JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.240.54.252

35.240.54.252 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 60%: ?

60%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	252.54.240.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇧🇪 Belgium
City	Brussels, Brussels Capital

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.240.54.252

Whois 35.240.54.252

IP Abuse Reports for 35.240.54.252:

This IP address has been reported a total of 29 times from 9 distinct sources. 35.240.54.252 was first reported on June 10th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-20 23:59:09 (3 hours ago)	(mod_security) mod_security (id:210730) triggered by 35.240.54.252 (252.54.240.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210730) triggered by 35.240.54.252 (252.54.240.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 19:59:05.057487 2026] [security2:error] [pid 21718:tid 21718] [client 35.240.54.252:36340] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|portraitsinblues.com\|F\|2"] [data ".alligator.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "portraitsinblues.com"] [uri "/www.alligator.com"] [unique_id "ajcpSRJwlr8OjBXLg1k6CQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-20 14:23:18 (12 hours ago)	Excessive multi-domain requests	Brute-Force
🇳🇱 Cloud86 B.V.	2026-06-20 12:26:01 (14 hours ago)	categories: DDoS Attack	DDoS Attack
🇺🇸 antlac1	2026-06-20 06:32:32 (20 hours ago)	crowdsecurity/http-bad-user-agent	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 05:05:54 (22 hours ago)	(mod_security) mod_security (id:210730) triggered by 35.240.54.252 (252.54.240.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210730) triggered by 35.240.54.252 (252.54.240.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 01:05:51.245018 2026] [security2:error] [pid 14207:tid 14207] [client 35.240.54.252:42254] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.pswebsite.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pswebsite.com"] [uri "/answer.com"] [unique_id "ajYfr9ChpT21v0hpdr-ghAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-19 23:16:10 (1 day ago)	Excessive 404/403 errors	Brute-Force
🇳🇱 BlueWire Hosting	2026-06-19 18:28:26 (1 day ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇫🇷 bazter.pro	2026-06-19 16:53:04 (1 day ago)	Auto-Ban [2026-06-19 16:53:04]: CRITICAL: bot trap (hard) \| host=geofumadas.com \| route=/-.stn/sync ... show more Auto-Ban [2026-06-19 16:53:04]: CRITICAL: bot trap (hard) \| host=geofumadas.com \| route=/-.stn/sync \| hits=2 \| ua=Dragonfly/1.0 (+https://publisherdiscovery.com/bots) show less	Hacking Web App Attack
🇳🇱 Cloud86 B.V.	2026-06-19 01:52:06 (2 days ago)	categories: DDoS Attack	DDoS Attack
🇺🇸 TPI-Abuse	2026-06-19 01:14:46 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 35.240.54.252 (252.54.240.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210730) triggered by 35.240.54.252 (252.54.240.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 21:14:40.420430 2026] [security2:error] [pid 10521:tid 10521] [client 35.240.54.252:47128] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.khaoula.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.khaoula.com"] [uri "/[email protected]"] [unique_id "ajSYACQ9KfW-AbYq95zyXQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Lino Project	2026-06-19 00:26:05 (2 days ago)	CrowdSec abuse IP report (host SRV-2) Scenario: crowdsecurity/http-bad-user-agent	Hacking
🇺🇸 antlac1	2026-06-18 20:50:52 (2 days ago)	crowdsecurity/http-bad-user-agent	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 20:13:37 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 35.240.54.252 (252.54.240.35.bc.googleuserconte ... show more (mod_security) mod_security (id:210730) triggered by 35.240.54.252 (252.54.240.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 16:13:30.843819 2026] [security2:error] [pid 1910:tid 1910] [client 35.240.54.252:40912] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.whodatnation.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.whodatnation.com"] [uri "/2017/12/26/deja-vu/whodatnation.com"] [unique_id "ajRRasTk29zWHZWKI5JEVgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-18 17:18:30 (2 days ago)	Excessive 404/403 errors	Brute-Force
🇳🇱 BlueWire Hosting	2026-06-18 13:46:18 (2 days ago)	Bad bot ignoring robot.txt	Bad Web Bot

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 121.131.220.150

🇨🇳 101.245.68.130

🇧🇬 78.128.112.74

🇰🇷 61.80.157.142

🇺🇸 54.167.37.131

🇺🇸 47.77.229.178

🇺🇸 45.3.35.130

🇸🇬 43.134.96.24

🇨🇳 14.103.123.6

🇪🇹 196.188.127.253

🇫🇷 176.165.64.110

🇰🇷 158.180.79.132

🇺🇸 147.185.132.101

🇺🇸 104.37.86.14

🇻🇳 103.75.182.132

🇸🇪 81.237.155.113

🇨🇦 65.111.21.60

🇸🇬 47.84.140.62

🇺🇸 44.17.239.78

🇧🇪 35.187.108.238