JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.6.121.112

154.6.121.112 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 27%: ?

27%

ISP	Cogent Communications, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS64286
Domain Name	cogentco.com
Country	🇺🇸 United States of America
City	Edison, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.6.121.112

Whois 154.6.121.112

IP Abuse Reports for 154.6.121.112:

This IP address has been reported a total of 7 times from 4 distinct sources. 154.6.121.112 was first reported on May 27th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-28 21:59:41 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-27. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-05-28 00:17:02 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 154.6.121.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 154.6.121.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 20:16:55.595727 2026] [security2:error] [pid 20584:tid 20584] [client 154.6.121.112:43591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.springbrookconstruction.mordesign1.com"] [uri "/.env.backup"] [unique_id "aheJd4viCAk1hocdNIr5xQAAAC8"], referer: https://www.google.com/search?q=www.springbrookconstruction.mordesign1.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 OceanTreasure	2026-05-27 20:35:17 (1 week ago)	tcp/443; WordPress config credential harvesting: "GET /wp-config.php~" @ 2026-05-27T20:34:22Z [proxy ... show more tcp/443; WordPress config credential harvesting: "GET /wp-config.php~" @ 2026-05-27T20:34:22Z [proxy] show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 18:40:57 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 154.6.121.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 154.6.121.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 14:40:48.722873 2026] [security2:error] [pid 28133:tid 28275] [client 154.6.121.112:57863] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|2291106.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "2291106.com"] [uri "/db_backup.sql"] [unique_id "ahc6sBiis3WlvLWuWYvB3gAAARg"], referer: https://www.google.com/search?q=2291106.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:57:29 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 154.6.121.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 154.6.121.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:57:08.705005 2026] [security2:error] [pid 17731:tid 17731] [client 154.6.121.112:49959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.brunerdevelopment.littlehorndesign.com"] [uri "/.env.production"] [unique_id "ahZBZOCLH2QdtFEPfZgzewAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 HandyTreff.de	2026-05-27 00:57:26 (1 week ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -47.986 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -47.986 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0. show less	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-27 00:25:01 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 154.6.121.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 154.6.121.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:24:53.591513 2026] [security2:error] [pid 15065:tid 15065] [client 154.6.121.112:55691] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kingdomofgodbooks.halotoys.com"] [uri "/.env.dev"] [unique_id "ahY51VPfM83dVElrHehiewAAAAo"], referer: https://www.google.com/search?q=www.kingdomofgodbooks.halotoys.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 206.85.11.75

🇺🇸 205.210.31.57

🇬🇧 193.32.209.254

🇲🇽 186.96.145.241

🇯🇵 103.27.132.56

🇧🇬 79.124.40.130

🇺🇸 71.229.1.186

🇺🇸 66.132.186.218

🇺🇸 64.62.156.121

🇵🇰 45.194.15.68

🇧🇪 34.22.232.215

🇨🇳 218.21.243.58

🇧🇷 205.210.31.202

🇺🇸 192.185.4.137

🇺🇸 107.115.151.94

🇻🇳 103.200.25.79

🇳🇱 89.21.67.155

🇺🇸 45.8.19.56

🇮🇳 43.228.166.225

🇺🇸 35.252.196.231