JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.131.53.53

34.131.53.53 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 73%: ?

73%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	53.53.131.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇮🇳 India
City	New Delhi, Delhi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.131.53.53

Whois 34.131.53.53

IP Abuse Reports for 34.131.53.53:

This IP address has been reported a total of 11 times from 11 distinct sources. 34.131.53.53 was first reported on June 13th 2026, and the most recent report was 27 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Octopuce	2026-06-13 12:16:11 (27 minutes ago)	Aggressive web search of vulnerable pages: /www.zip /web.zip /sql/backup.sql /backup/dump.sql /sql/d ... show more Aggressive web search of vulnerable pages: /www.zip /web.zip /sql/backup.sql /backup/dump.sql /sql/dump.sql ... show less	Web App Attack
🇳🇱 Site.eu	2026-06-13 11:55:20 (47 minutes ago)	Excessive multi-domain requests	Brute-Force
🇫🇷 masterguru	2026-06-13 10:59:55 (1 hour ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.131.53.53 (IN/India/53.53.131.34.b ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.131.53.53 (IN/India/53.53.131.34.bc.googleusercontent.com): 1 in the last 3600 secs (0-195) show less	Hacking
Anonymous	2026-06-13 10:29:22 (2 hours ago)	Multiple web server 400 error codes from same source ip	Web App Attack
Anonymous	2026-06-13 10:22:02 (2 hours ago)	Bot / scanning and/or hacking attempts: GET /private/secrets.json HTTP/1.1, GET /api/database.yml HT ... show more Bot / scanning and/or hacking attempts: GET /private/secrets.json HTTP/1.1, GET /api/database.yml HTTP/1.1, GET /config/cache.php HTTP/1.1, GET /settings/production.py HTTP/1.1, GET /.gitconfig HTTP/1.1, GET /devops/docker-compose.yml HTTP/1.1, GET /storage/logs/laravel.log HTTP/1.1, GET /api_keys.json HTTP/1.1, GET /backup.zip HTTP/1.1, GET /wp-config.php~ HTTP/1.1, GET /src/application.yml HTTP/1.1, GET /services/secrets.json HTTP/1.1, GET /.drone.yml HTTP/1.1 show less	Hacking Web App Attack
🇩🇪 Hary74656	2026-06-13 10:12:22 (2 hours ago)	[Sat Jun 13 12:12:00.641496 2026] [security2:error] [pid 87442:tid 87774] [client 34.131.53.53:36942 ... show more [Sat Jun 13 12:12:00.641496 2026] [security2:error] [pid 87442:tid 87774] [client 34.131.53.53:36942] [client 34.131.53.53] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "database.yml" at REQUEST_FILENAME. [file "/usr/share/modsecurity-crs/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: database.yml found within REQUEST_FILENAME: /services/database.yml"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "auge.weavernet.at"] [uri "/services/database.yml"] [unique_id "ai0s8B58ZEvJDwYpQQ9X2gAAAoU"] [Sat Jun 13 12:12:04.495178 2026] [security2:error] [pid 87641:tid 87783] [client 34.131.53.53:34692] [client 34.131.53.53] ModSecurity: Access denied with code 403 (phase 2). String match within ".asa/ ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 06:42:24 (6 hours ago)	(mod_security) mod_security (id:949110) triggered by 34.131.53.53 (53.53.131.34.bc.googleusercontent ... show more (mod_security) mod_security (id:949110) triggered by 34.131.53.53 (53.53.131.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 02:42:16.282463 2026] [security2:error] [pid 15319:tid 15319] [client 34.131.53.53:49766] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "desertviewgroupllc.com"] [uri "/db.sql"] [unique_id "aiz7yEVvAMQ_ubTKsmu3UwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-06-13 05:29:31 (7 hours ago)	Port Scan detected from 34.131.53.53 (IN/India/National Capital Territory of Delhi/New Delhi/53.53 ... show more Port Scan detected from 34.131.53.53 (IN/India/National Capital Territory of Delhi/New Delhi/53.53.131.34.bc.googleusercontent.com). show less	Port Scan
🇩🇪 updown.io	2026-06-13 04:44:44 (7 hours ago)	{"level":"info","ts":1781325882.4429681,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781325882.4429681,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.131.53.53","remote_port":"34884","client_ip":"34.131.53.53","proto":"HTTP/1.1","method":"GET","host":"hupdate.update.yxwvutsvutsnmlbnnkwkyxzxwww8bab2a5f-df77-4330-8c52-284b6b1ab1f1.random.159.89.98.98.nip.io","uri":"/actuator/heapdump","headers":{"Accept-Encoding":["gzip"],"Connection":["close"],"User-Agent":["Mozilla/5.0 (Linux; Android 9; SM-A600G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36"],"Accept-Charset":["utf-8"]}},"bytes_read":0,"user_id":"","duration":0.000086205,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://hupdate.update.yxwvutsvutsnmlbnnkwkyxzxwww8bab2a5f-df77-4330-8c52-284b6b1ab1f1.random.159.89.98.98.nip.io/actuator/heapdump"],"Content-Type":[]}} {"level":"info","ts":1781325882.4738333,"logger":"http.log.access.log1","msg":"handled request","request":{"remote ... show less	DDoS Attack Web App Attack
🇺🇸 mnsf	2026-06-13 04:06:24 (8 hours ago)	Abuse Detected (14)	Brute-Force Web App Attack
🇳🇱 Cloud86 B.V.	2026-06-13 03:13:01 (9 hours ago)	categories: DDoS Attack	DDoS Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 203.2.112.183

🇭🇰 124.156.129.246

🇩🇪 69.5.169.219

🇸🇬 43.160.251.13

🇺🇸 208.84.100.167

🇬🇧 193.163.125.242

🇵🇹 188.83.13.178

🇪🇸 185.139.61.32

🇺🇸 165.154.172.41

🇵🇰 103.137.71.185

🇫🇮 87.120.107.170

🇩🇪 69.5.169.186

🇺🇸 63.135.161.147

🇸🇬 47.128.62.165

🇸🇬 8.219.188.175

🇨🇴 2800:1e0:d40:3:9999::201

🇺🇿 213.230.76.15

🇰🇷 211.105.129.57

🇸🇦 188.54.44.247

🇮🇶 169.224.63.252