JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 118.27.122.152

118.27.122.152 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 0%: ?

ISP	GMO Internet, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS7506
Hostname(s)	www228.conoha.ne.jp
Domain Name	gmo.jp
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 118.27.122.152

Whois 118.27.122.152

IP Abuse Reports for 118.27.122.152:

This IP address has been reported a total of 24 times from 13 distinct sources. 118.27.122.152 was first reported on November 25th 2025, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2025-12-13 12:24:31 (6 months ago)	118.27.122.152 - - [13/Dec/2025:13:24:30 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 118.27.122.152 - - [13/Dec/2025:13:24:30 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36" show less	Hacking Web App Attack
🇳🇱 Rey	2025-12-13 12:10:02 (6 months ago)	WordPress xmlrpc.php attack [lsvasnnq]	Web App Attack
🇺🇸 TPI-Abuse	2025-12-12 16:08:29 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 118.27.122.152 (www228.conoha.ne.jp): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 118.27.122.152 (www228.conoha.ne.jp): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 12 11:08:25.776731 2025] [security2:error] [pid 31904:tid 31904] [client 118.27.122.152:13668] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.naturalhomebuilders.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.naturalhomebuilders.com"] [uri "/Wp-JsOn/Wp/V2/UsErS"] [unique_id "aTw9-QNCPjxg98VlncIKFwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 03:10:02 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 118.27.122.152 (www228.conoha.ne.jp): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 118.27.122.152 (www228.conoha.ne.jp): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 22:09:57.559183 2025] [security2:error] [pid 7488:tid 7488] [client 118.27.122.152:51692] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.mfleetservice.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.mfleetservice.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aTeTBcDjp7WtpQ_0JtwstQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 02:03:25 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 118.27.122.152 (www228.conoha.ne.jp): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 118.27.122.152 (www228.conoha.ne.jp): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 21:03:20.105262 2025] [security2:error] [pid 28298:tid 28298] [client 118.27.122.152:40664] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jessicalevant.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jessicalevant.com"] [uri "/wp-json/wp/v2/usErs"] [unique_id "aTeDaLW8zhkqbJomGFBUvwAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 18:42:05 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 118.27.122.152 (www228.conoha.ne.jp): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 118.27.122.152 (www228.conoha.ne.jp): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 13:41:56.765145 2025] [security2:error] [pid 5080:tid 5080] [client 118.27.122.152:60344] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.difusionens.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.difusionens.org"] [uri "/index.php/wp-json/wp/v2/users"] [unique_id "aTcb9KLz0HDU4aWlcCQ7_gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 rtbh.com.tr	2025-12-07 20:10:19 (6 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇫🇷 SpaceHost-Server	2025-12-06 23:28:17 (6 months ago)		Brute-Force Web App Attack
🇲🇹 Malta	2025-12-06 13:27:36 (6 months ago)	118.27.122.152 - - [06/Dec/2025:14:27:36 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 118.27.122.152 - - [06/Dec/2025:14:27:36 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.79 Safari/537.36" show less	Hacking Web App Attack
🇺🇸 mind5t0rm	2025-12-06 07:14:09 (6 months ago)	(XMLRPC) WP XMLPRC Attack 118.27.122.152 (JP/Japan/www228.conoha.ne.jp): 3 in the last 3600 secs; Po ... show more (XMLRPC) WP XMLPRC Attack 118.27.122.152 (JP/Japan/www228.conoha.ne.jp): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 118.27.122.152 - - [06/Dec/2025:14:13:51 +0700] "POST /xmlrpc.php HTTP/1.1" 403 155 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" 118.27.122.152 - - [06/Dec/2025:14:13:58 +0700] "POST /xmlrpc.php HTTP/1.1" 403 155 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" 118.27.122.152 - - [06/Dec/2025:14:14:05 +0700] "POST /xmlrpc.php HTTP/1.1" 403 155 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" show less	Port Scan
🇩🇪 LRob.fr	2025-12-06 04:49:44 (6 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
Anonymous	2025-12-06 04:41:13 (6 months ago)	WordPress Brute Force	Brute-Force
🇹🇷 rtbh.com.tr	2025-12-05 20:10:19 (6 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇫🇷 SpaceHost-Server	2025-12-04 23:28:44 (6 months ago)		Brute-Force Web App Attack
🇹🇷 rtbh.com.tr	2025-12-03 20:10:16 (6 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.148.2

🇳🇱 176.65.139.247

🇺🇸 104.243.35.120

🇷🇴 80.94.92.182

🇮🇳 182.95.41.78

🇮🇳 168.144.19.185

🇺🇸 45.148.125.145

🇧🇪 35.210.61.208

🇭🇰 223.197.153.143

🇳🇱 146.190.26.189

🇵🇹 144.64.13.138

🇻🇳 123.30.97.105

🇺🇸 74.133.99.133

🇸🇬 47.128.111.137

🇯🇵 43.133.194.186

🇺🇸 3.231.110.75

🇨🇦 172.69.214.155

🇻🇳 116.99.173.91

🇨🇳 112.124.1.210

🇻🇳 103.78.0.229