JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.158.238.249

34.158.238.249 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 41%: ?

41%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	249.238.158.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.158.238.249

Whois 34.158.238.249

IP Abuse Reports for 34.158.238.249:

This IP address has been reported a total of 10 times from 9 distinct sources. 34.158.238.249 was first reported on May 19th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-22 12:25:56 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 34.158.238.249 (249.238.158.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.158.238.249 (249.238.158.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 08:25:53.272923 2026] [security2:error] [pid 8509:tid 8509] [client 34.158.238.249:36216] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "engelhardtkraatz.com"] [uri "/.env.backup"] [unique_id "ahBLUTrulhS8_6SEXp1zrwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 NSCA-ISEU	2026-05-20 10:37:47 (2 weeks ago)	Web Server Exposed Git Repository Information Disclosure. VT: Malicious: 1 - Suspicious: 0. ... show more Web Server Exposed Git Repository Information Disclosure. VT: Malicious: 1 - Suspicious: 0. AS396982 Google LLC. Org: Google Cloud (europe-central2) show less	Web App Attack Port Scan
Anonymous	2026-05-20 10:18:55 (2 weeks ago)	git/env leak probe	Web App Attack
🇹🇼 ip4.tw	2026-05-20 09:39:01 (2 weeks ago)	Malicious web scan	Hacking Web App Attack
🇺🇸 crooze.net	2026-05-20 09:38:47 (2 weeks ago)	34.158.238.249 - - [20/May/2026:09:38:47 +0000] "\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03_\xA8\x ... show more 34.158.238.249 - - [20/May/2026:09:38:47 +0000] "\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03_\xA8\xEA\x80\x8F7\x8C\xEAO\x18\xBDk3\xE0\xAE\x82\x0EjH/\xF6 \xFB\x81`w\xF4\xA0\xDE\xDEy\x8B \x88\xA0B\x0F\xEF\xD3h\xE9Y\xCF\x07#5\x9C\xEFL\x97n\xB3\xEB^\x07\xC3l\x84\xF1C\xA0\xB31\xF8p\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0" 400 150 "-" "-" ... show less	Hacking Web App Attack
🇬🇧 PeravixGroup	2026-05-20 08:35:21 (2 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇸🇪 donarev419	2026-05-20 08:06:56 (2 weeks ago)	Connection to port 3000 with data transfer. Data preview:	Port Scan Hacking
🇳🇱 ParaBug	2026-05-19 22:58:17 (2 weeks ago)	34.158.238.249 - - [20/May/2026:00:58:17 +0200] "GET /.git/config HTTP/1.1" 403 3020 "-" "Mozilla/5. ... show more 34.158.238.249 - - [20/May/2026:00:58:17 +0200] "GET /.git/config HTTP/1.1" 403 3020 "-" "Mozilla/5.0 (Linux; Android 9; VOG-L29) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" ... show less	Phishing Brute-Force Web App Attack
🇬🇧 PeravixGroup	2026-05-19 22:25:16 (2 weeks ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇮🇪 AutosOnShow	2026-05-19 22:25:06 (2 weeks ago)	blocked for webapp attack \| path requested: /.git/config \| seen at 2026-05-19 22:24:19.804 \|	Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 185.113.249.81

🇪🇸 141.109.168.108

🇩🇪 139.19.117.197

🇰🇷 118.37.214.187

🇮🇩 103.139.192.221

🇳🇱 91.92.243.20

🇮🇳 49.207.245.79

🇮🇩 36.66.16.233

🇻🇳 14.166.231.150

🇰🇷 220.119.37.141

🇳🇱 176.65.139.246

🇲🇾 49.125.201.80

🇳🇱 45.148.10.141

🇨🇳 42.180.4.166

🇧🇪 34.62.189.193

🇨🇭 186.190.215.90

🇩🇪 139.59.208.49

🇨🇳 120.55.64.150

🇺🇸 72.219.214.135

🇨🇳 39.152.240.15