JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.6.83.241

154.6.83.241 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 24%: ?

24%

ISP	Cogent Communications, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS64286
Domain Name	cogentco.com
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.6.83.241

Whois 154.6.83.241

IP Abuse Reports for 154.6.83.241:

This IP address has been reported a total of 15 times from 5 distinct sources. 154.6.83.241 was first reported on January 15th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-28 22:03:53 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-27. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-05-28 17:04:49 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 13:04:45.328555 2026] [security2:error] [pid 2688:tid 2688] [client 154.6.83.241:49107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "talesofhartwellhouse.com.johnpritchett.com"] [uri "/.env.development"] [unique_id "ahh1rTZSde-68Kjso4DqgAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 00:16:53 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 20:16:43.860568 2026] [security2:error] [pid 10895:tid 10895] [client 154.6.83.241:39013] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pontiacpalace.com"] [uri "/.env.local"] [unique_id "aheJa-LjRC23Z-xh-L6rwQAAAAc"], referer: https://www.google.com/search?q=pontiacpalace.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-05-27 22:45:03 (1 week ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-27 22:01:29 (1 week ago)	Auto-ban: >3000 req/min op 2026-05-27	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-05-27 19:18:02 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 15:17:55.178225 2026] [security2:error] [pid 16867:tid 16867] [client 154.6.83.241:57677] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "soviaenterprises.com"] [uri "/wp-config.php~"] [unique_id "ahdDY0EqINgqoLy5C3TTigAAAAc"], referer: https://www.google.com/search?q=soviaenterprises.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:21:14 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:21:07.738666 2026] [security2:error] [pid 388:tid 388] [client 154.6.83.241:54179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.broadcastit.gulftelecom.com"] [uri "/.env"] [unique_id "ahY4862WzEbSUpeTH9wkMQAAAA8"], referer: https://www.google.com/search?q=www.broadcastit.gulftelecom.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 BlueWire Hosting	2026-05-01 15:12:55 (1 month ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-29 21:50:55 (5 months ago)	(mod_security) mod_security (id:211190) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:211190) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 16:50:52.038937 2025] [security2:error] [pid 14490:tid 14635] [client 154.6.83.241:35867] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?p=../../../../../../../../../../../../../../../../etc/passwd%00index&q=About&ajax=true&_=1355714673828"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.com"] [uri "/index.php"] [unique_id "aVL3vD0n3TQwzhgB68ZzJAAAAkw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 00:31:00 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 19:30:57.204540 2025] [security2:error] [pid 8676:tid 8682] [client 154.6.83.241:57213] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.com"] [uri "/database.sql"] [unique_id "aSjtQQxDdsyLSgfLebKZNgAAAUI"], referer: http://kettlehill.com/database.sql show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 12:38:57 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 07:38:49.594902 2025] [security2:error] [pid 30896:tid 30896] [client 154.6.83.241:35159] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/errors/errors.log"] [unique_id "aRXRWZ8cAZQLcoAhvMGJCAAAACo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 01:46:27 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:46:21.565649 2025] [security2:error] [pid 729662:tid 729785] [client 154.6.83.241:52521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.kettlehill.net"] [uri "/.env.stage"] [unique_id "aIWE7bnOl9VusXIpylMfBwAAAQU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 18:53:04 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 14:50:39.109755 2025] [security2:error] [pid 3200159:tid 3200159] [client 154.6.83.241:41741] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.farmers123.com"] [uri "/.env.farmers123"] [unique_id "aDisf_IGhuGZbs1tLYW2SwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-19 05:21:38 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 154.6.83.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 19 01:21:30.947588 2025] [security2:error] [pid 26434:tid 26443] [client 154.6.83.241:56225] [client 154.6.83.241] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.blog.spinningdesigns.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "blog.spinningdesigns.com"] [uri "/roundcube/logs/errors.log"] [unique_id "aAMy2kBDF0hFmouiiEBFiwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-15 12:40:28 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 198.46.168.51

🇺🇸 107.175.20.213

🇻🇳 14.225.7.70

🇰🇷 211.187.7.14

🇻🇺 138.226.239.11

🇮🇳 103.216.145.2

🇳🇱 91.204.77.153

🇱🇹 45.227.254.170

🇺🇸 35.243.152.17

🇺🇸 34.186.234.195

🇩🇪 34.159.120.185

🇭🇰 34.92.125.130

🇫🇮 34.88.254.46

🇸🇪 31.13.115.115

🇸🇬 194.233.74.201

🇨🇳 139.170.72.218

🇯🇴 109.107.243.82

🇭🇰 103.226.124.223

🇳🇱 45.148.10.183

🇺🇸 34.23.143.147