JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 140.235.2.55

140.235.2.55 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 13%: ?

13%

ISP	DirectBackup LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	directbackup.co
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 140.235.2.55

Whois 140.235.2.55

IP Abuse Reports for 140.235.2.55:

This IP address has been reported a total of 13 times from 10 distinct sources. 140.235.2.55 was first reported on October 16th 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 relianoid.com	2026-06-24 18:29:59 (6 days ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 mnsf	2026-06-19 16:06:40 (1 week ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-28 07:03:24 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 140.235.2.55 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 140.235.2.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 28 02:03:14.462911 2026] [security2:error] [pid 22849:tid 22849] [client 140.235.2.55:61805] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|unitedletter.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "unitedletter.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aaKTMrDRUfnCWCeaI-5GxAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-21 05:18:13 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 140.235.2.55 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 140.235.2.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 21 00:18:05.588163 2026] [security2:error] [pid 4996:tid 4996] [client 140.235.2.55:21989] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|integrabroadcast.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "integrabroadcast.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZlADQJH4IkKrgamxjj66wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-01-02 06:56:46 (5 months ago)	IM360 WAF: Attempt to upload malware	Hacking
Anonymous	2025-12-23 15:18:02 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.23 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.23 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 03:32:36 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.12.19 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 inspectorgdgt	2025-12-18 01:06:06 (6 months ago)	Failed login invalid user bruteforce attempt	Brute-Force SSH
Anonymous	2025-12-10 23:45:18 (6 months ago)	Forum/form spam	Web Spam
🇨🇦 wil.com	2025-11-15 15:27:49 (7 months ago)	GlobalProtect login attempts with user eliod.	VPN IP Brute-Force
🇱🇻 garmtech.com	2025-10-23 00:05:22 (8 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇺🇸 mind5t0rm	2025-10-18 09:36:17 (8 months ago)	(WPLOGIN) WP Login Attack 140.235.2.55 (US/United States/140-235-2-55.cloudairone.com): 3 in the las ... show more (WPLOGIN) WP Login Attack 140.235.2.55 (US/United States/140-235-2-55.cloudairone.com): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 140.235.2.55 - - [18/Oct/2025:16:35:47 +0700] "GET /wp-login.php HTTP/1.1" 200 2816 "https://zerowaterthailand.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36" 140.235.2.55 - - [18/Oct/2025:16:36:05 +0700] "POST /wp-login.php HTTP/1.1" 200 2966 "https://zerowaterthailand.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36" 140.235.2.55 - - [18/Oct/2025:16:36:13 +0700] "POST /wp-login.php HTTP/1.1" 200 3143 "https://zerowaterthailand.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36" show less	Port Scan
🇺🇸 fbarela	2025-10-16 06:00:10 (8 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.185.124.106

🇦🇿 94.20.251.27

🇳🇱 68.183.9.16

🇨🇦 51.222.158.107

🇳🇵 202.70.78.237

🇲🇽 187.190.35.163

🇺🇸 162.214.159.200

🇸🇬 151.246.1.47

🇩🇪 138.124.73.150

🇿🇦 105.247.69.196

🇨🇳 58.42.204.29

🇬🇧 213.166.84.45

🇻🇳 171.237.176.209

🇧🇷 170.84.183.53

🇦🇺 101.176.5.139

🇰🇷 43.166.1.243

🇻🇳 27.71.230.31

🇺🇸 98.160.166.116

🇺🇸 66.249.70.130

🇫🇷 51.38.12.15