JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.154.24.42

34.154.24.42 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	42.24.154.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇮🇹 Italy
City	Milan, Lombardy

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.154.24.42

Whois 34.154.24.42

IP Abuse Reports for 34.154.24.42:

This IP address has been reported a total of 39 times from 30 distinct sources. 34.154.24.42 was first reported on June 9th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-12 04:34:48 (1 week ago)	Aggressive web scan	Web App Attack
Anonymous	2026-06-11 22:33:12 (1 week ago)	Bot / seems abusive / Apache connections: 237	DDoS Attack Web Spam Bad Web Bot Web App Attack
🇬🇧 Yosi	2026-06-11 21:13:00 (1 week ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇺🇸 paulo.apoloni	2026-06-11 20:56:34 (1 week ago)	34.154.24.42 - - [11/Jun/2026:17:56:33 -0300] "GET /.aws/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Li ... show more 34.154.24.42 - - [11/Jun/2026:17:56:33 -0300] "GET /.aws/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Linux; Android 4.3; SPH-L710 Build/JSS15J) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.99 Mobile Safari/537.36" 34.154.24.42 - - [11/Jun/2026:17:56:33 -0300] "GET /.aws/credentials HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Linux; Android 10; Pixel 3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" 34.154.24.42 - - [11/Jun/2026:17:56:33 -0300] "GET /.config/gcloud/credentials.db HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.50 Safari/537.36" 34.154.24.42 - - [11/Jun/2026:17:56:33 -0300] "GET /config/.aws/credentials HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.75 Safari/537.36" 34.154.24.42 - - [11/Jun/2026:17:56:34 -0300] "GET /mysqldump.sql HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 ( ... show less	Bad Web Bot Web App Attack
🇳🇱 Cloud86 B.V.	2026-06-11 13:13:06 (1 week ago)	categories: DDoS Attack	DDoS Attack
🇳🇱 e.fierstra	2026-06-11 11:25:54 (1 week ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇨🇭 TheCoon	2026-06-11 06:30:02 (1 week ago)	Automated: Credential theft attempt - JSON bomb served	Web App Attack Hacking
🇫🇷 masterguru	2026-06-11 04:10:28 (1 week ago)	Restricted File Access Attempt. Matched phrase "secrets.json" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇩🇪 Manuel Braeuer	2026-06-11 03:54:04 (1 week ago)	34.154.24.42 - - [11/Jun/2026:05:54:04 +0200] "GET /actuator/httptrace HTTP/1.1" 403 5528 "-" "Opera ... show more 34.154.24.42 - - [11/Jun/2026:05:54:04 +0200] "GET /actuator/httptrace HTTP/1.1" 403 5528 "-" "Opera/9.20 (Macintosh; Intel Mac OS X; U; en)" 34.154.24.42 - - [11/Jun/2026:05:54:04 +0200] "GET /actuator/auditevents HTTP/1.1" 403 5528 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 34.154.24.42 - - [11/Jun/2026:05:54:04 +0200] "GET /actuator/threaddump HTTP/1.1" 403 5528 "-" "Mozilla/5.0 (Linux; Android 9; Redmi Note 5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36" 34.154.24.42 - - [11/Jun/2026:05:54:04 +0200] "GET /actuator/logfile HTTP/1.1" 403 5528 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36 OPR/62.0.3331.101" 34.154.24.42 - - [11/Jun/2026:05:54:04 +0200] "GET /actuator/dump HTTP/1.1" 403 5528 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/ ... show less	Web App Attack
Anonymous	2026-06-10 23:34:22 (1 week ago)	34.154.24.42 - - [11/Jun/2026:01:34:20 +0200] "GET /phpinfo.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 ( ... show more 34.154.24.42 - - [11/Jun/2026:01:34:20 +0200] "GET /phpinfo.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 34.154.24.42 - - [11/Jun/2026:01:34:20 +0200] "GET /info.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Linux; Android 9; MI 8 Lite Build/PKQ1.181007.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/66.0.3359.126 MQQBrowser/6.2 TBS/044807 Mobile Safari/537.36 MMWEBID/1409 MicroMessenger/7.0.6.1460(0x27000634) Process/tools NetType/4G Language/zh_CN" 34.154.24.42 - - [11/Jun/2026:01:34:20 +0200] "GET /test.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Linux; U; Android 2.1-update1; de-de; HTC Desire 1.19.161.5 Build/ERE27) AppleWebKit/530.17 (KHTML, like Gecko) Version/4.0 Mobile Safari/530.17" 34.154.24.42 - - [11/Jun/2026:01:34:20 +0200] "GET /debug.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0. ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 19:52:28 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 34.154.24.42 (42.24.154.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210730) triggered by 34.154.24.42 (42.24.154.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 15:52:23.977358 2026] [security2:error] [pid 19974:tid 19974] [client 34.154.24.42:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.kidswithcamerasmovie.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.kidswithcamerasmovie.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ainAd-s61B8uDNlHhVdxRAAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-10 19:43:18 (1 week ago)	(caddyscan) Scanner path probe from 34.154.24.42 (IT/Italy/42.24.154.34.bc.googleusercontent.com): 5 ... show more (caddyscan) Scanner path probe from 34.154.24.42 (IT/Italy/42.24.154.34.bc.googleusercontent.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 34.154.24.42 - - [10/Jun/2026:19:43:13 +0000] "GET /.aws/config HTTP/1.1" [REDACTED] 200 2627 34.154.24.42 - - [10/Jun/2026:19:43:15 +0000] "GET /server/actuator/heapdump HTTP/1.1" [REDACTED] 200 2627 34.154.24.42 - - [10/Jun/2026:19:43:15 +0000] "GET /.htaccess HTTP/1.1" [REDACTED] 200 2627 34.154.24.42 - - [10/Jun/2026:19:43:15 +0000] "GET /.ssh/id_rsa HTTP/1.1" [REDACTED] 200 2627 34.154.24.42 - - [10/Jun/2026:19:43:15 +0000] "GET /.ssh/authorized_keys HTTP/1.1" show less	Port Scan
🇬🇧 consul.to	2026-06-10 16:15:04 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-06-10 15:54:59 (1 week ago)	Aggressive web scan	Web App Attack
🇫🇷 masterguru	2026-06-10 11:05:13 (1 week ago)	Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-193)	Hacking

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.109.141.9

🇳🇱 195.178.110.30

🇺🇸 156.232.13.161

🇫🇮 147.185.133.39

🇨🇭 107.189.5.121

🇱🇹 81.30.98.142

🇮🇹 79.31.175.3

🇮🇳 217.216.59.228

🇩🇪 195.230.103.249

🇨🇳 180.153.236.141

🇺🇸 172.253.9.147

🇺🇸 147.185.132.116

🇨🇳 123.166.174.161

🇮🇳 103.76.59.180

🇰🇪 102.205.85.11

🇧🇬 91.191.209.46

🇳🇱 91.92.40.237

🇨🇦 85.217.149.5

🇺🇸 70.117.114.226

🇲🇾 47.250.83.82