JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.12.225.53

34.12.225.53 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	53.225.12.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇳🇱 Netherlands
City	Groningen, Groningen

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.12.225.53

Whois 34.12.225.53

IP Abuse Reports for 34.12.225.53:

This IP address has been reported a total of 49 times from 44 distinct sources. 34.12.225.53 was first reported on May 27th 2026, and the most recent report was 26 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 Burayot	2026-06-03 21:24:42 (26 minutes ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 34.12.225.53 (53.225.12.34.bc.google ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 34.12.225.53 (53.225.12.34.bc.googleusercontent.com): 2 in the last 3600 secs show less	Web App Attack
Anonymous	2026-06-03 13:56:34 (7 hours ago)	[Wed Jun 03 15:56:33.451968 2026] [authz_core:error] [pid 28136] [client 34.12.225.53:57354] AH01630 ... show more [Wed Jun 03 15:56:33.451968 2026] [authz_core:error] [pid 28136] [client 34.12.225.53:57354] AH01630: client denied by server configuration: /etc/httpd/htdocs [Wed Jun 03 15:56:33.458828 2026] [authz_core:error] [pid 28146] [client 34.12.225.53:57368] AH01630: client denied by server configuration: /etc/httpd/htdocs [Wed Jun 03 15:56:33.469157 2026] [authz_core:error] [pid 28150] [client 34.12.225.53:57380] AH01630: client denied by server configuration: /etc/httpd/htdocs ... show less	Web App Attack
🇺🇸 cwytech	2026-06-03 13:55:38 (7 hours ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/tpot-web-high.	Bad Web Bot Web App Attack
🇺🇸 conrad10781	2026-06-03 13:51:40 (7 hours ago)	nginx-direct-ip	Port Scan
Anonymous	2026-06-03 05:22:52 (16 hours ago)	PAD: ModSec_Scanner! detected	Bad Web Bot
🇸🇬 Starburst SysOp Team	2026-06-02 23:03:06 (22 hours ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-sin2-2)	Hacking Bad Web Bot
🇺🇸 itsnixk	2026-06-02 14:28:25 (1 day ago)	(mod_security) mod_security (id:920350) triggered by 34.12.225.53 (NL/The Netherlands/53.225.12.34.b ... show more (mod_security) mod_security (id:920350) triggered by 34.12.225.53 (NL/The Netherlands/53.225.12.34.bc.googleusercontent.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 02 10:28:23.033072 2026] [security2:error] [pid 1251806:tid 1252220] [client 34.12.225.53:44706] ModSecurity: Access denied with code 406 (phase 1). Pattern match "(?:^([\\\\d.]+\|\\\\[[\\\\da-f:]+\\\\]\|[\\\\da-f:]+)(:[\\\\d]+)?$)" at REQUEST_HEADERS:Host. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "774"] [id "920350"] [msg "Host header is a numeric IP address"] [redacted] [severity "WARNING"] [ver "OWASP_CRS/4.25.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/wp-json/gravitysmtp/v1/tests/mock-data"] [unique_id "ah7oh3JI1CxA6YDnS3ZDogAAARM"] show less	Port Scan
🇨🇭 GAS	2026-06-02 12:56:40 (1 day ago)	Direct IP access. 34.12.225.53 - - [02/Jun/2026:14:56:40 +0200] "\x16\x03\x01" 400 392 "-" "-" "-" " ... show more Direct IP access. 34.12.225.53 - - [02/Jun/2026:14:56:40 +0200] "\x16\x03\x01" 400 392 "-" "-" "-" "-" 34.12.225.53 - - [02/Jun/2026:14:56:40 +0200] "\x16\x03\x01" 400 392 "-" "-" "-" "-" ... show less	Port Scan Web App Attack
