JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 180.95.238.248

180.95.238.248 was found in our database!

This IP was reported 178 times. Confidence of Abuse is 36%: ?

36%

ISP	China Unicom Gansu province network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Lanzhou, Gansu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 180.95.238.248

Whois 180.95.238.248

IP Abuse Reports for 180.95.238.248:

This IP address has been reported a total of 178 times from 43 distinct sources. 180.95.238.248 was first reported on December 20th 2020, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-06 19:13:23 (4 days ago)	Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: ME ... show more Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-06-06 10:24:25 (4 days ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇳🇱 ByeByte API	2026-05-28 16:20:23 (1 week ago)	Port scan from this IP. Firewall dropped every packet. Targeted UDP ports: 80. Single burst at 2026- ... show more Port scan from this IP. Firewall dropped every packet. Targeted UDP ports: 80. Single burst at 2026-05-28 16:20 UTC. show less	Port Scan
🇬🇧 gbzret4d	2026-05-28 13:16:08 (1 week ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 12219 [1] TCP	Port Scan
🇬🇧 PeravixGroup	2026-05-28 05:51:06 (2 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇬🇧 PeravixGroup	2026-05-27 23:50:51 (2 weeks ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-26 09:57:12 (2 weeks ago)	Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5986. Seve ... show more Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5986. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇺🇸 MPL	2026-05-26 08:25:45 (2 weeks ago)	tcp/1035 (2 or more attempts)	Port Scan
🇺🇸 xmission.com	2026-05-26 08:21:02 (2 weeks ago)	Blocked by UFW (TCP on 12016) Source port: 22513 TTL: 237 Packet length: 44 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 12016) Source port: 22513 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 180.95.238.248) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇷🇸 Scan	2026-05-04 00:48:23 (1 month ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇬🇧 PeravixGroup	2026-04-29 10:59:30 (1 month ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇷🇸 Scan	2026-04-29 01:17:40 (1 month ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇬🇧 PeravixGroup	2026-04-27 21:20:21 (1 month ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇨🇳 ThreatBook.io	2026-04-20 01:12:57 (1 month ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/180.95.238.248 2 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/180.95.238.248 2026-04-19 15:01:40 http://110.242.68.4/ show less	Web App Attack
🇺🇸 LSPCCU	2026-04-19 10:05:10 (1 month ago)	TSEC Honeypot Network report. Threat score: 60/100. Categories: Hacking. Honeypot: cowrie, ssh-telne ... show more TSEC Honeypot Network report. Threat score: 60/100. Categories: Hacking. Honeypot: cowrie, ssh-telnet. Context: 180. show less	Hacking

Showing 1 to 15 of 178 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 34.88.51.176

🇨🇿 212.20.115.90

🇨🇿 193.179.119.85

🇫🇷 173.249.52.138

🇨🇳 117.91.186.55

🇸🇬 103.250.11.116

🇧🇬 78.128.114.110

🇺🇸 66.228.53.162

🇺🇸 66.132.172.118

🇺🇸 18.218.32.182

🇺🇸 8.19.75.217

🇫🇮 147.185.133.131

🇰🇪 102.210.149.105

🇨🇿 89.102.11.113

🇺🇸 66.132.195.126

🇨🇳 61.143.227.17

🇲🇾 47.250.94.145

🇧🇯 41.79.219.161

🇺🇸 20.171.8.150

🇮🇳 223.178.86.143