JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.101.59.235

34.101.59.235 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 82%: ?

82%

ISP	Google Asia Pacific Pte. Ltd. (GAPPL)
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	235.59.101.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.101.59.235

Whois 34.101.59.235

IP Abuse Reports for 34.101.59.235:

This IP address has been reported a total of 17 times from 14 distinct sources. 34.101.59.235 was first reported on June 14th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 17:10:42 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 34.101.59.235 (235.59.101.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210730) triggered by 34.101.59.235 (235.59.101.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:10:37.497762 2026] [security2:error] [pid 10124:tid 10124] [client 34.101.59.235:33276] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|andrewweigel.name\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "andrewweigel.name"] [uri "/.config/gcloud/credentials.db"] [unique_id "ajAyDYVSXuLK24xZVbMsNwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 NewGastroline	2026-06-15 17:09:37 (2 days ago)	Malicious request blocked by CrowdSec on gastro-prod1.boreus.de	Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-06-15 15:33:38 (2 days ago)	Too many 404 requests [BY]	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 09:59:52 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 34.101.59.235 (235.59.101.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.101.59.235 (235.59.101.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 05:59:48.293250 2026] [security2:error] [pid 11012:tid 11012] [client 34.101.59.235:41780] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.correeo.gisur.com"] [uri "/.env.template"] [unique_id "ai_NFCK_UhXFylMqvDeJuAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-06-15 09:48:08 (2 days ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇦 URAN Publishing Service	2026-06-15 08:39:26 (2 days ago)	34.101.59.235 - - [15/Jun/2026:11:39:25 +0300] "GET /.env HTTP/1.1" 404 3292 "-" "Mozilla/5.0 (Macin ... show more 34.101.59.235 - - [15/Jun/2026:11:39:25 +0300] "GET /.env HTTP/1.1" 404 3292 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36" 34.101.59.235 - - [15/Jun/2026:11:39:25 +0300] "GET /uat/.env HTTP/1.1" 404 3294 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/36.0.1985.125 Safari/537.36" ... show less	Web App Attack
🇳🇱 Site.eu	2026-06-15 06:29:02 (3 days ago)	Excessive multi-domain requests	Brute-Force
🇫🇷 masterguru	2026-06-15 03:36:57 (3 days ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇺🇸 mnsf	2026-06-15 02:05:31 (3 days ago)	Abuse Detected (17)	Brute-Force Web App Attack
🇳🇱 Savvii	2026-06-14 19:47:34 (3 days ago)	20 attempts against mh-misbehave-ban on comet	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Rayulcifer	2026-06-14 14:57:35 (3 days ago)	34.101.59.235 - - [14/Jun/2026:09:57:34 -0500] "\x16\x03\x01" 400 392 "-" "-" 34.101.59.235 - - [14/ ... show more 34.101.59.235 - - [14/Jun/2026:09:57:34 -0500] "\x16\x03\x01" 400 392 "-" "-" 34.101.59.235 - - [14/Jun/2026:09:57:34 -0500] "\x16\x03\x01" 400 392 "-" "-" 34.101.59.235 - - [14/Jun/2026:09:57:34 -0500] "\x16\x03\x01" 400 392 "-" "-" 34.101.59.235 - - [14/Jun/2026:09:57:34 -0500] "\x16\x03\x01" 400 392 "-" "-" 34.101.59.235 - - [14/Jun/2026:09:57:34 -0500] "\x16\x03\x01" 400 392 "-" "-" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇫🇷 Octopuce	2026-06-14 05:46:21 (4 days ago)	Aggressive web search of vulnerable pages: /src/api/.env /sendgrid/.env /dev/.env /staging/.env /sta ... show more Aggressive web search of vulnerable pages: /src/api/.env /sendgrid/.env /dev/.env /staging/.env /stage/.env ... show less	Web App Attack
🇩🇪 grassau.com	2026-06-14 05:28:00 (4 days ago)	Port Scan detected from 34.101.59.235 (ID/Indonesia/Jakarta/Jakarta/235.59.101.34.bc.googleusercon ... show more Port Scan detected from 34.101.59.235 (ID/Indonesia/Jakarta/Jakarta/235.59.101.34.bc.googleusercontent.com). show less	Port Scan
🇮🇹 VHosting	2026-06-14 04:55:03 (4 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇩🇪 updown.io	2026-06-14 03:35:20 (4 days ago)	{"level":"info","ts":1781408117.1365404,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781408117.1365404,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.101.59.235","remote_port":"41628","client_ip":"34.101.59.235","proto":"HTTP/1.1","method":"GET","host":"status.evolix.net","uri":"/.env.test","headers":{"User-Agent":["Links/0.9.1 (Linux 2.4.24; i386;)"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"status.evolix.net","ech":false}},"bytes_read":0,"user_id":"","duration":0.000110812,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}} {"level":"info","ts":1781408117.1375494,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.101.59.235","remote_port":"41648","client_ip":"34.101.59.235","proto":"HTTP/1.1","method":"GET","host":"status.evolix.net","uri":"/.env.demo","headers":{"User-Agent":["Mozilla/5.0 (iPhone; ... show less	DDoS Attack Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.185.4.147

🇺🇸 94.131.64.146

🇺🇸 94.131.64.115

🇺🇸 91.242.95.77

🇸🇬 47.84.142.238

🇨🇳 14.103.218.183

🇮🇳 2400:d321:2277:3897::1

🇩🇪 212.30.36.121

🇺🇸 162.216.150.182

🇫🇷 158.220.125.127

🇺🇸 147.182.246.210

🇻🇳 123.58.198.35

🇺🇸 91.242.95.139

🇺🇸 91.242.95.65

🇺🇸 91.242.95.20

🇺🇸 91.242.73.41

🇲🇰 77.29.209.26

🇺🇸 65.49.1.135

🇺🇸 64.62.156.179

🇹🇳 196.176.90.252