1.0.248.42 - IPInfo

Basic Info

City: Pattani

Region: Pattani

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.0.248.246	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/1.0.248.246/ TH - 1H : (218) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TH NAME ASN : ASN23969 IP : 1.0.248.246 CIDR : 1.0.248.0/21 PREFIX COUNT : 1783 UNIQUE IP COUNT : 1183744 WYKRYTE ATAKI Z ASN23969 : 1H - 2 3H - 10 6H - 15 12H - 23 24H - 47 DateTime : 2019-10-02 23:25:10 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-03 08:41:26

Type

Details

Datetime

1.0.248.246

attackbots

IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/1.0.248.246/ 
 TH - 1H : (218)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : TH 
 NAME ASN : ASN23969 
 
 IP : 1.0.248.246 
 
 CIDR : 1.0.248.0/21 
 
 PREFIX COUNT : 1783 
 
 UNIQUE IP COUNT : 1183744 
 
 
 WYKRYTE ATAKI Z ASN23969 :  
  1H - 2 
  3H - 10 
  6H - 15 
 12H - 23 
 24H - 47 
 
 DateTime : 2019-10-02 23:25:10 
 
 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN  - data recovery

2019-10-03 08:41:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.0.248.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23182
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.0.248.42.			IN	A

;; AUTHORITY SECTION:
.			192	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022302 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 24 08:23:16 CST 2022
;; MSG SIZE  rcvd: 103

Host info

42.248.0.1.in-addr.arpa domain name pointer node-nqi.pool-1-0.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.248.0.1.in-addr.arpa	name = node-nqi.pool-1-0.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.190.14	attackbotsspam	Jul 31 12:22:26 rush sshd[9509]: Failed password for root from 222.186.190.14 port 28471 ssh2 Jul 31 12:22:48 rush sshd[9513]: Failed password for root from 222.186.190.14 port 14087 ssh2 Jul 31 12:22:55 rush sshd[9513]: Failed password for root from 222.186.190.14 port 14087 ssh2 ...	2020-07-31 21:09:50
177.102.180.49	attack	Automatic report - Port Scan Attack	2020-07-31 20:54:20
216.250.42.253	attackspambots	firewall-block, port(s): 8080/tcp	2020-07-31 21:13:55
151.80.168.236	attackbots	Jul 31 13:04:25 ajax sshd[9849]: Failed password for root from 151.80.168.236 port 33852 ssh2	2020-07-31 20:38:46
134.175.236.187	attackbots	Jul 31 14:06:54 roki sshd[26792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.236.187 user=root Jul 31 14:06:55 roki sshd[26792]: Failed password for root from 134.175.236.187 port 58549 ssh2 Jul 31 14:09:34 roki sshd[27013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.236.187 user=root Jul 31 14:09:36 roki sshd[27013]: Failed password for root from 134.175.236.187 port 24888 ssh2 Jul 31 14:10:57 roki sshd[27104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.236.187 user=root ...	2020-07-31 20:49:05
216.180.152.178	attack	Email rejected due to spam filtering	2020-07-31 21:08:15
212.70.149.67	attackspambots	Jul 31 12:46:33 s1 postfix/smtps/smtpd[1803]: warning: unknown[212.70.149.67]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 31 12:48:20 s1 postfix/smtps/smtpd[1803]: warning: unknown[212.70.149.67]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 31 12:50:07 s1 postfix/smtps/smtpd[1803]: warning: unknown[212.70.149.67]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-07-31 20:53:12
58.87.78.55	attack	Jul 31 15:07:32 master sshd[3407]: Failed password for root from 58.87.78.55 port 46896 ssh2 Jul 31 15:20:34 master sshd[3614]: Failed password for root from 58.87.78.55 port 55906 ssh2 Jul 31 15:26:41 master sshd[3646]: Failed password for root from 58.87.78.55 port 59394 ssh2 Jul 31 15:32:32 master sshd[4057]: Failed password for root from 58.87.78.55 port 34650 ssh2 Jul 31 15:38:20 master sshd[4088]: Failed password for root from 58.87.78.55 port 38138 ssh2 Jul 31 15:44:08 master sshd[4192]: Failed password for root from 58.87.78.55 port 41626 ssh2 Jul 31 15:50:01 master sshd[4227]: Failed password for root from 58.87.78.55 port 45114 ssh2 Jul 31 15:55:54 master sshd[4310]: Failed password for root from 58.87.78.55 port 48608 ssh2	2020-07-31 21:20:25
103.129.223.126	attackspam	103.129.223.126 - - \[31/Jul/2020:14:26:01 +0200\] "POST /wp-login.php HTTP/1.0" 200 5615 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 103.129.223.126 - - \[31/Jul/2020:14:26:06 +0200\] "POST /wp-login.php HTTP/1.0" 200 5428 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 103.129.223.126 - - \[31/Jul/2020:14:26:11 +0200\] "POST /wp-login.php HTTP/1.0" 200 5428 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-07-31 21:05:37
54.37.44.95	attackspam	Jul 31 15:06:12 hosting sshd[14047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip95.ip-54-37-44.eu user=root Jul 31 15:06:13 hosting sshd[14047]: Failed password for root from 54.37.44.95 port 60790 ssh2 Jul 31 15:08:55 hosting sshd[14275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip95.ip-54-37-44.eu user=root Jul 31 15:08:57 hosting sshd[14275]: Failed password for root from 54.37.44.95 port 49962 ssh2 Jul 31 15:10:58 hosting sshd[14615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip95.ip-54-37-44.eu user=root Jul 31 15:11:00 hosting sshd[14615]: Failed password for root from 54.37.44.95 port 38740 ssh2 ...	2020-07-31 20:48:20
134.175.16.32	attack	Jul 31 14:53:28 buvik sshd[25957]: Failed password for root from 134.175.16.32 port 57900 ssh2 Jul 31 14:59:34 buvik sshd[26682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.16.32 user=root Jul 31 14:59:37 buvik sshd[26682]: Failed password for root from 134.175.16.32 port 37050 ssh2 ...	2020-07-31 21:16:39
89.248.168.112	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 21 proto: tcp cat: Misc Attackbytes: 60	2020-07-31 21:15:28
183.136.134.133	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 183.136.134.133 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-31 16:40:56 login authenticator failed for (ADMIN) [183.136.134.133]: 535 Incorrect authentication data (set_id=newsletter@abidarya.ir)	2020-07-31 20:48:50
45.129.33.14	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 2685 proto: tcp cat: Misc Attackbytes: 60	2020-07-31 21:18:21
128.199.134.165	attackspam	Port scan: Attack repeated for 24 hours	2020-07-31 20:53:53

Recently Reported IPs

1.0.248.39	1.0.248.48	1.0.248.5	1.0.248.8
1.0.248.88	1.0.249.10	1.0.249.106	1.0.249.113
1.0.249.120	1.0.249.123	1.0.249.13	1.0.249.14
1.0.249.141	1.0.249.159	1.0.249.170	1.0.249.182
1.0.249.191	1.0.249.201	10.85.232.62	1.0.253.228