JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.107.81.21

34.107.81.21 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 48%: ?

48%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	21.81.107.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.107.81.21

Whois 34.107.81.21

IP Abuse Reports for 34.107.81.21:

This IP address has been reported a total of 15 times from 12 distinct sources. 34.107.81.21 was first reported on June 8th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-10 22:04:02 (2 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-09. show less	Web App Attack SSH Hacking
🇳🇱 Site.eu	2026-06-09 10:56:37 (2 weeks ago)	Excessive multi-domain requests	Brute-Force
🇳🇱 wlt-blocker	2026-06-09 08:03:05 (2 weeks ago)	Unauthorized access to webpage admin	Web App Attack
🇩🇪 pscriptos	2026-06-09 01:54:08 (2 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇳🇱 Cloud86 B.V.	2026-06-09 01:26:03 (2 weeks ago)	categories: DDoS Attack	DDoS Attack
🇺🇸 TPI-Abuse	2026-06-08 20:50:05 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.107.81.21 (21.81.107.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.107.81.21 (21.81.107.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 16:49:59.395228 2026] [security2:error] [pid 622:tid 622] [client 34.107.81.21:60690] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.robtown.com"] [uri "/.env.stage"] [unique_id "aicq9w5_vFG3wnYGl_wtgAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 updown.io	2026-06-08 19:18:38 (3 weeks ago)	{"level":"info","ts":1780946316.0774405,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1780946316.0774405,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.107.81.21","remote_port":"54148","client_ip":"34.107.81.21","proto":"HTTP/1.1","method":"GET","host":"wwwwwwwwwwww.www.159.89.98.98.nip.io","uri":"/.env.testing","headers":{"Connection":["close"],"User-Agent":["Opera/7.51 (Windows NT 5.1; U) [en]"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"]}},"bytes_read":0,"user_id":"","duration":0.000054013,"size":0,"status":308,"resp_headers":{"Content-Type":[],"Server":["Caddy"],"Connection":["close"],"Location":["https://wwwwwwwwwwww.www.159.89.98.98.nip.io/.env.testing"]}} {"level":"info","ts":1780946316.0785666,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.107.81.21","remote_port":"54162","client_ip":"34.107.81.21","proto":"HTTP/1.1","method":"GET","host":"wwwwwwwwwwww.www.159.89.98.98.nip.io","uri":"/.env.uat","headers":{"Accept-Encoding":["gzip"],"Connection":["close"],"User- ... show less	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 17:03:06 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.107.81.21 (21.81.107.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.107.81.21 (21.81.107.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 13:03:01.160823 2026] [security2:error] [pid 28900:tid 28900] [client 34.107.81.21:34988] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.click.startordoro.com"] [uri "/.env.save"] [unique_id "aib1xbEboLoAAsppbKMF2QAAAGQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-08 10:05:54 (3 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇧🇷 P1n4	2026-06-08 07:17:55 (3 weeks ago)	Heimdal IDS auto-block: sensitive_file (score=1.00)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 05:32:29 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.107.81.21 (21.81.107.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.107.81.21 (21.81.107.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 01:32:24.367674 2026] [security2:error] [pid 16443:tid 16443] [client 34.107.81.21:38464] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "terrysavastano.com"] [uri "/api/v3/.env"] [unique_id "aiZT6D2Nok_nkby3WKAjyAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-08 02:15:04 (3 weeks ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 mnsf	2026-06-08 02:08:14 (3 weeks ago)	Abuse Detected (96)	Brute-Force Web App Attack
Anonymous	2026-06-08 01:52:43 (3 weeks ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 00:41:09 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.107.81.21 (21.81.107.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.107.81.21 (21.81.107.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 20:41:03.055067 2026] [security2:error] [pid 2838:tid 2838] [client 34.107.81.21:42250] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nutshell.tag-scaffolding.com"] [uri "/.env.prod"] [unique_id "aiYPnzzELC8dlkgd02HkWAAAAHc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 172.253.211.20

🇬🇧 35.203.211.60

🇦🇱 185.89.157.207

🇺🇸 173.249.147.131

🇹🇭 159.192.237.234

🇳🇱 45.148.10.121

🇺🇸 205.210.31.96

🇳🇿 203.211.79.7

🇧🇪 198.235.24.239

🇧🇪 198.235.24.192

🇬🇧 193.163.125.92

🇦🇷 181.230.58.205

🇨🇭 179.43.186.231

🇻🇳 171.243.150.146

🇩🇪 167.94.145.17

🇨🇴 148.222.199.133

🇺🇸 97.179.227.142

🇨🇦 85.217.149.49

🇸🇬 43.134.167.218

🇺🇸 34.127.111.51