JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.220.158.192

35.220.158.192 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 92%: ?

92%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	192.158.220.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.220.158.192

Whois 35.220.158.192

IP Abuse Reports for 35.220.158.192:

This IP address has been reported a total of 33 times from 16 distinct sources. 35.220.158.192 was first reported on May 17th 2026, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-09 22:29:49 (10 hours ago)		Brute-Force Web App Attack
Anonymous	2026-06-09 16:27:12 (16 hours ago)	Fail2Ban triggered	Web App Attack
🇨🇭 4server	2026-06-09 16:24:06 (16 hours ago)	[TueJun0918:24:04.1675632026][security2:error][pid1912316:tid1912613][client35.220.158.192:0]ModSecu ... show more [TueJun0918:24:04.1675632026][security2:error][pid1912316:tid1912613][client35.220.158.192:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"larademarco.ch\"][uri\"/.git/config\"][unique_id\"aig-JBZ4mVvIcPKUryiUfAAAARc\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 15:00:15 (17 hours ago)	(mod_security) mod_security (id:210492) triggered by 35.220.158.192 (192.158.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.158.192 (192.158.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 11:00:09.365308 2026] [security2:error] [pid 6212:tid 6212] [client 35.220.158.192:38516] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wendywonjungkim.com"] [uri "/.git/config"] [unique_id "aigqeSuvVQ7vhq0it87wMwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 etu brutus	2026-06-09 14:51:20 (17 hours ago)	35.220.158.192 has been banned for [WebApp Attack] ...	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 12:20:31 (20 hours ago)	(mod_security) mod_security (id:210492) triggered by 35.220.158.192 (192.158.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.158.192 (192.158.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:20:27.769947 2026] [security2:error] [pid 23657:tid 23657] [client 35.220.158.192:36072] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.yulia.kronrod.com"] [uri "/.git/config"] [unique_id "aigFC94644V-7r-rsW8i7AAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 12:17:37 (20 hours ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇮🇹 Inartis	2026-06-09 10:14:20 (22 hours ago)	35.220.158.192 - - [09/Jun/2026:12:14:19 +0200] "GET /.git/config HTTP/1.1" 403 5008 "-" "Mozilla/5. ... show more 35.220.158.192 - - [09/Jun/2026:12:14:19 +0200] "GET /.git/config HTTP/1.1" 403 5008 "-" "Mozilla/5.0 (Linux; Android 9; SM-G975F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 10:11:05 (22 hours ago)	Web app attack and vulnerability scan detected from IIS logs	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 09:06:47 (23 hours ago)	(mod_security) mod_security (id:949110) triggered by 35.220.158.192 (192.158.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:949110) triggered by 35.220.158.192 (192.158.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 05:06:42.646202 2026] [security2:error] [pid 12881:tid 12881] [client 35.220.158.192:48964] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "dcagroupusa.com"] [uri "/.git/config"] [unique_id "aifXol46TRc7nGPAxWwTfAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 07:51:07 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 35.220.158.192 (192.158.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.158.192 (192.158.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 03:51:03.946918 2026] [security2:error] [pid 18841:tid 18841] [client 35.220.158.192:38986] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.societasprivata.sfsdesignsproductions.com"] [uri "/.git/config"] [unique_id "aifF57D83xcA1sdmgYtTyAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 05:59:35 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 35.220.158.192 (192.158.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.158.192 (192.158.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 01:59:28.126626 2026] [security2:error] [pid 29548:tid 29548] [client 35.220.158.192:41312] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.deoudewindpomp.jbaydeliveries.com"] [uri "/.git/config"] [unique_id "aierwPRxk-ky3KbgOxLg-wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 webko.si	2026-06-09 05:28:49 (1 day ago)	DKK: Bruteforce web app access, URI detail: '/.git/config'.	Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 01:31:10 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 35.220.158.192 (192.158.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.158.192 (192.158.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 21:31:07.275985 2026] [security2:error] [pid 26001:tid 26001] [client 35.220.158.192:58850] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.connec-tek.com.simia.com"] [uri "/.git/config"] [unique_id "aids2xYhHhz0AOKeArijyAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 01:02:04 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 35.220.158.192 (192.158.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.158.192 (192.158.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 21:02:00.784549 2026] [security2:error] [pid 23580:tid 23580] [client 35.220.158.192:59298] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.theraband.chevronparkett.com"] [uri "/.git/config"] [unique_id "aidmCLrBkqQJUB6LB6KINgAAACw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 65.49.1.231

🇱🇺 64.89.161.8

🇨🇳 43.143.73.189

🇰🇷 14.40.114.86

🇻🇳 183.91.11.36

🇺🇸 162.216.150.203

🇨🇳 110.249.201.133

🇫🇷 80.87.206.168

🇺🇸 47.251.180.210

🇧🇪 34.140.126.150

🇪🇪 31.59.160.12

🇳🇱 20.190.160.4

🇮🇩 195.88.211.165

🇸🇬 194.5.82.114

🇳🇱 176.65.148.147

🇧🇷 131.100.209.128

🇺🇸 45.156.129.195

🇸🇩 41.209.126.101

🇳🇱 195.178.110.204

🇺🇸 150.107.36.236