JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 130.211.89.203

130.211.89.203 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 58%: ?

58%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	203.89.211.130.bc.googleusercontent.com
Domain Name	google.com
Country	🇧🇪 Belgium
City	Brussels, Brussels Capital

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 130.211.89.203

Whois 130.211.89.203

IP Abuse Reports for 130.211.89.203:

This IP address has been reported a total of 9 times from 9 distinct sources. 130.211.89.203 was first reported on June 15th 2026, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 Burayot	2026-06-16 07:02:42 (13 hours ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 130.211.89.203 (BE/Belgium/203.89.2 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 130.211.89.203 (BE/Belgium/203.89.211.130.bc.googleusercontent.com): 2 in the last 3600 secs show less	Web App Attack
🇫🇮 YF	2026-06-16 07:00:29 (13 hours ago)	Git config exposure probe	Web App Attack
🇫🇷 masterguru	2026-06-16 06:58:53 (13 hours ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇩🇪 dbmwebdesign	2026-06-16 06:45:28 (13 hours ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
Anonymous	2026-06-16 06:44:13 (13 hours ago)	2026/06/16 06:44:09 [error] 9371#9371: 1728 [client 130.211.89.203] ModSecurity: Access denied with ... show more 2026/06/16 06:44:09 [error] 9371#9371: 1728 [client 130.211.89.203] ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:BLOCKING_INBOUND_ANOMALY_SCORE' (Value: `5' ) [file "/usr/local/owasp-modsecurity-crs-4.11.0/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "222"] [id "949110"] [rev ""] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [data ""] [severity "0"] [ver "OWASP_CRS/4.27.0"] [maturity "0"] [accuracy "0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "justabhospital.org"] [uri "/dashboard/.git/config"] [unique_id "178159224959.145870"] [ref ""], client: 130.211.89.203, server: srv.ingeltechgh.com, request: "GET /dashboard/.git/config HTTP/1.1", host: "justabhospital.org" 2026/06/16 06:44:09 [error] 9371#9371: *1729 [client 130.211.89.203] ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:BLOCKING_INBOUND_ANOMALY_SCORE' (Value: `5' ) [f ... show less	Brute-Force
🇩🇪 grassau.com	2026-06-15 22:41:24 (21 hours ago)	Port Scan detected from 130.211.89.203 (BE/Belgium/Brussels Capital/Brussels/203.89.211.130.bc.goo ... show more Port Scan detected from 130.211.89.203 (BE/Belgium/Brussels Capital/Brussels/203.89.211.130.bc.googleusercontent.com). show less	Port Scan
🇺🇸 jkhorvath.com	2026-06-15 21:16:00 (22 hours ago)	Request for URL /.git/config	Phishing Brute-Force Web App Attack
🇩🇪 gadix	2026-06-15 21:13:53 (22 hours ago)	[15/Jun/2026:23:13:53.369701 +0200] ajBrEQ76rUuj5k2ANOWphAAAABA 130.211.89.203 37698 127.0.0.1 7081 ... show more [15/Jun/2026:23:13:53.369701 +0200] ajBrEQ76rUuj5k2ANOWphAAAABA 130.211.89.203 37698 127.0.0.1 7081 [15/Jun/2026:23:13:53.386477 +0200] ajBrEQboyUTWwrv8hY1b0wAAAFA 130.211.89.203 51258 127.0.0.1 7081 [15/Jun/2026:23:13:53.393928 +0200] ajBrEQboyUTWwrv8hY1b1AAAAEE 130.211.89.203 51266 127.0.0.1 7081 ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 19:56:42 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 130.211.89.203 (203.89.211.130.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 130.211.89.203 (203.89.211.130.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 15:56:35.219897 2026] [security2:error] [pid 16818:tid 16818] [client 130.211.89.203:34794] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.jennyfiore.com"] [uri "/.git/config"] [unique_id "ajBY80SdgDqNE39OIxIyvwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.163

🇮🇩 180.243.191.155

🇺🇸 178.128.1.119

🇧🇬 78.128.114.58

🇺🇸 54.225.52.227

🇫🇷 51.83.77.144

🇦🇺 3.26.6.247

🇺🇸 198.98.62.211

🇵🇪 149.34.48.186

🇸🇬 129.212.224.88

🇨🇳 118.196.116.42

🇺🇸 73.194.132.205

🇬🇧 37.10.113.216

🇬🇧 35.203.211.15

🇩🇪 213.209.159.228

🇺🇸 192.210.193.125

🇦🇷 190.244.39.224

🇨🇳 182.43.242.192

🇺🇸 147.185.132.14

🇫🇷 144.91.67.196