JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.252.218.3

35.252.218.3 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	3.218.252.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	The Dalles, Oregon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.252.218.3

Whois 35.252.218.3

IP Abuse Reports for 35.252.218.3:

This IP address has been reported a total of 23 times from 23 distinct sources. 35.252.218.3 was first reported on June 11th 2026, and the most recent report was 53 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-06-11 14:06:08 (53 minutes ago)	39.771 requests in 1 hour (3mos1w5d)	Brute-Force Bad Web Bot
🇧🇾 lns.bz	2026-06-11 14:04:50 (54 minutes ago)	Too many 404 requests [BY]	Web App Attack
Anonymous	2026-06-11 14:01:27 (57 minutes ago)	Fail2Ban - Wordpress brute-force ...	Brute-Force Web App Attack
🇫🇮 YF	2026-06-11 14:00:36 (58 minutes ago)	Attaque distribuée subnet	DDoS Attack Web App Attack
🇩🇪 LRob.fr	2026-06-11 14:00:09 (59 minutes ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇩🇪 rh24	2026-06-11 13:56:36 (1 hour ago)	(wordpress) Failed wordpress login from 35.252.218.3 (US/United States/3.218.252.35.bc.googleusercon ... show more (wordpress) Failed wordpress login from 35.252.218.3 (US/United States/3.218.252.35.bc.googleusercontent.com): (CF_ENABLE) show less	Brute-Force
Anonymous	2026-06-11 13:51:57 (1 hour ago)	[redacted] 35.252.218.3 - - [11/Jun/2026:15:51:48 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "M ... show more [redacted] 35.252.218.3 - - [11/Jun/2026:15:51:48 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" [redacted] 35.252.218.3 - - [11/Jun/2026:15:51:49 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" [redacted] 35.252.218.3 - - [11/Jun/2026:15:51:50 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" [redacted] 35.252.218.3 - - [11/Jun/2026:15:51:51 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" [redacted] 35.252.218.3 - - [11/Jun/2026:15:51:51 +0200] "POST //xmlrpc.php HTTP/1.1" ... show less	Hacking Web App Attack
🇩🇪 IVski	2026-06-11 13:47:57 (1 hour ago)	IVski WAF \| WordPress scanner detected - probing wp-content, xmlrpc or wp-login	Port Scan Brute-Force Web App Attack
🇨🇭 backslash	2026-06-11 13:36:00 (1 hour ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇩🇪 webanyone	2026-06-11 13:30:29 (1 hour ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇨🇭 Ribeye375	2026-06-11 13:30:01 (1 hour ago)	HIPS rce-attempt - Block tcp/0:65535	Hacking Web App Attack
🇳🇱 thedreamer.nl	2026-06-11 13:28:16 (1 hour ago)	35.252.218.3 - - [11/Jun/2026:15:22:43 +0200] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 548 " ... show more 35.252.218.3 - - [11/Jun/2026:15:22:43 +0200] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "US" "The Dalles" "45.59990" "-121.18710" 35.252.218.3 - - [11/Jun/2026:15:22:43 +0200] "GET //feed/ HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "US" "The Dalles" "45.59990" "-121.18710" 35.252.218.3 - - [11/Jun/2026:15:22:43 +0200] "GET //xmlrpc.php?rsd HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "US" "The Dalles" "45.59990" "-121.18710" 35.252.218.3 - - [11/Jun/2026:15:22:43 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "US" "The Dalles" "45.599 ... show less	Brute-Force Bad Web Bot
🇺🇦 URAN Publishing Service	2026-06-11 13:28:03 (1 hour ago)	35.252.218.3 - - [11/Jun/2026:16:28:01 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 683 "- ... show more 35.252.218.3 - - [11/Jun/2026:16:28:01 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 683 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 35.252.218.3 - - [11/Jun/2026:16:28:02 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 683 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" ... show less	Web App Attack
🇺🇸 kosada.com	2026-06-11 13:22:27 (1 hour ago)	Web vulnerability probing: //wordpress/wp-includes/wlwmanifest.xml	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 13:09:30 (1 hour ago)	(mod_security) mod_security (id:225170) triggered by 35.252.218.3 (3.218.252.35.bc.googleusercontent ... show more (mod_security) mod_security (id:225170) triggered by 35.252.218.3 (3.218.252.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 09:09:26.543019 2026] [security2:error] [pid 5611:tid 5611] [client 35.252.218.3:62515] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|marianozaro.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "marianozaro.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aiqzhlbp0HWvU_YdODqISwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.30

🇨🇳 180.76.194.91

🇺🇸 162.216.149.234

🇧🇷 148.227.123.242

🇨🇳 120.27.147.82

🇺🇸 107.150.105.153

🇵🇹 87.196.72.235

🇺🇸 65.49.1.38

🇭🇰 45.142.154.100

🇺🇸 40.124.175.103

🇸🇪 20.240.241.205

🇩🇪 209.38.209.207

🇺🇸 209.38.134.32

🇵🇱 194.180.48.31

🇷🇴 193.32.162.16

🇩🇪 172.217.33.220

🇻🇳 171.224.180.136

🇺🇸 147.185.132.182

🇺🇸 146.190.37.241

🇮🇳 103.182.132.154