JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 140.235.3.134

140.235.3.134 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 4%: ?

ISP	DirectBackup LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	directbackup.co
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 140.235.3.134

Whois 140.235.3.134

IP Abuse Reports for 140.235.3.134:

This IP address has been reported a total of 29 times from 18 distinct sources. 140.235.3.134 was first reported on May 4th 2025, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-22 02:44:27 (9 hours ago)	(mod_security) mod_security (id:210350) triggered by 140.235.3.134 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 140.235.3.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 22:44:19.749243 2026] [security2:error] [pid 24719:tid 24719] [client 140.235.3.134:40351] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|btccasting.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "btccasting.com"] [uri "/"] [unique_id "ajihgylfJvLrd-on4OrHrQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 london2038.com	2026-03-27 12:19:27 (2 months ago)	Malformed or malicious web request 140.235.3.134 - - [27/Mar/2026:13:19:21 +0100] "POST /xmlrpc.php ... show more Malformed or malicious web request 140.235.3.134 - - [27/Mar/2026:13:19:21 +0100] "POST /xmlrpc.php HTTP/1.1" 404 4187 "-" "AppleWebKit/533.33 (KHTML, like Gecko111)" show less	Hacking Web App Attack
Anonymous	2026-03-23 07:20:58 (2 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-03-22 04:14:15 (3 months ago)	(mod_security) mod_security (id:210350) triggered by 140.235.3.134 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 140.235.3.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 22 00:14:07.960917 2026] [security2:error] [pid 22659:tid 22659] [client 140.235.3.134:15201] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|holdingfamily.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "holdingfamily.com"] [uri "/"] [unique_id "ab9sj8Q32PgsRCWJci7xJAAAAAM"], referer: https://www.facebook.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-20 12:16:29 (3 months ago)	[Firewall Canary] Temporary ban due to firewall rule match [URI canary:*/xmlrpc.php]	Web App Attack
🇩🇪 MusicLibrary	2026-03-19 19:39:59 (3 months ago)	Attempted access to non existent wordpress urls	Bad Web Bot
🇮🇩 BPS-StatisticsIndonesia	2026-03-18 10:43:00 (3 months ago)	XML RPC Scan Activities: "2026-03-18T17:43:00.164+07:00" "/xmlrpc.php" "140.235.3.134" "Chrome/93.3 ... show more XML RPC Scan Activities: "2026-03-18T17:43:00.164+07:00" "/xmlrpc.php" "140.235.3.134" "Chrome/93.3 Safari/533.53" show less	Web App Attack Brute-Force
🇩🇪 MusicLibrary	2026-03-15 06:11:31 (3 months ago)	Attempted access to non existent wordpress urls	Bad Web Bot
🇮🇩 BPS-StatisticsIndonesia	2026-03-14 13:30:10 (3 months ago)	XML RPC Scan Activities: "2026-03-14T20:30:10.062+07:00" "/xmlrpc.php" "140.235.3.134" "AppleWebKit/ ... show more XML RPC Scan Activities: "2026-03-14T20:30:10.062+07:00" "/xmlrpc.php" "140.235.3.134" "AppleWebKit/537.37 (KHTML, like Gecko111)" show less	Web App Attack Brute-Force
🇨🇭 backslash	2026-03-11 08:21:04 (3 months ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot
🇺🇸 rsa	2026-03-04 00:23:00 (3 months ago)	excessive crawling ddos	DDoS Attack Web App Attack
Anonymous	2026-02-18 01:57:01 (4 months ago)	GlobalProtect Password Spraying	Brute-Force
🇫🇷 tilellit.pro	2026-02-13 16:41:14 (4 months ago)	Fail2Ban banned 140.235.3.134 for security violations in jail wp-armour. Log: 2026/02/13 16:41:13 [e ... show more Fail2Ban banned 140.235.3.134 for security violations in jail wp-armour. Log: 2026/02/13 16:41:13 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 140.235.3.134 \| Target: wplogin" , client: 140.235.3.134, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇫🇷 tilellit.pro	2026-02-11 14:16:25 (4 months ago)	Fail2Ban banned 140.235.3.134 for security violations in jail wp-armour. Log: 2026/02/11 14:16:24 [e ... show more Fail2Ban banned 140.235.3.134 for security violations in jail wp-armour. Log: 2026/02/11 14:16:24 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 140.235.3.134 \| Target: wplogin" , client: 140.235.3.134, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇮🇹 Rosh	2026-02-07 18:08:07 (4 months ago)	[02/07/26 19:08:07] 1 attack: /xmlrpc.php (severity 6);	Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 143.42.164.182

🇺🇸 47.223.212.176

🇺🇸 2607:f8b0:4001:c12::121

🇭🇰 199.45.154.121

🇧🇴 181.115.171.217

🇩🇪 139.59.208.49

🇨🇳 59.53.133.180

🇨🇦 52.139.41.31

🇳🇱 45.148.10.151

🇸🇬 43.172.197.126

🇰🇿 2.135.146.53

🇮🇩 2406:da19:776:6e01:f069:7fe4:47a9:952a

🇺🇸 178.156.227.115

🇩🇪 148.153.140.89

🇸🇬 114.119.159.233

🇨🇳 106.46.30.125

🇨🇳 101.96.195.253

🇫🇷 84.235.233.122

🇳🇱 45.148.10.240

🇨🇳 42.179.170.247