This IP address has been reported a total of
33
times from
26 distinct
sources.
34.106.130.194 was first reported on
, and the most recent report was
.
Old Reports:
The most recent abuse report for this IP address is from
. It is possible that this IP is no longer involved in abusive activities.
Bunkerweb ModSecurity alert: Potential Remote Command Execution (RCE) detected. Unix shell code was ...
show moreBunkerweb ModSecurity alert: Potential Remote Command Execution (RCE) detected. Unix shell code was identified within the request arguments, triggering a security rule designed to prevent application attacks.
show less
Multiple (323) times attack on https port 443: searching for Cobalt Strike server beacon (GET /dump) ...
show moreMultiple (323) times attack on https port 443: searching for Cobalt Strike server beacon (GET /dump)
01:31:41 Trying to access Spring Boot Actuator (GET /actuator/trace)
01:31:41 Trying to access Spring Boot Actuator (GET /v1/actuator/heapdump)
01:31:41 Trying to access Spring Boot Actuator (GET /actuator/threaddump)
01:31:41 Trying to access Spring Boot Actuator (GET /app/actuator/logfile)
01:31:41 Trying to access Spring Boot Actuator (GET /actuator/httptrace)
01:31:41 Trying to access Spring Boot Actuator (GET /actuator/auditevents)
01:31:41 Trying to access Spring Boot Actuator (GET /actuator/configprops)
01:31:41 Trying to access Spring Boot Actuator (GET /v1/actuator/configprops)
show less
Auto-ban: 224 malicious requests on 2026-06-09 (e.g., env/backup probes, brute-force, or error burst ...
show moreAuto-ban: 224 malicious requests on 2026-06-09 (e.g., env/backup probes, brute-force, or error bursts).
show less
{"level":"info","ts":1781117394.755142,"logger":"http.log.access.log1","msg":"handled request","requ ...
show more{"level":"info","ts":1781117394.755142,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.106.130.194","remote_port":"57266","client_ip":"34.106.130.194","proto":"HTTP/1.1","method":"GET","host":"whm.dev.www.kghifwww.status.quarks-erp.com","uri":"/api/heapdump","headers":{"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"],"User-Agent":["Mozilla/5.0 (Linux; Android 7.0; SM-J327T1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.99 Mobile Safari/537.36"]}},"bytes_read":0,"user_id":"","duration":0.00006304,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://whm.dev.www.kghifwww.status.quarks-erp.com/api/heapdump"],"Content-Type":[]}}
{"level":"info","ts":1781117394.765057,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.106.130.194","remote_port":"57272","client_ip":"34.106.130.194","proto":"HTTP/1.1","method":"GET","host":"whm.dev.www.kghifw
...
show less
Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 34.106.130.194, Reason ...
show moreCluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 34.106.130.194, Reason:[(mod_security) mod_security (id:210730) triggered by 34.106.130.194 (US/United States/194.130.106.34.bc.googleusercontent.com): 3 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs:
show less