JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.50.109.181

34.50.109.181 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	181.109.50.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.50.109.181

Whois 34.50.109.181

IP Abuse Reports for 34.50.109.181:

This IP address has been reported a total of 30 times from 21 distinct sources. 34.50.109.181 was first reported on June 8th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-09 22:04:23 (3 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08. show less	Web App Attack SSH Hacking
🇩🇪 FeG Deutschland	2026-06-09 13:40:53 (3 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇨🇭 4server	2026-06-09 12:25:08 (3 days ago)	[TueJun0914:25:04.7080212026][security2:error][pid1056146:tid1056612][client34.50.109.181:0]ModSecur ... show more [TueJun0914:25:04.7080212026][security2:error][pid1056146:tid1056612][client34.50.109.181:0]ModSecurity:Accessdeniedwithcode403$phase1$.Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"mio-ip.ch\"][uri\"/.git/config\"][unique_id\"aigGIOXfXq-L8fSImn5GeAAAAAU\"] show less	Hacking Web App Attack
🇺🇸 CBJ	2026-06-09 10:48:43 (3 days ago)	fail2ban: apache-filepath-recon ...	Web App Attack
🇦🇺 2000cn.com.au	2026-06-09 10:27:59 (3 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-09 07:50:51 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.50.109.181 (181.109.50.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.50.109.181 (181.109.50.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 03:50:48.063703 2026] [security2:error] [pid 6291:tid 6291] [client 34.50.109.181:49286] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.merrickarts.azbrooks.com"] [uri "/.git/config"] [unique_id "aifF2AMM8NXqSLKJedDCawAAAGI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 06:51:07 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.50.109.181 (181.109.50.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.50.109.181 (181.109.50.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 02:51:00.981988 2026] [security2:error] [pid 4735:tid 4735] [client 34.50.109.181:38074] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "store.go4food.com"] [uri "/.git/config"] [unique_id "aie31OOMzvlxiicTH2fjqgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 05:13:05 (3 days ago)	Bot / scanning and/or hacking attempts: GET /.git/config HTTP/1.1	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 05:10:22 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.50.109.181 (181.109.50.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.50.109.181 (181.109.50.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 01:10:16.159873 2026] [security2:error] [pid 7525:tid 7525] [client 34.50.109.181:41712] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kinatalton.taltonfamily.com"] [uri "/.git/config"] [unique_id "aiegOGrjfTg7PCfNbF98UgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 🇨🇭 Hosting	2026-06-09 05:10:19 (3 days ago)	Automated WAF report: 125-150 blocked requests from this IP detected by our WAF.	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 01:36:12 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 34.50.109.181 (181.109.50.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.50.109.181 (181.109.50.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 21:36:08.530551 2026] [security2:error] [pid 19315:tid 19337] [client 34.50.109.181:45356] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.promoralchoice.thebiglies.com"] [uri "/.git/config"] [unique_id "aiduCMIHEskT7xcpsAfjWQAAAJM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-08 22:00:42 (4 days ago)	Auto-ban: >3000 req/min op 2026-06-08	Web App Attack SSH Hacking
🇳🇱 ConsulHosting	2026-06-08 19:47:58 (4 days ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇳🇱 Site.eu	2026-06-08 19:21:16 (4 days ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 itsnixk	2026-06-08 18:55:47 (4 days ago)	(mod_security) mod_security (id:920350) triggered by 34.50.109.181 (ID/Indonesia/181.109.50.34.bc.go ... show more (mod_security) mod_security (id:920350) triggered by 34.50.109.181 (ID/Indonesia/181.109.50.34.bc.googleusercontent.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Mon Jun 08 14:55:44.395395 2026] [security2:error] [pid 55642:tid 55761] [client 34.50.109.181:33598] ModSecurity: Access denied with code 406 (phase 1). Pattern match "(?:^([\\\\d.]+\|\\\\[[\\\\da-f:]+\\\\]\|[\\\\da-f:]+)(:[\\\\d]+)?$)" at REQUEST_HEADERS:Host. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "773"] [id "920350"] [msg "Host header is a numeric IP address"] [redacted] [severity "WARNING"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/.env"] [unique_id "aicQMMr6hwfiMt1uincUcgAAAGQ"] show less	Port Scan

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 174.35.25.177

🇺🇸 150.136.214.177

🇺🇸 107.150.96.116

🇺🇸 65.111.9.241

🇫🇮 62.60.254.43

🇨🇳 47.93.12.204

🇨🇳 39.67.144.189

🇬🇧 37.10.113.213

🇧🇪 34.140.130.179

🇧🇪 34.62.192.213

🇺🇸 20.65.194.38

🇺🇸 20.64.104.251

🇫🇷 2a01:e0a:db4:4450:42a8:f0ff:fe4e:edd4

🇬🇧 195.206.182.195

🇩🇪 167.94.146.51

🇺🇸 162.216.149.249

🇺🇸 147.185.132.190

🇺🇸 147.185.132.17

🇺🇸 104.207.45.239

🇫🇷 91.231.89.159