JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 175.30.48.238

175.30.48.238 was found in our database!

This IP was reported 300 times. Confidence of Abuse is 52%: ?

52%

ISP	CHANGCHUN-YIQITONGXIN
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	189.cn
Country	🇨🇳 China
City	Changchun, Jilin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 175.30.48.238

Whois 175.30.48.238

IP Abuse Reports for 175.30.48.238:

This IP address has been reported a total of 300 times from 100 distinct sources. 175.30.48.238 was first reported on February 8th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-05 08:22:20 (3 days ago)	tcp/2221 (2 or more attempts)	Port Scan
🇳🇱 BIV	2026-06-03 08:26:51 (5 days ago)	Honeypot multi-source hit. Sources: tpot:Honeytrap,tpot:P0f,tpot:Suricata. Ports: 12370. Automated t ... show more Honeypot multi-source hit. Sources: tpot:Honeytrap,tpot:P0f,tpot:Suricata. Ports: 12370. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Brute-Force SSH
🇬🇧 PeravixGroup	2026-06-03 06:00:46 (5 days ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-01 04:49:06 (1 week ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 femboy.cat	2026-05-31 22:15:57 (1 week ago)	Port scan to tcp/12391 from 175.30.48.238	Brute-Force
🇬🇧 PeravixGroup	2026-05-30 10:18:28 (1 week ago)	Honeypot detection: LDAP injection / directory service abuse attempt on port 9042. Severity: MEDIUM. ... show more Honeypot detection: LDAP injection / directory service abuse attempt on port 9042. Severity: MEDIUM. Aaran.cloud show less	Web App Attack
🇺🇸 xmission.com	2026-05-29 04:20:46 (1 week ago)	Blocked by UFW (TCP on 10000) Source port: 16931 TTL: 237 Packet length: 44 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 10000) Source port: 16931 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 175.30.48.238) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-05-28 08:45:20 (1 week ago)	tcp/8885	Port Scan
🇬🇧 PeravixGroup	2026-05-27 21:04:23 (1 week ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇬🇧 PeravixGroup	2026-05-21 19:49:27 (2 weeks ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-21 07:00:59 (2 weeks ago)	Honeypot hit: Empty payload (likely service probe); 9159 [1] TCP	Port Scan
🇬🇧 gbzret4d	2026-05-21 04:29:34 (2 weeks ago)	Honeypot [uk-production01]: HTTP/1.1 request on 6581 GET / Accept: /; 6581 [1] TCP	Hacking Bad Web Bot
🇮🇳 Mr.Singh	2026-05-21 03:30:17 (2 weeks ago)	NFT blocked 175.30.48.238 on 21-May-2026..	Port Scan Brute-Force
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-20 11:01:05 (2 weeks ago)	Honeypot hit: Large payload (1388 bytes); 5049 [1] TCP	Hacking
🇺🇸 MPL	2026-05-16 09:33:38 (3 weeks ago)	tcp/3000	Port Scan

Showing 1 to 15 of 300 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 2a02:4780:6:1509:0:1bf6:3f1f:1

🇺🇸 207.90.244.20

🇨🇳 183.66.149.42

🇨🇳 153.0.49.33

🇨🇳 120.78.121.127

🇭🇰 118.26.39.178

🇨🇳 111.35.36.48

🇳🇵 110.34.30.122

🇱🇹 62.60.130.14

🇱🇹 45.227.254.170

🇺🇸 2607:f8b0:4004:c1d::12c

🇸🇬 156.67.222.91

🇨🇳 125.124.127.97

🇨🇳 122.234.109.167

🇮🇹 95.240.192.149

🇩🇪 94.159.110.201

🇷🇴 92.118.39.236

🇺🇸 35.236.206.194

🇷🇴 2.57.121.112

🇩🇪 217.253.123.44