JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.50.18.136

34.50.18.136 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	136.18.50.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.50.18.136

Whois 34.50.18.136

IP Abuse Reports for 34.50.18.136:

This IP address has been reported a total of 32 times from 26 distinct sources. 34.50.18.136 was first reported on June 8th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-11 18:27:45 (4 days ago)	34.50.18.136 - - [11/Jun/2026:20:27:42 +0200] "GET /env.backup HTTP/1.1" 404 441 "-" "Mozilla/5.0 (M ... show more 34.50.18.136 - - [11/Jun/2026:20:27:42 +0200] "GET /env.backup HTTP/1.1" 404 441 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36" 34.50.18.136 - - [11/Jun/2026:20:27:42 +0200] "GET /env.backup HTTP/1.1" 404 244 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36" 34.50.18.136 - - [11/Jun/2026:20:27:42 +0200] "GET /.env.stage HTTP/1.1" 404 441 "-" "Mozilla/5.0 (Linux; U; Android 4.1; en-us; sdk Build/MR1) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.1 Safari/534.30" 34.50.18.136 - - [11/Jun/2026:20:27:42 +0200] "GET /.env.stage HTTP/1.1" 404 244 "-" "Mozilla/5.0 (Linux; U; Android 4.1; en-us; sdk Build/MR1) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.1 Safari/534.30" 34.50.18.136 - - [11/Jun/2026:20:27:42 +0200] "GET /.env.copy HTTP/1.1" 404 441 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Geck ... show less	Bad Web Bot Web App Attack
Anonymous	2026-06-11 10:10:05 (4 days ago)	Bot / scanning and/or hacking attempts: GET /apps/backend/.env HTTP/1.1, GET /env.old HTTP/1.1, GET ... show more Bot / scanning and/or hacking attempts: GET /apps/backend/.env HTTP/1.1, GET /env.old HTTP/1.1, GET /.env.production.local HTTP/1.1, GET /production/.env HTTP/1.1, GET /.env HTTP/1.1, GET /release/.env HTTP/1.1 show less	Hacking Web App Attack
🇨🇭 🇨🇭 Hosting	2026-06-11 05:10:20 (4 days ago)	Automated WAF report: 100-125 blocked requests from this IP detected by our WAF.	Bad Web Bot Web App Attack
🇩🇪 IVski	2026-06-10 22:14:08 (5 days ago)	IVski WAF \| Sensitive file probe detected - looking for .env	Port Scan Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-10 22:01:44 (5 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-09. show less	Web App Attack SSH Hacking
🇩🇪 updown.io	2026-06-10 15:36:07 (5 days ago)	{"level":"info","ts":1781105765.8548539,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781105765.8548539,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.50.18.136","remote_port":"56144","client_ip":"34.50.18.136","proto":"HTTP/1.1","method":"GET","host":"status.trillianthealth.com","uri":"/.env.pre-production","headers":{"User-Agent":["Opera/7.50 (Windows XP; U)"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"status.trillianthealth.com","ech":false}},"bytes_read":0,"user_id":"","duration":0.000957588,"size":0,"status":429,"resp_headers":{"Retry-After":["1"],"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"]}} {"level":"info","ts":1781105765.8558536,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.50.18.136","remote_port":"56018","client_ip":"34.50.18.136","proto":"HTTP/1.1","method":"GET","host":"status.trillianthealth.com","uri":"/.env.docker","headers":{"User-A ... show less	DDoS Attack Web App Attack
