JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 118.145.243.156

118.145.243.156 was found in our database!

This IP was reported 251 times. Confidence of Abuse is 100%: ?

100%

ISP	Beijing Volcano Engine Technology Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137718
Domain Name	bytedance.com
Country	🇨🇳 China
City	Shenzhen, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 118.145.243.156

Whois 118.145.243.156

IP Abuse Reports for 118.145.243.156:

This IP address has been reported a total of 251 times from 173 distinct sources. 118.145.243.156 was first reported on April 21st 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 ICS Labs	2026-06-10 17:33:57 (3 days ago)	ICS Labs identified 118.145.243.156 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Brute-Force Exploited Host
🇧🇪 Saec	2026-05-22 00:06:18 (3 weeks ago)	Jarvis auto-ban: blocklist:et-compromised	Port Scan Web App Attack
🇦🇹 urnilxfgbez	2026-05-08 22:45:00 (1 month ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇬🇧 PeravixGroup	2026-05-08 13:24:24 (1 month ago)	Honeypot detection: SSH brute-force authentication attempt on port 22. Severity: MEDIUM. Aaran.cloud	SSH Brute-Force
🇧🇬 OHOST.BG	2026-05-08 10:36:25 (1 month ago)	2026-05-08T13:36:14.456307+03:00 irc sshd[721687]: Failed password for root from 118.145.243.156 por ... show more 2026-05-08T13:36:14.456307+03:00 irc sshd[721687]: Failed password for root from 118.145.243.156 port 49582 ssh2 2026-05-08T13:36:17.946204+03:00 irc sshd[721693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.145.243.156 user=root 2026-05-08T13:36:19.340042+03:00 irc sshd[721693]: Failed password for root from 118.145.243.156 port 59704 ssh2 2026-05-08T13:36:22.366962+03:00 irc sshd[721699]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.145.243.156 user=root 2026-05-08T13:36:24.780247+03:00 irc sshd[721699]: Failed password for root from 118.145.243.156 port 59714 ssh2 ... show less	Brute-Force SSH
🇹🇭 Sawasdee	2026-05-08 10:03:05 (1 month ago)	SSH break in attempt ...	SSH
🇩🇪 AS213449.net	2026-05-08 09:19:11 (1 month ago)	05/08/2026-11:19:07.643297 src=118.145.243.156 dst=89.144.63.226:22 proto=6 msg=ET SCAN Potential SS ... show more 05/08/2026-11:19:07.643297 src=118.145.243.156 dst=89.144.63.226:22 proto=6 msg=ET SCAN Potential SSH Scan show less	Brute-Force SSH
Anonymous	2026-05-08 06:55:36 (1 month ago)	118.145.243.156 (CN/China/-), 7 distributed sshd attacks on account [REDACTED] in the last 3600 secs ... show more 118.145.243.156 (CN/China/-), 7 distributed sshd attacks on account [REDACTED] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: May 8 06:55:20 sshd[2270311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.145.243.156 user=[USERNAME show less	DDoS Attack
🇵🇱 mkey	2026-05-08 06:30:03 (1 month ago)	Verified scan activity detected by local IDS/firewall correlation. SCAN: HIGHRISK_SINGLEPORT \| PORTS ... show more Verified scan activity detected by local IDS/firewall correlation. SCAN: HIGHRISK_SINGLEPORT \| PORTS=22 \| HITS=2 \| IPSET=ADD \| FIRST=2026-05-08 08:25:14 \| LAST=2026-05-08 08:25:15. Last seen 2026-05-08 08:25:15. show less	Port Scan
🇫🇷 LRNP	2026-05-08 02:34:01 (1 month ago)	2026-05-08T02:33:57.390192+00:00 helium sshd-session[118835]: Connection closed by authenticating us ... show more 2026-05-08T02:33:57.390192+00:00 helium sshd-session[118835]: Connection closed by authenticating user root 118.145.243.156 port 44136 [preauth] 2026-05-08T02:33:59.530014+00:00 helium sshd-session[118839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.145.243.156 user=root 2026-05-08T02:34:00.979479+00:00 helium sshd-session[118839]: Failed password for root from 118.145.243.156 port 55286 ssh2 ... show less	Brute-Force SSH
🇷🇸 Scan	2026-05-08 01:16:11 (1 month ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇩🇪 pigro	2026-05-07 22:34:50 (1 month ago)	May 8 00:34:48 vps-07b0f6cf sshd[3110685]: User root from 118.145.243.156 not allowed because not l ... show more May 8 00:34:48 vps-07b0f6cf sshd[3110685]: User root from 118.145.243.156 not allowed because not listed in AllowUsers May 8 00:34:50 vps-07b0f6cf sshd[3110687]: User root from 118.145.243.156 not allowed because not listed in AllowUsers ... show less	Brute-Force SSH
🇨🇳 ThreatBook.io	2026-05-07 22:29:57 (1 month ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/118.145.243.156	SSH
🇱🇹 Selckie	2026-05-07 20:29:39 (1 month ago)	fail2ban: SSH Brute-Force	SSH Brute-Force
🇨🇦 dpinse	2026-05-07 19:36:36 (1 month ago)	Honeypot [honeypot-ca-sensor1]: Brute-force attack detected on 22/SSH • Credentials: root:ubuntu, ro ... show more Honeypot [honeypot-ca-sensor1]: Brute-force attack detected on 22/SSH • Credentials: root:ubuntu, root:nginx, root:mysql • Number of login attempts: 3 • Client: SSH-2.0-Go show less	Brute-Force SSH

Showing 1 to 15 of 251 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.26

🇧🇷 191.235.101.61

🇻🇳 171.231.193.186

🇺🇸 166.88.178.207

🇸🇬 152.42.227.173

🇫🇷 2a02:c207:2276:1600::1

🇨🇳 222.86.118.35

🇺🇸 216.26.224.50

🇩🇪 213.209.159.238

🇹🇼 198.235.24.17

🇬🇧 195.140.214.25

🇬🇧 193.163.125.110

🇮🇪 108.130.184.228

🇨🇦 85.217.149.73

🇨🇱 68.211.177.55

🇸🇬 47.84.102.158

🇬🇧 35.203.210.185

🇰🇷 220.82.247.216

🇨🇭 209.99.191.19

🇳🇱 151.243.177.120