JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.185.138.243

34.185.138.243 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 72%: ?

72%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	243.138.185.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.185.138.243

Whois 34.185.138.243

IP Abuse Reports for 34.185.138.243:

This IP address has been reported a total of 11 times from 11 distinct sources. 34.185.138.243 was first reported on June 13th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-13 22:01:23 (1 day ago)	Auto-ban: >3000 req/min op 2026-06-13	Web App Attack SSH Hacking
🇩🇪 iNetWorker	2026-06-13 15:21:30 (1 day ago)	trolling for resource vulnerabilities	Web App Attack
Anonymous	2026-06-13 12:47:04 (2 days ago)	Bot / scanning and/or hacking attempts: GET /temp/.env HTTP/1.1, GET /.env.copy HTTP/1.1, GET /publi ... show more Bot / scanning and/or hacking attempts: GET /temp/.env HTTP/1.1, GET /.env.copy HTTP/1.1, GET /public/.env HTTP/1.1, GET /internal/.env.production HTTP/1.1, GET /services/backend/.env HTTP/1.1, GET /.env.pre-production HTTP/1.1, GET /portal/.env HTTP/1.1, GET /test/.env HTTP/1.1, GET /symfony/.env HTTP/1.1, GET /api/.env HTTP/1.1, GET /src/api/.env HTTP/1.1, GET /tmp/.env HTTP/1.1, GET /data/.env HTTP/1.1, GET /.env.save HTTP/1.1, GET /backend/.env.dev HTTP/1.1, GET /laravel/.env HTTP/1.1, GET /env.txt HTTP/1.1, GET /src/.env.production HTTP/1.1, GET /api/backend/.env HTTP/1.1, GET /backend/.env.bak HTTP/1.1, GET /v3/.env HTTP/1.1, GET /api/.env.bak HTTP/1.1, GET /backend/.env.local HTTP/1.1, GET /app/.env.bak HTTP/1.1, GET /services/api/.env HTTP/1.1 show less	Hacking Web App Attack
🇩🇪 updown.io	2026-06-13 09:44:11 (2 days ago)	{"level":"info","ts":1781343850.6259813,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781343850.6259813,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.185.138.243","remote_port":"54256","client_ip":"34.185.138.243","proto":"HTTP/1.1","method":"GET","host":"mlkjihgfihgfehgc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io","uri":"/.env.old","headers":{"Accept-Encoding":["gzip"],"Connection":["close"],"User-Agent":["Mozilla/5.0 (Linux; Android 9; CLT-AL00 Build/HUAWEICLT-AL00; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/66.0.3359.126 MQQBrowser/6.2 TBS/044807 Mobile Safari/537.36 MMWEBID/9069 MicroMessenger/7.0.6.1460(0x27000634) Process/tools NetType/WIFI Language/zh_CN"],"Accept-Charset":["utf-8"]}},"bytes_read":0,"user_id":"","duration":0.000099881,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://mlkjihgfihgfehgc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io/.env.old"],"Content-Type":[]}} {"level":"info","ts":17813 ... show less	DDoS Attack Web App Attack
🇳🇱 Site.eu	2026-06-13 09:00:37 (2 days ago)	Excessive 404/403 errors	Brute-Force
🇨🇭 Origon	2026-06-13 06:23:48 (2 days ago)	http-sensitive-files - IP: 34.185.138.243 - time="2026-06-13T08:23:47+02:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 34.185.138.243 - time="2026-06-13T08:23:47+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 34.185.138.243 (DE/396982) : 4h ban on Ip 34.185.138.243" module=db show less	Web App Attack
Anonymous	2026-06-13 05:48:38 (2 days ago)	(caddyscan) Scanner path probe from 34.185.138.243 (DE/Germany/243.138.185.34.bc.googleusercontent.c ... show more (caddyscan) Scanner path probe from 34.185.138.243 (DE/Germany/243.138.185.34.bc.googleusercontent.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 34.185.138.243 - - [13/Jun/2026:05:48:32 +0000] "GET /.env.bak HTTP/1.1" [REDACTED] 200 2627 34.185.138.243 - - [13/Jun/2026:05:48:32 +0000] "GET /.env.live HTTP/1.1" [REDACTED] 200 2627 34.185.138.243 - - [13/Jun/2026:05:48:32 +0000] "GET /backend/.env HTTP/1.1" [REDACTED] 200 2627 34.185.138.243 - - [13/Jun/2026:05:48:32 +0000] "GET /qa/.env HTTP/1.1" [REDACTED] 200 2627 34.185.138.243 - - [13/Jun/2026:05:48:32 +0000] "GET /app/backend/.env HTTP/1.1" show less	Port Scan
🇺🇸 mnsf	2026-06-13 05:06:46 (2 days ago)	Too many Status 40X (13) Scanning/Probing (13)	Brute-Force Web App Attack
Anonymous	2026-06-13 04:57:32 (2 days ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 04:26:16 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 34.185.138.243 (243.138.185.34.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 34.185.138.243 (243.138.185.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 00:26:10.536024 2026] [security2:error] [pid 21620:tid 21620] [client 34.185.138.243:38766] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fruitsaladyummy.robtown.com"] [uri "/.env.prod"] [unique_id "aizb4r2v3-1-20O82Qxy7wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-13 04:15:03 (2 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 2a01:4f8:c013:bf96::1

🇺🇸 167.99.106.37

🇭🇰 156.245.246.50

🇮🇳 152.59.118.74

🇮🇹 151.33.102.130

🇰🇷 112.151.178.49

🇹🇷 45.158.14.124

🇬🇧 45.82.76.124

🇧🇷 45.71.123.226

🇵🇱 194.165.16.161

🇨🇳 122.97.209.53

🇺🇸 113.20.4.9

🇺🇸 91.230.168.125

🇮🇳 49.36.212.221

🇺🇸 34.24.63.147

🇸🇬 2404:6800:4003:c11::120

🇫🇷 185.177.72.29

🇺🇾 167.57.92.137

🇩🇿 154.241.11.205

🇮🇩 143.20.49.38