JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.252.103.189

35.252.103.189 was found in our database!

This IP was reported 40 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	189.103.252.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	The Dalles, Oregon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.252.103.189

Whois 35.252.103.189

IP Abuse Reports for 35.252.103.189:

This IP address has been reported a total of 40 times from 30 distinct sources. 35.252.103.189 was first reported on June 3rd 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-24 12:04:42 (2 hours ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Auto ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Automated scanning show less	Bad Web Bot Web App Attack
Anonymous	2026-06-23 11:03:15 (1 day ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Auto ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Automated scanning show less	Bad Web Bot Web App Attack
🇬🇷 setupgr	2026-06-23 10:35:32 (1 day ago)	(mod_security) mod_security (id:11000011) triggered by 35.252.103.189 (US/United States/Oregon/The D ... show more (mod_security) mod_security (id:11000011) triggered by 35.252.103.189 (US/United States/Oregon/The Dalles/-/[AS396982 GOOGLE-CLOUD-PLATFORM]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 23 13:35:28.260871 2026] [security2:error] [pid 1934813:tid 1934933] [client 35.252.103.189:52680] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "googleusercontent.com" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "131"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: 189.103.252.35.bc.googleusercontent.com"] [severity "CRITICAL"] [hostname "adoro.gr"] [uri "/wp-content/plugins/justified-image-grid/timthumb.php"] [unique_id "ajphcPVHAYoCTqtXWiUcNAAAAIk"] show less	Port Scan
🇵🇱 lns.bz	2026-06-23 10:30:58 (1 day ago)	Web app attack [PL.Lu]	Exploited Host Web App Attack
🇺🇸 nodepile	2026-06-23 09:39:17 (1 day ago)	Requests denied due to active blacklist hits (tenant=82 method=GET path=/media/catalog/product/cache ... show more Requests denied due to active blacklist hits (tenant=82 method=GET path=/media/catalog/product/cache/1/small_image/270x/f5eb122a735ef0711ea07901775df9ca/1/_/1_269_7.jpg ua='Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36') show less	Web App Attack Exploited Host
🇩🇪 Skyrider	2026-06-23 09:35:35 (1 day ago)	Nginx: HTTP 4xx probe/scan attempts. Automated fail2ban report.	Bad Web Bot Web App Attack
🇬🇷 setupgr	2026-06-23 09:30:03 (1 day ago)	(mod_security) mod_security (id:11000011) triggered by 35.252.103.189 (US/United States/Oregon/The D ... show more (mod_security) mod_security (id:11000011) triggered by 35.252.103.189 (US/United States/Oregon/The Dalles/-/[AS396982 GOOGLE-CLOUD-PLATFORM]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 23 12:29:59.902660 2026] [security2:error] [pid 2059052:tid 2059081] [client 35.252.103.189:48362] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "googleusercontent.com" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "131"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: 189.103.252.35.bc.googleusercontent.com"] [severity "CRITICAL"] [hostname "asteriassantorini.com"] [uri "/wp-content/uploads/2017/04/2.jpg"] [unique_id "ajpSF1NPFwkSkEkc_m0EhwAAAQI"] show less	Port Scan
🇩🇪 Vegascosmetics	2026-06-12 09:36:17 (1 week ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security	DDoS Attack Hacking Exploited Host
Anonymous	2026-06-12 09:18:47 (1 week ago)	FortiWeb WAF: 4 attacks detected. Threat Score: 74800. Types: Client Management(2), Block IP List(2) ... show more FortiWeb WAF: 4 attacks detected. Threat Score: 74800. Types: Client Management(2), Block IP List(2). Origin: United States. show less	Web App Attack
Anonymous	2026-06-12 07:40:04 (1 week ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot
🇬🇷 setupgr	2026-06-12 05:47:20 (1 week ago)	(mod_security) mod_security (id:11000011) triggered by 35.252.103.189: 1 in the last 86400 secs; Por ... show more (mod_security) mod_security (id:11000011) triggered by 35.252.103.189: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 08:47:17.709506 2026] [security2:error] [pid 104036:tid 104235] [client 35.252.103.189:55584] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "googleusercontent.com" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "128"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: 189.103.252.35.bc.googleusercontent.com"] [hostname "asteriassantorini.com"] [uri "/wp-content/plugins/justified-image-grid/timthumb.php"] [unique_id "aiudZSyuLlw2tzl8Q_BrOgAAAIs"] show less	Port Scan
🇺🇸 nodepile	2026-06-12 04:40:10 (1 week ago)	Requests denied due to active blacklist hits (tenant=82 method=GET path=/media/catalog/product/cache ... show more Requests denied due to active blacklist hits (tenant=82 method=GET path=/media/catalog/product/cache/c686970eaa95e0e7690cb2adc1d7f1aa/f/0/f024.jpg ua='Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36') show less	Web App Attack Exploited Host
🇯🇵 HeliJP	2026-06-10 11:45:05 (2 weeks ago)	2026-06-10T11:09:48Z - Recognized attacks\bad behavior from IP address 35.252.103.189 on port 443\80 ... show more 2026-06-10T11:09:48Z - Recognized attacks\bad behavior from IP address 35.252.103.189 on port 443\80 (3 daily hits): client denied by server configuration show less	Port Scan Hacking SQL Injection Brute-Force Web App Attack
🇧🇪 cmbplf	2026-06-09 13:23:14 (2 weeks ago)	5.406 requests from abuseipdb.com blacklisted IP (1yr2mos1d)	Brute-Force Bad Web Bot
🇩🇪 Hugopvigo	2026-06-08 21:05:13 (2 weeks ago)	"2026-06-08 21:05:13+00:00 35.252.103.189 IP con score alto (100) detectada en el log."	Brute-Force SSH

Showing 1 to 15 of 40 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 202.29.224.166

🇺🇸 151.241.122.108

🇨🇳 111.231.12.65

🇧🇫 102.23.39.152

🇺🇸 66.52.190.27

🇮🇶 65.20.144.171

🇷🇺 46.18.204.177

🇳🇱 45.148.10.147

🇻🇳 14.243.118.187

🇧🇪 2a00:1450:400c:c0d::123

🇻🇳 2402:800:61ef:febc:3d68:735:f88c:e08a

🇰🇷 222.98.122.37

🇬🇧 104.248.169.81

🇮🇳 103.161.93.53

🇫🇷 91.231.89.10

🇳🇱 91.92.40.66

🇮🇳 74.125.178.144

🇧🇷 43.164.193.198

🇯🇵 8.216.7.213

🇸🇬 114.119.139.110