JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.116.108.249

34.116.108.249 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 50%: ?

50%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	249.108.116.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇦🇺 Australia
City	Sydney, New South Wales

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.116.108.249

Whois 34.116.108.249

IP Abuse Reports for 34.116.108.249:

This IP address has been reported a total of 16 times from 12 distinct sources. 34.116.108.249 was first reported on January 18th 2023, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 01:33:11 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 34.116.108.249 (249.108.116.34.bc.googleusercon ... show more (mod_security) mod_security (id:210730) triggered by 34.116.108.249 (249.108.116.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 21:33:03.420881 2026] [security2:error] [pid 24991:tid 24991] [client 34.116.108.249:40306] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|aprilparks.boaredraven.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "aprilparks.boaredraven.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai9WT6BNLEEhbGNTeUuGowAAAH0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 23:25:43 (1 day ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 23:23:39 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 34.116.108.249 (249.108.116.34.bc.googleusercon ... show more (mod_security) mod_security (id:210730) triggered by 34.116.108.249 (249.108.116.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 19:23:34.434665 2026] [security2:error] [pid 3591:tid 3591] [client 34.116.108.249:55530] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|i-spose.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "i-spose.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai839jrv8ekNHptVro3lbAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 maxxsense	2026-06-14 20:19:36 (1 day ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted] from 34.116.108.249 (AU/Austr ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 34.116.108.249 (AU/Australia/249.108.116.34.bc.googleusercontent.com) show less	Port Scan
🇧🇾 lns.bz	2026-06-14 18:43:02 (1 day ago)	Too many 404 requests [BY]	Web App Attack
🇫🇷 Octopuce	2026-06-14 06:19:19 (1 day ago)	Aggressive web search of vulnerable pages: /secrets/credentials.json /secrets/gcp.json /backend/dock ... show more Aggressive web search of vulnerable pages: /secrets/credentials.json /secrets/gcp.json /backend/docker-compose.yml /deploy/docker-compose.yml / ... show less	Web App Attack
🇩🇪 updown.io	2026-06-14 06:03:31 (1 day ago)	{"level":"info","ts":1781417009.66134,"logger":"http.log.access.log1","msg":"handled request","reque ... show more {"level":"info","ts":1781417009.66134,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.116.108.249","remote_port":"52280","client_ip":"34.116.108.249","proto":"HTTP/1.1","method":"GET","host":"status.meadowoodnapa.com","uri":"/admin/phpinfo.php","headers":{"User-Agent":["Mozilla/5.0 (X11; Ubuntu; Linux; rv:67.0) Gecko/20100101 Firefox/67.0"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"status.meadowoodnapa.com","ech":false}},"bytes_read":0,"user_id":"","duration":0.000511709,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}} {"level":"info","ts":1781417009.6710203,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.116.108.249","remote_port":"52288","client_ip":"34.116.108.249","proto":"HTTP/1.1","method":"GET","host":"status.meadowoodnapa.com ... show less	DDoS Attack Web App Attack
🇮🇹 VHosting	2026-06-14 03:55:04 (2 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇵🇱 lns.bz	2026-06-14 02:22:01 (2 days ago)	Web app attack [PL.Lu]	Exploited Host Web App Attack
🇨🇳 ThreatBook.io	2023-01-19 21:37:39 (3 years ago)	ThreatBook Intelligence: Info more details on http://threatbook.io/ip/34.116.108.249 2023-01-19 00:1 ... show more ThreatBook Intelligence: Info more details on http://threatbook.io/ip/34.116.108.249 2023-01-19 00:17:18 / show less	Web App Attack
🇨🇿 Countryman	2023-01-18 19:00:39 (3 years ago)	repeated unauthorized connection attempts, host sweep, port scan	Port Scan
🇺🇸 MPL	2023-01-18 17:41:35 (3 years ago)	tcp/80 (2 or more attempts)	Port Scan
Anonymous	2023-01-18 17:22:37 (3 years ago)	OPTIONS / No user agent.	Bad Web Bot
🇺🇸 MPL	2023-01-18 16:27:14 (3 years ago)	tcp/443 (2 or more attempts)	Port Scan
🇺🇸 MPL	2023-01-18 15:48:28 (3 years ago)	tcp/443 (2 or more attempts)	Port Scan

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.17.1.172

🇺🇸 173.255.223.49

🇩🇪 172.70.248.41

🇺🇸 69.74.29.21

🇰🇷 39.115.195.164

🇨🇳 218.65.105.118

🇳🇱 195.178.110.30

🇧🇷 191.210.72.37

🇳🇱 176.65.139.43

🇩🇪 167.94.146.42

🇩🇪 165.22.82.165

🇷🇴 141.98.83.240

🇰🇷 133.186.229.52

🇸🇬 118.194.234.8

🇳🇱 103.251.165.133

🇯🇵 92.113.142.203

🇺🇸 74.125.80.148

🇺🇸 2a03:2880:f800:17::

🇬🇧 213.171.208.62

🇧🇪 198.235.24.223