JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.104.195.27

34.104.195.27 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 95%: ?

95%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	27.195.104.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.104.195.27

Whois 34.104.195.27

IP Abuse Reports for 34.104.195.27:

This IP address has been reported a total of 27 times from 21 distinct sources. 34.104.195.27 was first reported on June 8th 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 BlueWire Hosting	2026-06-11 18:36:11 (6 days ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇸🇪 vaia.cloud	2026-06-11 17:46:04 (6 days ago)	trying wp-login.php/xmlrpc.php 145 times in 1 minutes	Brute-Force Web App Attack
Anonymous	2026-06-11 14:05:03 (6 days ago)	Bot / scanning and/or hacking attempts: GET /test/.env HTTP/1.1, GET /v1/.env HTTP/1.1, GET /api/bac ... show more Bot / scanning and/or hacking attempts: GET /test/.env HTTP/1.1, GET /v1/.env HTTP/1.1, GET /api/backend/.env HTTP/1.1, GET /services/.env.local HTTP/1.1, GET /backend/.env.staging HTTP/1.1, GET /src/.env HTTP/1.1, GET /server/.env.backup HTTP/1.1, GET /backend/.env.bak HTTP/1.1, GET /internal/.env.production HTTP/1.1, GET /staging/.env HTTP/1.1, GET /admin/.env.production HTTP/1.1, GET /wp/.env HTTP/1.1, GET /api/.env.dev HTTP/1.1, GET /release/.env HTTP/1.1, GET /services/api/.env HTTP/1.1, GET /frontend/.env.dev HTTP/1.1, GET /dashboard/.env HTTP/1.1, GET /config/.env.production HTTP/1.1, GET /service/.env HTTP/1.1, GET /app/.env.old HTTP/1.1 show less	Hacking Web App Attack
🇫🇷 Lunix	2026-06-11 04:05:14 (1 week ago)		Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-11 01:29:27 (1 week ago)	Excessive multi-domain requests	Brute-Force
🇳🇱 homeshowdomain.nl	2026-06-10 22:03:31 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-09. show less	Web App Attack SSH Hacking
🇩🇪 gadix	2026-06-10 19:56:54 (1 week ago)	[10/Jun/2026:21:56:50.639316 +0200] ainBgiJvnlp64uPm8QKpGAAAAAU 34.104.195.27 34220 127.0.0.1 7081 [ ... show more [10/Jun/2026:21:56:50.639316 +0200] ainBgiJvnlp64uPm8QKpGAAAAAU 34.104.195.27 34220 127.0.0.1 7081 [10/Jun/2026:21:56:50.639672 +0200] ainBgthSzXBlqPv7vbJSrgAAAAA 34.104.195.27 34232 127.0.0.1 7081 [10/Jun/2026:21:56:50.639808 +0200] ainBguhemSyn-Gyh_T2pLgAAAGI 34.104.195.27 34200 127.0.0.1 7081 ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 17:48:58 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 34.104.195.27 (27.195.104.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.104.195.27 (27.195.104.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 13:48:53.697931 2026] [security2:error] [pid 26503:tid 26503] [client 34.104.195.27:38608] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewhispertwins.com"] [uri "/.env.copy"] [unique_id "aimjhdqVTE69ifOM5tQjtQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-06-10 17:34:33 (1 week ago)	Unauthorized access to webpage admin	Web App Attack
Anonymous	2026-06-10 17:08:34 (1 week ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: JP, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: JP, Attack patterns: WordPress scanning, Backup file probing, Cloud secrets probing show less	Bad Web Bot Web App Attack
🇩🇪 DocNetzwerk	2026-06-10 16:18:13 (1 week ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted] from 34.104.195.27 (JP/Ja ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 34.104.195.27 (JP/Japan/27.195.104.34.bc.googleusercontent.com) show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-10 15:48:06 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 34.104.195.27 (27.195.104.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.104.195.27 (27.195.104.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 11:48:00.564013 2026] [security2:error] [pid 7170:tid 7170] [client 34.104.195.27:51524] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tcjohnston.com"] [uri "/.env.old"] [unique_id "aimHMKi5EwN9IaTvolD1gAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-10 14:43:40 (1 week ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇳🇴 jad-abuse	2026-06-10 11:25:37 (1 week ago)	ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe. O ... show more ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe. Observed by 1 sensor(s); 145 hits. show less	Web App Attack
🇷🇴 iulianh	2026-06-10 08:43:06 (1 week ago)	80,443	Brute-Force SSH

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 182.70.255.242

🇺🇸 172.202.118.16

🇫🇷 158.173.157.103

🇺🇸 147.185.132.29

🇨🇳 139.212.68.236

🇨🇳 113.206.131.48

🇰🇬 92.62.74.41

🇺🇿 87.192.249.130

🇩🇪 87.106.210.86

🇭🇰 47.238.188.245

🇹🇷 45.195.231.75

🇰🇷 211.105.129.57

🇹🇼 198.235.24.39

🇬🇧 178.128.43.143

🇩🇪 167.235.243.159

🇺🇸 165.154.134.19

🇺🇸 162.216.149.171

🇨🇳 117.40.113.72

🇨🇳 116.167.202.219

🇧🇪 104.199.87.139