JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.239.43.128

104.239.43.128 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 0%: ?

ISP	FASTPLANET LTD
Usage Type	Fixed Line ISP
ASN	AS202044
Domain Name	fastplanet.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.239.43.128

Whois 104.239.43.128

IP Abuse Reports for 104.239.43.128:

This IP address has been reported a total of 24 times from 6 distinct sources. 104.239.43.128 was first reported on May 15th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 10:20:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.239.43.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.239.43.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 05:20:02.050551 2026] [security2:error] [pid 21026:tid 21026] [client 104.239.43.128:33559] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.env.prod.local"] [unique_id "aWtiUhGiyh89lIYNeKv-mwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 18:04:16 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 104.239.43.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 104.239.43.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 13:04:11.629297 2025] [security2:error] [pid 30268:tid 30519] [client 104.239.43.128:46129] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.kettlehill.net\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.kettlehill.net"] [uri "/file=http:/example.com"] [unique_id "aVLCm3QRc3Ua-YGAyIJ7MgAAAEM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-11 21:15:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.239.43.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.239.43.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 16:15:24.440281 2025] [security2:error] [pid 2428:tid 2428] [client 104.239.43.128:43059] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autoconfig.nbcnewsradio.com"] [uri "/events../.git/config"] [unique_id "aROnbIjpnIZTEzuxAuRECQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 RoboSOC	2025-10-16 08:31:12 (7 months ago)	Confluence Server OGNL Injection Remote Code Execution Vulnerability, PTR: PTR record not found	Hacking
Anonymous	2025-09-09 04:49:09 (8 months ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 01:13:16 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 104.239.43.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.239.43.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:13:09.412811 2025] [security2:error] [pid 653296:tid 653324] [client 104.239.43.128:37131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.staging.kettlehill.com"] [uri "/.env.prod.local"] [unique_id "aIV9Jb5epZI5Xx2m9sk-HQAAAVA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 18:53:06 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 104.239.43.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.239.43.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 14:51:40.175766 2025] [security2:error] [pid 3221620:tid 3221620] [client 104.239.43.128:56515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.farmers123.com"] [uri "/wp-config.php.dist"] [unique_id "aDisvKkBg3KV24N1m8taZQAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-27 15:01:02 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 104.239.43.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.239.43.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 27 10:00:12.731600 2025] [security2:error] [pid 27063:tid 27209] [client 104.239.43.128:58721] [client 104.239.43.128] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kettlehill.net"] [uri "/.env.old"] [unique_id "Z8B9_MnGgNPGej7DPucVDQAAAII"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-25 01:10:33 (1 year ago)	\| A web attack returned code 200 (success).	Hacking SQL Injection Web App Attack
Anonymous	2024-11-24 16:13:40 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2024-11-17 15:28:27 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2024-11-10 15:27:13 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2024-11-03 13:43:55 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2024-10-27 02:16:49 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2024-10-20 02:15:21 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇸 196.196.150.6

🇭🇰 101.36.107.233

🇺🇸 23.254.178.52

🇩🇪 213.209.159.231

🇹🇷 212.64.216.142

🇺🇸 113.20.0.58

🇿🇦 105.233.64.145

🇨🇿 82.118.30.98

🇰🇷 222.236.155.146

🇺🇸 199.48.128.86

🇳🇱 193.176.31.151

🇺🇸 157.245.1.7

🇨🇿 82.118.30.57

🇱🇹 81.30.98.62

🇨🇳 14.103.105.56

🇮🇳 128.185.199.22

🇨🇳 115.190.54.120

🇰🇷 115.68.208.117

🇷🇺 89.109.14.12

🇺🇸 69.12.86.186