124.106.16.142

Basic Info

City: unknown

Region: unknown

Country: Philippines

Internet Service Provider: City Government of Tacloban Leyte

Hostname: unknown

Organization: unknown

Usage Type: Government

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 124.106.16.142 on Port 445(SMB)	2019-08-30 19:51:43

Comments on same subnet:

IP	Type	Details	Datetime
124.106.16.139	attack	Unauthorised access (Dec 12) SRC=124.106.16.139 LEN=48 TOS=0x08 PREC=0x20 TTL=106 ID=13490 DF TCP DPT=1433 WINDOW=8192 SYN	2019-12-12 16:56:43

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.106.16.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38729
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.106.16.142.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050700 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue May 07 16:28:03 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 142.16.106.124.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 142.16.106.124.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
120.1.234.96	attackspam	Scanning random ports - tries to find possible vulnerable services	2019-08-05 17:28:04
103.219.141.38	attackbotsspam	[SMB remote code execution attempt: port tcp/445] [scan/connect: 2 time(s)] *(RWIN=1024)(08050931)	2019-08-05 17:31:29
196.2.14.137	attackbots	[portscan] tcp/23 [TELNET] *(RWIN=14600)(08050931)	2019-08-05 17:44:09
149.20.191.236	attackbots	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08050931)	2019-08-05 18:27:28
188.168.31.69	attackbotsspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08050931)	2019-08-05 18:04:00
185.243.14.250	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08050931)	2019-08-05 18:22:32
182.254.157.251	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08050931)	2019-08-05 17:21:28
12.8.83.167	attack	[portscan] tcp/23 [TELNET] *(RWIN=14600)(08050931)	2019-08-05 18:17:18
222.233.53.139	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08050931)	2019-08-05 18:18:08
36.73.76.183	attackbots	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08050931)	2019-08-05 18:14:58
35.205.202.174	attackspambots	[portscan] tcp/1433 [MsSQL] *(RWIN=65535)(08050931)	2019-08-05 18:39:27
114.39.128.54	attackspam	[portscan] tcp/23 [TELNET] *(RWIN=10041)(08050931)	2019-08-05 18:10:02
103.214.235.219	attackbots	[portscan] tcp/139 [NetBIOS Session Service] *(RWIN=1024)(08050931)	2019-08-05 17:55:53
50.202.44.35	attackbotsspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08050931)	2019-08-05 18:37:48
185.244.25.77	attackbotsspam	[portscan] tcp/23 [TELNET] *(RWIN=65535)(08050931)	2019-08-05 17:19:54

Recently Reported IPs

43.118.214.165	113.176.94.58	65.91.243.210	207.155.232.16
103.90.189.238	1.112.46.190	146.88.240.35	147.213.248.211
217.76.194.222	176.114.190.148	43.234.149.85	94.96.129.177
80.78.111.239	42.134.128.189	202.79.21.75	74.63.232.2
88.119.207.142	245.8.118.234	223.112.190.70	119.130.19.148