JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.134.107.231

34.134.107.231 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 69%: ?

69%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	231.107.134.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	Council Bluffs, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.134.107.231

Whois 34.134.107.231

IP Abuse Reports for 34.134.107.231:

This IP address has been reported a total of 16 times from 12 distinct sources. 34.134.107.231 was first reported on June 14th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 melroy89	2026-06-15 17:24:08 (2 days ago)	34.134.107.231 - - [15/Jun/2026:19:24:06 +0200] "GET /actuator/env HTTP/1.1" 403 9 "-" "Mozilla/5.0 ... show more 34.134.107.231 - - [15/Jun/2026:19:24:06 +0200] "GET /actuator/env HTTP/1.1" 403 9 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.143 YaBrowser/19.7.2.516 Yowser/2.5 Safari/537.36" "retromessenger.com" 0.000 34.134.107.231 - - [15/Jun/2026:19:24:06 +0200] "GET /backend/actuator/configprops HTTP/1.1" 403 9 "-" "Mozilla/5.0 (Linux; Android 9; LEX829) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/10.1 Chrome/71.0.3578.99 Mobile Safari/537.36" "retromessenger.com" 0.000 34.134.107.231 - - [15/Jun/2026:19:24:06 +0200] "GET /server/actuator/env HTTP/1.1" 403 9 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36" "retromessenger.com" 0.000 34.134.107.231 - - [15/Jun/2026:19:24:06 +0200] "GET /internal/actuator/heapdump HTTP/1.1" 403 9 "-" "Mozilla/5.0 (Linux; Android 6.0.1; ONE E1003) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.136 Mobile Safari/537.36" "retrom ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 17:08:07 (2 days ago)	(mod_security) mod_security (id:210831) triggered by 34.134.107.231 (231.107.134.34.bc.googleusercon ... show more (mod_security) mod_security (id:210831) triggered by 34.134.107.231 (231.107.134.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:08:04.247324 2026] [security2:error] [pid 9295:tid 9295] [client 34.134.107.231:57150] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|jodstar.com\|F\|4"] [data "Web Downloader"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "jodstar.com"] [uri "/sendgrid-backup.zip"] [unique_id "ajAxdA7EYMDUUc-Dv9SqXAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 13:00:31 (2 days ago)	Blocked by ModSec and CSF	Port Scan
🇺🇸 TPI-Abuse	2026-06-15 11:59:49 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 34.134.107.231 (231.107.134.34.bc.googleusercon ... show more (mod_security) mod_security (id:210730) triggered by 34.134.107.231 (231.107.134.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 07:59:41.543513 2026] [security2:error] [pid 3193:tid 3193] [client 34.134.107.231:57036] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|dodgersboosterclub.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dodgersboosterclub.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai_pLa76t4Iu_8VKAMrD8QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 11:09:36 (2 days ago)	Honeypot trap fired (Cloudflare Worker). IP requested non-existent credential/admin/scanner-bait pat ... show more Honeypot trap fired (Cloudflare Worker). IP requested non-existent credential/admin/scanner-bait paths: /.env, /.env.backup, /.env.local, /.env.production. None of these endpoints exist on our service - matched bait pattern. First seen UTC: 2026-06-15 03:05:15. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 08:37:24 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 34.134.107.231 (231.107.134.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.134.107.231 (231.107.134.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 04:37:19.899806 2026] [security2:error] [pid 29359:tid 29359] [client 34.134.107.231:40620] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bennefeld.k0cgy.net"] [uri "/.env.test"] [unique_id "ai-5v4m59daf8GB4FHjyPAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 dcnet	2026-06-15 06:00:18 (2 days ago)	FortiGate detected DOS attack from IPv4 address 34.134.107.231	DDoS Attack
