JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.131.121.3

34.131.121.3 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	3.121.131.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇮🇳 India
City	New Delhi, Delhi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.131.121.3

Whois 34.131.121.3

IP Abuse Reports for 34.131.121.3:

This IP address has been reported a total of 36 times from 21 distinct sources. 34.131.121.3 was first reported on June 13th 2026, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 10:10:22 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 34.131.121.3 (3.121.131.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.131.121.3 (3.121.131.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 06:10:15.408017 2026] [security2:error] [pid 11431:tid 11431] [client 34.131.121.3:39170] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brianaugervideo.com"] [uri "/v1/.git/config"] [unique_id "ai_Ph9yWXx6kw2qs-40cUQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 pscriptos	2026-06-15 10:00:07 (9 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇳🇿 Antinson	2026-06-15 09:55:25 (9 hours ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-15 09:52:13 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 34.131.121.3 (3.121.131.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.131.121.3 (3.121.131.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 05:52:09.566466 2026] [security2:error] [pid 18433:tid 18433] [client 34.131.121.3:54478] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title27.com"] [uri "/v2/.git/config"] [unique_id "ai_LSUvExIMecan6rJzz5QAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-15 09:23:17 (9 hours ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇳🇱 wlt-blocker	2026-06-15 08:46:37 (10 hours ago)	Unauthorized access to webpage admin	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 07:48:41 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 34.131.121.3 (3.121.131.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.131.121.3 (3.121.131.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:48:34.443098 2026] [security2:error] [pid 11699:tid 11699] [client 34.131.121.3:34788] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "polymermembranes.com"] [uri "/backend/.git/config"] [unique_id "ai-uUsTOq__D5LkiPayRagAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-15 07:08:26 (12 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 masterguru	2026-06-15 07:06:22 (12 hours ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-196)	Hacking Web App Attack
🇩🇪 spirttm	2026-06-15 04:10:40 (15 hours ago)	34.131.121.3 - - [15/Jun/2026:04:10:39 +0000] "GET /www/.git/config HTTP/1.1" 403 186 "-" "Mozilla/5 ... show more 34.131.121.3 - - [15/Jun/2026:04:10:39 +0000] "GET /www/.git/config HTTP/1.1" 403 186 "-" "Mozilla/5.0 (Linux; Android 8.1.0; MI 5X Build/OPM1.171019.019) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Mobile Safari/537.36" 34.131.121.3 - - [15/Jun/2026:04:10:39 +0000] "GET /dashboard/.git/config HTTP/1.1" 403 186 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36" 34.131.121.3 - - [15/Jun/2026:04:10:39 +0000] "GET /wordpress/.git/config HTTP/1.1" 403 186 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.87 Safari/537.36" 34.131.121.3 - - [15/Jun/2026:04:10:40 +0000] "GET /portal/.git/config HTTP/1.1" 403 125 "-" "Mozilla/5.0 (SymbianOS/9.2; U; Series60/3.1 NokiaN95/10.0.018; Profile/MIDP-2.0 Configuration/CLDC-1.1) AppleWebKit/413 (KHTML, like Gecko) Safari/413 UP.Link/6.3.0.0.0" 34.131.121.3 - - [15/Jun/2026:04:10:40 +0000] "GET /code/.git/config ... show less	Port Scan Web App Attack
🇫🇷 masterguru	2026-06-15 02:33:59 (16 hours ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇬🇷 setupgr	2026-06-15 01:02:25 (18 hours ago)	(mod_security) mod_security (id:11000011) triggered by 34.131.121.3: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:11000011) triggered by 34.131.121.3: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Mon Jun 15 04:02:22.294638 2026] [security2:error] [pid 921871:tid 922013] [client 34.131.121.3:47956] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "googleusercontent.com" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "128"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: 3.121.131.34.bc.googleusercontent.com"] [hostname "mail.ftiaxtomonosou.gr"] [uri "/public/.git/config"] [unique_id "ai9PHu2clReoPvlJKlh_EgAAAMY"] show less	Port Scan
🇨🇭 Origon	2026-06-15 00:58:09 (18 hours ago)	http-sensitive-files - IP: 34.131.121.3 - time="2026-06-15T02:58:08+02:00" level=info msg="(555f66b ... show more http-sensitive-files - IP: 34.131.121.3 - time="2026-06-15T02:58:08+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 34.131.121.3 (IN/396982) : 4h ban on Ip 34.131.121.3" module=db show less	Web App Attack
🇺🇸 mnsf	2026-06-15 00:20:33 (19 hours ago)	Too many Status 40X (15) Scanning/Probing (15)	Brute-Force Web App Attack
Anonymous	2026-06-15 00:20:08 (19 hours ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 187.62.87.27

🇹🇼 101.13.5.26

🇮🇩 34.101.238.245

🇻🇳 14.225.7.70

🇺🇸 2604:a880:400:d1:0:4:9626:3001

🇧🇪 198.235.24.212

🇨🇳 183.131.109.40

🇧🇷 177.155.133.175

🇸🇬 152.42.227.173

🇺🇸 136.49.53.226

🇨🇳 47.115.229.129

🇸🇬 47.84.102.157

🇳🇱 45.148.10.152

🇪🇬 41.196.0.221

🇬🇧 35.203.211.24

🇺🇸 34.136.193.178

🇮🇳 2a09:bac1:36a0:ba8::176:7d

🇨🇳 150.138.115.76

🇧🇷 129.121.32.44

🇨🇳 120.55.4.115