JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.89.104.112

34.89.104.112 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	112.104.89.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.89.104.112

Whois 34.89.104.112

IP Abuse Reports for 34.89.104.112:

This IP address has been reported a total of 26 times from 19 distinct sources. 34.89.104.112 was first reported on June 8th 2026, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 4server	2026-06-11 17:30:10 (8 hours ago)	[ThuJun1119:30:04.7331422026][security2:error][pid2372555:tid2372666][client34.89.104.112:0]ModSecur ... show more [ThuJun1119:30:04.7331422026][security2:error][pid2372555:tid2372666][client34.89.104.112:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"kiteinvest.ch\"][uri\"/wp-json/gravitysmtp/v1/tests/mock-data\"][unique_id\"airwnJdP46CXZbhnL_F2tgAAAQQ\"] show less	Port Scan Brute-Force Web App Attack
🇬🇧 poundawebsiteltd	2026-06-11 15:45:17 (9 hours ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 34.89.104.112 - - [11/Jun/2026:1 ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 34.89.104.112 - - [11/Jun/2026:16:45:15 +0100] GET /communities/trade-unions-community/trade-unions-community-welcome/wp-json/gravitysmtp/v1/settings HTTP/1.1 403 3108 https://[REDACTED_DOMAIN]/wp-json/gravitysmtp/v1/settings Mozilla/5.0 (Windows; U; Windows CE 5.1; rv:1.8.1a3) Gecko/20060610 Minimo/0.016 show less	Web App Attack
🇵🇱 Roper123	2026-06-11 14:14:32 (11 hours ago)	WP-LOGIN brute-force	Brute-Force Web App Attack
🇫🇷 tkweb951753	2026-06-11 11:05:38 (14 hours ago)	Credential harvesting / attack detected by aspigeon SOC — threat_score: 100	Port Scan Brute-Force Web App Attack
🇩🇪 AetherFox	2026-06-11 10:03:02 (15 hours ago)	AetherFox VoidGuard detected: [Thu Jun 11 10:03:01.456444 2026] [authz_core:error] [pid 87405:tid 87 ... show more AetherFox VoidGuard detected: [Thu Jun 11 10:03:01.456444 2026] [authz_core:error] [pid 87405:tid 87422] [client 34.89.104.112:58498] AH01630: client denied by server configuration: proxy:https://freebeegee.draconigen.de/wp-json/gravitysmtp/v1/tests/mock-data [Thu Jun 11 10:03:01.456711 2026] [authz_core:error] [pid 87405:tid 87422] [client 34.89.104.112:58498] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html [Thu Jun 11 10:03:01.460018 2026] [authz_core:error] [pid 25958:tid 26000] [client 34.89.104.112:58510] AH01630: client denied by server configuration: proxy:https://freebeegee.draconigen.de/wp-json/gravitysmtp/v1/settings [Thu Jun 11 10:03:01.460234 2026] [authz_core:error] [pid 25958:tid 26000] [client 34.89.104.112:58510] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html [Thu Jun 11 10:03:01.460388 2026] [authz_core:error] [pid 25958:tid 25969] [client 34.89.104.112:58524] AH01630: client denie ... show less	Bad Web Bot Web App Attack
🇩🇪 Viveronese	2026-06-11 05:42:58 (19 hours ago)	HTTP vulnerability scanning	Web App Attack
Anonymous	2026-06-11 02:03:08 (23 hours ago)	Auto-reported by Fail2Ban (NPM-Auth)	Web App Attack
🇩🇪 4server	2026-06-11 00:25:08 (1 day ago)	[ThuJun1102:25:02.4255962026][security2:error][pid1161185:tid1161279][client34.89.104.112:0]ModSecur ... show more [ThuJun1102:25:02.4255962026][security2:error][pid1161185:tid1161279][client34.89.104.112:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"cpfacilityservices.ch\"][uri\"/wp-json/gravitysmtp/v1/tests/mock-data\"][unique_id\"aioAXnZVo225J6IzAfmwpwAAAMc\"] show less	Port Scan Brute-Force Web App Attack
🇯🇵 HeliJP	2026-06-10 23:45:19 (1 day ago)	2026-06-10T23:18:55Z - Recognized attacks\bad behavior from IP address 34.89.104.112 on port 443\80 ... show more 2026-06-10T23:18:55Z - Recognized attacks\bad behavior from IP address 34.89.104.112 on port 443\80 (5 daily hits): client denied by server configuration show less	Port Scan Hacking SQL Injection Brute-Force Web App Attack
🇩🇪 Live Home Cams	2026-06-10 17:59:52 (1 day ago)	WebApp brute force attack detected. Multiple file scanning attempts from 34.89.104.112. Detected by ... show more WebApp brute force attack detected. Multiple file scanning attempts from 34.89.104.112. Detected by fail2ban. show less	Web App Attack Brute-Force
🇨🇦 polycoda	2026-06-10 13:55:57 (1 day ago)	📄 Probes for tons of inexistent files and/or PHP scripts	Hacking Web App Attack
🇬🇧 consul.to	2026-06-10 08:36:12 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 raph	2026-06-10 06:00:43 (1 day ago)	[Wordpress] crawler /wp-admin/, /wp-content/, etc.	Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-10 05:38:49 (1 day ago)	[WedJun1007:38:48.0776142026][security2:error][pid4059152:tid4059255][client34.89.104.112:0]ModSecur ... show more [WedJun1007:38:48.0776142026][security2:error][pid4059152:tid4059255][client34.89.104.112:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"vulcanoricambi.ch\"][uri\"/wp-json/gravitysmtp/v1/tests/mock-data\"][unique_id\"aij4aHMnD62kv6s-0QPUBwAAAQU\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 kosada.com	2026-06-10 03:13:11 (1 day ago)	Web vulnerability probing: /wp-json/wp/v2/settings	Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 208.109.52.213

🇲🇽 187.191.48.4

🇧🇷 187.49.12.157

🇦🇷 181.45.135.59

🇺🇸 147.185.132.93

🇬🇧 91.204.209.4

🇺🇸 23.234.83.39

🇷🇴 2.57.122.238

🇬🇧 2a06:4880:6000::91

🇨🇳 218.106.33.54

🇲🇰 185.193.240.246

🇸🇬 172.188.89.41

🇨🇳 163.125.130.80

🇫🇷 161.97.166.188

🇺🇸 107.150.97.225

🇹🇷 91.151.95.146

🇩🇪 45.135.141.7

🇸🇳 41.82.50.218

🇯🇵 20.78.0.33

🇸🇬 4.193.200.79