JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.81.16.181

34.81.16.181 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 63%: ?

63%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	181.16.81.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇹🇼 Taiwan
City	Taipei, Taiwan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.81.16.181

Whois 34.81.16.181

IP Abuse Reports for 34.81.16.181:

This IP address has been reported a total of 15 times from 12 distinct sources. 34.81.16.181 was first reported on June 14th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-16 22:03:22 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-15. show less	Web App Attack SSH Hacking
🇺🇸 mnsf	2026-06-16 00:11:55 (1 week ago)	Scanning/Probing (27)	Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-15 06:29:20 (1 week ago)	Multiple WAF Violations	Web App Attack
🇩🇪 rh24	2026-06-15 05:47:58 (1 week ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted] from 34.81.16.181 (TW/Tai ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 34.81.16.181 (TW/Taiwan/181.16.81.34.bc.googleusercontent.com) show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-15 05:41:59 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 34.81.16.181 (181.16.81.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.81.16.181 (181.16.81.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 01:41:51.904455 2026] [security2:error] [pid 19691:tid 19889] [client 34.81.16.181:35260] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fandginsurancellc.antidote-it.com"] [uri "/.env.txt"] [unique_id "ai-Qn2P9MJEDhbHGivjdTAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 SSH-Admin	2026-06-15 04:00:04 (1 week ago)	Probing for Exploits on ns200	Exploited Host Web App Attack
🇫🇷 masterguru	2026-06-15 02:51:36 (1 week ago)	URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .b ... show more URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .backup/ .bak/ .bck/ .bk/ .bkp/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .cnf/ .com/ .compositefont/ .config/ .conf/ .copy/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jks/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .sav/ .save/ .scr/ .sct/ .sh/ .shs/ .sql/ .sqlite/ .sqlite3/ .swap/ .swo/ .swp/ .sys/ .temp/ .tfstate/ .tlb/ .tmp/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-193) show less	Hacking
🇩🇪 akasolutions.de	2026-06-15 02:33:48 (1 week ago)	(mod_security) mod_security triggered on hostname [redacted] 34.81.16.181 (TW/Taiwan/181.16.81.34.bc ... show more (mod_security) mod_security triggered on hostname [redacted] 34.81.16.181 (TW/Taiwan/181.16.81.34.bc.googleusercontent.com) show less	SQL Injection
🇳🇱 Site.eu	2026-06-14 23:25:51 (1 week ago)	Excessive 404/403 errors	Brute-Force
🇺🇸 TPI-Abuse	2026-06-14 23:02:59 (1 week ago)	(mod_security) mod_security (id:949110) triggered by 34.81.16.181 (181.16.81.34.bc.googleusercontent ... show more (mod_security) mod_security (id:949110) triggered by 34.81.16.181 (181.16.81.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 19:02:51.552459 2026] [security2:error] [pid 24895:tid 24895] [client 34.81.16.181:57444] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "sh-llc.net"] [uri "/.env.old"] [unique_id "ai8zGwPbDgrTYaQnHgSR0QAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 SSH-Admin	2026-06-14 22:18:02 (1 week ago)	Probing for Exploits on ns74	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 22:11:23 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 34.81.16.181 (181.16.81.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.81.16.181 (181.16.81.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 18:11:16.874411 2026] [security2:error] [pid 20291:tid 20291] [client 34.81.16.181:56850] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "moorenextdoor.com"] [uri "/.env.test"] [unique_id "ai8nBHxYyNpmKgCF-uD67AAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 22:05:11 (1 week ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇩🇪 pscriptos	2026-06-14 22:01:20 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇳🇿 Tripwire	2026-06-14 10:10:29 (1 week ago)	Scanning for exploits - /api/.env.production	Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇷 185.255.95.139

🇺🇸 170.246.53.11

🇺🇸 170.231.251.222

🇺🇸 170.231.251.212

🇨🇳 124.117.195.87

🇨🇳 112.32.255.163

🇬🇧 88.97.1.188

🇨🇳 36.26.233.221

🇩🇪 185.242.3.195

🇳🇱 176.65.132.22

🇺🇸 173.255.198.110

🇺🇸 170.231.251.131

🇺🇸 153.75.224.19

🇺🇸 143.137.166.50

🇺🇸 143.137.166.32

🇸🇬 47.84.103.153

🇳🇱 45.148.10.152

🇵🇪 190.117.96.174

🇦🇷 186.148.224.83

🇫🇮 178.20.210.152