148.64.56.114 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United Kingdom

Internet Service Provider: Grapeshot Ltd

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Automatic report - Banned IP Access	2019-12-17 02:22:33

Comments on same subnet:

IP	Type	Details	Datetime
148.64.56.74	attackbotsspam	Automatic report - Banned IP Access	2020-04-12 20:47:52
148.64.56.125	attack	Automatic report - Banned IP Access	2019-10-18 12:20:20
148.64.56.113	attackbots	Automatic report - Banned IP Access	2019-10-01 05:48:49
148.64.56.74	attackspam	Automatic report - Banned IP Access	2019-07-18 14:59:53
148.64.56.117	bots	爬虫区间是148.64.56.0 to 148.64.56.255 (148.64.56.0/24) 148.64.56.117 - - [28/Apr/2019:09:09:44 +0800] "GET /check-ip/58.17.114.102 HTTP/1.1" 200 10015 "-" "Mozilla/5.0 (compatible; GrapeshotCrawler/2.0; +http://www.grapeshot.co.uk/crawler.php)"	2019-04-28 09:15:32
148.64.56.118	bots	148.64.56.118 - - [27/Apr/2019:14:02:00 +0800] "GET /check-ip HTTP/1.1" 301 194 "-" "Mozilla/5.0 (compatible; GrapeshotCrawler/2.0; +http://www.grapeshot.co.uk/crawler.php)" 148.64.56.118 - - [27/Apr/2019:14:02:02 +0800] "GET /check-ip HTTP/1.1" 200 2915 "-" "Mozilla/5.0 (compatible; GrapeshotCrawler/2.0; +http://www.grapeshot.co.uk/crawler.php)"	2019-04-27 14:03:35
148.64.56.66	bots	爬虫，可以禁掉 148.64.56.66 - - [27/Apr/2019:05:31:15 +0800] "GET /robots.txt HTTP/1.1" 301 194 "-" "Mozilla/5.0 (compatible; GrapeshotCrawler/2.0; +http://www.grapeshot.co.uk/crawler.php)" 148.64.56.66 - - [27/Apr/2019:05:31:17 +0800] "GET /robots.txt HTTP/1.1" 200 472 "-" "Mozilla/5.0 (compatible; GrapeshotCrawler/2.0; +http://www.grapeshot.co.uk/crawler.php)" 148.64.56.66 - - [27/Apr/2019:05:31:23 +0800] "GET /check-ip/193.85.177.25 HTTP/1.1" 301 194 "-" "Mozilla/5.0 (compatible; GrapeshotCrawler/2.0; +http://www.grapeshot.co.uk/crawler.php)" 148.64.56.66 - - [27/Apr/2019:05:31:24 +0800] "GET /check-ip/193.85.177.25 HTTP/1.1" 200 9571 "-" "Mozilla/5.0 (compatible; GrapeshotCrawler/2.0; +http://www.grapeshot.co.uk/crawler.php)"	2019-04-27 06:48:13

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.64.56.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11355
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.64.56.114.			IN	A

;; AUTHORITY SECTION:
.			483	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121602 1800 900 604800 86400

;; Query time: 179 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 17 02:22:30 CST 2019
;; MSG SIZE  rcvd: 117

