JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.128.109.215

34.128.109.215 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 65%: ?

65%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	215.109.128.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.128.109.215

Whois 34.128.109.215

IP Abuse Reports for 34.128.109.215:

This IP address has been reported a total of 13 times from 11 distinct sources. 34.128.109.215 was first reported on June 14th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-15 22:03:40 (3 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-14. show less	Web App Attack SSH Hacking
🇺🇸 mnsf	2026-06-15 04:06:45 (4 days ago)	Scanning/Probing (79) Request Overload (241)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 03:48:27 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 34.128.109.215 (215.109.128.34.bc.googleusercon ... show more (mod_security) mod_security (id:210730) triggered by 34.128.109.215 (215.109.128.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 23:48:22.299713 2026] [security2:error] [pid 28564:tid 28564] [client 34.128.109.215:39098] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|modeltdr.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "modeltdr.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai92Bmoikt6F5uzA6MvJdAAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-06-15 03:31:41 (4 days ago)	34.128.109.215 - - [15/Jun/2026:06:31:35 +0300] "GET /secrets.env HTTP/1.1" 404 3283 "-" "Mozilla/5. ... show more 34.128.109.215 - - [15/Jun/2026:06:31:35 +0300] "GET /secrets.env HTTP/1.1" 404 3283 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/534.15 (KHTML, like Gecko) Ubuntu/10.10 Chromium/10.0.613.0 Chrome/10.0.613.0 Safari/534.15" 34.128.109.215 - - [15/Jun/2026:06:31:34 +0300] "GET /config.env HTTP/1.1" 404 3284 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.9.0.11) Gecko/2009060215 Firefox/3.0.11 (.NET CLR 3.5.30729)" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 03:08:04 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 34.128.109.215 (215.109.128.34.bc.googleusercon ... show more (mod_security) mod_security (id:210730) triggered by 34.128.109.215 (215.109.128.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 23:07:59.620842 2026] [security2:error] [pid 343:tid 904] [client 34.128.109.215:44972] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|inongap.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "inongap.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai9sj5hQMM5lFjJQrg4GiAAAAUo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-15 03:03:48 (4 days ago)	Multiple WAF Violations	Web App Attack
🇩🇪 updown.io	2026-06-15 00:39:32 (4 days ago)	{"level":"info","ts":1781483971.04929,"logger":"http.log.access.log1","msg":"handled request","reque ... show more {"level":"info","ts":1781483971.04929,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.128.109.215","remote_port":"42834","client_ip":"34.128.109.215","proto":"HTTP/1.1","method":"GET","host":"status.box0.he2.eric.si","uri":"/api/configprops","headers":{"Connection":["close"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 YaBrowser/19.6.0.1583 Yowser/2.5 Safari/537.36"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"status.box0.he2.eric.si","ech":false}},"bytes_read":0,"user_id":"","duration":0.00081173,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}} {"level":"info","ts":1781483971.0500534,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.128.109.215","remote_port":"42804","client_ip":"34 ... show less	DDoS Attack Web App Attack
🇨🇭 4server	2026-06-14 23:49:50 (4 days ago)	[MonJun1501:49:45.7430242026][security2:error][pid340583:tid340677][client34.128.109.215:0]ModSecuri ... show more [MonJun1501:49:45.7430242026][security2:error][pid340583:tid340677][client34.128.109.215:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"hostingsvizzera.ch.inserzioniticino.ch\"][uri\"/actuator/dump\"][unique_id\"ai8-GdluBn_WGksv19bfVQAAAAA\"] show less	Hacking Web App Attack
🇺🇸 WellSpring	2026-06-14 21:30:13 (4 days ago)	generic probe on freebaked.org/backend/config.php — WellSpr.ing/NetSentinel civic-AI security layer	Bad Web Bot
🇨🇭 ca	2026-06-14 15:05:51 (4 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇳🇱 Savvii	2026-06-14 11:37:12 (4 days ago)	20 attempts against mh_ha-misbehave-ban on kiwi	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 03:55:31 (5 days ago)	(mod_security) mod_security (id:210730) triggered by 34.128.109.215 (215.109.128.34.bc.googleusercon ... show more (mod_security) mod_security (id:210730) triggered by 34.128.109.215 (215.109.128.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 23:55:24.018555 2026] [security2:error] [pid 20353:tid 20359] [client 34.128.109.215:56264] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|globalpartssolution.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "globalpartssolution.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai4mLBQ1Ej2msXPzGXLIvwAAAcQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-14 02:25:04 (5 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 189.23.205.242

🇫🇷 178.171.90.85

🇫🇷 143.244.57.84

🇧🇷 129.121.50.245

🇬🇭 102.176.95.97

🇱🇹 46.29.234.126

🇺🇸 45.33.84.28

🇺🇸 18.216.43.39

🇬🇧 193.163.125.240

🇳🇱 176.65.139.43

🇫🇷 158.220.111.161

🇩🇪 156.236.31.85

🇺🇸 65.49.1.162

🇬🇧 35.203.211.96

🇺🇸 18.212.113.193

🇧🇷 179.111.150.107

🇰🇷 121.183.240.55

🇺🇸 91.230.168.135

🇺🇸 67.207.93.64

🇪🇬 41.40.255.44