JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 140.235.0.218

140.235.0.218 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 10%: ?

10%

ISP	DirectBackup LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	directbackup.co
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 140.235.0.218

Whois 140.235.0.218

IP Abuse Reports for 140.235.0.218:

This IP address has been reported a total of 12 times from 6 distinct sources. 140.235.0.218 was first reported on October 17th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nodepile	2026-06-11 06:20:30 (3 days ago)	Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/lighting-hid-led-xenon/led-headlig ... show more Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/lighting-hid-led-xenon/led-headlight-replacement.html ua='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.2092.127 Safari/537.36') show less	Open Proxy VPN IP
🇨🇭 backslash	2026-04-16 11:57:10 (1 month ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-28 00:46:36 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 140.235.0.218 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 140.235.0.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 27 19:46:27.499461 2026] [security2:error] [pid 15134:tid 15134] [client 140.235.0.218:54187] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|snowrideadventures.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "snowrideadventures.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aaI64x4pSR9Mky1AB1ZQqQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-27 22:38:07 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 140.235.0.218 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 140.235.0.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 27 17:37:59.409320 2026] [security2:error] [pid 21232:tid 21232] [client 140.235.0.218:60647] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|schmitzcomm.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "schmitzcomm.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aaIcx-taNamvGl9sviBEYQAAACw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-28 13:29:21 (4 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.28 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.28 is noted in report timestamp show less	Hacking Brute-Force
🇱🇻 garmtech.com	2026-01-22 10:22:09 (4 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇱🇻 garmtech.com	2025-11-25 14:11:27 (6 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇺🇸 TPI-Abuse	2025-11-07 11:11:48 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 140.235.0.218 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 140.235.0.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 07 06:11:42.181862 2025] [security2:error] [pid 28115:tid 28115] [client 140.235.0.218:48043] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|bernsteinip.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bernsteinip.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aQ3T7oR-gwISEKY9a57I4gAAABo"], referer: https://bernsteinip.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-28 20:40:20 (7 months ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2025-10-24 17:08:05 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 140.235.0.218 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 140.235.0.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 24 13:07:56.601706 2025] [security2:error] [pid 5278:tid 5278] [client 140.235.0.218:50395] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jolankagroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aPuybC-PbaDnMUmG6m3V-AAAAAw"], referer: https://jolankagroup.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-20 07:15:57 (7 months ago)	(mod_security) mod_security (id:210350) triggered by 140.235.0.218 (140-235-0-218.cloudairone.com): ... show more (mod_security) mod_security (id:210350) triggered by 140.235.0.218 (140-235-0-218.cloudairone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 20 03:15:49.629231 2025] [security2:error] [pid 11232:tid 11232] [client 140.235.0.218:25347] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|nexthop.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "nexthop.com"] [uri "/"] [unique_id "aPXhpa1OWehSI6WjVa0vKQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-10-17 07:45:13 (7 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2620:171:fd:f0::235

🇨🇳 218.92.251.198

🇮🇳 139.59.36.109

🇱🇹 45.227.254.170

🇭🇰 43.250.173.180

🇸🇰 185.177.9.158

🇮🇷 164.215.144.142

🇺🇸 161.35.112.108

🇨🇳 139.9.191.197

🇨🇳 123.163.48.70

🇪🇸 82.27.216.46

🇱🇹 81.30.98.142

🇺🇦 77.87.40.114

🇺🇸 66.132.186.245

🇺🇸 66.132.186.188

🇮🇪 34.247.183.68

🇸🇬 168.144.135.242

🇵🇭 126.209.18.46

🇲🇾 121.120.43.103

🇨🇳 111.55.74.206