JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.32.221.52

34.32.221.52 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 81%: ?

81%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	52.221.32.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇳🇱 Netherlands
City	Groningen, Groningen

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.32.221.52

Whois 34.32.221.52

IP Abuse Reports for 34.32.221.52:

This IP address has been reported a total of 16 times from 14 distinct sources. 34.32.221.52 was first reported on June 13th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-16 22:00:36 (1 day ago)	Auto-ban: 377 malicious requests on 2026-06-15 (e.g., env/backup probes, brute-force, or error burst ... show more Auto-ban: 377 malicious requests on 2026-06-15 (e.g., env/backup probes, brute-force, or error bursts). show less	Web App Attack SSH Hacking
🇫🇷 masterguru	2026-06-15 05:12:23 (3 days ago)	BAD BOT - Detected and Blocked.. Matched phrase "baidu" at REQUEST_HEADERS:User-Agent. (1100000-193)	Bad Web Bot
🇮🇹 festigf	2026-06-15 05:03:25 (3 days ago)	Attacco rilevato da Fail2Ban su Nginx	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 01:36:57 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.32.221.52 (52.221.32.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.32.221.52 (52.221.32.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 21:36:49.234520 2026] [security2:error] [pid 10861:tid 10861] [client 34.32.221.52:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/config/config.yml" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.portfoliolighting.net"] [uri "/config/config.yml"] [unique_id "ai9XMXDxDAYwzl49-228dwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 01:08:42 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 34.32.221.52 (52.221.32.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210730) triggered by 34.32.221.52 (52.221.32.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 21:08:37.418100 2026] [security2:error] [pid 2978:tid 2996] [client 34.32.221.52:44946] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|apada.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "apada.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai9QleiWhE8cddwdJPxQLAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 00:30:13 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 34.32.221.52 (52.221.32.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.32.221.52 (52.221.32.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 20:30:09.233725 2026] [security2:error] [pid 17667:tid 17667] [client 34.32.221.52:51102] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/config/config.yml" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.images.hotwheelguide.com"] [uri "/config/config.yml"] [unique_id "ai9HkYmkuqijXS3tlQDPOgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Cloud86 B.V.	2026-06-14 23:13:04 (3 days ago)	categories: DDoS Attack	DDoS Attack
🇪🇸 pipeline.es	2026-06-14 21:17:28 (4 days ago)	Web scanning / probing for vulnerable paths \| URL: /mailer/sendgrid.py \| Evidence: www.serferryviaje ... show more Web scanning / probing for vulnerable paths \| URL: /mailer/sendgrid.py \| Evidence: www.serferryviajes.com 34.32.221.52 - - [14/Jun/2026:23:16:27 +0200] \"GET /mailer/sendgrid.py HTTP/1.1\" 404 3959 \"-\" \"Mozilla/5.0 (Linux; Android 9; SM-G973U1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36\" GEOIP_COUNTRY_CODE=NL \| ASN: GOOGLE-CLOUD-PLATFORM \| Country: NL show less	Port Scan Web App Attack
🇧🇷 diego	2026-06-14 20:00:20 (4 days ago)	[probe-44-49] 2026-06-14 19:40:55, Client: 34.32.221.52, Protocol: 6, Unauthorized activity to HTTP: ... show more [probe-44-49] 2026-06-14 19:40:55, Client: 34.32.221.52, Protocol: 6, Unauthorized activity to HTTP: GET /actuator/trace show less	Web App Attack
Anonymous	2026-06-14 14:35:09 (4 days ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇩🇪 vmd56152.contaboserver.net	2026-06-14 11:40:01 (4 days ago)	[Sun Jun 14 13:39:57.951997 2026] [proxy_fcgi:error] [pid 3060822:tid 140211195266816] [client 34.32 ... show more [Sun Jun 14 13:39:57.951997 2026] [proxy_fcgi:error] [pid 3060822:tid 140211195266816] [client 34.32.221.52:48498] AH01071: Got error 'Primary script unknown' [Sun Jun 14 13:39:57.953762 2026] [proxy_fcgi:error] [pid 3060824:tid 140211410396928] [client 34.32.221.52:48514] AH01071: Got error 'Primary script unknown' [Sun Jun 14 13:39:57.960306 2026] [proxy_fcgi:error] [pid 3060822:tid 140211069638400] [client 34.32.221.52:48528] AH01071: Got error 'Primary script unknown' [Sun Jun 14 13:39:57.967087 2026] [proxy_fcgi:error] [pid 3060823:tid 140210616661760] [client 34.32.221.52:48540] AH01071: Got error 'Primary script unknown' [Sun Jun 14 13:39:57.973007 2026] [proxy_fcgi:error] [pid 3060823:tid 140211002529536] [client 34.32.221.52:48552] AH01071: Got error 'Primary script unknown' [Sun Jun 14 13:39:57.981165 2026] [proxy_fcgi:error] [pid 3061140:tid 140210297870080] [client 34.32.221.52:48554] AH01071: Got error 'Primary script unknown' [Sun Jun 14 13:39:58.612367 2026] [proxy_fcgi: ... show less	Brute-Force
🇨🇭 Origon	2026-06-14 05:53:23 (4 days ago)	http-probing - IP: 34.32.221.52 - time="2026-06-14T07:53:22+02:00" level=info msg="(555f66b4f6a7455 ... show more http-probing - IP: 34.32.221.52 - time="2026-06-14T07:53:22+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 34.32.221.52 (NL/396982) : 4h ban on Ip 34.32.221.52" module=db show less	Web App Attack
Anonymous	2026-06-14 04:58:44 (4 days ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇮🇹 VHosting	2026-06-14 03:15:04 (4 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-14 03:03:30 (4 days ago)	Excessive 404/403 errors	Brute-Force

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇭 165.154.100.58

🇺🇸 216.73.160.9

🇺🇸 158.94.187.18

🇹🇼 123.195.208.111

🇨🇳 121.43.195.151

🇰🇷 106.246.224.218

🇱🇹 81.30.98.44

🇳🇱 51.158.205.47

🇨🇳 14.103.127.80

🇵🇱 217.182.77.22

🇨🇭 209.99.189.138

🇺🇸 205.210.31.94

🇺🇸 198.74.56.6

🇮🇳 182.156.6.210

🇷🇺 85.12.224.73

🇺🇸 52.200.142.199

🇳🇱 45.148.10.157

🇨🇳 36.139.138.72

🇺🇸 193.36.224.148

🇳🇱 176.65.139.181