JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 140.235.1.54

140.235.1.54 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 30%: ?

30%

ISP	DirectBackup LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	directbackup.co
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 140.235.1.54

Whois 140.235.1.54

IP Abuse Reports for 140.235.1.54:

This IP address has been reported a total of 12 times from 8 distinct sources. 140.235.1.54 was first reported on November 7th 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Oakley	2026-06-08 09:38:21 (4 days ago)	(mod_security) mod_security (id:900178) triggered by 140.235.1.54 (US/United States/-): 5 in the las ... show more (mod_security) mod_security (id:900178) triggered by 140.235.1.54 (US/United States/-): 5 in the last 900 secs show less	Web App Attack Hacking
🇸🇮 administrator	2026-06-02 22:05:12 (1 week ago)	2026-05-31 00:09:35,550 fail2ban.actions [264721]: NOTICE [apache-fakegooglebot] Ban 140.235 ... show more 2026-05-31 00:09:35,550 fail2ban.actions [264721]: NOTICE [apache-fakegooglebot] Ban 140.235.1.54 2026-06-02 16:27:10,400 fail2ban.actions [1162]: NOTICE [error-bots] Ban 140.235.1.54 2026-05-31 00:09:35,550 fail2ban.actions [264721]: NOTICE [apache-fakegooglebot] Ban 140.235.1.54 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-06-01 10:25:23 (1 week ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 13-25.140.235.1.54.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 13-25.140.235.1.54.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇦🇺 MAGIC	2026-05-16 01:30:54 (3 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇩🇪 LRob.fr	2026-05-15 13:15:14 (3 weeks ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-30 22:07:22 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 140.235.1.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 140.235.1.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 30 18:07:16.045949 2026] [security2:error] [pid 22848:tid 22848] [client 140.235.1.54:11917] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|weddingmusicguitar.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "weddingmusicguitar.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afPSlGb2BJKAMVGb2hxO8wAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-30 01:33:56 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 140.235.1.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 140.235.1.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 21:33:49.780548 2026] [security2:error] [pid 13366:tid 13366] [client 140.235.1.54:13629] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|sahinozalit.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sahinozalit.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afKxfaCKIRx8XtRvLCZHNgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-28 14:11:21 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 140.235.1.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 140.235.1.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 10:11:12.957863 2026] [security2:error] [pid 7719:tid 7719] [client 140.235.1.54:17847] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|livingminimal.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "livingminimal.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afDAANo5ICmDf4BL1gszAAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-26 21:28:41 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 140.235.1.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 140.235.1.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 17:28:34.588299 2026] [security2:error] [pid 12372:tid 12372] [client 140.235.1.54:59111] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cuetzpalin.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cuetzpalin.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae6DgoYWTBDkjQ217MMC6QAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-26 09:42:29 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 140.235.1.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 140.235.1.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 05:42:21.287890 2026] [security2:error] [pid 3783:tid 3783] [client 140.235.1.54:41849] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|briannalls.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "briannalls.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae3d_czrFchJi9JyFc19EAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 Block Rockin' Beats	2025-11-19 01:34:18 (6 months ago)	Scanning forum with forged referal	Hacking Web App Attack
Anonymous	2025-11-07 04:52:41 (7 months ago)	Forum/form spam	Web Spam

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇪 200.37.179.83

🇨🇴 181.61.246.229

🇫🇮 34.88.178.28

🇰🇪 197.254.56.50

🇬🇧 185.216.145.183

🇨🇳 119.99.165.77

🇨🇳 71.136.119.44

🇸🇳 41.82.50.218

🇰🇪 41.60.235.196

🇯🇵 20.89.43.232

🇷🇴 2.57.122.177

🇺🇸 216.218.206.108

🇦🇷 190.19.65.132

🇳🇬 165.154.11.225

🇮🇩 103.151.140.97

🇳🇱 86.54.31.34

🇨🇳 58.209.82.184

🇷🇺 46.183.130.145

🇳🇱 45.148.10.151

🇩🇪 43.228.157.10