JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.40.41.192

34.40.41.192 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 97%: ?

97%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	192.41.40.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.40.41.192

Whois 34.40.41.192

IP Abuse Reports for 34.40.41.192:

This IP address has been reported a total of 22 times from 16 distinct sources. 34.40.41.192 was first reported on June 8th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 NoaQT	2026-06-09 13:33:03 (2 hours ago)	2026-06-09T13:33:02.870013+00:00 ingress-1 haproxy[2869]: 34.40.41.192:46618 [09/Jun/2026:13:33:02.8 ... show more 2026-06-09T13:33:02.870013+00:00 ingress-1 haproxy[2869]: 34.40.41.192:46618 [09/Jun/2026:13:33:02.868] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 245/216/0/0/0 0/0 "GET /api/actuator/logfile HTTP/1.1" 2026-06-09T13:33:02.879629+00:00 ingress-1 haproxy[2869]: 34.40.41.192:46666 [09/Jun/2026:13:33:02.879] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 248/219/0/0/0 0/0 "GET /app/actuator/heapdump HTTP/1.1" 2026-06-09T13:33:02.881248+00:00 ingress-1 haproxy[2869]: 34.40.41.192:46638 [09/Jun/2026:13:33:02.880] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 247/218/0/0/0 0/0 "GET /api/configprops HTTP/1.1" 2026-06-09T13:33:02.882414+00:00 ingress-1 haproxy[2869]: 34.40.41.192:46654 [09/Jun/2026:13:33:02.881] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 246/217/0/0/0 0/0 "GET /api/heapdump HTTP/1.1" 2026-06-09T13:33:02.883536+00:00 ingress-1 haproxy[2869]: 34.40.41.192:46630 [09/Jun/2026:13:33:02.882] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 ... show less	DDoS Attack
🇩🇪 4server	2026-06-09 11:17:11 (5 hours ago)	[TueJun0913:17:06.0314712026][security2:error][pid2816944:tid2817028][client34.40.41.192:0]ModSecuri ... show more [TueJun0913:17:06.0314712026][security2:error][pid2816944:tid2817028][client34.40.41.192:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"schneider-tools.ch\"][uri\"/actuator/threaddump\"][unique_id\"aif2MjUKPyK_yqon9N0_6gAAAYI\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 10:56:50 (5 hours ago)	(mod_security) mod_security (id:210730) triggered by 34.40.41.192 (192.41.40.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210730) triggered by 34.40.41.192 (192.41.40.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 06:56:46.463279 2026] [security2:error] [pid 10785:tid 10785] [client 34.40.41.192:56846] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|etudesoftware.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "etudesoftware.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "aifxbjVmAyeLtCppn_IX9wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 08:16:05 (8 hours ago)	(mod_security) mod_security (id:210730) triggered by 34.40.41.192 (192.41.40.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210730) triggered by 34.40.41.192 (192.41.40.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 04:15:58.142956 2026] [security2:error] [pid 31491:tid 31516] [client 34.40.41.192:43138] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|dasperformance.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dasperformance.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "aifLvnBOsaI8Ya2Uo6Y3ugAAAJY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 08:00:42 (8 hours ago)	34.40.41.192 - - [09/Jun/2026:10:00:41 +0200] "GET /dump HTTP/1.1" 404 184 "-" "Mozilla/5.0 (Linux; ... show more 34.40.41.192 - - [09/Jun/2026:10:00:41 +0200] "GET /dump HTTP/1.1" 404 184 "-" "Mozilla/5.0 (Linux; Android 7.0; Alcatel_5044R) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" 34.40.41.192 - - [09/Jun/2026:10:00:41 +0200] "GET /v1/actuator/heapdump HTTP/1.1" 404 124 "-" "Mozilla/5.0 (iPad; CPU OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko ) Version/5.1 Mobile/9B176 Safari/7534.48.3" 34.40.41.192 - - [09/Jun/2026:10:00:41 +0200] "GET /v1/actuator/env HTTP/1.1" 404 184 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Safari/537.36" 34.40.41.192 - - [09/Jun/2026:10:00:41 +0200] "GET /v1/actuator/configprops HTTP/1.1" 404 124 "-" "Mozilla/5.0 (X11; Linux i686 on x86_64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" 34.40.41.192 - - [09/Jun/2026:10:00:41 +0200] "GET /v2/actuator/heapdump HTTP/1.1" 404 184 "-" "Mozilla/5.0 (Linux; Android 9; SM-J701F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3 ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 04:01:49 (12 hours ago)	(mod_security) mod_security (id:210730) triggered by 34.40.41.192 (192.41.40.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210730) triggered by 34.40.41.192 (192.41.40.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 00:01:45.709441 2026] [security2:error] [pid 20975:tid 20975] [client 34.40.41.192:45596] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|tommckee.tunabay.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "tommckee.tunabay.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "aieQKV7uUJjC0pg4sAaglQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 EGP Abuse Dept	2026-06-09 02:22:59 (13 hours ago)	Scanning for web/db/file exploits on www.maasdael.nl	SQL Injection Bad Web Bot Web App Attack
🇳🇱 Cloud86 B.V.	2026-06-09 01:39:05 (14 hours ago)	categories: DDoS Attack	DDoS Attack
Anonymous	2026-06-09 01:11:15 (15 hours ago)	Multiple, malicious web requests detected	Port Scan Hacking
🇳🇱 homeshowdomain.nl	2026-06-08 22:02:17 (18 hours ago)	Auto-ban: >3000 req/min op 2026-06-08	Web App Attack SSH Hacking
🇳🇱 Site.eu	2026-06-08 21:32:27 (18 hours ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-08 18:07:04 (22 hours ago)	(mod_security) mod_security (id:210492) triggered by 34.40.41.192 (192.41.40.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.40.41.192 (192.41.40.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 14:06:56.299107 2026] [security2:error] [pid 3081:tid 3081] [client 34.40.41.192:59190] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starthreadingsalon.com"] [uri "/.env.backup"] [unique_id "aicEwNy7S31IVbtaXC6Y3wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-08 14:31:54 (1 day ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 13:34:21 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 34.40.41.192 (192.41.40.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.40.41.192 (192.41.40.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 09:34:15.072356 2026] [security2:error] [pid 31434:tid 31434] [client 34.40.41.192:58142] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "i-spose.com"] [uri "/.env.backup.txt"] [unique_id "aibE1wE7dUhyJbbkhmRgIQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 13:08:02 (1 day ago)	Multiple web server 400 error codes from same source ip	Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 183.6.118.248

🇳🇱 176.65.149.236

🇺🇸 132.148.22.172

🇩🇪 213.209.159.56

🇺🇸 194.62.107.209

🇳🇱 193.176.31.196

🇨🇳 183.195.135.222

🇨🇳 182.119.231.38

🇭🇰 152.32.213.68

🇨🇳 111.113.89.55

🇨🇳 110.87.174.125

🇳🇱 85.11.167.7

🇱🇹 81.30.98.44

🇳🇱 20.123.146.94

🇷🇴 2.57.122.177

🇨🇳 223.199.160.59

🇨🇳 221.0.8.160

🇺🇸 173.252.69.37

🇫🇮 147.185.133.104

🇺🇸 147.185.132.93