JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.64.197.242

34.64.197.242 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 100%: ?

100%

ISP	Google Asia Pacific Pte. Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	242.197.64.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.64.197.242

Whois 34.64.197.242

IP Abuse Reports for 34.64.197.242:

This IP address has been reported a total of 20 times from 17 distinct sources. 34.64.197.242 was first reported on June 13th 2026, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-14 04:06:41 (5 hours ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇳🇱 Site.eu	2026-06-13 17:27:35 (15 hours ago)	Excessive multi-domain requests	Brute-Force
🇳🇱 wlt-blocker	2026-06-13 16:47:41 (16 hours ago)	Unauthorized access to webpage admin	Web App Attack
🇳🇱 Savvii	2026-06-13 16:14:53 (17 hours ago)	20 attempts against mh-misbehave-ban on flow	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 16:00:04 (17 hours ago)	\| Suspicious URL access.	Web App Attack Hacking SQL Injection
🇺🇸 TPI-Abuse	2026-06-13 15:05:18 (18 hours ago)	(mod_security) mod_security (id:210730) triggered by 34.64.197.242 (242.197.64.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210730) triggered by 34.64.197.242 (242.197.64.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 11:05:15.319422 2026] [security2:error] [pid 15508:tid 15508] [client 34.64.197.242:39932] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mofcolorado.com.mykelmilur.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mofcolorado.com.mykelmilur.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai1xq6rJ9sxNz8M1XYIUGwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 pipeline.es	2026-06-13 14:13:24 (19 hours ago)	Web scanning / probing for vulnerable paths \| URL: /k8s.yml \| Evidence: tochaviagens.pt 34.64.197.24 ... show more Web scanning / probing for vulnerable paths \| URL: /k8s.yml \| Evidence: tochaviagens.pt 34.64.197.242 - - [13/Jun/2026:16:12:15 +0200] \"GET /k8s.yml HTTP/1.1\" 404 20688 \"-\" \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.42 Safari/537.36\" GEOIP_COUNTRY_CODE=KR \| ASN: GOOGLE-CLOUD-PLATFORM \| Country: KR show less	Port Scan Web App Attack
Anonymous	2026-06-13 12:28:48 (20 hours ago)	Banned by Fail2Ban on server	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 12:20:04 (20 hours ago)	(mod_security) mod_security (id:210730) triggered by 34.64.197.242 (242.197.64.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210730) triggered by 34.64.197.242 (242.197.64.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 08:19:56.076618 2026] [security2:error] [pid 8258:tid 8258] [client 34.64.197.242:47126] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ianmagarzo.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ianmagarzo.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai1K7A7cA0u8vsxbjNA8lgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-13 11:57:16 (21 hours ago)	Restricted File Access Attempt. Matched phrase ".aws/" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇩🇪 rh24	2026-06-13 11:45:36 (21 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 34.64.197.242 (KR/South Korea/242.197.6 ... show more (mod_security) mod_security triggered on hostname [redacted] 34.64.197.242 (KR/South Korea/242.197.64.34.bc.googleusercontent.com) show less	SQL Injection
Anonymous	2026-06-13 11:25:32 (21 hours ago)	(caddyscan) Scanner path probe from 34.64.197.242 (KR/South Korea/242.197.64.34.bc.googleusercontent ... show more (caddyscan) Scanner path probe from 34.64.197.242 (KR/South Korea/242.197.64.34.bc.googleusercontent.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 34.64.197.242 - - [13/Jun/2026:11:25:28 +0000] "GET /actuator/heapdump HTTP/1.1" [REDACTED] 200 2627 34.64.197.242 - - [13/Jun/2026:11:25:29 +0000] "GET /actuator/threaddump HTTP/1.1" [REDACTED] 200 2627 34.64.197.242 - - [13/Jun/2026:11:25:29 +0000] "GET /config/.aws/credentials HTTP/1.1" [REDACTED] 200 2627 34.64.197.242 - - [13/Jun/2026:11:25:29 +0000] "GET /actuator/httptrace HTTP/1.1" [REDACTED] 200 2627 34.64.197.242 - - [13/Jun/2026:11:25:29 +0000] "GET /v2/actuator/configprops HTTP/1.1" show less	Port Scan
🇬🇧 poundawebsiteltd	2026-06-13 09:50:13 (23 hours ago)	Malicious activity in apache-honeypot. Evidence: [REDACTED_DOMAIN]:443 34.64.197.242 - - [13/Jun/202 ... show more Malicious activity in apache-honeypot. Evidence: [REDACTED_DOMAIN]:443 34.64.197.242 - - [13/Jun/2026:10:50:10 +0100] GET /v2/actuator/heapdump HTTP/1.1 301 3554 - Mozilla/5.0 (Linux; U; Android 6.0; zh-CN; KNT-UL10 Build/HUAWEIKNT-UL10) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 Quark/3.0.2.943 Mobile Safari/537.36 show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 08:15:43 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 34.64.197.242 (242.197.64.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210730) triggered by 34.64.197.242 (242.197.64.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:15:39.170720 2026] [security2:error] [pid 4366:tid 4366] [client 34.64.197.242:41906] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|rohn.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "rohn.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai0Rq66KwBl43RH-KkEUBgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 07:57:55 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 34.64.197.242 (242.197.64.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210730) triggered by 34.64.197.242 (242.197.64.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 03:57:48.682378 2026] [security2:error] [pid 20008:tid 20008] [client 34.64.197.242:44786] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|shadowveil.io\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "shadowveil.io"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai0NfMR-1PyibIqpZ5lKUAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 208.87.243.35

🇫🇷 193.32.126.157

🇺🇸 174.138.87.36

🇺🇸 168.100.149.189

🇩🇪 69.5.169.93

🇷🇴 2.57.122.238

🇩🇴 190.167.237.191

🇫🇮 147.185.133.122

🇷🇺 109.195.179.94

🇵🇱 87.251.64.145

🇨🇦 70.81.127.119

🇺🇸 50.84.211.204

🇸🇬 47.79.200.198

🇬🇧 35.203.210.163

🇯🇵 180.200.125.38

🇨🇳 124.88.113.121

🇬🇧 86.129.73.41

🇺🇸 52.0.152.56

🇭🇰 47.239.144.86

🇸🇬 47.82.8.214