JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.203.98.213

35.203.98.213 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	213.98.203.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.203.98.213

Whois 35.203.98.213

IP Abuse Reports for 35.203.98.213:

This IP address has been reported a total of 32 times from 25 distinct sources. 35.203.98.213 was first reported on June 14th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-15 22:03:54 (1 day ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-14. show less	Web App Attack SSH Hacking
🇬🇧 thetomtaylor.co.uk	2026-06-15 09:07:02 (2 days ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 05:14:15 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 35.203.98.213 (213.98.203.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 35.203.98.213 (213.98.203.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 01:14:08.502481 2026] [security2:error] [pid 10676:tid 10676] [client 35.203.98.213:42284] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "helloauto.net"] [uri "/api/.git/config"] [unique_id "ai-KIMJR9YWiRfwhrM_BRgAAAEU"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Oakley	2026-06-15 05:13:53 (2 days ago)	(confirmed_bot_sig) Confirmed bot	Hacking
🇩🇪 dbmwebdesign	2026-06-15 05:10:24 (2 days ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇫🇷 masterguru	2026-06-15 04:25:05 (2 days ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-195)	Hacking Web App Attack
🇳🇱 MM-bot	2026-06-15 03:31:12 (2 days ago)	URL-probe: HTTP/1.1 GET request on /dashboard/.git/config (2026-06-15 05:31:12 UTC+2)	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-15 02:36:30 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 35.203.98.213 (213.98.203.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 35.203.98.213 (213.98.203.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:36:23.104830 2026] [security2:error] [pid 29901:tid 29901] [client 35.203.98.213:50878] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "phuketyachtrentals.com"] [uri "/app/.git/config"] [unique_id "ai9lJ16UmVwK-A7xoSVDkgAAAIg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 00:52:11 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 35.203.98.213 (213.98.203.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 35.203.98.213 (213.98.203.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 20:52:08.443940 2026] [security2:error] [pid 7150:tid 7150] [client 35.203.98.213:56982] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.catherineseress.com"] [uri "/app/.git/config"] [unique_id "ai9MuMEsh2wp6U7imiKj9QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 00:37:02 (2 days ago)	Bot / scanning and/or hacking attempts: GET /htdocs/.git/config HTTP/1.1, GET /dashboard/.git/config ... show more Bot / scanning and/or hacking attempts: GET /htdocs/.git/config HTTP/1.1, GET /dashboard/.git/config HTTP/1.1, GET /portal/.git/config HTTP/1.1, GET /symfony/.git/config HTTP/1.1, GET /v2/.git/config HTTP/1.1, GET /assets/.git/config HTTP/1.1, GET /frontend/.git/config HTTP/1.1, GET /laravel/.git/config HTTP/1.1, GET /site/.git/config HTTP/1.1, GET /v3/.git/config HTTP/1.1, GET /.git/config HTTP/1.1, GET /shop/.git/config HTTP/1.1, GET /v1/.git/config HTTP/1.1, GET /static/.git/config HTTP/1.1 show less	Hacking Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-15 00:05:03 (2 days ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01]	Hacking Brute-Force Bad Web Bot Web App Attack
🇩🇪 Philister11	2026-06-15 00:00:18 (2 days ago)	CrowdSec: crowdsecurity/http-probing (CA/AS396982)	Web App Attack Hacking
🇩🇪 raph	2026-06-14 23:58:50 (2 days ago)	[DOT FILES] crawler .env, .git, .config, etc.	Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-14 22:49:39 (2 days ago)	[MonJun1500:49:35.9416152026][security2:error][pid122209:tid122444][client35.203.98.213:0]ModSecurit ... show more [MonJun1500:49:35.9416152026][security2:error][pid122209:tid122444][client35.203.98.213:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"xn--sanierung-alter-huser-schweiz-hqc.ch\"][uri\"/.git/config\"][unique_id\"ai8v_6Nh2jmaHhaeLx_KzAAAAQk\"] show less	Hacking Web App Attack
🇩🇪 strxmpp	2026-06-14 21:27:55 (2 days ago)	35.203.98.213 - - [14/Jun/2026:23:27:54 +0200] "GET /src/.git/config HTTP/1.1" 404 4554 "-" "Mozilla ... show more 35.203.98.213 - - [14/Jun/2026:23:27:54 +0200] "GET /src/.git/config HTTP/1.1" 404 4554 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36" ... show less	Bad Web Bot

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 2a06:4880:2000::31

🇨🇱 201.186.40.161

🇵🇰 160.187.180.146

🇺🇸 142.147.239.27

🇺🇸 135.237.122.43

🇹🇭 124.122.63.22

🇷🇴 80.94.92.186

🇧🇷 45.164.251.106

🇰🇿 2.132.233.9

🇨🇭 209.99.185.195

🇵🇰 175.107.32.186

🇳🇱 91.92.40.8

🇫🇷 85.217.140.53

🇳🇱 51.15.54.40

🇳🇱 45.148.10.157

🇨🇱 201.236.177.61

🇰🇪 197.254.56.50

🇨🇦 20.104.248.142

🇷🇺 188.247.43.42

🇩🇪 167.94.145.25