JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.220.227.149

35.220.227.149 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 86%: ?

86%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	149.227.220.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.220.227.149

Whois 35.220.227.149

IP Abuse Reports for 35.220.227.149:

This IP address has been reported a total of 38 times from 15 distinct sources. 35.220.227.149 was first reported on June 8th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 AvonleaConsulting	2026-06-09 22:59:12 (4 days ago)	Attempts to probe web pages for vulnerable PHP or other applications	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-09 22:03:13 (4 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-09 16:25:25 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 35.220.227.149 (149.227.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.227.149 (149.227.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 12:25:17.837967 2026] [security2:error] [pid 8077:tid 8077] [client 35.220.227.149:40580] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fruitsaladyummy.robtown.com"] [uri "/.git/config"] [unique_id "aig-bX2gD_twFkUkTp12yQAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 AvonleaConsulting	2026-06-09 14:33:35 (4 days ago)	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	Bad Web Bot Web App Attack
🇺🇸 interbiznw.com	2026-06-09 13:11:50 (5 days ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 12:52:30 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 35.220.227.149 (149.227.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.227.149 (149.227.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:52:27.234201 2026] [security2:error] [pid 13609:tid 13609] [client 35.220.227.149:59450] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fletcherdouglas.com"] [uri "/.git/config"] [unique_id "aigMi9DIg7SLTurtV0McngAAAD4"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 inlink.ltd	2026-06-09 08:17:26 (5 days ago)	dot file probe	Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 06:28:50 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 35.220.227.149 (149.227.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.227.149 (149.227.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 02:28:42.661042 2026] [security2:error] [pid 25927:tid 25927] [client 35.220.227.149:45682] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.willark.ryanc.net"] [uri "/.git/config"] [unique_id "aieymkp7qp_jp-spWKV_FQAAAHs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-09 06:08:59 (5 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 35.220.227.149 (HK/Hong Kong/149.227. ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 35.220.227.149 (HK/Hong Kong/149.227.220.35.bc.googleusercontent.com): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-09 06:08:59 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 35.220.227.149 (149.227.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.227.149 (149.227.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 02:08:53.030914 2026] [security2:error] [pid 6202:tid 6202] [client 35.220.227.149:56748] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "purebinary.com"] [uri "/.git/config"] [unique_id "aiet9YIfYTezjvO3rrq2TwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 Sabrina Soto	2026-06-09 05:02:14 (5 days ago)	Probe for vulnerabilities. Path attempted: /.git/config	Web App Attack
🇮🇩 Burayot	2026-06-09 04:32:24 (5 days ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 35.220.227.149 (HK/Hong Kong/149.22 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 35.220.227.149 (HK/Hong Kong/149.227.220.35.bc.googleusercontent.com): 2 in the last 3600 secs show less	Web App Attack
🇩🇪 4server	2026-06-09 04:25:32 (5 days ago)	[TueJun0906:25:26.1195832026][security2:error][pid2328474:tid2328631][client35.220.227.149:0]ModSecu ... show more [TueJun0906:25:26.1195832026][security2:error][pid2328474:tid2328631][client35.220.227.149:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:10\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"www.bozza.avcolor.ch\"][uri\"/.git/config\"][unique_id\"aieVtqrYHhUkULepoYD-xAAAAQc\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 04:18:44 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 35.220.227.149 (149.227.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.227.149 (149.227.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 00:18:39.434050 2026] [security2:error] [pid 21229:tid 21229] [client 35.220.227.149:47636] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kruizekontrhl.com.darkalleyproductions.com"] [uri "/.git/config"] [unique_id "aieUHz5Jx1-7VcNI28UoCAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 03:14:48 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 35.220.227.149 (149.227.220.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.220.227.149 (149.227.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 23:14:41.377085 2026] [security2:error] [pid 19945:tid 19945] [client 35.220.227.149:35622] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "portfolio.joebankx.com"] [uri "/.git/config"] [unique_id "aieFIb26yQh2TJ3b6u1P3gAAABI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇺 2400:8280:3:104:9999::245

🇫🇷 51.68.34.131

🇧🇷 45.205.1.244

🇳🇱 45.148.10.183

🇳🇱 45.148.10.151

🇩🇪 162.158.95.17

🇺🇸 154.83.197.11

🇨🇳 120.48.124.81

🇫🇷 86.217.21.47

🇧🇪 64.233.167.207

🇲🇽 46.250.168.35

🇦🇹 46.124.150.171

🇨🇳 223.90.115.54

🇩🇪 217.154.144.111

🇵🇱 194.180.49.217

🇧🇷 177.207.248.141

🇨🇭 176.223.173.56

🇸🇪 171.25.158.24

🇷🇴 146.70.124.150

🇻🇳 116.110.148.110