JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.220.157.18

35.220.157.18 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 49%: ?

49%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	18.157.220.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.220.157.18

Whois 35.220.157.18

IP Abuse Reports for 35.220.157.18:

This IP address has been reported a total of 41 times from 24 distinct sources. 35.220.157.18 was first reported on December 29th 2020, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-14 22:03:01 (16 hours ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-13. show less	Web App Attack SSH Hacking
🇳🇱 homeshowdomain.nl	2026-06-13 22:07:18 (1 day ago)	Auto-ban: >3000 req/min op 2026-06-13	Web App Attack SSH Hacking
🇳🇿 Antinson	2026-06-13 17:37:35 (1 day ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-13 16:14:23 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 35.220.157.18 (18.157.220.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 35.220.157.18 (18.157.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 12:14:17.389209 2026] [security2:error] [pid 16002:tid 16002] [client 35.220.157.18:35290] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cactusstarvineyard.com"] [uri "/.git/config"] [unique_id "ai2B2duPFLy2NZ6arjP2LAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 15:15:54 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 35.220.157.18 (18.157.220.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 35.220.157.18 (18.157.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 11:15:47.864888 2026] [security2:error] [pid 26219:tid 26219] [client 35.220.157.18:41086] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gormish.org"] [uri "/.git/config"] [unique_id "ai10I_ddcsVZxQz6Qp-__gAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 14:45:14 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 35.220.157.18 (18.157.220.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 35.220.157.18 (18.157.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 10:45:10.253432 2026] [security2:error] [pid 18217:tid 18217] [client 35.220.157.18:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.forsaleincr.com"] [uri "/.git/config"] [unique_id "ai1s9knEWciFKGubQUUIBwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 14:05:01 (2 days ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 10:41:38 (2 days ago)	(mod_security) mod_security (id:949110) triggered by 35.220.157.18 (18.157.220.35.bc.googleuserconte ... show more (mod_security) mod_security (id:949110) triggered by 35.220.157.18 (18.157.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 06:41:35.026195 2026] [security2:error] [pid 15436:tid 15436] [client 35.220.157.18:46946] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.auranet.cescfoundation.org"] [uri "/.git/config"] [unique_id "ai0z34eg6Ylk4p7uH2L3BAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-13 10:28:32 (2 days ago)	5.704 requests with url.path .git/	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-13 08:56:18 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 35.220.157.18 (18.157.220.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 35.220.157.18 (18.157.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:56:10.762291 2026] [security2:error] [pid 28482:tid 28482] [client 35.220.157.18:44802] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.maritanasystems.eckerberg.net"] [uri "/.git/config"] [unique_id "ai0bKjCcaTyH-qamxKbryQAAAE4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 08:40:43 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 35.220.157.18 (18.157.220.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 35.220.157.18 (18.157.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:40:36.602935 2026] [security2:error] [pid 30009:tid 30009] [client 35.220.157.18:60884] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thenowhere-men.com"] [uri "/.git/config"] [unique_id "ai0XhM4iqU0cTRfWwRCeaAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 08:19:41 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 35.220.157.18 (18.157.220.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 35.220.157.18 (18.157.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:19:33.661266 2026] [security2:error] [pid 30478:tid 30478] [client 35.220.157.18:38920] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tsiwny.org"] [uri "/.git/config"] [unique_id "ai0SlZL6acASVlpulzWj3wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 06:39:09 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 35.220.157.18 (18.157.220.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 35.220.157.18 (18.157.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 02:39:03.104590 2026] [security2:error] [pid 17823:tid 17823] [client 35.220.157.18:48974] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.decroos.org"] [uri "/.git/config"] [unique_id "aiz7B-Kxb4dMp8IrcdKH5wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-13 06:06:36 (2 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 05:40:00 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 35.220.157.18 (18.157.220.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 35.220.157.18 (18.157.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 01:39:54.989074 2026] [security2:error] [pid 21316:tid 21316] [client 35.220.157.18:48846] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "djdharma.com"] [uri "/.git/config"] [unique_id "aiztKnBHLzrV2cQCAXzU8AAAABg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 103.127.30.137

🇺🇸 207.90.244.22

🇺🇸 198.58.124.42

🇧🇪 149.154.197.254

🇮🇩 103.27.250.69

🇺🇸 2606:f182:d201::1

🇫🇮 204.168.246.69

🇺🇸 66.132.224.21

🇺🇸 43.162.112.238

🇨🇿 37.44.16.231

🇧🇷 191.7.26.153

🇧🇷 187.1.85.182

🇧🇷 179.184.192.237

🇷🇴 143.20.185.242

127.0.0.1

🇨🇳 117.26.73.109

🇵🇱 87.251.64.158

🇶🇦 2600:1900:4260:40e::67

🇨🇳 218.17.184.95

🇮🇩 210.210.155.71