JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.204.157.49

35.204.157.49 was found in our database!

This IP was reported 314 times. Confidence of Abuse is 77%: ?

77%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	49.157.204.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇳🇱 Netherlands
City	Groningen, Groningen

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.204.157.49

Whois 35.204.157.49

IP Abuse Reports for 35.204.157.49:

This IP address has been reported a total of 314 times from 112 distinct sources. 35.204.157.49 was first reported on July 26th 2023, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇷 setupgr	2026-06-16 10:35:35 (2 days ago)	(mod_security) mod_security (id:11000011) triggered by 35.204.157.49: 1 in the last 86400 secs; Port ... show more (mod_security) mod_security (id:11000011) triggered by 35.204.157.49: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 16 13:35:33.535439 2026] [security2:error] [pid 2210175:tid 2210258] [client 35.204.157.49:49152] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "googleusercontent.com" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "131"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: 49.157.204.35.bc.googleusercontent.com"] [severity "CRITICAL"] [hostname "mail.sea-sound.com"] [uri "/"] [unique_id "ajEm9X9oGssBgNwsPFuJ0AAAAFY"] show less	Port Scan
Anonymous	2026-06-16 10:11:05 (2 days ago)	Web app attack and vulnerability scan detected from IIS logs	Brute-Force Bad Web Bot Web App Attack
🇬🇷 setupgr	2026-06-16 08:31:45 (2 days ago)	(mod_security) mod_security (id:11000011) triggered by 35.204.157.49: 1 in the last 86400 secs; Port ... show more (mod_security) mod_security (id:11000011) triggered by 35.204.157.49: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 16 11:31:45.348818 2026] [security2:error] [pid 2280080:tid 2280111] [client 35.204.157.49:49152] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "googleusercontent.com" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "131"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: 49.157.204.35.bc.googleusercontent.com"] [severity "CRITICAL"] [hostname "mail.fashionfragonard.gr"] [uri "/"] [unique_id "ajEJ8csskNLCXd8cDXQ9MQAAAAQ"] show less	Port Scan
🇫🇮 as211431.net	2026-06-16 05:40:44 (2 days ago)	Triggered Cloudflare WAF (firewallCustom) from NL. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from NL. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Scrapy/2.16.0 (+https://scrapy.org) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇳🇱 BlueWire Hosting	2026-06-16 05:22:26 (2 days ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇬🇷 setupgr	2026-06-15 21:48:53 (3 days ago)	(mod_security) mod_security (id:11000011) triggered by 35.204.157.49: 1 in the last 86400 secs; Port ... show more (mod_security) mod_security (id:11000011) triggered by 35.204.157.49: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 16 00:48:51.660784 2026] [security2:error] [pid 1917071:tid 1917270] [client 35.204.157.49:49152] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "googleusercontent.com" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "128"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: 49.157.204.35.bc.googleusercontent.com"] [hostname "mail.babis.photo"] [uri "/"] [unique_id "ajBzQ3brIXpbmq-1FoWmXQAAARQ"] show less	Port Scan
Anonymous	2026-06-15 18:20:19 (3 days ago)	Fail2ban filtered ...	Bad Web Bot
🇨🇭 Origon	2026-06-15 17:18:00 (3 days ago)	http-bad-user-agent - IP: 35.204.157.49 - time="2026-06-15T19:17:59+02:00" level=info msg="(555f66b ... show more http-bad-user-agent - IP: 35.204.157.49 - time="2026-06-15T19:17:59+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-bad-user-agent by ip 35.204.157.49 (NL/396982) : 4h ban on Ip 35.204.157.49" module=db show less	Bad Web Bot
🇺🇸 TNZ	2026-06-15 16:10:56 (3 days ago)	Automated honeypot: attack_tool:scrapy \| Path: / \| ISP: AS396982 Google LLC \| ASN: AS396982 Google L ... show more Automated honeypot: attack_tool:scrapy \| Path: / \| ISP: AS396982 Google LLC \| ASN: AS396982 Google LLC [HOSTING] \| Abuse score: 72 \| Open ports: [] \| UA: Scrapy/2.16.0 (+https://scrapy.org) show less	Web App Attack
Anonymous	2026-06-15 15:54:59 (3 days ago)	35.204.157.49 pi.patrz.eu - [15/Jun/2026:17:54:58 +0200] "GET /admin/ HTTP/1.1" 401 164 "https://pi. ... show more 35.204.157.49 pi.patrz.eu - [15/Jun/2026:17:54:58 +0200] "GET /admin/ HTTP/1.1" 401 164 "https://pi.patrz.eu/" "Scrapy/2.16.0 (+https://scrapy.org)" ... show less	Hacking Web App Attack
Anonymous	2026-06-15 15:40:14 (3 days ago)	Try to connect to Port_Scan_443_stealth	Port Scan
🇫🇷 masterguru	2026-06-15 11:39:33 (3 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 35.204.157.49 (NL/The Netherlands/49. ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 35.204.157.49 (NL/The Netherlands/49.157.204.35.bc.googleusercontent.com): 1 in the last 3600 secs (0-195) show less	Hacking
🇬🇧 Oakley	2026-06-15 10:24:19 (3 days ago)	(confirmed_bot_sig) Confirmed bot	Hacking
🇳🇱 BlueWire Hosting	2026-06-15 04:56:11 (3 days ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇦🇺 FireGuard Server	2026-06-06 12:45:06 (1 week ago)	Blocked by OPNsense firewall; 10 hits, proto=tcp, ports=443	Port Scan Hacking

Showing 1 to 15 of 314 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.199

🇺🇸 134.228.90.167

🇳🇱 45.148.10.183

🇮🇱 2a05:d025:668:3b01:f872:69d1:31be:7f61

🇹🇭 223.206.224.137

🇳🇱 185.99.99.95

🇺🇸 147.185.132.229

🇰🇷 121.176.152.165

🇺🇸 52.154.20.56

🇳🇱 45.148.10.141

🇭🇰 43.132.215.237

🇩🇪 8.209.112.160

🇫🇷 2001:41d0:33d:9200::402

🇧🇪 198.235.24.244

🇨🇭 185.234.213.135

🇲🇽 140.84.190.45

🇨🇳 115.190.83.181

🇳🇱 92.68.11.140

🇨🇳 60.166.83.172

🇳🇱 45.148.10.151