1.1.248.194 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.1.248.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11445
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.1.248.194.			IN	A

;; AUTHORITY SECTION:
.			502	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022401 1800 900 604800 86400

;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 11:21:41 CST 2022
;; MSG SIZE  rcvd: 104

Host info

194.248.1.1.in-addr.arpa domain name pointer node-nuq.pool-1-1.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
194.248.1.1.in-addr.arpa	name = node-nuq.pool-1-1.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
151.80.144.39	attackbots	$f2bV_matches	2020-02-01 15:47:42
178.170.156.40	attack	Unauthorized connection attempt detected from IP address 178.170.156.40 to port 8080	2020-02-01 15:46:22
35.180.243.229	attackbots	[SatFeb0105:55:03.4634772020][:error][pid21558:tid47092718393088][client35.180.243.229:59454][client35.180.243.229]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)"atREQUEST_FILENAME.[file"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf"][line"211"][id"390709"][rev"30"][msg"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely"][data"/.env"][severity"CRITICAL"][hostname"fit-easy.com"][uri"/.env"][unique_id"XjUEp1lw@ITNBo5tuwhVOgAAAVI"][SatFeb0105:55:04.1422642020][:error][pid21463:tid47092612081408][client35.180.243.229:60096][client35.180.243.229]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf	2020-02-01 15:34:51
49.235.192.88	attackbots	Unauthorized connection attempt detected from IP address 49.235.192.88 to port 2220 [J]	2020-02-01 15:58:05
104.245.35.122	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/104.245.35.122/ US - 1H : (22) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN6364 IP : 104.245.35.122 CIDR : 104.245.34.0/23 PREFIX COUNT : 55 UNIQUE IP COUNT : 60928 ATTACKS DETECTED ASN6364 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2020-02-01 05:54:51 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2020-02-01 15:52:47
162.243.131.51	attackbotsspam	Port Scan detected from 162.243.131.51 (US/United States/zg-0131a-398.stretchoid.com). 4 hits in the last 175 seconds	2020-02-01 15:43:47
73.203.102.132	attackspam	Unauthorized connection attempt detected from IP address 73.203.102.132 to port 2220 [J]	2020-02-01 16:03:31
134.209.39.98	attackbots	134.209.39.98 - - \[01/Feb/2020:05:55:09 +0100\] "POST /wp-login.php HTTP/1.0" 200 6673 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 134.209.39.98 - - \[01/Feb/2020:05:55:15 +0100\] "POST /wp-login.php HTTP/1.0" 200 6673 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 134.209.39.98 - - \[01/Feb/2020:05:55:21 +0100\] "POST /wp-login.php HTTP/1.0" 200 6671 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-02-01 15:24:14
160.238.240.192	attack	Unauthorized connection attempt detected from IP address 160.238.240.192 to port 445	2020-02-01 15:28:50
5.89.10.81	attackbotsspam	Feb 1 07:51:44 legacy sshd[7510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.89.10.81 Feb 1 07:51:46 legacy sshd[7510]: Failed password for invalid user fabian from 5.89.10.81 port 52472 ssh2 Feb 1 07:55:12 legacy sshd[7672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.89.10.81 ...	2020-02-01 15:21:24
109.163.193.66	attack	20/1/31@23:55:07: FAIL: Alarm-Network address from=109.163.193.66 ...	2020-02-01 15:38:49
13.126.21.79	attackbots	GET /.env HTTP/1.1 302 - curl/7.47.0	2020-02-01 16:05:50
27.72.151.193	attackspam	$f2bV_matches	2020-02-01 15:54:05
54.193.123.170	attack	Unauthorized connection attempt detected from IP address 54.193.123.170 to port 80 [J]	2020-02-01 16:07:02
149.202.4.243	attackspambots	Unauthorized connection attempt detected from IP address 149.202.4.243 to port 2220 [J]	2020-02-01 16:03:57

Recently Reported IPs

1.1.248.152	1.1.248.124	1.1.248.164	1.54.230.99
1.1.248.199	1.1.248.214	1.1.248.20	1.1.248.206
1.1.248.221	1.1.248.231	1.1.248.222	1.1.248.233
1.1.248.252	1.1.248.26	110.20.112.30	1.1.248.251
1.1.248.3	1.1.248.44	1.1.248.69	1.1.248.77