JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.12.101.116

34.12.101.116 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 51%: ?

51%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	116.101.12.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇳🇱 Netherlands
City	Groningen, Groningen

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.12.101.116

Whois 34.12.101.116

IP Abuse Reports for 34.12.101.116:

This IP address has been reported a total of 10 times from 8 distinct sources. 34.12.101.116 was first reported on June 13th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-14 22:03:40 (4 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-13. show less	Web App Attack SSH Hacking
🇳🇱 wlt-blocker	2026-06-13 15:50:14 (5 days ago)	Unauthorized access to webpage admin	Web App Attack
Anonymous	2026-06-13 14:49:47 (5 days ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 14:26:44 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 34.12.101.116 (116.101.12.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.12.101.116 (116.101.12.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 10:26:36.225987 2026] [security2:error] [pid 6933:tid 6933] [client 34.12.101.116:39420] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.celtickyss.com"] [uri "/.env.qa"] [unique_id "ai1onOD4mW4LM4sLHoojbAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Octopuce	2026-06-13 09:49:22 (6 days ago)	Aggressive web search of vulnerable pages: /.env.local /.env /api/v1/.env /api/v3/.env /api/.env.loc ... show more Aggressive web search of vulnerable pages: /.env.local /.env /api/v1/.env /api/v3/.env /api/.env.local ... show less	Web App Attack
🇺🇸 mnsf	2026-06-13 08:08:49 (6 days ago)	Scanning/Probing (37)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 05:07:50 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 34.12.101.116 (116.101.12.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.12.101.116 (116.101.12.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 01:07:42.368345 2026] [security2:error] [pid 25211:tid 25211] [client 34.12.101.116:46748] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aiamur.photo"] [uri "/.env.backup"] [unique_id "aizlngA_IEbEz5ASnzeofwAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-13 04:15:03 (6 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 03:34:33 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 34.12.101.116 (116.101.12.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.12.101.116 (116.101.12.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 23:34:26.999941 2026] [security2:error] [pid 16494:tid 16494] [client 34.12.101.116:45220] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "apothecarydc.swampoodlegrounds.com"] [uri "/.env.pre-production"] [unique_id "aizPwmold7ErsXBOslCTEwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-13 03:09:30 (6 days ago)	URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .b ... show more URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .backup/ .bak/ .bck/ .bk/ .bkp/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .cnf/ .com/ .compositefont/ .config/ .conf/ .copy/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jks/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .sav/ .save/ .scr/ .sct/ .sh/ .shs/ .sql/ .sqlite/ .sqlite3/ .swap/ .swo/ .swp/ .sys/ .temp/ .tfstate/ .tlb/ .tmp/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-193) show less	Hacking

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 198.176.52.221

🇺🇸 192.241.141.178

🇺🇸 158.173.25.183

🇫🇷 91.231.89.79

🇺🇸 66.132.172.156

🇧🇪 34.77.28.178

🇩🇪 2a00:116a:108:4ed0::

🇰🇷 222.112.12.140

🇨🇳 182.243.196.56

🇮🇳 182.95.119.30

🇨🇳 117.177.102.79

🇨🇳 117.50.130.208

🇳🇱 91.92.40.8

🇫🇷 85.217.140.5

🇺🇸 70.23.94.40

🇭🇰 45.116.78.92

🇦🇷 170.239.50.63

🇧🇷 138.185.145.78

🇭🇰 103.231.254.205

🇺🇸 92.119.19.51