JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 35.247.221.148

35.247.221.148 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	148.221.247.35.bc.googleusercontent.com
Domain Name	google.com
Country	🇧🇷 Brazil
City	Sao Paulo, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 35.247.221.148

Whois 35.247.221.148

IP Abuse Reports for 35.247.221.148:

This IP address has been reported a total of 34 times from 22 distinct sources. 35.247.221.148 was first reported on June 8th 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇪 vaia.cloud	2026-06-12 03:53:01 (6 days ago)	trying wp-login.php/xmlrpc.php 145 times in 1 minutes	Brute-Force Web App Attack
🇳🇱 Cloud86 B.V.	2026-06-11 21:13:07 (6 days ago)	categories: DDoS Attack	DDoS Attack
🇩🇪 updown.io	2026-06-11 15:09:09 (1 week ago)	{"level":"info","ts":1781190548.8440077,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781190548.8440077,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"35.247.221.148","remote_port":"44678","client_ip":"35.247.221.148","proto":"HTTP/1.1","method":"GET","host":"update.update.xwvutsrqlbnnkwkyxzxwww8bab2a5f-df77-4330-8c52-284b6b1ab1f1.random.159.89.98.98.nip.io","uri":"/v2/.env","headers":{"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"],"User-Agent":["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.80 Safari/537.36 Vivaldi/1.0.344.37"]}},"bytes_read":0,"user_id":"","duration":0.000124619,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://update.update.xwvutsrqlbnnkwkyxzxwww8bab2a5f-df77-4330-8c52-284b6b1ab1f1.random.159.89.98.98.nip.io/v2/.env"],"Content-Type":[]}} {"level":"info","ts":1781190548.8453758,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"35.247.221.148","rem ... show less	DDoS Attack Web App Attack
🇩🇪 webanyone	2026-06-11 14:15:28 (1 week ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇬🇧 consul.to	2026-06-11 12:36:07 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-11 06:20:51 (1 week ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
Anonymous	2026-06-11 05:45:10 (1 week ago)	Bot / scanning and/or hacking attempts: GET /.env.testing HTTP/1.1, GET /src/.env.local HTTP/1.1, GE ... show more Bot / scanning and/or hacking attempts: GET /.env.testing HTTP/1.1, GET /src/.env.local HTTP/1.1, GET /data/.env HTTP/1.1, GET /v2/.env HTTP/1.1, GET /app/.env HTTP/1.1, GET /services/.env.local HTTP/1.1, GET /.env.qa HTTP/1.1, GET /backend/.env.bak HTTP/1.1, GET /.env.development HTTP/1.1 show less	Hacking Web App Attack
🇲🇾 Rizzy	2026-06-10 22:15:10 (1 week ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇳🇱 Cloud86 B.V.	2026-06-10 19:39:03 (1 week ago)	categories: DDoS Attack	DDoS Attack
🇫🇷 masterguru	2026-06-10 15:10:14 (1 week ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇬🇧 consul.to	2026-06-10 04:22:56 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 01:04:00 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 35.247.221.148 (148.221.247.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.247.221.148 (148.221.247.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 21:03:54.446487 2026] [security2:error] [pid 8732:tid 8732] [client 35.247.221.148:33754] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "johnhansonmemorial.org.coolingsprings.org"] [uri "/.env.production"] [unique_id "aii3-rR1eTCC8JmYO-OzUAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 pinguin	2026-06-10 00:19:43 (1 week ago)	Triggered Cloudflare WAF (firewallManaged) from BR. Action taken: LOG Protocol: HTTP/1.1 (GET method ... show more Triggered Cloudflare WAF (firewallManaged) from BR. Action taken: LOG Protocol: HTTP/1.1 (GET method) Endpoint: /cms/.env UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/607.2.6 (KHTML, like Gecko) Version/12.1.1 Safari/607.2.6 Maxthon/5.1.132 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇳🇱 Site.eu	2026-06-09 21:45:09 (1 week ago)	Excessive multi-domain requests	Brute-Force
🇩🇪 updown.io	2026-06-09 14:38:58 (1 week ago)	{"level":"info","ts":1781015937.5051608,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781015937.5051608,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"35.247.221.148","remote_port":"35746","client_ip":"35.247.221.148","proto":"HTTP/1.1","method":"GET","host":"supdate.kjihgfedcbadgc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io","uri":"/env.backup","headers":{"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"],"User-Agent":["Mozilla/5.0 (Linux; Android 8.0.0; HTC U11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36"]}},"bytes_read":0,"user_id":"","duration":0.000024287,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://supdate.kjihgfedcbadgc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io/env.backup"],"Content-Type":[]}} {"level":"info","ts":1781015937.5061266,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"35.247.221.148","remote_port":"35728","clie ... show less	DDoS Attack Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 176.97.168.185

🇺🇸 150.107.36.98

🇮🇪 130.195.213.202

🇫🇷 91.231.89.202

🇳🇱 185.242.226.71

🇮🇳 182.95.106.78

🇮🇳 159.89.161.238

🇺🇸 104.204.221.16

🇳🇱 45.198.224.5

🇷🇴 2.57.122.177

🇹🇼 198.235.24.58

🇺🇸 195.184.76.182

🇷🇺 176.97.176.174

🇭🇰 152.32.209.166

🇫🇮 147.185.133.70

🇨🇳 113.140.95.2

🇺🇸 104.200.76.65

🇺🇸 104.194.198.252

🇷🇴 80.94.92.177

🇨🇳 39.146.235.88