JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.241.80.38

35.241.80.38 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 80%: ?

80%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	38.80.241.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.241.80.38

Whois 35.241.80.38

IP Abuse Reports for 35.241.80.38:

This IP address has been reported a total of 14 times from 13 distinct sources. 35.241.80.38 was first reported on June 14th 2026, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-15 22:01:10 (8 hours ago)	Auto-ban: 223 malicious requests on 2026-06-14 (e.g., env/backup probes, brute-force, or error burst ... show more Auto-ban: 223 malicious requests on 2026-06-14 (e.g., env/backup probes, brute-force, or error bursts). show less	Web App Attack SSH Hacking
🇧🇪 cmbplf	2026-06-15 04:42:40 (1 day ago)	107 requests with url.path *credentials.json	Brute-Force Bad Web Bot
🇺🇸 mnsf	2026-06-15 04:07:01 (1 day ago)	Scanning/Probing (65) Request Overload (204)	Brute-Force Web App Attack
🇨🇦 SSH-Admin	2026-06-15 03:46:02 (1 day ago)	Probing for Exploits on ns74	Exploited Host Web App Attack
🇳🇱 Savvii	2026-06-15 02:48:46 (1 day ago)	20 attempts against mh-misbehave-ban on ceres	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 23:11:47 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 35.241.80.38 (38.80.241.35.bc.googleusercontent ... show more (mod_security) mod_security (id:210730) triggered by 35.241.80.38 (38.80.241.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 19:11:41.723055 2026] [security2:error] [pid 2182:tid 2182] [client 35.241.80.38:53642] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|airdriedrivingschool.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "airdriedrivingschool.com"] [uri "/backup.sql"] [unique_id "ai81LZ5NP3geqCCi7qFehQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 vaddilyin	2026-06-14 21:39:27 (1 day ago)	{"ClientAddr":"35.241.80.38:36266","ClientHost":"35.241.80.38","ClientPort":"36266","ClientUsername" ... show more {"ClientAddr":"35.241.80.38:36266","ClientHost":"35.241.80.38","ClientPort":"36266","ClientUsername":"-","DownstreamContentSize":19,"DownstreamStatus":404,"Duration":16755,"GzipRatio":0,"OriginContentSize":0,"OriginDuration":0,"OriginStatus":0,"Overhead":16755,"RequestAddr":"bz.vdkln.com","RequestContentSize":0,"RequestCount":23847,"RequestHost":"bz.vdkln.com","RequestMethod":"GET","RequestPath":"/phpinfo.php","RequestPort":"-","RequestProtocol":"HTTP/1.1","RequestScheme":"https","RetryAttempts":0,"StartLocal":"2026-06-14T21:39:25.035794268Z","StartUTC":"2026-06-14T21:39:25.035794268Z","TLSCipher":"TLS_AES_128_GCM_SHA256","TLSVersion":"1.3","entryPointName":"websecure","level":"info","msg":"","time":"2026-06-14T21:39:25Z"} {"ClientAddr":"35.241.80.38:36392","ClientHost":"35.241.80.38","ClientPort":"36392","ClientUsername":"-","DownstreamContentSize":19,"DownstreamStatus":404,"Duration":21078,"GzipRatio":0,"OriginContentSize":0,"OriginDuration":0,"OriginStatus":0,"Overhead":21078,"Reque ... show less	Web App Attack
🇳🇱 Cloud86 B.V.	2026-06-14 21:00:06 (1 day ago)	categories: DDoS Attack	DDoS Attack
🇩🇪 kkeyser	2026-06-14 18:34:34 (1 day ago)	GET /backend/actuator/heapdump HTTP/1.1	Web App Attack
