JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 8.228.4.152

8.228.4.152 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 65%: ?

65%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	152.4.228.8.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	Las Vegas, Nevada

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 8.228.4.152

Whois 8.228.4.152

IP Abuse Reports for 8.228.4.152:

This IP address has been reported a total of 13 times from 10 distinct sources. 8.228.4.152 was first reported on June 8th 2026, and the most recent report was 21 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-09 05:02:32 (21 minutes ago)	(mod_security) mod_security (id:210492) triggered by 8.228.4.152 (152.4.228.8.bc.googleusercontent.c ... show more (mod_security) mod_security (id:210492) triggered by 8.228.4.152 (152.4.228.8.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 01:02:26.710181 2026] [security2:error] [pid 10110:tid 10112] [client 8.228.4.152:49356] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ahrgroup.com"] [uri "/.env.preprod"] [unique_id "aieeYs_2er8dn1M5CppKkAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 03:11:06 (2 hours ago)	Bot / scanning and/or hacking attempts: GET /env.bak HTTP/1.1, GET /.env.template HTTP/1.1, GET /api ... show more Bot / scanning and/or hacking attempts: GET /env.bak HTTP/1.1, GET /.env.template HTTP/1.1, GET /api/.env.prod HTTP/1.1, GET /app/.env.local HTTP/1.1, GET /backend/.env HTTP/1.1, GET /.env.staging HTTP/1.1, GET /packages/api/.env HTTP/1.1, GET /.env.txt HTTP/1.1, GET /api/.env.old HTTP/1.1, GET /.env.local HTTP/1.1, GET /admin/api/.env HTTP/1.1, GET /app/.env HTTP/1.1, GET /.env.old HTTP/1.1, GET /app/.env.old HTTP/1.1, GET /.env.save HTTP/1.1, GET /.env.dev HTTP/1.1, GET /backend/.env.prod HTTP/1.1, GET /app/.env.backup HTTP/1.1, GET /src/.env.backup HTTP/1.1, GET /.env.sample HTTP/1.1, GET /env.txt HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 mnsf	2026-06-09 03:06:00 (2 hours ago)	Abuse Detected (25)	Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-09 01:08:07 (4 hours ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-06-09 00:37:56 (4 hours ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇺🇸 mnsf	2026-06-09 00:14:48 (5 hours ago)	Scanning/Probing (144) Request Overload (149)	Brute-Force Web App Attack
🇧🇪 Saec	2026-06-08 23:30:07 (5 hours ago)	Jarvis auto-ban: CF top attacker on saec.me (150 hits, US)	Port Scan Web App Attack
🇮🇹 [email protected]	2026-06-08 13:38:56 (15 hours ago)	[Mon Jun 08 15:38:55.353256 2026] [authz_core:error] [pid 1407402:tid 1407431] [client 8.228.4.152:5 ... show more [Mon Jun 08 15:38:55.353256 2026] [authz_core:error] [pid 1407402:tid 1407431] [client 8.228.4.152:54922] AH01630: client denied by server configuration: /var/www/html/MyWeb/Intoino/.env.local show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 12:31:55 (16 hours ago)	(mod_security) mod_security (id:210492) triggered by 8.228.4.152 (152.4.228.8.bc.googleusercontent.c ... show more (mod_security) mod_security (id:210492) triggered by 8.228.4.152 (152.4.228.8.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 08:31:49.519676 2026] [security2:error] [pid 20892:tid 20892] [client 8.228.4.152:44006] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.glamorgirl.net"] [uri "/.env"] [unique_id "aia2NU1yIB5mtS6rYGHKGAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 updown.io	2026-06-08 10:47:32 (18 hours ago)	{"level":"info","ts":1780915649.5987425,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1780915649.5987425,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"8.228.4.152","remote_port":"35632","client_ip":"8.228.4.152","proto":"HTTP/1.1","method":"GET","host":"mlkjiwww.dcbaupdate.yxwzutsrqponmlbnnkwkyxzxwww8bab2a5f-df77-4330-8c52-284b6b1ab1f1.random.159.89.98.98.nip.io","uri":"/.env.test","headers":{"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"],"User-Agent":["W3C_Validator/1.654"]}},"bytes_read":0,"user_id":"","duration":0.000086918,"size":0,"status":308,"resp_headers":{"Connection":["close"],"Location":["https://mlkjiwww.dcbaupdate.yxwzutsrqponmlbnnkwkyxzxwww8bab2a5f-df77-4330-8c52-284b6b1ab1f1.random.159.89.98.98.nip.io/.env.test"],"Content-Type":[],"Server":["Caddy"]}} {"level":"info","ts":1780915649.647132,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"8.228.4.152","remote_port":"35672","client_ip":"8.228.4.152","proto":"HTTP/1.1","method":"GET","host":"ml ... show less	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 06:28:10 (22 hours ago)	(mod_security) mod_security (id:210492) triggered by 8.228.4.152 (152.4.228.8.bc.googleusercontent.c ... show more (mod_security) mod_security (id:210492) triggered by 8.228.4.152 (152.4.228.8.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:28:06.183994 2026] [security2:error] [pid 5389:tid 5401] [client 8.228.4.152:41140] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.crosscountry.ahsdistance.org"] [uri "/.env.backup.txt"] [unique_id "aiZg9hzUF5qfHiljx5KtuAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-08 04:12:42 (1 day ago)	Excessive 404/403 errors	Brute-Force
🇮🇹 VHosting	2026-06-08 02:35:03 (1 day ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 212.135.208.13

🇲🇦 196.75.254.242

🇩🇪 194.88.98.99

🇬🇧 185.195.13.17

🇪🇸 185.174.136.247

🇬🇧 159.65.91.36

🇮🇷 89.34.177.36

🇫🇷 85.217.140.46

🇳🇱 45.148.10.152

🇺🇸 20.65.195.112

🇺🇸 20.65.154.237

🇳🇱 5.187.35.26

🇺🇸 2604:a880:4:1d0::21f0:1000

🇧🇪 198.235.24.239

🇲🇽 189.203.163.10

🇮🇳 182.95.126.14

🇺🇸 154.83.197.30

🇨🇬 102.141.42.115

🇳🇱 89.21.67.171

🇺🇸 64.23.246.208