Anonymous	2026-06-15 02:23:03 (2 days ago)	Bot / scanning and/or hacking attempts: GET /.env.demo HTTP/1.1, GET /sendgrid/.env.prod HTTP/1.1, G ... show more Bot / scanning and/or hacking attempts: GET /.env.demo HTTP/1.1, GET /sendgrid/.env.prod HTTP/1.1, GET /.env.testing HTTP/1.1, GET /var/.env HTTP/1.1, GET /portal/.env HTTP/1.1, GET /admin/.env HTTP/1.1, GET /services/api/.env HTTP/1.1, GET /backend/.env.staging HTTP/1.1, GET /services/backend/.env HTTP/1.1, GET /web/.env HTTP/1.1, GET /services/.env.production HTTP/1.1, GET /app/backend/.env HTTP/1.1, GET /app/sendgrid.env HTTP/1.1, GET /laravel/.env HTTP/1.1, GET /sendgrid/.env.production HTTP/1.1, GET /data/.env HTTP/1.1, GET /server/.env.backup HTTP/1.1, GET /release/.env HTTP/1.1, GET /api/.env.bak HTTP/1.1, GET /tmp/.env HTTP/1.1, GET /.env.local HTTP/1.1, GET /packages/api/.env HTTP/1.1, GET /mailer/sendgrid.env HTTP/1.1 show less	Hacking Web App Attack
🇨🇭 Origon	2026-06-15 00:13:16 (2 days ago)	http-sensitive-files - IP: 34.134.107.231 - time="2026-06-15T02:13:15+02:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 34.134.107.231 - time="2026-06-15T02:13:15+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 34.134.107.231 (US/396982) : 4h ban on Ip 34.134.107.231" module=db show less	Web App Attack
🇺🇸 mnsf	2026-06-15 00:09:30 (2 days ago)	Scanning/Probing (19)	Brute-Force Web App Attack
🇬🇧 Aetherweb Ark	2026-06-14 23:11:20 (3 days ago)	(mod_security) mod_security (id:949110) triggered by 34.134.107.231 (US/United States/231.107.134.34 ... show more (mod_security) mod_security (id:949110) triggered by 34.134.107.231 (US/United States/231.107.134.34.bc.googleusercontent.com): N in the last X secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 23:05:51 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.134.107.231 (231.107.134.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.134.107.231 (231.107.134.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 19:05:43.962865 2026] [security2:error] [pid 21226:tid 21226] [client 34.134.107.231:51882] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dvdmasters.com"] [uri "/.env.development"] [unique_id "ai8zxywvX5h53QuwOBOZ9AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 21:23:24 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 34.134.107.231 (231.107.134.34.bc.googleusercon ... show more (mod_security) mod_security (id:210730) triggered by 34.134.107.231 (231.107.134.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 17:23:18.563709 2026] [security2:error] [pid 3137:tid 3137] [client 34.134.107.231:50880] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|swag.rustyog.net\|F\|2"] [data ".env.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "swag.rustyog.net"] [uri "/.env.backup"] [unique_id "ai8bxne8HlbF5rzqK44wgAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 BlueWire Hosting	2026-06-14 07:02:28 (3 days ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇩🇪 grassau.com	2026-06-14 04:58:16 (3 days ago)	Port Scan detected from 34.134.107.231 (US/United States/Iowa/Council Bluffs/231.107.134.34.bc.goo ... show more Port Scan detected from 34.134.107.231 (US/United States/Iowa/Council Bluffs/231.107.134.34.bc.googleusercontent.com). show less	Port Scan

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 154.49.201.86

🇭🇰 150.5.169.138

🇮🇳 103.250.160.76

🇧🇬 5.188.206.30

🇧🇷 205.210.31.244

🇬🇪 195.54.179.244

🇩🇿 154.241.52.230

🇧🇩 103.131.144.53

🇺🇸 74.7.242.31

🇬🇧 35.203.211.94

🇫🇷 35.180.113.60

🇺🇸 5.181.170.144

🇹🇭 171.97.77.12

🇺🇸 162.216.150.86

🇻🇳 152.32.255.94

🇨🇳 116.172.248.48

🇷🇺 95.165.142.8

🇬🇧 87.236.176.6

🇮🇳 65.0.108.101

🇺🇸 35.223.195.52