JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 140.235.1.100

140.235.1.100 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 18%: ?

18%

ISP	DirectBackup LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	directbackup.co
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 140.235.1.100

Whois 140.235.1.100

IP Abuse Reports for 140.235.1.100:

This IP address has been reported a total of 18 times from 9 distinct sources. 140.235.1.100 was first reported on October 18th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-05-26 15:48:14 (2 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 18-48.140.235.1.100.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 18-48.140.235.1.100.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇳🇱 i-turnradio.nl	2026-05-24 14:52:20 (2 weeks ago)	2026-05-24 @ 16:52:20 (CET) ~ Blocked for trying to access: /xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-04-30 13:20:54 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 140.235.1.100 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 140.235.1.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 30 09:20:48.301882 2026] [security2:error] [pid 9713:tid 9713] [client 140.235.1.100:31023] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|thehealthyplaceclayton.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thehealthyplaceclayton.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afNXMFiVIk1LCSpJOLaN8AAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-04-30 00:47:41 (1 month ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 140.235.1.100 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 140.235.1.100 (US/United States/-): 2 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-04-30 00:47:02 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 140.235.1.100 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 140.235.1.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 20:46:53.091036 2026] [security2:error] [pid 28293:tid 28293] [client 140.235.1.100:51439] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ronjamestelevision.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ronjamestelevision.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afKmfVWaYCREMgJAQI08cwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-28 20:21:48 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 140.235.1.100 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 140.235.1.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 16:21:40.768551 2026] [security2:error] [pid 12545:tid 12574] [client 140.235.1.100:46937] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|miraclebrow.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "miraclebrow.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afEW1JbgYE7sHI2I2fB_fgAAAM0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-27 10:33:17 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 140.235.1.100 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 140.235.1.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 06:33:10.593014 2026] [security2:error] [pid 4485:tid 4485] [client 140.235.1.100:29595] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|fiasdesigns.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fiasdesigns.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae87ZlhJADkO_JNyZ8l8uAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-26 01:03:41 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 140.235.1.100 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 140.235.1.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 21:03:31.067214 2026] [security2:error] [pid 4302:tid 4428] [client 140.235.1.100:56341] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|artmarialeon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "artmarialeon.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae1kY059FNQpNTY1VDhQCQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-18 10:34:48 (2 months ago)	Aggressive web scan	Web App Attack
Anonymous	2026-01-30 23:01:28 (4 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.30 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.30 is noted in report timestamp show less	Hacking Brute-Force
🇱🇻 garmtech.com	2026-01-02 14:35:25 (5 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇫🇷 masterguru	2025-12-23 11:22:02 (5 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 140.235.1.100 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 140.235.1.100 (US/United States/-): 1 in the last 3600 secs (0-197) show less	Hacking
Anonymous	2025-12-22 07:11:42 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.22 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.22 is noted in report timestamp show less	Hacking Brute-Force
🇱🇻 garmtech.com	2025-12-22 06:21:36 (5 months ago)	IM360 WAF: Attempt to upload malware	Hacking
Anonymous	2025-12-12 07:10:43 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.12 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.12 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 213.180.203.184

🇩🇪 185.242.3.226

🇩🇪 69.5.169.162

🇩🇪 64.89.163.131

🇳🇱 50.7.47.206

🇳🇱 45.148.10.157

🇺🇸 20.62.204.18

🇫🇷 212.227.27.47

🇧🇷 201.71.192.108

🇺🇸 195.210.114.114

🇮🇳 182.95.48.122

🇸🇬 159.223.33.252

🇮🇩 103.185.53.93

🇻🇳 103.176.20.115

🇩🇪 91.239.211.190

🇧🇬 77.83.36.159

🇷🇺 72.56.236.213

🇩🇪 64.227.115.225

🇬🇧 57.129.133.221

🇺🇸 52.167.144.139