JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 136.109.206.222

136.109.206.222 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 63%: ?

63%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	222.206.109.136.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	The Dalles, Oregon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 136.109.206.222

Whois 136.109.206.222

IP Abuse Reports for 136.109.206.222:

This IP address has been reported a total of 18 times from 13 distinct sources. 136.109.206.222 was first reported on June 2nd 2026, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇷 setupgr	2026-06-11 21:14:05 (9 hours ago)	(mod_security) mod_security (id:11000011) triggered by 136.109.206.222: 1 in the last 86400 secs; Po ... show more (mod_security) mod_security (id:11000011) triggered by 136.109.206.222: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 00:14:03.213380 2026] [security2:error] [pid 2151996:tid 2152080] [client 136.109.206.222:45500] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "googleusercontent.com" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "128"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: 222.206.109.136.bc.googleusercontent.com"] [hostname "ftiaxtomonosou.gr"] [uri "/wp-content/uploads/2019/11/%CE%9A%CE%BF%CF%85%CE%B6%CE%AF%CE%BD%CE%B5%CF%82-%CF%80%CE%BF%CF%85-%CF%85%CE%BB%CE%BF%CF%80%CE%BF%CE%B9%CE%AE%CF%83%CE%B1%CE%BC%CE%B5_033-scaled.jpg"] [unique_id "aislG5XfrDoES_Umj1EIfwAAAEQ"] show less	Port Scan
🇯🇵 HeliJP	2026-06-11 17:45:46 (13 hours ago)	2026-06-11T17:41:08Z - Recognized attacks\bad behavior from IP address 136.109.206.222 on port 443\8 ... show more 2026-06-11T17:41:08Z - Recognized attacks\bad behavior from IP address 136.109.206.222 on port 443\80 (3 daily hits): client denied by server configuration show less	Port Scan Hacking SQL Injection Brute-Force Web App Attack
Anonymous	2026-06-11 00:12:15 (1 day ago)	Suspicious activity detected in web server access logs	Web App Attack
🇯🇵 HeliJP	2026-06-10 21:45:19 (1 day ago)	2026-06-10T21:33:31Z - Recognized attacks\bad behavior from IP address 136.109.206.222 on port 443\8 ... show more 2026-06-10T21:33:31Z - Recognized attacks\bad behavior from IP address 136.109.206.222 on port 443\80 (3 daily hits): client denied by server configuration show less	Port Scan Hacking SQL Injection Brute-Force Web App Attack
🇨🇭 rt	2026-06-10 03:13:09 (2 days ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-09 14:03:59 (2 days ago)	4.063 requests to many distinct domains in 1 hour (2w3d15h)	Brute-Force Bad Web Bot
🇯🇵 HeliJP	2026-06-07 03:45:20 (5 days ago)	2026-06-07T03:28:32Z - Recognized attacks\bad behavior from IP address 136.109.206.222 on port 443\8 ... show more 2026-06-07T03:28:32Z - Recognized attacks\bad behavior from IP address 136.109.206.222 on port 443\80 (3 daily hits): client denied by server configuration show less	Port Scan Hacking SQL Injection Brute-Force Web App Attack
🇪🇸 pipeline.es	2026-06-06 12:49:54 (5 days ago)	Port scanning / recon	Port Scan Web App Attack
🇪🇸 pipeline.es	2026-06-06 11:37:36 (5 days ago)	Port scanning / recon \| Evidence: date=2026-06-06 time=13:36:27 devname="[redacted]" devid="[redacte ... show more Port scanning / recon \| Evidence: date=2026-06-06 time=13:36:27 devname="[redacted]" devid="[redacted]" eventtime=1780745786676497850 tz=\"+0200\" logid=\"0000000013\" type=\"traffic\" subtype=\"forward\" level=\"notice\" vd="[redacted]" srcip=136.109.206.222 srcport=40040 srcintf="[redacted]" srcintfrole=\"wan\" dstip=[redacted] dstport=443 dstintf="[redacted]" dstintfrole=\"lan\" srccountry=\"United States\" dstcountry=\"Spain\" \| ASN: GOOGLE-CLOUD-PLATFORM \| Country: US show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 06:25:15 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 136.109.206.222 (222.206.109.136.bc.googleuserc ... show more (mod_security) mod_security (id:210730) triggered by 136.109.206.222 (222.206.109.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 02:25:07.532545 2026] [security2:error] [pid 23231:tid 23231] [client 136.109.206.222:36420] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|civilwarzone.com\|F\|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "civilwarzone.com"] [uri "/~site/Scripts_ExternalRedirect/ExternalRedirect.dll"] [unique_id "aiJrw2CuDvi4Ze2BnXnUSQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 HeliJP	2026-06-03 13:45:59 (1 week ago)	2026-06-03T13:45:19Z - Recognized attacks\bad behavior from IP address 136.109.206.222 on port 443\8 ... show more 2026-06-03T13:45:19Z - Recognized attacks\bad behavior from IP address 136.109.206.222 on port 443\80 (3 daily hits): client denied by server configuration show less	Port Scan Hacking SQL Injection Brute-Force Web App Attack
Anonymous	2026-06-03 12:04:49 (1 week ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: WordPress scanning show less	Bad Web Bot Web App Attack
🇩🇪 Reinhard	2026-06-03 10:41:46 (1 week ago)	Harvesting pictures or malicious BOT.	Bad Web Bot
Anonymous	2026-06-03 10:00:06 (1 week ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇫🇷 Delta-shop	2026-06-03 09:51:05 (1 week ago)	PrestaShop Security Module: Calls WordPress paths probing known vulnerabilities	Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 147.185.133.19

🇹🇷 45.132.181.230

🇲🇲 37.111.53.110

🇬🇧 31.14.254.95

🇨🇳 222.185.239.70

🇨🇳 220.181.108.92

🇺🇸 162.216.150.192

🇺🇸 162.216.150.113

🇺🇸 47.77.237.104

🇺🇬 196.0.242.54

🇳🇱 185.242.226.91

🇳🇱 176.65.148.228

🇺🇸 157.245.114.249

🇺🇸 151.245.32.125

🇨🇳 121.43.117.73

🇨🇳 113.201.199.30

🇷🇺 91.221.176.26

🇧🇬 91.92.199.36

🇺🇸 67.207.42.167

🇺🇸 66.132.186.245