JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 140.235.170.117

140.235.170.117 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 8%: ?

ISP	SharePolicy LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	sharepolicy.net
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 140.235.170.117

Whois 140.235.170.117

IP Abuse Reports for 140.235.170.117:

This IP address has been reported a total of 13 times from 5 distinct sources. 140.235.170.117 was first reported on October 16th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-21 23:44:19 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 140.235.170.117 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 140.235.170.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 19:44:11.652801 2026] [security2:error] [pid 8557:tid 8565] [client 140.235.170.117:60485] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|fastestcopyright.com\|F\|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "fastestcopyright.com"] [uri "/wp-config.inc"] [unique_id "ag-Yy21yIOs53LfciGhMdgAAAUY"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-05-21 15:56:30 (1 month ago)	IM360 WAF: Information Disclosure Attempt in WordPress MV:/wp-config.txt	Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 12:11:32 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 140.235.170.117 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 140.235.170.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 08:11:25.847682 2026] [security2:error] [pid 29998:tid 29998] [client 140.235.170.117:61879] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "harwoodmechanical.com"] [uri "/wp-config.php.bak"] [unique_id "ag2k7UQ0piFCJzf9H6kpkQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 03:00:54 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 140.235.170.117 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 140.235.170.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 23:00:47.102667 2026] [security2:error] [pid 16386:tid 16417] [client 140.235.170.117:54757] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "almerirock.com"] [uri "/wp-config.php.orig"] [unique_id "ag0j3xtUjZ5-V4f5UtrDHwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-08 08:21:24 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 140.235.170.117 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 140.235.170.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 03:21:19.834856 2026] [security2:error] [pid 944:tid 944] [client 140.235.170.117:40791] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|laradioactivitat.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "laradioactivitat.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aYhHfyHkw4IUfEz4euxE3QAAAAo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-03 16:05:10 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 140.235.170.117 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 140.235.170.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 03 11:04:38.618540 2026] [security2:error] [pid 10387:tid 10387] [client 140.235.170.117:56675] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|primacomm.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "primacomm.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aYIcllaUBmsTRlKrVPxCngAAAAc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-26 10:00:00 (4 months ago)	Vpn Brute Force	Brute-Force Bad Web Bot
🇮🇩 sockominfo	2026-01-22 21:00:05 (5 months ago)	Administrative account creation during non-business hours - Jakarta timezone (WIB). Threat Score: 7. ... show more Administrative account creation during non-business hours - Jakarta timezone (WIB). Threat Score: 7.9/10 (HIGH). CVSS: 7/10 (High). Bayesian: 87%. MITRE: T1566. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-01-22 20:00:32 (5 months ago)	Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Web App Attack
🇮🇩 sockominfo	2026-01-22 19:00:06 (5 months ago)	Administrative account creation during non-business hours - Jakarta timezone (WIB). Threat Score: 7. ... show more Administrative account creation during non-business hours - Jakarta timezone (WIB). Threat Score: 7.8/10 (HIGH). CVSS: 7/10 (High). Bayesian: 83%. MITRE: T1566. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-01-22 18:00:22 (5 months ago)	Administrative account creation during non-business hours - Jakarta timezone (WIB). Threat Score: 6. ... show more Administrative account creation during non-business hours - Jakarta timezone (WIB). Threat Score: 6.5/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇹 alph44	2025-10-17 01:04:05 (8 months ago)	WordPress attack detected by fail2ban: 3 failed attempts	Web App Attack
🇺🇸 TPI-Abuse	2025-10-16 08:21:57 (8 months ago)	(mod_security) mod_security (id:210350) triggered by 140.235.170.117 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210350) triggered by 140.235.170.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 16 04:21:50.501704 2025] [security2:error] [pid 19831:tid 19831] [client 140.235.170.117:13889] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|passy.us\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "passy.us"] [uri "/"] [unique_id "aPCrHm5Q_zKQL4hagaZ6GQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.223.235.36

🇭🇰 152.32.252.233

🇮🇳 110.226.8.218

🇫🇷 91.196.152.184

🇰🇷 20.214.145.16

🇩🇪 5.83.191.151

🇺🇸 205.210.31.45

🇸🇧 202.1.186.23

🇳🇱 195.178.110.30

🇺🇸 147.185.132.216

🇮🇳 125.23.203.138

🇮🇳 121.200.49.212

🇨🇳 118.196.116.160

🇰🇿 89.40.193.177

🇩🇪 77.110.107.31

🇺🇸 47.251.59.83

🇳🇱 45.148.10.141

🇬🇧 193.32.209.231

🇨🇦 166.48.169.221

🇵🇭 122.54.169.3