JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.89.163.136

34.89.163.136 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 59%: ?

59%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	136.163.89.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.89.163.136

Whois 34.89.163.136

IP Abuse Reports for 34.89.163.136:

This IP address has been reported a total of 11 times from 9 distinct sources. 34.89.163.136 was first reported on June 14th 2026, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-15 22:06:12 (18 hours ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-14. show less	Web App Attack SSH Hacking
🇩🇪 updown.io	2026-06-15 07:26:24 (1 day ago)	{"level":"info","ts":1781508382.1033926,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781508382.1033926,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.89.163.136","remote_port":"42524","client_ip":"34.89.163.136","proto":"HTTP/1.1","method":"GET","host":"status.canadiandatabank.com","uri":"/.env.stage","headers":{"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3880.0 Safari/537.36"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"status.canadiandatabank.com","ech":false}},"bytes_read":0,"user_id":"","duration":0.000211413,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}} {"level":"info","ts":1781508382.104602,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.89.163.136","remote_port":"42544","client_ip":"34.89.163.136","proto":"HTTP/1.1"," ... show less	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 06:48:43 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 34.89.163.136 (136.163.89.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.89.163.136 (136.163.89.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 02:48:36.456988 2026] [security2:error] [pid 23309:tid 23461] [client 34.89.163.136:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.magicdiscovery.com"] [uri "/src/.env"] [unique_id "ai-gRAnWmXc2Gd5Jq--nEwAAAQs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 06:18:43 (1 day ago)	34.89.163.136 - - [15/Jun/2026:08:18:40 +0200] "GET /.env.production.bak HTTP/1.1" 403 12583 "-" "Mo ... show more 34.89.163.136 - - [15/Jun/2026:08:18:40 +0200] "GET /.env.production.bak HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 12_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/76.0.3809.81 Mobile/15E148 Safari/605.1" 34.89.163.136 - - [15/Jun/2026:08:18:40 +0200] "GET /.env HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Linux; Android 9; INE-LX1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" 34.89.163.136 - - [15/Jun/2026:08:18:40 +0200] "GET /.env.production HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 34.89.163.136 - - [15/Jun/2026:08:18:40 +0200] "GET /.env.prod HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Linux; Android 9; G8141) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" 34.89.163.136 - - [15/Jun/2026:08:18:40 +0200] "GET /.env.bak HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Linux; Android 9; CLT-L29 Build/HUAWEICLT-L29 ... show less	Bad Web Bot Web App Attack
Anonymous	2026-06-15 05:55:09 (1 day ago)	Aggressive web scan	Web App Attack
Anonymous	2026-06-15 04:32:02 (1 day ago)	Bot / scanning and/or hacking attempts: GET /.env.save HTTP/1.1, GET /.env.txt HTTP/1.1, GET /env.tx ... show more Bot / scanning and/or hacking attempts: GET /.env.save HTTP/1.1, GET /.env.txt HTTP/1.1, GET /env.txt HTTP/1.1, GET /.env.dist HTTP/1.1, GET /backend/.env.dev HTTP/1.1, GET /src/.env.backup HTTP/1.1, GET /env.backup HTTP/1.1, GET /app/.env.bak HTTP/1.1, GET /backend/.env.backup HTTP/1.1, GET /.env.prod HTTP/1.1, GET /env.bak HTTP/1.1, GET /.env.copy HTTP/1.1, GET /backend/api/.env HTTP/1.1, GET /app/.env.prod HTTP/1.1, GET /v3/.env HTTP/1.1, GET /.env~ HTTP/1.1, GET /.env.backup HTTP/1.1, GET /.env.test HTTP/1.1, GET /env HTTP/1.1, GET /admin/.env HTTP/1.1, GET /api/v3/.env HTTP/1.1, GET /.env.production.bak HTTP/1.1, GET /.env.orig HTTP/1.1, GET /api/.env.prod HTTP/1.1, GET /stage/.env HTTP/1.1 show less	Hacking Web App Attack
🇩🇪 BlueWire Hosting	2026-06-14 23:27:24 (1 day ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇺🇸 TPI-Abuse	2026-06-14 21:58:57 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 34.89.163.136 (136.163.89.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.89.163.136 (136.163.89.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 17:58:52.198395 2026] [security2:error] [pid 28274:tid 28274] [client 34.89.163.136:42660] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "castlewelding.net"] [uri "/sendgrid/.env.prod"] [unique_id "ai8kHAeMvLf_02jc6PIkPgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 13:37:11 (2 days ago)	[Sun Jun 14 15:37:08.721788 2026] [access_compat:error] [pid 320404:tid 129668430694080] [client 34. ... show more [Sun Jun 14 15:37:08.721788 2026] [access_compat:error] [pid 320404:tid 129668430694080] [client 34.89.163.136:52576] AH01797: client denied by server configuration: /var/www/html/.env.local [Sun Jun 14 15:37:08.772793 2026] [access_compat:error] [pid 320404:tid 129668571203264] [client 34.89.163.136:52586] AH01797: client denied by server configuration: /var/www/html/.env.backup [Sun Jun 14 15:37:08.774096 2026] [access_compat:error] [pid 320373:tid 129667946251968] [client 34.89.163.136:52644] AH01797: client denied by server configuration: /var/www/html/.env.backup.txt [Sun Jun 14 15:37:08.778455 2026] [access_compat:error] [pid 320373:tid 129668137092800] [client 34.89.163.136:52674] AH01797: client denied by server configuration: /var/www/html/.env [Sun Jun 14 15:37:08.860291 2026] [access_compat:error] [pid 320373:tid 129668483122880] [client 34.89.163.136:52792] AH01797: client denied by server configuration: /var/www/html/.env.old [Sun Jun 14 15:37:08.862275 2026] [access_compa ... show less	Brute-Force Web App Attack
🇮🇹 VHosting	2026-06-14 04:45:04 (2 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 02:03:30 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 34.89.163.136 (136.163.89.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.89.163.136 (136.163.89.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 22:03:23.811251 2026] [security2:error] [pid 14614:tid 14639] [client 34.89.163.136:43774] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "peapage.productions"] [uri "/.env.qa"] [unique_id "ai4L63174bBxH9is7QkPmQAAARc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 116.99.173.101

🇮🇳 106.192.255.73

🇳🇱 81.19.216.85

🇧🇷 20.195.176.139

🇮🇹 2.228.232.238

🇬🇧 2a06:4880:8000::aa

🇳🇱 204.76.203.222

🇳🇱 204.76.203.221

🇳🇱 204.76.203.214

🇨🇴 201.182.251.214

🇬🇧 193.163.125.158

🇨🇳 112.6.75.202

🇷🇺 95.71.127.158

🇦🇿 82.194.23.137

🇳🇱 81.19.216.95

🇬🇧 51.195.183.82

🇯🇵 8.211.174.175

🇰🇷 1.238.106.229

🇻🇳 1.52.208.219

🇹🇭 171.6.28.112