JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 180.164.17.170

180.164.17.170 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 5%: ?

ISP	CHINANET SHANGHAI PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4812
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 180.164.17.170

Whois 180.164.17.170

IP Abuse Reports for 180.164.17.170:

This IP address has been reported a total of 6 times from 1 distinct source. 180.164.17.170 was first reported on April 7th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-20 02:44:09 (1 hour ago)	(mod_security) mod_security (id:210831) triggered by 180.164.17.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.164.17.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 22:44:06.253117 2026] [security2:error] [pid 15890:tid 15971] [client 180.164.17.170:29246] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|andyboynton.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "andyboynton.com"] [uri "/"] [unique_id "ajX-dr5T8HN8TDZF68n07QAAAIs"], referer: http://andyboynton.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 23:04:57 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 180.164.17.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.164.17.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 19:04:48.861615 2026] [security2:error] [pid 15804:tid 15804] [client 180.164.17.170:32189] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|surrenderhouse.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "surrenderhouse.com"] [uri "/index.html"] [unique_id "ajR5kCKO7ws0NrngDC0yagAAAAo"], referer: http://surrenderhouse.com/index.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 21:00:25 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 180.164.17.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.164.17.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 17:00:10.453648 2026] [security2:error] [pid 26733:tid 26733] [client 180.164.17.170:29899] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|myairbalance.org\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "myairbalance.org"] [uri "/"] [unique_id "aixzWvSfOL57doHWrL8AnQAAAAU"], referer: http://myairbalance.org show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 04:18:56 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 180.164.17.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.164.17.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:18:52.457418 2026] [security2:error] [pid 10312:tid 10312] [client 180.164.17.170:29288] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|sliconswamp.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "sliconswamp.com"] [uri "/"] [unique_id "aiZCrAl_vDcPjbZuiM07ZgAAAAg"], referer: https://sliconswamp.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 20:38:06 (4 weeks ago)	(mod_security) mod_security (id:210831) triggered by 180.164.17.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.164.17.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 16:37:57.870656 2026] [security2:error] [pid 27510:tid 27520] [client 180.164.17.170:32413] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.ccgparquitectos.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.ccgparquitectos.com"] [uri "/"] [unique_id "ag4bpQK5djlXH2fNifSWvgAAAUY"], referer: http://www.ccgparquitectos.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-07 00:51:15 (2 months ago)	(mod_security) mod_security (id:210831) triggered by 180.164.17.170 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 180.164.17.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 20:51:07.352114 2026] [security2:error] [pid 964321:tid 964321] [client 180.164.17.170:31404] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.wolter-hausser.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.wolter-hausser.com"] [uri "/"] [unique_id "adRU-_UJV7e6JZuOUPY99AAAAAM"], referer: http://www.wolter-hausser.com/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 189.203.163.10

🇳🇱 176.65.149.180

🇺🇸 162.216.149.54

🇺🇸 73.106.42.112

🇰🇷 58.78.128.160

🇳🇿 202.125.88.112

🇵🇭 202.69.169.162

🇧🇪 198.235.24.215

🇬🇧 195.96.139.94

🇭🇰 152.32.128.204

🇺🇸 52.180.144.125

🇨🇳 182.242.168.147

🇵🇭 136.158.27.42

🇩🇪 128.1.120.173

🇨🇳 117.157.77.71

🇵🇰 103.172.26.29

🇨🇳 101.96.200.79

🇺🇸 97.93.43.157

🇹🇷 88.255.189.50

🇺🇸 50.87.144.87