JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.139.168.111

34.139.168.111 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 58%: ?

58%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	111.168.139.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	North Charleston, South Carolina

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.139.168.111

Whois 34.139.168.111

IP Abuse Reports for 34.139.168.111:

This IP address has been reported a total of 31 times from 13 distinct sources. 34.139.168.111 was first reported on June 8th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-09 22:03:08 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08. show less	Web App Attack SSH Hacking
🇩🇪 FeG Deutschland	2026-06-09 15:37:53 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 15:28:06 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 34.139.168.111 (111.168.139.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.139.168.111 (111.168.139.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 11:27:58.869314 2026] [security2:error] [pid 2529:tid 2529] [client 34.139.168.111:34494] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.baystreet.crossfiregold.com"] [uri "/.git/config"] [unique_id "aigw_hOxWwLPK7QrWyXlawAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-09 15:12:51 (1 week ago)	Try to access /.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 12:53:27 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 34.139.168.111 (111.168.139.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.139.168.111 (111.168.139.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:53:22.855749 2026] [security2:error] [pid 20664:tid 20664] [client 34.139.168.111:36208] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ultrakid.com"] [uri "/.git/config"] [unique_id "aigMwilwyJMaCaViGfI33wAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 12:25:34 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 34.139.168.111 (111.168.139.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.139.168.111 (111.168.139.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:25:28.932830 2026] [security2:error] [pid 11588:tid 11675] [client 34.139.168.111:52028] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sh2.lol"] [uri "/.git/config"] [unique_id "aigGOIpfdIqB_CiRpSsHsQAAAMo"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 aranguren.org	2026-06-09 09:31:30 (2 weeks ago)	34.139.168.111 - - [09/Jun/2026:19:31:13 +1000] "GET /.git/config HTTP/1.1" 200 341 "-" "Mozilla/5.0 ... show more 34.139.168.111 - - [09/Jun/2026:19:31:13 +1000] "GET /.git/config HTTP/1.1" 200 341 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.84 Safari/537.36" 34.139.168.111 - - [09/Jun/2026:19:31:29 +1000] "GET /.git/info/ HTTP/1.1" 200 932 "-" "Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0" 34.139.168.111 - - [09/Jun/2026:19:31:29 +1000] "GET /.git/config HTTP/1.1" 200 341 "-" "Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 05:54:23 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.139.168.111 (111.168.139.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.139.168.111 (111.168.139.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 01:54:17.572410 2026] [security2:error] [pid 21200:tid 21200] [client 34.139.168.111:50316] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.intermixx.independentmusicconference.com"] [uri "/.git/config"] [unique_id "aieqiaQO-qbXAWfnjRGQswAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Donovan	2026-06-09 03:30:24 (2 weeks ago)	Web scan/exploit blocked by fail2ban on commitshift.fr - jail: npm-scan - 1 attempt(s)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 03:02:19 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.139.168.111 (111.168.139.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.139.168.111 (111.168.139.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 23:02:16.047432 2026] [security2:error] [pid 20079:tid 20079] [client 34.139.168.111:38260] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kathrynsaunders.com"] [uri "/.git/config"] [unique_id "aieCODx1CMy1InFY6k3sUQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 02:31:51 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.139.168.111 (111.168.139.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.139.168.111 (111.168.139.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 22:31:44.567285 2026] [security2:error] [pid 15296:tid 15296] [client 34.139.168.111:35622] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.carpesita.com"] [uri "/.git/config"] [unique_id "aid7EF32lgGSctmkwQ6tFgAAADc"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-09 01:58:21 (2 weeks ago)	[TueJun0903:58:18.2258662026][security2:error][pid2983277:tid2983303][client34.139.168.111:0]ModSecu ... show more [TueJun0903:58:18.2258662026][security2:error][pid2983277:tid2983303][client34.139.168.111:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"autodiscover.aidconsultancy.ch\"][uri\"/.git/config\"][unique_id\"aidzOkeTS8yi-OAyBtwQHgAAAVg\"] show less	Hacking Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-08 22:01:09 (2 weeks ago)	Auto-ban: >3000 req/min op 2026-06-08	Web App Attack SSH Hacking
Anonymous	2026-06-08 21:52:34 (2 weeks ago)	Reported from Nginx log analysis 16. Log: 34.139.168.111 - - [08/Jun/2026:xx:xx:xx 0200] "GET /.git ... show more Reported from Nginx log analysis 16. Log: 34.139.168.111 - - [08/Jun/2026:xx:xx:xx 0200] "GET /.git/config HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0" "-" "US United States North Charleston" "AS396982" "Google LLC" show less	Port Scan Brute-Force SSH
🇮🇩 Burayot	2026-06-08 21:15:26 (2 weeks ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 34.139.168.111 (US/United States/11 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 34.139.168.111 (US/United States/111.168.139.34.bc.googleusercontent.com): 2 in the last 3600 secs show less	Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 91.92.40.52

🇨🇳 221.13.240.83

🇭🇰 199.45.154.118

🇪🇹 196.190.33.53

🇻🇳 116.99.171.38

🇮🇳 103.59.132.74

🇫🇷 85.217.140.23

🇺🇸 45.56.83.110

🇺🇸 43.153.13.30

🇺🇸 2620:18c:0:192::e0:197

🇬🇧 193.104.58.61

🇰🇷 175.119.225.68

🇩🇪 167.94.145.23

🇺🇸 159.223.194.47

🇳🇱 91.92.40.13

🇨🇦 85.217.149.58

🇩🇪 193.174.89.19

🇺🇸 172.93.106.153

🇺🇸 153.80.19.136

🇲🇲 153.67.30.199