JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.125.90.21

34.125.90.21 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 58%: ?

58%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	21.90.125.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	Las Vegas, Nevada

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.125.90.21

Whois 34.125.90.21

IP Abuse Reports for 34.125.90.21:

This IP address has been reported a total of 9 times from 9 distinct sources. 34.125.90.21 was first reported on June 13th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-13 14:54:28 (4 days ago)	Excessive 404/403 errors	Brute-Force
🇬🇧 WebNiraj	2026-06-13 13:16:11 (4 days ago)	(mod_security) mod_security (id:949110) triggered by 34.125.90.21 (US/United States/21.90.125.34.bc. ... show more (mod_security) mod_security (id:949110) triggered by 34.125.90.21 (US/United States/21.90.125.34.bc.googleusercontent.com): 5 in the last 3600 secs [SIGMA] show less	Brute-Force
🇩🇪 updown.io	2026-06-13 12:46:38 (4 days ago)	{"level":"info","ts":1781354797.32038,"logger":"http.log.access.log1","msg":"handled request","reque ... show more {"level":"info","ts":1781354797.32038,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.125.90.21","remote_port":"35438","client_ip":"34.125.90.21","proto":"HTTP/1.1","method":"GET","host":"update.qupdate.ilkjihgfehgc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io","uri":"/.env.backup.txt","headers":{"User-Agent":["Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"]}},"bytes_read":0,"user_id":"","duration":0.000084672,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://update.qupdate.ilkjihgfehgc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io/.env.backup.txt"],"Content-Type":[]}} {"level":"info","ts":1781354797.336661,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.125.90.21","remote_port":"35464","cli ... show less	DDoS Attack Web App Attack
🇨🇭 zynex	2026-06-13 12:20:36 (4 days ago)	URL Probing: /uat/.env	Web App Attack
Anonymous	2026-06-13 08:11:20 (4 days ago)	34.125.90.21 - - [13/Jun/2026:10:11:16 +0200] "GET /.env.production HTTP/1.1" 403 443 "-" "Mozilla/5 ... show more 34.125.90.21 - - [13/Jun/2026:10:11:16 +0200] "GET /.env.production HTTP/1.1" 403 443 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/73.0.3683.86 Chrome/73.0.3683.86 Safari/537.36" 34.125.90.21 - - [13/Jun/2026:10:11:16 +0200] "GET /.env.production HTTP/1.1" 403 248 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/73.0.3683.86 Chrome/73.0.3683.86 Safari/537.36" 34.125.90.21 - - [13/Jun/2026:10:11:16 +0200] "GET /.env.live HTTP/1.1" 403 124 "-" "Wget/1.12 (freebsd8.1)" 34.125.90.21 - - [13/Jun/2026:10:11:16 +0200] "GET /.env.copy HTTP/1.1" 403 443 "-" "Mozilla/5.0 (Linux; Android 8.0.0; SM-A600FN) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" 34.125.90.21 - - [13/Jun/2026:10:11:16 +0200] "GET /.env.copy HTTP/1.1" 403 248 "-" "Mozilla/5.0 (Linux; Android 8.0.0; SM-A600FN) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" 34.125.90.21 ... show less	Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-13 06:00:10 (4 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇫🇷 Octopuce	2026-06-13 05:14:12 (4 days ago)	Aggressive web search of vulnerable pages: /.env.local /.env /api/.env /api/v1/.env /api/v2/.env .. ... show more Aggressive web search of vulnerable pages: /.env.local /.env /api/.env /api/v1/.env /api/v2/.env ... show less	Web App Attack
🇩🇪 4server	2026-06-13 05:05:57 (4 days ago)	[SatJun1307:05:50.9383682026][security2:error][pid617806:tid617899][client34.125.90.21:0]ModSecurity ... show more [SatJun1307:05:50.9383682026][security2:error][pid617806:tid617899][client34.125.90.21:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"www.aesthetia.it.136-243-54-122.cpanel.site\"][uri\"/.env.prod.bak\"][unique_id\"aizlLrOcqtdYqr_XwT8YvgAAAQU\"] show less	Port Scan Brute-Force Web App Attack
🇳🇱 Cloud86 B.V.	2026-06-13 03:52:01 (4 days ago)	categories: DDoS Attack	DDoS Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇷 212.64.216.142

🇧🇷 205.210.31.140

🇩🇪 116.203.132.27

🇺🇸 74.125.72.24

🇮🇩 41.216.178.119

🇨🇦 40.85.241.15

🇮🇳 20.193.153.74

🇳🇱 204.76.203.219

🇩🇪 165.154.138.3

🇿🇲 165.56.14.201

🇨🇳 106.13.69.159

🇷🇴 92.118.39.62

🇺🇸 74.125.183.150

🇺🇸 66.132.172.157

🇳🇿 62.93.164.77

🇩🇪 217.160.42.124

🇧🇷 205.210.31.253

🇲🇾 202.184.145.225

🇮🇩 202.145.0.61

🇳🇱 193.176.31.152