JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.6.8.98

154.6.8.98 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 38%: ?

38%

ISP	Cogent Communications, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS64286
Domain Name	cogentco.com
Country	🇺🇸 United States of America
City	Edison, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.6.8.98

Whois 154.6.8.98

IP Abuse Reports for 154.6.8.98:

This IP address has been reported a total of 10 times from 8 distinct sources. 154.6.8.98 was first reported on January 31st 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Vegascosmetics	2026-05-28 21:54:56 (1 week ago)	Kingcopy(AI-IDS): IP is wandering around the site and acting suspiciously.	Bad Web Bot
🇳🇱 homeshowdomain.nl	2026-05-27 22:00:16 (1 week ago)	Auto-ban: >3000 req/min op 2026-05-27	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-05-27 20:44:56 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 154.6.8.98 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 154.6.8.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 16:44:50.063828 2026] [security2:error] [pid 7981:tid 7981] [client 154.6.8.98:58885] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.postseason.michaelpmcgrath.com"] [uri "/.env.backup"] [unique_id "ahdXwsEKxeZLgXCeAkFLQAAAAAg"], referer: https://www.google.com/search?q=www.postseason.michaelpmcgrath.com show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-05-27 14:05:52 (1 week ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 154.6.8.98 (US/United States/-): 1 in ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 154.6.8.98 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇦🇹 René Hickersberger	2026-05-27 02:09:51 (1 week ago)	malicious bot detected: violations="ignored-robots-policy"; user_agent="Mozilla/5.0 AppleWebKit/537. ... show more malicious bot detected: violations="ignored-robots-policy"; user_agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ChatGPT-User/1.0; +https://openai.com/bot)" show less	Bad Web Bot
🇲🇾 Rizzy	2026-05-27 01:02:53 (1 week ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:21:21 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 154.6.8.98 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 154.6.8.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:21:11.788225 2026] [security2:error] [pid 20347:tid 20347] [client 154.6.8.98:46571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theprideproject.net"] [uri "/.env.production"] [unique_id "ahY49zOjBBZ_i0pwT1HXXgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-26 18:15:12 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 154.6.8.98 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 154.6.8.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 14:15:00.177092 2026] [security2:error] [pid 8038:tid 8038] [client 154.6.8.98:48077] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.elianabeam.com.amybeam.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.elianabeam.com.amybeam.com"] [uri "/config/database.php.bak"] [unique_id "ahXjJAtH0sBfzP5aYjcf4wAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-22 14:46:50 (2 weeks ago)	LH-Watcher: FAKE_ID [Fake Googlebot]	Bad Web Bot
🇩🇪 HandyTreff.de	2026-01-31 20:24:55 (4 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -36.313 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -36.313 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Sa show less	Bad Web Bot Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 185.233.100.23

🇨🇳 153.0.41.47

🇨🇳 115.190.128.221

🇸🇬 45.82.78.100

🇨🇳 39.97.53.147

🇺🇸 34.71.30.159

🇬🇧 193.163.125.70

🇮🇳 157.48.108.10

🇮🇳 146.196.38.194

🇨🇳 115.231.78.11

🇺🇸 107.174.104.18

🇮🇳 103.123.53.88

🇸🇬 97.74.87.152

🇸🇬 94.231.206.248

🇳🇱 81.19.216.123

🇳🇱 81.19.216.70

🇳🇱 64.89.162.149

🇱🇹 62.60.130.228

🇱🇹 62.60.130.14

🇵🇸 37.8.56.152