JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 136.118.228.162

136.118.228.162 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 100%: ?

100%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	162.228.118.136.bc.googleusercontent.com
Domain Name	google.com
Country	🇺🇸 United States of America
City	The Dalles, Oregon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 136.118.228.162

Whois 136.118.228.162

IP Abuse Reports for 136.118.228.162:

This IP address has been reported a total of 32 times from 27 distinct sources. 136.118.228.162 was first reported on June 8th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-12 03:20:40 (1 week ago)	Excessive multi-domain requests	Brute-Force
🇩🇪 LRob.fr	2026-06-12 01:45:05 (1 week ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇧🇪 Saec	2026-06-11 09:15:03 (1 week ago)	Jarvis auto-ban: CF top attacker on saec.me (148 hits, US)	Port Scan Web App Attack
🇩🇪 EGP Abuse Dept	2026-06-11 04:39:56 (1 week ago)	Scanning for web/db/file exploits on duplicor.nl	SQL Injection Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-11 04:03:46 (1 week ago)	Try to access /api/v3/.env	Web App Attack
🇩🇪 updown.io	2026-06-10 22:27:42 (1 week ago)	{"level":"info","ts":1781130461.4096062,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781130461.4096062,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"136.118.228.162","remote_port":"45182","client_ip":"136.118.228.162","proto":"HTTP/1.1","method":"GET","host":"edcbupdate.zupdate.rqtsrqponmlkjilkjihgc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io","uri":"/.env.copy","headers":{"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 OPR/62.0.3331.116"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"]}},"bytes_read":0,"user_id":"","duration":0.000094771,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://edcbupdate.zupdate.rqtsrqponmlkjilkjihgc7402a95-6fc9-4756-b4e6-fa6c7eeb29c6.random.159.89.98.98.nip.io/.env.copy"],"Content-Type":[]}} {"level":"info","ts":1781130461.43745,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":" ... show less	DDoS Attack Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-10 21:59:57 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-09. show less	Web App Attack SSH Hacking
🇩🇪 webanyone	2026-06-10 21:30:28 (1 week ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇨🇦 Dunham Support	2026-06-10 07:26:00 (1 week ago)	(mod_security) mod_security triggered on hostname [redacted] 136.118.228.162 (US/United States/162.2 ... show more (mod_security) mod_security triggered on hostname [redacted] 136.118.228.162 (US/United States/162.228.118.136.bc.googleusercontent.com) show less	SQL Injection
🇺🇸 TPI-Abuse	2026-06-10 02:30:04 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 136.118.228.162 (162.228.118.136.bc.googleuserc ... show more (mod_security) mod_security (id:210492) triggered by 136.118.228.162 (162.228.118.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 22:29:58.795370 2026] [security2:error] [pid 32371:tid 32371] [client 136.118.228.162:49214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lightupaustralia.com.au"] [uri "/.env.dev"] [unique_id "aijMJq5eRZIrNoj_PFiqLwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 oh.mg	2026-06-10 01:22:53 (1 week ago)	[Wed Jun 10 03:22:53.000612 2026] [security2:error] [pid 2222898:tid 2222910] [client 136.118.228.16 ... show more [Wed Jun 10 03:22:53.000612 2026] [security2:error] [pid 2222898:tid 2222910] [client 136.118.228.162:0] [client 136.118.228.162] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "mmn.eco"] [uri "/.env.dev"] [unique_id "aii8bJGsmIisKsu874DvAwAAAUo"] [Wed Jun 10 03:22:53.051791 2026] [security2:error] [pid 2222898:tid 2222909] [client 136.118.228.162:0] [client 136.118.228.162] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "an ... show less	Web App Attack Bad Web Bot
🇺🇸 CBJ	2026-06-09 22:53:06 (1 week ago)	fail2ban: apache-filepath-recon ...	Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-09 22:27:38 (1 week ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇩🇪 4server	2026-06-09 21:06:41 (1 week ago)	[TueJun0923:06:39.1790372026][security2:error][pid3513372:tid3513412][client136.118.228.162:0]ModSec ... show more [TueJun0923:06:39.1790372026][security2:error][pid3513372:tid3513412][client136.118.228.162:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"webdisk.dsfiduciaria.ch\"][uri\"/backend/.env.old\"][unique_id\"aiiAX8l5-0Uiv77dW3a95QAAAA4\"] show less	Port Scan Brute-Force Web App Attack
Anonymous	2026-06-09 20:16:12 (1 week ago)	Bot / seems abusive / Apache connections: 52	DDoS Attack Web Spam Bad Web Bot Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.206

🇵🇰 175.107.205.10

🇹🇼 124.11.64.42

🇧🇩 103.42.229.218

🇷🇴 80.94.92.167

🇮🇩 36.66.16.233

🇧🇪 34.38.14.154

🇭🇰 199.45.155.105

🇫🇷 185.177.72.49

🇺🇸 172.56.1.146

🇨🇳 124.117.194.13

🇨🇳 121.27.238.16

🇻🇳 113.161.151.29

🇳🇵 103.163.182.88

🇺🇬 102.203.209.66

🇹🇷 85.102.25.222

🇺🇸 71.172.90.156

🇮🇳 38.137.11.14

🇧🇪 34.76.158.99

🇳🇱 204.76.203.206