JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.141.84.21

34.141.84.21 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 80%: ?

80%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	21.84.141.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.141.84.21

Whois 34.141.84.21

IP Abuse Reports for 34.141.84.21:

This IP address has been reported a total of 26 times from 20 distinct sources. 34.141.84.21 was first reported on June 8th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-09 22:03:32 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08. show less	Web App Attack SSH Hacking
🇳🇱 homeshowdomain.nl	2026-06-08 22:00:05 (1 week ago)	Auto-ban: >3000 req/min op 2026-06-08	Web App Attack SSH Hacking
🇳🇱 e.fierstra	2026-06-08 17:07:34 (1 week ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 MusicLibrary	2026-06-08 16:25:43 (1 week ago)	Attempted access to sensitive configuration files (.env, .git, etc.)	Bad Web Bot Web App Attack
🇳🇱 ConsulHosting	2026-06-08 16:20:42 (1 week ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
Anonymous	2026-06-08 15:59:13 (1 week ago)	Bot / seems abusive / Apache connections: 34	DDoS Attack Web Spam Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 15:48:10 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 34.141.84.21 (21.84.141.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210730) triggered by 34.141.84.21 (21.84.141.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 11:48:04.506849 2026] [security2:error] [pid 5607:tid 5629] [client 34.141.84.21:36922] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|eceinal.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "eceinal.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "aibkNCMidsOdKcF2XOSsmgAAAJQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 venus.launch.bz	2026-06-08 15:43:59 (1 week ago)	(mod_security) mod_security triggered on hostname [redacted] 34.141.84.21 (DE/Germany/21.84.141.34.b ... show more (mod_security) mod_security triggered on hostname [redacted] 34.141.84.21 (DE/Germany/21.84.141.34.bc.googleusercontent.com) show less	SQL Injection
🇩🇪 updown.io	2026-06-08 15:15:04 (1 week ago)	{"level":"info","ts":1780931701.900634,"logger":"http.log.access.log1","msg":"handled request","requ ... show more {"level":"info","ts":1780931701.900634,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.141.84.21","remote_port":"35178","client_ip":"34.141.84.21","proto":"HTTP/1.1","method":"GET","host":"yxwupdate.update.lkjidcbedgc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io","uri":"/actuator/heapdump","headers":{"User-Agent":["Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15G77 MicroMessenger/7.0.3(0x17000321) NetType/WIFI Language/zh_CN"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"]}},"bytes_read":0,"user_id":"","duration":0.00008363,"size":0,"status":308,"resp_headers":{"Content-Type":[],"Server":["Caddy"],"Connection":["close"],"Location":["https://yxwupdate.update.lkjidcbedgc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io/actuator/heapdump"]}} {"level":"info","ts":1780931701.9206605,"logger":"http.log.access.log1","msg":"handled request", ... show less	DDoS Attack Web App Attack
🇬🇧 Apache	2026-06-08 14:48:14 (1 week ago)	(mod_security) mod_security (id:930130) triggered by 34.141.84.21 (DE/Germany/21.84.141.34.bc.google ... show more (mod_security) mod_security (id:930130) triggered by 34.141.84.21 (DE/Germany/21.84.141.34.bc.googleusercontent.com): 5 in the last 300 secs (CF_ENABLE) show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 14:37:51 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 34.141.84.21 (21.84.141.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210730) triggered by 34.141.84.21 (21.84.141.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 10:37:45.110413 2026] [security2:error] [pid 21054:tid 21054] [client 34.141.84.21:40342] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|miscfiles.praemiumtech.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "miscfiles.praemiumtech.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "aibTuWpokovLn1A6rjLKOwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 14:02:07 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 34.141.84.21 (21.84.141.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210730) triggered by 34.141.84.21 (21.84.141.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 10:02:00.234635 2026] [security2:error] [pid 10137:tid 10137] [client 34.141.84.21:42704] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|andrewweigel.andrew.weigel.name\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "andrewweigel.andrew.weigel.name"] [uri "/.config/gcloud/credentials.db"] [unique_id "aibLWNsxr-Dwzq1QxuXJJAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Octopuce	2026-06-08 12:49:00 (1 week ago)	Aggressive web search of vulnerable pages: /settings.php /config.php /database.php /parameters.php / ... show more Aggressive web search of vulnerable pages: /settings.php /config.php /database.php /parameters.php /db.php /configuration.php /app/settings.php ... show less	Web App Attack
🇺🇸 jormaster3k	2026-06-08 12:46:15 (1 week ago)	Attack against Apache (too many 404s)	Web App Attack
🇩🇰 POO	2026-06-08 11:59:00 (1 week ago)	5 times "blocked for Exceeded the maximum number of page not found errors per minute for humans. at ... show more 5 times "blocked for Exceeded the maximum number of page not found errors per minute for humans. at *****" show less	Brute-Force Hacking

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.9

🇺🇸 172.234.199.190

🇺🇸 172.69.59.228

🇮🇳 117.194.175.164

🇵🇰 103.194.93.55

🇺🇸 74.142.22.250

🇨🇳 59.51.98.254

🇳🇱 31.187.64.123

🇨🇳 222.186.13.130

🇧🇷 189.20.181.138

🇸🇬 154.196.164.209

🇺🇸 132.196.69.70

🇮🇳 106.219.175.62

🇮🇷 94.182.152.148

🇹🇷 88.235.8.74

🇨🇦 67.71.55.209

🇬🇧 8.208.3.112

🇬🇧 193.163.125.36

🇨🇳 182.35.77.81

🇪🇸 178.237.235.242