JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 140.235.2.219

140.235.2.219 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 9%: ?

ISP	DirectBackup LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	directbackup.co
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 140.235.2.219

Whois 140.235.2.219

IP Abuse Reports for 140.235.2.219:

This IP address has been reported a total of 19 times from 14 distinct sources. 140.235.2.219 was first reported on September 30th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-28 03:25:24 (1 week ago)	SQL injection, multiple attempts.	SQL Injection
🇩🇪 MusicLibrary	2026-04-11 10:14:16 (1 month ago)	Attempted access to non existent wordpress urls	Bad Web Bot
🇩🇪 MusicLibrary	2026-04-09 10:03:51 (1 month ago)	Attempted access to non existent wordpress urls	Bad Web Bot
🇧🇪 voormedia	2026-04-06 04:03:49 (2 months ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇺🇸 TPI-Abuse	2026-04-05 08:33:41 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 140.235.2.219 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 140.235.2.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 04:33:19.492082 2026] [security2:error] [pid 12339:tid 12339] [client 140.235.2.219:11639] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evolute.io"] [uri "/wp-config.php.original"] [unique_id "adIeT3vu7x3Px3MaemEs7QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-29 07:39:55 (2 months ago)	"POST /xmlrpc.php HTTP/1.1"	Hacking Web App Attack
🇩🇪 london2038.com	2026-03-21 19:04:53 (2 months ago)	Malformed or malicious web request 140.235.2.219 - - [21/Mar/2026:20:04:47 +0100] "POST /xmlrpc.php ... show more Malformed or malicious web request 140.235.2.219 - - [21/Mar/2026:20:04:47 +0100] "POST /xmlrpc.php HTTP/1.1" 404 4187 "-" "Chrome/93.3 Safari/533.53" show less	Hacking Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-03-17 10:48:04 (2 months ago)	XML RPC Scan Activities: "2026-03-17T17:48:04.064+07:00" "/xmlrpc.php" "140.235.2.219" "AppleWebKit/ ... show more XML RPC Scan Activities: "2026-03-17T17:48:04.064+07:00" "/xmlrpc.php" "140.235.2.219" "AppleWebKit/539.39 (KHTML, like Gecko111)" show less	Web App Attack Brute-Force
🇮🇩 BPS-StatisticsIndonesia	2026-03-15 17:14:05 (2 months ago)	XML RPC Scan Activities: "2026-03-16T00:14:05.083+07:00" "/xmlrpc.php" "140.235.2.219" "Mozilla/5.0 ... show more XML RPC Scan Activities: "2026-03-16T00:14:05.083+07:00" "/xmlrpc.php" "140.235.2.219" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:145.0) Gecko/20100101 Firefox/145.0" show less	Web App Attack Brute-Force
🇮🇩 BPS-StatisticsIndonesia	2026-03-14 05:43:04 (2 months ago)	XML RPC Scan Activities: "2026-03-14T12:43:04.078+07:00" "/xmlrpc.php" "140.235.2.219" "Mozilla/5.0 ... show more XML RPC Scan Activities: "2026-03-14T12:43:04.078+07:00" "/xmlrpc.php" "140.235.2.219" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:144.0) Gecko/20100101 Firefox/144.0" show less	Web App Attack Brute-Force
🇮🇪 Coolnagour	2026-03-13 21:33:03 (2 months ago)	http-probing: /xmlrpc.php	Web App Attack
🇫🇷 mrcrassi	2026-01-22 05:43:27 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/2 (POST method ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/2 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇪🇸 el-brujo	2026-01-11 20:11:10 (4 months ago)	[Sun Jan 11 21:11:09.032618 2026] [proxy_fcgi:error] [pid 415207:tid 415288] [remote 140.235.2.219:0 ... show more [Sun Jan 11 21:11:09.032618 2026] [proxy_fcgi:error] [pid 415207:tid 415288] [remote 140.235.2.219:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com [Sun Jan 11 21:11:10.454496 2026] [proxy_fcgi:error] [pid 415207:tid 415240] [remote 140.235.2.219:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com ... show less	Hacking Web App Attack
Anonymous	2025-12-23 12:07:42 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.23 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.23 is noted in report timestamp show less	Hacking Brute-Force
🇫🇷 masterguru	2025-12-23 11:22:37 (5 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 140.235.2.219 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 140.235.2.219 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 203.25.124.149

🇩🇪 194.164.203.46

🇺🇸 66.240.205.34

🇺🇸 64.62.197.98

🇬🇧 57.128.131.65

🇺🇸 45.63.4.69

🇩🇪 34.185.199.175

🇺🇸 20.169.85.177

🇮🇷 5.160.197.195

🇭🇰 199.45.154.190

🇳🇴 193.90.12.40

🇷🇴 193.46.255.151

🇷🇴 193.46.255.93

🇩🇪 167.94.146.41

🇺🇸 165.245.165.228

🇨🇳 115.190.117.228

🇷🇺 109.111.175.210

🇫🇷 88.190.132.168

🇳🇱 45.148.10.151

🇯🇵 34.97.196.209