JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.21.143.105

34.21.143.105 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 44%: ?

44%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	105.143.21.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.21.143.105

Whois 34.21.143.105

IP Abuse Reports for 34.21.143.105:

This IP address has been reported a total of 20 times from 17 distinct sources. 34.21.143.105 was first reported on May 26th 2026, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-05-28 22:32:02 (4 weeks ago)		Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-28 22:01:50 (4 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-27. show less	Web App Attack SSH Hacking
🇫🇷 SpaceHost-Server	2026-05-27 22:29:19 (1 month ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 18:43:49 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 34.21.143.105 (105.143.21.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210730) triggered by 34.21.143.105 (105.143.21.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 14:43:44.567765 2026] [security2:error] [pid 10810:tid 10867] [client 34.21.143.105:41490] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.chanyin.org\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.chanyin.org"] [uri "/.config/gcloud/credentials.db"] [unique_id "ahc7YAin-z81fTtfAjCB_QAAAIE"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 alferez	2026-05-27 13:30:12 (1 month ago)	Searching .env files	Hacking Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 10:48:39 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 34.21.143.105 (105.143.21.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210730) triggered by 34.21.143.105 (105.143.21.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 06:48:34.890225 2026] [security2:error] [pid 27984:tid 27984] [client 34.21.143.105:37582] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.partyinvitationsprinted.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.partyinvitationsprinted.com"] [uri "/pg_dump.sql"] [unique_id "ahbMArku517Bgvh7DANJywAAAJU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-05-27 08:03:27 (1 month ago)	Apache-badbot jail block	Bad Web Bot
Anonymous	2026-05-27 07:30:02 (1 month ago)	\| [Dangerous/Singapore] Aggressive IP 34.21.143.105 (~30 hits). Type: DoS Defender- Web server 400 e ... show more \| [Dangerous/Singapore] Aggressive IP 34.21.143.105 (~30 hits). Type: DoS Defender- Web server 400 error code show less	Web App Attack Hacking SQL Injection
Anonymous	2026-05-27 06:05:30 (1 month ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇫🇷 dynamix	2026-05-27 05:43:52 (1 month ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-05-27 05:33:05 (1 month ago)	34.21.143.105 - - [27/May/2026:05:33:04 +0000] "GET /backup.sql.gz HTTP/1.1" 302 3357 "-" "Mozilla/5 ... show more 34.21.143.105 - - [27/May/2026:05:33:04 +0000] "GET /backup.sql.gz HTTP/1.1" 302 3357 "-" "Mozilla/5.0 (Linux; Android 9; Redmi Note 7 Build/PKQ1.180904.001) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/9.4 Chrome/67.0.3396.87 Mobile Safari/537.36" ... show less	Bad Web Bot Web App Attack
Anonymous	2026-05-27 05:18:37 (1 month ago)	34.21.143.105 detected on srv01	Brute-Force
🇩🇪 Marc	2026-05-27 03:51:22 (1 month ago)	34.21.143.105 - - [27/May/2026:05:51:21 +0200] "GET /.github/workflows/deploy.yml HTTP/1.1" 404 2982 ... show more 34.21.143.105 - - [27/May/2026:05:51:21 +0200] "GET /.github/workflows/deploy.yml HTTP/1.1" 404 2982 "-" "Mozilla/5.0 (X11; Linux armv7l) AppleWebKit/537.36 (KHTML, like Gecko) Raspbian Chromium/72.0.3626.121 Chrome/72.0.3626.121 Safari/537.36" 34.21.143.105 - - [27/May/2026:05:51:21 +0200] "GET /.gitlab-ci.yml HTTP/1.1" 404 2983 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36" 34.21.143.105 - - [27/May/2026:05:51:21 +0200] "GET /.github/workflows/ci.yml HTTP/1.1" 404 2984 "-" "Mozilla/5.0 (Linux; Android 8.0.0; moto e5 plus) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36" show less	Brute-Force
🇺🇸 TPI-Abuse	2026-05-27 02:49:50 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 34.21.143.105 (105.143.21.34.bc.googleuserconte ... show more (mod_security) mod_security (id:210730) triggered by 34.21.143.105 (105.143.21.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 22:49:42.364379 2026] [security2:error] [pid 15083:tid 15083] [client 34.21.143.105:52012] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.goldandsilverni.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.goldandsilverni.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ahZbxjLSy4JyZZ_SG5xCagAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ParaBug	2026-05-27 02:39:01 (1 month ago)	34.21.143.105 - - [27/May/2026:04:39:00 +0200] "GET /api/actuator/heapdump HTTP/1.1" 301 3130 "-" "M ... show more 34.21.143.105 - - [27/May/2026:04:39:00 +0200] "GET /api/actuator/heapdump HTTP/1.1" 301 3130 "-" "Mozilla/5.0 (Linux; U; Android 6.0; en-US; Redmi Note 4 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/57.0.2987.108 UCBrowser/12.13.0.1207 Mobile Safari/537.36" ... show less	Phishing Brute-Force Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 209.42.21.221

🇨🇴 200.10.29.234

🇷🇴 194.102.40.134

🇲🇽 189.229.41.186

🇺🇸 165.22.138.203

🇵🇰 154.57.197.145

🇸🇬 84.75.155.211

🇸🇬 84.75.150.82

🇸🇬 84.75.150.71

🇸🇬 84.75.150.42

🇸🇬 84.75.150.36

🇺🇸 66.132.172.252

🇨🇳 58.18.80.18

🇺🇸 52.202.8.143

🇧🇷 45.232.65.142

🇺🇸 44.203.62.105

🇨🇳 42.102.230.72

🇵🇪 190.223.60.209

🇲🇽 187.190.35.163

🇺🇸 185.215.181.191