JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.228.118.66

35.228.118.66 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 75%: ?

75%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	66.118.228.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇫🇮 Finland
City	Lappeenranta, South Karelia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.228.118.66

Whois 35.228.118.66

IP Abuse Reports for 35.228.118.66:

This IP address has been reported a total of 13 times from 12 distinct sources. 35.228.118.66 was first reported on June 8th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-11 17:06:49 (3 hours ago)	Too many Status 40X (15)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 15:00:19 (5 hours ago)	(mod_security) mod_security (id:210831) triggered by 35.228.118.66 (66.118.228.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210831) triggered by 35.228.118.66 (66.118.228.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 11:00:15.266296 2026] [security2:error] [pid 9960:tid 9960] [client 35.228.118.66:39260] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|wakims.com\|F\|4"] [data "Web Downloader"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "wakims.com"] [uri "/wp-json/gravitysmtp/v1/config"] [unique_id "airNfx4lWhSV9x0Cb6qDXQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-11 10:11:01 (10 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 WebNiraj	2026-06-10 15:23:33 (1 day ago)	(mod_security) mod_security (id:949110) triggered by 35.228.118.66 (FI/Finland/66.118.228.35.bc.goog ... show more (mod_security) mod_security (id:949110) triggered by 35.228.118.66 (FI/Finland/66.118.228.35.bc.googleusercontent.com): 5 in the last 3600 secs [SIGMA] show less	Brute-Force
🇬🇧 poundawebsiteltd	2026-06-10 12:32:23 (1 day ago)	Web App Attack (ModSecurity Block). Evidence: beanietools.dev:443 35.228.118.66 - - [10/Jun/2026:13: ... show more Web App Attack (ModSecurity Block). Evidence: beanietools.dev:443 35.228.118.66 - - [10/Jun/2026:13:32:21 +0100] GET /wp-json/wp/v2/settings HTTP/1.1 403 2784 - Opera/9.60 (J2ME/MIDP; Opera Mini/4.2.14320/554; U; cs) Presto/2.2.0 show less	Web App Attack
🇮🇩 Burayot	2026-06-10 07:29:58 (1 day ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 35.228.118.66 (FI/Finland/66.118.228 ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 35.228.118.66 (FI/Finland/66.118.228.35.bc.googleusercontent.com): 2 in the last 3600 secs show less	Web App Attack
🇩🇪 SCHAPPY	2026-06-10 03:47:59 (1 day ago)	Critical web app attack detected. HTTP header is restricted by policy (/accept-charset/)	Web App Attack
🇺🇸 Epimetheus	2026-06-09 19:52:42 (2 days ago)	Zombie network / Bot scanner detected: [GET] /wp-json/wp/v2/settings [GET] /wp-json/gravitysmtp/v1/ ... show more Zombie network / Bot scanner detected: [GET] /wp-json/wp/v2/settings [GET] /wp-json/gravitysmtp/v1/tests/mock-data [GET] /wp-json/gravitysmtp/v1/settings [GET] /wp-json/gravitysmtp/v1/tests/mock-data [GET] /wp-json/gravitysmtp/v1/config UA: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36 show less	Bad Web Bot Exploited Host Web App Attack
🇺🇸 MPL	2026-06-09 00:15:24 (2 days ago)	tcp ports: 80,443 (60 or more attempts)	Port Scan
🇨🇭 backslash	2026-06-08 12:48:00 (3 days ago)	block ruleset Badbot using very old user-agents 5CF3CDB778C7D82564405B86B9242E612F378C68	Bad Web Bot
🇬🇧 consul.to	2026-06-08 09:15:37 (3 days ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-06-08 02:46:01 (3 days ago)	35.228.118.66 - - [07/Jun/2026:23:46:00 -0300] "GET /wp-json/gravitysmtp/v1/settings HTTP/1.1" 404 1 ... show more 35.228.118.66 - - [07/Jun/2026:23:46:00 -0300] "GET /wp-json/gravitysmtp/v1/settings HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Reeder/3.2 Safari/605.1.15" 35.228.118.66 - - [07/Jun/2026:23:46:00 -0300] "GET /wp-json/gravitysmtp/v1/tests/mock-data HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36" 35.228.118.66 - - [07/Jun/2026:23:46:00 -0300] "GET /wp-json/gravitysmtp/v1/config HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36" ... show less	Port Scan
🇮🇹 VHosting	2026-06-08 02:20:03 (3 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 147.185.133.4

🇨🇳 125.76.228.194

🇺🇸 113.20.0.58

🇸🇬 47.82.11.51

🇸🇬 47.82.11.50

🇨🇳 175.11.241.148

🇺🇸 138.186.136.202

🇨🇦 85.217.149.6

🇨🇳 60.174.35.18

🇸🇬 47.82.11.5

🇳🇱 45.134.225.230

🇷🇺 37.128.240.47

🇬🇧 35.203.210.16

🇬🇧 13.40.86.108

🇮🇹 2.33.204.219

🇰🇷 222.118.59.16

🇧🇷 200.175.61.207

🇺🇸 162.216.149.46

🇩🇪 161.35.65.86

🇸🇬 47.82.11.49