JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.159.3.56

34.159.3.56 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 69%: ?

69%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	56.3.159.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.159.3.56

Whois 34.159.3.56

IP Abuse Reports for 34.159.3.56:

This IP address has been reported a total of 15 times from 15 distinct sources. 34.159.3.56 was first reported on January 22nd 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-13 13:28:17 (1 week ago)	Excessive multi-domain requests	Brute-Force
Anonymous	2026-06-13 12:15:18 (1 week ago)	(caddyscan) Scanner path probe from 34.159.3.56 (DE/Germany/56.3.159.34.bc.googleusercontent.com): 5 ... show more (caddyscan) Scanner path probe from 34.159.3.56 (DE/Germany/56.3.159.34.bc.googleusercontent.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 34.159.3.56 - - [13/Jun/2026:12:15:16 +0000] "GET /v1/actuator/env HTTP/1.1" [REDACTED] 200 2627 34.159.3.56 - - [13/Jun/2026:12:15:16 +0000] "GET /v2/actuator/env HTTP/1.1" [REDACTED] 200 2627 34.159.3.56 - - [13/Jun/2026:12:15:16 +0000] "GET /api/actuator/env HTTP/1.1" [REDACTED] 200 2627 34.159.3.56 - - [13/Jun/2026:12:15:16 +0000] "GET /backend/actuator/env HTTP/1.1" [REDACTED] 200 2627 34.159.3.56 - - [13/Jun/2026:12:15:16 +0000] "GET /actuator/heapdump HTTP/1.1" show less	Port Scan
🇬🇧 consul.to	2026-06-13 11:24:35 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 Octopuce	2026-06-13 09:51:46 (1 week ago)	Aggressive web search of vulnerable pages: /secrets/aws.json /secrets/azure.json /secrets/credential ... show more Aggressive web search of vulnerable pages: /secrets/aws.json /secrets/azure.json /secrets/credentials.json /secrets/gcp.json /docker-compose.ym ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 09:43:22 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 34.159.3.56 (56.3.159.34.bc.googleusercontent.c ... show more (mod_security) mod_security (id:210730) triggered by 34.159.3.56 (56.3.159.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 05:43:18.458707 2026] [security2:error] [pid 20658:tid 20678] [client 34.159.3.56:47088] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|marinkovich.org\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "marinkovich.org"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai0mNnGcdyR-mFNUZHCwrAAAAFI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-06-13 09:37:04 (1 week ago)	http-probing - IP: 34.159.3.56 - time="2026-06-13T11:37:03+02:00" level=info msg="(555f66b4f6a74558 ... show more http-probing - IP: 34.159.3.56 - time="2026-06-13T11:37:03+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 34.159.3.56 (DE/396982) : 4h ban on Ip 34.159.3.56" module=db show less	Web App Attack
🇩🇪 maxpower	2026-06-13 09:24:14 (1 week ago)	(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 34.159.3.56 (DE/Germany/56.3.159.34.bc.g ... show more (exploit_critical) REGOLA 2 - Critical File Exploit Attempt 34.159.3.56 (DE/Germany/56.3.159.34.bc.googleusercontent.com): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 34.159.3.56 - - [13/Jun/2026:11:24:08 +0200] "GET /.aws/credentials HTTP/1.1" 404 355 "-" "Mozilla/5.0 (compatible; Konqueror/4.5; NetBSD 5.0.2; X11; amd64; en_US) KHTML/4.5.4 (like Gecko)" "-" host=ramsesconsulting.com 34.159.3.56 - - [13/Jun/2026:11:24:08 +0200] "GET /config/.aws/credentials HTTP/1.1" 404 355 "-" "Mozilla/5.0 (X11; U; Linux x86_64; sv-SE; rv:1.8.1.12) Gecko/20080207 Ubuntu/7.10 (gutsy) Firefox/2.0.0.12" "-" host=ramsesconsulting.com show less	Port Scan
🇨🇭 zynex	2026-06-13 07:50:08 (1 week ago)	URL Probing: /api/database.php	Web App Attack
🇺🇸 mnsf	2026-06-13 06:06:53 (1 week ago)	Too many Status 40X (11) Scanning/Probing (61) Request Overload (383)	Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-13 05:53:01 (1 week ago)	Multiple WAF Violations	Web App Attack
🇮🇹 VHosting	2026-06-13 04:25:03 (1 week ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-13 04:11:56 (1 week ago)	Restricted File Access Attempt. Matched phrase ".aws/" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇳🇴 jad-abuse	2026-06-13 03:47:49 (1 week ago)	ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: actuator, aw ... show more ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: actuator, aws_creds, env_probe, config_backup, ssh_keys. Observed by 1 sensor(s); 419 hits. show less	Hacking Web App Attack
🇳🇱 Cloud86 B.V.	2026-06-13 03:39:09 (1 week ago)	categories: DDoS Attack	DDoS Attack
🇩🇪 Jochen Pretli	2026-01-22 01:48:20 (5 months ago)	connection to honeypot	Email Spam Port Scan

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 212.132.120.41

🇺🇸 208.84.100.61

🇩🇪 154.14.23.208

🇳🇱 143.179.241.103

🇪🇸 88.20.137.231

🇷🇺 87.250.224.121

🇺🇸 44.187.15.246

🇰🇷 210.114.22.126

🇧🇷 191.53.9.169

🇳🇱 185.242.226.74

🇺🇸 172.202.118.18

🇺🇸 147.185.132.8

🇧🇷 138.255.230.4

🇺🇸 124.198.131.39

🇨🇳 118.145.213.116

🇨🇳 112.94.253.217

🇺🇸 74.125.212.203

🇰🇷 49.247.37.22

🇬🇧 35.203.210.119

🇺🇸 34.209.60.246