🇫🇷 masterguru	2026-06-10 10:50:20 (5 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.50.18.136 (KR/South Korea/136.18.5 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.50.18.136 (KR/South Korea/136.18.50.34.bc.googleusercontent.com): 1 in the last 3600 secs (0-195) show less	Hacking
🇳🇱 e.fierstra	2026-06-10 03:31:24 (5 days ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-10 02:48:08 (5 days ago)	Excessive multi-domain requests	Brute-Force
🇦🇺 screwlooseit.com.au	2026-06-09 22:42:50 (6 days ago)	Blocked by CSF 13 firewall - Rule: US/United States/136.18.50.34.bc.googleusercontent.com	Web App Attack
🇩🇪 BlueWire Hosting	2026-06-09 22:38:29 (6 days ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇨🇭 4server	2026-06-09 22:12:54 (6 days ago)	[WedJun1000:12:50.3238852026][security2:error][pid3115891:tid3117205][client34.50.18.136:0]ModSecuri ... show more [WedJun1000:12:50.3238852026][security2:error][pid3115891:tid3117205][client34.50.18.136:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"www.fisioterapiafalzone.ch\"][uri\"/.env.backup\"][unique_id\"aiiP4hRxXNmpT8sarTW3rwAAARY\"] show less	Hacking Web App Attack
🇩🇪 Ba-Yu	2026-06-09 12:01:00 (6 days ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇱🇹 NotACaptcha	2026-06-09 10:49:51 (6 days ago)	webserver:443 [09/Jun/2026] "GET /v3/.env HTTP/1.1" 302 4258 "-" "Mozilla/5.0 (Linux; Android 9; SM ... show more webserver:443 [09/Jun/2026] "GET /v3/.env HTTP/1.1" 302 4258 "-" "Mozilla/5.0 (Linux; Android 9; SM-N950U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36" webserver:443 [09/Jun/2026] "GET /v1/.env HTTP/1.1" 302 4258 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3890.0 Safari/537.36" webserver:443 [09/Jun/2026] "GET /v2/.env HTTP/1.1" 302 4258 "-" "Mozilla/5.0 (Linux; Android 9; Pixel 3 XL) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" webserver:443 [09/Jun/2026] "GET /prod/.env HTTP/1.1" 302 4262 "-" "Mozilla/5.0 (Linux; Android 8.1.0; Redmi Note 5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36" webserver:443 [09/Jun/2026] "GET /api/v2/.env HTTP/1.1" 302 4266 "-" "Mozilla/5.0 (Linux; Android 8.1.0; LM-Q710.FG) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.101 Mobile Safari/537.36" webserver:443 [09/Jun/2026] "GET /.en... show less	Web App Attack
Anonymous	2026-06-09 07:23:16 (6 days ago)	(caddyscan) Scanner path probe from 34.50.18.136 (KR/South Korea/136.18.50.34.bc.googleusercontent.c ... show more (caddyscan) Scanner path probe from 34.50.18.136 (KR/South Korea/136.18.50.34.bc.googleusercontent.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 34.50.18.136 - - [09/Jun/2026:07:23:14 +0000] "GET /.env.local.bak HTTP/1.1" [REDACTED] 200 2627 34.50.18.136 - - [09/Jun/2026:07:23:14 +0000] "GET /.env.txt HTTP/1.1" [REDACTED] 200 2627 34.50.18.136 - - [09/Jun/2026:07:23:14 +0000] "GET /.env.save HTTP/1.1" [REDACTED] 200 2627 34.50.18.136 - - [09/Jun/2026:07:23:14 +0000] "GET /.env.dev.local HTTP/1.1" [REDACTED] 200 2627 34.50.18.136 - - [09/Jun/2026:07:23:14 +0000] "GET /.env.dist HTTP/1.1" show less	Port Scan

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:9623:1001

🇺🇸 205.210.31.19

🇹🇼 198.235.24.40

🇳🇱 138.226.239.44

🇷🇺 109.184.212.29

🇪🇸 87.220.212.248

🇩🇪 87.106.187.122

🇨🇳 60.223.239.151

🇺🇸 2607:f8b0:400e:c08::127

🇺🇸 216.25.89.106

🇺🇸 205.210.31.53

🇳🇱 204.76.203.206

🇯🇵 203.25.124.212

🇻🇳 115.78.236.124

🇮🇩 103.124.138.26

🇮🇳 103.102.119.245

🇫🇷 89.90.172.206

🇷🇴 80.94.92.186

🇺🇸 66.132.195.59

🇺🇸 64.62.156.32