JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.104.158.59

34.104.158.59 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 74%: ?

74%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	59.158.104.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.104.158.59

Whois 34.104.158.59

IP Abuse Reports for 34.104.158.59:

This IP address has been reported a total of 15 times from 12 distinct sources. 34.104.158.59 was first reported on June 14th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-16 00:12:46 (1 day ago)	Scanning/Probing (25)	Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-15 03:33:02 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 Cloud86 B.V.	2026-06-15 03:26:04 (2 days ago)	categories: DDoS Attack	DDoS Attack
🇫🇷 masterguru	2026-06-15 03:21:54 (2 days ago)	URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .backup/ ... show more URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .compositefont/ .config/ .conf/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .scr/ .sct/ .shs/ .sql/ .swp/ .sys/ .tlb/ .tmp/ .url/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-195) show less	Hacking
🇫🇷 dynamix	2026-06-15 02:53:26 (2 days ago)	Multiple WAF Violations	Web App Attack
🇬🇧 Nick Lewis	2026-06-15 00:22:31 (2 days ago)	(mod_security) mod_security triggered on hostname [redacted] 34.104.158.59 (JP/Japan/59.158.104.34.b ... show more (mod_security) mod_security triggered on hostname [redacted] 34.104.158.59 (JP/Japan/59.158.104.34.bc.googleusercontent.com) show less	SQL Injection
🇺🇸 TPI-Abuse	2026-06-15 00:10:57 (2 days ago)	(mod_security) mod_security (id:949110) triggered by 34.104.158.59 (59.158.104.34.bc.googleuserconte ... show more (mod_security) mod_security (id:949110) triggered by 34.104.158.59 (59.158.104.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 20:10:50.183115 2026] [security2:error] [pid 18377:tid 18377] [client 34.104.158.59:32862] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.music.freedrm.org"] [uri "/.env.backup"] [unique_id "ai9DCs8Sa0SfGc_ifN-e-AAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 YF	2026-06-14 23:05:09 (2 days ago)	404 errors Vulnerability scan	Web App Attack
Anonymous	2026-06-14 18:39:20 (2 days ago)	Scenarios: http-probing, http-sensitive-files Total requests: 332 [14/Jun/2026:18:39:18 +0000] [Clie ... show more Scenarios: http-probing, http-sensitive-files Total requests: 332 [14/Jun/2026:18:39:18 +0000] [Client: 34.104.158.59] [400] "\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03gh\xF6\x1F\xDD\xEE\xFD\xAF\xC4!\xB1W\x80\x08\x02\x8B\xD0*B\xF1\xABBR\xCFL\xAD\xA3oE\x8Fpq \xAE\x84B\x86v" User-Agent: "-" [14/Jun/2026:18:39:18 +0000] [Client: 34.104.158.59] [400] "\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03\xD8\xB1?\xCB5cI\xB8p\x82\x865\xBB\xCF\xDD\x19\xD7{\x84mU" User-Agent: "-" [14/Jun/2026:18:39:18 +0000] [Client: 34.104.158.59] [400] "\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03 JX;\x19`f+\xBF-\x9D" User-Agent: "-" [14/Jun/2026:18:39:18 +0000] [Client: 34.104.158.59] [400] "\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03\x85\x86\xBBD\xCAe\x14\xD8\xAB\xEA\x93\x99m\x11\x92" User-Agent: "-" [14/Jun/2026:18:39:18 +0000] [Client: 34.104.158.59] [400] "\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03pWTZa\xC7wv\xFA\xCC\x5C\x5C\x82Vg\xFBc3\xFCn\x84\xE8\xAD\x97z{\x90\xF9\xFF" User-Agent: "-" show less	Web App Attack
🇳🇱 Savvii	2026-06-14 13:10:11 (2 days ago)	20 attempts against mh-misbehave-ban on pinto	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-14 07:14:56 (3 days ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 06:23:57 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.104.158.59 (59.158.104.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.104.158.59 (59.158.104.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 02:23:50.226139 2026] [security2:error] [pid 32597:tid 32597] [client 34.104.158.59:40276] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.darkstarsystems.net"] [uri "/public/.env"] [unique_id "ai5I9pcrTcHC8kyEyd0MpAAAAHw"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-14 05:35:04 (3 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 04:07:46 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.104.158.59 (59.158.104.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.104.158.59 (59.158.104.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 00:07:42.225285 2026] [security2:error] [pid 30118:tid 30118] [client 34.104.158.59:48478] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.qed-consulting.co"] [uri "/app/.env.dev"] [unique_id "ai4pDps1UWlKj9URKG379QAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-06-14 02:19:51 (3 days ago)	(modsecurity) srv201 ModSecurity 34.104.158.59 (JP/Japan/59.158.104.34.bc.googleusercontent.com): 10 ... show more (modsecurity) srv201 ModSecurity 34.104.158.59 (JP/Japan/59.158.104.34.bc.googleusercontent.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇴 176.28.246.128

🇫🇷 217.113.194.123

🇩🇪 202.61.245.131

🇺🇸 162.243.8.173

🇺🇸 76.33.38.202

🇺🇸 66.93.14.85

🇮🇶 65.20.174.49

🇨🇳 58.48.53.254

🇸🇬 47.82.14.32

🇫🇷 37.187.104.215

🇧🇪 34.156.18.130

🇨🇳 218.0.56.30

🇬🇧 217.32.206.106

🇬🇧 193.163.125.252

🇺🇸 193.34.72.20

🇧🇩 182.48.68.82

🇹🇷 176.88.168.119

🇮🇶 169.224.4.184

🇮🇹 151.95.211.132

🇩🇿 105.98.35.250