JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.159.24.28

34.159.24.28 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 52%: ?

52%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	28.24.159.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.159.24.28

Whois 34.159.24.28

IP Abuse Reports for 34.159.24.28:

This IP address has been reported a total of 21 times from 11 distinct sources. 34.159.24.28 was first reported on June 8th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-11 04:22:38 (1 week ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 34.159.24.28 (28.24.159.34.bc.googleuserconten ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 34.159.24.28 (28.24.159.34.bc.googleusercontent.com): 1 in the last 3600 secs (0-195) show less	Hacking
🇳🇱 homeshowdomain.nl	2026-06-09 21:59:12 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08. show less	Web App Attack SSH Hacking
Anonymous	2026-06-09 12:17:25 (1 week ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-06-09 04:42:03 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12	Exploited Host Web App Attack
🇫🇷 masterguru	2026-06-09 02:50:56 (2 weeks ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 34.159.24.28 (28.24.159.34.bc.googleuserconten ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 34.159.24.28 (28.24.159.34.bc.googleusercontent.com): 1 in the last 3600 secs (0-195) show less	Hacking
🇳🇱 homeshowdomain.nl	2026-06-08 22:04:57 (2 weeks ago)	Auto-ban: >3000 req/min op 2026-06-08	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-08 20:29:28 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.159.24.28 (28.24.159.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.159.24.28 (28.24.159.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 16:29:22.436685 2026] [security2:error] [pid 29627:tid 29627] [client 34.159.24.28:40020] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "janton.com"] [uri "/.git/config"] [unique_id "aicmIp532zHkvZICPwvqfQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 JustMeHere	2026-06-08 18:46:02 (2 weeks ago)	[Mon Jun 08 14:45:58.197333 2026] [security2:error] [pid 81240:tid 81380] [client 34.159.24.28:44828 ... show more [Mon Jun 08 14:45:58.197333 2026] [security2:error] [pid 81240:tid 81380] [client 34.159.24.28:44828] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.15.0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "c-73-88-79-72.hsd1.sc.comcast.net"] [uri "/.git/config"] [unique_id "aicN5q82p38LeV3GaOqxEQAAAE0"] ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 18:05:37 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.159.24.28 (28.24.159.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.159.24.28 (28.24.159.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 14:05:30.702566 2026] [security2:error] [pid 15426:tid 15426] [client 34.159.24.28:47148] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rdj.us"] [uri "/.git/config"] [unique_id "aicEajhJ5G-s5YJcf9suCgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 10:54:08 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.159.24.28 (28.24.159.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.159.24.28 (28.24.159.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:54:03.792173 2026] [security2:error] [pid 25761:tid 25787] [client 34.159.24.28:40202] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "billingsleyonline.com"] [uri "/.git/config"] [unique_id "aiafS3VQGqFbsikgw5oWEgAAAJQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-08 10:14:18 (2 weeks ago)	[MonJun0812:14:16.1634012026][security2:error][pid1055366:tid1055411][client34.159.24.28:0]ModSecuri ... show more [MonJun0812:14:16.1634012026][security2:error][pid1055366:tid1055411][client34.159.24.28:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:10\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"dellafoglia.ch\"][uri\"/.git/config\"][unique_id\"aiaV-PwuApt_DLd3CMdjdQAAAAc\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 09:55:56 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.159.24.28 (28.24.159.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.159.24.28 (28.24.159.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 05:55:51.903526 2026] [security2:error] [pid 9478:tid 9478] [client 34.159.24.28:52164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bright-ideas.keystroke.info"] [uri "/.git/config"] [unique_id "aiaRp7S5hr0TTIGuoRhSSwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 08:44:36 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.159.24.28 (28.24.159.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.159.24.28 (28.24.159.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 04:44:28.806657 2026] [security2:error] [pid 29005:tid 29005] [client 34.159.24.28:38988] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kristywernerauthor.com"] [uri "/.git/config"] [unique_id "aiaA7CE9Rz4UE5MT2lhvhwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 08:10:57 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.159.24.28 (28.24.159.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.159.24.28 (28.24.159.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 04:10:48.397687 2026] [security2:error] [pid 8429:tid 8429] [client 34.159.24.28:37204] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "high5vr.com.high5-vr.com"] [uri "/.git/config"] [unique_id "aiZ5CJj_9LQEbV8cC8eZYwAAADs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 07:20:02 (2 weeks ago)	suspicious request in access.log	Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.30

🇬🇧 195.96.139.107

🇧🇷 108.174.147.120

🇩🇪 85.215.205.132

🇺🇸 64.225.121.94

🇪🇸 196.196.150.5

🇮🇷 188.213.179.98

🇨🇳 115.191.64.182

🇺🇸 91.230.168.21

🇫🇷 85.217.140.29

🇺🇸 40.121.200.75

🇧🇷 20.206.64.115

🇰🇷 211.112.231.156

🇧🇷 201.16.238.49

🇺🇸 172.190.220.228

🇸🇬 103.20.122.54

🇺🇸 66.228.53.174

🇫🇮 37.27.129.137

🇨🇦 20.151.110.96

🇺🇸 20.65.145.179