🇩🇪 zumbo.net	2026-06-14 17:38:35 (1 day ago)	[Sun Jun 14 20:38:33.972175 2026] [proxy_fcgi:error] [pid 831789:tid 831823] [client 35.241.80.38:0] ... show more [Sun Jun 14 20:38:33.972175 2026] [proxy_fcgi:error] [pid 831789:tid 831823] [client 35.241.80.38:0] AH01071: Got error 'Primary script unknown' [Sun Jun 14 20:38:34.010859 2026] [proxy_fcgi:error] [pid 831790:tid 831827] [client 35.241.80.38:0] AH01071: Got error 'Primary script unknown' [Sun Jun 14 20:38:34.024479 2026] [proxy_fcgi:error] [pid 831790:tid 831811] [client 35.241.80.38:0] AH01071: Got error 'Primary script unknown' [Sun Jun 14 20:38:34.065711 2026] [proxy_fcgi:error] [pid 831789:tid 831833] [client 35.241.80.38:0] AH01071: Got error 'Primary script unknown' [Sun Jun 14 20:38:34.113033 2026] [proxy_fcgi:error] [pid 831789:tid 831842] [client 35.241.80.38:0] AH01071: Got error 'Primary script unknown' ... show less	Brute-Force Web App Attack
🇺🇸 Victor López	2026-06-14 14:10:46 (1 day ago)	2026/06/14 09:10:46 [error] 3166457#3166457: 2122433 limiting requests, excess: 50.800 by zone "gen ... show more 2026/06/14 09:10:46 [error] 3166457#3166457: 2122433 limiting requests, excess: 50.800 by zone "general", client: 35.241.80.38, server: advisainternational.com, request: "GET /profiler/phpinfo HTTP/1.1", host: "vmi1846086.contaboserver.net" 2026/06/14 09:10:46 [error] 3166456#3166456: 2122438 limiting requests, excess: 50.700 by zone "general", client: 35.241.80.38, server: advisainternational.com, request: "GET /docker-compose.yml HTTP/1.1", host: "vmi1846086.contaboserver.net" 2026/06/14 09:10:46 [error] 3166457#3166457: 2122454 limiting requests, excess: 50.400 by zone "general", client: 35.241.80.38, server: advisainternational.com, request: "GET /backend/docker-compose.yml HTTP/1.1", host: "vmi1846086.contaboserver.net" 2026/06/14 09:10:46 [error] 3166457#3166457: *2122451 limiting requests, excess: 50.400 by zone "general", client: 35.241.80.38, server: advisainternational.com, request: "GET /api/docker-compose.prod.yml HTTP/1.1", host: "vmi1846086.contaboserver.net" 2026/06/1 ... show less	DDoS Attack Web App Attack
🇫🇷 masterguru	2026-06-14 05:37:57 (2 days ago)	Restricted File Access Attempt. Matched phrase "compose.yml" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
Anonymous	2026-06-14 03:48:19 (2 days ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 02:40:19 (2 days ago)	(mod_security) mod_security (id:210831) triggered by 35.241.80.38 (38.80.241.35.bc.googleusercontent ... show more (mod_security) mod_security (id:210831) triggered by 35.241.80.38 (38.80.241.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 22:40:11.926521 2026] [security2:error] [pid 10535:tid 10535] [client 35.241.80.38:50900] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|harveyalperin.com\|F\|4"] [data "EmailWolf"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "harveyalperin.com"] [uri "/actuator/sessions"] [unique_id "ai4Uiyn_jLlJwws3_YKIGAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 136.110.92.11

🇨🇳 220.243.137.204

🇯🇵 203.25.124.189

🇭🇺 193.68.57.43

🇺🇸 172.212.224.40

🇮🇩 160.187.174.22

🇺🇸 136.107.206.139

🇦🇹 109.70.100.5

🇨🇮 102.142.245.220

🇺🇸 64.72.74.162

🇳🇱 45.142.193.118

🇩🇪 35.234.106.255

🇺🇸 35.188.133.184

🇺🇸 34.162.93.123

🇩🇪 34.159.155.154

🇧🇪 34.76.215.109

🇰🇷 34.50.22.177

🇺🇸 24.245.69.68

🇮🇪 18.203.162.69

🇹🇼 198.235.24.70