Anonymous	2026-06-02 03:57:46 (1 day ago)		Web App Attack
🇩🇪 firestorm	2026-06-02 01:46:35 (1 day ago)	34.12.225.53 - - [02/Jun/2026:03:46:34 +0200] "\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03`q\xF6\x1 ... show more 34.12.225.53 - - [02/Jun/2026:03:46:34 +0200] "\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03`q\xF6\x16\xA3\x8B+y\xDD\xCE\xFF\xEAf%\x17\xE2@\xD1\x1E\xAE\xD6=\xA6\xABog\xC5\xE7\x0F\xD5D\xC1 \xAC\xDB\xB5R\x95\xF4V\xC7[H\x19\xE7\x8F\x0C(\xBB\xDDQ]\xB8r\xD0\x1B`\x16\xDA\x84\x98\x8A\xBB\xC9a\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0" 400 150 "-" "-" 34.12.225.53 - - [02/Jun/2026:03:46:34 +0200] "\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03\xC8z\|\x9F\xEB\xF0\xF9\xEF\xB0\x97\x07\xBD\xBB+\x98\x0C>\x8F\xAC0S\x82\xB2\x0EF^\xC2\x8B\xFA\xCD\xC69 \xE3\xC56\x8A\xAD\x14\xC5@\xE8\xD3<\xF5\x9C\xFB\x98d\xCCp{RN\xBDq(\xC3\xE2Q+^I\xA6" 400 150 "-" "-" 34.12.225.53 - - [02/Jun/2026:03:46:34 +0200] "\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03\x85\xAE\x95\xA8\xC5\xFA\x09\xA4\xE3\xC4\x8E\|\xD8\xF7$7YL\x81\xDC\xEA\x10\xCC\xC4\xBAl Z\xFA\xE1\x96j \xB4\xF4\xD0%c \xCB`\x1C\xF1\xB8\x05\xB6D\x90,\xF8\x04\xBE\x84F\xF6\x00 ng\x8B\x8C\xB3\xD4\xC8L\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x ... show less	Brute-Force Web App Attack
🇻🇪 LUISE	2026-06-02 00:25:18 (1 day ago)	Vulnerability scanning for Web/phpMyAdmin files on ULA server 72-23.	Hacking Bad Web Bot
🇹🇼 kk_it_man	2026-06-02 00:23:02 (1 day ago)	ET WEB_SPECIFIC_APPS WordPress Plugin Gravity SMTP Unauthenticated REST API (CVE-2026-4020)	Port Scan
🇺🇸 LSPCCU	2026-06-01 23:01:27 (1 day ago)	TSEC Honeypot Network report. Threat score: 93/100. Categories: Port Scan, Hacking, Brute-Force, Web ... show more TSEC Honeypot Network report. Threat score: 93/100. Categories: Port Scan, Hacking, Brute-Force, Web App Attack, SSH. Honeypot: cowrie, ssh-telnet. Context: IP observed in Suricata network metadata. show less	Port Scan Hacking Brute-Force Web App Attack SSH
🇺🇸 Mantene	2026-06-01 17:51:42 (2 days ago)	34.12.225.53 - - [01/Jun/2026:13:51:41 -0400] "GET /wp-json/gravitysmtp/v1/tests/mock-data?page=grav ... show more 34.12.225.53 - - [01/Jun/2026:13:51:41 -0400] "GET /wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-settings HTTP/1.1" 404 177 "-" "Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420 (KHTML, like Gecko) Version/3.0 Mobile/1A543a Safari/419.3" 34.12.225.53 - - [01/Jun/2026:13:51:41 -0400] "GET /wp-json/gravitysmtp/v1/settings HTTP/1.1" 404 170 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.4 (KHTML like Gecko) Chrome/22.0.1229.79 Safari/537.4" ... show less	Brute-Force SSH
🇧🇷 SOC Blue Team	2026-06-01 15:25:52 (2 days ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇮 186.77.207.215

🇧🇴 181.188.176.242

🇸🇬 165.22.52.238

🇳🇱 160.119.76.108

🇸🇬 157.245.50.190

🇨🇳 150.255.52.131

🇫🇮 65.109.36.162

🇨🇳 59.52.101.117

🇸🇪 13.60.172.24

🇨🇳 220.197.195.66

🇺🇸 216.25.89.86

🇧🇷 205.210.31.241

🇧🇪 198.235.24.198

🇬🇹 181.209.144.131

🇮🇩 114.10.44.176

🇺🇸 72.90.241.209

🇳🇱 45.142.193.169

🇸🇬 3.0.92.16

🇺🇸 2607:f8b0:4001:c56::123

🇨🇳 220.181.172.244