JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.239.39.144

104.239.39.144 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 0%: ?

ISP	FASTPLANET LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	fastplanet.com
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.239.39.144

Whois 104.239.39.144

IP Abuse Reports for 104.239.39.144:

This IP address has been reported a total of 10 times from 8 distinct sources. 104.239.39.144 was first reported on August 26th 2024, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 ipoac.nl	2025-10-12 17:29:29 (8 months ago)	*:443 104.239.39.144 - - [12/Oct/2025:19:29:28 +0200] * "GET /wp-login.php?action=register HTTP/ ... show more *:443 104.239.39.144 - - [12/Oct/2025:19:29:28 +0200] * "GET /wp-login.php?action=register HTTP/1.1" 403 4645 "-" "Mozilla/5.0 (Windows NT 5.1; rv:52.0) Gecko/20100101 Firefox/52.0" show less	Bad Web Bot
🇱🇻 garmtech.com	2025-10-03 18:18:27 (8 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-18.104.239.39.144.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-18.104.239.39.144.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
Anonymous	2025-09-01 04:00:47 (9 months ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2025-08-30 01:08:19 (9 months ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [wa01]	Bad Web Bot Web App Attack
🇩🇪 Alejandro Docasar	2024-11-27 21:56:08 (1 year ago)		Web App Attack
🇩🇪 ps-center	2024-11-27 10:38:54 (1 year ago)	SS1: Web Attack GET /wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../ ... show more SS1: Web Attack GET /wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd show less	Web Spam Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-11-26 23:26:17 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 104.239.39.144 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 104.239.39.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 26 18:25:52.907365 2024] [security2:error] [pid 15014:tid 15327] [client 104.239.39.144:50985] [client 104.239.39.144] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|kettlehill.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /catalog.php?filename=../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.kettlehill.com"] [uri "/catalog.php"] [unique_id "Z0ZZAFpKkmem537tet7XCwAAAVI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-03 18:47:43 (1 year ago)	(mod_security) mod_security (id:212790) triggered by 104.239.39.144 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212790) triggered by 104.239.39.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 03 14:47:35.992124 2024] [security2:error] [pid 25047:tid 25047] [client 104.239.39.144:42143] [client 104.239.39.144] ModSecurity: Access denied with code 403 (phase 2). Pattern match "[\\\\s\\\\x22'](?:alert\|eval\|\\\\.fromcharcode)\\\\s?(?:\\\\(\|`)" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "75"] [id "212790"] [rev "5"] [msg "COMODO WAF: XSS Attack Detected\|\|mail.stdavids-media.com\|F\|2"] [data "Matched Data: 'alert( found within REQUEST_URI: /dashboard/snapshot/{{constructor.constructor('alert(document.domain)')()}}?orgid=1"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "mail.stdavids-media.com"] [uri "/dashboard/snapshot/{{constructor.constructor('alert(document.domain)')()}}"] [unique_id "ZtdZx2AzgBdRYO8ZcO3dNwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-08-27 00:20:02 (1 year ago)	\| A web attack returned code 200 (success).	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2024-08-26 23:07:31 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 104.239.39.144 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 104.239.39.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 26 19:03:32.848590 2024] [security2:error] [pid 532018:tid 532388] [client 104.239.39.144:47167] [client 104.239.39.144] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.staging.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /tarantella/cgi-bin/secure/ttawlogin.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.staging.kettlehill.com"] [uri "/tarantella/cgi-bin/secure/ttawlogin.cgi/"] [unique_id "Zs0JxC_p85EHRlaaQPgcegAAAEs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 186.148.224.83

🇺🇸 136.118.36.250

🇨🇭 104.244.79.113

🇮🇩 103.166.10.244

🇺🇸 35.231.201.174

🇬🇧 35.203.210.191

🇺🇸 34.48.75.20

🇷🇴 2.57.121.25

🇻🇳 2402:800:6139:ec49:1355:a5e0:e39a:1d2b

🇩🇪 194.187.176.182

🇨🇦 104.28.212.5

🇺🇸 66.132.195.53

🇺🇸 216.25.89.127

🇧🇷 205.210.31.243

🇺🇸 162.216.149.240

🇺🇸 147.185.132.9

🇵🇰 139.135.41.120

🇳🇱 45.148.10.141

🇺🇸 34.182.220.69

🇺🇸 20.55.86.187