JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.89.215.25

34.89.215.25 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 92%: ?

92%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	25.215.89.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.89.215.25

Whois 34.89.215.25

IP Abuse Reports for 34.89.215.25:

This IP address has been reported a total of 38 times from 17 distinct sources. 34.89.215.25 was first reported on June 8th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-09 22:00:15 (3 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08. show less	Web App Attack SSH Hacking
🇨🇭 TheCoon	2026-06-09 22:00:02 (3 days ago)	Automated: Credential theft attempt - JSON bomb served	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-09 11:43:10 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.89.215.25 (25.215.89.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.89.215.25 (25.215.89.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:43:05.480032 2026] [security2:error] [pid 31122:tid 31122] [client 34.89.215.25:33002] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.merlinaerospace.com"] [uri "/.git/config"] [unique_id "aif8SWIHG9zIGgLd8DV_YQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 09:53:44 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.89.215.25 (25.215.89.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.89.215.25 (25.215.89.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 05:53:40.459529 2026] [security2:error] [pid 28987:tid 28987] [client 34.89.215.25:46932] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "modalguitarist.com"] [uri "/.git/config"] [unique_id "aifipN17W8Lmb5wwaOCmzwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 07:02:25 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.89.215.25 (25.215.89.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.89.215.25 (25.215.89.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 03:02:20.034743 2026] [security2:error] [pid 29149:tid 29149] [client 34.89.215.25:51658] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ctrussell.grabnerconsulting.com"] [uri "/.git/config"] [unique_id "aie6fMAaTTWMU431MoOzjgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 06:38:29 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.89.215.25 (25.215.89.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.89.215.25 (25.215.89.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 02:38:24.983801 2026] [security2:error] [pid 16722:tid 16722] [client 34.89.215.25:47162] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jdhunterlaw.com"] [uri "/.git/config"] [unique_id "aie04BQul21JUWUJOIjWfwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-09 06:16:19 (3 days ago)	[TueJun0908:16:14.6458762026][security2:error][pid3894424:tid3895203][client34.89.215.25:0]ModSecuri ... show more [TueJun0908:16:14.6458762026][security2:error][pid3894424:tid3895203][client34.89.215.25:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"webmail.edilmarra.ch\"][uri\"/.git/config\"][unique_id\"aievrqlsZBUnJkBrl0gVngAAAQw\"] show less	Hacking Web App Attack
🇭🇺 bcsaba	2026-06-09 04:56:32 (3 days ago)	Probing for .git: 34.89.215.25 - - [09/Jun/2026:06:56:29 +0200] "GET /.git/config HTTP/1.1" 403 146 ... show more Probing for .git: 34.89.215.25 - - [09/Jun/2026:06:56:29 +0200] "GET /.git/config HTTP/1.1" 403 146 "-" "Mozilla/5.0 (iPad; U; CPU OS 4_2_1 like Mac OS X; ja-jp) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8C148 Safari/6533.18.5" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 04:48:10 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.89.215.25 (25.215.89.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.89.215.25 (25.215.89.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 00:48:06.047713 2026] [security2:error] [pid 4374:tid 4374] [client 34.89.215.25:42242] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scoretopicturenetwork.com"] [uri "/.git/config"] [unique_id "aiebBncjBV06kV-qJ83asgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-09 04:13:06 (3 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 03:07:57 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.89.215.25 (25.215.89.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.89.215.25 (25.215.89.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 23:07:54.356941 2026] [security2:error] [pid 31470:tid 31470] [client 34.89.215.25:36674] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hancockcountyfarmersmarket.com.daisydoesoap.com"] [uri "/.git/config"] [unique_id "aieDis_d38ih4M6CX2fyCAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 02:52:24 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.89.215.25 (25.215.89.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.89.215.25 (25.215.89.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 22:52:17.636774 2026] [security2:error] [pid 17921:tid 17957] [client 34.89.215.25:42860] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.igedac.com"] [uri "/.git/config"] [unique_id "aid_4WrOLJLrTm_5SSZl9gAAAM0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 02:52:21 (3 days ago)	34.89.215.25 - - [09/Jun/2026:02:52:20 +0000] "GET /.git/config HTTP/1.1" 404 44265 "-" "Mozilla/5.0 ... show more 34.89.215.25 - - [09/Jun/2026:02:52:20 +0000] "GET /.git/config HTTP/1.1" 404 44265 "-" "Mozilla/5.0 (Linux; Android 9; EML-L09) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-09 02:52:21 (3 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.89.215.25 (DE/Germany/25.215.89.34 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.89.215.25 (DE/Germany/25.215.89.34.bc.googleusercontent.com): 1 in the last 3600 secs (0-195) show less	Hacking
🇦🇺 paulshipley.com.au	2026-06-09 01:23:33 (3 days ago)	[Tue Jun 09 11:23:32.800186 2026] [security2:error] [pid 186704] [client 34.89.215.25:57652] [client ... show more [Tue Jun 09 11:23:32.800186 2026] [security2:error] [pid 186704] [client 34.89.215.25:57652] [client 34.89.215.25] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "balcomberetreat.com.au"] [uri "/.git/config"] [unique_id "aidrFBqVhX3TEfLWinZJ6gAAAAM"] ... show less	Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 207.219.221.101

🇫🇮 204.168.206.154

🇺🇸 193.56.116.243

🇦🇷 190.3.50.189

🇩🇪 167.94.146.56

🇺🇸 162.216.150.170

🇨🇳 112.111.150.127

🇫🇷 85.217.140.24

🇺🇸 64.62.197.160

🇺🇸 64.62.197.137

🇺🇸 50.112.151.48

🇺🇿 213.230.78.36

🇧🇪 198.235.24.234

🇳🇱 195.178.110.105

🇬🇧 193.163.125.142

🇨🇳 180.101.224.66

🇩🇪 167.94.145.23

🇺🇸 166.88.227.114

🇮🇹 151.115.166.245

🇵🇱 151.115.80.249