JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.95.161.195

34.95.161.195 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	195.161.95.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇧🇷 Brazil
City	Sao Paulo, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.95.161.195

Whois 34.95.161.195

IP Abuse Reports for 34.95.161.195:

This IP address has been reported a total of 41 times from 34 distinct sources. 34.95.161.195 was first reported on June 9th 2026, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-12 22:01:17 (18 hours ago)	Auto-ban: 232 malicious requests on 2026-06-11 (e.g., env/backup probes, brute-force, or error burst ... show more Auto-ban: 232 malicious requests on 2026-06-11 (e.g., env/backup probes, brute-force, or error bursts). show less	Web App Attack SSH Hacking
🇨🇭 4server	2026-06-11 22:39:53 (1 day ago)	[FriJun1200:39:46.5316012026][security2:error][pid1184101:tid1184297][client34.95.161.195:0]ModSecur ... show more [FriJun1200:39:46.5316012026][security2:error][pid1184101:tid1184297][client34.95.161.195:0]ModSecurity:Accessdeniedwithcode403$phase2$.OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded$TotalScore:5$\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"greenartistsswiss.ch.81-17-25-250.cpanel.site\"][uri\"/heapdump\"][unique_id\"ais5Msyl3SwoEYGECNo_6wAAAEE\"] show less	Hacking Web App Attack
Anonymous	2026-06-11 19:48:51 (1 day ago)	(mod_security) mod_security triggered on hostname [redacted] 34.95.161.195 (BR/Brazil/195.161.95.34. ... show more (mod_security) mod_security triggered on hostname [redacted] 34.95.161.195 (BR/Brazil/195.161.95.34.bc.googleusercontent.com) show less	SQL Injection
🇳🇱 Cloud86 B.V.	2026-06-11 19:13:01 (1 day ago)	categories: DDoS Attack	DDoS Attack
🇧🇷 Halux	2026-06-11 15:44:58 (2 days ago)	34.95.161.195 Web Application Firewall multiple violations	Hacking Web App Attack
🇪🇸 elcruzado.es	2026-06-11 13:53:05 (2 days ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted] from 34.95.161.195 (BR/Brazil ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 34.95.161.195 (BR/Brazil/195.161.95.34.bc.googleusercontent.com) show less	Port Scan
Anonymous	2026-06-11 13:08:10 (2 days ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: BR, Attack patterns: Back ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: BR, Attack patterns: Backup file probing, Cloud secrets probing, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-11 12:23:14 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇷🇴 iulianh	2026-06-11 08:27:48 (2 days ago)	*	Brute-Force SSH
Anonymous	2026-06-11 06:32:35 (2 days ago)	34.95.161.195 - - [11/Jun/2026:08:32:29 +0200] "GET /api/env HTTP/1.1" 403 7163 "-" "Mozilla/5.0 (OS ... show more 34.95.161.195 - - [11/Jun/2026:08:32:29 +0200] "GET /api/env HTTP/1.1" 403 7163 "-" "Mozilla/5.0 (OS/2; U; OS/2; en-US) AppleWebKit/533.3 (KHTML, like Gecko) QupZilla/1.3.1 Safari/533.3" 34.95.161.195 - - [11/Jun/2026:08:32:29 +0200] "GET /actuator/threaddump HTTP/1.1" 403 7163 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2166.2 Safari/537.36" 34.95.161.195 - - [11/Jun/2026:08:32:29 +0200] "GET /backend/actuator/configprops HTTP/1.1" 403 7163 "-" "Mozilla/5.0 (Linux; Android 9; ANE-LX1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" 34.95.161.195 - - [11/Jun/2026:08:32:29 +0200] "GET /info.php HTTP/1.1" 403 7163 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0" 34.95.161.195 - - [11/Jun/2026:08:32:29 +0200] "GET /actuator/sessions HTTP/1.1" 403 7163 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.87 Safari/537.36" 34 ... show less	DDoS Attack
🇩🇪 updown.io	2026-06-11 05:53:07 (2 days ago)	{"level":"info","ts":1781157186.436667,"logger":"http.log.access.log1","msg":"handled request","requ ... show more {"level":"info","ts":1781157186.436667,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.95.161.195","remote_port":"35968","client_ip":"34.95.161.195","proto":"HTTP/1.1","method":"GET","host":"rqporqponmlkjihgfehgc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io","uri":"/v1/actuator/configprops","headers":{"User-Agent":["Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.122 Safari/537.36 Vivaldi/2.3.1440.61"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"]}},"bytes_read":0,"user_id":"","duration":0.000084471,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://rqporqponmlkjihgfehgc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io/v1/actuator/configprops"],"Content-Type":[]}} {"level":"info","ts":1781157186.4369924,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.95.161.195"," ... show less	DDoS Attack Web App Attack
Anonymous	2026-06-10 22:42:32 (2 days ago)	(caddyscan) Scanner path probe from 34.95.161.195 (BR/Brazil/195.161.95.34.bc.googleusercontent.com) ... show more (caddyscan) Scanner path probe from 34.95.161.195 (BR/Brazil/195.161.95.34.bc.googleusercontent.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 34.95.161.195 - - [10/Jun/2026:22:42:31 +0000] "GET /app/actuator/configprops HTTP/1.1" [REDACTED] 200 2627 34.95.161.195 - - [10/Jun/2026:22:42:31 +0000] "GET /actuator/dump HTTP/1.1" [REDACTED] 200 2627 34.95.161.195 - - [10/Jun/2026:22:42:31 +0000] "GET /actuator/heapdump HTTP/1.1" [REDACTED] 200 2627 34.95.161.195 - - [10/Jun/2026:22:42:31 +0000] "GET /actuator/configprops HTTP/1.1" [REDACTED] 200 2627 34.95.161.195 - - [10/Jun/2026:22:42:31 +0000] "GET /actuator/trace HTTP/1.1" show less	Port Scan
Anonymous	2026-06-10 22:30:04 (2 days ago)	\| [Dangerous/Brazil] Aggressive IP 34.95.161.195 (~30 hits). Type: DoS Defender- Web server 400 erro ... show more \| [Dangerous/Brazil] Aggressive IP 34.95.161.195 (~30 hits). Type: DoS Defender- Web server 400 error code show less	Web App Attack Hacking SQL Injection
🇦🇺 nzhost.co.nz	2026-06-10 16:43:17 (2 days ago)	$f2bV_matches	Hacking Brute-Force
🇫🇷 masterguru	2026-06-10 14:31:01 (3 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.95.161.195 (BR/Brazil/195.161.95.3 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.95.161.195 (BR/Brazil/195.161.95.34.bc.googleusercontent.com): 1 in the last 3600 secs (0-195) show less	Hacking

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇪 179.6.5.62

🇺🇦 2a06:6440:0:2c94::1

🇻🇪 201.249.87.201

🇧🇷 189.56.0.19

🇩🇪 130.61.152.179

🇺🇸 98.80.136.152

🇹🇷 91.151.95.154

🇺🇸 66.132.172.148

🇬🇧 35.203.210.81

🇺🇸 34.127.78.213

🇩🇪 31.76.111.27

🇸🇬 194.233.87.18

🇺🇸 104.168.162.165

🇷🇴 92.118.39.62

🇫🇷 51.68.34.131

🇨🇦 3.99.218.125

🇵🇰 202.47.57.74

🇨🇳 180.76.179.77

🇩🇪 165.227.159.13

🇧🇷 138.122.133.59