JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.95.213.197

34.95.213.197 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	197.213.95.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇧🇷 Brazil
City	Sao Paulo, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.95.213.197

Whois 34.95.213.197

IP Abuse Reports for 34.95.213.197:

This IP address has been reported a total of 27 times from 23 distinct sources. 34.95.213.197 was first reported on June 9th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-10 22:01:04 (3 hours ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-09. show less	Web App Attack SSH Hacking
🇷🇺 DZBOT	2026-06-10 15:49:20 (9 hours ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇧🇪 cmbplf	2026-06-10 07:03:17 (18 hours ago)	2.115 requests from abuseipdb.com blacklisted IP (8mos2d20h)	Brute-Force Bad Web Bot
🇳🇱 Cloud86 B.V.	2026-06-10 04:52:02 (20 hours ago)	categories: DDoS Attack	DDoS Attack
🇩🇪 updown.io	2026-06-10 04:19:59 (20 hours ago)	{"level":"info","ts":1781065198.8497326,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781065198.8497326,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.95.213.197","remote_port":"58018","client_ip":"34.95.213.197","proto":"HTTP/1.1","method":"GET","host":"p2status.altdc.ro","uri":"/actuator/auditevents","headers":{"User-Agent":["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"p2status.altdc.ro","ech":false}},"bytes_read":0,"user_id":"","duration":0.000108026,"size":0,"status":429,"resp_headers":{"Retry-After":["1"],"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"]}} {"level":"info","ts":1781065198.8525598,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.95.213.197","remote_port":"58034","client_ip":"34.95.213.197","proto":"HTTP/1.1","method":"GET","host":"p2 ... show less	DDoS Attack Web App Attack
🇩🇪 rh24	2026-06-10 04:17:15 (20 hours ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted] from 34.95.213.197 (BR/Br ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 34.95.213.197 (BR/Brazil/197.213.95.34.bc.googleusercontent.com) show less	Bad Web Bot
🇩🇪 webanyone	2026-06-10 03:45:26 (21 hours ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇩🇪 s@ch@	2026-06-10 02:15:02 (22 hours ago)	Jail: plesk-modsecurity \| Web application attack (Plesk ModSecurity)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 00:29:15 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 34.95.213.197 (197.213.95.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210492) triggered by 34.95.213.197 (197.213.95.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 20:29:09.066506 2026] [security2:error] [pid 27876:tid 27876] [client 34.95.213.197:45100] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.maverickhousellc.com"] [uri "/wp-config.php"] [unique_id "aiiv1aLY0yOnrC4VlbdV3wAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 21:22:08 (1 day ago)	Multiple, malicious web requests detected	Port Scan Hacking
Anonymous	2026-06-09 20:40:03 (1 day ago)	\| [Dangerous/Brazil] Aggressive IP 34.95.213.197 (~30 hits). Type: DoS Defender- Web server 400 erro ... show more \| [Dangerous/Brazil] Aggressive IP 34.95.213.197 (~30 hits). Type: DoS Defender- Web server 400 error code show less	Web App Attack Hacking SQL Injection
🇩🇪 4server	2026-06-09 17:41:18 (1 day ago)	[TueJun0919:41:14.4088712026][security2:error][pid3281432:tid3281529][client34.95.213.197:0]ModSecur ... show more [TueJun0919:41:14.4088712026][security2:error][pid3281432:tid3281529][client34.95.213.197:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:10\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"dgtime.ch\"][uri\"/config/.aws/credentials\"][unique_id\"aihQOv2pQD_g_wYttcV3XwAAAMo\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 antlac1	2026-06-09 17:11:08 (1 day ago)	crowdsecurity/http-crawl-non_statics	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-09 11:17:45 (1 day ago)	Restricted File Access Attempt. Matched phrase ".aws/" at REQUEST_FILENAME. (930130-197)	Hacking Web App Attack
🇩🇪 Dominik Lysiak	2026-06-09 11:17:04 (1 day ago)	34.95.213.197 - - [09/Jun/2026:13:17:03 +0200] "GET /php.php HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Win ... show more 34.95.213.197 - - [09/Jun/2026:13:17:03 +0200] "GET /php.php HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36" 34.95.213.197 - - [09/Jun/2026:13:17:03 +0200] "GET /info.php HTTP/1.1" 404 178 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.2)" 34.95.213.197 - - [09/Jun/2026:13:17:03 +0200] "GET /debug.php HTTP/1.1" 404 146 "-" "Opera/9.80 (X11; Linux x86_64; U; pl) Presto/2.7.62 Version/11.00" 34.95.213.197 - - [09/Jun/2026:13:17:03 +0200] "GET /aws.json HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3888.0 Safari/537.36" 34.95.213.197 - - [09/Jun/2026:13:17:03 +0200] "GET /test.php HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Linux; Android 9; POT-LX1) AppleWebKit/537.36 (KHTML, like Gecko) Chro ... show less	Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.91.89.87

🇳🇱 195.178.110.157

🇺🇸 174.75.211.222

🇨🇳 116.179.32.211

🇧🇩 114.134.95.238

🇮🇳 103.251.31.166

🇬🇧 89.37.172.132

🇩🇪 69.5.169.229

🇫🇷 15.236.225.192

🇷🇴 2.57.121.112

🇻🇪 201.249.205.94

🇬🇧 194.50.235.136

🇮🇩 163.227.52.50

🇺🇸 162.216.149.198

🇺🇸 144.172.100.95

🇵🇱 138.124.242.51

🇨🇳 121.41.167.115

🇬🇧 81.19.219.196

🇺🇸 75.39.180.172

🇺🇸 68.209.158.79