JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.148.145.209

34.148.145.209 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 59%: ?

59%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	209.145.148.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	North Charleston, South Carolina

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.148.145.209

Whois 34.148.145.209

IP Abuse Reports for 34.148.145.209:

This IP address has been reported a total of 15 times from 14 distinct sources. 34.148.145.209 was first reported on May 26th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-27 20:01:49 (1 week ago)	34.148.145.209 detected on srv01	Brute-Force
🇳🇱 Eric	2026-05-27 18:22:10 (1 week ago)	[Wed May 27 18:22:09.805213 2026] [security2:error] [pid 3303195:tid 3303195] [client 34.148.145.209 ... show more [Wed May 27 18:22:09.805213 2026] [security2:error] [pid 3303195:tid 3303195] [client 34.148.145.209:50100] [client 34.148.145.209] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "prod.fambus.nl"] [uri "/actuator/env"] [unique_id "ahc2UZK_KoIatAZUqo11gAAAAB4"] [Wed May 27 18:22:09.806107 2026] [security2:error] [pid 3298729:tid 3298729] [client 34.148.145.209:50114] [client 34.148.145.209] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Sco ... show less	Hacking Web App Attack
🇪🇸 pipeline.es	2026-05-27 17:19:50 (2 weeks ago)	Web scanning / probing for vulnerable paths \| URL: /backups/db.sql \| Evidence: landingow.aavv.com 34 ... show more Web scanning / probing for vulnerable paths \| URL: /backups/db.sql \| Evidence: landingow.aavv.com 34.148.145.209 - - [27/May/2026:19:17:36 +0200] \"GET /backups/db.sql HTTP/1.1\" 404 212 \"-\" \"Mozilla/5.0 (SymbianOS 9.4; Series60/5.0 NokiaN97-1/10.0.012; Profile/MIDP-2.1 Configuration/CLDC-1.1; en-us) AppleWebKit/525 (KHTML, like Gecko) WicKed/7.1.12344\" GEOIP_COUNTRY_CODE=US \| ASN: GOOGLE-CLOUD-PLATFORM \| Country: US show less	Port Scan Web App Attack
🇳🇱 Savvii	2026-05-27 14:01:48 (2 weeks ago)	20 attempts against mh-misbehave-ban on redirect	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-05-27 11:41:56 (2 weeks ago)	[WedMay2713:41:53.4818642026][security2:error][pid3141670:tid3141783][client34.148.145.209:0]ModSecu ... show more [WedMay2713:41:53.4818642026][security2:error][pid3141670:tid3141783][client34.148.145.209:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"cpanel.titrasloco.com\"][uri\"/data.sql\"][unique_id\"ahbYgbdWR-Q5pjPBpYnZzAAAAQY\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 NXTwoThou	2026-05-27 11:11:59 (2 weeks ago)	/api/heapdump	Web App Attack
🇱🇻 garmtech.com	2026-05-27 10:26:06 (2 weeks ago)	Attempted access to sensitive endpoint (/config/aws.json) detected. Automated scan or unauthorized p ... show more Attempted access to sensitive endpoint (/config/aws.json) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇳🇱 e.fierstra	2026-05-27 08:05:46 (2 weeks ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇫🇷 COMAITE	2026-05-27 05:45:33 (2 weeks ago)	Suspicious URL access.	Web App Attack
🇩🇪 jasperedv.de	2026-05-27 03:43:49 (2 weeks ago)	Apache Login - Brutforcing	Web App Attack Brute-Force
🇺🇸 Fox River Dan	2026-05-27 02:58:00 (2 weeks ago)	[380+ probes total] 209.145.148.34.bc.googleusercontent.com - - [26/May/2026:21:58:29 -0500] "GET / ... show more [380+ probes total] 209.145.148.34.bc.googleusercontent.com - - [26/May/2026:21:58:29 -0500] "GET /.bash_history HTTP/1.1" 401 2312 "-" "Mozilla/5.0 (Linux; Android 9; LLD-AL10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" "(node: 0)" 209.145.148.34.bc.googleusercontent.com - - [26/May/2026:21:58:29 -0500] "GET /.ssh/authorized_keys HTTP/1.1" 401 2312 "-" "Mozilla/5.0 (Linux; Android 9; ONEPLUS A6013) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" "(node: 0)" 209.145.148.34.bc.googleusercontent.com - - [26/May/2026:21:58:29 -0500] "GET /.ssh/id_rsa HTTP/1.1" 401 2312 "-" "Mozilla/5.0 (SymbianOS/9.2; U; Series60/3.1 NokiaE90-1/07.24.0.3; Profile/MIDP-2.0 Configuration/CLDC-1.1 ) AppleWebKit/413 (KHTML, like Gecko) Safari/413 UP.Link/6.2.3.18.0" "(node: 0)" 209.145.148.34.bc.googleusercontent.com - - [26/May/2026:21:58:29 -0500] "GET /id_rsa HTTP/1.1" 401 2312 show less	Web App Attack Hacking
Anonymous	2026-05-27 00:05:19 (2 weeks ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇳🇱 WeCloudit-Anti-Abuse	2026-05-27 00:00:23 (2 weeks ago)	SPAM - Bruteforce Attack - DDOS 2	Email Spam Brute-Force
🇳🇱 WeCloudit-Anti-Abuse	2026-05-26 23:00:06 (2 weeks ago)	SPAM - Bruteforce Attack - DDOS 1	Email Spam Brute-Force
🇳🇱 Cloud86 B.V.	2026-05-26 20:52:03 (2 weeks ago)	categories: DDoS Attack	DDoS Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 199.47.82.21

🇺🇸 66.175.220.105

🇸🇬 47.84.111.226

🇲🇾 195.86.192.66

🇮🇳 182.95.181.34

🇳🇱 178.16.53.41

🇺🇸 161.35.124.147

🇨🇳 121.229.25.10

🇧🇩 103.154.158.70

🇦🇺 103.76.236.73

🇳🇱 77.91.71.12

🇨🇳 58.56.151.234

🇺🇸 157.245.114.249

🇫🇮 147.185.133.132

🇳🇱 109.236.50.3

🇮🇳 103.84.236.242

🇱🇺 83.142.209.214

🇦🇷 190.83.64.106

🇮🇳 182.95.228.22

🇧🇬 79.124.62.230