JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.159.204.203

34.159.204.203 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	203.204.159.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.159.204.203

Whois 34.159.204.203

IP Abuse Reports for 34.159.204.203:

This IP address has been reported a total of 27 times from 24 distinct sources. 34.159.204.203 was first reported on June 14th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 bellovacorp	2026-06-16 00:06:05 (1 week ago)	[CrowdSec/Noliae] noliae-threat-intel	Hacking
🇳🇱 homeshowdomain.nl	2026-06-15 22:02:17 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-14. show less	Web App Attack SSH Hacking
🇺🇸 Rayulcifer	2026-06-15 15:25:36 (1 week ago)	34.159.204.203 - - [15/Jun/2026:10:25:36 -0500] "\x16\x03\x01" 400 392 "-" "-" 34.159.204.203 - - [1 ... show more 34.159.204.203 - - [15/Jun/2026:10:25:36 -0500] "\x16\x03\x01" 400 392 "-" "-" 34.159.204.203 - - [15/Jun/2026:10:25:36 -0500] "\x16\x03\x01" 400 392 "-" "-" 34.159.204.203 - - [15/Jun/2026:10:25:36 -0500] "\x16\x03\x01" 400 392 "-" "-" 34.159.204.203 - - [15/Jun/2026:10:25:36 -0500] "\x16\x03\x01" 400 392 "-" "-" 34.159.204.203 - - [15/Jun/2026:10:25:36 -0500] "\x16\x03\x01" 400 392 "-" "-" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇵🇱 lns.bz	2026-06-15 14:07:22 (1 week ago)	Web app attack [PL.Lu]	Exploited Host Web App Attack
🇺🇸 alecj.com	2026-06-15 12:23:55 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
Anonymous	2026-06-15 12:10:27 (1 week ago)	[Mon Jun 15 14:10:23.730716 2026] [access_compat:error] [pid 469722:tid 129668013360832] [client 34. ... show more [Mon Jun 15 14:10:23.730716 2026] [access_compat:error] [pid 469722:tid 129668013360832] [client 34.159.204.203:58202] AH01797: client denied by server configuration: /var/www/html/.git [Mon Jun 15 14:10:23.734368 2026] [access_compat:error] [pid 469686:tid 129668271310528] [client 34.159.204.203:58210] AH01797: client denied by server configuration: /var/www/html/app [Mon Jun 15 14:10:23.741259 2026] [access_compat:error] [pid 469753:tid 129668399236800] [client 34.159.204.203:58214] AH01797: client denied by server configuration: /var/www/html/src [Mon Jun 15 14:10:23.744708 2026] [access_compat:error] [pid 469686:tid 129668250339008] [client 34.159.204.203:58218] AH01797: client denied by server configuration: /var/www/html/backend [Mon Jun 15 14:10:23.754202 2026] [access_compat:error] [pid 469753:tid 129668581689024] [client 34.159.204.203:58228] AH01797: client denied by server configuration: /var/www/html/frontend [Mon Jun 15 14:10:23.764175 2026] [access_compat:error] [pid 4697 ... show less	Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-15 12:03:17 (1 week ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 06:42:07 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 34.159.204.203 (203.204.159.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.159.204.203 (203.204.159.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 02:42:02.618400 2026] [security2:error] [pid 8863:tid 8863] [client 34.159.204.203:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mail-pmg.com"] [uri "/.env.qa"] [unique_id "ai-eug4Mh3Nugjst4PeQHgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-15 06:36:46 (1 week ago)	Try to access /.env	Web App Attack
🇫🇷 masterguru	2026-06-15 04:49:08 (1 week ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-196)	Hacking Web App Attack
🇲🇾 Rizzy	2026-06-15 04:09:08 (1 week ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇪🇸 tg_de	2026-06-15 03:44:18 (1 week ago)	166 attempts since 15.06.2026 03:44:16 UTC - last search for: /symfony/.env	Web App Attack
🇩🇪 excill	2026-06-15 03:05:31 (1 week ago)	Honeypot mesh observed 2370 attack events in 24h — cowrie/dionaea/heralding/suricata	Port Scan Hacking Brute-Force SSH
🇩🇪 Viveronese	2026-06-15 02:32:47 (1 week ago)	HTTP vulnerability scanning	Web App Attack
🇳🇱 wlt-blocker	2026-06-15 01:24:33 (1 week ago)	Unauthorized access to webpage admin	Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 80.94.95.211

🇺🇸 70.91.135.181

🇳🇱 204.76.203.15

🇦🇷 186.39.16.19

🇺🇸 172.253.221.147

🇭🇰 156.234.7.27

🇱🇰 124.43.27.66

🇿🇦 102.39.30.234

🇫🇷 91.231.89.83

🇫🇷 85.217.140.7

🇫🇷 75.119.131.168

🇵🇪 38.255.108.215

🇷🇼 197.243.14.52

🇩🇪 167.94.145.31

🇻🇳 165.154.187.159

🇮🇳 106.217.75.204

🇨🇿 104.253.81.198

🇳🇱 91.92.40.7

🇸🇬 47.84.110.105

🇳🇱 45.156.128.132