JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.221.218.66

35.221.218.66 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 75%: ?

75%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	66.218.221.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇹🇼 Taiwan
City	Taipei, Taiwan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.221.218.66

Whois 35.221.218.66

IP Abuse Reports for 35.221.218.66:

This IP address has been reported a total of 26 times from 19 distinct sources. 35.221.218.66 was first reported on June 8th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-10 22:05:36 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-09. show less	Web App Attack SSH Hacking
🇳🇱 Site.eu	2026-06-09 18:26:15 (2 weeks ago)	Excessive multi-domain requests	Brute-Force
🇳🇱 ConsulHosting	2026-06-09 16:38:40 (2 weeks ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇨🇭 copestack	2026-06-09 16:00:06 (2 weeks ago)	Automated detection: HTTP environment file enumeration (.env credential harvesting). 1 decisions on ... show more Automated detection: HTTP environment file enumeration (.env credential harvesting). 1 decisions on ov-4e5936. show less	Web App Attack
🇳🇱 wlt-blocker	2026-06-09 14:02:02 (2 weeks ago)	Unauthorized access to webpage admin	Web App Attack
🇩🇪 updown.io	2026-06-09 10:41:53 (2 weeks ago)	{"level":"info","ts":1781001712.8778398,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781001712.8778398,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"35.221.218.66","remote_port":"51228","client_ip":"35.221.218.66","proto":"HTTP/1.1","method":"GET","host":"rqtsrmlkjihgfedcbwwwc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io","uri":"/.env.backup","headers":{"User-Agent":["Mozilla/5.0 (Linux; Android 9; VTR-AL00 Build/HUAWEIVTR-AL00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/66.0.3359.126 MQQBrowser/6.2 TBS/044807 Mobile Safari/537.36 MMWEBID/6475 MicroMessenger/7.0.6.1460(0x27000634) Process/tools NetType/4G Language/zh_CN"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"]}},"bytes_read":0,"user_id":"","duration":0.000085213,"size":0,"status":308,"resp_headers":{"Location":["https://rqtsrmlkjihgfedcbwwwc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io/.env.backup"],"Content-Type":[],"Server":["Caddy"],"Connection":["close"]}} {"level":"info ... show less	DDoS Attack Web App Attack
Anonymous	2026-06-09 10:18:04 (2 weeks ago)	Bot / scanning and/or hacking attempts: GET /app/.env.local HTTP/1.1, GET /app/.env.bak HTTP/1.1, GE ... show more Bot / scanning and/or hacking attempts: GET /app/.env.local HTTP/1.1, GET /app/.env.bak HTTP/1.1, GET /backend/.env.old HTTP/1.1, GET /services/api/.env HTTP/1.1, GET /api/.env.staging HTTP/1.1, GET /src/.env.backup HTTP/1.1, GET /frontend/.env.dev HTTP/1.1, GET /admin/.env.backup HTTP/1.1, GET /backend/.env HTTP/1.1, GET /packages/api/.env HTTP/1.1, GET /app/api/.env HTTP/1.1, GET /laravel/.env HTTP/1.1, GET /wp/.env HTTP/1.1, GET /wordpress/.env HTTP/1.1, GET /backend/.env.staging HTTP/1.1, GET /api/backend/.env HTTP/1.1, GET /backend/.env.bak HTTP/1.1 show less	Hacking Web App Attack
Anonymous	2026-06-09 10:02:16 (2 weeks ago)	Bot / seems abusive / Apache connections: 55	DDoS Attack Web Spam Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-09 09:37:13 (2 weeks ago)	Excessive 404/403 errors	Brute-Force
🇫🇷 masterguru	2026-06-09 08:01:49 (2 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 35.221.218.66 (TW/Taiwan/66.218.221.3 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 35.221.218.66 (TW/Taiwan/66.218.221.35.bc.googleusercontent.com): 1 in the last 3600 secs (0-195) show less	Hacking
Anonymous	2026-06-09 03:47:39 (2 weeks ago)	Scenarios: http-bad-user-agent, http-sensitive-files Total requests: 151 [09/Jun/2026:03:47:38 +0000 ... show more Scenarios: http-bad-user-agent, http-sensitive-files Total requests: 151 [09/Jun/2026:03:47:38 +0000] [Client: 35.221.218.66] GET [200] "/.env.old HTTP/1.1" User-Agent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3844.0 Safari/537.36" [09/Jun/2026:03:47:38 +0000] [Client: 35.221.218.66] GET [200] "/.env.copy HTTP/1.1" User-Agent: "Opera/9.0 (Macintosh; PPC Mac OS X; U; en)" [09/Jun/2026:03:47:38 +0000] [Client: 35.221.218.66] GET [200] "/.env.staging HTTP/1.1" User-Agent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" [09/Jun/2026:03:47:38 +0000] [Client: 35.221.218.66] GET [200] "/.env.production HTTP/1.1" User-Agent: "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36" show less	Web App Attack
🇺🇸 mnsf	2026-06-09 00:18:44 (2 weeks ago)	Scanning/Probing (74)	Brute-Force Web App Attack
🇳🇿 Antinson	2026-06-08 23:22:22 (2 weeks ago)	High error rate and elevated request volume targeting cPanel servers	Bad Web Bot
🇳🇱 homeshowdomain.nl	2026-06-08 22:06:01 (2 weeks ago)	Auto-ban: >3000 req/min op 2026-06-08	Web App Attack SSH Hacking
Anonymous	2026-06-08 17:58:15 (2 weeks ago)	(caddyscan) Scanner path probe from 35.221.218.66 (TW/Taiwan/66.218.221.35.bc.googleusercontent.com) ... show more (caddyscan) Scanner path probe from 35.221.218.66 (TW/Taiwan/66.218.221.35.bc.googleusercontent.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 35.221.218.66 - - [08/Jun/2026:17:58:10 +0000] "GET /api/.env HTTP/1.1" [REDACTED] 200 2627 35.221.218.66 - - [08/Jun/2026:17:58:11 +0000] "GET /v3/.env HTTP/1.1" [REDACTED] 200 2627 35.221.218.66 - - [08/Jun/2026:17:58:11 +0000] "GET /api/.env.production HTTP/1.1" [REDACTED] 200 2627 35.221.218.66 - - [08/Jun/2026:17:58:11 +0000] "GET /.env.qa HTTP/1.1" [REDACTED] 200 2627 35.221.218.66 - - [08/Jun/2026:17:58:11 +0000] "GET /.env.production.local HTTP/1.1" show less	Port Scan

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 221.156.126.1

🇧🇪 198.235.24.170

🇰🇷 222.239.251.12

🇪🇨 190.131.134.135

🇺🇸 134.209.120.216

🇺🇸 100.29.192.51

🇺🇸 65.49.1.16

🇱🇹 62.60.130.219

🇭🇰 43.132.227.251

🇺🇸 66.132.195.105

🇺🇸 47.251.188.112

🇺🇸 45.130.83.247

🇧🇪 34.78.233.183

🇷🇴 2.57.121.112

🇨🇳 223.199.175.112

🇩🇪 91.107.187.203

🇳🇱 176.65.148.132

🇲🇦 160.174.129.232

🇩🇪 43.131.45.213

🇩🇪 4.184.246.230