JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.118.242.39

34.118.242.39 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 74%: ?

74%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	39.242.118.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	Las Vegas, Nevada

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.118.242.39

Whois 34.118.242.39

IP Abuse Reports for 34.118.242.39:

This IP address has been reported a total of 19 times from 13 distinct sources. 34.118.242.39 was first reported on May 7th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-16 22:02:52 (4 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-15. show less	Web App Attack SSH Hacking
🇺🇸 mnsf	2026-06-16 00:07:24 (4 days ago)	Scanning/Probing (61)	Brute-Force Web App Attack
🇳🇱 Savvii	2026-06-15 13:25:04 (5 days ago)	20 attempts against mh-misbehave-ban on yuzu	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Savvii	2026-06-15 11:06:09 (5 days ago)	29 attempts against mh-misbehave-ban on taro	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-06-15 09:29:10 (5 days ago)	http-sensitive-files - IP: 34.118.242.39 - time="2026-06-15T11:29:09+02:00" level=info msg="(555f66 ... show more http-sensitive-files - IP: 34.118.242.39 - time="2026-06-15T11:29:09+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 34.118.242.39 (US/396982) : 4h ban on Ip 34.118.242.39" module=db show less	Web App Attack
🇳🇱 Site.eu	2026-06-15 06:11:06 (5 days ago)	Excessive multi-domain requests	Brute-Force
🇩🇪 4server	2026-06-15 06:00:28 (5 days ago)	[MonJun1508:00:22.8979142026][security2:error][pid3788818:tid3788881][client34.118.242.39:0]ModSecur ... show more [MonJun1508:00:22.8979142026][security2:error][pid3788818:tid3788881][client34.118.242.39:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"www.atelier-lara.ch.136-243-54-122.cpanel.site\"][uri\"/.env.bak\"][unique_id\"ai-U9rQIlTpZI9ViNxF1CwAAAEI\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 04:57:51 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 34.118.242.39 (39.242.118.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.118.242.39 (39.242.118.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 00:57:47.453577 2026] [security2:error] [pid 15386:tid 15386] [client 34.118.242.39:51404] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.freeisbns.keyston.net"] [uri "/staging/.env"] [unique_id "ai-GS0wf7Ys2Vi2WGUBTLwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Cloud86 B.V.	2026-06-15 03:00:04 (5 days ago)	categories: DDoS Attack	DDoS Attack
Anonymous	2026-06-15 02:48:05 (5 days ago)	Bot / scanning and/or hacking attempts: GET /apps/backend/.env HTTP/1.1, GET /staging/.env HTTP/1.1, ... show more Bot / scanning and/or hacking attempts: GET /apps/backend/.env HTTP/1.1, GET /staging/.env HTTP/1.1, GET /.env.qa HTTP/1.1, GET /api/.env.old HTTP/1.1, GET /frontend/.env.local HTTP/1.1, GET /html/.env HTTP/1.1, GET /email/sendgrid.env HTTP/1.1, GET /env HTTP/1.1, GET /.env.development.local HTTP/1.1, GET /.env.local.bak HTTP/1.1, GET /service/.env HTTP/1.1, GET /config/.env.local HTTP/1.1, GET /app/.env.old HTTP/1.1, GET /backend/.env.old HTTP/1.1, GET /api/.env.dev HTTP/1.1, GET /app/.env.dev HTTP/1.1, GET /app/.env.bak HTTP/1.1, GET /server/.env.production HTTP/1.1, GET /admin/.env.backup HTTP/1.1, GET /mailer/sendgrid.env HTTP/1.1, GET /portal/.env HTTP/1.1, GET /admin/api/.env HTTP/1.1, GET /backend/.env.bak HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 01:44:33 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 34.118.242.39 (39.242.118.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.118.242.39 (39.242.118.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 21:44:27.458177 2026] [security2:error] [pid 16891:tid 16908] [client 34.118.242.39:44184] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.americanacademyofprojectmanagement.com.aafm.us"] [uri "/admin/.env"] [unique_id "ai9Y-9PE8ZvXTd8Ag1ikEQAAAIw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 13:07:53 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 34.118.242.39 (39.242.118.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.118.242.39 (39.242.118.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 09:07:46.607327 2026] [security2:error] [pid 23668:tid 23668] [client 34.118.242.39:57912] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "catholicshopper.com"] [uri "/.env.production"] [unique_id "ai6noltK6zWbNyYrDbp9rQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 EGP Abuse Dept	2026-06-14 07:06:07 (6 days ago)	Scanning for web/db/file exploits on thedfcd.com	SQL Injection Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-14 03:40:05 (6 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 mnsf	2026-06-14 03:05:26 (6 days ago)	Too many Status 40X (19) Scanning/Probing (19)	Brute-Force Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 84.233.216.142

🇩🇪 207.154.250.9

🇸🇬 194.61.41.77

🇺🇸 162.216.150.150

🇧🇷 129.121.54.208

🇨🇳 111.26.106.115

🇩🇪 5.253.246.137

🇭🇰 152.32.209.166

🇳🇱 45.198.224.136

🇲🇦 197.146.102.35

🇩🇪 136.243.228.179

🇺🇸 63.46.42.51

🇨🇦 165.22.235.3

🇸🇬 152.42.170.216

🇩🇪 139.59.146.150

🇺🇸 130.131.220.95

🇺🇸 66.132.195.20

🇳🇱 34.13.160.28

🇬🇧 193.163.125.77

🇨🇳 124.236.76.72