JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 180.95.231.95

180.95.231.95 was found in our database!

This IP was reported 237 times. Confidence of Abuse is 55%: ?

55%

ISP	China Unicom Gansu province network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Lanzhou, Gansu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 180.95.231.95

Whois 180.95.231.95

IP Abuse Reports for 180.95.231.95:

This IP address has been reported a total of 237 times from 61 distinct sources. 180.95.231.95 was first reported on April 2nd 2021, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-24 04:06:01 (17 hours ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 paulshipley.com.au	2026-06-23 21:24:26 (1 day ago)	levellapromotions.com.au:443 180.95.231.95 - - [24/Jun/2026:07:24:23 +1000] "GET /ipfs/bafkreicyqcbh ... show more levellapromotions.com.au:443 180.95.231.95 - - [24/Jun/2026:07:24:23 +1000] "GET /ipfs/bafkreicyqcbhpicbos7ev4mrxofwqx6hvvge7pahpta6xuspr44crai5by HTTP/1.1" 404 155788 "-" "Mozilla/4.066686748 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" ... show less	Web App Attack
🇺🇸 xmission.com	2026-06-23 05:34:38 (1 day ago)	Blocked by UFW (TCP on 5985) Source port: 17509 TTL: 237 Packet length: 44 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 5985) Source port: 17509 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 180.95.231.95) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 security.rdmc.fr	2026-06-21 07:30:25 (3 days ago)	Port Scan Attack proto:TCP src:32924 dst:5432	Port Scan
🇺🇸 xmission.com	2026-06-18 19:05:57 (6 days ago)	Blocked by UFW (TCP on 10566) Source port: 36609 TTL: 237 Packet length: 44 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 10566) Source port: 36609 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 180.95.231.95) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-06-16 21:04:59 (1 week ago)	Honeypot hit: Large payload (1457 bytes); 27950 [1] TCP Reported by: https://github.com/sefinek/T-Po ... show more Honeypot hit: Large payload (1457 bytes); 27950 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 Cyber Crusader	2026-06-13 12:21:40 (1 week ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇬🇧 PeravixGroup	2026-06-06 08:38:38 (2 weeks ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇬🇧 PeravixGroup	2026-06-04 18:39:56 (2 weeks ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 MPL	2026-05-31 00:19:27 (3 weeks ago)	tcp/2397 (2 or more attempts)	Port Scan
🇵🇱 sefinek.net	2026-05-29 17:11:24 (3 weeks ago)	Honeypot hit: Large payload (1457 bytes); 2012 [1] TCP Reported by: https://github.com/sefinek/T-Pot ... show more Honeypot hit: Large payload (1457 bytes); 2012 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Bad Web Bot
🇫🇮 6kilowatti	2026-05-29 09:01:31 (3 weeks ago)	2026-05-29T12:01:30.366156+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00: ... show more 2026-05-29T12:01:30.366156+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00:00:5e:00:01:58:08:00 SRC=180.95.231.95 DST=83.148.240.21 LEN=44 TOS=0x00 PREC=0x00 TTL=228 ID=19318 PROTO=TCP SPT=12848 DPT=7687 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 MPL	2026-05-24 22:45:19 (4 weeks ago)	tcp/443	Port Scan
🇺🇸 MPL	2026-05-23 14:22:27 (1 month ago)	tcp/10020	Port Scan
🇬🇧 PeravixGroup	2026-05-19 07:30:09 (1 month ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host

Showing 1 to 15 of 237 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.124

🇨🇳 153.35.192.98

🇺🇸 44.206.207.138

🇺🇸 43.162.112.238

🇹🇼 35.194.229.203

🇧🇪 198.235.24.193

🇺🇸 195.184.76.227

🇲🇽 177.238.21.89

🇺🇸 162.216.150.13

🇫🇮 109.204.180.30

🇳🇱 80.82.77.202

🇺🇸 74.125.45.23

🇱🇹 62.60.130.219

🇱🇹 45.227.254.170

🇺🇸 44.49.153.48

🇨🇳 14.103.122.180

🇩🇪 213.209.159.242

🇨🇴 138.84.40.108

🇺🇸 104.238.228.254

🇺🇸 103.203.58.3