JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.104.231.203

34.104.231.203 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 78%: ?

78%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	203.231.104.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.104.231.203

Whois 34.104.231.203

IP Abuse Reports for 34.104.231.203:

This IP address has been reported a total of 16 times from 13 distinct sources. 34.104.231.203 was first reported on June 13th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-14 22:04:04 (1 day ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-13. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-13 16:14:08 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 34.104.231.203 (203.231.104.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.104.231.203 (203.231.104.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 12:14:03.184794 2026] [security2:error] [pid 3979:tid 3979] [client 34.104.231.203:57090] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zheundu.com"] [uri "/.env.backup"] [unique_id "ai2ByxfhicJ8vAvPZkwFWQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 15:30:49 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 34.104.231.203 (203.231.104.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.104.231.203 (203.231.104.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 11:30:43.250651 2026] [security2:error] [pid 15533:tid 15542] [client 34.104.231.203:33552] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aspencommission.com"] [uri "/.env.dev"] [unique_id "ai13o984h45DQNAYG5GzGQAAAQQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 pm33	2026-06-13 15:30:42 (2 days ago)	Excessive crawling HTTP 404	Web App Attack
🇩🇪 webanyone	2026-06-13 15:15:28 (2 days ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇫🇷 COMAITE	2026-06-13 14:16:58 (2 days ago)	Suspicious URL access.	Web App Attack
🇫🇷 masterguru	2026-06-13 13:06:46 (2 days ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
Anonymous	2026-06-13 12:24:26 (2 days ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇫🇷 masterguru	2026-06-13 12:02:17 (2 days ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-196)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 12:02:13 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 34.104.231.203 (203.231.104.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.104.231.203 (203.231.104.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 08:02:08.731438 2026] [security2:error] [pid 7907:tid 7907] [client 34.104.231.203:54900] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kleens-uk.com"] [uri "/.env.backup.txt"] [unique_id "ai1GwMMCkuXhEcsihe2Q1AAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-13 08:53:53 (3 days ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 Skyrider	2026-06-13 08:31:40 (3 days ago)	Nginx: HTTP 4xx probe/scan attempts. Automated fail2ban report.	Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-13 08:20:16 (3 days ago)	Blocked by CSF 13 firewall - Rule: US/United States/203.231.104.34.bc.googleusercontent.com	Web App Attack
🇧🇾 lns.bz	2026-06-13 06:42:03 (3 days ago)	.env scanning [BY]	Web App Attack
🇩🇪 grassau.com	2026-06-13 05:52:59 (3 days ago)	Port Scan detected from 34.104.231.203 (JP/Japan/Tokyo/Tokyo/203.231.104.34.bc.googleusercontent.c ... show more Port Scan detected from 34.104.231.203 (JP/Japan/Tokyo/Tokyo/203.231.104.34.bc.googleusercontent.com). show less	Port Scan

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 208.84.100.240

🇦🇺 203.220.200.243

🇩🇴 200.88.135.160

🇬🇧 193.163.125.187

🇺🇸 162.243.138.30

🇹🇭 125.27.11.173

🇩🇪 104.194.157.233

🇮🇩 103.110.34.131

🇸🇬 47.128.54.19

🇸🇬 43.156.239.194

🇺🇸 43.153.77.90

🇩🇴 2803:e50:ff00:20cf:d048:5755:c0e:ef88

🇺🇸 209.92.184.4

🇳🇱 209.85.218.42

🇲🇦 196.206.98.142

🇬🇧 195.140.214.29

🇵🇾 190.128.241.2

🇱🇹 188.69.246.212

🇮🇩 182.253.58.106

🇮🇩 182.6.164.10