JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.14.42.52

34.14.42.52 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 68%: ?

68%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	52.42.14.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇧🇪 Belgium
City	Brussels, Brussels Capital

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.14.42.52

Whois 34.14.42.52

IP Abuse Reports for 34.14.42.52:

This IP address has been reported a total of 15 times from 11 distinct sources. 34.14.42.52 was first reported on June 8th 2026, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 oisecnet	2026-06-08 21:02:44 (14 hours ago)	Automated report: Unauthorized vulnerability scanning detected on 2026-06-08. 1624 requests from thi ... show more Automated report: Unauthorized vulnerability scanning detected on 2026-06-08. 1624 requests from this IP. show less	Brute-Force Web App Attack SSH
🇺🇸 TPI-Abuse	2026-06-08 16:07:34 (19 hours ago)	(mod_security) mod_security (id:210730) triggered by 34.14.42.52 (52.42.14.34.bc.googleusercontent.c ... show more (mod_security) mod_security (id:210730) triggered by 34.14.42.52 (52.42.14.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 12:07:26.541496 2026] [security2:error] [pid 23729:tid 23729] [client 34.14.42.52:49442] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|rosemeadefarms.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "rosemeadefarms.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "aibovg1l6BL4I-FUeuG_LgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-08 15:48:41 (19 hours ago)	Excessive multi-domain requests	Brute-Force
🇳🇱 Savvii	2026-06-08 15:16:05 (19 hours ago)	20 attempts against mh-misbehave-ban on ficus	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 12:57:47 (22 hours ago)	(mod_security) mod_security (id:210730) triggered by 34.14.42.52 (52.42.14.34.bc.googleusercontent.c ... show more (mod_security) mod_security (id:210730) triggered by 34.14.42.52 (52.42.14.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 08:57:42.809764 2026] [security2:error] [pid 24917:tid 24917] [client 34.14.42.52:46382] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.1st-pick.com.misogynyis.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.1st-pick.com.misogynyis.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "aia8Rq4Ojj6YmfoqhcwHrgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 maxpower	2026-06-08 10:46:08 (1 day ago)	(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 34.14.42.52 (BE/Belgium/52.42.14.34.bc.g ... show more (exploit_critical) REGOLA 2 - Critical File Exploit Attempt 34.14.42.52 (BE/Belgium/52.42.14.34.bc.googleusercontent.com): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 34.14.42.52 - - [08/Jun/2026:12:45:55 +0200] "GET /.aws/credentials HTTP/1.1" 404 355 "-" "Mozilla/5.0 (compatible; alexa site audit/1.0; +http://www.alexa.com/help/webmasters; )" "-" host=tecnousatopescara.it 34.14.42.52 - - [08/Jun/2026:12:45:55 +0200] "GET /config/.aws/credentials HTTP/1.1" 404 355 "-" "Mozilla/4.1 (compatible; MSIE 5.0; Symbian OS; Nokia 6600;452) Opera 6.20 [en-US]" "-" host=tecnousatopescara.it show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-08 10:31:30 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 34.14.42.52 (52.42.14.34.bc.googleusercontent.c ... show more (mod_security) mod_security (id:210831) triggered by 34.14.42.52 (52.42.14.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:31:22.238768 2026] [security2:error] [pid 27304:tid 27304] [client 34.14.42.52:35356] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.fluff2.instagenii.com\|F\|4"] [data "grub-client"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.fluff2.instagenii.com"] [uri "/api/phpinfo.php"] [unique_id "aiaZ-ucef22tZG2u0-Hh7AAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-08 09:08:33 (1 day ago)	Scanning/Probing (53) Request Overload (210)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 05:01:39 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 34.14.42.52 (52.42.14.34.bc.googleusercontent.c ... show more (mod_security) mod_security (id:210730) triggered by 34.14.42.52 (52.42.14.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 01:01:32.772720 2026] [security2:error] [pid 30019:tid 30019] [client 34.14.42.52:33132] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.tecnoconce.tecnoconce.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tecnoconce.tecnoconce.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "aiZMrFqAnhhizAp5Un2UgQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-08 04:10:44 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-06-08 03:23:19 (1 day ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 03:04:25 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 34.14.42.52 (52.42.14.34.bc.googleusercontent.c ... show more (mod_security) mod_security (id:210492) triggered by 34.14.42.52 (52.42.14.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 23:04:21.536664 2026] [security2:error] [pid 20263:tid 20263] [client 34.14.42.52:60416] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.labelrecord.com"] [uri "/config/parameters.yml"] [unique_id "aiYxNU-lmt8VASGhXO5CdAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-08 01:10:04 (1 day ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-08 01:04:25 (1 day ago)	Multiple WAF Violations	Web App Attack
🇩🇪 Philister11	2026-06-08 00:40:51 (1 day ago)	CrowdSec: crowdsecurity/http-probing (BE/AS396982)	Web App Attack Hacking

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇭 2001:fd8:b9a8:a300:fd84:366:36d4:e21a

🇩🇪 213.209.159.36

🇺🇸 172.202.96.198

🇪🇨 157.100.136.14

🇨🇳 123.178.210.106

🇷🇴 92.118.39.236

🇵🇹 89.153.125.230

🇮🇹 83.224.171.246

🇨🇳 58.212.237.181

🇧🇷 34.151.215.198

🇳🇱 31.14.32.4

🇳🇱 5.187.35.142

🇫🇷 2001:41d0:33d:9200::40a

🇫🇷 194.60.201.87

🇷🇴 193.46.255.86

🇨🇳 139.212.68.144

🇨🇳 27.155.77.43

🇹🇼 198.235.24.69

🇸🇦 130.164.164.105

🇭🇰 124.156.129.246