JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.239.39.196

104.239.39.196 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 0%: ?

ISP	FASTPLANET LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	fastplanet.com
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.239.39.196

Whois 104.239.39.196

IP Abuse Reports for 104.239.39.196:

This IP address has been reported a total of 19 times from 9 distinct sources. 104.239.39.196 was first reported on August 24th 2023, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 HandyTreff.de	2026-02-25 08:45:26 (3 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -34.876 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -34.876 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Sa show less	Web App Attack Bad Web Bot
🇨🇭 backslash	2026-01-23 04:40:39 (5 months ago)		Bad Web Bot
🇩🇪 SCHAPPY	2025-08-25 12:20:02 (9 months ago)	IP was involved in L7 DDoS attack.	DDoS Attack
🇺🇸 TPI-Abuse	2024-07-27 20:23:04 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 104.239.39.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 104.239.39.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 27 16:22:55.288856 2024] [security2:error] [pid 22440:tid 22486] [client 104.239.39.196:56999] [client 104.239.39.196] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|staging.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_ccnewsletter&controller=../../../../../../../../../../etc/passwd%00"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "staging.kettlehill.com"] [uri "/index.php"] [unique_id "ZqVXHxUtUDUbeeZ7GhUWoQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-07-24 01:04:45 (1 year ago)	Common attack or app scan event detected and blocked	Port Scan Hacking Web App Attack
🇩🇪 ps-center	2024-07-16 00:49:25 (1 year ago)	SS1: Web Attack GET /wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/succ ... show more SS1: Web Attack GET /wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/success.php?error&error_description=%3Csvg/onload=alert(1)%3E show less	Web Spam Hacking Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2024-06-27 16:08:28 (1 year ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇺🇸 TPI-Abuse	2024-05-15 01:52:08 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 104.239.39.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.239.39.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 14 21:51:59.926681 2024] [security2:error] [pid 20072:tid 47952302995200] [client 104.239.39.196:45097] [client 104.239.39.196] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.kettlehill.net"] [uri "/.env.development.local"] [unique_id "ZkQVP5M3wD4Fbah2IMww_wAAAdY"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2024-05-08 07:00:43 (2 years ago)	Unauthorized login attempts []	Brute-Force
🇪🇸 10dencehispahard SL	2024-05-08 06:16:38 (2 years ago)	Web Attack	DDoS Attack Brute-Force Web App Attack
🇩🇪 ps-center	2024-05-06 09:46:05 (2 years ago)	SS5: Web Attack HEAD /wp-login.php	Web Spam Hacking Bad Web Bot Web App Attack
Anonymous	2024-05-02 01:04:48 (2 years ago)	Common attack or app scan event detected and blocked	Port Scan Hacking Web App Attack
🇪🇸 10dencehispahard SL	2024-03-27 07:00:25 (2 years ago)	Unauthorized login attempts [ BI-16635]	Brute-Force
🇪🇸 10dencehispahard SL	2024-03-27 06:45:27 (2 years ago)	WP scan	Web App Attack
🇺🇸 TPI-Abuse	2024-02-21 11:42:10 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 104.239.39.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 104.239.39.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 21 06:40:29.073289 2024] [security2:error] [pid 7314:tid 47891718629120] [client 104.239.39.196:59627] [client 104.239.39.196] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.staging.kettlehill.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.staging.kettlehill.com"] [uri "/theme/META-INF/prototype\\xc0\\xaf..\\xc0\\xaf..\\xc0\\xaf..\\xc0\\xaf..\\xc0\\xaf..\\xc0\\xaf..\\xc0\\xaf..\\xc0\\xaf..\\xc0\\xaf..\\xc0\\xaf..\\xc0\\xaf..\\xc0\\xaf..\\xc0\\xafwindows/win.ini"] [unique_id "ZdXhLQNyll7ESLJ63KG3MgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 191.101.94.117

🇳🇱 176.65.139.181

🇺🇸 143.198.150.150

🇨🇳 118.196.86.3

🇭🇰 118.193.36.149

🇺🇸 154.17.225.216

🇨🇳 140.206.194.232

🇺🇦 82.24.224.159

🇺🇸 74.7.241.40

🇺🇸 66.132.195.15

🇺🇸 66.132.172.130

🇳🇱 45.148.10.151

🇮🇩 41.216.177.55

🇨🇳 180.100.212.177

🇺🇸 159.223.103.141

🇷🇺 158.160.209.126

🇭🇰 152.32.135.217

🇬🇧 123.58.207.127

🇨🇳 117.50.218.37

🇷🇸 109.206.115.23