JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.247.207.128

35.247.207.128 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	128.207.247.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇧🇷 Brazil
City	Sao Paulo, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.247.207.128

Whois 35.247.207.128

IP Abuse Reports for 35.247.207.128:

This IP address has been reported a total of 28 times from 19 distinct sources. 35.247.207.128 was first reported on June 13th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-15 21:59:22 (2 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-14. show less	Web App Attack SSH Hacking
🇩🇪 akasolutions.de	2026-06-15 01:37:59 (3 days ago)	(mod_security) mod_security triggered on hostname [redacted] 35.247.207.128 (BR/Brazil/128.207.247.3 ... show more (mod_security) mod_security triggered on hostname [redacted] 35.247.207.128 (BR/Brazil/128.207.247.35.bc.googleusercontent.com) show less	SQL Injection
🇺🇸 alecj.com	2026-06-15 01:22:25 (3 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 Matthew Ping	2026-06-15 00:15:02 (3 days ago)	ModSecurity rule 949110 triggered on wp3. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
🇨🇭 Origon	2026-06-15 00:13:52 (3 days ago)	http-sensitive-files - IP: 35.247.207.128 - time="2026-06-15T02:13:51+02:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 35.247.207.128 - time="2026-06-15T02:13:51+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 35.247.207.128 (BR/396982) : 4h ban on Ip 35.247.207.128" module=db show less	Web App Attack
🇲🇾 Rizzy	2026-06-14 22:47:13 (3 days ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 22:04:36 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 35.247.207.128 (128.207.247.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.247.207.128 (128.207.247.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 18:04:33.459063 2026] [security2:error] [pid 24750:tid 24750] [client 35.247.207.128:60786] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.weebly.martinka.org"] [uri "/code/.git/config"] [unique_id "ai8lccSZa476qR5G6JCurwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-14 22:00:56 (3 days ago)	Auto-ban: >3000 req/min op 2026-06-14	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-14 21:38:42 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 35.247.207.128 (128.207.247.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.247.207.128 (128.207.247.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 17:38:35.996423 2026] [security2:error] [pid 23934:tid 23934] [client 35.247.207.128:57246] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.isyourcompanysafe.com"] [uri "/static/.git/config"] [unique_id "ai8fW5LM1WINvtrPFSN4wQAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 patrisei	2026-06-14 20:51:43 (3 days ago)	You are now banned for 10 years by Schiffdorf-West Patrol. Trigger: crowdsecurity/http-sensitive-fil ... show more You are now banned for 10 years by Schiffdorf-West Patrol. Trigger: crowdsecurity/http-sensitive-files show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 20:49:27 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 35.247.207.128 (128.207.247.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.247.207.128 (128.207.247.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 16:49:22.214564 2026] [security2:error] [pid 487:tid 487] [client 35.247.207.128:60370] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "claireashtontherapy.com"] [uri "/blog/.git/config"] [unique_id "ai8T0vzAUSajN5IMN6miygAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kuroneko_omu	2026-06-14 12:41:11 (3 days ago)	Fail2Ban <webattack> jail detected 5 attempts against 35.247.207.128.	DDoS Attack Hacking Brute-Force Web App Attack
🇳🇱 Savvii	2026-06-14 11:44:41 (3 days ago)	20 attempts against mh-misbehave-ban on ec102954	Brute-Force Bad Web Bot Web App Attack
🇳🇿 Antinson	2026-06-14 10:34:26 (4 days ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
🇨🇭 4server	2026-06-14 10:09:34 (4 days ago)	[SunJun1412:09:29.7263332026][security2:error][pid1646804:tid1647389][client35.247.207.128:0]ModSecu ... show more [SunJun1412:09:29.7263332026][security2:error][pid1646804:tid1647389][client35.247.207.128:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"hosting-dominio.ch.hosting-domini.ch\"][uri\"/web/.git/config\"][unique_id\"ai592eYOPbe06vGyLw8EPwAAAJg\"] show less	Hacking Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.62

🇺🇸 104.28.235.60

🇰🇷 221.159.119.6

🇳🇱 176.65.139.183

🇮🇩 163.7.9.84

🇧🇷 152.32.200.243

🇺🇸 149.36.9.244

🇨🇳 125.44.199.148

🇺🇸 124.198.131.39

🇸🇪 90.224.74.107

🇹🇷 88.250.68.66

🇳🇱 86.54.31.34

🇸🇪 85.229.46.153

🇺🇸 47.251.106.132

🇳🇱 45.148.10.230

🇮🇹 45.143.182.238

🇬🇧 35.203.211.237

🇸🇬 8.219.248.226

🇳🇱 176.65.132.24

🇺🇸 143.42.1.189