42983] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/wp-config.php.inc"] [unique_id "aWvSIiIlHck9yFmS491zeQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 18:42:27 (5 months ago)	(mod_security) mod_security (id:212620) triggered by 45.61.97.3 (ip-45-61-97-3.fibre.fibrestream.ca) ... show more (mod_security) mod_security (id:212620) triggered by 45.61.97.3 (ip-45-61-97-3.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 13:42:14.465884 2025] [security2:error] [pid 22841:tid 23033] [client 45.61.97.3:59941] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|ftp.kettlehill.net\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /?s=\\x22/></script><script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "ftp.kettlehill.net"] [uri "/"] [unique_id "aVLLhrvqJPp5jxktaSFt1wAAANM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-12 04:04:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.61.97.3 (ip-45-61-97-3.fibre.fibrestream.ca) ... show more (mod_security) mod_security (id:210492) triggered by 45.61.97.3 (ip-45-61-97-3.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 23:04:23.910521 2025] [security2:error] [pid 10351:tid 10351] [client 45.61.97.3:48417] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.nbcnewsradio.com"] [uri "/api/.env"] [unique_id "aRQHR9w0fMi-xzEtazBjYgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 RoboSOC	2025-10-16 12:30:44 (7 months ago)	vBulletin Remote Code Execution Vulnerability, PTR: ip-45-61-97-3.fibre.fibrestream.ca.	Hacking
🇺🇸 TPI-Abuse	2025-10-01 14:51:55 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 45.61.97.3 (ip-45-61-97-3.fibre.fibrestream.ca) ... show more (mod_security) mod_security (id:210730) triggered by 45.61.97.3 (ip-45-61-97-3.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 10:51:48.155907 2025] [security2:error] [pid 21347:tid 21373] [client 45.61.97.3:52151] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.kettlehill.net\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.kettlehill.net"] [uri "/dbdump.sql"] [unique_id "aN1ABDQa5dHzoOSVGKqDFQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:08:26 (10 months ago)	(mod_security) mod_security (id:211070) triggered by 45.61.97.3 (ip-45-61-97-3.fibre.fibrestream.ca) ... show more (mod_security) mod_security (id:211070) triggered by 45.61.97.3 (ip-45-61-97-3.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:08:17.994216 2025] [security2:error] [pid 24709:tid 24791] [client 45.61.97.3:47547] ModSecurity: Access denied with code 403 (phase 1). Pattern match "," at REQUEST_HEADERS:Transfer-Encoding. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "38"] [id "211070"] [rev "1"] [msg "COMODO WAF: HTTP Request Smuggling Attack.\|\|autoconfig.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autoconfig.kettlehill.com"] [uri "/tmui/login.jsp"] [unique_id "aIVt8SLBaxayrfPM3JFRtQAAAFc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 17:27:02 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 45.61.97.3 (ip-45-61-97-3.fibre.fibrestream.ca) ... show more (mod_security) mod_security (id:210492) triggered by 45.61.97.3 (ip-45-61-97-3.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 13:26:53.604777 2025] [security2:error] [pid 3072330:tid 3072330] [client 45.61.97.3:33913] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.farmers123.com"] [uri "/wp-config.old"] [unique_id "aDiY3Q6bWJCjAbBITA8qhQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-28 21:29:38 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 45.61.97.3 (ip-45-61-97-3.fibre.fibrestream.ca) ... show more (mod_security) mod_security (id:211190) triggered by 45.61.97.3 (ip-45-61-97-3.fibre.fibrestream.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 28 16:28:45.362797 2025] [security2:error] [pid 11867:tid 12061] [client 45.61.97.3:47981] [client 45.61.97.3] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|kettlehill.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /cgi-bin/weblogin.cgi?username=admin';cat+/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.kettlehill.com"] [uri "/cgi-bin/weblogin.cgi"] [unique_id "Z8IqjVMZUudEhjfC40ZzuQAAAcE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-25 01:10:37 (1 year ago)	\| XSS (Cross Site Scripting) attempt.	Hacking SQL Injection Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.199.177.80

🇺🇸 192.3.196.157

🇧🇷 186.251.71.202

🇻🇳 160.191.54.23

🇮🇳 152.52.236.122

🇺🇸 104.28.233.73

🇧🇬 78.128.112.30

🇺🇸 66.132.172.128

🇺🇸 34.85.162.143

🇺🇸 34.44.152.124

🇺🇸 20.65.195.41

🇩🇪 213.209.159.231

🇸🇬 198.46.219.50

🇺🇸 195.184.76.204

🇮🇳 157.49.149.133

🇺🇸 152.32.234.120

🇬🇧 135.136.20.24

🇨🇳 125.41.196.240

🇺🇸 64.62.156.56

🇰🇷 34.50.8.3