JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.199.104.222

35.199.104.222 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 68%: ?

68%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	222.104.199.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇧🇷 Brazil
City	Sao Paulo, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.199.104.222

Whois 35.199.104.222

IP Abuse Reports for 35.199.104.222:

This IP address has been reported a total of 11 times from 11 distinct sources. 35.199.104.222 was first reported on June 25th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-26 22:00:14 (2 days ago)	Auto-ban: >3000 req/min op 2026-06-26	Web App Attack SSH Hacking
🇩🇪 4server	2026-06-26 01:13:38 (3 days ago)	[FriJun2603:13:35.9959262026][security2:error][pid2588690:tid2588709][client35.199.104.222:0]ModSecu ... show more [FriJun2603:13:35.9959262026][security2:error][pid2588690:tid2588709][client35.199.104.222:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof\"rx\(MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com\)\"against\"REQUEST_HEADERS:User-Agent\"required.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"342\"][id\"397989\"][rev\"1\"][msg\"Atomicorp.comWAFRules:MSIE6.0detected\(DisableifyouwanttoallowMSIE6\)\"][severity\"WARNING\"][hostname\"gustotondo.ch.136-243-54-122.cpanel.site\"][uri\"/code/.git/config\"][unique_id\"aj3SP0cL_XiraE6ZN92Q1QAAABA\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 stinpriza	2026-06-26 01:07:22 (3 days ago)	common Web Exploits being scanned	Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 00:43:16 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 35.199.104.222 (222.104.199.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.199.104.222 (222.104.199.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 20:43:09.323499 2026] [security2:error] [pid 6514:tid 6550] [client 35.199.104.222:51442] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meanmouse.com"] [uri "/.git/config"] [unique_id "aj3LHcr1qx3fS7cHmcm4YgAAARU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Epimetheus	2026-06-26 00:26:15 (3 days ago)	Zombie network / Bot scanner detected: [GET] /web/.git/config [GET] /project/.git/config [GET] /htm ... show more Zombie network / Bot scanner detected: [GET] /web/.git/config [GET] /project/.git/config [GET] /html/.git/config [GET] /frontend/.git/config [GET] /code/.git/config [GET] /wordpress/.git/config [GET] /symfony/.git/config [GET] /laravel/.git/config [GET] /admin/.git/config [GET] /build/.git/config [GET] /static/.git/config [GET] /backend/.git/config [GET] /site/.git/config [GET] /v3/.git/config [GET] /.git/config [GET] /dashboard/.git/config [GET] /htdocs/.git/config [GET] /wp-content/.git/config [GET] /app/.git/config [GET] /portal/.git/config [GET] /v1/.git/config [GET] /www/.git/config [GET] /api/.git/config [GET] /shop/.git/config [GET] /dist/.git/config [GET] /src/.git/config [GET] /blog/.git/config [GET] /v2/.git/config [GET] /assets/.git/config [GET] /public/.git/config UA: Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1 Mobile/15E148 Safari/604.1 show less	Bad Web Bot Exploited Host Web App Attack
🇫🇷 dynamix	2026-06-25 23:19:02 (3 days ago)	Multiple WAF Violations	Web App Attack
🇪🇸 yvoictra	2026-06-25 16:37:01 (3 days ago)	35.199.104.222 - - [25/Jun/2026:18:37:01 +0200] "GET /.git/config HTTP/1.1" 404 197 "-" "Mozilla/5.0 ... show more 35.199.104.222 - - [25/Jun/2026:18:37:01 +0200] "GET /.git/config HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Linux; Android 9; SM-G950U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36" 35.199.104.222 - - [25/Jun/2026:18:37:01 +0200] "GET /app/.git/config HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/600.8.9 (KHTML, like Gecko) Maxthon/4.5.2" 35.199.104.222 - - [25/Jun/2026:18:37:01 +0200] "GET /src/.git/config HTTP/1.1" 404 197 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/534.24 (KHTML, like Gecko) Ubuntu/10.10 Chromium/12.0.703.0 Chrome/12.0.703.0 Safari/534.24" 35.199.104.222 - - [25/Jun/2026:18:37:01 +0200] "GET /backend/.git/config HTTP/1.1" 404 134 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040614 Firefox/0.8" 35.199.104.222 - - [25/Jun/2026:18:37:01 +0200] "GET /frontend/.git/config HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809. ... show less	Brute-Force Web App Attack
🇳🇱 Savvii	2026-06-25 16:31:57 (3 days ago)	20 attempts against mh_ha-misbehave-ban on chard	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-25 15:39:47 (4 days ago)	Attempted access to sensitive endpoint (/.git/config) detected. Automated scan or unauthorized probi ... show more Attempted access to sensitive endpoint (/.git/config) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇪🇪 maxxsense	2026-06-25 14:46:11 (4 days ago)	(mod_security) mod_security triggered on hostname [redacted] 35.199.104.222 (BR/Brazil/222.104.199.3 ... show more (mod_security) mod_security triggered on hostname [redacted] 35.199.104.222 (BR/Brazil/222.104.199.35.bc.googleusercontent.com) show less	SQL Injection
🇧🇪 sid3windr	2026-06-25 11:43:51 (4 days ago)	GET /.git/config (Tarpitted for 19m6s, wasted 67.27kB)	Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇪 94.59.145.190

🇺🇸 65.49.1.45

🇵🇰 182.191.83.123

🇻🇳 171.243.148.123

🇻🇳 103.228.36.70

🇱🇦 103.114.147.217

🇨🇳 27.8.44.168

🇨🇳 221.229.220.180

🇺🇸 162.144.61.95

🇩🇪 138.124.73.150

🇨🇳 115.56.238.174

🇸🇪 92.35.37.60

🇸🇬 68.183.178.130

🇳🇱 64.188.77.26

🇧🇪 35.233.88.99

🇺🇸 34.230.221.101

🇧🇷 177.8.113.196

🇮🇳 168.144.95.137

🇺🇸 159.203.178.102

🇨🇳 111.228.46.221