JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.81.61.208

34.81.61.208 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	208.61.81.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇹🇼 Taiwan
City	Taipei, Taiwan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.81.61.208

Whois 34.81.61.208

IP Abuse Reports for 34.81.61.208:

This IP address has been reported a total of 29 times from 18 distinct sources. 34.81.61.208 was first reported on June 8th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-11 10:38:03 (4 hours ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-195)	Hacking Web App Attack
🇳🇱 Site.eu	2026-06-11 02:15:32 (13 hours ago)	Excessive multi-domain requests	Brute-Force
🇳🇱 homeshowdomain.nl	2026-06-10 22:02:32 (17 hours ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-09. show less	Web App Attack SSH Hacking
🇩🇪 updown.io	2026-06-10 20:09:36 (19 hours ago)	{"level":"info","ts":1781122175.2684295,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781122175.2684295,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.81.61.208","remote_port":"52824","client_ip":"34.81.61.208","proto":"HTTP/1.1","method":"GET","host":"pojihgfedcbwwwc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io","uri":"/frontend/.env.staging","headers":{"User-Agent":["Mozilla/5.0 (Linux; Android 9; ONEPLUS A5010 Build/PKQ1.180716.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/66.0.3359.126 MQQBrowser/6.2 TBS/044807 Mobile Safari/537.36 MMWEBID/1699 MicroMessenger/7.0.6.1460(0x27000634) Process/tools NetType/4G Language/zh_CN"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"]}},"bytes_read":0,"user_id":"","duration":0.000032923,"size":0,"status":308,"resp_headers":{"Connection":["close"],"Location":["https://pojihgfedcbwwwc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io/frontend/.env.staging"],"Content-Type":[],"Server":["Caddy"]}} {" ... show less	DDoS Attack Web App Attack
🇩🇪 LRob.fr	2026-06-10 10:00:10 (1 day ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇩🇪 grassau.com	2026-06-10 08:33:31 (1 day ago)	Port Scan detected from 34.81.61.208 (TW/Taiwan/Taipei City/Taipei/208.61.81.34.bc.googleuserconte ... show more Port Scan detected from 34.81.61.208 (TW/Taiwan/Taipei City/Taipei/208.61.81.34.bc.googleusercontent.com). show less	Port Scan
🇷🇺 DZBOT	2026-06-10 06:19:33 (1 day ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 04:32:28 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 34.81.61.208 (208.61.81.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.81.61.208 (208.61.81.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 00:32:22.689577 2026] [security2:error] [pid 2257:tid 2257] [client 34.81.61.208:52090] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "circlethreefl.com"] [uri "/.env.dev"] [unique_id "aijo1rTfkbrOV3k_ocNCFwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-10 04:22:30 (1 day ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇫🇷 ✨	2026-06-10 02:22:16 (1 day ago)	Domain : devserver.pocketpos.co.uk Rule : hack 2026-06-10 02:21:14 *hidden-privacy* GET /.env.ba ... show more Domain : devserver.pocketpos.co.uk Rule : hack 2026-06-10 02:21:14 *hidden-privacy* GET /.env.bak - 443 - 34.81.61.208 HTTP/1.1 Mozilla/5.0 (Android 4.2; rv:19.0) Gecko/20121129 Firefox/19.0 - devserver.pocketpos.co.uk 404 0 2 1549 200 237 - - show less	Hacking SQL Injection Brute-Force
🇳🇱 Site.eu	2026-06-09 22:30:04 (1 day ago)	Excessive multi-domain requests	Brute-Force
🇫🇮 YF	2026-06-09 21:00:23 (1 day ago)	Attaque distribuée subnet	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 19:34:00 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 34.81.61.208 (208.61.81.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.81.61.208 (208.61.81.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 15:33:54.035180 2026] [security2:error] [pid 5820:tid 5820] [client 34.81.61.208:58746] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "champions-in-arms.com"] [uri "/.env.sample"] [unique_id "aihqooDNMOC_lpwdcPVaowAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 07:39:01 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 34.81.61.208 (208.61.81.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.81.61.208 (208.61.81.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 03:38:53.368195 2026] [security2:error] [pid 5716:tid 5716] [client 34.81.61.208:34044] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.appleconsultant.micahgartman.com"] [uri "/.env.copy"] [unique_id "aifDDd33nUJYTfkL4GY8EQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 20:00:09 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 34.81.61.208 (208.61.81.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.81.61.208 (208.61.81.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 16:00:02.481847 2026] [security2:error] [pid 8834:tid 8834] [client 34.81.61.208:40114] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bullsalerts.com"] [uri "/app/.env.dev"] [unique_id "aicfQnpiUeY7ihwwsFdL7QAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.253.31.30

🇧🇩 45.251.228.101

🇳🇵 2404:7c00:49:44ab:69c4:8f4c:8d6f:add3

🇲🇽 187.140.196.75

🇩🇪 176.65.132.17

🇺🇸 149.19.106.43

🇨🇳 117.157.135.186

🇲🇲 103.154.241.42

🇨🇳 101.34.82.220

🇺🇸 91.230.168.126

🇧🇬 91.92.40.151

🇩🇪 84.150.143.15

🇧🇬 78.128.114.102

🇻🇳 27.79.7.142

🇺🇸 2607:f8b0:4001:c18::12e

🇺🇸 216.151.165.166

🇭🇰 185.239.85.154

🇹🇷 185.169.54.62

🇳🇱 185.93.89.132

🇮🇳 147.79.70.64