JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.22.160.102

34.22.160.102 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 63%: ?

63%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	102.160.22.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇧🇪 Belgium
City	Brussels, Brussels Capital

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.22.160.102

Whois 34.22.160.102

IP Abuse Reports for 34.22.160.102:

This IP address has been reported a total of 15 times from 14 distinct sources. 34.22.160.102 was first reported on May 22nd 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇴 andreighitan	2026-06-01 00:00:00 (5 days ago)	Coordinated GCP credential-harvesting campaign against 84.46.253.134. Targeted GCP service account k ... show more Coordinated GCP credential-harvesting campaign against 84.46.253.134. Targeted GCP service account keys + Firebase credentials. ZAC Bayern ref BY0257-500359-26/8. show less	Brute-Force
🇩🇪 David Ferneding	2026-05-29 07:21:22 (1 week ago)	Blocked by UFW (TCP on 80) Source port: 38120 TTL: 59 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 38120 TTL: 59 Packet length: 60 TOS: 0x00 This report (for 34.22.160.102) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇩🇪 Blexyel	2026-05-27 09:46:35 (1 week ago)	34.22.160.102 - - [27/May/2026:11:46:30 +0200] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 ... show more 34.22.160.102 - - [27/May/2026:11:46:30 +0200] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Brute-Force Web App Attack
🇬🇧 pinguin	2026-05-27 09:45:54 (1 week ago)	Triggered Cloudflare WAF (firewallManaged) from BE. Action taken: LOG Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallManaged) from BE. Action taken: LOG Protocol: HTTP/2 (GET method) Endpoint: /info.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇨🇭 leo1305	2026-05-27 07:16:14 (1 week ago)	CrowdSec detection \| scenario: CVE-2017-9841	Web App Attack Exploited Host
🇳🇱 Webhoster	2026-05-25 20:17:05 (1 week ago)	{"ClientAddr":"104.23.225.192:10366","ClientHost":"34.22.160.102","ClientPort":"10366","ClientUserna ... show more {"ClientAddr":"104.23.225.192:10366","ClientHost":"34.22.160.102","ClientPort":"10366","ClientUsername":"-","DownstreamContentSize":0,"DownstreamStatus":403,"Duration":18590554,"OriginContentSize":0,"OriginDuration":0,"OriginStatus":0,"Overhead":18590554,"RequestAddr":"phpmyadmin.timvdberg.dev","RequestContentSize":0,"RequestCount":26321,"RequestHost":"phpmyadmin.timvdberg.dev","RequestMethod":"GET","RequestPath":"/.env","RequestPort":"-","RequestProtocol":"HTTP/2.0","RequestScheme":"https","RetryAttempts":0,"RouterName":"https-0-g781j1l22qyid4grmjq8a0lf-phpmyadmin@docker","StartLocal":"2026-05-25T20:17:03.648505238Z","StartUTC":"2026-05-25T20:17:03.648505238Z","TLSCipher":"TLS_AES_128_GCM_SHA256","TLSVersion":"1.3","entryPointName":"https","level":"info","msg":"","request_Cf-Connecting-Ip":"34.22.160.102","request_X-Forwarded-For":"34.22.160.102","request_X-Real-Ip":"104.23.225.192","time":"2026-05-25T20:17:03Z"} {"ClientAddr":"172.68.151.108:13246","ClientHost":"34.22.160.102","Clien ... show less	Port Scan Hacking Bad Web Bot Web App Attack
🇸🇪 vaia.cloud	2026-05-25 16:36:02 (1 week ago)	trying wp-login.php/xmlrpc.php 36 times in 1 minutes	Brute-Force Web App Attack
🇦🇺 AWW-Admin	2026-05-25 06:06:44 (1 week ago)	(mod_security) mod_security triggered on hostname [redacted] 34.22.160.102 (BE/Belgium/102.160.22.34 ... show more (mod_security) mod_security triggered on hostname [redacted] 34.22.160.102 (BE/Belgium/102.160.22.34.bc.googleusercontent.com) show less	SQL Injection
Anonymous	2026-05-24 10:19:47 (1 week ago)	34.22.160.102 - - [24/May/2026:12:19:46 +0200] "GET /.env HTTP/1.1" 403 3966 "-" "Mozilla/5.0" ...	Brute-Force Web App Attack
🇫🇮 sw0ok	2026-05-24 08:05:17 (1 week ago)	time="2026-05-24T08:05:12Z" level=info msg="Access to https://portainer.sw0ok.dev/.env (method GET) ... show more time="2026-05-24T08:05:12Z" level=info msg="Access to https://portainer.sw0ok.dev/.env (method GET) is not authorized to user <anonymous>, responding with status code 401 with location redirect to https://auth.sw0ok.dev/?rd=https%3A%2F%2Fportainer.sw0ok.dev%2F.env&rm=GET" method=GET path=/api/authz/forward-auth remote_ip=34.22.160.102 time="2026-05-24T08:05:14Z" level=info msg="Access to https://portainer.sw0ok.dev/.git/config (method GET) is not authorized to user <anonymous>, responding with status code 401 with location redirect to https://auth.sw0ok.dev/?rd=https%3A%2F%2Fportainer.sw0ok.dev%2F.git%2Fconfig&rm=GET" method=GET path=/api/authz/forward-auth remote_ip=34.22.160.102 time="2026-05-24T08:05:15Z" level=info msg="Access to https://portainer.sw0ok.dev/.env (method GET) is not authorized to user <anonymous>, responding with status code 401 with location redirect to https://auth.sw0ok.dev/?rd=https%3A%2F%2Fportainer.sw0ok.dev%2F.env&rm=GET" method=GET path=/api/authz/forward-au ... show less	Brute-Force
🇺🇸 ph	2026-05-23 22:37:46 (1 week ago)	Bad web bot attempting to run wp-content on non-WP site	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-23 05:37:16 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 34.22.160.102 (102.160.22.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.22.160.102 (102.160.22.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 01:37:10.048543 2026] [security2:error] [pid 14204:tid 14216] [client 34.22.160.102:49090] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "peoplewith.ai"] [uri "/.env"] [unique_id "ahE9BlmS2c8uZkxATG6qngAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 pinguin	2026-05-22 13:14:37 (2 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from BE. Action taken: BLOCK Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallCustom) from BE. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: /google-services.json UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-05-22 09:10:04 (2 weeks ago)	Try to connect to Port_Scan_443_stealth	Port Scan
🇩🇪 Ba-Yu	2026-05-22 07:53:47 (2 weeks ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 163.7.6.41

🇯🇵 160.251.197.41

🇬🇧 35.203.211.38

🇦🇪 20.203.42.204

🇱🇹 81.30.98.49

🇺🇸 72.18.83.212

🇭🇰 152.32.171.213

🇺🇸 147.185.132.227

🇻🇳 116.110.159.36

🇺🇸 113.20.0.58

🇺🇸 100.29.192.117

🇳🇱 45.87.249.200

🇺🇸 18.218.59.105

🇻🇪 190.153.101.153

🇩🇪 167.94.146.43

🇭🇰 144.48.241.162

🇨🇳 111.9.22.102

🇩🇪 89.106.74.106

🇳🇱 45.148.10.183

🇬🇧 35.203.211.108