JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.228.55.123

35.228.55.123 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 63%: ?

63%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	123.55.228.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇫🇮 Finland
City	Lappeenranta, South Karelia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.228.55.123

Whois 35.228.55.123

IP Abuse Reports for 35.228.55.123:

This IP address has been reported a total of 13 times from 10 distinct sources. 35.228.55.123 was first reported on June 14th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-16 21:59:25 (1 day ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-15. show less	Web App Attack SSH Hacking
Anonymous	2026-06-15 10:00:03 (3 days ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇫🇷 masterguru	2026-06-15 08:31:04 (3 days ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 05:19:03 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 35.228.55.123 (123.55.228.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 35.228.55.123 (123.55.228.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 01:18:54.616308 2026] [security2:error] [pid 6743:tid 6743] [client 35.228.55.123:42876] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spyasociados.com"] [uri "/config/.env"] [unique_id "ai-LPg1UbRiiCPZQbep15QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 02:32:40 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 35.228.55.123 (123.55.228.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 35.228.55.123 (123.55.228.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:32:36.245965 2026] [security2:error] [pid 10700:tid 10717] [client 35.228.55.123:42764] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.austindermatologist.com.aafm.us"] [uri "/.env.copy"] [unique_id "ai9kRO_Ur0mU4xGvlGiM9AAAAQA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 01:56:22 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 35.228.55.123 (123.55.228.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 35.228.55.123 (123.55.228.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 21:56:18.613645 2026] [security2:error] [pid 29562:tid 29562] [client 35.228.55.123:59248] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.asermaq.cl.tecnoconce.com"] [uri "/v2/.env"] [unique_id "ai9bwlpTtrWMZhY0MwlFnQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 22:34:46 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 35.228.55.123 (123.55.228.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 35.228.55.123 (123.55.228.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 18:34:41.969263 2026] [security2:error] [pid 17042:tid 17046] [client 35.228.55.123:53738] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.themarketplacelb.com.oplconnect.com"] [uri "/.env"] [unique_id "ai8sgRpwJQh7rUMSEiDh4AAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 10:09:26 (4 days ago)	Try to connect to Port_Scan_443_stealth	Port Scan
🇳🇱 Savvii	2026-06-14 06:12:12 (4 days ago)	20 attempts against mh-misbehave-ban on frost	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-14 05:09:05 (4 days ago)	Scanning/Probing (65)	Brute-Force Web App Attack
🇮🇹 VHosting	2026-06-14 03:45:04 (4 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇩🇪 Nightreaver	2026-06-14 02:07:42 (4 days ago)	35.228.55.123 - - [14/Jun/2026:04:07:42 0200] "GET /dev/.env HTTP/1.1" 404 4246 "-" "Mozilla/5.0 (L ... show more 35.228.55.123 - - [14/Jun/2026:04:07:42 0200] "GET /dev/.env HTTP/1.1" 404 4246 "-" "Mozilla/5.0 (Linux; Android 9; Redmi K20 Pro Build/PKQ1.181121.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/66.0.3359.126 MQQBrowser/6.2 TBS/044807 Mobile Safari/537.36 MMWEBID/4406 MicroMessenger/7.0.6.1460(0x27000634) Process/tools NetType/WIFI Language/zh_CN" 35.228.55.123 - - [14/Jun/2026:04:07:42 0200] "GET /v1/.env HTTP/1.1" 404 4246 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36" 35.228.55.123 - - [14/Jun/2026:04:07:42 0200] "GET /app/backend/.env HTTP/1.1" 404 4246 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36" 35.228.55.123 - - [14/Jun/2026:04:07:42 0200] "GET /stage/.env HTTP/1.1" 404 4246 "-" "Mozilla/5.0 (Linux; Android 9; SAMSUNG SM-G955F Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/9.4 Chrome/67.0.3396.87 Mob[...] show less	Bad Web Bot Web App Attack
🇨🇭 zynex	2026-06-14 01:56:00 (4 days ago)	URL Probing: /backend/api/.env	Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.227.209.27

🇺🇸 65.49.1.220

🇺🇸 64.23.203.0

🇩🇪 148.230.70.139

🇺🇸 65.49.1.98

🇷🇺 62.192.226.83

🇩🇪 46.101.166.207

🇱🇹 45.227.254.170

🇺🇸 3.132.26.232

🇩🇪 167.94.145.17

🇺🇸 162.216.150.25

🇧🇷 138.97.67.85

🇮🇪 128.251.36.118

🇺🇸 103.4.251.106

🇩🇪 80.158.109.51

🇺🇸 45.41.179.21

🇬🇧 35.203.211.6

🇺🇸 20.190.190.130

🇺🇸 20.15.225.63

🇧🇬 5.188.206.46