JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.21.18.152

34.21.18.152 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	152.18.21.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	Washington, District of Columbia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.21.18.152

Whois 34.21.18.152

IP Abuse Reports for 34.21.18.152:

This IP address has been reported a total of 25 times from 22 distinct sources. 34.21.18.152 was first reported on June 10th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 taivas.nl	2026-06-11 04:32:32 (1 day ago)	Many_bad_calls	Web App Attack
🇺🇸 mnsf	2026-06-10 13:06:20 (2 days ago)	Too many Status 40X (14)	Brute-Force Web App Attack
🇧🇪 cmbplf	2026-06-10 12:35:49 (2 days ago)	18.171 requests with url.path //xmlrpc.php 18.012 requests with url.path /xmlrpc.php 4.224 reque ... show more 18.171 requests with url.path //xmlrpc.php 18.012 requests with url.path /xmlrpc.php 4.224 requests with url.path */wp-includes/wlwmanifest.xml show less	Brute-Force Bad Web Bot
🇩🇪 Nightreaver	2026-06-10 12:22:44 (2 days ago)	34.21.18.152 - - [10/Jun/2026:14:22:43 0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 ... show more 34.21.18.152 - - [10/Jun/2026:14:22:43 0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 521 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.21.18.152 - - [10/Jun/2026:14:22:43 0200] "GET //web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 521 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.21.18.152 - - [10/Jun/2026:14:22:43 0200] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 521 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.21.18.152 - - [10/Jun/2026:14:22:43 0200] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 521 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.21.18.152 - - [10/Jun/2026:14:22:44 0200] "GET //2020/wp-includes/wlwmanifest.xml HTTP/1.1" 404 521 "-" "Mozill[...] show less	Bad Web Bot Web App Attack
🇫🇮 as211431.net	2026-06-10 12:21:03 (2 days ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: //test/wp-includes/wlwmanifest.xml UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇯🇵 beon	2026-06-10 12:20:40 (2 days ago)	[DateTime=>2026-06-10T12:20:40Z to 2026-06-10T12:20:42Z (UTC)] , [HoneyPot_Hits=>12 times] , [HoneyP ... show more [DateTime=>2026-06-10T12:20:40Z to 2026-06-10T12:20:42Z (UTC)] , [HoneyPot_Hits=>12 times] , [HoneyPots=>/xmlrpc.php, /blog/wp-includes/wlwmanifest.xml, /blog/, /blog/wp-json/wp/v2/users/, /blog/wp-json/oembed/1.0/embed, /blog/xmlrpc.php] , [total_Hits=>13 times] , [hit_per_second=>6.5] , [Keyword=>WordPress, irregular query] show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 12:17:50 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 34.21.18.152 (152.18.21.34.bc.googleusercontent ... show more (mod_security) mod_security (id:225170) triggered by 34.21.18.152 (152.18.21.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 08:17:42.548624 2026] [security2:error] [pid 23660:tid 23660] [client 34.21.18.152:59680] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mtl.microkerneltechnologies.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mtl.microkerneltechnologies.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ailV5j60rzuK-3U6vBE5qQAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-06-10 12:17:30 (2 days ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇩🇪 Melle	2026-06-10 12:13:59 (2 days ago)	Blocked by CrowdSec \| Scenario: crowdsecurity/http-probing \| 34.21.18.152 triggered 11 events \| Dete ... show more Blocked by CrowdSec \| Scenario: crowdsecurity/http-probing \| 34.21.18.152 triggered 11 events \| Detected: 2026-06-10T12:13:57.100193803Z show less	Web App Attack Hacking
Anonymous	2026-06-10 12:13:30 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇩🇪 Blexyel	2026-06-10 12:11:55 (2 days ago)	34.21.18.152 - - [10/Jun/2026:14:11:54 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 5 ... show more 34.21.18.152 - - [10/Jun/2026:14:11:54 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" ... show less	Brute-Force Web App Attack
🇵🇱 strefapi_com	2026-06-10 12:11:39 (2 days ago)	Brute-force, web ...	Hacking Brute-Force Web App Attack
🇩🇪 grassau.com	2026-06-10 11:48:56 (2 days ago)	(wordpress) Failed wordpress login from 34.21.18.152 (US/United States/District of Columbia/Washingt ... show more (wordpress) Failed wordpress login from 34.21.18.152 (US/United States/District of Columbia/Washington/152.18.21.34.bc.googleusercontent.com) show less	Brute-Force
🇳🇿 realstuffie	2026-06-10 11:41:16 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
Anonymous	2026-06-10 11:39:26 (2 days ago)	34.21.18.152 - - [10/Jun/2026:13:39:25 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 451 "- ... show more 34.21.18.152 - - [10/Jun/2026:13:39:25 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 451 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.21.18.152 - - [10/Jun/2026:13:39:25 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 451 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.21.18.152 - - [10/Jun/2026:13:39:25 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 451 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.21.18.152 - - [10/Jun/2026:13:39:25 +0200] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 451 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.21.18.152 - - [10/Jun/2026:13:39:26 +0200] "GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 451 "-" ... show less	Brute-Force Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.137.75.199

🇬🇧 35.203.210.58

🇺🇸 23.234.78.22

🇧🇷 170.231.25.47

🇺🇸 147.185.132.138

🇰🇷 118.218.219.250

🇲🇾 118.101.207.229

🇰🇷 106.240.29.98

🇳🇱 45.153.34.181

🇬🇧 35.203.210.167

🇬🇧 35.203.210.103

🇳🇱 34.12.211.86

🇺🇸 23.234.78.111

🇺🇸 23.234.77.58

🇺🇸 205.210.31.94

🇺🇸 205.210.31.9

🇺🇬 196.0.242.54

🇩🇪 193.169.194.14

🇸🇪 185.101.21.97

🇺🇸 184.105.247.228