JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.142.247.223

34.142.247.223 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 64%: ?

64%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	223.247.142.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.142.247.223

Whois 34.142.247.223

IP Abuse Reports for 34.142.247.223:

This IP address has been reported a total of 20 times from 15 distinct sources. 34.142.247.223 was first reported on June 13th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-16 22:03:35 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-15. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-15 17:03:28 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 34.142.247.223 (223.247.142.34.bc.googleusercon ... show more (mod_security) mod_security (id:210730) triggered by 34.142.247.223 (223.247.142.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:03:25.353814 2026] [security2:error] [pid 29208:tid 29208] [client 34.142.247.223:54124] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ieas.org\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ieas.org"] [uri "/.config/gcloud/credentials.db"] [unique_id "ajAwXeitBeyz0kKq76I9tAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Savvii	2026-06-15 14:56:16 (2 weeks ago)	20 attempts against mh_ha-misbehave-ban on lime	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 11:28:10 (2 weeks ago)	"GET /backend/.env.local HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 09:40:20 (2 weeks ago)	(mod_security) mod_security (id:949110) triggered by 34.142.247.223 (223.247.142.34.bc.googleusercon ... show more (mod_security) mod_security (id:949110) triggered by 34.142.247.223 (223.247.142.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 05:40:00.116803 2026] [security2:error] [pid 21717:tid 21717] [client 34.142.247.223:53342] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "dcagroupusa.com"] [uri "/.env.sample"] [unique_id "ai_IcIPusAdcnUKU1sdX8gAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-06-15 09:22:25 (2 weeks ago)	34.142.247.223 - - [15/Jun/2026:12:22:17 +0300] "GET /api/v2/.env HTTP/1.1" 404 2818 "-" "Mozilla/5. ... show more 34.142.247.223 - - [15/Jun/2026:12:22:17 +0300] "GET /api/v2/.env HTTP/1.1" 404 2818 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36" 34.142.247.223 - - [15/Jun/2026:12:22:17 +0300] "GET /production/.env HTTP/1.1" 404 2818 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.108 Safari/537.36" ... show less	Web App Attack
🇳🇱 Site.eu	2026-06-15 07:55:43 (2 weeks ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-15 07:09:24 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.142.247.223 (223.247.142.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.142.247.223 (223.247.142.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:09:17.544080 2026] [security2:error] [pid 1264:tid 1264] [client 34.142.247.223:46166] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.drbolen.com"] [uri "/.env.dev"] [unique_id "ai-lHfXZkud9B7tutbX2DQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 06:10:05 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.142.247.223 (223.247.142.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.142.247.223 (223.247.142.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 02:09:56.142089 2026] [security2:error] [pid 8176:tid 8194] [client 34.142.247.223:46982] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dalessandrofineart.anthonydalessandro.com"] [uri "/.env.preprod"] [unique_id "ai-XNLYVxKUs1KJAWrY3WAAAAI4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 05:10:57 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.142.247.223 (223.247.142.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.142.247.223 (223.247.142.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 01:10:51.386696 2026] [security2:error] [pid 3518:tid 3518] [client 34.142.247.223:53640] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rxrepconnect.circlehealthcaregroup.com"] [uri "/.env.uat"] [unique_id "ai-JW4POGzv5qlaUThsj5gAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-15 01:19:37 (2 weeks ago)	Web vulnerability probing: /app/.env.dev	Web App Attack
Anonymous	2026-06-14 19:45:26 (2 weeks ago)	Http Port:80 (http_status:404) - Agent:Mozilla/5.0 (Linux; U; Android 2.2; en-us; Nexus One Build/FR ... show more Http Port:80 (http_status:404) - Agent:Mozilla/5.0 (Linux; U; Android 2.2; en-us; Nexus One Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 show less	Web App Attack
🇩🇪 ecs.ge	2026-06-14 18:13:36 (2 weeks ago)	Automatic Fail2Ban report from jail plesk-nginx-probes: multiple matching events detected.	Port Scan Web App Attack
🇬🇧 venus.launch.bz	2026-06-14 16:24:29 (2 weeks ago)	(mod_security) mod_security triggered on hostname [redacted] 34.142.247.223 (SG/Singapore/223.247.14 ... show more (mod_security) mod_security triggered on hostname [redacted] 34.142.247.223 (SG/Singapore/223.247.142.34.bc.googleusercontent.com) show less	SQL Injection
🇫🇷 Octopuce	2026-06-14 07:32:13 (2 weeks ago)	Aggressive web search of vulnerable pages: /staging/.env /api/v1/.env /app/backend/.env /v2/.env /sr ... show more Aggressive web search of vulnerable pages: /staging/.env /api/v1/.env /app/backend/.env /v2/.env /src/api/.env ... show less	Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.73.160.215

🇨🇭 209.99.184.231

🇪🇸 185.176.8.77

🇮🇳 183.83.197.226

🇨🇴 138.84.41.69

🇨🇳 115.191.66.84

🇮🇪 52.210.250.38

🇧🇪 35.195.128.244

🇺🇸 35.130.111.98

🇧🇪 34.14.75.69

🇺🇸 20.102.98.53

🇰🇷 211.253.37.225

🇲🇾 202.184.156.12

🇷🇺 201.51.30.184

🇳🇱 195.178.110.188

🇧🇷 177.10.203.106

🇳🇱 176.65.139.251

🇧🇷 168.196.132.34

🇻🇳 103.110.87.57

🇦🇪 92.98.35.115