JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 140.235.3.203

140.235.3.203 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 0%: ?

ISP	DirectBackup LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	directbackup.co
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 140.235.3.203

Whois 140.235.3.203

IP Abuse Reports for 140.235.3.203:

This IP address has been reported a total of 7 times from 4 distinct sources. 140.235.3.203 was first reported on September 12th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nodepile	2025-12-27 02:29:10 (5 months ago)	Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/product_info.php ua='Mozilla/5.0 ( ... show more Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/product_info.php ua='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.2250.39 Safari/537.36') show less	Open Proxy VPN IP
🇩🇪 HandyTreff.de	2025-12-22 05:16:59 (5 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -20.206 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -20.206 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.1247.1 show less	Bad Web Bot Web App Attack
🇨🇭 backslash	2025-12-13 01:40:14 (5 months ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-29 04:32:56 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 140.235.3.203 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 140.235.3.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 23:32:49.790715 2025] [security2:error] [pid 11061:tid 11061] [client 140.235.3.203:21935] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|gamepart.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "gamepart.com"] [uri "/home/tancedi1/gamepart.com"] [unique_id "aSp3cT5-4Nsraj1CYxvUZAAAAAs"], referer: https://slate.com/technology/2006/06/the-godfather-the-game-reviewed.html show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-10-17 05:00:34 (7 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-10-15 08:14:13 (7 months ago)	(mod_security) mod_security (id:210350) triggered by 140.235.3.203 (140-235-3-203.cloudairone.com): ... show more (mod_security) mod_security (id:210350) triggered by 140.235.3.203 (140-235-3-203.cloudairone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 15 04:14:05.544996 2025] [security2:error] [pid 20999:tid 20999] [client 140.235.3.203:48881] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|thesweetfam.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "thesweetfam.com"] [uri "/"] [unique_id "aO9XzYEreI15xlfcawtH1QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-12 02:01:01 (8 months ago)	(mod_security) mod_security (id:210350) triggered by 140.235.3.203 (140-235-3-203.cloudairone.com): ... show more (mod_security) mod_security (id:210350) triggered by 140.235.3.203 (140-235-3-203.cloudairone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 11 22:00:54.124332 2025] [security2:error] [pid 6861:tid 6861] [client 140.235.3.203:35433] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|jetpower.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "jetpower.com"] [uri "/"] [unique_id "aMN-1hrx6-NYUhISfIKEKAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇱 180.189.174.146

🇨🇳 180.153.236.155

🇳🇱 193.176.31.228

🇧🇷 190.89.137.43

🇫🇷 155.117.233.15

🇳🇬 152.32.141.86

🇨🇳 150.139.201.247

🇸🇪 146.247.233.62

🇺🇸 107.174.90.23

🇳🇱 77.83.39.53

🇳🇱 45.198.224.5

🇬🇧 45.82.76.103

🇺🇸 24.155.24.121

🇺🇸 18.221.119.78

🇺🇸 3.137.151.93

🇺🇸 192.210.194.2

🇩🇪 188.68.52.231

🇹🇷 185.223.77.200

🇮🇶 185.166.25.150

🇨🇳 106.124.137.21