JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 23.106.249.36

23.106.249.36 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 9%: ?

ISP	Leaseweb Asia Pacific pte. ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59253
Domain Name	leaseweb.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 23.106.249.36

Whois 23.106.249.36

IP Abuse Reports for 23.106.249.36:

This IP address has been reported a total of 30 times from 15 distinct sources. 23.106.249.36 was first reported on March 24th 2021, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 sockominfo	2026-05-28 16:00:47 (3 weeks ago)	Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Web App Attack
🇦🇺 paulshipley.com.au	2026-05-12 00:17:52 (1 month ago)	winesbydesign.paulshipley.info:443 23.106.249.36 - - [12/May/2026:10:13:59 +1000] "GET /wp-includes/ ... show more winesbydesign.paulshipley.info:443 23.106.249.36 - - [12/May/2026:10:13:59 +1000] "GET /wp-includes/js/dist/vendor/react.min.js?ver=18.3.1.1 HTTP/1.1" 403 787 "https://winesbydesign.paulshipley.info/?elementor_library=single-class-product&elementor-preview=213&ver=1778544797" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:150.0) Gecko/20100101 Firefox/150.0" winesbydesign.paulshipley.info:443 23.106.249.36 - - [12/May/2026:10:13:59 +1000] "GET /wp-includes/js/dist/vendor/react.min.js?ver=18.3.1.1 HTTP/1.1" 403 787 "https://winesbydesign.paulshipley.info/?page_id=10351&elementor-preview=10351&ver=1778544808" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:150.0) Gecko/20100101 Firefox/150.0" winesbydesign.paulshipley.info:443 23.106.249.36 - - [12/May/2026:10:14:03 +1000] "GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.3 HTTP/1.1" 403 788 "https://winesbydesign.paulshipley.info/?elementor_library=single-class-product&elementor-preview=213&ver=1778544797" "Mozilla/5.0 (Windows NT 10.0; ... show less	Web App Attack
🇦🇺 paulshipley.com.au	2026-04-21 07:26:57 (1 month ago)	winesbydesign.paulshipley.info:443 23.106.249.36 - - [21/Apr/2026:17:24:36 +1000] "GET /wp-includes/ ... show more winesbydesign.paulshipley.info:443 23.106.249.36 - - [21/Apr/2026:17:24:36 +1000] "GET /wp-includes/js/dist/vendor/react-dom.min.js?ver=18.3.1.1 HTTP/1.1" 403 788 "https://winesbydesign.paulshipley.info/?elementor_library=single-class-product&elementor-preview=213&ver=1776756164" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" winesbydesign.paulshipley.info:443 23.106.249.36 - - [21/Apr/2026:17:24:36 +1000] "GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.3 HTTP/1.1" 403 788 "https://winesbydesign.paulshipley.info/?elementor_library=single-class-product&elementor-preview=213&ver=1776756164" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" winesbydesign.paulshipley.info:443 23.106.249.36 - - [21/Apr/2026:17:24:37 +1000] "GET /wp-includes/js/imagesloaded.min.js?ver=5.0.0 HTTP/1.1" 403 788 "https://winesbydesign.paulshipley.info/?elementor_library=single-class-product&elementor-preview=213&ver=1776756164" "Mozilla/5.0 ... show less	Web App Attack
🇮🇩 sockominfo	2026-02-25 21:01:02 (3 months ago)	CRITICAL: Persistent attacker 23.106.249.36 - 10 attempts in 30 minutes. Threat Score: 7.5/10 (HIGH) ... show more CRITICAL: Persistent attacker 23.106.249.36 - 10 attempts in 30 minutes. Threat Score: 7.5/10 (HIGH). Confidence: 60%. CVSS v3.1: 7.3/10 (High). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L. Bayesian Probability: 85%. MITRE ATT&CK: T1071 (Application Layer Protocol). Tactic: TA0001. Freshness: Moderate. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-02-25 17:00:56 (3 months ago)	CRITICAL: Persistent attacker 23.106.249.36 - 10 attempts in 30 minutes. Threat Score: 7/10 (MEDIUM) ... show more CRITICAL: Persistent attacker 23.106.249.36 - 10 attempts in 30 minutes. Threat Score: 7/10 (MEDIUM). Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-02-25 16:10:39 (3 months ago)	[WAZUH] CRITICAL: Persistent attacker 23.106.249.36 - 10 attempts in 30 minutes	Hacking Web App Attack
