JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.185.238.97

34.185.238.97 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 84%: ?

84%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	97.238.185.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.185.238.97

Whois 34.185.238.97

IP Abuse Reports for 34.185.238.97:

This IP address has been reported a total of 16 times from 14 distinct sources. 34.185.238.97 was first reported on June 14th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 06:49:54 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 34.185.238.97 (97.238.185.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.185.238.97 (97.238.185.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 02:49:48.917389 2026] [security2:error] [pid 15184:tid 15184] [client 34.185.238.97:56588] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lesdaniels.com"] [uri "/.env.development"] [unique_id "ai-gjElWVS7Kci6iv2ADtwAAACo"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-15 02:27:14 (2 days ago)	Excessive multi-domain requests	Brute-Force
🇧🇪 cmbplf	2026-06-15 01:51:39 (2 days ago)	126 requests with url.path *sendgrid.env	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-15 00:54:56 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 34.185.238.97 (97.238.185.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.185.238.97 (97.238.185.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 20:54:51.129664 2026] [security2:error] [pid 16891:tid 16904] [client 34.185.238.97:52142] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.reclaimingspirituality.aafm.us"] [uri "/app/.env.production"] [unique_id "ai9NW9PE8ZvXTd8Ag1iM9wAAAIg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-15 00:19:42 (2 days ago)	Too many Status 40X (23) Scanning/Probing (23)	Brute-Force Web App Attack
🇫🇷 Octopuce	2026-06-14 23:15:22 (2 days ago)	Aggressive web search of vulnerable pages: /.env.local /.env /api/.env.local /backend/.env /frontend ... show more Aggressive web search of vulnerable pages: /.env.local /.env /api/.env.local /backend/.env /frontend/.env.local ... show less	Web App Attack
🇦🇺 2000cn.com.au	2026-06-14 21:55:06 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇩🇪 updown.io	2026-06-14 21:54:57 (2 days ago)	{"level":"info","ts":1781474093.2076952,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781474093.2076952,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.185.238.97","remote_port":"60558","client_ip":"34.185.238.97","proto":"HTTP/1.1","method":"GET","host":"status-c0180-b062b2eb-e1a5-4078-a925-f7f276ed3aa3.provacy.com","uri":"/.env.copy","headers":{"User-Agent":["Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.84 Safari/537.36"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"status-c0180-b062b2eb-e1a5-4078-a925-f7f276ed3aa3.provacy.com","ech":false}},"bytes_read":0,"user_id":"","duration":0.000765803,"size":0,"status":429,"resp_headers":{"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"],"Server":["Caddy"]}} {"level":"info","ts":1781474093.2082164,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.185.238.97","remote_ ... show less	DDoS Attack Web App Attack
Anonymous	2026-06-14 21:43:19 (2 days ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇩🇪 Savvii	2026-06-14 16:14:37 (2 days ago)	82 attempts against mh-misbehave-ban on cloud	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-14 05:56:23 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 4server	2026-06-14 05:06:40 (2 days ago)	[SunJun1407:06:35.9663162026][security2:error][pid2210579:tid2210721][client34.185.238.97:0]ModSecur ... show more [SunJun1407:06:35.9663162026][security2:error][pid2210579:tid2210721][client34.185.238.97:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"\\\\\\\\.copy\$\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1170\"][id\"390586\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessbackupfile$disablethisruleifyourequireaccesstofilesthatendwith.copy$\"][severity\"CRITICAL\"][hostname\"www.swissholdinginvestments.ch.136-243-54-122.cpanel.site\"][uri\"/.env.copy\"][unique_id\"ai4220yBEwXnW5YeGnwtuAAAARg\"] show less	Port Scan Brute-Force Web App Attack
🇮🇹 VHosting	2026-06-14 04:50:03 (2 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇳🇱 debestelapp	2026-06-14 04:30:35 (2 days ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 03:03:35 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.185.238.97 (97.238.185.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.185.238.97 (97.238.185.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 23:03:32.159619 2026] [security2:error] [pid 28494:tid 28494] [client 34.185.238.97:52044] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "conversationtalentnetwork.com"] [uri "/.env.backup.txt"] [unique_id "ai4aBHuqdxZzel4LidddwQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.178.39.106

🇺🇸 207.49.5.10

🇳🇱 176.65.132.149

🇺🇸 164.92.82.91

🇨🇮 154.0.30.137

🇧🇩 103.51.53.48

🇳🇱 45.142.193.125

🇺🇸 45.79.207.111

🇺🇸 20.172.240.136

🇺🇸 20.169.105.34

🇺🇸 20.65.195.28

🇦🇺 20.5.130.110

🇺🇸 17.246.23.90

🇧🇷 186.216.200.74

🇺🇸 162.243.147.237

🇺🇸 155.254.20.79

🇺🇸 154.83.197.88

🇨🇳 121.226.176.244

🇰🇷 121.164.135.251

🇺🇸 103.234.62.3