JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 180.95.238.116

180.95.238.116 was found in our database!

This IP was reported 180 times. Confidence of Abuse is 31%: ?

31%

ISP	China Unicom Gansu province network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Lanzhou, Gansu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 180.95.238.116

Whois 180.95.238.116

IP Abuse Reports for 180.95.238.116:

This IP address has been reported a total of 180 times from 47 distinct sources. 180.95.238.116 was first reported on April 3rd 2021, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 femboy.cat	2026-06-18 05:56:09 (2 days ago)	Port scan to tcp/12121 from 180.95.238.116	Brute-Force
🇬🇧 PeravixGroup	2026-06-06 00:29:29 (2 weeks ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-05 14:21:31 (2 weeks ago)	Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. A ... show more Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. Aaran.cloud show less	DDoS Attack Hacking
🇬🇧 PeravixGroup	2026-05-31 03:01:43 (2 weeks ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 MPL	2026-05-27 11:45:48 (3 weeks ago)	tcp/25565	Port Scan
🇬🇧 PeravixGroup	2026-05-25 02:36:12 (3 weeks ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 gbzret4d	2026-05-13 10:10:08 (1 month ago)	Honeypot [uk-production01]: Unauthorized traffic (243 bytes of payload); 6601 [1] TCP	Port Scan
🇨🇳 ThreatBook.io	2026-05-10 01:25:27 (1 month ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/180.95.238.116 2 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/180.95.238.116 2026-05-09 13:04:52 http://110.242.68.4/ show less	Web App Attack
🇦🇺 trentwiles.com	2026-04-27 14:49:27 (1 month ago)	Unauthorized connection attempt detected from IP address 180.95.238.116 to port 8256 [SYD]	Port Scan
🇵🇱 sefinek.net	2026-04-27 05:27:34 (1 month ago)	Honeypot hit: Empty payload (likely service probe); 16001 [1] TCP Reported by: https://github.com/se ... show more Honeypot hit: Empty payload (likely service probe); 16001 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇯🇵 mkaraki	2026-04-26 22:00:53 (1 month ago)	1777240848 # Service_probe # SIGNATURE_SEND # source_ip:180.95.238.116 # dst_port:1400 ...	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-26 18:02:33 (1 month ago)	Honeypot hit: Empty payload (likely service probe); 7894 [1] TCP	Port Scan
Anonymous	2026-03-31 06:26:34 (2 months ago)	Brute force. Port: 16403	Brute-Force
🇺🇸 RAP	2026-03-28 04:21:11 (2 months ago)	2026-03-28 04:21:11 UTC Unauthorized activity to TCP port 9200.	Port Scan
🇺🇸 NXTwoThou	2026-03-20 08:20:38 (3 months ago)	http/0.9 anonymous	Web App Attack

Showing 1 to 15 of 180 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.167.169.18

🇺🇸 162.216.149.116

🇩🇪 162.19.181.245

🇺🇸 143.42.1.71

🇷🇴 92.118.39.74

🇫🇷 13.140.150.107

🇨🇳 112.54.134.4

🇺🇿 84.54.84.169

🇫🇮 74.125.112.28

🇺🇸 45.61.151.67

🇳🇱 176.65.139.88

🇺🇸 172.202.113.68

🇨🇳 125.47.123.167

🇳🇱 103.219.153.248

🇺🇸 100.29.192.55

🇮🇳 182.78.69.178

🇺🇸 172.245.102.74

🇮🇳 171.76.103.32

🇹🇼 110.25.112.150

🇫🇷 95.182.82.67