JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 140.235.2.182

140.235.2.182 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 0%: ?

ISP	DirectBackup LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	directbackup.co
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 140.235.2.182

Whois 140.235.2.182

IP Abuse Reports for 140.235.2.182:

This IP address has been reported a total of 8 times from 6 distinct sources. 140.235.2.182 was first reported on September 11th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-03-26 03:01:00 (2 months ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-03-26 02:44:30 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 140.235.2.182 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 140.235.2.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 22:44:23.182151 2026] [security2:error] [pid 28230:tid 28230] [client 140.235.2.182:13321] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.evolute.io\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.evolute.io"] [uri "/wp-json/wp/v2/users/"] [unique_id "acSdhyQeHUxSGYuZodHnKgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-26 10:00:00 (4 months ago)	Vpn Brute Force	Brute-Force Bad Web Bot
Anonymous	2026-01-05 23:26:21 (5 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-10-09 13:58:44 (8 months ago)	(mod_security) mod_security (id:210350) triggered by 140.235.2.182 (140-235-2-182.cloudairone.com): ... show more (mod_security) mod_security (id:210350) triggered by 140.235.2.182 (140-235-2-182.cloudairone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 09 09:58:39.733635 2025] [security2:error] [pid 2555:tid 2555] [client 140.235.2.182:20001] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|sahinozalit.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "sahinozalit.com"] [uri "/"] [unique_id "aOe_j4Y-g5myVvMOoIh3dAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-09-15 23:54:18 (9 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇧🇪 voormedia	2025-09-13 05:15:28 (9 months ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇺🇸 TPI-Abuse	2025-09-11 00:44:16 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 140.235.2.182 (140-235-2-182.cloudairone.com): ... show more (mod_security) mod_security (id:210350) triggered by 140.235.2.182 (140-235-2-182.cloudairone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 10 20:44:07.477294 2025] [security2:error] [pid 32175:tid 32175] [client 140.235.2.182:23565] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|surrenderhouse.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "surrenderhouse.com"] [uri "/contact.html"] [unique_id "aMIbV-lRitT0-VhWhHAEGQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.175.61.207

🇹🇼 198.235.24.68

🇲🇽 187.170.156.216

🇳🇱 178.16.53.13

🇮🇳 122.187.219.78

🇭🇰 103.190.233.2

🇻🇳 58.186.20.101

🇷🇴 2.57.121.25

🇧🇪 2a00:1450:400c:c04::127

🇨🇳 223.88.163.171

🇨🇳 218.64.153.175

🇺🇸 104.243.35.120

🇳🇱 45.153.34.71

🇺🇸 38.34.175.146

🇳🇱 34.7.251.49

🇧🇷 201.55.113.122

🇧🇪 198.235.24.221

🇫🇷 194.163.160.229

🇸🇬 168.138.166.172

🇳🇱 158.94.211.16