JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.70.112.237

34.70.112.237 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 51%: ?

51%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	237.112.70.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	Council Bluffs, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.70.112.237

Whois 34.70.112.237

IP Abuse Reports for 34.70.112.237:

This IP address has been reported a total of 11 times from 7 distinct sources. 34.70.112.237 was first reported on June 13th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-13 13:35:46 (6 hours ago)	(mod_security) mod_security (id:210492) triggered by 34.70.112.237 (237.112.70.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.70.112.237 (237.112.70.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 09:35:41.522280 2026] [security2:error] [pid 4702:tid 4718] [client 34.70.112.237:36192] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.financejob.org.aafm.us"] [uri "/.env.backup.txt"] [unique_id "ai1crddn31AK8S3SXM_PUAAAAYU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 12:09:15 (7 hours ago)	(mod_security) mod_security (id:210492) triggered by 34.70.112.237 (237.112.70.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.70.112.237 (237.112.70.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 08:09:07.906927 2026] [security2:error] [pid 23797:tid 23797] [client 34.70.112.237:35322] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.renomarsh.com"] [uri "/.env.production"] [unique_id "ai1IYwJJ2bkd4hhCfsrLiwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-13 09:06:35 (10 hours ago)	Abuse Detected (86)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 07:15:59 (12 hours ago)	(mod_security) mod_security (id:210492) triggered by 34.70.112.237 (237.112.70.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.70.112.237 (237.112.70.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 03:15:52.968285 2026] [security2:error] [pid 15515:tid 15515] [client 34.70.112.237:45460] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abq4you.com.peterlundman.com"] [uri "/.env.copy"] [unique_id "ai0DqEjtq7kP3yXCkcjz9wAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 06:49:39 (13 hours ago)	(caddyscan) Scanner path probe from 34.70.112.237 (US/United States/237.112.70.34.bc.googleuserconte ... show more (caddyscan) Scanner path probe from 34.70.112.237 (US/United States/237.112.70.34.bc.googleusercontent.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 34.70.112.237 - - [13/Jun/2026:06:49:34 +0000] "GET /.env.backup.txt HTTP/1.1" [REDACTED] 200 2627 34.70.112.237 - - [13/Jun/2026:06:49:34 +0000] "GET /.env.testing HTTP/1.1" [REDACTED] 200 2627 34.70.112.237 - - [13/Jun/2026:06:49:34 +0000] "GET /.env.test HTTP/1.1" [REDACTED] 200 2627 34.70.112.237 - - [13/Jun/2026:06:49:34 +0000] "GET /.env.production HTTP/1.1" [REDACTED] 200 2627 34.70.112.237 - - [13/Jun/2026:06:49:34 +0000] "GET /.env.example HTTP/1.1" show less	Port Scan
🇩🇪 updown.io	2026-06-13 06:02:34 (13 hours ago)	{"level":"info","ts":1781330553.2233734,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781330553.2233734,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.70.112.237","remote_port":"55830","client_ip":"34.70.112.237","proto":"HTTP/1.1","method":"GET","host":"www.staging.www8183460a-5c8f-4410-b4fe-6f9a067a83f2.random.159.89.98.98.nip.io","uri":"/.env.example","headers":{"User-Agent":["Mozilla/5.0 (Linux; Android 9; Redmi Note 5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.143 Mobile Safari/537.36"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"]}},"bytes_read":0,"user_id":"","duration":0.000025158,"size":0,"status":308,"resp_headers":{"Location":["https://www.staging.www8183460a-5c8f-4410-b4fe-6f9a067a83f2.random.159.89.98.98.nip.io/.env.example"],"Content-Type":[],"Server":["Caddy"],"Connection":["close"]}} {"level":"info","ts":1781330553.2393935,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.70.112.237","remote_port":"55844","client_ip":"34 ... show less	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 04:52:34 (15 hours ago)	(mod_security) mod_security (id:210492) triggered by 34.70.112.237 (237.112.70.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.70.112.237 (237.112.70.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 00:52:27.637797 2026] [security2:error] [pid 2824:tid 2824] [client 34.70.112.237:50188] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "asttechgroup.com"] [uri "/.env.production.bak"] [unique_id "aiziC74IivmjtFlpaegVmgAAAF0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-13 04:48:26 (15 hours ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-195)	Hacking Web App Attack
🇮🇹 VHosting	2026-06-13 04:35:03 (15 hours ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 mnsf	2026-06-13 04:09:06 (15 hours ago)	Abuse Detected (116)	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-13 03:19:11 (16 hours ago)	Excessive 404/403 errors	Brute-Force

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇪 94.200.95.18

🇪🇸 46.35.117.110

🇩🇪 45.135.141.17

🇺🇸 20.172.240.136

🇮🇷 5.232.102.176

🇰🇷 210.222.46.15

🇩🇪 79.215.44.35

🇩🇪 34.32.85.41

🇺🇸 20.118.32.47

🇨🇳 14.103.104.36

🇺🇸 216.25.89.89

🇸🇬 104.248.158.72

🇬🇧 35.203.210.234

🇯🇵 210.156.0.132

🇫🇷 173.249.10.85

🇨🇳 116.167.200.102

🇹🇼 114.34.130.221

🇻🇳 103.186.101.231

🇭🇰 43.154.195.142

🇺🇸 34.63.255.223