JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 180.95.238.42

180.95.238.42 was found in our database!

This IP was reported 188 times. Confidence of Abuse is 28%: ?

28%

ISP	China Unicom Gansu province network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Lanzhou, Gansu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 180.95.238.42

Whois 180.95.238.42

IP Abuse Reports for 180.95.238.42:

This IP address has been reported a total of 188 times from 39 distinct sources. 180.95.238.42 was first reported on December 24th 2020, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-08 14:57:02 (4 days ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-06 16:29:39 (6 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇬🇧 PeravixGroup	2026-06-03 13:27:45 (1 week ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇨🇭 4server	2026-05-26 22:28:44 (2 weeks ago)	[WedMay2700:28:21.6264962026][security2:error][pid3987132:tid3987368][client180.95.238.42:0]ModSecur ... show more [WedMay2700:28:21.6264962026][security2:error][pid3987132:tid3987368][client180.95.238.42:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"4server.biz\"][uri\"/\"][unique_id\"ahYehSX00fsbjZPn78dC_QAAAMw\"] show less	Hacking Web App Attack
🇧🇾 StatsMe	2026-05-18 21:41:51 (3 weeks ago)	2026-05-18T05:57:58.907776+0300 ET SCAN NMAP -sS window 1024	Port Scan
🇦🇺 trentwiles.com	2026-04-24 10:10:55 (1 month ago)	Unauthorized connection attempt detected from IP address 180.95.238.42 to port 55055 [SYD]	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-23 14:15:42 (1 month ago)	Honeypot hit: Unauthorized traffic (243 bytes of payload); 46000 [1] TCP	Port Scan
🇫🇷 SpaceHost-Server	2026-04-22 22:30:58 (1 month ago)		Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-04-21 22:29:13 (1 month ago)		Brute-Force Web App Attack
Anonymous	2026-04-21 00:00:40 (1 month ago)	Fail2Ban triggered	Web App Attack
🇺🇸 xmission.com	2026-04-08 08:49:57 (2 months ago)	Blocked by UFW (TCP on 5454) Source port: 33955 TTL: 237 Packet length: 44 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 5454) Source port: 33955 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 180.95.238.42) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-06 00:25:36 (2 months ago)	Honeypot hit: Unauthorized traffic (243 bytes of payload); 7254 [1] TCP	Port Scan
🇯🇵 mkaraki	2026-03-27 08:12:49 (2 months ago)	1774599165 # Service_probe # SIGNATURE_SEND # source_ip:180.95.238.42 # dst_port:10022 ...	Port Scan
🇺🇸 MPL	2026-03-25 14:54:24 (2 months ago)	tcp/8886	Port Scan
Anonymous	2026-03-25 07:34:59 (2 months ago)	Brute force. Port: 5236	Brute-Force

Showing 1 to 15 of 188 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 182.125.11.227

🇭🇰 154.83.16.14

🇫🇷 84.46.251.169

🇨🇳 60.220.241.50

🇸🇬 45.82.78.105

🇮🇳 20.204.136.58

🇺🇸 20.163.14.140

🇵🇰 202.63.202.158

🇬🇧 195.96.139.129

🇹🇷 81.214.38.139

🇨🇳 58.213.107.138

🇺🇸 45.55.158.168

🇮🇶 185.166.25.150

🇭🇰 152.32.133.103

🇨🇳 122.242.9.65

🇩🇪 213.209.159.158

🇧🇷 187.87.112.32

🇨🇳 117.185.181.187

🇦🇺 81.21.233.16

🇭🇰 43.250.173.130