JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 180.153.236.47

180.153.236.47 was found in our database!

This IP was reported 209 times. Confidence of Abuse is 53%: ?

53%

ISP	CHINANET SHANGHAI PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4811
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 180.153.236.47

Whois 180.153.236.47

IP Abuse Reports for 180.153.236.47:

This IP address has been reported a total of 209 times from 24 distinct sources. 180.153.236.47 was first reported on September 24th 2025, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-29 13:10:29 (4 hours ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 09:10:25.091053 2026] [security2:error] [pid 8406:tid 8406] [client 180.153.236.47:47061] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|anchor07.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "anchor07.com"] [uri "/"] [unique_id "akJuwTEXnU3DEkaPm8LhuwAAAA0"], referer: http://anchor07.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-29 12:02:11 (5 hours ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 08:02:04.161984 2026] [security2:error] [pid 4334:tid 4334] [client 180.153.236.47:5967] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|fulltime-life.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "fulltime-life.com"] [uri "/"] [unique_id "akJevDRYFcailJAPonqNEgAAAAM"], referer: http://fulltime-life.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-29 10:51:52 (6 hours ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 06:51:47.030556 2026] [security2:error] [pid 13043:tid 13043] [client 180.153.236.47:3297] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|gdpeters.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "gdpeters.com"] [uri "/"] [unique_id "akJOQzPqVeJzSiJnCsX71AAAAAk"], referer: https://gdpeters.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 11:23:45 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 07:23:41.176936 2026] [security2:error] [pid 21789:tid 21789] [client 180.153.236.47:41435] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|pamolson.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "pamolson.org"] [uri "/index.html"] [unique_id "akEEPUEDcGEt5DXQI2BXwAAAABs"], referer: http://pamolson.org/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 08:14:00 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 04:13:53.239626 2026] [security2:error] [pid 22850:tid 22850] [client 180.153.236.47:2407] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.walkerweb.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.walkerweb.com"] [uri "/"] [unique_id "akDXwROGafwILK8GmIhtcQAAAAQ"], referer: https://www.walkerweb.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 07:07:33 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 03:07:29.908332 2026] [security2:error] [pid 18718:tid 18727] [client 180.153.236.47:22297] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.boxwoodgarden.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.boxwoodgarden.com"] [uri "/"] [unique_id "akDIMUnblO6VZ-z6ZvoYzgAAAEc"], referer: http://www.boxwoodgarden.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 06:15:48 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 02:15:42.621971 2026] [security2:error] [pid 6766:tid 6766] [client 180.153.236.47:19157] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|sanjuangrange.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "sanjuangrange.org"] [uri "/index.html"] [unique_id "akC8DqLnKO0AiplGGf5eDAAAAAI"], referer: https://sanjuangrange.org/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 08:43:25 (4 days ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 04:43:22.070691 2026] [security2:error] [pid 28475:tid 28475] [client 180.153.236.47:20879] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|chaubaolau.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "chaubaolau.com"] [uri "/"] [unique_id "ajzqKhN8SYh0Ks_F2iEEswAAAAs"], referer: http://chaubaolau.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 08:03:04 (4 days ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 04:02:57.947548 2026] [security2:error] [pid 28973:tid 28973] [client 180.153.236.47:25491] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|distilledwater.net\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "distilledwater.net"] [uri "/index.html"] [unique_id "ajzgsbIEltNv946LBfXs2AAAABg"], referer: http://distilledwater.net/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 06:14:39 (4 days ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 02:14:31.175128 2026] [security2:error] [pid 30351:tid 30351] [client 180.153.236.47:27425] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|royal-barbershop.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "royal-barbershop.com"] [uri "/"] [unique_id "ajzHR9WF2iiFRTgKNtFbmgAAAAU"], referer: http://royal-barbershop.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-06-25 01:03:18 (4 days ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-21 20:22:35 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 16:22:31.735652 2026] [security2:error] [pid 8402:tid 8402] [client 180.153.236.47:14843] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.jillbauman.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.jillbauman.com"] [uri "/"] [unique_id "ajhIB86CIrAt9Q1PkR8AiwAAABI"], referer: https://www.jillbauman.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hazzard	2026-06-21 18:47:53 (1 week ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted]): (CF_ENABLE)	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-21 08:36:13 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 04:36:05.816178 2026] [security2:error] [pid 3543:tid 3543] [client 180.153.236.47:50913] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.mooseled.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.mooseled.com"] [uri "/"] [unique_id "ajeidUwxcnN-LcbDWdwQIQAAAAg"], referer: https://www.mooseled.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 08:02:49 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.153.236.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 04:02:44.518603 2026] [security2:error] [pid 5180:tid 5180] [client 180.153.236.47:28559] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|conveyorizedovens.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "conveyorizedovens.com"] [uri "/"] [unique_id "ajeapF6mhz5LOrshcGVbywAAABg"], referer: http://conveyorizedovens.com/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 209 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 193.46.255.86

🇻🇳 118.70.146.125

🇸🇬 52.237.80.79

🇺🇸 50.2.50.10

🇳🇱 45.148.10.151

🇰🇿 37.151.58.74

🇺🇸 13.89.125.29

🇵🇱 2a00:1450:4025:807::128

🇺🇸 195.184.76.93

🇳🇱 195.178.110.135

🇩🇪 194.88.98.118

🇳🇱 176.65.148.244

🇩🇪 165.227.163.140

🇰🇷 121.133.252.114

🇧🇩 103.204.247.58

🇺🇸 71.27.102.242

🇺🇸 185.180.141.67

🇺🇸 158.94.187.235

🇺🇸 104.244.124.135

🇬🇧 91.204.209.46