JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 140.235.0.59

140.235.0.59 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 2%: ?

ISP	DirectBackup LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	directbackup.co
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 140.235.0.59

Whois 140.235.0.59

IP Abuse Reports for 140.235.0.59:

This IP address has been reported a total of 12 times from 8 distinct sources. 140.235.0.59 was first reported on August 26th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Oakley	2026-05-28 13:24:47 (1 week ago)	(mod_security) mod_security (id:900177) triggered by 140.235.0.59 (US/United States/-): 5 in the las ... show more (mod_security) mod_security (id:900177) triggered by 140.235.0.59 (US/United States/-): 5 in the last 900 secs show less	Web App Attack Hacking
Anonymous	2026-01-21 13:51:00 (4 months ago)	Brute force on VPN	Brute-Force Bad Web Bot
Anonymous	2026-01-18 07:22:01 (4 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.18 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.18 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2026-01-04 22:16:23 (5 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇱🇻 garmtech.com	2025-12-22 05:51:18 (5 months ago)	IM360 WAF: Attempt to upload malware	Hacking
Anonymous	2025-11-20 20:51:33 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.20 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.20 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-07 00:31:36 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 140.235.0.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 140.235.0.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 06 19:31:26.582874 2025] [security2:error] [pid 3599857:tid 3599857] [client 140.235.0.59:56767] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mcbrearty.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mcbrearty.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "aQ093rHsj6F-O_XXX-AqTgAAAAM"], referer: https://mcbrearty.org/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 fbarela	2025-10-31 04:00:49 (7 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-10-27 16:19:07 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 140.235.0.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 140.235.0.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 27 12:19:00.901396 2025] [security2:error] [pid 4546:tid 4546] [client 140.235.0.59:52297] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jolankagroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aP-bdNKcRnomKltEVN3R7QAAAAA"], referer: https://jolankagroup.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 SilverZippo	2025-10-24 12:02:54 (7 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2025-10-15 10:41:12 (7 months ago)	(mod_security) mod_security (id:210350) triggered by 140.235.0.59 (140-235-0-59.cloudairone.com): 1 ... show more (mod_security) mod_security (id:210350) triggered by 140.235.0.59 (140-235-0-59.cloudairone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 15 06:41:05.995775 2025] [security2:error] [pid 20863:tid 20955] [client 140.235.0.59:27625] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|2291106.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "2291106.com"] [uri "/"] [unique_id "aO96QbA5lazar7dYqXqmUAAAAI0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-26 12:54:40 (9 months ago)	(mod_security) mod_security (id:210492) triggered by 140.235.0.59 (140-235-0-59.cloudairone.com): 1 ... show more (mod_security) mod_security (id:210492) triggered by 140.235.0.59 (140-235-0-59.cloudairone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 26 08:54:17.498381 2025] [security2:error] [pid 2858:tid 2858] [client 140.235.0.59:65321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "engravingbyangela.com"] [uri "/wp-config.php.1"] [unique_id "aK2ueQywevbhbueXzVvP4gAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.155.100

🇳🇱 131.153.158.213

🇭🇰 101.36.109.176

🇺🇸 43.112.77.26

🇰🇷 211.216.58.204

🇪🇹 196.189.236.162

🇮🇳 182.95.181.34

🇻🇪 179.0.107.165

🇫🇮 178.20.210.208

🇸🇬 165.154.236.104

🇺🇸 91.230.168.210

🇺🇸 66.93.9.248

🇨🇳 59.56.38.108

🇮🇪 54.246.245.45

🇺🇸 52.168.112.66

🇳🇱 45.153.34.226

🇺🇦 37.221.159.102

🇩🇪 3.76.217.234

🇮🇳 152.52.227.94

🇨🇳 112.239.102.7