JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.140.232.85

34.140.232.85 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 86%: ?

86%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	85.232.140.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇧🇪 Belgium
City	Brussels, Brussels Capital

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.140.232.85

Whois 34.140.232.85

IP Abuse Reports for 34.140.232.85:

This IP address has been reported a total of 20 times from 15 distinct sources. 34.140.232.85 was first reported on December 1st 2024, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 sid3windr	2026-06-16 04:22:33 (7 hours ago)	GET /.env (Tarpitted for 1d15h8m26s, wasted 8.06MB)	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-15 22:02:01 (13 hours ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-14. show less	Web App Attack SSH Hacking
🇩🇪 big-cloud.nl	2026-06-15 09:49:24 (1 day ago)	Try to access /api/.env	Web App Attack
🇩🇪 strxmpp	2026-06-15 06:09:17 (1 day ago)	34.140.232.85 - - [15/Jun/2026:08:09:16 +0200] "GET /.env HTTP/1.1" 302 4405 "-" "Mozilla/5.0 (Macin ... show more 34.140.232.85 - - [15/Jun/2026:08:09:16 +0200] "GET /.env HTTP/1.1" 302 4405 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36" ... show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-15 05:22:56 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 34.140.232.85 (85.232.140.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.140.232.85 (85.232.140.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 01:22:49.553304 2026] [security2:error] [pid 28271:tid 28271] [client 34.140.232.85:60750] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marshvineyards.com"] [uri "/.env.copy"] [unique_id "ai-MKVc9z6KxJago6vfNHgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-06-15 03:15:59 (1 day ago)	Port Scan detected from 34.140.232.85 (BE/Belgium/Brussels Capital/Brussels/85.232.140.34.bc.googl ... show more Port Scan detected from 34.140.232.85 (BE/Belgium/Brussels Capital/Brussels/85.232.140.34.bc.googleusercontent.com). show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-15 03:15:55 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 34.140.232.85 (85.232.140.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.140.232.85 (85.232.140.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 23:15:52.079716 2026] [security2:error] [pid 11386:tid 11386] [client 34.140.232.85:56736] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.etoyfun.vittariadesign.com"] [uri "/.env.default"] [unique_id "ai9uaBgGVCnKjqDNb-JQ_wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 02:57:06 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 34.140.232.85 (85.232.140.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.140.232.85 (85.232.140.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:56:59.987696 2026] [security2:error] [pid 24395:tid 24395] [client 34.140.232.85:34768] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vtwins.us"] [uri "/.env.old"] [unique_id "ai9p-876MH0vtqDHjcrkqQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-06-15 02:21:03 (1 day ago)	Unauthorized access to webpage admin	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 02:16:54 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 34.140.232.85 (85.232.140.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.140.232.85 (85.232.140.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:16:49.976194 2026] [security2:error] [pid 9468:tid 9468] [client 34.140.232.85:60776] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cynosuresnapshots.com.pluralmatrix.net"] [uri "/.env.stage"] [unique_id "ai9gkYFE2YPl1-Mp3_orCwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-15 00:19:57 (1 day ago)	Scanning/Probing (43)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 22:54:41 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 34.140.232.85 (85.232.140.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.140.232.85 (85.232.140.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 18:54:38.361260 2026] [security2:error] [pid 18513:tid 18513] [client 34.140.232.85:36190] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.valbreniscrivalbo.com.iacarbonell.com"] [uri "/.env.default"] [unique_id "ai8xLv8_9gdXVbibRRiE_QAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 updown.io	2026-06-14 21:31:43 (1 day ago)	{"level":"info","ts":1781472702.2820761,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781472702.2820761,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.140.232.85","remote_port":"54754","client_ip":"34.140.232.85","proto":"HTTP/1.1","method":"GET","host":"status.worders.net","uri":"/.env.copy","headers":{"Accept-Encoding":["gzip"],"Connection":["close"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36"],"Accept-Charset":["utf-8"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"status.worders.net","ech":false}},"bytes_read":0,"user_id":"","duration":0.00037783,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}} {"level":"info","ts":1781472702.3224468,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.140.232.85","remote_port":"54800","client_ip":"34.140.232.85","proto":"HTTP/1.1","method":"GET","ho ... show less	DDoS Attack Web App Attack
🇷🇺 DZBOT	2026-06-14 07:42:33 (2 days ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 04:56:59 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 34.140.232.85 (85.232.140.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.140.232.85 (85.232.140.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 00:56:54.066004 2026] [security2:error] [pid 619:tid 619] [client 34.140.232.85:34330] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wheelworks.my"] [uri "/.env.backup.txt"] [unique_id "ai40llhxaIpvvnLc1xKf-AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.190.35.163

🇺🇸 170.203.16.2

🇭🇰 107.150.119.80

🇬🇪 94.43.196.63

🇩🇪 69.5.169.87

🇺🇸 52.14.238.54

🇧🇷 45.65.205.130

🇺🇸 43.135.135.17

🇩🇪 217.80.255.76

🇩🇪 213.209.159.175

🇲🇽 187.212.10.12

🇺🇸 172.93.106.153

🇮🇳 172.83.83.194

🇩🇪 138.68.64.67

🇫🇮 132.243.21.154

🇩🇪 46.101.216.224

🇺🇸 45.131.195.85

🇺🇸 43.153.123.185

🇻🇪 38.166.81.109

🇮🇩 36.81.71.195