JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 140.235.2.128

140.235.2.128 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 7%: ?

ISP	DirectBackup LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	directbackup.co
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 140.235.2.128

Whois 140.235.2.128

IP Abuse Reports for 140.235.2.128:

This IP address has been reported a total of 8 times from 6 distinct sources. 140.235.2.128 was first reported on November 11th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-17 20:43:03 (1 month ago)	"POST /xmlrpc.php HTTP/1.1"	Hacking Web App Attack
🇬🇧 Oakley	2026-05-03 00:38:21 (1 month ago)	(confirmed_bot_sig) Confirmed bot	Hacking
🇺🇸 TPI-Abuse	2026-02-28 03:12:22 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 140.235.2.128 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 140.235.2.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 27 22:12:11.686015 2026] [security2:error] [pid 26341:tid 26341] [client 140.235.2.128:38931] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|tedharris.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tedharris.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aaJdCxqfmHCpg-16YKnQ4AAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-27 08:06:00 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 140.235.2.128 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 140.235.2.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 27 03:05:51.261885 2026] [security2:error] [pid 30366:tid 30366] [client 140.235.2.128:22029] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|neilvboyer.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "neilvboyer.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aaFQX1O0CDOavEZvZEug7gAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-25 19:39:21 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 140.235.2.128 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 140.235.2.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 25 14:39:09.339092 2026] [security2:error] [pid 6055:tid 6055] [client 140.235.2.128:28859] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|arsndetx.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "arsndetx.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZ9P3fM1lsvQDsYXTDRPvAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-19 00:00:00 (5 months ago)	Brute force against VPN	Brute-Force Bad Web Bot
🇫🇷 masterguru	2025-12-23 11:18:13 (5 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 140.235.2.128 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 140.235.2.128 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇨🇭 backslash	2025-11-11 17:40:27 (7 months ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇪 200.107.163.195

🇺🇸 147.185.132.62

🇺🇸 68.235.46.49

🇺🇸 44.215.219.236

🇹🇼 198.235.24.122

🇹🇼 198.235.24.121

🇹🇼 198.235.24.120

🇸🇬 176.97.118.111

🇺🇸 157.131.169.86

🇳🇱 91.92.40.31

🇺🇸 74.125.181.154

🇺🇸 68.235.46.46

🇺🇸 68.235.46.37

🇺🇸 64.62.156.158

🇬🇧 20.39.225.26

🇺🇸 207.29.202.31

🇧🇪 198.235.24.255

🇹🇼 198.235.24.113

🇨🇦 198.50.202.93

🇬🇧 193.163.125.141