106.14.57.144 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Aliyun Computing Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	WordPress login Brute force / Web App Attack on client site.	2020-03-05 13:02:06
attackbotsspam	106.14.57.144 - - [04/Mar/2020:14:08:34 +0000] "POST /wp-login.php HTTP/1.1" 200 6409 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 106.14.57.144 - - [04/Mar/2020:14:08:39 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-03-05 05:01:19
attack	106.14.57.144 - - [21/Feb/2020:08:16:55 +0300] "POST /wp-login.php HTTP/1.1" 200 2790 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-02-21 15:33:58

Type

Details

Datetime

attackspam

WordPress login Brute force / Web App Attack on client site.

2020-03-05 13:02:06

attackbotsspam

106.14.57.144 - - [04/Mar/2020:14:08:34 +0000] "POST /wp-login.php HTTP/1.1" 200 6409 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
106.14.57.144 - - [04/Mar/2020:14:08:39 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2020-03-05 05:01:19

attack

106.14.57.144 - - [21/Feb/2020:08:16:55 +0300] "POST /wp-login.php HTTP/1.1" 200 2790 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"

2020-02-21 15:33:58

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.14.57.144
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5967
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.14.57.144.			IN	A

;; AUTHORITY SECTION:
.			400	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022100 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 21 15:33:55 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 144.57.14.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 144.57.14.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.24.193	attack	Mar 11 20:16:06 legacy sshd[14234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.24.193 Mar 11 20:16:08 legacy sshd[14234]: Failed password for invalid user aitsung from 106.12.24.193 port 33556 ssh2 Mar 11 20:18:44 legacy sshd[14270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.24.193 ...	2020-03-12 04:08:27
14.162.123.230	attackbots	Attempted connection to port 1433.	2020-03-12 04:07:12
139.199.34.54	attackbots	Automatic report - SSH Brute-Force Attack	2020-03-12 03:37:11
154.126.207.139	attack	Attempted connection to port 80.	2020-03-12 04:06:19
89.45.45.178	attack	2020-03-11T19:10:12.099958abusebot-6.cloudsearch.cf sshd[4660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.45.45.178 user=root 2020-03-11T19:10:13.950871abusebot-6.cloudsearch.cf sshd[4660]: Failed password for root from 89.45.45.178 port 43882 ssh2 2020-03-11T19:14:45.079822abusebot-6.cloudsearch.cf sshd[4889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.45.45.178 user=root 2020-03-11T19:14:47.076599abusebot-6.cloudsearch.cf sshd[4889]: Failed password for root from 89.45.45.178 port 35328 ssh2 2020-03-11T19:19:12.968215abusebot-6.cloudsearch.cf sshd[5156]: Invalid user 369 from 89.45.45.178 port 55030 2020-03-11T19:19:12.974886abusebot-6.cloudsearch.cf sshd[5156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.45.45.178 2020-03-11T19:19:12.968215abusebot-6.cloudsearch.cf sshd[5156]: Invalid user 369 from 89.45.45.178 port 55030 2020-03-11T19:19: ...	2020-03-12 03:48:24
157.230.231.39	attackspam	SSH bruteforce	2020-03-12 03:30:07
106.75.132.222	attackbotsspam	Triggered by Fail2Ban at Ares web server	2020-03-12 03:53:48
167.249.11.57	attackbots	2020-03-11T13:18:59.967542linuxbox-skyline sshd[39073]: Invalid user user from 167.249.11.57 port 33512 ...	2020-03-12 03:59:04
45.77.82.109	attack	Fail2Ban Ban Triggered	2020-03-12 03:39:43
113.161.57.213	attackspambots	B: Magento admin pass test (wrong country)	2020-03-12 03:47:59
93.41.193.212	attackspam	B: f2b postfix aggressive 3x	2020-03-12 03:44:52
221.122.73.130	attack	Mar 11 20:44:30 eventyay sshd[8610]: Failed password for root from 221.122.73.130 port 52724 ssh2 Mar 11 20:46:21 eventyay sshd[8646]: Failed password for root from 221.122.73.130 port 39613 ssh2 ...	2020-03-12 03:51:54
106.52.57.99	attackspambots	Automatic report - SSH Brute-Force Attack	2020-03-12 03:32:06
45.13.28.201	attackspam	Chat Spam	2020-03-12 03:49:38
177.81.208.134	attackspam	Automatic report - Port Scan Attack	2020-03-12 03:49:18

Recently Reported IPs

155.118.251.222	45.143.220.215	14.177.66.57	104.248.203.218
40.115.177.139	177.222.193.159	14.237.96.234	14.229.81.127
2.190.87.124	36.72.212.24	27.106.116.63	34.68.76.76
171.97.106.51	41.190.31.188	185.53.199.6	123.128.126.14
122.117.175.142	193.56.28.100	18.221.6.250	83.23.152.186