JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.252.3.5

35.252.3.5 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 71%: ?

71%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	5.3.252.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇮🇱 Israel
City	Tel Aviv, Tel Aviv

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.252.3.5

Whois 35.252.3.5

IP Abuse Reports for 35.252.3.5:

This IP address has been reported a total of 20 times from 17 distinct sources. 35.252.3.5 was first reported on May 19th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-22 22:00:32 (1 week ago)	Auto-ban: >3000 req/min op 2026-05-22	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-05-22 19:00:27 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 35.252.3.5 (5.3.252.35.bc.googleusercontent.com ... show more (mod_security) mod_security (id:210492) triggered by 35.252.3.5 (5.3.252.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 15:00:21.288792 2026] [security2:error] [pid 14137:tid 14137] [client 35.252.3.5:34816] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.paradisepalms.iainrealtor.com"] [uri "/.env.local"] [unique_id "ahCnxdMpaURBf-f0dqNgfwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 18:45:23 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 35.252.3.5 (5.3.252.35.bc.googleusercontent.com ... show more (mod_security) mod_security (id:210492) triggered by 35.252.3.5 (5.3.252.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 14:45:19.163634 2026] [security2:error] [pid 15881:tid 15881] [client 35.252.3.5:43562] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hartflicker.com"] [uri "/.env.local"] [unique_id "ahCkP0XQ9w3kHHRbld-PFQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Cloud86 B.V.	2026-05-22 04:39:02 (1 week ago)	categories: DDoS Attack	DDoS Attack
🇷🇺 DZBOT	2026-05-22 03:16:26 (1 week ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇫🇷 masterguru	2026-05-22 00:35:50 (2 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 35.252.3.5 (IL/Israel/5.3.252.35.bc.g ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 35.252.3.5 (IL/Israel/5.3.252.35.bc.googleusercontent.com): 1 in the last 3600 secs (0-195) show less	Hacking
🇦🇺 2000cn.com.au	2026-05-20 10:40:33 (2 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇫🇷 Flo Flo	2026-05-20 10:20:07 (2 weeks ago)	35.252.3.5 - - - [20/May/2026:12:20:07 +0200] "82.66.117.16" "GET /.git/config HTTP/1.1" 444 0 "-" " ... show more 35.252.3.5 - - - [20/May/2026:12:20:07 +0200] "82.66.117.16" "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Linux; Android 9; SM-G975F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" 0.000 ... show less	Web App Attack
🇳🇱 ParaBug	2026-05-20 10:08:40 (2 weeks ago)	35.252.3.5 - - [20/May/2026:12:08:39 +0200] "\x16\x03\x01" 400 432 "-" "-" ...	Phishing Brute-Force Web App Attack
🇵🇱 sefinek.net	2026-05-20 10:04:10 (2 weeks ago)	Honeypot hit: Unauthorized traffic (239 bytes of payload); 9090 [2] TCP Reported by: https://github. ... show more Honeypot hit: Unauthorized traffic (239 bytes of payload); 9090 [2] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇩🇪 Mykola Spesivtsev	2026-05-20 09:24:37 (2 weeks ago)	HTTP Tarpit detected bot activity:TargetPort:443, Path:/.git/config, Method:GET, UA:Mozilla/5.0 (Mac ... show more HTTP Tarpit detected bot activity:TargetPort:443, Path:/.git/config, Method:GET, UA:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3 show less	Port Scan Web App Attack Bad Web Bot
🇬🇧 PeravixGroup	2026-05-20 08:54:25 (2 weeks ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 Interceptor_HQ	2026-05-20 08:53:33 (2 weeks ago)	request_uri: /.git/config -- automatic report --	Brute-Force Hacking
🇩🇪 ut-addicted.com	2026-05-20 08:44:02 (2 weeks ago)	\[Wed May 20 10:44:01.522173 2026\] \[:error\] \[pid 30192:tid 139785800742656\] \[client 35.252.3.5 ... show more \[Wed May 20 10:44:01.522173 2026\] \[:error\] \[pid 30192:tid 139785800742656\] \[client 35.252.3.5:58498\] \[client 35.252.3.5\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 8\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "78.46.187.162"\] \[uri "/.git/config"\] \[unique_id "ag10UZC2ucqJb-XIMVZLjwAAAMo"\] show less	Brute-Force Web App Attack
🇺🇸 Starburst SysOp Team	2026-05-19 23:46:40 (2 weeks ago)	(mod_security-custom) mod_security (id:210492) triggered by 35.252.3.5 (IL/Israel/Tel Aviv/Tel Aviv/ ... show more (mod_security-custom) mod_security (id:210492) triggered by 35.252.3.5 (IL/Israel/Tel Aviv/Tel Aviv/5.3.252.35.bc.googleusercontent.com/[AS396982 GOOGLE-CLOUD-PLATFORM]): 1 in the last 3600 secs (0-srv1) show less	Hacking

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 186.129.68.63

🇺🇾 167.61.14.41

🇺🇸 137.184.124.11

🇸🇬 124.156.202.242

🇹🇼 101.13.5.49

🇷🇺 85.26.228.68

🇦🇪 5.31.247.158

🇨🇳 221.226.24.62

🇧🇷 189.57.137.250

🇩🇪 176.65.132.22

🇩🇪 167.99.132.8

🇦🇺 118.208.232.234

🇸🇬 118.194.233.253

🇺🇸 69.116.94.225

🇺🇸 65.49.1.17

🇨🇳 58.220.39.200

🇺🇸 40.124.169.176

🇺🇸 20.163.15.196

🇷🇴 2.57.121.25

🇨🇳 219.151.190.128