JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 140.235.0.95

140.235.0.95 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 3%: ?

ISP	DirectBackup LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	directbackup.co
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 140.235.0.95

Whois 140.235.0.95

IP Abuse Reports for 140.235.0.95:

This IP address has been reported a total of 20 times from 14 distinct sources. 140.235.0.95 was first reported on October 9th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-10 06:38:40 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 140.235.0.95 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 140.235.0.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 02:38:29.372866 2026] [security2:error] [pid 30457:tid 30457] [client 140.235.0.95:27565] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|campconcerto.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "campconcerto.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aikGZfKQwzHn2bjcv9nVlAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 22:14:18 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 140.235.0.95 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 140.235.0.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 18:14:00.467677 2026] [security2:error] [pid 13602:tid 13602] [client 140.235.0.95:62431] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|argcreativegroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "argcreativegroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiiQKEivbaMA1vQrJipzeAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mind5t0rm	2026-03-31 08:28:12 (2 months ago)	(XMLRPC) WP XMLPRC Attack 140.235.0.95 (US/United States/-): 3 in the last 3600 secs; Ports: ; Dire ... show more (XMLRPC) WP XMLPRC Attack 140.235.0.95 (US/United States/-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 140.235.0.95 - - [31/Mar/2026:15:28:07 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "-" "curl/7.88.1" 140.235.0.95 - - [31/Mar/2026:15:28:08 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "-" "curl/8.6.0" 140.235.0.95 - - [31/Mar/2026:15:28:09 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "-" "Wget/1.21.4" show less	Port Scan
🇺🇸 oralunal	2026-03-16 16:07:31 (3 months ago)	IP banned by Fail2Ban in jail ente-suss ente.com-ssl_log mvfnds ...	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-02 23:26:49 (3 months ago)	(mod_security) mod_security (id:210350) triggered by 140.235.0.95 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 140.235.0.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 02 18:26:38.461143 2026] [security2:error] [pid 28899:tid 28909] [client 140.235.0.95:33833] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|inal.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "inal.org"] [uri "/register"] [unique_id "aaYcro2eCOMFfhK4cnOihwAAAMI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 tilellit.pro	2026-03-01 19:12:03 (3 months ago)	Fail2Ban banned 140.235.0.95 for security violations in jail wp-armour. Log: 2026/03/01 19:12:02 [er ... show more Fail2Ban banned 140.235.0.95 for security violations in jail wp-armour. Log: 2026/03/01 19:12:02 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 140.235.0.95 \| Target: wplogin" , client: 140.235.0.95, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
Anonymous	2026-01-19 00:00:00 (5 months ago)	Brute force against VPN	Brute-Force Bad Web Bot
🇱🇻 garmtech.com	2025-12-29 16:04:58 (5 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇫🇷 masterguru	2025-12-23 11:01:24 (5 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 140.235.0.95 (US/United States/-): 1 in the la ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 140.235.0.95 (US/United States/-): 1 in the last 3600 secs (0-197) show less	Hacking
🇪🇸 el-brujo	2025-12-18 05:44:25 (6 months ago)	Cloudflare WAF: Request Path: /ptbt_apdos Request Query: Host: elhacker.net userAgent: Mozilla/5.0 ... show more Cloudflare WAF: Request Path: /ptbt_apdos Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Action: block Source: l7ddos ASN Description: PUREVOLTAGE-INC Country: US Method: GET Timestamp: 2025-12-18T05:44:25Z ruleId: 12b9aecf1f6245b29d7e842bf35a42a0. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2025-12-18 04:59:32 (6 months ago)	Cloudflare WAF: Request Path: /ptbt_apdos Request Query: Host: elhacker.net userAgent: Mozilla/5.0 ... show more Cloudflare WAF: Request Path: /ptbt_apdos Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Action: block Source: l7ddos ASN Description: PUREVOLTAGE-INC Country: US Method: GET Timestamp: 2025-12-18T04:59:32Z ruleId: 12b9aecf1f6245b29d7e842bf35a42a0. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇨🇭 Zeprax	2025-12-17 19:44:51 (6 months ago)	Layer 7 Flood Detected	DDoS Attack
🇩🇪 Packets-Decreaser.NET	2025-12-09 20:27:49 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-12-09 03:08:24 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.12.09 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.12.09 is noted in report timestamp show less	Hacking Brute-Force
🇱🇻 garmtech.com	2025-12-04 02:09:39 (6 months ago)	IM360 WAF: Attempt to upload malware	Hacking

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 209.74.67.47

🇻🇳 180.93.172.213

🇷🇺 92.36.0.56

🇪🇸 207.188.158.216

🇺🇸 189.104.94.18

🇨🇳 183.134.89.220

🇺🇸 174.35.25.177

🇫🇮 147.185.133.247

🇷🇺 94.25.174.215

🇳🇱 45.156.87.177

🇸🇬 43.172.197.94

🇸🇬 209.74.67.35

🇩🇪 194.187.176.121

🇳🇱 185.223.235.61

🇳🇱 185.223.235.12

🇳🇱 176.65.139.247

🇬🇧 94.9.233.149

🇫🇷 91.231.89.104

🇳🇱 91.92.40.6

🇱🇹 81.30.98.62