JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 136.109.49.29

136.109.49.29 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 64%: ?

64%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	29.49.109.136.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	The Dalles, Oregon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 136.109.49.29

Whois 136.109.49.29

IP Abuse Reports for 136.109.49.29:

This IP address has been reported a total of 16 times from 10 distinct sources. 136.109.49.29 was first reported on June 8th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 4server	2026-06-11 20:26:50 (1 day ago)	[ThuJun1122:26:47.3006992026][security2:error][pid2569555:tid2569662][client136.109.49.29:0]ModSecur ... show more [ThuJun1122:26:47.3006992026][security2:error][pid2569555:tid2569662][client136.109.49.29:0]ModSecurity:Accessdeniedwithcode403$phase2$.OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded$TotalScore:5$\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"alessandrolucchini.ch.136-243-54-122.cpanel.site\"][uri\"/wp-json/gravitysmtp/v1/tests/mock-data\"][unique_id\"aisaBzTab_wDOzTj4gqC6gAAAQE\"] show less	Port Scan Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-11 19:04:47 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 11:08:26 (1 day ago)	(mod_security) mod_security (id:210831) triggered by 136.109.49.29 (29.49.109.136.bc.googleuserconte ... show more (mod_security) mod_security (id:210831) triggered by 136.109.49.29 (29.49.109.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 07:08:23.419504 2026] [security2:error] [pid 11780:tid 11780] [client 136.109.49.29:60742] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|sangalgano.info\|F\|4"] [data "grub-client"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "sangalgano.info"] [uri "/wp-json/gravitysmtp/v1/settings"] [unique_id "aiqXJyybwPhr3MtBc7QBDgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-11 08:12:23 (1 day ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 136.109.49.29 (US/United States/29.49 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 136.109.49.29 (US/United States/29.49.109.136.bc.googleusercontent.com): 2 in the last 3600 secs (0-196) show less	Hacking
🇺🇸 Gabriel Camargo	2026-06-11 07:33:31 (1 day ago)	136.109.49.29 - - [11/Jun/2026:02:33:31 -0500] "GET /wp-json/gravitysmtp/v1/tests/mock-data?page=gra ... show more 136.109.49.29 - - [11/Jun/2026:02:33:31 -0500] "GET /wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-settings HTTP/1.1" 301 178 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_0 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) GSA/18.0.130791545 Mobile/14A5345a Safari/600.1.4" 136.109.49.29 - - [11/Jun/2026:02:33:31 -0500] "GET /wp-json/gravitysmtp/v1/settings HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Windows NT 5.1; rv:38.0) Gecko/20100101 Firefox/38.0 SeaMonkey/2.35" 136.109.49.29 - - [11/Jun/2026:02:33:31 -0500] "GET /wp-json/gravitysmtp/v1/config HTTP/1.1" 301 178 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 YaBrowser/19.6.2.594 (beta) Yowser/2.5 Safari/537.36" ... show less	Brute-Force SSH
🇨🇭 4server	2026-06-10 21:13:49 (2 days ago)	[WedJun1023:13:42.3559852026][security2:error][pid4018646:tid4019282][client136.109.49.29:0]ModSecur ... show more [WedJun1023:13:42.3559852026][security2:error][pid4018646:tid4019282][client136.109.49.29:0]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof\"rx$\^w3c-\\|systran\\\\\\\\$\)\"against\"REQUEST_HEADERS:User-Agent\"required.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"198\"][id\"330039\"][rev\"4\"][msg\"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent$libwww-perl$.Disablethisruleifyouuselibwww-perl.\"][severity\"CRITICAL\"][hostname\"shadowdrummer.ch.81-17-25-250.cpanel.site\"][uri\"/wp-json/gravitysmtp/v1/tests/mock-data\"][unique_id\"ainThnpjX5NiGAWbW87BewAAAQE\"] show less	Hacking Web App Attack
🇩🇪 strxmpp	2026-06-10 15:41:01 (2 days ago)	136.109.49.29 - - [10/Jun/2026:17:41:00 +0200] "GET /wp-json/gravitysmtp/v1/config HTTP/1.1" 404 455 ... show more 136.109.49.29 - - [10/Jun/2026:17:41:00 +0200] "GET /wp-json/gravitysmtp/v1/config HTTP/1.1" 404 4555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/603.3.8 (KHTML, like Gecko) Version/10.1.2 Safari/603.3.8" ... show less	Bad Web Bot
🇩🇪 4server	2026-06-10 08:09:58 (2 days ago)	[WedJun1010:09:54.8758622026][security2:error][pid42994:tid43043][client136.109.49.29:0]ModSecurity: ... show more [WedJun1010:09:54.8758622026][security2:error][pid42994:tid43043][client136.109.49.29:0]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof\"rx$\^w3c-\\|systran\\\\\\\\$\)\"against\"REQUEST_HEADERS:User-Agent\"required.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"198\"][id\"330039\"][rev\"4\"][msg\"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent$libwww-perl$.Disablethisruleifyouuselibwww-perl.\"][severity\"CRITICAL\"][hostname\"massimilianoparquet.ch\"][uri\"/wp-json/wp/v2/settings\"][unique_id\"aikb0oNK3KEf6o8V6WfPAAAAAEM\"] show less	Port Scan Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-10 08:03:27 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 MPL	2026-06-09 11:39:27 (3 days ago)	tcp ports: 80,443 (120 or more attempts)	Port Scan
🇩🇪 filstal.org	2026-06-09 08:46:54 (3 days ago)	Automated bot: spoofed/impossible user-agent, web scraping or automated request patterns detected. U ... show more Automated bot: spoofed/impossible user-agent, web scraping or automated request patterns detected. UA: Mozilla/5.0 (Linux; U; Android 4.0.3; en-us; KFTT Build/IML74K) AppleWebKit/535.19 (KHTML, like Gecko) Silk/2.1 Mobile Safari/535.19 Silk-Accelerated=true show less	Bad Web Bot Web App Attack
🇨🇭 backslash	2026-06-08 22:03:02 (4 days ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
🇨🇭 4server	2026-06-08 18:06:32 (4 days ago)	[MonJun0820:06:29.2672952026][security2:error][pid1211275:tid1211579][client136.109.49.29:0]ModSecur ... show more [MonJun0820:06:29.2672952026][security2:error][pid1211275:tid1211579][client136.109.49.29:0]ModSecurity:Accessdeniedwithcode403$phase2$.OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded$TotalScore:5$\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"www.edomustech.ch.81-17-25-250.cpanel.site\"][uri\"/wp-json/gravitysmtp/v1/tests/mock-data\"][unique_id\"aicEpbPryG0vf9HaixthOQAAAQ8\"] show less	Hacking Web App Attack
🇬🇧 consul.to	2026-06-08 09:58:44 (4 days ago)	Web attack/malicious scanning detected	Web App Attack
🇮🇹 VHosting	2026-06-08 03:10:03 (4 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇩 103.119.94.10

🇺🇸 68.95.165.193

🇧🇷 201.63.223.140

🇲🇽 186.96.145.241

🇫🇮 147.185.133.195

🇹🇭 122.154.74.204

🇱🇾 102.203.197.6

🇺🇸 44.8.75.166

🇹🇼 198.235.24.99

🇺🇿 176.101.56.66

🇮🇩 163.7.0.179

🇲🇽 148.216.255.251

🇨🇳 101.96.198.153

🇷🇴 92.118.39.62

🇩🇪 213.209.159.235

🇬🇧 194.50.235.150

🇲🇽 189.203.190.153

🇧🇷 187.33.251.218

🇨🇳 112.19.95.95

🇭🇰 103.103.245.61