AbuseIPDB » 23.105.110.228

23.105.110.228 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 11%: ?

11%

ISP	Leaseweb USA, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS7203
Domain Name	leaseweb.com
Country	United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 23.105.110.228

Whois 23.105.110.228

IP Abuse Reports for 23.105.110.228:

This IP address has been reported a total of 49 times from 37 distinct sources. 23.105.110.228 was first reported on March 6th 2021, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
dynamix	2025-06-10 10:10:26 (4 days ago)	Multiple WAF Violations	Web App Attack
TPI-Abuse	2025-05-09 13:59:47 (1 month ago)	(mod_security) mod_security (id:211170) triggered by 23.105.110.228 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:211170) triggered by 23.105.110.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 09 09:59:43.050776 2025] [security2:error] [pid 3837863:tid 3837863] [client 23.105.110.228:16889] [client 23.105.110.228] ModSecurity: Access denied with code 403 (phase 2). Match of "contains %{SERVER_NAME}" against "REQUEST_HEADERS:Referer" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "45"] [id "211170"] [rev "6"] [msg "COMODO WAF: Session Fixation: SessionID Parameter Name with Off-Domain Referer\|\|compassionfatigue.org\|F\|2"] [data "Matched Data: 23.105.110.228 found within ARGS_NAMES:ucfid: http://www.weebly.com/"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "compassionfatigue.org"] [uri "/"] [unique_id "aB4KT11CPEhneTF-hx9kngAAAAY"], referer: http://www.weebly.com/ show less	Brute-Force Bad Web Bot Web App Attack
octageeks.com	2024-10-24 04:06:45 (7 months ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
rdpguard.com	2024-08-20 07:47:18 (9 months ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
sms.ru	2024-08-20 03:31:55 (9 months ago)	/?p=../../../../../../../../etc/passwd%00	Web App Attack
TPI-Abuse	2024-08-05 18:02:46 (10 months ago)	(mod_security) mod_security (id:225170) triggered by 23.105.110.228 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:225170) triggered by 23.105.110.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 14:02:41.554186 2024] [security2:error] [pid 6233:tid 6233] [client 23.105.110.228:1440] [client 23.105.110.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|omintara.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "omintara.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZrETwaU5Ky-umS3Ft1b-LwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2024-08-01 15:30:29 (10 months ago)	(mod_security) mod_security (id:225170) triggered by 23.105.110.228 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:225170) triggered by 23.105.110.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 01 11:30:25.917102 2024] [security2:error] [pid 27323:tid 27323] [client 23.105.110.228:2152] [client 23.105.110.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|worldvictoryparty.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "worldvictoryparty.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZquqETy_TciE9UWGsNlxqwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2024-07-30 19:50:53 (10 months ago)	(mod_security) mod_security (id:225170) triggered by 23.105.110.228 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:225170) triggered by 23.105.110.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 30 15:50:47.264723 2024] [security2:error] [pid 9442:tid 9442] [client 23.105.110.228:4456] [client 23.105.110.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|patchworkprose.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "patchworkprose.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZqlEF2Fd7iYfjCpRjp_FKQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-07-21 00:08:17 (10 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
10dencehispahard SL	2024-07-20 15:01:56 (10 months ago)	Unauthorized login attempts [ wordpress-xmlrpc]	Brute-Force Web App Attack
TPI-Abuse	2024-07-20 14:23:54 (10 months ago)	(mod_security) mod_security (id:225170) triggered by 23.105.110.228 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:225170) triggered by 23.105.110.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 20 10:23:49.034369 2024] [security2:error] [pid 5998:tid 6209] [client 23.105.110.228:3220] [client 23.105.110.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|davidtung.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "davidtung.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZpvIdcwql6HzKvCVKLmYTAAAAhI"] show less	Brute-Force Bad Web Bot Web App Attack
Linuxmalwarehuntingnl	2024-07-01 10:33:57 (11 months ago)	Unauthorized connection attempt	Brute-Force
Anonymous	2024-05-20 21:41:00 (1 year ago)	WordPress attacks	Hacking Web App Attack
Anonymous	2024-05-16 22:00:33 (1 year ago)	WordPress attacks	Hacking Web App Attack
cmbplf	2024-05-16 14:24:05 (1 year ago)	619 POST requests to /wp-login.php	Brute-Force Bad Web Bot

Showing 1 to 15 of 49 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

191.58.167.139

101.36.119.50

221.239.109.147

135.119.112.96

154.212.141.198

154.84.153.50

66.179.208.159

65.20.251.53

107.172.243.11

178.27.90.142

36.67.70.198

47.236.155.67

205.185.113.189

206.168.34.142

13.74.254.161

58.69.56.44

59.88.15.171

20.117.188.68

157.245.245.246

139.199.159.167