JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 175.30.48.198

175.30.48.198 was found in our database!

This IP was reported 274 times. Confidence of Abuse is 69%: ?

69%

ISP	CHANGCHUN-YIQITONGXIN
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	189.cn
Country	🇨🇳 China
City	Changchun, Jilin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 175.30.48.198

Whois 175.30.48.198

IP Abuse Reports for 175.30.48.198:

This IP address has been reported a total of 274 times from 89 distinct sources. 175.30.48.198 was first reported on February 8th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-05 01:05:44 (3 days ago)	tcp/7547 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-06-01 20:37:25 (6 days ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇫🇷 security.rdmc.fr	2026-06-01 20:09:24 (6 days ago)	IP in Malicious Database	Web App Attack
🇩🇪 femboy.cat	2026-05-31 22:41:24 (1 week ago)	Port scan to tcp/9092 from 175.30.48.198	Brute-Force
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-30 17:48:27 (1 week ago)	Honeypot hit: Unauthorized traffic (76 bytes of payload); 50000 [1] TCP	Port Scan
🇺🇸 xmission.com	2026-05-30 06:28:13 (1 week ago)	Blocked by UFW (TCP on 10221) Source port: 14852 TTL: 237 Packet length: 44 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 10221) Source port: 14852 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 175.30.48.198) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-29 20:19:56 (1 week ago)	Honeypot hit: Empty payload (likely service probe); 5038 [1] TCP	Port Scan
🇧🇷 ICS Labs	2026-05-28 19:38:18 (1 week ago)	ICS Labs identified 175.30.48.198 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-28 18:36:04 (1 week ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-05-27 10:50:09 (1 week ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 gbzret4d	2026-05-25 00:45:35 (2 weeks ago)	Honeypot [uk-production01]: Unauthorized traffic (16 bytes of payload); 1521 [1] TCP	Port Scan
🇦🇺 LiftUp Hosting	2026-05-24 02:51:58 (2 weeks ago)	Honeypot hit: Empty payload (likely service probe); 9711 [1] TCP	Port Scan
🇮🇹 MenaBelino	2026-05-22 12:26:28 (2 weeks ago)	175.30.48.198 - - [22/May/2026:12:26:28 +0000] "JDWP-Handshake\x00\x00\x00\x0B\x00\x00\x00\x01\x00\x ... show more 175.30.48.198 - - [22/May/2026:12:26:28 +0000] "JDWP-Handshake\x00\x00\x00\x0B\x00\x00\x00\x01\x00\x01\x01" 400 150 "-" "-" ... show less	Hacking Port Scan
🇬🇧 PeravixGroup	2026-05-22 09:52:07 (2 weeks ago)	Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5986. Seve ... show more Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5986. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-20 17:28:20 (2 weeks ago)	Honeypot hit: HTTP/1.1 request on 6480 GET / Accept: /; 6480 [1] TCP	Web App Attack

Showing 1 to 15 of 274 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇴 182.93.50.90

🇳🇱 172.235.181.217

🇺🇸 172.173.200.62

🇨🇳 121.40.84.38

🇻🇳 113.171.180.97

🇺🇸 66.132.224.85

🇺🇸 66.132.195.112

🇭🇰 47.83.209.53

🇨🇱 34.176.167.206

🇺🇸 34.74.254.46

🇨🇳 222.176.201.98

🇨🇴 186.84.88.235

🇫🇷 172.234.162.56

🇺🇸 172.212.180.108

🇨🇳 116.171.162.109

🇰🇷 47.80.58.107

🇪🇬 41.46.110.144

🇺🇸 20.169.104.255

🇮🇳 14.102.72.182

🇵🇰 14.1.106.91