JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.234.208.140

104.234.208.140 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 40%: ?

40%

ISP	Internet Utilities NA LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	iana.org
Country	🇺🇸 United States of America
City	Houston, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.234.208.140

Whois 104.234.208.140

IP Abuse Reports for 104.234.208.140:

This IP address has been reported a total of 17 times from 8 distinct sources. 104.234.208.140 was first reported on June 11th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 12:38:54 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.234.208.140 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.234.208.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 08:38:50.546613 2026] [security2:error] [pid 15275:tid 15293] [client 104.234.208.140:48479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "agqo.org"] [uri "/.env"] [unique_id "aiv92gbuPCavtzJBdF7VXAAAAE4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-12 12:05:18 (2 weeks ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 11:22:26 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.234.208.140 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.234.208.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 07:22:21.311251 2026] [security2:error] [pid 23909:tid 23909] [client 104.234.208.140:58799] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jitterbugswing.com"] [uri "/.env"] [unique_id "aivr7UAopAZN9kJUcm1mPQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-12 11:09:02 (2 weeks ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [mx01,mx02,mx03]	Bad Web Bot Web App Attack
🇺🇸 SLSLLC	2026-06-12 10:36:08 (2 weeks ago)	104.234.208.140 - - [12/Jun/2026:10:36:07 +0000] "GET /.env HTTP/2.0" 403 1927 "-" "Mozilla/5.0 (Mac ... show more 104.234.208.140 - - [12/Jun/2026:10:36:07 +0000] "GET /.env HTTP/2.0" 403 1927 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 10:19:55 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.234.208.140 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.234.208.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 06:19:50.145671 2026] [security2:error] [pid 27404:tid 27404] [client 104.234.208.140:27153] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "5starfluffandfold.com"] [uri "/.env"] [unique_id "aivdRtEVlv5aNgLZLM98lgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-12 10:07:01 (2 weeks ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇩🇪 Bedios GmbH	2026-06-12 08:50:18 (2 weeks ago)	Login credentials theft attempt	Hacking
🇧🇪 cmbplf	2026-06-12 07:34:51 (2 weeks ago)	196 requests with url.path *.env	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-11 19:19:58 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.234.208.140 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.234.208.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 15:19:51.826117 2026] [security2:error] [pid 31211:tid 31211] [client 104.234.208.140:33013] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ehrlichfamily.com"] [uri "/.env"] [unique_id "aisKV7FPY1hBScK-StV9qQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 17:22:31 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.234.208.140 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.234.208.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 13:22:24.485259 2026] [security2:error] [pid 23738:tid 23738] [client 104.234.208.140:54075] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "10besthotels.com"] [uri "/.env"] [unique_id "airu0O-0GzxWsfez8zJ0VQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 15:24:49 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.234.208.140 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.234.208.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 11:24:43.321995 2026] [security2:error] [pid 24403:tid 24456] [client 104.234.208.140:39923] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "danielkerr.com"] [uri "/.env"] [unique_id "airTO9C1dG46GlAghU1X7AAAAFI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dklueh79	2026-06-11 15:11:26 (2 weeks ago)	Probe for vulnerabilities. Path attempted: /.env	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 14:31:33 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.234.208.140 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.234.208.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 10:31:30.684959 2026] [security2:error] [pid 19786:tid 19798] [client 104.234.208.140:47849] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "1shot.us"] [uri "/.env"] [unique_id "airGwnwX_WZK-5fwtojw1AAAAEc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 12:32:58 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 104.234.208.140 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.234.208.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 08:32:55.311239 2026] [security2:error] [pid 17625:tid 17625] [client 104.234.208.140:47437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adampayments.com"] [uri "/.env"] [unique_id "aiqq90xg7jigqRwy8x7QzAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇱 193.163.187.123

🇮🇳 182.78.240.94

🇺🇸 146.88.240.173

🇰🇷 211.104.215.184

🇧🇴 192.223.104.13

🇺🇸 192.159.99.144

🇹🇷 188.59.88.234

🇮🇱 185.46.78.37

🇳🇵 113.199.228.188

🇫🇷 95.111.234.72

🇳🇱 77.250.159.178

🇺🇸 66.132.186.221

🇨🇳 60.23.235.244

🇷🇺 46.167.65.90

🇺🇸 35.169.206.177

🇯🇵 210.252.40.67

🇸🇪 194.99.27.202

🇩🇪 185.168.31.109

🇨🇴 185.122.243.134

🇮🇳 182.95.182.138