JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 175.30.48.104

175.30.48.104 was found in our database!

This IP was reported 325 times. Confidence of Abuse is 73%: ?

73%

ISP	CHANGCHUN-YIQITONGXIN
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	189.cn
Country	🇨🇳 China
City	Changchun, Jilin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 175.30.48.104

Whois 175.30.48.104

IP Abuse Reports for 175.30.48.104:

This IP address has been reported a total of 325 times from 97 distinct sources. 175.30.48.104 was first reported on February 7th 2024, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-06 16:09:48 (10 hours ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇹🇭 Sawasdee	2026-06-03 06:09:06 (3 days ago)	Port Scan ...	Port Scan
🇩🇪 femboy.cat	2026-05-29 15:04:32 (1 week ago)	Port scan to tcp/10000 from 175.30.48.104	Brute-Force
🇬🇧 PeravixGroup	2026-05-28 11:32:14 (1 week ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 Justin F. \| AS204464	2026-05-28 10:40:32 (1 week ago)	Honeypot [nx-infrastructure]: Large payload (1457 bytes); 10133 [1] TCP Reported by: Justin F.	Bad Web Bot
🇬🇧 PeravixGroup	2026-05-27 07:50:36 (1 week ago)	Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5986. Seve ... show more Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5986. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇫🇷 security.rdmc.fr	2026-05-26 15:10:48 (1 week ago)	IP in Malicious Database	Web App Attack
🇬🇧 PeravixGroup	2026-05-25 19:49:06 (1 week ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-05-25 18:20:19 (1 week ago)	2026-05-25T19:20:17.878937+01:00 vps kernel: [41473393.447422] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-05-25T19:20:17.878937+01:00 vps kernel: [41473393.447422] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=175.30.48.104 DST=54.37.14.118 LEN=44 TOS=0x00 PREC=0x00 TTL=232 ID=38876 PROTO=TCP SPT=25764 DPT=50996 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇬🇧 PeravixGroup	2026-05-22 11:05:52 (2 weeks ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-21 14:05:56 (2 weeks ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-21 03:28:22 (2 weeks ago)	Honeypot hit: Large payload (1457 bytes); 8460 [1], 8305 [1] TCP	Hacking
🇨🇳 ThreatBook.io	2026-05-19 00:48:13 (2 weeks ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/175.30.48.104 2026-05- ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/175.30.48.104 2026-05-18 04:35:02 / show less	Web App Attack
🇩🇪 femboy.cat	2026-05-17 01:46:04 (3 weeks ago)	Port scan to tcp/20084 from 175.30.48.104	Brute-Force
🇺🇸 MPL	2026-05-16 21:49:26 (3 weeks ago)	tcp/8025	Port Scan

Showing 1 to 15 of 325 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.252

🇧🇷 205.210.31.202

🇭🇰 203.83.11.210

🇿🇼 197.221.232.44

🇷🇴 193.29.13.64

🇺🇸 192.3.64.210

🇺🇸 162.216.150.126

🇺🇸 130.131.220.95

🇨🇳 124.70.28.114

🇩🇪 116.203.138.135

🇳🇱 89.21.67.152

🇳🇱 81.19.216.87

🇺🇸 65.49.20.109

🇩🇪 54.37.74.179

🇳🇱 192.253.248.169

🇮🇩 180.243.254.154

🇺🇸 162.216.150.228

🇨🇳 125.94.59.210

🇩🇪 79.196.131.94

🇺🇸 65.49.1.226