JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 27.18.249.138

27.18.249.138 was found in our database!

This IP was reported 56 times. Confidence of Abuse is 100%: ?

100%

ISP	CHINANET Hubei province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Wuhan, Hubei

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 27.18.249.138

Whois 27.18.249.138

IP Abuse Reports for 27.18.249.138:

This IP address has been reported a total of 56 times from 23 distinct sources. 27.18.249.138 was first reported on May 9th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-12 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇫🇷 security.rdmc.fr	2026-06-12 19:55:33 (1 day ago)	Port Scan Attack proto:TCP src:37914 dst:23	Port Scan
🇺🇸 Xarcotic	2026-06-12 13:38:05 (1 day ago)	SSH login on honeypot.	Brute-Force SSH
🇺🇸 MPL	2026-06-12 08:51:59 (1 day ago)	tcp/23 (2 or more attempts)	Port Scan
🇺🇸 RAP	2026-06-12 07:10:52 (2 days ago)	2026-06-12 07:10:52 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇬🇧 PeravixGroup	2026-06-12 00:50:34 (2 days ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇺🇸 RAP	2026-06-11 20:25:10 (2 days ago)	2026-06-11 20:25:10 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇺🇸 MPL	2026-06-11 17:25:19 (2 days ago)	tcp/23 (4 or more attempts)	Port Scan
🇫🇷 security.rdmc.fr	2026-06-10 19:14:14 (3 days ago)	Port Scan Attack proto:TCP src:42791 dst:23	Port Scan
🇬🇧 PeravixGroup	2026-06-10 16:54:59 (3 days ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇺🇸 RAP	2026-06-10 12:13:38 (3 days ago)	2026-06-10 12:13:38 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇯🇵 knock	2026-06-09 07:12:26 (5 days ago)	Knock-Knock honeypot brute-force: Telnet (48 total hits)	Brute-Force
🇬🇧 PeravixGroup	2026-06-08 19:57:38 (5 days ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇺🇸 MPL	2026-06-08 19:42:15 (5 days ago)	tcp/23 (4 or more attempts)	Port Scan
🇧🇾 sashan	2026-06-08 09:10:07 (5 days ago)	2026-06-08T12:09:51.288518+03:00 gate kernel: nftables: JAIL-TELNET IN=wan OUT= MAC= SRC=27.18.249.1 ... show more 2026-06-08T12:09:51.288518+03:00 gate kernel: nftables: JAIL-TELNET IN=wan OUT= MAC= SRC=27.18.249.138 DST=xxx.xxx.xxx.xxx LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=58486 DF PROTO=TCP SPT=37291 DPT=23 WINDOW=29040 RES=0x00 SYN URGP=0 ... show less	Port Scan

Showing 1 to 15 of 56 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇱 77.137.79.104

🇺🇸 35.130.111.146

🇩🇪 207.154.230.149

🇧🇷 200.39.46.41

🇺🇾 190.108.12.236

🇫🇷 185.177.72.67

🇸🇦 151.254.95.165

🇮🇳 128.185.116.114

🇨🇳 113.221.45.156

🇧🇩 103.165.187.131

🇫🇷 51.68.34.131

🇿🇦 41.160.123.34

🇺🇦 31.131.31.202

🇦🇷 186.19.22.83

🇨🇳 180.153.236.130

🇷🇺 176.49.134.153

🇹🇼 104.155.219.164

🇮🇳 103.95.165.212

🇺🇸 98.80.4.18

🇱🇹 81.30.98.158