JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.145.1.239

34.145.1.239 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 94%: ?

94%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	239.1.145.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	The Dalles, Oregon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.145.1.239

Whois 34.145.1.239

IP Abuse Reports for 34.145.1.239:

This IP address has been reported a total of 22 times from 16 distinct sources. 34.145.1.239 was first reported on June 8th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Cloud86 B.V.	2026-06-10 13:39:04 (2 hours ago)	categories: DDoS Attack	DDoS Attack
🇺🇸 TPI-Abuse	2026-06-10 11:33:15 (4 hours ago)	(mod_security) mod_security (id:210492) triggered by 34.145.1.239 (239.1.145.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.145.1.239 (239.1.145.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 07:33:09.240024 2026] [security2:error] [pid 29389:tid 29515] [client 34.145.1.239:55814] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dermatologycolorado.com.aafm.us"] [uri "/.env.test"] [unique_id "ailLdZyCVtjMpi22nCbdKwAAAkQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 09:53:10 (6 hours ago)	(mod_security) mod_security (id:210492) triggered by 34.145.1.239 (239.1.145.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.145.1.239 (239.1.145.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 05:53:05.975141 2026] [security2:error] [pid 17358:tid 17358] [client 34.145.1.239:60490] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "darrinlauritzen.com"] [uri "/.env.local.bak"] [unique_id "aik0AWIRj9UASoO_Hq7pcQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-10 09:42:07 (6 hours ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇨🇦 Dunham Support	2026-06-10 09:19:26 (7 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 34.145.1.239 (US/United States/239.1.14 ... show more (mod_security) mod_security triggered on hostname [redacted] 34.145.1.239 (US/United States/239.1.145.34.bc.googleusercontent.com) show less	SQL Injection
🇳🇱 Site.eu	2026-06-10 07:13:58 (9 hours ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-10 03:28:07 (12 hours ago)	(mod_security) mod_security (id:210492) triggered by 34.145.1.239 (239.1.145.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.145.1.239 (239.1.145.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 23:27:59.994347 2026] [security2:error] [pid 28833:tid 28833] [client 34.145.1.239:34708] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "backyardbrickoven.com"] [uri "/.env.production"] [unique_id "aijZv9H971P1LS9r3pgYWgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 updown.io	2026-06-10 02:49:01 (13 hours ago)	{"level":"info","ts":1781059740.3834932,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781059740.3834932,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.145.1.239","remote_port":"46638","client_ip":"34.145.1.239","proto":"HTTP/1.1","method":"GET","host":"update.wvutsrqponmlkjihgwww.bwwwc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io","uri":"/.env.save","headers":{"Accept-Encoding":["gzip"],"Connection":["close"],"User-Agent":["Mozilla/5.0 (SymbianOS/9.2; U; Series60/3.1 Nokia5700/3.27; Profile/MIDP-2.0 Configuration/CLDC-1.1) AppleWebKit/413 (KHTML, like Gecko) Safari/413"],"Accept-Charset":["utf-8"]}},"bytes_read":0,"user_id":"","duration":0.00009391,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://update.wvutsrqponmlkjihgwww.bwwwc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io/.env.save"],"Content-Type":[]}} {"level":"info","ts":1781059740.404018,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.145 ... show less	DDoS Attack Web App Attack
🇬🇧 consul.to	2026-06-10 02:45:00 (13 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-09 22:03:05 (18 hours ago)	Auto-ban: >3000 req/min op 2026-06-09	Web App Attack SSH Hacking
🇳🇱 e.fierstra	2026-06-09 17:10:39 (23 hours ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
Anonymous	2026-06-09 08:38:53 (1 day ago)	(caddyscan) Scanner path probe from 34.145.1.239 (US/United States/239.1.145.34.bc.googleusercontent ... show more (caddyscan) Scanner path probe from 34.145.1.239 (US/United States/239.1.145.34.bc.googleusercontent.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 34.145.1.239 - - [09/Jun/2026:08:38:49 +0000] "GET /.env.local HTTP/1.1" [REDACTED] 200 2627 34.145.1.239 - - [09/Jun/2026:08:38:49 +0000] "GET /.env.production HTTP/1.1" [REDACTED] 200 2627 34.145.1.239 - - [09/Jun/2026:08:38:49 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 34.145.1.239 - - [09/Jun/2026:08:38:49 +0000] "GET /.env.prod HTTP/1.1" [REDACTED] 200 2627 34.145.1.239 - - [09/Jun/2026:08:38:49 +0000] "GET /.env.backup.txt HTTP/1.1" show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-09 08:14:00 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 34.145.1.239 (239.1.145.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.145.1.239 (239.1.145.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 04:13:53.486188 2026] [security2:error] [pid 5857:tid 5857] [client 34.145.1.239:54066] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aabondwnc.com"] [uri "/.env.production.local"] [unique_id "aifLQQx1Go2a9lPtVLpSmQAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-09 04:26:53 (1 day ago)	Multiple WAF Violations	Web App Attack
🇨🇭 Origon	2026-06-09 02:00:58 (1 day ago)	http-sensitive-files - IP: 34.145.1.239 - time="2026-06-09T04:00:57+02:00" level=info msg="(555f66b ... show more http-sensitive-files - IP: 34.145.1.239 - time="2026-06-09T04:00:57+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 34.145.1.239 (US/396982) : 4h ban on Ip 34.145.1.239" module=db show less	Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.226

🇫🇷 51.44.177.23

🇧🇷 20.195.183.41

🇭🇰 199.45.155.100

🇧🇷 179.111.150.61

🇻🇪 206.0.183.196

🇪🇹 196.188.116.56

🇨🇦 184.107.167.142

🇺🇸 150.107.36.85

🇨🇳 122.96.28.125

🇨🇳 59.52.176.132

🇦🇿 46.32.189.218

🇷🇴 2.57.122.177

🇧🇪 198.235.24.219

🇳🇬 197.210.70.70

🇩🇪 167.94.145.20

🇨🇳 139.212.69.209

🇨🇳 124.227.31.33

🇷🇴 80.94.92.171

🇺🇸 34.106.39.218