JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 180.95.238.53

180.95.238.53 was found in our database!

This IP was reported 223 times. Confidence of Abuse is 32%: ?

32%

ISP	China Unicom Gansu province network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Lanzhou, Gansu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 180.95.238.53

Whois 180.95.238.53

IP Abuse Reports for 180.95.238.53:

This IP address has been reported a total of 223 times from 48 distinct sources. 180.95.238.53 was first reported on April 15th 2021, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-18 03:24:50 (4 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇷🇸 Scan	2026-06-10 03:06:31 (1 week ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇬🇧 PeravixGroup	2026-06-07 23:43:04 (2 weeks ago)	Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aar ... show more Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aaran.cloud show less	Brute-Force
🇦🇺 LiftUp Hosting	2026-06-04 02:04:38 (2 weeks ago)	Honeypot hit: HTTP/1.1 request on 8800 GET / Accept: /; 8800 [1] TCP	Hacking Bad Web Bot
🇬🇧 PeravixGroup	2026-05-29 16:26:34 (3 weeks ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇺🇸 xmission.com	2026-05-23 11:24:47 (4 weeks ago)	Blocked by UFW (TCP on 6580) Source port: 21704 TTL: 237 Packet length: 44 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 6580) Source port: 21704 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 180.95.238.53) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-05-22 17:18:42 (4 weeks ago)	tcp/3388	Port Scan
🇩🇪 dispaisyenterprises	2026-05-05 14:45:45 (1 month ago)	Honeypot [fra-de-honeypot]: Unauthorized traffic (243 bytes of payload); 1201 [1] TCP Reported by Di ... show more Honeypot [fra-de-honeypot]: Unauthorized traffic (243 bytes of payload); 1201 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-26 17:22:39 (1 month ago)	Honeypot hit: Unauthorized traffic (16 bytes of payload); 7878 [1] TCP	Port Scan
🇦🇺 trentwiles.com	2026-04-25 13:54:34 (1 month ago)	Unauthorized connection attempt detected from IP address 180.95.238.53 to port 7026 [SYD]	Port Scan
🇺🇸 MPL	2026-04-25 06:28:19 (1 month ago)	tcp/38978 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-04-23 04:58:46 (1 month ago)	HoneyPot hit - Aaran.cloud \| Rdp Brute Force \| credential attack	Brute-Force
🇺🇸 LSPCCU	2026-04-20 22:33:54 (2 months ago)	TSEC Honeypot Network report. Threat score: 65/100. Categories: DDoS Attack, Port Scan, Hacking, Bru ... show more TSEC Honeypot Network report. Threat score: 65/100. Categories: DDoS Attack, Port Scan, Hacking, Brute-Force, Web App Attack, SSH, IoT Targeted. Honeypot: cowrie, ssh-telnet. Context: 180. show less	DDoS Attack Port Scan Hacking Brute-Force Web App Attack SSH IoT Targeted
🇩🇪 dispaisyenterprises	2026-04-13 17:21:40 (2 months ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 12178 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 12178 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
Anonymous	2026-04-11 09:26:42 (2 months ago)	Drop from IP address 180.95.238.53 to tcp-port 8893	Port Scan

Showing 1 to 15 of 223 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 45.3.41.128

🇬🇧 135.136.23.208

🇺🇸 104.207.35.97

🇺🇸 91.230.168.215

🇫🇷 85.217.140.51

🇫🇷 51.68.111.205

🇳🇱 45.148.10.147

🇩🇪 213.209.159.238

🇹🇭 203.154.158.195

🇨🇱 190.20.60.90

🇺🇸 45.56.111.60

🇩🇪 209.101.14.65

🇩🇪 209.50.190.46

🇮🇩 203.175.125.194

🇻🇪 200.93.121.88

🇹🇼 198.235.24.105

🇧🇴 190.129.122.185

🇭🇰 101.36.111.119

🇺🇦 91.207.245.155

🇧🇾 81.30.98.142