Host info

114.56.64.148.in-addr.arpa domain name pointer server114.hml.grapeshot.co.uk.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
114.56.64.148.in-addr.arpa	name = server114.hml.grapeshot.co.uk.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
61.69.78.78	attackbotsspam	Tried sshing with brute force.	2019-12-20 19:25:42
95.178.158.15	attackbots	Telnetd brute force attack detected by fail2ban	2019-12-20 19:41:05
14.232.239.31	attackbotsspam	Unauthorized connection attempt detected from IP address 14.232.239.31 to port 445	2019-12-20 19:29:16
156.232.94.55	attack	Host Scan	2019-12-20 19:36:42
212.25.25.60	attackspambots	TERRORIST SPAM MAIL USED TO GAIN AND MOVE LARGE SUMS OF MONEY FROM FLEXMAIL,COM WITH AN ORIGINATING EMAIL FROM FLEXMAIL.COM OF Yovonda.Barefield@arshousing.org AND A REPLY TO EMAIL AT INTERWAY.CH OF pcf19879@email.ch	2019-12-20 19:19:58
167.99.173.234	attackbots	Dec 20 11:01:06 goofy sshd\[32428\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.173.234 user=root Dec 20 11:01:08 goofy sshd\[32428\]: Failed password for root from 167.99.173.234 port 34982 ssh2 Dec 20 11:09:44 goofy sshd\[381\]: Invalid user v from 167.99.173.234 Dec 20 11:09:44 goofy sshd\[381\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.173.234 Dec 20 11:09:46 goofy sshd\[381\]: Failed password for invalid user v from 167.99.173.234 port 43406 ssh2	2019-12-20 19:24:54
167.99.105.223	attack	Automatic report - XMLRPC Attack	2019-12-20 19:57:34
120.89.64.8	attackbots	Dec 20 11:31:37 web8 sshd\[11620\]: Invalid user laane from 120.89.64.8 Dec 20 11:31:37 web8 sshd\[11620\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.89.64.8 Dec 20 11:31:39 web8 sshd\[11620\]: Failed password for invalid user laane from 120.89.64.8 port 56470 ssh2 Dec 20 11:38:29 web8 sshd\[14897\]: Invalid user antinucci from 120.89.64.8 Dec 20 11:38:29 web8 sshd\[14897\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.89.64.8	2019-12-20 19:55:12
106.13.86.136	attackspambots	Dec 20 06:25:26 localhost sshd\[29755\]: Invalid user huberto from 106.13.86.136 port 37718 Dec 20 06:25:26 localhost sshd\[29755\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.86.136 Dec 20 06:25:28 localhost sshd\[29755\]: Failed password for invalid user huberto from 106.13.86.136 port 37718 ssh2 ...	2019-12-20 19:53:10
117.50.50.44	attackbotsspam	Dec 20 11:41:34 vpn01 sshd[30450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.50.44 Dec 20 11:41:36 vpn01 sshd[30450]: Failed password for invalid user nancy from 117.50.50.44 port 37340 ssh2 ...	2019-12-20 19:37:15
121.185.8.82	attackspambots	TCP Port Scanning	2019-12-20 19:27:57
113.200.156.180	attackbotsspam	Dec 20 09:55:36 icinga sshd[18331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.200.156.180 Dec 20 09:55:38 icinga sshd[18331]: Failed password for invalid user beuter from 113.200.156.180 port 42778 ssh2 Dec 20 10:14:51 icinga sshd[35818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.200.156.180 ...	2019-12-20 19:56:42
190.64.137.171	attack	SSH brute-force: detected 7 distinct usernames within a 24-hour window.	2019-12-20 19:48:52
51.255.42.250	attack	Dec 20 12:12:26 loxhost sshd\[3429\]: Invalid user phion from 51.255.42.250 port 33047 Dec 20 12:12:26 loxhost sshd\[3429\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.42.250 Dec 20 12:12:27 loxhost sshd\[3429\]: Failed password for invalid user phion from 51.255.42.250 port 33047 ssh2 Dec 20 12:17:41 loxhost sshd\[3710\]: Invalid user named from 51.255.42.250 port 36505 Dec 20 12:17:41 loxhost sshd\[3710\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.42.250 ...	2019-12-20 19:35:20
124.156.121.233	attack	Dec 20 11:10:55 heissa sshd\[8147\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.121.233 user=root Dec 20 11:10:57 heissa sshd\[8147\]: Failed password for root from 124.156.121.233 port 46900 ssh2 Dec 20 11:17:07 heissa sshd\[9058\]: Invalid user ronan from 124.156.121.233 port 53802 Dec 20 11:17:07 heissa sshd\[9058\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.121.233 Dec 20 11:17:09 heissa sshd\[9058\]: Failed password for invalid user ronan from 124.156.121.233 port 53802 ssh2	2019-12-20 19:17:52

Recently Reported IPs

237.161.218.44	187.162.86.8	201.124.74.176	45.227.255.233
187.162.79.130	40.92.67.47	209.141.46.240	196.210.237.89
187.162.62.147	86.57.103.199	134.118.201.254	104.84.245.29
87.107.73.16	193.104.16.232	88.80.70.66	215.44.234.134
242.175.198.97	77.76.44.55	87.252.246.209	2.181.146.68