AbuseIPDB » 140.235.0.200
140.235.0.200
This IP was reported 7 times. Confidence of
Abuse
is 2% : ?
ISP
DirectBackup LLC
Usage Type
Data Center/Web Hosting/Transit
ASN
AS26548
Domain Name
directbackup.co
Country
๐บ๐ธ
United States of America
City
Seattle, Washington
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 140.235.0.200 :
This IP address has been reported a total of
7
times from
6 distinct
sources.
140.235.0.200 was first reported on
May 6th 2025 , and the most recent report was
2 weeks ago
Old Reports:
The most recent abuse report for this IP address is from
2 weeks ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฑ๐ป
garmtech.com
2026-05-24 11:15:11
(2 weeks ago)
IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 14-15.140.235.0.200.web-spamme ...
show more
IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 14-15.140.235.0.200.web-spammers.v2.rbl.imunify.com._v4 succeeded.
show less
Web App Attack
2026-01-30 01:43:28
(4 months ago)
Attempted brute force login to web vpn 2 time(s); last attempt for 2026.01.30 is noted in report tim ...
show more
Attempted brute force login to web vpn 2 time(s); last attempt for 2026.01.30 is noted in report timestamp
show less
Hacking
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-12-24 00:42:54
(5 months ago)
(mod_security) mod_security (id:210350) triggered by 140.235.0.200 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 140.235.0.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 23 19:42:43.254208 2025] [security2:error] [pid 12405:tid 12405] [client 140.235.0.200:10997] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||babylontravelone.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "babylontravelone.com"] [uri "/"] [unique_id "aUs3A9LuKH5P_lJeTKBGxgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
wil.com
2025-11-28 00:38:07
(6 months ago)
GlobalProtect login attempts with user wilside.
VPN IP
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-11-09 02:52:33
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 140.235.0.200 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 140.235.0.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 08 21:52:26.363171 2025] [security2:error] [pid 25825:tid 25825] [client 140.235.0.200:54305] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gonzalez.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gonzalez.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRAB6pKTpmOYWu_wUsw2UwAAAAY"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
10dencehispahard SL
2025-08-19 05:53:33
(9 months ago)
WP probing for vulnerabilities
Hacking
Exploited Host
๐ฉ๐ช
FeG Deutschland
2025-05-06 03:25:04
(1 year ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 27
Exploited Host
Web App Attack
Showing 1 to
7
of 7 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: