JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.39.239.97

34.39.239.97 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 45%: ?

45%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	97.239.39.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇧🇷 Brazil
City	Sao Paulo, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.39.239.97

Whois 34.39.239.97

IP Abuse Reports for 34.39.239.97:

This IP address has been reported a total of 28 times from 19 distinct sources. 34.39.239.97 was first reported on May 10th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-15 22:04:33 (1 month ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-14. show less	Web App Attack SSH Hacking
🇨🇦 polycoda	2026-05-15 10:08:21 (1 month ago)	AutoBlock: 🎯 Vulnerability Scanner (Non Decay-Based)	Hacking Web App Attack
🇫🇷 masterguru	2026-05-15 08:38:27 (1 month ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-195)	Hacking Web App Attack
🇺🇸 mawan	2026-05-15 07:55:33 (1 month ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
🇺🇸 TPI-Abuse	2026-05-15 06:21:30 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 34.39.239.97 (97.239.39.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.39.239.97 (97.239.39.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 02:21:23.138532 2026] [security2:error] [pid 15665:tid 15665] [client 34.39.239.97:47744] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mobi-app-licious.com.fiyaplatform.com"] [uri "/.env.development.local"] [unique_id "aga7YwFaLDBzVjUISHZNEQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-05-15 06:11:07 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇸🇪 nekopavel	2026-05-15 03:24:14 (1 month ago)	34.39.239.97 - - [15/May/2026:05:24:11 +0200]"GET /.env.local HTTP/1.1" 404 178"-" autodiscover.neko ... show more 34.39.239.97 - - [15/May/2026:05:24:11 +0200]"GET /.env.local HTTP/1.1" 404 178"-" autodiscover.neko.chat "Mozilla/5.0 (Linux; Android 8.0.0; SM-G935V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36""0.000" "0.001""S\xC3\xA3o Paulo" "BR" 34.39.239.97 - - [15/May/2026:05:24:11 +0200]"GET /api/.env HTTP/1.1" 404 178"-" autodiscover.neko.chat "Mozilla/5.0 (Windows NT 6.2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 OPR/62.0.3331.116""0.001" "0.000""S\xC3\xA3o Paulo" "BR" 34.39.239.97 - - [15/May/2026:05:24:11 +0200]"GET /app/.env HTTP/1.1" 404 178"-" autodiscover.neko.chat "Mozilla/5.0 (Linux; Android 7.1.2; Redmi 4X) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36""0.001" "0.000""S\xC3\xA3o Paulo" "BR" ... show less	Hacking Bad Web Bot Web App Attack
Anonymous	2026-05-15 02:21:41 (1 month ago)	(caddyscan) Scanner path probe from 34.39.239.97 (BR/Brazil/97.239.39.34.bc.googleusercontent.com): ... show more (caddyscan) Scanner path probe from 34.39.239.97 (BR/Brazil/97.239.39.34.bc.googleusercontent.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 34.39.239.97 - - [15/May/2026:02:21:36 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 34.39.239.97 - - [15/May/2026:02:21:36 +0000] "GET /.env.dev.local HTTP/1.1" [REDACTED] 200 2627 34.39.239.97 - - [15/May/2026:02:21:36 +0000] "GET /.env.development.local HTTP/1.1" [REDACTED] 200 2627 34.39.239.97 - - [15/May/2026:02:21:36 +0000] "GET /.env.local HTTP/1.1" [REDACTED] 200 2627 34.39.239.97 - - [15/May/2026:02:21:36 +0000] "GET /app/.env HTTP/1.1" show less	Port Scan
🇺🇸 TPI-Abuse	2026-05-15 01:28:58 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 34.39.239.97 (97.239.39.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.39.239.97 (97.239.39.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 14 21:28:51.919976 2026] [security2:error] [pid 19555:tid 19555] [client 34.39.239.97:46758] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rums-of-the-world.com"] [uri "/admin/.env"] [unique_id "agZ2067wlclTzGkRYIBgNQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-05-15 00:46:54 (1 month ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
Anonymous	2026-05-15 00:26:04 (1 month ago)	(PERMBLOCK) 34.39.239.97 (BR/Brazil/97.239.39.34.bc.googleusercontent.com) has had more than 4 temp ... show more (PERMBLOCK) 34.39.239.97 (BR/Brazil/97.239.39.34.bc.googleusercontent.com) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs: show less	Port Scan
🇺🇸 TPI-Abuse	2026-05-14 23:43:11 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 34.39.239.97 (97.239.39.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.39.239.97 (97.239.39.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 14 19:43:06.029654 2026] [security2:error] [pid 10883:tid 10883] [client 34.39.239.97:50026] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sneedvillefarmersmarket.com"] [uri "/.env"] [unique_id "agZeClf0kRfyXo2_fLXhKgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-05-14 23:05:45 (1 month ago)	Scanning/Probing (20)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-14 22:48:36 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 34.39.239.97 (97.239.39.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.39.239.97 (97.239.39.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 14 18:48:31.227618 2026] [security2:error] [pid 32354:tid 32354] [client 34.39.239.97:33296] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.md20lf.org.ithacalions.com"] [uri "/admin/.env"] [unique_id "agZRP0DG7tt_8t4xuv-RhQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-05-14 22:48:34 (1 month ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 2001:861:214:72f0:1937:aac1:bfa9:cee4

🇩🇪 69.5.169.222

🇩🇪 69.5.169.183

🇬🇧 35.203.211.141

🇲🇩 2a03:f680:fe03:2dd1:c196:672a:12be:6c7a

🇸🇦 2001:16a2:c45d:2000:3ce1:e2f7:5fc0:730e

🇸🇦 2001:16a2:c378:ea67:2011:1f35:98a8:2b24

🇫🇷 2001:861:3890:db40:5ad:d3df:42f6:a77d

🇬🇧 195.206.182.197

🇩🇪 193.124.20.244

🇺🇸 172.202.118.69

🇳🇱 160.119.71.12

🇨🇳 115.220.156.56

🇺🇸 103.203.57.2

🇬🇧 87.236.176.201

🇫🇷 85.204.70.90

🇩🇪 69.5.169.234

🇳🇱 45.148.10.141

🇹🇼 202.39.153.245

🇬🇧 188.240.59.18