JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 124.43.18.236

124.43.18.236 was found in our database!

This IP was reported 170 times. Confidence of Abuse is 100%: ?

100%

ISP	Internet Service Provider in Sri Lanka.
Usage Type	Fixed Line ISP
ASN	AS9329
Domain Name	sltnet.lk
Country	🇱🇰 Sri Lanka
City	Colombo, Western Province

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 124.43.18.236

Whois 124.43.18.236

IP Abuse Reports for 124.43.18.236:

This IP address has been reported a total of 170 times from 71 distinct sources. 124.43.18.236 was first reported on September 10th 2024, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-05 18:09:48 (8 hours ago)	2026-06-05T19:09:47.827410+01:00 vps kernel: [42423152.832957] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-06-05T19:09:47.827410+01:00 vps kernel: [42423152.832957] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=124.43.18.236 DST=54.37.14.118 LEN=40 TOS=0x00 PREC=0x00 TTL=236 ID=47150 PROTO=TCP SPT=59633 DPT=389 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇩🇪 genokrad	2026-06-04 20:22:38 (1 day ago)	Unauthorized connection attempt on TCP/389 (LDAP)	Port Scan
🇩🇪 zupan	2026-06-04 12:39:42 (1 day ago)	Blocked by UFW on vps [389/tcp] \| SPT: 23897 \| TTL: 238 \| LEN: 40 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on vps [389/tcp] \| SPT: 23897 \| TTL: 238 \| LEN: 40 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 Cyber Crusader	2026-06-04 08:12:00 (1 day ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇺🇸 micropedro	2026-06-03 17:30:16 (2 days ago)	3 incidents: malicious activity. First: 2026-05-27 12:30, Last: 2026-06-03 13:30 UTC. Triggers: ufw- ... show more 3 incidents: malicious activity. First: 2026-05-27 12:30, Last: 2026-06-03 13:30 UTC. Triggers: ufw-repeater. show less	Port Scan
🇧🇾 StatsMe	2026-06-02 21:44:02 (3 days ago)	2026-06-02T02:29:10.679681+0300 ET SCAN NMAP -sS window 1024	Port Scan
🇳🇱 BIV	2026-06-02 16:42:27 (3 days ago)	Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 389. Automated tiered ... show more Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 389. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking
🇩🇪 ValtonTahiri	2026-06-02 13:39:59 (3 days ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=124.43.18.236; proto=TCP; source_port=52733; target_port=389; flags=SYN show less	Port Scan
🇳🇱 StopAbuse	2026-05-31 07:25:58 (5 days ago)	tcp/389	Port Scan
🇷🇴 abuse_IP_reporter	2026-05-29 15:45:03 (1 week ago)	May 29 18:29:32 server UFW BLOCK SRC=124.43.18.236 PROTO=TCP SPT=40580 DPT=389	Port Scan
🇦🇩 bakunin1848	2026-05-29 14:16:04 (1 week ago)	Firewall IPS Detection on 29-05-2026 at 16:16:04	Port Scan Exploited Host
🇫🇷 security.rdmc.fr	2026-05-28 22:33:36 (1 week ago)	Port Scan Attack proto:TCP src:18284 dst:389	Port Scan
Anonymous	2026-05-28 10:43:28 (1 week ago)	Try to connect to Port_Scan_389_stealth	Port Scan
🇧🇷 ICS Labs	2026-05-27 19:03:27 (1 week ago)	ICS Labs identified 124.43.18.236 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Exploited Host
Anonymous	2026-05-24 15:57:48 (1 week ago)	Drop from IP address 124.43.18.236 to tcp-port 389	Port Scan

Showing 1 to 15 of 170 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 221.161.235.168

🇳🇱 195.178.110.30

🇧🇷 187.103.249.120

🇹🇷 159.253.36.50

🇮🇩 103.164.57.37

🇮🇩 103.151.140.79

🇵🇰 103.72.3.183

🇺🇸 47.251.46.185

🇩🇴 38.188.21.54

🇷🇺 38.60.218.221

🇳🇱 34.91.248.132

🇻🇳 27.79.46.13

🇺🇸 17.132.64.8

🇻🇳 14.248.82.58

🇩🇪 213.209.159.227

🇺🇸 195.184.76.233

🇸🇬 194.233.89.40

🇳🇱 176.65.148.199

🇭🇰 165.154.225.20

🇮🇳 157.48.88.128