JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.104.212.40

34.104.212.40 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 80%: ?

80%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	40.212.104.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.104.212.40

Whois 34.104.212.40

IP Abuse Reports for 34.104.212.40:

This IP address has been reported a total of 14 times from 14 distinct sources. 34.104.212.40 was first reported on June 13th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 07:16:23 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 34.104.212.40 (40.212.104.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.104.212.40 (40.212.104.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:16:19.031284 2026] [security2:error] [pid 17211:tid 17211] [client 34.104.212.40:51012] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "noviasaltovacio.com.mx.spyasociados.com"] [uri "/.env.pre-production"] [unique_id "ai-mwwvi4nyfaPITs9y23gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-06-15 04:21:30 (1 day ago)	(modsecurity) srv102 ModSecurity 34.104.212.40 (JP/Japan/40.212.104.34.bc.googleusercontent.com): 10 ... show more (modsecurity) srv102 ModSecurity 34.104.212.40 (JP/Japan/40.212.104.34.bc.googleusercontent.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇪🇸 alferez	2026-06-15 02:07:07 (1 day ago)	Searching .(env\|sql\|zip\|tar\|rar) files	Hacking Exploited Host Web App Attack
Anonymous	2026-06-15 00:56:59 (1 day ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇳🇱 Site.eu	2026-06-14 21:37:22 (1 day ago)	Excessive 404/403 errors	Brute-Force
🇳🇱 oisecnet	2026-06-14 21:03:20 (1 day ago)	Automated report: Unauthorized vulnerability scanning detected on 2026-06-14. 2254 requests from thi ... show more Automated report: Unauthorized vulnerability scanning detected on 2026-06-14. 2254 requests from this IP. show less	Brute-Force Web App Attack SSH
🇺🇸 jormaster3k	2026-06-14 18:29:54 (1 day ago)	Attack against Apache (too many 404s)	Web App Attack
🇩🇪 strxmpp	2026-06-14 15:06:51 (1 day ago)	34.104.212.40 - - [14/Jun/2026:17:06:49 +0200] "GET /v3/.env HTTP/1.1" 404 3304 "-" "Mozilla/5.0 (X1 ... show more 34.104.212.40 - - [14/Jun/2026:17:06:49 +0200] "GET /v3/.env HTTP/1.1" 404 3304 "-" "Mozilla/5.0 (X11; U; Linux x86_64; sv-SE; rv:1.8.1.12) Gecko/20080207 Ubuntu/7.10 (gutsy) Firefox/2.0.0.12" ... show less	Bad Web Bot
🇳🇱 GabrielJST	2026-06-14 14:48:26 (1 day ago)	(mod_security) mod_security triggered on hostname [redacted] 34.104.212.40 (JP/Japan/40.212.104.34.b ... show more (mod_security) mod_security triggered on hostname [redacted] 34.104.212.40 (JP/Japan/40.212.104.34.bc.googleusercontent.com): (CF_ENABLE) show less	SQL Injection
🇦🇹 penguin-solutions.at	2026-06-14 07:26:15 (2 days ago)	Excessive 403/404 errors ...	Brute-Force Web App Attack
Anonymous	2026-06-14 06:41:26 (2 days ago)	34.104.212.40 - - [14/Jun/2026:08:41:24 +0200] "GET /app/api/.env HTTP/1.1" 404 28145 "-" "Mozilla/5 ... show more 34.104.212.40 - - [14/Jun/2026:08:41:24 +0200] "GET /app/api/.env HTTP/1.1" 404 28145 "-" "Mozilla/5.0 (X11; Linux i686; rv:5.0) Gecko/20100101 Firefox/5.0" 34.104.212.40 - - [14/Jun/2026:08:41:24 +0200] "GET /app/api/.env HTTP/1.1" 404 5706 "-" "Mozilla/5.0 (X11; Linux i686; rv:5.0) Gecko/20100101 Firefox/5.0" 34.104.212.40 - - [14/Jun/2026:08:41:24 +0200] "GET /frontend/.env.staging HTTP/1.1" 404 28145 "-" "Mozilla/5.0 (Linux; Android 8.0.0; LND-AL30) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36" 34.104.212.40 - - [14/Jun/2026:08:41:24 +0200] "GET /frontend/.env.staging HTTP/1.1" 404 5706 "-" "Mozilla/5.0 (Linux; Android 8.0.0; LND-AL30) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36" 34.104.212.40 - - [14/Jun/2026:08:41:24 +0200] "GET /backend/.env.staging HTTP/1.1" 404 28145 "-" "Mozilla/5.0 (OS/2; Warp 4.5; rv:10.0.12) Gecko/20100101 Firefox/10.0.12" 34.104.212.40 - - [14/Jun/2026:08:41:24 +0200] "GET /backend/.en ... show less	Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-14 05:05:03 (2 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
Anonymous	2026-06-14 01:10:04 (2 days ago)	\| Suspicious URL access.	Web App Attack Hacking SQL Injection
🇸🇬 Starburst SysOp Team	2026-06-13 22:45:07 (2 days ago)	URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .b ... show more URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .backup/ .bak/ .bck/ .bk/ .bkp/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .cnf/ .com/ .compositefont/ .config/ .conf/ .copy/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jks/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .sav/ .save/ .scr/ .sct/ .sh/ .shs/ .sql/ .sqlite/ .sqlite3/ .swap/ .swo/ .swp/ .sys/ .temp/ .tfstate/ .tlb/ .tmp/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-sin2-2) show less	Hacking

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.151.137.122

🇺🇸 192.81.132.97

🇪🇸 149.91.97.132

🇷🇴 80.94.95.221

🇭🇰 199.45.154.181

🇳🇱 192.42.116.20

🇦🇲 176.32.193.16

🇺🇸 162.216.149.218

🇫🇮 147.185.133.65

🇺🇸 135.237.123.203

🇮🇳 122.176.20.134

🇨🇳 120.48.54.225

🇨🇳 112.31.109.13

🇻🇳 103.200.25.79

🇳🇱 91.92.40.13

🇧🇬 78.128.113.74

🇺🇸 67.230.183.38

🇺🇸 66.45.144.201

🇺🇸 65.49.1.179

🇵🇱 46.203.202.159