JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 218.1.39.18

218.1.39.18 was found in our database!

This IP was reported 205 times. Confidence of Abuse is 43%: ?

43%

ISP	CHINANET Shanghai province network
Usage Type	Fixed Line ISP
ASN	AS4812
Domain Name	online.sh.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 218.1.39.18

Whois 218.1.39.18

IP Abuse Reports for 218.1.39.18:

This IP address has been reported a total of 205 times from 43 distinct sources. 218.1.39.18 was first reported on September 23rd 2024, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Luhte	2026-06-29 02:21:14 (15 hours ago)	Unsolicited TCP connection from 218.1.39.18 to port 0 at 2026-06-29T02:21:14Z. Source IP completed t ... show more Unsolicited TCP connection from 218.1.39.18 to port 0 at 2026-06-29T02:21:14Z. Source IP completed three-way handshake to non-public service on this host. Detected by automated intrusion monitoring. show less	Port Scan Hacking
🇺🇸 drewf.ink	2026-06-26 09:27:16 (3 days ago)	[09:27] Triggered SMB honeypot on port 445. Type: NetBIOS + SMB1. Dialect(s): LANMAN1.0, LM1.2X002, ... show more [09:27] Triggered SMB honeypot on port 445. Type: NetBIOS + SMB1. Dialect(s): LANMAN1.0, LM1.2X002, NT LANMAN 1.0, NT LM 0.12 show less	Hacking Exploited Host
🇦🇹 urnilxfgbez	2026-06-22 22:45:00 (6 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 knock	2026-06-07 03:23:53 (3 weeks ago)	Knock-Knock honeypot brute-force: SMB (4 total hits)	Brute-Force
🇩🇪 Honeypot-EU-Fru	2026-06-01 10:53:01 (4 weeks ago)	1780311180 - 06/01/2026 12:53:00 Host: 218.1.39.18/218.1.39.18 Port: 445 TCP Blocked ...	Port Scan
🇬🇧 PeravixGroup	2026-05-31 19:07:48 (4 weeks ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 Luhte	2026-05-29 01:56:46 (1 month ago)	Unsolicited TCP connection from 218.1.39.18 to port 0 at 2026-05-29T01:56:46Z. Source IP completed t ... show more Unsolicited TCP connection from 218.1.39.18 to port 0 at 2026-05-29T01:56:46Z. Source IP completed three-way handshake to non-public service on this host. Detected by automated intrusion monitoring. show less	Port Scan Hacking
🇬🇧 PeravixGroup	2026-05-28 09:43:41 (1 month ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-05-28 00:06:24 (1 month ago)	Unauthorized access (tcp/445/smb)	Port Scan
🇳🇱 EGP Abuse Dept	2026-05-27 04:17:57 (1 month ago)	Unsolicited connection to port 445	Port Scan Hacking
🇺🇸 drewf.ink	2026-05-20 23:09:11 (1 month ago)	[23:09] Triggered SMB honeypot on port 445. Type: NetBIOS + SMB1. Dialect(s): LANMAN1.0, LM1.2X002, ... show more [23:09] Triggered SMB honeypot on port 445. Type: NetBIOS + SMB1. Dialect(s): LANMAN1.0, LM1.2X002, NT LANMAN 1.0, NT LM 0.12 show less	Hacking Exploited Host
Anonymous	2026-05-18 08:48:50 (1 month ago)	Unauthorized access (tcp/445/smb)	Port Scan
🇫🇷 Coco Bongo	2026-05-17 09:27:18 (1 month ago)	1779010037 - 05/17/2026 11:27:17 Host: 218.1.39.18/218.1.39.18 Port: 445 TCP Blocked ...	Port Scan
🇺🇸 NetGuard	2026-05-14 20:20:34 (1 month ago)	#honeypot #netguard247 #dionaea #networkexploit Captured by NetGuard 24/7 T-Pot honeypot (netguard24 ... show more #honeypot #netguard247 #dionaea #networkexploit Captured by NetGuard 24/7 T-Pot honeypot (netguard24-7.com). Timestamp: 2026-05-14T20:20:34.489+00:00 Attacker IP: 218.1.39.18 \| Port: 445 \| Country: China Honeypot: dionaea \| Attack: network_exploit Source: NetGuard 24/7 (netguard24-7.com) \| PhantomGrid Defense show less	Hacking SQL Injection Web App Attack
🇬🇧 Birdo	2026-05-13 15:02:36 (1 month ago)	[Birdo SMB Honeypot] SMB unauthorized attempt	Exploited Host Brute-Force Port Scan Hacking

Showing 1 to 15 of 205 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 182.46.218.149

🇺🇸 2607:f8b0:4001:c5c::12d

🇫🇮 213.176.65.94

🇳🇱 193.176.31.216

🇵🇰 182.180.91.158

🇺🇸 162.216.150.245

🇩🇪 139.59.130.97

🇵🇹 85.240.193.104

🇨🇳 47.103.194.228

🇳🇱 45.148.10.147

🇺🇸 44.48.226.66

🇬🇧 37.10.113.216

🇺🇸 192.3.134.24

🇰🇭 110.235.246.64

🇵🇱 109.205.211.91

🇮🇹 95.245.40.4

🇭🇰 65.52.172.240

🇺🇸 65.49.1.176

🇩🇪 47.254.158.67

🇧🇷 45.169.200.254