JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.239.41.235

104.239.41.235 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 9%: ?

ISP	FASTPLANET LTD
Usage Type	Fixed Line ISP
ASN	AS202044
Domain Name	fastplanet.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.239.41.235

Whois 104.239.41.235

IP Abuse Reports for 104.239.41.235:

This IP address has been reported a total of 16 times from 8 distinct sources. 104.239.41.235 was first reported on December 31st 2022, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 bigorre.org	2026-05-26 16:41:55 (2 weeks ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇳🇱 Roderic	2026-04-30 00:04:19 (1 month ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted])	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-01 13:10:18 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.239.41.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.239.41.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 08:10:11.567931 2026] [security2:error] [pid 16720:tid 16845] [client 104.239.41.235:52753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autoconfig.kettlehill.kettlehill.com"] [uri "/.env.backup"] [unique_id "aX9Qs3gN2ebRaezbXtJXeAAAAUw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 20:47:38 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.239.41.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.239.41.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 15:47:33.835903 2026] [security2:error] [pid 13815:tid 13815] [client 104.239.41.235:55091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/wp-config.php.bak"] [unique_id "aWv1ZXrLezgZmnKXrva72wAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 17:09:15 (5 months ago)	(mod_security) mod_security (id:211820) triggered by 104.239.41.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211820) triggered by 104.239.41.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 12:07:41.646353 2025] [security2:error] [pid 11149:tid 11278] [client 104.239.41.235:59415] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:; ?(?:(?:(?:trunc\|cre\|upd)at\|renam)e\|(?:inser\|selec)t\|de(?:lete\|sc)\|alter\|load) ?[\\\\[(]?\\\\b\\\\w{2,}\|\\\\bcreate function .+ returns\\\\b))" at ARGS:rfilter. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "63"] [id "211820"] [rev "4"] [msg "COMODO WAF: Detects MySQL UDF injection and other data/structure manipulation attempts\|\|www.staging.kettlehill.com\|F\|2"] [data "Matched Data: ;SELECT SLEEP found within ARGS:rfilter: \\x22or \\x22\\x22=\\x22((\\x22));SELECT SLEEP(10);"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "staging.kettlehill.com"] [uri "/graph_view.php"] [unique_id "aVK1XUE7nlDPjeB1K8nOWQAAAdE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 00:36:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.239.41.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.239.41.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 19:36:15.292454 2025] [security2:error] [pid 14813:tid 14832] [client 104.239.41.235:38783] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kettlehill.net"] [uri "/.env_1"] [unique_id "aSjuf16Nggg7M5sk96jRbwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-28 22:48:58 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.239.41.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.239.41.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 18:48:52.577979 2025] [security2:error] [pid 1739:tid 1739] [client 104.239.41.235:46043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.nbcnewsradio.com"] [uri "/.env.live"] [unique_id "aQFIVJ45RdWHO1n4EUE23wAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:10:39 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 104.239.41.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.239.41.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:09:36.965858 2025] [security2:error] [pid 146057:tid 146136] [client 104.239.41.235:53977] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kettlehill.net"] [uri "/wp-config.php.bak"] [unique_id "aIVuQAtdUXc7wYRdaLO1sQAAAYo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-24 01:12:03 (11 months ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-05-29 17:19:37 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 104.239.41.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.239.41.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 13:19:29.304859 2025] [security2:error] [pid 3048193:tid 3048193] [client 104.239.41.235:47347] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.farmers123.com"] [uri "/.svn/entries"] [unique_id "aDiXIWNCsQxyG5uSdtPKzAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-17 14:10:06 (1 year ago)	\| Shellshock attack attempt	Hacking SQL Injection Web App Attack
🇺🇸 ChamberofCommerce.com	2023-11-06 00:54:37 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-11-02 03:19:03 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:227 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-10-30 21:10:56 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇨🇭 backslash	2023-01-30 17:05:01 (3 years ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.178.115.80

🇨🇳 180.76.137.24

🇺🇸 172.234.21.101

🇮🇳 139.59.56.121

🇨🇳 121.204.171.142

🇺🇸 113.20.0.58

🇯🇵 104.64.150.238

🇳🇱 94.102.49.125

🇺🇸 64.62.156.217

🇸🇬 47.128.112.53

🇺🇸 44.234.51.31

🇺🇸 20.40.218.140

🇳🇱 176.65.139.105

🇮🇳 172.253.230.151

🇸🇬 168.144.42.72

🇺🇸 104.243.133.18

🇰🇷 175.119.225.68

🇻🇳 125.212.235.194

🇯🇵 124.156.212.23

🇨🇳 122.8.95.37