JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.92.203.104

34.92.203.104 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 68%: ?

68%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	104.203.92.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.92.203.104

Whois 34.92.203.104

IP Abuse Reports for 34.92.203.104:

This IP address has been reported a total of 34 times from 14 distinct sources. 34.92.203.104 was first reported on June 8th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 TheCoon	2026-06-10 07:00:01 (1 week ago)	Automated: Credential theft attempt - JSON bomb served	Web App Attack Hacking
🇳🇱 homeshowdomain.nl	2026-06-09 22:01:16 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08. show less	Web App Attack SSH Hacking
🇧🇪 sid3windr	2026-06-09 18:36:42 (1 week ago)	GET /.git/config (Tarpitted for 1d15h8m31s, wasted 8.06MB)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 15:32:53 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 34.92.203.104 (104.203.92.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.92.203.104 (104.203.92.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 11:32:48.388587 2026] [security2:error] [pid 28870:tid 28870] [client 34.92.203.104:32822] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "my-spec.com"] [uri "/.git/config"] [unique_id "aigyILp4yV-GyeViN84dDAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-09 15:28:45 (1 week ago)	[TueJun0917:28:43.0388082026][security2:error][pid3129758:tid3129857][client34.92.203.104:0]ModSecur ... show more [TueJun0917:28:43.0388082026][security2:error][pid3129758:tid3129857][client34.92.203.104:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:10\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"pytag.ch\"][uri\"/.git/config\"][unique_id\"aigxKwy2Cu_V3DIE3yjqrQAAAMQ\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 00:34:07 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 34.92.203.104 (104.203.92.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.92.203.104 (104.203.92.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 20:34:05.047459 2026] [security2:error] [pid 2104:tid 2104] [client 34.92.203.104:60608] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.neilvboyer.arsenaultartistmanagement.com"] [uri "/.git/config"] [unique_id "aidffdeeIIRKxntVQhjHWAAAAEQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-08 21:20:00 (1 week ago)	[MonJun0823:19:55.4014182026][security2:error][pid1860995:tid1862153][client34.92.203.104:0]ModSecur ... show more [MonJun0823:19:55.4014182026][security2:error][pid1860995:tid1862153][client34.92.203.104:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"www.aeapcl.ch.81-17-25-250.cpanel.site\"][uri\"/.git/config\"][unique_id\"aicx-wYfhz-KO86bbu5zXwAAARM\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 18:55:06 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 34.92.203.104 (104.203.92.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.92.203.104 (104.203.92.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 14:55:03.255834 2026] [security2:error] [pid 28564:tid 28564] [client 34.92.203.104:43970] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "go.maggiemusic.ca"] [uri "/.git/config"] [unique_id "aicQB1gGYgqMW8R51y0_gAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 18:09:41 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 34.92.203.104 (104.203.92.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.92.203.104 (104.203.92.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 14:09:37.809357 2026] [security2:error] [pid 9830:tid 9830] [client 34.92.203.104:47402] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aimer.es.aticom.es"] [uri "/.git/config"] [unique_id "aicFYUFnkjlLYjJSIB--DAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xxkodedxx	2026-06-08 17:34:59 (1 week ago)	[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 2× edge-block in 10 ... show more [Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 2× edge-block in 10m window. Origin: HK / AS396982 Google LLC Active: 17:34:34→17:34:37 UTC Volume: 2 HTTP req Probed: /.git/config Status mix: 444×1 400×1 Vhost fishing: 67.217.240.72 UA: "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36" Auto-banned 30d. zorvexus-banner. show less	Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-08 16:41:27 (1 week ago)	Try to access /.git/config	Web App Attack
🇧🇪 voormedia	2026-06-08 15:55:21 (1 week ago)	Accessed trap at '/.git/config'	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 14:57:03 (1 week ago)	(mod_security) mod_security (id:949110) triggered by 34.92.203.104 (104.203.92.34.bc.googleuserconte ... show more (mod_security) mod_security (id:949110) triggered by 34.92.203.104 (104.203.92.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 10:56:56.783147 2026] [security2:error] [pid 18715:tid 18715] [client 34.92.203.104:41058] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.dw.cescfoundation.org"] [uri "/.git/config"] [unique_id "aibYOMyxKYJK7NokQo0tRQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 13:52:18 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 34.92.203.104 (104.203.92.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.92.203.104 (104.203.92.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 09:52:11.660641 2026] [security2:error] [pid 26767:tid 26767] [client 34.92.203.104:49168] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.newisci.org"] [uri "/.git/config"] [unique_id "aibJC9td13vqvwvbrC6lRAAAAIY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 OceanTreasure	2026-06-08 13:15:15 (1 week ago)	tcp/443; Git configuration exposure attempt: "GET /.git/config" @ 2026-06-08T13:08:56Z [proxy]	Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.93.106.153

🇩🇪 65.111.28.214

🇫🇷 2001:41d0:303:34af::1

🇺🇸 216.25.89.147

🇦🇲 212.34.246.3

🇩🇪 130.12.180.196

🇮🇳 122.168.127.153

🇹🇷 89.252.131.17

🇺🇸 75.82.150.117

🇩🇪 65.111.28.208

🇳🇱 45.148.10.151

🇳🇱 45.148.10.147

🇨🇳 223.221.36.42

🇹🇼 198.235.24.70

🇫🇷 194.99.23.220

🇧🇷 187.19.185.26

🇻🇳 163.61.182.82

🇺🇸 138.68.61.2

🇨🇳 118.81.193.224

🇩🇪 65.111.28.199