JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.20.143.17

34.20.143.17 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	17.143.20.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.20.143.17

Whois 34.20.143.17

IP Abuse Reports for 34.20.143.17:

This IP address has been reported a total of 38 times from 29 distinct sources. 34.20.143.17 was first reported on June 9th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-12 02:58:09 (4 days ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 18:44:15 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 34.20.143.17 (17.143.20.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.20.143.17 (17.143.20.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 14:44:07.727543 2026] [security2:error] [pid 25073:tid 25073] [client 34.20.143.17:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.txt" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.ndanetworks.com"] [uri "/wp-config.txt"] [unique_id "aisB98WdjntiDLqSPFYjbAAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 gamabe	2026-06-11 17:19:12 (4 days ago)	Detected crowdsecurity/http-sensitive-files attack pattern. Reported by CrowdSec IDS.	Hacking
🇬🇧 poundawebsiteltd	2026-06-11 16:50:01 (4 days ago)	Malicious activity in apache-honeypot. Evidence: [REDACTED_DOMAIN]:443 34.20.143.17 - - [11/Jun/2026 ... show more Malicious activity in apache-honeypot. Evidence: [REDACTED_DOMAIN]:443 34.20.143.17 - - [11/Jun/2026:17:49:59 +0100] GET /backups/db.sql HTTP/1.1 301 3318 - Mozilla/5.0 (X11; Linux i686; rv:6.0) Gecko/20100101 Firefox/6.0 show less	Brute-Force Web App Attack
🇳🇱 Cloud86 B.V.	2026-06-11 16:13:02 (4 days ago)	categories: DDoS Attack	DDoS Attack
🇳🇱 Site.eu	2026-06-11 02:44:28 (5 days ago)	Excessive multi-domain requests	Brute-Force
🇫🇮 as211431.net	2026-06-11 00:28:47 (5 days ago)	Triggered Cloudflare WAF (linkMaze) from US. Action taken: LINK_MAZE_INJECTED Protocol: HTTP/1.1 (GE ... show more Triggered Cloudflare WAF (linkMaze) from US. Action taken: LINK_MAZE_INJECTED Protocol: HTTP/1.1 (GET method) Endpoint: /private_key.pem UA: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.143 YaBrowser/19.7.2.455 Yowser/2.5 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-06-10 11:45:11 (5 days ago)	Bot / seems abusive / Apache connections: 142	DDoS Attack Web Spam Bad Web Bot Web App Attack
Anonymous	2026-06-10 11:17:49 (5 days ago)	34.20.143.17 - - [10/Jun/2026:13:17:45 +0200] "GET /app/actuator/configprops HTTP/1.1" 403 7151 "-" ... show more 34.20.143.17 - - [10/Jun/2026:13:17:45 +0200] "GET /app/actuator/configprops HTTP/1.1" 403 7151 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36 OPR/32.0.1948.25" 34.20.143.17 - - [10/Jun/2026:13:17:45 +0200] "GET /app/actuator/env HTTP/1.1" 403 7151 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a3pre) Gecko/20070330" 34.20.143.17 - - [10/Jun/2026:13:17:45 +0200] "GET /app/actuator/logfile HTTP/1.1" 403 7151 "-" "Mozilla/5.0 (Linux; Android 9; SM-G9600) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36" 34.20.143.17 - - [10/Jun/2026:13:17:45 +0200] "GET /actuator/sessions HTTP/1.1" 403 7151 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.90 Safari/537.36" 34.20.143.17 - - [10/Jun/2026:13:17:45 +0200] "GET /server/actuator/env HTTP/1.1" 403 7151 "-" "SAMSUNG-SGH-E250/1.0 Profile/MIDP-2.0 Configuration/CLDC-1.1 UP.Browser/6.2.3.3.c.1 ... show less	DDoS Attack
Anonymous	2026-06-10 09:35:13 (5 days ago)	(caddyscan) Scanner path probe from 34.20.143.17 (US/United States/17.143.20.34.bc.googleusercontent ... show more (caddyscan) Scanner path probe from 34.20.143.17 (US/United States/17.143.20.34.bc.googleusercontent.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 34.20.143.17 - - [10/Jun/2026:09:35:10 +0000] "GET /actuator/logfile HTTP/1.1" [REDACTED] 200 2627 34.20.143.17 - - [10/Jun/2026:09:35:10 +0000] "GET /actuator/sessions HTTP/1.1" [REDACTED] 200 2627 34.20.143.17 - - [10/Jun/2026:09:35:10 +0000] "GET /app/actuator/env HTTP/1.1" [REDACTED] 200 2627 34.20.143.17 - - [10/Jun/2026:09:35:10 +0000] "GET /actuator/trace HTTP/1.1" [REDACTED] 200 2627 34.20.143.17 - - [10/Jun/2026:09:35:10 +0000] "GET /app/actuator/heapdump HTTP/1.1" show less	Port Scan
🇳🇱 debestelapp	2026-06-10 06:10:06 (5 days ago)		Web App Attack
🇩🇪 updown.io	2026-06-10 05:36:32 (5 days ago)	{"level":"info","ts":1781069791.077587,"logger":"http.log.access.log1","msg":"handled request","requ ... show more {"level":"info","ts":1781069791.077587,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.20.143.17","remote_port":"38604","client_ip":"34.20.143.17","proto":"HTTP/1.1","method":"GET","host":"status.myip.la","uri":"/dump","headers":{"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.110 Safari/537.36 Vivaldi/2.7.1628.28"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"status.myip.la","ech":false}},"bytes_read":0,"user_id":"","duration":0.000159704,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}} {"level":"info","ts":1781069791.081157,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.20.143.17","remote_port":"38594","client_ip":"34.20.143.17","proto":"HTTP/1.1","method":"GET"," ... show less	DDoS Attack Web App Attack
🇺🇸 mnsf	2026-06-10 04:05:46 (6 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇦🇺 tekgnosis	2026-06-10 03:47:07 (6 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇬🇧 consul.to	2026-06-10 03:38:36 (6 days ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇿🇼 197.221.232.44

🇧🇷 177.22.116.254

🇺🇸 142.93.183.153

🇷🇴 92.118.39.62

🇫🇷 91.231.89.25

🇨🇿 91.224.90.50

🇸🇪 65.99.181.123

🇧🇪 35.233.113.63

🇬🇧 35.203.210.69

🇹🇼 198.235.24.115

🇺🇸 192.129.183.139

🇰🇭 175.100.42.36

🇮🇩 103.59.161.173

🇫🇮 95.216.252.68

🇳🇱 45.142.193.191

🇩🇪 43.228.157.8

🇧🇷 20.206.64.115

🇮🇪 3.252.58.54

🇦🇷 179.60.228.74

🇳🇱 176.65.139.31