JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.12.194.214

34.12.194.214 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 40%: ?

40%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	214.194.12.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇳🇱 Netherlands
City	Groningen, Groningen

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.12.194.214

Whois 34.12.194.214

IP Abuse Reports for 34.12.194.214:

This IP address has been reported a total of 7 times from 6 distinct sources. 34.12.194.214 was first reported on June 13th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-14 22:04:19 (5 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-13. show less	Web App Attack SSH Hacking
🇩🇪 4server	2026-06-13 16:27:38 (6 days ago)	[SatJun1318:27:32.6211562026][security2:error][pid1365348:tid1365432][client34.12.194.214:0]ModSecur ... show more [SatJun1318:27:32.6211562026][security2:error][pid1365348:tid1365432][client34.12.194.214:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"mgpublishing.ch.136-243-54-122.cpanel.site\"][uri\"/.env.prod.bak\"][unique_id\"ai2E9M44HZ2Sdic5kVpEqwAAAJQ\"] show less	Port Scan Brute-Force Web App Attack
Anonymous	2026-06-13 13:32:36 (6 days ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇨🇭 4server	2026-06-13 08:45:33 (6 days ago)	[SatJun1310:45:28.6822752026][security2:error][pid374482:tid374765][client34.12.194.214:0]ModSecurit ... show more [SatJun1310:45:28.6822752026][security2:error][pid374482:tid374765][client34.12.194.214:0]ModSecurity:Accessdeniedwithcode403$phase1$.Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"gipfelbild.com\"][uri\"/.env.backup\"][unique_id\"ai0YqBbwKrPpMgMeSAuMawAAARU\"] show less	Hacking Web App Attack
🇩🇪 updown.io	2026-06-13 07:57:24 (6 days ago)	{"level":"info","ts":1781337442.64844,"logger":"http.log.access.log1","msg":"handled request","reque ... show more {"level":"info","ts":1781337442.64844,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.12.194.214","remote_port":"43516","client_ip":"34.12.194.214","proto":"HTTP/1.1","method":"GET","host":"utsupdate.kjihgfedcfahgc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io","uri":"/.env.template","headers":{"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"]}},"bytes_read":0,"user_id":"","duration":0.00005802,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://utsupdate.kjihgfedcfahgc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io/.env.template"],"Content-Type":[]}} {"level":"info","ts":1781337442.6500082,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.12.194.214","remote_port":"43512","client_ip ... show less	DDoS Attack Web App Attack
🇫🇷 Octopuce	2026-06-13 04:57:27 (6 days ago)	Aggressive web search of vulnerable pages: /.env /.env.local /api/.env /api/.env.local /api/v2/.env ... show more Aggressive web search of vulnerable pages: /.env /.env.local /api/.env /api/.env.local /api/v2/.env ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 03:55:37 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 34.12.194.214 (214.194.12.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.12.194.214 (214.194.12.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 23:55:29.823170 2026] [security2:error] [pid 14531:tid 14531] [client 34.12.194.214:36518] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cindybearce.maffiniandbearce.com"] [uri "/src/.env.production"] [unique_id "aizUsfGbXjo_zUNPsAjp4QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 223.123.125.178

🇩🇪 213.209.159.235

🇩🇪 148.251.46.181

🇺🇸 142.111.152.53

🇰🇷 124.195.255.12

🇷🇴 92.118.39.214

🇳🇱 91.92.40.5

🇬🇧 86.139.140.36

🇨🇦 85.217.149.28

🇳🇱 213.124.221.2

🇹🇼 211.75.210.109

🇺🇸 204.111.125.23

🇨🇦 174.115.86.250

🇩🇪 141.11.107.166

🇮🇳 45.195.83.7

🇩🇪 45.117.55.178

🇭🇰 20.255.61.0

🇹🇷 2a00:1d36:adae:de00:bcb0:a9ff:38d9:12cb

🇫🇷 194.163.135.93

🇫🇮 178.20.210.151