JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.234.208.240

104.234.208.240 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 39%: ?

39%

ISP	Internet Utilities NA LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	iana.org
Country	🇺🇸 United States of America
City	Houston, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.234.208.240

Whois 104.234.208.240

IP Abuse Reports for 104.234.208.240:

This IP address has been reported a total of 9 times from 6 distinct sources. 104.234.208.240 was first reported on June 12th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-13 23:06:07 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 104.234.208.240 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.234.208.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 19:06:00.299094 2026] [security2:error] [pid 13529:tid 13529] [client 104.234.208.240:23765] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "earthtwoworkshop.com"] [uri "/.env"] [unique_id "ai3iWAUqcv0xuYkU3ZMuqgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-13 23:02:59 (5 days ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 22:23:52 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 104.234.208.240 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.234.208.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 18:23:45.167921 2026] [security2:error] [pid 11807:tid 11807] [client 104.234.208.240:50357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "40svocaltrio.com"] [uri "/.env"] [unique_id "ai3YcX46a2emCAi3VT6n3AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 interbiznw.com	2026-06-13 22:18:37 (5 days ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 18:32:38 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 104.234.208.240 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.234.208.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 14:32:30.377229 2026] [security2:error] [pid 7638:tid 7638] [client 104.234.208.240:54981] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "goldengatecorgis.org"] [uri "/.env"] [unique_id "ai2iPlHQTtukGeFuBxbJLQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-13 17:10:49 (5 days ago)	[SatJun1319:10:44.8445802026][security2:error][pid2157101:tid2158613][client104.234.208.240:0]ModSec ... show more [SatJun1319:10:44.8445802026][security2:error][pid2157101:tid2158613][client104.234.208.240:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"behindthemoon.ch\"][uri\"/.env\"][unique_id\"ai2PFDkn9OS4vUKAH6s5zQAAARI\"] show less	Hacking Web App Attack
🇧🇪 cmbplf	2026-06-13 00:39:26 (6 days ago)	109 requests with url.path *.env	Brute-Force Bad Web Bot
Anonymous	2026-06-12 22:36:58 (6 days ago)	http scanning for .env files ...	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 21:32:06 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 104.234.208.240 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.234.208.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 17:32:02.874020 2026] [security2:error] [pid 19721:tid 19721] [client 104.234.208.240:28593] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stevedemers.com"] [uri "/.env"] [unique_id "aix60mPrePCwcITMd9DnFwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 117.121.214.50

🇫🇮 94.183.234.128

🇸🇪 79.138.90.195

🇧🇬 79.124.59.78

🇮🇶 65.20.198.159

🇮🇳 49.43.119.175

🇬🇧 45.198.224.141

🇰🇷 222.101.209.135

🇧🇷 189.20.181.138

🇷🇴 141.98.83.240

🇻🇳 116.98.244.34

🇩🇪 69.5.169.222

🇨🇳 58.57.154.146

🇸🇨 45.194.67.146

🇸🇬 45.78.198.199

🇮🇩 38.86.221.240

🇺🇸 34.50.176.253

🇮🇹 31.76.113.99

🇨🇳 27.24.141.156

🇰🇷 14.33.96.3