JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 122.8.94.245

122.8.94.245 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 15%: ?

15%

ISP	Beijing CNISP Technology Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	cnisp.org.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 122.8.94.245

Whois 122.8.94.245

IP Abuse Reports for 122.8.94.245:

This IP address has been reported a total of 24 times from 9 distinct sources. 122.8.94.245 was first reported on October 1st 2025, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 08:09:41 (1 hour ago)	(mod_security) mod_security (id:225170) triggered by 122.8.94.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 122.8.94.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 04:09:37.657482 2026] [security2:error] [pid 16571:tid 16571] [client 122.8.94.245:29149] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ourhotmail.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ourhotmail.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiu-wV07l61Ki2-s9lfxCwAAAA0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-05 23:39:24 (6 days ago)	Attempted WordPress login: 122.8.94.245 - - [06/Jun/2026:00:39:24 +0100] "GET /wp-login.php HTTP/1. ... show more Attempted WordPress login: 122.8.94.245 - - [06/Jun/2026:00:39:24 +0100] "GET /wp-login.php HTTP/1.1" 200 234 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 14:07:34 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 122.8.94.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 122.8.94.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 10:07:27.376150 2026] [security2:error] [pid 21850:tid 21850] [client 122.8.94.245:49929] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|marveldirectory.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "marveldirectory.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiGGn9bOONnVTXUvEM7MDgAAABw"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 02:09:07 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 122.8.94.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 122.8.94.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 22:09:03.394876 2026] [security2:error] [pid 8366:tid 8366] [client 122.8.94.245:34815] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|truecontrarian.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "truecontrarian.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah47P0CQHNBSOT4Qy_nnegAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-15 10:42:54 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 122.8.94.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 122.8.94.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 06:42:47.392404 2026] [security2:error] [pid 16003:tid 16003] [client 122.8.94.245:42871] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|salsberggroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "salsberggroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agb4p28kWE6eEKP9fgCZzgAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-10 14:17:09 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 122.8.94.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 122.8.94.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 10:17:03.553401 2026] [security2:error] [pid 28397:tid 28397] [client 122.8.94.245:49601] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gonzalez.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gonzalez.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agCTX33A4ZH__QiF4tcNNAAAAAM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-05 03:25:45 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 122.8.94.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 122.8.94.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 04 23:25:37.873135 2026] [security2:error] [pid 14692:tid 14692] [client 122.8.94.245:34755] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|kingstoneproperties.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kingstoneproperties.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afljMarsHPJ3JFYVtrvJDAAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-03 11:01:15 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 122.8.94.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 122.8.94.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 03 07:01:09.189714 2026] [security2:error] [pid 32556:tid 32556] [client 122.8.94.245:24355] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mathgen.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mathgen.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afcq9UO-R0TCHbVFfEkVKAAAAAc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-25 12:15:52 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 122.8.94.245 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 122.8.94.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 08:15:48.676975 2026] [security2:error] [pid 7626:tid 7626] [client 122.8.94.245:29217] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|marlinlee.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "marlinlee.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeywdAUBu9hZXpvOHf6oiwAAAA8"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 stinpriza	2026-03-21 09:12:01 (2 months ago)	Web App Attack	Web App Attack
🇺🇸 myagent.site	2026-03-21 06:02:05 (2 months ago)	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking
🇩🇪 big-cloud.nl	2026-03-19 04:48:21 (2 months ago)	Try to access /xmlrpc.php	Web App Attack
🇺🇸 myagent.site	2026-03-18 18:09:04 (2 months ago)	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking
🇩🇪 LRob.fr	2026-03-18 16:15:11 (2 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-03-17 16:22:47 (2 months ago)	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 176.59.134.225

🇵🇰 103.120.116.162

🇧🇬 91.191.209.98

🇿🇦 82.22.245.174

🇺🇸 43.159.152.184

🇧🇪 198.235.24.202

🇧🇦 109.175.39.133

🇨🇭 104.244.74.201

🇦🇱 95.107.217.81

🇻🇮 74.244.153.169

🇺🇸 49.51.188.155

🇺🇸 43.159.152.4

🇺🇸 13.58.29.201

🇧🇷 190.115.84.25

🇺🇸 170.23.5.147

🇨🇦 165.22.224.68

🇩🇪 128.1.34.69

🇫🇷 91.231.89.225

🇺🇸 66.132.172.116

🇺🇸 43.130.16.140