JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.252.197.6

104.252.197.6 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 22%: ?

22%

ISP	Subnet Digital LLC
Usage Type	Fixed Line ISP
ASN	AS3356
Domain Name	subnetdigital.com
Country	🇮🇹 Italy
City	Milan, Lombardy

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.252.197.6

Whois 104.252.197.6

IP Abuse Reports for 104.252.197.6:

This IP address has been reported a total of 8 times from 5 distinct sources. 104.252.197.6 was first reported on March 30th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 dineshskt4all	2026-06-05 17:44:36 (1 day ago)	104.252.197.6 - - [05/Jun/2026:17:44:32 +0000] "GET /casino-games/free-no-deposit-mobile-slots-austr ... show more 104.252.197.6 - - [05/Jun/2026:17:44:32 +0000] "GET /casino-games/free-no-deposit-mobile-slots-australia.html HTTP/1.1" 404 82874 "-" "curl Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36" ... show less	IoT Targeted
🇫🇷 Sorgin Informatique	2026-05-30 23:14:50 (1 week ago)	nee-7 : Trying access unauthorized files/dir=>/sorgin-informatique/index.php/tous-les-tutoriels	Hacking
🇺🇸 oralunal	2026-05-07 14:51:43 (4 weeks ago)	IP banned by Fail2Ban in jail ente-suss ente.com-ssl_log mvfnds ...	Bad Web Bot Web App Attack
🇮🇹 alessio loto	2026-04-30 05:26:09 (1 month ago)	WAF Detection: Security_Scanner_Blocked (Abusive IP). AI Confirmed Attack Payload.	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-19 12:49:48 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 104.252.197.6 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 104.252.197.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 08:49:43.665696 2026] [security2:error] [pid 3029440:tid 3029440] [client 104.252.197.6:58660] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.achildsspace.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.achildsspace.com"] [uri "/instagram.com"] [unique_id "aeTPZ7EpKNQL_y3N9bz7HwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 08:27:26 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 104.252.197.6 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 104.252.197.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 04:27:22.974711 2026] [security2:error] [pid 1845776:tid 1845776] [client 104.252.197.6:46120] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.mayiasteadman.com\|F\|2"] [data ".spotify.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.mayiasteadman.com"] [uri "/b56e6-album/www.spotify.com"] [unique_id "aeSR6h0QPitLryVZQJRfOAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-17 20:01:14 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 104.252.197.6 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 104.252.197.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 17 16:01:10.048792 2026] [security2:error] [pid 3071821:tid 3071821] [client 104.252.197.6:50388] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.beirutbazar.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.beirutbazar.com"] [uri "/item/arabic-bread-square-lbp-3000-3500/[email protected]"] [unique_id "aeKRhklZdPRLHErAoUac-AAAAEU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oralunal	2026-03-30 09:06:20 (2 months ago)	IP banned by Fail2Ban in jail ente-suss ente.com-ssl_log mvfnds ...	Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇿🇦 197.245.173.18

🇺🇸 2604:a880:400:d1:0:4:8c0e:a001

🇺🇸 2604:a880:400:d1:0:4:8c0a:1

🇪🇬 197.162.161.208

🇸🇬 134.185.85.99

🇳🇱 107.189.24.77

🇺🇸 100.50.17.159

🇬🇧 51.195.215.143

🇬🇧 51.195.183.199

🇩🇪 213.209.159.11

🇲🇼 196.216.13.153

🇧🇷 191.178.194.235

🇨🇱 172.253.219.29

🇺🇸 147.185.132.101

🇩🇪 147.45.197.250

🇨🇦 142.44.149.52

🇺🇸 66.132.195.60

🇬🇧 51.89.129.218

🇺🇸 45.56.83.110

🇪🇹 196.191.144.171