JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.116.205.52

34.116.205.52 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 47%: ?

47%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	52.205.116.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.116.205.52

Whois 34.116.205.52

IP Abuse Reports for 34.116.205.52:

This IP address has been reported a total of 31 times from 23 distinct sources. 34.116.205.52 was first reported on May 10th 2026, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-05-19 22:45:00 (4 weeks ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇩🇪 iNetWorker	2026-05-19 00:12:07 (4 weeks ago)	trying to access non-authorized port	Port Scan
🇳🇱 e.fierstra	2026-05-15 08:45:27 (1 month ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-05-15 04:07:16 (1 month ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-195)	Hacking Web App Attack
🇦🇺 2000cn.com.au	2026-05-15 01:07:25 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
Anonymous	2026-05-15 00:52:03 (1 month ago)	(PERMBLOCK) 34.116.205.52 (PL/Poland/52.205.116.34.bc.googleusercontent.com) has had more than 4 tem ... show more (PERMBLOCK) 34.116.205.52 (PL/Poland/52.205.116.34.bc.googleusercontent.com) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs: show less	Port Scan
🇺🇸 gglobatech	2026-05-15 00:51:54 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇫🇷 masterguru	2026-05-15 00:41:23 (1 month ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇩🇪 Philister11	2026-05-15 00:35:57 (1 month ago)	CrowdSec: crowdsecurity/http-sensitive-files (PL/AS396982)	Web App Attack Hacking
🇫🇮 6kilowatti	2026-05-15 00:09:33 (1 month ago)	34.116.205.52 - - [15/May/2026:03:09:32 +0300] "GET /api/.env HTTP/1.1" 404 60 "-" "Mozilla/5.0 (Win ... show more 34.116.205.52 - - [15/May/2026:03:09:32 +0300] "GET /api/.env HTTP/1.1" 404 60 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.79 Safari/537.36 Maxthon/5.2.7.5000" ... show less	Web App Attack
Anonymous	2026-05-14 23:59:21 (1 month ago)	(caddyscan) Scanner path probe from 34.116.205.52 (PL/Poland/52.205.116.34.bc.googleusercontent.com) ... show more (caddyscan) Scanner path probe from 34.116.205.52 (PL/Poland/52.205.116.34.bc.googleusercontent.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 34.116.205.52 - - [14/May/2026:23:59:19 +0000] "GET /admin/.env HTTP/1.1" [REDACTED] 200 2627 34.116.205.52 - - [14/May/2026:23:59:19 +0000] "GET /.env.local HTTP/1.1" [REDACTED] 200 2627 34.116.205.52 - - [14/May/2026:23:59:19 +0000] "GET /api/.env HTTP/1.1" [REDACTED] 200 2627 34.116.205.52 - - [14/May/2026:23:59:19 +0000] "GET /.env.dev.local HTTP/1.1" [REDACTED] 200 2627 34.116.205.52 - - [14/May/2026:23:59:19 +0000] "GET /.env HTTP/1.1" show less	Port Scan
🇺🇸 TPI-Abuse	2026-05-12 01:51:25 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 34.116.205.52 (52.205.116.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.116.205.52 (52.205.116.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 11 21:51:21.545508 2026] [security2:error] [pid 27364:tid 27364] [client 34.116.205.52:41706] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tecnologiadelagua.com"] [uri "/.env.development.local"] [unique_id "agKHmWXIARswDyyiSfwqVAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-05-12 01:19:17 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇦🇺 FireGuard Server	2026-05-12 00:15:06 (1 month ago)	Blocked by OPNsense firewall; 140 hits, proto=tcp, ports=443	Port Scan Hacking
🇺🇸 mnsf	2026-05-11 22:05:30 (1 month ago)	Scanning/Probing (20)	Brute-Force Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇹 2001:690:200c:3:9999::228

🇮🇹 94.177.162.41

🇸🇬 82.38.180.36

🇺🇸 50.116.23.178

🇱🇹 45.227.254.170

🇳🇱 45.148.10.157

🇨🇳 39.96.197.8

🇰🇷 222.110.147.58

🇳🇱 195.178.110.30

🇩🇪 185.252.166.161

🇮🇹 185.100.34.104

🇮🇩 182.13.96.107

🇭🇰 103.229.126.95

🇩🇪 79.220.120.149

🇻🇳 222.253.152.149

🇦🇱 188.93.112.20

🇨🇴 186.96.97.181

🇸🇬 174.138.17.143

🇨🇳 118.145.238.60

🇸🇬 118.26.111.107