JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.159.221.8

34.159.221.8 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 61%: ?

61%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	8.221.159.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.159.221.8

Whois 34.159.221.8

IP Abuse Reports for 34.159.221.8:

This IP address has been reported a total of 10 times from 9 distinct sources. 34.159.221.8 was first reported on June 13th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-14 00:09:07 (2 days ago)	Too many Status 40X (11) Scanning/Probing (61) Request Overload (383)	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-13 22:03:28 (2 days ago)	Auto-ban: >3000 req/min op 2026-06-13	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-13 17:17:41 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 34.159.221.8 (8.221.159.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210730) triggered by 34.159.221.8 (8.221.159.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 13:17:36.861830 2026] [security2:error] [pid 6441:tid 6441] [client 34.159.221.8:60762] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.notforhirellc.scottwithers.xyz\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.notforhirellc.scottwithers.xyz"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai2QsKYzagmceSUBeerKGQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 15:10:59 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 34.159.221.8 (8.221.159.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210730) triggered by 34.159.221.8 (8.221.159.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 11:10:55.074041 2026] [security2:error] [pid 14122:tid 14122] [client 34.159.221.8:54346] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|web25.dnchosting.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "web25.dnchosting.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai1y_2_XQ-kRX0RWCW7FkwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-13 13:41:52 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇦🇹 penguin-solutions.at	2026-06-13 11:11:46 (2 days ago)	Excessive 403/404 errors ...	Brute-Force Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-13 05:28:20 (3 days ago)	Blocked by CSF 13 firewall - Rule: US/United States/8.221.159.34.bc.googleusercontent.com	Web App Attack
🇩🇪 updown.io	2026-06-13 04:44:10 (3 days ago)	{"level":"info","ts":1781325848.493568,"logger":"http.log.access.log1","msg":"handled request","requ ... show more {"level":"info","ts":1781325848.493568,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.159.221.8","remote_port":"34580","client_ip":"34.159.221.8","proto":"HTTP/1.1","method":"GET","host":"yxupdate.ponmlknmlkjihgjihgc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io","uri":"/actuator/heapdump","headers":{"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"]}},"bytes_read":0,"user_id":"","duration":0.000085964,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://yxupdate.ponmlknmlkjihgjihgc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io/actuator/heapdump"],"Content-Type":[]}} {"level":"info","ts":1781325848.5008373,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.159.221.8","remote_por ... show less	DDoS Attack Web App Attack
🇮🇹 VHosting	2026-06-13 03:40:03 (3 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇳🇱 Cloud86 B.V.	2026-06-13 03:26:02 (3 days ago)	categories: DDoS Attack	DDoS Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4001:c24::12d

🇧🇷 177.93.72.158

🇧🇷 131.221.15.20

🇮🇩 103.98.176.164

🇺🇸 72.167.44.205

🇸🇬 47.79.15.36

🇨🇳 36.135.92.36

🇬🇧 2a06:4880:8000::9a

🇨🇳 221.235.140.84

🇯🇵 203.25.124.39

🇧🇷 179.191.82.115

🇯🇵 124.18.182.99

🇺🇸 104.152.52.142

🇭🇰 101.36.106.134

🇳🇱 64.89.162.168

🇫🇷 51.159.160.135

🇮🇳 49.207.243.82

🇸🇬 47.79.15.30

🇸🇬 47.79.15.3

🇳🇱 45.142.193.105