JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.28.223.124

34.28.223.124 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 87%: ?

87%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	124.223.28.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	Council Bluffs, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.28.223.124

Whois 34.28.223.124

IP Abuse Reports for 34.28.223.124:

This IP address has been reported a total of 25 times from 17 distinct sources. 34.28.223.124 was first reported on August 7th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-16 22:03:15 (1 day ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-15. show less	Web App Attack SSH Hacking
Anonymous	2026-06-15 17:19:12 (2 days ago)	Bot / seems abusive / Apache connections: 131	DDoS Attack Web Spam Bad Web Bot Web App Attack
🇪🇸 robotstxt	2026-06-15 13:22:16 (2 days ago)	34.28.223.124 - - [15/Jun/2026:13:22:12 +0000] "GET /mailer.zip HTTP/1.1" 404 180 "-" "Mozilla/5.0 ( ... show more 34.28.223.124 - - [15/Jun/2026:13:22:12 +0000] "GET /mailer.zip HTTP/1.1" 404 180 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" "-" 34.28.223.124 - - [15/Jun/2026:13:22:12 +0000] "GET /mail.zip HTTP/1.1" 404 180 "-" "Mozilla/5.0 (Linux; Android 8.0.0; d-02K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.105 Safari/537.36" "-" 34.28.223.124 - - [15/Jun/2026:13:22:15 +0000] "GET /mailer/sendgrid.js HTTP/1.1" 404 146 "-" "Mozilla/5.0 (Windows Phone 8.1; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; NOKIA; Lumia 530) like Gecko" "-" 34.28.223.124 - - [15/Jun/2026:13:22:15 +0000] "GET /mailer/sendgrid.py HTTP/1.1" 404 146 "-" "Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B334b Safari/531.21.10" "-" 34.28.223.124 - - [15/Jun/2026:13:22:15 +0000] "GET /mail/sendgrid.py HTTP/1.1" 404 146 "-" "POLARIS/6.01(BREW 3.1.5;U;en-us;LG;LX265;POLAR ... show less	Bad Web Bot
🇳🇱 wlt-blocker	2026-06-15 11:05:06 (2 days ago)	Unauthorized access to webpage admin	Web App Attack
🇺🇸 WellSpring	2026-06-15 09:52:07 (2 days ago)	env leak on liteehr.com/services/auth/.env — WellSpr.ing/NetSentinel civic-AI security layer	Web App Attack
🇳🇱 Site.eu	2026-06-15 06:15:05 (2 days ago)	Excessive multi-domain requests	Brute-Force
🇨🇭 zynex	2026-06-15 03:10:52 (2 days ago)	URL Probing: /services/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 00:34:00 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.28.223.124 (124.223.28.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.28.223.124 (124.223.28.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 20:33:52.905340 2026] [security2:error] [pid 7922:tid 7922] [client 34.28.223.124:41886] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mroxyge1.mroxygen.org"] [uri "/.env.prod"] [unique_id "ai9IcCqCoPQ01_CdG_u9WgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-15 00:08:51 (3 days ago)	Abuse Detected (17)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 23:44:50 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.28.223.124 (124.223.28.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.28.223.124 (124.223.28.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 19:44:42.524592 2026] [security2:error] [pid 21017:tid 21017] [client 34.28.223.124:48016] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coolcustomweddingproducts.benshermanguitar.com"] [uri "/api/.env.production"] [unique_id "ai886iPxpRQDV_NNaFgX8wAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 21:29:23 (3 days ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 10:04:16 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.28.223.124 (124.223.28.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.28.223.124 (124.223.28.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 06:04:08.977047 2026] [security2:error] [pid 15001:tid 15001] [client 34.28.223.124:46158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.secretbureau.net.virtualvideo.org"] [uri "/.env.dev"] [unique_id "ai58mLNm_8ngwZRXwhqq-AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 David Ferneding	2026-06-14 07:14:47 (3 days ago)	Blocked by UFW (TCP on 80) Source port: 40198 TTL: 59 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 40198 TTL: 59 Packet length: 60 TOS: 0x00 This report (for 34.28.223.124) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇧🇷 P1n4	2026-06-14 07:08:28 (3 days ago)	Heimdal IDS auto-block: sensitive_file (score=1.00)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 06:42:07 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.28.223.124 (124.223.28.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.28.223.124 (124.223.28.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 02:42:03.076101 2026] [security2:error] [pid 1018:tid 1018] [client 34.28.223.124:42216] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sandersgroundtest.ryanc.net"] [uri "/.env"] [unique_id "ai5NO9wLfrn5RY1_h7cSPAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 202.69.36.158

🇺🇸 165.154.182.230

🇺🇸 144.202.92.17

🇸🇬 144.48.6.26

🇺🇸 135.237.127.82

🇸🇬 107.155.56.47

🇰🇪 102.210.149.105

🇫🇷 85.217.140.38

🇺🇸 66.132.153.48

🇸🇬 47.82.8.174

🇲🇦 41.250.170.159

🇺🇸 18.119.209.50

🇷🇴 2.57.122.177

🇧🇷 201.17.133.138

🇺🇸 198.62.3.155

🇧🇷 187.110.233.23

🇨🇦 149.88.98.5

🇨🇳 113.140.22.110

🇧🇬 79.124.62.230

🇺🇸 54.193.126.38