JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 180.153.236.14

180.153.236.14 was found in our database!

This IP was reported 180 times. Confidence of Abuse is 48%: ?

48%

ISP	CHINANET SHANGHAI PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4811
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 180.153.236.14

Whois 180.153.236.14

IP Abuse Reports for 180.153.236.14:

This IP address has been reported a total of 180 times from 26 distinct sources. 180.153.236.14 was first reported on September 24th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-06-09 02:00:19 (2 days ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-08 10:26:44 (2 days ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:26:36.607824 2026] [security2:error] [pid 27699:tid 27699] [client 180.153.236.14:35682] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|puckerbottombikinis.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "puckerbottombikinis.com"] [uri "/"] [unique_id "aiaY3IhKpeLzwJIiWNogWAAAAAw"], referer: http://puckerbottombikinis.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 1gz	2026-06-08 08:38:36 (2 days ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: CHALLENGE Protocol: HTTP/2 (GET met ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: CHALLENGE Protocol: HTTP/2 (GET method) Endpoint: / UA: User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 Edg/140.0.0.0; 360Spider This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-08 08:00:38 (2 days ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 04:00:33.653354 2026] [security2:error] [pid 20531:tid 20531] [client 180.153.236.14:12384] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.allieleejieun.click\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.allieleejieun.click"] [uri "/"] [unique_id "aiZ2oc20cCgzk4Ok9SVGPAAAAGo"], referer: http://www.allieleejieun.click/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 07:44:55 (2 days ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:44:50.860938 2026] [security2:error] [pid 13625:tid 13625] [client 180.153.236.14:8784] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|kerbros.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "kerbros.com"] [uri "/"] [unique_id "aiZy8rD1fGXnk10KxOBhZAAAAF4"], referer: https://kerbros.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 07:01:51 (2 days ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:01:48.614331 2026] [security2:error] [pid 29190:tid 29190] [client 180.153.236.14:48168] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.evannine.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.evannine.com"] [uri "/"] [unique_id "aiZo3DfXKTBjTRraKFA5egAAACY"], referer: http://www.evannine.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 06:42:30 (2 days ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:42:23.950794 2026] [security2:error] [pid 16084:tid 16084] [client 180.153.236.14:1072] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|barnesandbrower.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "barnesandbrower.com"] [uri "/index.php"] [unique_id "aiZkTxArZHzFmaNNFAUGuQAAAAE"], referer: http://barnesandbrower.com/index.php show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 06:27:25 (2 days ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:27:17.596185 2026] [security2:error] [pid 11376:tid 11379] [client 180.153.236.14:42342] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.priyom.us\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.priyom.us"] [uri "/"] [unique_id "aiZgxYB9fFKpngWqmd8MGgAAAQA"], referer: http://www.priyom.us/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 06:11:50 (2 days ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:11:46.895472 2026] [security2:error] [pid 2257:tid 2264] [client 180.153.236.14:59780] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.philacentric.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.philacentric.com"] [uri "/"] [unique_id "aiZdIloeZZk4-Hnp5gxS9AAAAEU"], referer: http://www.philacentric.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 05:53:09 (2 days ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 01:53:02.105581 2026] [security2:error] [pid 2213:tid 2213] [client 180.153.236.14:47984] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.decisiontrace.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.decisiontrace.org"] [uri "/"] [unique_id "aiZYvu_Ibb324POG4E03TgAAAB4"], referer: http://www.decisiontrace.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 05:27:22 (2 days ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 01:27:17.098236 2026] [security2:error] [pid 20481:tid 20481] [client 180.153.236.14:41672] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.hayrun.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.hayrun.com"] [uri "/"] [unique_id "aiZStXn7_AZEWCBbdVu8nwAAAEc"], referer: https://www.hayrun.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 paulshipley.com.au	2026-06-08 03:08:39 (2 days ago)	[Mon Jun 08 13:08:39.109877 2026] [security2:error] [pid 62554] [client 180.153.236.14:25330] [clien ... show more [Mon Jun 08 13:08:39.109877 2026] [security2:error] [pid 62554] [client 180.153.236.14:25330] [client 180.153.236.14] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "winesbydesign.com.au"] [uri "/"] [unique_id "aiYyN5dl7dF935STwx8_ZAAAAAs"], referer: https://winesbydesign.com.au// ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 05:11:42 (5 days ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 01:11:35.424184 2026] [security2:error] [pid 11094:tid 11094] [client 180.153.236.14:13272] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.mobresearchinc.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.mobresearchinc.com"] [uri "/"] [unique_id "aiJah9cvP6t799H86fn-HwAAAAI"], referer: https://www.mobresearchinc.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 Progetto1	2026-06-04 22:15:02 (6 days ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 16:53:24 (6 days ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 12:53:17.987472 2026] [security2:error] [pid 17215:tid 17215] [client 180.153.236.14:8094] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|rcjlawfirm.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "rcjlawfirm.com"] [uri "/index.html"] [unique_id "aiGtfVz0GHnKZDOjQosiDQAAAAs"], referer: https://rcjlawfirm.com/index.html show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 180 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇸 161.123.64.249

🇺🇸 154.92.23.249

🇩🇪 144.31.80.14

🇨🇳 123.160.174.251

🇧🇪 104.155.94.200

🇮🇶 65.20.233.110

🇨🇳 59.34.17.130

🇷🇺 46.44.0.185

🇬🇧 35.203.211.37

🇩🇪 213.209.159.226

🇩🇪 213.209.159.56

🇺🇸 188.42.112.103

🇳🇱 178.62.209.206

🇫🇮 147.185.133.127

🇨🇳 110.249.202.109

🇺🇸 64.62.197.179

🇸🇬 47.84.186.19

🇩🇪 46.101.96.121

🇧🇪 34.140.236.248

🇧🇷 205.210.31.252