JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 140.235.1.172

140.235.1.172 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 0%: ?

ISP	DirectBackup LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	directbackup.co
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 140.235.1.172

Whois 140.235.1.172

IP Abuse Reports for 140.235.1.172:

This IP address has been reported a total of 5 times from 5 distinct sources. 140.235.1.172 was first reported on September 12th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-01-13 07:55:00 (5 months ago)	CMDI Score: 5 \| Issues: [{"source":"GET","key":"option","type":"ssti","pattern":"ssti-math-expansion ... show more CMDI Score: 5 \| Issues: [{"source":"GET","key":"option","type":"ssti","pattern":"ssti-math-expansion","sample":"dfb__${98991*97996}__::.x"}] show less	Bad Web Bot Web App Attack
🇺🇸 fbarela	2025-12-12 03:00:17 (6 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
Anonymous	2025-12-08 11:40:12 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.08 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.08 is noted in report timestamp show less	Hacking Brute-Force
🇨🇭 backslash	2025-11-19 17:01:09 (7 months ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot
🇺🇸 TPI-Abuse	2025-09-12 02:51:47 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 140.235.1.172 (140-235-1-172.cloudairone.com): ... show more (mod_security) mod_security (id:210350) triggered by 140.235.1.172 (140-235-1-172.cloudairone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 11 22:51:42.029356 2025] [security2:error] [pid 18733:tid 18733] [client 140.235.1.172:45085] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.chriseaton.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.chriseaton.com"] [uri "/"] [unique_id "aMOKvosvHSxYgig3233n6AAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.178.118.85

🇮🇳 185.244.11.65

🇨🇳 157.255.29.89

🇷🇺 81.211.72.167

🇺🇸 192.178.118.84

🇺🇸 192.178.118.83

🇺🇸 192.178.118.82

🇮🇳 183.82.108.109

🇨🇳 139.212.71.0

🇮🇩 117.102.86.226

🇨🇳 112.86.225.167

🇧🇬 78.128.114.22

🇧🇷 45.205.1.244

🇳🇱 45.156.128.73

🇨🇭 35.216.195.77

🇺🇸 35.190.43.134

🇳🇱 192.178.118.158

🇳🇱 192.178.118.157

🇳🇱 192.178.118.156

🇨🇳 182.119.230.148