AbuseIPDB » 34.156.191.158
34.156.191.158
This IP was reported 7 times. Confidence of
Abuse
is 38% : ?
ISP
Google LLC
Usage Type
Data Center/Web Hosting/Transit
ASN
AS396982
Hostname(s)
158.191.156.34.bc.googleusercontent.com
Domain Name
google.com
Country
๐ง๐ช
Belgium
City
Brussels, Brussels Capital
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 34.156.191.158 :
This IP address has been reported a total of
7
times from
7 distinct
sources.
34.156.191.158 was first reported on
May 27th 2026 , and the most recent report was
6 days ago
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ต๐ฑ
IT RDC
2026-05-28 20:20:33
(6 days ago)
2026/05/28 22:20:31 [info] 126156#0: *477411 client sent plain HTTP request to HTTPS port while read ...
show more
2026/05/28 22:20:31 [info] 126156#0: *477411 client sent plain HTTP request to HTTPS port while reading client request headers, client: 34.156.191.158, server: zimbra, request: "GET /.git/config HTTP/1.1", host: "83.238.86.39:443"
...
show less
Web App Attack
๐บ๐ธ
brantknudson.org
2026-05-28 20:19:32
(6 days ago)
Client sent invalid (non-HTTP) message to honeypot web server:
34.156.191.158 - - [28/May/2026:15:19 ...
show more
Client sent invalid (non-HTTP) message to honeypot web server:
34.156.191.158 - - [28/May/2026:15:19:32 -0500] "GET /.git/config HTTP/1.1" 400 264 "-" "Mozilla/5.0" "-" ""
show less
Web App Attack
Port Scan
๐ซ๐ฎ
inlink.ltd
2026-05-28 20:17:15
(6 days ago)
dot file probe
Web App Attack
๐บ๐ธ
itsnixk
2026-05-28 20:01:01
(6 days ago)
(mod_security) mod_security (id:920350) triggered by 34.156.191.158 (US/United States/158.191.156.34 ...
show more
(mod_security) mod_security (id:920350) triggered by 34.156.191.158 (US/United States/158.191.156.34.bc.googleusercontent.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu May 28 16:00:59.299347 2026] [security2:error] [pid 983393:tid 983525] [client 34.156.191.158:57346] ModSecurity: Access denied with code 406 (phase 1). Pattern match "(?:^([\\\\d.]+|\\\\[[\\\\da-f:]+\\\\]|[\\\\da-f:]+)(:[\\\\d]+)?$)" at REQUEST_HEADERS:Host. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "774"] [id "920350"] [msg "Host header is a numeric IP address"] [redacted] [severity "WARNING"] [ver "OWASP_CRS/4.25.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/.git/config"] [unique_id "ahie-2yshj0hwvrd3wnSPgAAADE"]
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-05-28 19:25:17
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 34.156.191.158 (158.191.156.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.156.191.158 (158.191.156.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 15:25:09.964124 2026] [security2:error] [pid 18462:tid 18462] [client 34.156.191.158:33314] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.122"] [uri "/.git/config"] [unique_id "ahiWlSVWEbEjJSBHSOW1MwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐ฝ
FenixHunter๐ฆโ๐ฅ
2026-05-28 00:37:12
(1 week ago)
Blocked TLS Cipher Downgrade Attemp. Action Performed: DROP
Port Scan
Hacking
Bad Web Bot
Web App Attack
๐ต๐ฑ
Roper123
2026-05-27 13:34:54
(1 week ago)
Web app exploits
Web App Attack
Showing 1 to
7
of 7 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: