JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 122.155.21.127

122.155.21.127 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 62%: ?

62%

ISP	CAT TELECOM Data Comm. Dept, IDC Office
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9335
Hostname(s)	cloud-linux-09.chaiyohosting.com
Domain Name	ntplc.co.th
Country	🇹🇭 Thailand
City	Bangkok, Bangkok

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 122.155.21.127

Whois 122.155.21.127

IP Abuse Reports for 122.155.21.127:

This IP address has been reported a total of 28 times from 17 distinct sources. 122.155.21.127 was first reported on June 9th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-10 04:51:41 (2 weeks ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 Mundo Bueno	2026-06-10 02:18:03 (2 weeks ago)	[ISILIA Protection v2.1] Tentative d'accès: /wp-json/wp/v2/users/me \| Pays: TH \| UA: Mozilla/5.0 (X1 ... show more [ISILIA Protection v2.1] Tentative d'accès: /wp-json/wp/v2/users/me \| Pays: TH \| UA: Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safa show less	Hacking Web App Attack
🇺🇸 xmission.com	2026-06-10 02:08:59 (2 weeks ago)	122.155.21.127 - - [09/Jun/2026:20:08:58 -0600] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 ... show more 122.155.21.127 - - [09/Jun/2026:20:08:58 -0600] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 01:34:21 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 122.155.21.127 (cloud-linux-09.chaiyohosting.co ... show more (mod_security) mod_security (id:225170) triggered by 122.155.21.127 (cloud-linux-09.chaiyohosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 21:34:12.384547 2026] [security2:error] [pid 32160:tid 32160] [client 122.155.21.127:49564] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|theroyalhouseofelohim.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "theroyalhouseofelohim.org"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aii_FNr9Dk42ihPDCChb2wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 floreriaexpress	2026-06-10 00:48:57 (2 weeks ago)	FakeADS-Anti: country:TH \| https://mail.floreriaexpresschile.cl/wp-json/wp/v2/users/me	Bad Web Bot
🇵🇾 SecOpsSL	2026-06-10 00:12:59 (2 weeks ago)	122.155.21.127 - - [09/Jun/2026:21:12:58 -0300] "POST /xmlrpc.php HTTP/1.1" 403 277 "-" "Mozilla/5.0 ... show more 122.155.21.127 - - [09/Jun/2026:21:12:58 -0300] "POST /xmlrpc.php HTTP/1.1" 403 277 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 23:06:12 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 122.155.21.127 (cloud-linux-09.chaiyohosting.co ... show more (mod_security) mod_security (id:225170) triggered by 122.155.21.127 (cloud-linux-09.chaiyohosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 19:06:07.287732 2026] [security2:error] [pid 16752:tid 16752] [client 122.155.21.127:44530] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cycontechnology.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cycontechnology.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiicX_4G_mRtAGiZgu-LfQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 21:32:28 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 122.155.21.127 (cloud-linux-09.chaiyohosting.co ... show more (mod_security) mod_security (id:225170) triggered by 122.155.21.127 (cloud-linux-09.chaiyohosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 17:32:21.873524 2026] [security2:error] [pid 3250:tid 3250] [client 122.155.21.127:35312] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.jesussotoca.bigchus.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.jesussotoca.bigchus.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiiGZQKsIxvLqHyyMRj4CQAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 21:12:56 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 122.155.21.127 (cloud-linux-09.chaiyohosting.co ... show more (mod_security) mod_security (id:225170) triggered by 122.155.21.127 (cloud-linux-09.chaiyohosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 17:12:50.952649 2026] [security2:error] [pid 10549:tid 10549] [client 122.155.21.127:45132] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|maffiniandbearce.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "maffiniandbearce.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiiB0uK1F1iNsG6KIur-FwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hazzard	2026-06-09 21:04:33 (2 weeks ago)	(wordpress) Failed wordpress login from 122.155.21.127 (TH/Thailand/-/-/cloud-linux-09.chaiyohosting ... show more (wordpress) Failed wordpress login from 122.155.21.127 (TH/Thailand/-/-/cloud-linux-09.chaiyohosting.com/[redacted]): (CF_ENABLE) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-09 20:53:44 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 122.155.21.127 (cloud-linux-09.chaiyohosting.co ... show more (mod_security) mod_security (id:225170) triggered by 122.155.21.127 (cloud-linux-09.chaiyohosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 16:53:39.740766 2026] [security2:error] [pid 24387:tid 24387] [client 122.155.21.127:36856] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|exhaustthelimits.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "exhaustthelimits.org"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aih9UwaWlHLXtzgNKyC34AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 factor1	2026-06-09 20:35:08 (2 weeks ago)	Fail2ban at churndash Reports Abuse.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 19:34:36 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 122.155.21.127 (cloud-linux-09.chaiyohosting.co ... show more (mod_security) mod_security (id:225170) triggered by 122.155.21.127 (cloud-linux-09.chaiyohosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 15:34:29.073474 2026] [security2:error] [pid 18018:tid 18018] [client 122.155.21.127:56922] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|theopinionatedowl.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "theopinionatedowl.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aihqxXNombLFcR8Fi0z2bAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇰 ScamAware	2026-06-09 19:07:12 (2 weeks ago)	Detected by Cloudflare Security Events via WordPress automation. Detection: user_enumeration (WordPr ... show more Detected by Cloudflare Security Events via WordPress automation. Detection: user_enumeration (WordPress user enumeration). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: block. Cloudflare source: firewallCustom. show less	Brute-Force Web App Attack
🇩🇪 Marc	2026-06-09 18:28:01 (2 weeks ago)	122.155.21.127 - - [09/Jun/2026:18:41:32 +0200] "POST /xmlrpc.php HTTP/2.0" 200 607 "-" "Mozilla/5.0 ... show more 122.155.21.127 - - [09/Jun/2026:18:41:32 +0200] "POST /xmlrpc.php HTTP/2.0" 200 607 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" 122.155.21.127 - - [09/Jun/2026:20:16:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 895 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 122.155.21.127 - - [09/Jun/2026:20:28:00 +0200] "POST /xmlrpc.php HTTP/1.1" 200 927 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" show less	Brute-Force Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 2001:df4:d1c0:cdf1:d0ab:74a9:a509:2ffc

🇺🇸 216.222.199.239

🇳🇱 195.178.110.26

🇫🇷 185.177.72.69

🇹🇷 94.154.43.181

🇺🇸 66.132.172.158

🇺🇸 66.132.172.109

🇭🇰 52.175.55.5

🇸🇪 46.246.5.69

🇨🇦 45.194.92.58

🇻🇳 27.79.43.34

🇮🇳 20.219.13.14

🇷🇺 188.243.191.29

🇳🇱 185.223.235.13

🇺🇸 184.105.139.120

🇨🇳 124.193.81.23

🇹🇼 111.70.32.11

🇺🇸 64.62.156.188

🇫🇷 2001:41d0:33a:a00::408

🇨🇦 165.227.42.30