JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.198.170.138

35.198.170.138 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 62%: ?

62%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	138.170.198.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.198.170.138

Whois 35.198.170.138

IP Abuse Reports for 35.198.170.138:

This IP address has been reported a total of 33 times from 14 distinct sources. 35.198.170.138 was first reported on May 22nd 2021, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-11 05:10:36 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 35.198.170.138 (138.170.198.35.bc.googleusercon ... show more (mod_security) mod_security (id:210730) triggered by 35.198.170.138 (138.170.198.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 01:10:29.102925 2026] [security2:error] [pid 25401:tid 25401] [client 35.198.170.138:41754] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|civilwarzone.com\|F\|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "civilwarzone.com"] [uri "/~site/Scripts_ExternalRedirect/ExternalRedirect.dll"] [unique_id "aipDRTLP4CU728PE4X8TNQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-09 22:00:16 (5 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08. show less	Web App Attack SSH Hacking
🇫🇷 masterguru	2026-06-09 12:53:29 (5 days ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 35.198.170.138 (DE/Germany/138.170.198.35.bc.g ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 35.198.170.138 (DE/Germany/138.170.198.35.bc.googleusercontent.com): 1 in the last 3600 secs (0-195) show less	Hacking
🇩🇪 igerman	2026-06-09 02:29:59 (6 days ago)	caddy probes: web: GET /assets/_plugin-vue_export-helper-CzTT4M61.js.map(404), GET /assets/_virtual_ ... show more caddy probes: web: GET /assets/_plugin-vue_export-helper-CzTT4M61.js.map(404), GET /assets/_virtual_node-popularity-data-YtZXPFxq.js.map(404), GET /assets/assets/CalendarDate-C3slMJly.js(404), GET /assets/assets/DataTableView-BtKt5Kj-.js(404), GET /assets/assets/_MapCache-O2EzryQe.js(404), GET /assets/assets/_baseOrderBy-BTUn4iNY.js(404), GET /assets/assets/_plugin-vue_export-helper-CzTT4M61.js(404), GET /assets/assets/chunk-CFoYYW2u.js(404), GET /assets/assets/constants-BO7VIl8r.js(404), GET /assets/assets/core-B1oOFSu6.js(404), GET /assets/assets/dateformat-CnRt9gw4.js(404), GET /assets/assets/empty-C184j3Kn.js(404), GET /assets/assets/expression-runtime-stub-CWIiBnYc.js(404), GET /assets/assets/get-CfboucwM.js(404), GET /assets/assets/merge-C9fTg1Qi.js(404), GET /assets/assets/sanitize-html-DEGkKKTZ.js(404), GET /assets/assets/settings.store-tWb0aGe7.js(404) show less	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-08 22:04:01 (6 days ago)	Auto-ban: >3000 req/min op 2026-06-08	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-08 19:27:17 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 35.198.170.138 (138.170.198.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.198.170.138 (138.170.198.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 15:27:09.835874 2026] [security2:error] [pid 25454:tid 25454] [client 35.198.170.138:37492] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gfs-essl.com.ferienwohnung-buchen.com"] [uri "/.git/config"] [unique_id "aicXjfTj2TkNVmAjVKrzswAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 18:46:30 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 35.198.170.138 (138.170.198.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.198.170.138 (138.170.198.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 14:46:27.503800 2026] [security2:error] [pid 12472:tid 12472] [client 35.198.170.138:60152] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fritsknuf.com"] [uri "/.git/config"] [unique_id "aicOA2090qe1xr9W71ZezAAAACw"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-06-08 16:59:36 (6 days ago)	http-bad-user-agent - IP: 35.198.170.138 - time="2026-06-08T18:59:35+02:00" level=info msg="(555f66 ... show more http-bad-user-agent - IP: 35.198.170.138 - time="2026-06-08T18:59:35+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-bad-user-agent by ip 35.198.170.138 (DE/396982) : 4h ban on Ip 35.198.170.138" module=db show less	Bad Web Bot
🇮🇩 penjaga BRIN	2026-06-08 15:19:40 (6 days ago)	Suspicious malicious activity	Hacking
🇺🇸 TPI-Abuse	2026-06-08 12:27:34 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 35.198.170.138 (138.170.198.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.198.170.138 (138.170.198.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 08:27:31.180147 2026] [security2:error] [pid 6251:tid 6251] [client 35.198.170.138:53324] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.indesit.pamplonaserviciotecnico.com"] [uri "/.git/config"] [unique_id "aia1M5jFSO0jZXnU6_mODAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 08:37:46 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 35.198.170.138 (138.170.198.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.198.170.138 (138.170.198.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 04:37:40.946371 2026] [security2:error] [pid 29352:tid 29352] [client 35.198.170.138:46784] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eeinspect.net"] [uri "/.git/config"] [unique_id "aiZ_VF6iGYATHpoNWPVHTgAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 IVski	2026-06-08 08:13:28 (6 days ago)	IVski WAF \| Sensitive file probe detected - looking for .git	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 07:32:59 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 35.198.170.138 (138.170.198.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.198.170.138 (138.170.198.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:32:52.734887 2026] [security2:error] [pid 28119:tid 28119] [client 35.198.170.138:60384] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rntoday.danged.com"] [uri "/.git/config"] [unique_id "aiZwJO04skcFTuFBYwJkrgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 06:55:38 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 35.198.170.138 (138.170.198.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.198.170.138 (138.170.198.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:55:32.264391 2026] [security2:error] [pid 26664:tid 26664] [client 35.198.170.138:50778] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zeetec.nl"] [uri "/.git/config"] [unique_id "aiZnZAUMC6MafyTJF1u90wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 06:00:01 (6 days ago)	suspicious request in access.log	Web App Attack

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 182.95.51.166

🇺🇸 147.182.180.119

🇺🇸 66.45.144.201

🇲🇦 41.251.225.196

🇺🇸 194.62.107.141

🇨🇴 181.54.0.58

🇮🇩 150.107.136.45

🇬🇧 147.148.205.252

🇺🇸 136.175.193.222

🇲🇲 103.59.163.135

🇺🇸 64.62.197.170

🇸🇬 43.160.249.98

🇺🇸 34.162.212.190

🇩🇪 31.76.27.231

🇺🇸 184.56.169.255

🇮🇳 182.78.67.22

🇱🇰 124.43.10.224

🇺🇸 64.227.97.8

🇸🇬 47.128.22.122

🇨🇳 47.95.199.109