JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 140.235.0.140

140.235.0.140 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 26%: ?

26%

ISP	DirectBackup LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	directbackup.co
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 140.235.0.140

Whois 140.235.0.140

IP Abuse Reports for 140.235.0.140:

This IP address has been reported a total of 10 times from 9 distinct sources. 140.235.0.140 was first reported on September 24th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-10 17:21:42 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 140.235.0.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 140.235.0.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 13:21:29.077760 2026] [security2:error] [pid 28605:tid 28605] [client 140.235.0.140:26785] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|daassociatesllc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "daassociatesllc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aimdGdB0mJ0m6_uQSMC8bgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 06:05:49 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 140.235.0.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 140.235.0.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 02:05:36.947204 2026] [security2:error] [pid 31420:tid 31420] [client 140.235.0.140:24931] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Steelcase/pics/Leap Work Lounge/Thumbs.db"] [unique_id "ah_EMMZzR1sgxWpzDQrVQAAAAAI"], referer: https://vitalitywebb.com/backstore/Steelcase/pics/Leap%20Work%20Lounge/ show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-01 00:55:14 (1 week ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 03-55.140.235.0.140.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 03-55.140.235.0.140.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇬🇧 Oakley	2026-05-29 06:45:00 (2 weeks ago)	(mod_security) mod_security (id:900178) triggered by 140.235.0.140 (US/United States/-): 5 in the la ... show more (mod_security) mod_security (id:900178) triggered by 140.235.0.140 (US/United States/-): 5 in the last 900 secs show less	Web App Attack Hacking
🇨🇭 backslash	2026-05-24 08:12:00 (2 weeks ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot
Anonymous	2026-01-19 00:00:56 (4 months ago)	Brute force against VPN	Brute-Force Bad Web Bot
🇫🇷 masterguru	2025-12-23 11:23:58 (5 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 140.235.0.140 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 140.235.0.140 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇺🇸 fbarela	2025-12-15 01:00:26 (5 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
Anonymous	2025-10-19 09:37:27 (7 months ago)	Malicious activity detected	Hacking Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-09-24 11:17:49 (8 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇭 222.127.248.61

🇧🇷 177.222.217.35

🇨🇳 171.104.69.174

🇳🇵 103.134.217.34

🇹🇭 45.194.70.253

🇺🇸 20.169.106.149

🇪🇹 196.190.180.18

🇺🇸 137.184.159.183

🇮🇪 109.78.18.255

🇿🇲 74.244.129.24

🇺🇸 66.180.194.227

🇺🇸 64.62.197.182

🇮🇳 59.144.228.132

🇺🇸 20.80.104.232

🇨🇳 14.116.189.74

🇮🇳 223.181.14.186

🇩🇪 209.38.230.191

🇧🇴 190.129.22.103

🇩🇪 167.235.194.54

🇺🇸 162.216.150.69