JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 180.101.81.21

180.101.81.21 was found in our database!

This IP was reported 256 times. Confidence of Abuse is 0%: ?

ISP	Chinanet Jiangsu Province Network
Usage Type	Fixed Line ISP
ASN	AS134770
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Nanjing, Jiangsu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 180.101.81.21

Whois 180.101.81.21

IP Abuse Reports for 180.101.81.21:

This IP address has been reported a total of 256 times from 25 distinct sources. 180.101.81.21 was first reported on February 19th 2023, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇳 ThreatBook.io	2025-12-30 22:47:50 (5 months ago)	ThreatBook Intelligence: Zombie,IDC more details on https://threatbook.io/ip/180.101.81.21 2025-12-3 ... show more ThreatBook Intelligence: Zombie,IDC more details on https://threatbook.io/ip/180.101.81.21 2025-12-30 04:34:44 /docs/config/cluster-listener.html 2025-12-30 04:34:44 /docs/images/docs-stylesheet.css show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 10:07:56 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 180.101.81.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 180.101.81.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 05:07:48.819464 2025] [security2:error] [pid 14536:tid 14536] [client 180.101.81.21:37290] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|qualityelevatorcabs.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "qualityelevatorcabs.com"] [uri "/[email protected]"] [unique_id "aTVR9GVqh_w-p1eAvlSR7AAAAAc"], referer: http://qualityelevatorcabs.com show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 afleventoffice.com.au	2025-10-31 11:53:53 (7 months ago)	HEAD /bak.rar HTTP/1.1	Web App Attack
🇺🇸 kosada.com	2025-10-30 21:14:54 (7 months ago)	Web vulnerability probing: /www.rar	Web App Attack
🇦🇺 afleventoffice.com.au	2025-10-30 19:53:37 (7 months ago)	HEAD /testcrickettravelofficecomau.zip HTTP/1.1	Web App Attack
🇺🇸 rdpguard.com	2025-10-22 15:34:23 (8 months ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇱🇻 garmtech.com	2025-10-21 13:08:35 (8 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 16-08.180.101.81.21.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 16-08.180.101.81.21.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇳🇱 exxos	2025-10-21 11:03:01 (8 months ago)	Attacks with Bad user agents	Hacking
🇮🇹 VHosting	2025-09-17 12:18:14 (9 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇨🇳 ThreatBook.io	2025-08-13 22:36:19 (10 months ago)	ThreatBook Intelligence: Zombie,IDC more details on https://threatbook.io/ip/180.101.81.21 2025-08-1 ... show more ThreatBook Intelligence: Zombie,IDC more details on https://threatbook.io/ip/180.101.81.21 2025-08-13 16:58:48 /web.rar show less	Web App Attack
🇺🇸 rdpguard.com	2025-08-08 00:27:09 (10 months ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇦🇺 afleventoffice.com.au	2025-07-22 16:06:50 (11 months ago)	HEAD /data.7z HTTP/1.1	Web App Attack
🇦🇺 afleventoffice.com.au	2025-07-22 14:43:46 (11 months ago)	HEAD /database.7z HTTP/1.1	Web App Attack
🇦🇺 afleventoffice.com.au	2025-07-22 03:47:59 (11 months ago)	HEAD /afleventoffice.7z HTTP/1.1	Web App Attack
🇺🇸 rdpguard.com	2025-07-14 11:39:05 (11 months ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force

Showing 1 to 15 of 256 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.108

🇮🇳 122.168.123.73

🇸🇬 43.173.173.242

🇨🇳 42.234.2.38

🇰🇷 8.213.131.12

🇺🇸 3.239.12.80

🇨🇳 220.194.187.155

🇷🇴 151.242.30.212

🇵🇰 119.156.28.157

🇨🇳 115.191.22.111

🇭🇰 103.30.40.129

🇿🇦 102.64.33.118

🇰🇷 61.83.253.114

🇳🇱 45.156.87.216

🇳🇱 45.148.10.157

🇬🇧 2a06:4880:6000::7a

🇬🇹 190.151.130.5

🇦🇪 165.154.12.108

🇺🇸 162.216.150.163

🇨🇳 115.231.78.11