JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.220.152.173

35.220.152.173 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 62%: ?

62%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	173.152.220.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.220.152.173

Whois 35.220.152.173

IP Abuse Reports for 35.220.152.173:

This IP address has been reported a total of 17 times from 9 distinct sources. 35.220.152.173 was first reported on June 13th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 pltcldvlpr	2026-06-13 14:47:11 (1 hour ago)	CMS/framework probe: 35.220.152.173 - - [13/Jun/2026:16:46:27 +0200] "GET /.git/config HTTP/1.1" 444 ... show more CMS/framework probe: 35.220.152.173 - - [13/Jun/2026:16:46:27 +0200] "GET /.git/config HTTP/1.1" 444 0 "-" "SonyEricssonW995/R1EA Profile/MIDP-2.1 Configuration/CLDC-1.1 UNTRUSTED/1.0" asn=396982 org="Google LLC" country=HK ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 13:19:37 (3 hours ago)	(mod_security) mod_security (id:210492) triggered by 35.220.152.173 (173.152.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.152.173 (173.152.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 09:19:33.859118 2026] [security2:error] [pid 21127:tid 21149] [client 35.220.152.173:43402] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.agriclean.net"] [uri "/.git/config"] [unique_id "ai1Y5QFgop3DH0yX-u67EAAAAVQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 11:35:01 (4 hours ago)	suspicious request in access.log	Web App Attack
🇩🇪 FeG Deutschland	2026-06-13 09:56:26 (6 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 09:56:14 (6 hours ago)	(mod_security) mod_security (id:210492) triggered by 35.220.152.173 (173.152.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.152.173 (173.152.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 05:56:09.437974 2026] [security2:error] [pid 673:tid 673] [client 35.220.152.173:43648] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "grupoporvenir.com"] [uri "/.git/config"] [unique_id "ai0pOXzcCnzkSwgVblrhUAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 09:18:55 (7 hours ago)	(mod_security) mod_security (id:210492) triggered by 35.220.152.173 (173.152.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.152.173 (173.152.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 05:18:49.031134 2026] [security2:error] [pid 18623:tid 18623] [client 35.220.152.173:55314] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.agingworkforcenews.neathridge.com"] [uri "/.git/config"] [unique_id "ai0geUZgdnceZC3jsO1WUwAAADw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-13 09:06:48 (7 hours ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇩🇪 4server	2026-06-13 08:10:18 (8 hours ago)	[SatJun1310:10:14.1126842026][security2:error][pid816302:tid816406][client35.220.152.173:0]ModSecuri ... show more [SatJun1310:10:14.1126842026][security2:error][pid816302:tid816406][client35.220.152.173:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:10\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"casacarmen.ch.136-243-54-122.cpanel.site\"][uri\"/.git/config\"][unique_id\"ai0QZunFpcnUXkiUOR04iAAAAJU\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 07:54:30 (8 hours ago)	(mod_security) mod_security (id:210492) triggered by 35.220.152.173 (173.152.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.152.173 (173.152.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 03:54:26.503015 2026] [security2:error] [pid 2742:tid 2742] [client 35.220.152.173:43522] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.3rdcoastdistribution.srtmanagementservices.com"] [uri "/.git/config"] [unique_id "ai0Msjw1ndnDkwlF0jWpfgAAAEk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-13 07:24:29 (9 hours ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 35.220.152.173 (HK/Hong Kong/173.152. ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 35.220.152.173 (HK/Hong Kong/173.152.220.35.bc.googleusercontent.com): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 mnsf	2026-06-13 07:06:23 (9 hours ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 06:26:42 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 35.220.152.173 (173.152.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.152.173 (173.152.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 02:26:36.133559 2026] [security2:error] [pid 19439:tid 19439] [client 35.220.152.173:58654] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "utahproaudio.com"] [uri "/.git/config"] [unique_id "aiz4HCsTn7KpjyzQDbKDLgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 OceanTreasure	2026-06-13 06:15:04 (10 hours ago)	tcp/443; Git configuration exposure attempt: "GET /.git/config" @ 2026-06-13T06:06:27Z [proxy]	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 06:07:36 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 35.220.152.173 (173.152.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.152.173 (173.152.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 02:07:33.637671 2026] [security2:error] [pid 26612:tid 26612] [client 35.220.152.173:56996] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mcgmcg.com"] [uri "/.git/config"] [unique_id "aizzpVfIR6XAfMTgytK9HwAAAD4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 05:30:59 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 35.220.152.173 (173.152.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.152.173 (173.152.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 01:30:51.853304 2026] [security2:error] [pid 14680:tid 14680] [client 35.220.152.173:49274] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.myshineart.com.sobhrach.com"] [uri "/.git/config"] [unique_id "aizrC4CqKZOpFWArAYP5mAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.118

🇮🇳 103.248.120.6

🇭🇰 36.255.220.145

🇨🇳 36.134.203.156

🇬🇧 35.203.210.211

🇮🇳 182.95.230.74

🇺🇸 172.236.228.218

🇻🇳 171.231.193.186

🇱🇹 141.98.11.224

🇨🇳 115.56.155.235

🇺🇸 107.174.179.70

🇺🇸 107.150.98.168

🇺🇸 104.236.83.40

🇩🇪 69.5.169.192

🇩🇪 64.89.163.146

🇬🇧 51.89.129.4

🇳🇱 45.148.10.240

🇨🇳 42.100.60.118

🇬🇧 35.203.211.18

🇩🇪 34.159.252.86