JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 34.52.201.21

34.52.201.21 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 90%: ?

90%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	21.201.52.34.bc.googleusercontent.com
Domain Name	google.com
Country	🇧🇪 Belgium
City	Brussels, Brussels Capital

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 34.52.201.21

Whois 34.52.201.21

IP Abuse Reports for 34.52.201.21:

This IP address has been reported a total of 41 times from 21 distinct sources. 34.52.201.21 was first reported on June 8th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 tutaim.com	2026-06-09 22:00:18 (1 week ago)	⛔ [10/06/26] This IP has been detected performing multiple attacks on websites (4 attempts blocked). ... show more ⛔ [10/06/26] This IP has been detected performing multiple attacks on websites (4 attempts blocked). Potential malicious activity. show less	Brute-Force SSH Web App Attack FTP Brute-Force
🇳🇱 homeshowdomain.nl	2026-06-09 21:59:46 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08. show less	Web App Attack SSH Hacking
🇨🇭 4server	2026-06-09 15:47:29 (1 week ago)	[TueJun0917:47:22.1047072026][security2:error][pid1775656:tid1775946][client34.52.201.21:0]ModSecuri ... show more [TueJun0917:47:22.1047072026][security2:error][pid1775656:tid1775946][client34.52.201.21:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"fondazionemontgrand.ch.81-17-25-250.cpanel.site\"][uri\"/.git/config\"][unique_id\"aig1ioKsFfykoO4r_Cm-wwAAANQ\"] show less	Hacking Web App Attack
🇺🇸 lnklnx	2026-06-09 14:50:51 (1 week ago)	www.lincolnclan.com:443 34.52.201.21 - - [09/Jun/2026:09:50:48 -0500] "GET /.git/config HTTP/1.1" 40 ... show more www.lincolnclan.com:443 34.52.201.21 - - [09/Jun/2026:09:50:48 -0500] "GET /.git/config HTTP/1.1" 401 4079 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Win 9x 4.90)" ... show less	Web App Attack
🇺🇸 jcbriar	2026-06-09 13:56:32 (1 week ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇺🇸 juguemosalacarioca.com	2026-06-09 13:35:05 (1 week ago)	Multiple HTTP calls attempting to GET resources using common API calls or formats on port 8080	Web App Attack
🇩🇪 Ba-Yu	2026-06-09 11:24:41 (1 week ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 09:45:11 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 34.52.201.21 (21.201.52.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.52.201.21 (21.201.52.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 05:45:07.521657 2026] [security2:error] [pid 4030:tid 4030] [client 34.52.201.21:56614] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oakvillenaturopathicclinic.com"] [uri "/.git/config"] [unique_id "aifgo1mGUnXxxu4Vva0xNAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Bedios GmbH	2026-06-09 08:54:03 (1 week ago)	Login credentials theft attempt	Hacking
Anonymous	2026-06-09 07:17:48 (1 week ago)	[09/Jun/2026:17:17:48 +1000] "GET /.git/config HTTP/1.1" 301 292 "Screaming Frog SEO Spider/8.1"	Hacking Web App Attack
🇨🇭 TheCoon	2026-06-09 07:15:01 (1 week ago)	Automated: Credential theft attempt - JSON bomb served	Web App Attack Hacking
🇮🇹 LTM	2026-06-09 06:20:01 (1 week ago)	WebServer - Attempts to exploit	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 06:06:38 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 34.52.201.21 (21.201.52.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.52.201.21 (21.201.52.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 02:06:33.373773 2026] [security2:error] [pid 32265:tid 32265] [client 34.52.201.21:45654] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "matrixpercussiontrio.com"] [uri "/.git/config"] [unique_id "aietaf88hs5eD1DBqX89xgAAAGg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 paulshipley.com.au	2026-06-09 05:19:48 (1 week ago)	[Tue Jun 09 15:19:47.112237 2026] [security2:error] [pid 206036] [client 34.52.201.21:50466] [client ... show more [Tue Jun 09 15:19:47.112237 2026] [security2:error] [pid 206036] [client 34.52.201.21:50466] [client 34.52.201.21] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "rjryanpartners.com.au"] [uri "/.git/config"] [unique_id "aieiczRp_WOzHq-SERauewAAAAU"] ... show less	Web App Attack
🇦🇺 2000cn.com.au	2026-06-09 04:36:58 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.30

🇨🇭 209.99.188.240

🇻🇳 183.91.11.36

🇳🇬 165.154.10.201

🇫🇷 92.222.229.126

🇺🇸 71.6.199.65

🇺🇸 44.216.39.135

🇳🇱 176.65.139.251

🇨🇳 115.190.197.74

🇺🇸 66.132.195.30

🇸🇬 194.5.82.147

🇺🇸 66.132.172.118

🇧🇷 45.229.91.34

🇺🇸 45.56.72.13

🇨🇳 27.44.146.12

🇮🇹 2400:cb00:978:1000:b33b:6cd1:c8c6:54f7

🇺🇸 216.25.89.146

🇺🇸 199.48.128.86

🇺🇸 162.216.150.149

🇩🇰 146.70.197.236