🇮🇩 securejdprop	2026-02-02 10:38:02 (4 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. crowdsecurity/http-probing	Hacking Web App Attack
🇮🇩 sockominfo	2026-01-04 20:00:47 (5 months ago)	User login to application during non-business hours from malicious IP 23.106.249.36.. Threat Score: ... show more User login to application during non-business hours from malicious IP 23.106.249.36.. Threat Score: 4.5/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-01-04 18:00:47 (5 months ago)	User login to application during non-business hours from malicious IP 23.106.249.36.. Threat Score: ... show more User login to application during non-business hours from malicious IP 23.106.249.36.. Threat Score: 4.6/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-01-04 17:00:10 (5 months ago)	User login to application during non-business hours from malicious IP 23.106.249.36.. Threat Score: ... show more User login to application during non-business hours from malicious IP 23.106.249.36.. Threat Score: 6.1/10 (MEDIUM). CVSS: 5/10 (Medium). Bayesian: 82%. MITRE: T1046. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-01-04 16:00:46 (5 months ago)	User login to application during non-business hours from malicious IP 23.106.249.36.. Threat Score: ... show more User login to application during non-business hours from malicious IP 23.106.249.36.. Threat Score: 4.8/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2025-12-05 05:32:31 (6 months ago)	[WAZUH] SUPPRESSED: IP 23.106.249.36 blocked - 8 times fired in 6 hour	Hacking Web App Attack
🇺🇸 ipblock.com	2025-08-19 09:12:00 (9 months ago)	IPBlock protected site ID [4730-fr]. Public forum SPAM	Blog Spam
🇸🇪 sweplox.se	2024-11-21 01:05:30 (1 year ago)	23.106.249.36 - - [18/Nov/2024:00:37:36 +0000] "GET /wp-admin/network/xmrlpc.php?p= HTTP/1.1" 301 16 ... show more 23.106.249.36 - - [18/Nov/2024:00:37:36 +0000] "GET /wp-admin/network/xmrlpc.php?p= HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 23.106.249.36 - - [18/Nov/2024:20:31:24 +0000] "GET /wp-content/index.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 23.106.249.36 - - [18/Nov/2024:21:07:02 +0000] "GET /wp-content/index.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 23.106.249.36 - - [19/Nov/2024:00:51:26 +0000] "GET /wp-admin/user/xmrlpc.php?p= HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 23.106.249.36 - - [21/Nov/2024:00:33:41 +0000] "GET /wp-admin/images/xmrlpc.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64 ... show less	Bad Web Bot SSH
Anonymous	2024-02-09 09:12:35 (2 years ago)	HTTP 503 XSS Attempt	Hacking

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 75.214.55.53

🇬🇧 35.203.211.70

🇺🇸 2600:1f14:af5:6703:eb8f:c882:5930:1b24

🇫🇷 207.180.226.58

🇷🇴 185.253.162.14

🇯🇵 168.138.213.115

🇺🇸 162.216.149.108

🇨🇳 47.95.234.23

🇫🇷 38.242.139.95

🇮🇹 2a00:1450:4025:1803::12b

🇯🇵 219.117.192.186

🇷🇺 213.251.243.156

🇷🇺 212.3.154.183

🇧🇪 198.235.24.154

🇺🇸 172.67.183.129

🇫🇷 91.231.89.231

🇺🇸 64.62.156.151

🇮🇷 46.143.110.185

🇺🇸 13.89.125.22

🇺🇸 3.87.27.156