AbuseIPDB » 118.27.122.156
118.27.122.156
This IP was reported 9 times. Confidence of
Abuse
is 17% : ?
ISP
GMO Internet, Inc.
Usage Type
Data Center/Web Hosting/Transit
ASN
AS7506
Hostname(s)
www232.conoha.ne.jp
Domain Name
gmo.jp
Country
๐ฏ๐ต
Japan
City
Tokyo, Tokyo
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 118.27.122.156 :
This IP address has been reported a total of
9
times from
8 distinct
sources.
118.27.122.156 was first reported on
April 14th 2026 , and the most recent report was
1 month ago
Old Reports:
The most recent abuse report for this IP address is from
1 month ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ซ๐ท
masterguru
2026-05-18 02:35:01
(1 month ago)
(modsec_5040) ModSec 5040: API Basic Auth blocked from 118.27.122.156 (JP/Japan/www232.conoha.ne.jp) ...
show more
(modsec_5040) ModSec 5040: API Basic Auth blocked from 118.27.122.156 (JP/Japan/www232.conoha.ne.jp): 1 in the last 3600 secs (0-195)
show less
Hacking
๐ซ๐ท
masterguru
2026-05-11 11:26:46
(1 month ago)
(modsec_5040) ModSec 5040: API Basic Auth blocked from 118.27.122.156 (JP/Japan/www232.conoha.ne.jp) ...
show more
(modsec_5040) ModSec 5040: API Basic Auth blocked from 118.27.122.156 (JP/Japan/www232.conoha.ne.jp): 1 in the last 3600 secs (0-196)
show less
Hacking
๐ฉ๐ช
FeG Deutschland
2026-05-09 11:58:28
(1 month ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-07 14:52:44
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 118.27.122.156 (www232.conoha.ne.jp): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 118.27.122.156 (www232.conoha.ne.jp): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 10:52:36.138583 2026] [security2:error] [pid 26871:tid 26871] [client 118.27.122.156:60602] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||texascottagebakers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "texascottagebakers.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afynNJkXjS74O7EuG9F-igAAACU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
F242
2026-05-07 08:45:36
(1 month ago)
Wordpress Login or XMLRPC abuse
Web App Attack
๐บ๐ธ
nationaleventpros.com
2026-05-06 22:09:08
(1 month ago)
WordPress login attempt
Brute-Force
๐บ๐ธ
octageeks.com
2026-04-24 04:07:26
(2 months ago)
Wordpress malicious attack:[octawpauthor]
Web App Attack
๐ฒ๐น
Malta
2026-04-15 17:01:18
(2 months ago)
118.27.122.156 - - [15/Apr/2026:19:01:18 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ...
show more
118.27.122.156 - - [15/Apr/2026:19:01:18 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:60.0) Gecko/20100101 Firefox/60.0"
show less
Hacking
Web App Attack
VPN IP
๐บ๐ธ
xmission.com
2026-04-14 01:26:38
(2 months ago)
118.27.122.156 - - [13/Apr/2026:19:26:37 -0600] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/4.0 ...
show more
118.27.122.156 - - [13/Apr/2026:19:26:37 -0600] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)"
...
show less
Web App Attack
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: