Unidentified IP

It’s so easy to open apps just moving the L5. I did and it opened WhatIP and it showed me the ''Unknown" see image below.

I guess not - insert image icon gone.

Anyway, it says:


It’s a UK Ip.

Further to that, Modem GUI shows:

Connected devics
Host Name: 4c:e1:73:4f:18:a2
Connection: Unknown
Configuation: DCHP
MAC Address: redacted

I have unplugged cables to modem (faster, safer) in a process of elimination. It’s nothing I seem to have.

Are these unknowns related to the L5?

I’m very good at keeping Stalkers out of these desktops.

1 Like

Were you connected to WiFi at the time? (Or the mobile carrier’s network, instead?)

If you install the whois command line application (sudo apt install whois), you can then run the following command (replace with the actual IP address):


to find out who owns the IP address.

1 Like

I already gave the IP location. Whois, DSLr, don’t give the name.

1 Like

Right. And the whois command tells me that it belongs to the UK Ministry of Defense.

inetnum: -
netname:        UK-MOD-19850128
country:        GB
org:            ORG-DMoD1-RIPE
admin-c:        MN1891-RIPE
tech-c:         MN1891-RIPE
status:         LEGACY
mnt-by:         UK-MOD-MNT
mnt-domains:    UK-MOD-MNT
mnt-routes:     UK-MOD-MNT
mnt-by:         RIPE-NCC-LEGACY-MNT
created:        2005-08-23T10:27:23Z
last-modified:  2016-04-14T09:56:26Z
source:         RIPE # Filtered

organisation:   ORG-DMoD1-RIPE
org-name:       UK Ministry of Defence
country:        GB
org-type:       LIR
address:        Whitehall
address:        SW1A 2HB
address:        London
address:        UNITED KINGDOM

Unidentified IP

Not unidentified. :wink:

This “unknown” … not.

This “unknown” … I don’t know why it’s identifying your connection as unknown.

Where is this?


What is this? And how did you install it?

Did you install it as a flatpak? If so, I wonder whether the information is even valid.

I would sanity check the IP address by using a regular browser and going to http://whatismyipaddress.com (although I personally use my own “version” of this that is hosted on one of my VPSs).

1 Like

Big brother loves ya!

What IP is one of the default apps, right? Or has been.


Winston: Does Big Brother exist?

O’B: Of course he exists. …

Winston: Does he exist like you and me?

O’B: You do not exist.

Winston: ‘I think I exist’ … ‘I am conscious of my own identity. I was born and I shall die. I have arms and legs. I occupy a particular point in space. No other solid object can occupy the same point simultaneously. In that sense, does Big Brother exist?’

O’B: ‘It is of no importance. He exists.’

1 Like

I love Big Brother!

1 Like

If you want to keep a secret, you must also hide it from yourself!

In the modem here. With it’s GUI I can see what/who are connected cable or wireless. I mentioned I can’t post a image w/ it or would have.

1 Like

I don’t know. It’s not installed on my phone (fairly recently reflashed, and I have no record of uninstalling that app). So I think it is fair to ask how and in what form it was installed on the OP’s phone.

The package (whatip) does not seem to exist in my desktop’s distro (not running PureOS) so I am not familiar with the app or how it works or what it is supposed to do. All it says to me in the description from the phone is “Info on your IP”, which kind of points me in the right direction but without giving any detail.

Looking at the Python source (disclaimer: I don’t speak Python), it doesn’t look as if it is the sort of app that I would want on my phone as it relies on an external server and leaks information from your phone to that server. (However it is little to no worse than using the URL that I suggested above for sanity checking.)

If Purism wants to continue packaging this app then I believe it ought to make the external server(s) configurable and provide the service itself for those that want that and default to their own service.

If nothing else, the package doco should disclose the external parties that information is being shared with (leaked to) i.e. ifconfig.co and geoip.fedoraproject.org

In some sense, the geoip information should be packaged internally but that is difficult to keep up to date, difficult for the package maintainer and difficult for everyone who has the package installed. So I think that I would be wondering about the cost/benefit of even having the geoip information.

(The package information says that the geoip information is so that you can verify what country / location your VPN has landed you in, which is of some use.)

Of course it suffers from the usual problem of geoip i.e. not being very accurate anyway.

1 Like
sudo apt install gnome-screenshots

Then open the Screenshot app.

1 Like

Most connections from the wild I notice are “unknown”.

Take for example my telnet game server. When I periodically put IP ranges in my inetdsec file for “deny” I glean connections from my inetd log file. Here is a snippet (truncated right and left for brevity):

Connection from unknown ( at Mon Jan 29 22:05:14 2024
Access denied for unknown ( at Mon Jan 29 22:08:25 2024
Connection from unknown ( at Mon Jan 29 22:13:11 2024
Connection from unknown ( at Mon Jan 29 22:13:13 2024
Access denied for unknown ( at Mon Jan 29 22:13:21 2024
Connection from unknown ( at Mon Jan 29 22:13:28 2024
Access denied for unknown ( at Mon Jan 29 22:13:30 2024
Connection from h88-129-112-88.cust.bredband2.com (
Connection from h88-129-112-88.cust.bredband2.com (
Access denied for unknown ( at Mon Jan 29 22:23:46 2024
Access denied for unknown ( at Mon Jan 29 22:23:47 2024
Access denied for unknown ( at Mon Jan 29 22:24:07 2024
Access denied for unknown ( at Mon Jan 29 22:28:49 2024
Access denied for unknown ( at Mon Jan 29 22:28:55 2024
Access denied for unknown ( at Mon Jan 29 22:32:31 2024
Access denied for host-5-58-108-191.bitternet.ua ( at Mon
Access denied for host-5-58-108-191.bitternet.ua ( at Mon
Access denied for host-5-58-108-191.bitternet.ua ( at Mon
Access denied for host-5-58-108-191.bitternet.ua ( at Mon
Access denied for host-5-58-108-191.bitternet.ua ( at Mon
Access denied for host-5-58-108-191.bitternet.ua ( at Mon

I only bother blocking endless repeats to connect. It’s a game server after all, I want them to try and connect. If those who repeat are too frequent may invoke a telnet bug that crashes my machine because it is too old for the telnet patch that fixes it (It takes hundreds of attempts at the same time to make it crash). But there are a few “knowns” like the Ukraine domain at the bottom only tried 6 times and gave up. I had blocked them earlier, hence the “denied prefix”. That “known” cust.bredband2.com domain is from Sweden (Bork, bork, bork!).

Funny thing though, they never actually try and make a log on. Or if they do, they use Windows or Linux logon commands, my machine’s logons are neither, it has a different log on format mentioned elswhere this forum, passim. Neiter does my machine take SSH, which is what I suspect what they’re also doing.

1 Like

OK, I thought that you were seeing some kind of “modem GUI” on the L5, not on your other equipment. Thanks for clarifying.

1 Like

Good answer comrade, I love him too!

It’s not from the wild. It is recognized as a local device. Disconnected from modem, it’s still there. Turn L5 mobile off, still there. Turn L5 off - still there.

Thanks for the reminder. I’d forgotten about it. L5 took back seat to a Samsung Galaxy 23, I’m debugging it. The kind of bugs like stalkers and such. Waiting for reply from support@puri.sm on sending it back for repairs & asking how much it would cost. It’s only been 5 days so I’ll remain patient.

1 Like

Sorry I was referring to my “unknowns” in my log file snippet that was underneath my post, not your active reference. All mine were telnet connection logs on my garage based mainframe.

1 Like

It would only show my assigned IP by ISP.

I don’t keep such records. I don’t know where WhatIP came from or how it was installed.
When I use WhatIP, it produces

country US
org AS6128 Cablevision Systems Corp.
timezone America/New_York
ip ###.###.###.###
region New York
postal 10458
hostname ool-182ded1c.dyn.optonline.net
city Fordham
loc 40.8593,-73.8985

That is most likely the mobile ISP.
The unknown IP has since disappeared. Originally, the modem GUI showed the unknown as being a mobile device. I have a recently unboxed Samsung Galaxy A23. All I did was plug in the adapter to charge battery. It’s the only other wireless/mobile around.

Well, if the UK Ministry is that interested in me, they’re going to be very bored. Had I know they were peeping, I’d have set up something juicy for them.

I’ll just keep checking again now and then. Maybe block it and see what happens.

Thanks Irvine



No wories about interlopers on my system. I let the men in the middle do the work, Necro one of my old post pics below. :wink: