JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 136.109.134.140

136.109.134.140 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 71%: ?

71%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	140.134.109.136.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	The Dalles, Oregon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 136.109.134.140

Whois 136.109.134.140

IP Abuse Reports for 136.109.134.140:

This IP address has been reported a total of 14 times from 12 distinct sources. 136.109.134.140 was first reported on June 14th 2026, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-16 21:59:37 (14 hours ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-15. show less	Web App Attack SSH Hacking
🇺🇸 mnsf	2026-06-16 00:14:39 (1 day ago)	Scanning/Probing (22)	Brute-Force Web App Attack
Anonymous	2026-06-15 09:51:33 (2 days ago)	Malicious HTTP request to honeypot endpoint detected by Fail2Ban.	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 08:26:54 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 136.109.134.140 (140.134.109.136.bc.googleuserc ... show more (mod_security) mod_security (id:210730) triggered by 136.109.134.140 (140.134.109.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 04:26:46.683501 2026] [security2:error] [pid 19347:tid 19347] [client 136.109.134.140:55276] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.canonflorida.com.computersraleigh.com\|F\|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.canonflorida.com.computersraleigh.com"] [uri "/env.old"] [unique_id "ai-3Rk1coGtZ4GNAzftRogAAAIs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-15 06:15:59 (2 days ago)	Excessive 404/403 errors	Brute-Force
🇺🇸 TPI-Abuse	2026-06-15 03:05:33 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 136.109.134.140 (140.134.109.136.bc.googleuserc ... show more (mod_security) mod_security (id:210492) triggered by 136.109.134.140 (140.134.109.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 23:05:28.666682 2026] [security2:error] [pid 9748:tid 9748] [client 136.109.134.140:55506] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.vadgossos.org.zentinex.com"] [uri "/.env.staging"] [unique_id "ai9r-BfVm82ofFhlKn0pbAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Cloud86 B.V.	2026-06-14 22:52:06 (2 days ago)	categories: DDoS Attack	DDoS Attack
🇺🇸 TPI-Abuse	2026-06-14 22:03:04 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 136.109.134.140 (140.134.109.136.bc.googleuserc ... show more (mod_security) mod_security (id:210492) triggered by 136.109.134.140 (140.134.109.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 18:03:00.033233 2026] [security2:error] [pid 17453:tid 17453] [client 136.109.134.140:58922] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.foothillsjasper.com"] [uri "/.env.uat"] [unique_id "ai8lFNpE2p8FMG_AzSEmygAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 poundawebsiteltd	2026-06-14 19:55:58 (2 days ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 136.109.134.140 - - [14/Jun/2026 ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 136.109.134.140 - - [14/Jun/2026:20:55:56 +0100] GET /app/api/.env HTTP/1.1 403 2828 - Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.113 Safari/537.36 Vivaldi/2.1.1337.51 show less	Web App Attack
Anonymous	2026-06-14 17:27:34 (2 days ago)	Bad bot	Bad Web Bot
🇺🇸 Rocky Mountain Bioengineering Symposium	2026-06-14 07:45:53 (3 days ago)	[Sun Jun 14 01:45:52.585010 2026] [authz_core:error] [pid 97343:tid 139815085344320] [client 136.109 ... show more [Sun Jun 14 01:45:52.585010 2026] [authz_core:error] [pid 97343:tid 139815085344320] [client 136.109.134.140:37734] AH01630: client denied by server configuration: /var/www/horde/.env.local.bak [Sun Jun 14 01:45:52.785689 2026] [authz_core:error] [pid 97344:tid 139815227987520] [client 136.109.134.140:38352] AH01630: client denied by server configuration: /var/www/horde/backend [Sun Jun 14 01:45:52.979935 2026] [authz_core:error] [pid 97739:tid 139814749800000] [client 136.109.134.140:38408] AH01630: client denied by server configuration: /var/www/horde/.env.production.bak ... show less	Bad Web Bot
Anonymous	2026-06-14 07:39:28 (3 days ago)	Multiple web server 400 error codes from same source ip	Web App Attack
Anonymous	2026-06-14 06:29:40 (3 days ago)	136.109.134.140 - - [14/Jun/2026:08:29:38 +0200] "GET /api/.env.dev HTTP/1.1" 404 184 "-" "Mozilla/5 ... show more 136.109.134.140 - - [14/Jun/2026:08:29:38 +0200] "GET /api/.env.dev HTTP/1.1" 404 184 "-" "Mozilla/5.0 (Linux; Android 9; SM-G950U1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" 136.109.134.140 - - [14/Jun/2026:08:29:38 +0200] "GET /.env.sample HTTP/1.1" 404 124 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:52.0) Gecko/20100101 Firefox/52.0" 136.109.134.140 - - [14/Jun/2026:08:29:38 +0200] "GET /.env.example HTTP/1.1" 404 124 "-" "Download Demon/3.5.0.11" 136.109.134.140 - - [14/Jun/2026:08:29:38 +0200] "GET /.env.default HTTP/1.1" 404 124 "-" "Mozilla/5.0 (Linux; U; Android 4.1.2; en-us; LG-P870/P87020d Build/JZO54K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30" 136.109.134.140 - - [14/Jun/2026:08:29:38 +0200] "GET /backend/.env.bak HTTP/1.1" 404 184 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 136.109.134.140 - - [14/Jun/2026:08:29:38 ... show less	Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-14 03:10:03 (3 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.49

🇨🇳 106.52.168.177

🇩🇪 69.5.169.207

🇩🇪 69.5.169.166

🇵🇹 85.240.193.104

🇺🇸 71.6.134.230

🇩🇪 69.5.169.35

🇮🇳 59.184.186.131

🇫🇷 51.68.111.243

🇮🇩 36.81.49.60

🇺🇸 216.73.160.98

🇨🇭 209.99.191.15

🇩🇪 194.88.98.119

🇸🇦 193.122.93.169

🇨🇳 124.31.104.34

🇸🇬 97.74.87.152

🇺🇸 66.132.172.118

🇯🇵 48.210.224.108

🇳🇱 45.153.34.87

🇧🇪 34.76.107.251