JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.72.133.65

34.72.133.65 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 61%: ?

61%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	65.133.72.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	Council Bluffs, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.72.133.65

Whois 34.72.133.65

IP Abuse Reports for 34.72.133.65:

This IP address has been reported a total of 12 times from 11 distinct sources. 34.72.133.65 was first reported on June 14th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-16 22:00:43 (4 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-15. show less	Web App Attack SSH Hacking
🇨🇦 Mediashaker	2026-06-15 17:07:52 (5 days ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted] from 34.72.133.65 (US/United ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 34.72.133.65 (US/United States/65.133.72.34.bc.googleusercontent.com) show less	Port Scan
🇺🇸 kosada.com	2026-06-15 15:15:35 (5 days ago)	Web vulnerability probing: /actuator/auditevents (bogus vhost/SNI)	Web App Attack
🇩🇪 grassau.com	2026-06-15 04:05:32 (6 days ago)	Port Scan detected from 34.72.133.65 (US/United States/Iowa/Council Bluffs/65.133.72.34.bc.googleu ... show more Port Scan detected from 34.72.133.65 (US/United States/Iowa/Council Bluffs/65.133.72.34.bc.googleusercontent.com). show less	Port Scan
🇺🇸 ruusvuu	2026-06-15 03:12:28 (6 days ago)	Automated abuse report: 25 attack/probe requests from Google LLC / US. Targeted paths: /.env.test, / ... show more Automated abuse report: 25 attack/probe requests from Google LLC / US. Targeted paths: /.env.test, /.env.local, /.env.txt, /.env.prod.bak, /.env.docker. Sample log lines: [mir-org] [6/14/2026, 8:12:28 PM] GET .mirregistry.org/frontend/.env.local 404 34.72.133.65 - 0.632 ms [mir-org] [6/14/2026, 8:12:28 PM] GET .mirregistry.org/.env.backup.txt 404 34.72.133.65 - 0.771 ms [mir-org] [6/14/2026, 8:12:28 PM] GET .mirregistry.org/.env.staging 404 34.72.133.65 - 0.781 ms Detected by an automated web-server log monitor. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 02:44:48 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 34.72.133.65 (65.133.72.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.72.133.65 (65.133.72.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:44:41.446363 2026] [security2:error] [pid 15656:tid 15656] [client 34.72.133.65:60378] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "frontlinefirestop.com"] [uri "/.env.preprod"] [unique_id "ai9nGUEHSBcc173leTxVvwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-15 00:33:51 (6 days ago)	URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .backup/ ... show more URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .compositefont/ .config/ .conf/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .scr/ .sct/ .shs/ .sql/ .swp/ .sys/ .tlb/ .tmp/ .url/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-196) show less	Hacking
🇺🇸 mnsf	2026-06-15 00:20:49 (6 days ago)	Scanning/Probing (19)	Brute-Force Web App Attack
Anonymous	2026-06-14 22:37:27 (6 days ago)	34.72.133.65 - - [15/Jun/2026:06:37:27 +0800] "GET /.env.backup HTTP/1.1" 404 196 "-" "Mozilla/5.0 ( ... show more 34.72.133.65 - - [15/Jun/2026:06:37:27 +0800] "GET /.env.backup HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Linux; U; Android 2.2; en-us; SCH-I800 Build/FROYO) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1" ... show less	Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-14 05:35:04 (1 week ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-14 04:37:07 (1 week ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇱🇻 garmtech.com	2026-06-14 02:15:20 (1 week ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env.production	Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 188.126.241.118

🇺🇦 185.68.18.52

🇧🇷 179.111.150.107

🇧🇷 131.108.162.24

🇨🇳 113.25.249.100

🇳🇱 91.92.40.4

🇷🇴 80.94.92.166

🇺🇸 66.132.172.235

🇷🇺 31.173.12.27

🇺🇸 20.65.194.132

🇨🇴 190.7.155.130

🇮🇩 180.252.147.158

🇫🇷 167.104.216.218

🇺🇸 157.230.6.134

🇨🇳 112.24.99.134

🇸🇬 103.13.206.152

🇷🇺 83.239.0.202

🇬🇧 81.19.219.224

🇺🇸 70.115.138.167

🇩🇪 65.111.26.46