JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.44.137.138

34.44.137.138 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	138.137.44.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	Council Bluffs, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.44.137.138

Whois 34.44.137.138

IP Abuse Reports for 34.44.137.138:

This IP address has been reported a total of 23 times from 22 distinct sources. 34.44.137.138 was first reported on June 15th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 taivas.nl	2026-06-16 04:33:09 (5 days ago)	Many_bad_calls	Web App Attack
🇦🇹 neo72	2026-06-15 14:01:20 (6 days ago)	Detected malicious activity - bulk block	Brute-Force Web App Attack
Anonymous	2026-06-15 07:41:14 (6 days ago)	34.44.137.138 - - [15/Jun/2026:09:41:13 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 433 " ... show more 34.44.137.138 - - [15/Jun/2026:09:41:13 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 433 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.44.137.138 - - [15/Jun/2026:09:41:13 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 433 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.44.137.138 - - [15/Jun/2026:09:41:13 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 433 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.44.137.138 - - [15/Jun/2026:09:41:13 +0200] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 433 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.44.137.138 - - [15/Jun/2026:09:41:13 +0200] "GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 433 ... show less	Brute-Force Web App Attack
🇧🇪 taivas.nl	2026-06-15 07:32:12 (6 days ago)	Bad_requests	Bad Web Bot
🇩🇪 big-cloud.nl	2026-06-15 07:23:20 (6 days ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇺🇸 nasset	2026-06-15 07:22:38 (6 days ago)	34.44.137.138 - - [15/Jun/2026:00:22:37 -0700] "GET /wp-includes/id3/license.txt/shop/wp-includes/wl ... show more 34.44.137.138 - - [15/Jun/2026:00:22:37 -0700] "GET /wp-includes/id3/license.txt/shop/wp-includes/wlwmanifest.xml HTTP/1.1" 403 647 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.44.137.138 - - [15/Jun/2026:00:22:37 -0700] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 403 647 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.44.137.138 - - [15/Jun/2026:00:22:37 -0700] "GET //shop/wp-includes/wlwmanifest.xml HTTP/1.1" 403 647 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.44.137.138 - - [15/Jun/2026:00:22:37 -0700] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 403 647 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.44.137.138 - - [15/Jun/2026:00:22:37 -0700] "GET /wp-includes/i ... show less	Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-06-15 07:22:24 (6 days ago)	(wordpress) Failed wordpress login from 34.44.137.138 (US/United States/Iowa/Council Bluffs/138.137. ... show more (wordpress) Failed wordpress login from 34.44.137.138 (US/United States/Iowa/Council Bluffs/138.137.44.34.bc.googleusercontent.com) show less	Brute-Force
Anonymous	2026-06-15 07:22:20 (6 days ago)	[redacted] 34.44.137.138 - - [15/Jun/2026:09:22:12 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" " ... show more [redacted] 34.44.137.138 - - [15/Jun/2026:09:22:12 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" [redacted] 34.44.137.138 - - [15/Jun/2026:09:22:13 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" [redacted] 34.44.137.138 - - [15/Jun/2026:09:22:13 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" [redacted] 34.44.137.138 - - [15/Jun/2026:09:22:15 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" marianische.de 34.44.137.138 - - [15/Jun/2026:09:22:15 +0200] "POST //xmlrpc.php ... show less	Hacking Web App Attack
Anonymous	2026-06-15 07:19:57 (6 days ago)	Web attack blocked by Wordfence on 1valkenburg.nl (1 hit). Reported by CRMON.	Web App Attack
🇳🇿 Antinson	2026-06-15 07:15:47 (6 days ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇺🇸 island-freaks.com	2026-06-15 07:13:04 (6 days ago)	Attack Type: Google Resource Bad Actor attempt on /wp-includes/id3/license.txt/feed/ \| DNS 138.137.4 ... show more Attack Type: Google Resource Bad Actor attempt on /wp-includes/id3/license.txt/feed/ \| DNS 138.137.44.34.bc.googleusercontent.com \| Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 show less	Port Scan Hacking Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 07:12:35 (6 days ago)	(mod_security) mod_security (id:225170) triggered by 34.44.137.138 (138.137.44.34.bc.googleuserconte ... show more (mod_security) mod_security (id:225170) triggered by 34.44.137.138 (138.137.44.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:12:31.168824 2026] [security2:error] [pid 26900:tid 26900] [client 34.44.137.138:49774] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mardensmith.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mardensmith.com"] [uri "/wordpress/wp-json/wp/v2/users/"] [unique_id "ai-l3-V0hefGSAMpAGotrwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-15 07:11:18 (6 days ago)	Wordpress Vunerability attack	Web App Attack
Anonymous	2026-06-15 07:07:03 (6 days ago)		Bad Web Bot Web App Attack
🇳🇴 jad-abuse	2026-06-15 07:05:23 (6 days ago)	ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. Obse ... show more ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. Observed by 1 sensor(s); 15 hits. show less	Brute-Force Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:9e8f:f001

🇵🇰 210.56.27.220

🇵🇰 210.56.12.205

🇺🇸 172.56.70.62

🇭🇰 154.221.20.92

🇳🇱 45.156.87.166

🇧🇷 45.5.141.67

🇲🇲 37.111.53.110

🇺🇸 18.116.101.220

🇰🇿 212.154.234.9

🇧🇷 205.210.31.249

🇮🇳 202.179.93.199

🇬🇧 185.216.145.182

🇫🇮 178.20.210.208

🇻🇳 171.244.37.103

🇺🇸 162.243.147.237

🇺🇸 162.144.12.37

🇩🇪 159.89.106.28

🇮🇳 125.19.253.154

🇮🇳 125.19.245.34