JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 189.1.222.135

189.1.222.135 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 58%: ?

58%

ISP	Huawei-Cloud-HK
Usage Type	Data Center/Web Hosting/Transit
ASN	AS136907
Hostname(s)	ecs-189-1-222-135.compute.hwclouds-dns.com
Domain Name	huawei.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 189.1.222.135

Whois 189.1.222.135

IP Abuse Reports for 189.1.222.135:

This IP address has been reported a total of 36 times from 21 distinct sources. 189.1.222.135 was first reported on February 15th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-17 15:24:40 (5 days ago)	(mod_security) mod_security (id:210730) triggered by 189.1.222.135 (ecs-189-1-222-135.compute.hwclou ... show more (mod_security) mod_security (id:210730) triggered by 189.1.222.135 (ecs-189-1-222-135.compute.hwclouds-dns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 11:24:32.896424 2026] [security2:error] [pid 24944:tid 24944] [client 189.1.222.135:39122] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.raintechgutters.com\|F\|2"] [data ".raintechgutters.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.raintechgutters.com"] [uri "/how-much-are-gutter-installation/www.raintechgutters.com"] [unique_id "ajK8MEe6EuSjwwQbKhhMSAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇳 unph	2026-06-13 12:49:58 (1 week ago)	Intento de acceso sospechoso bloqueado por AbuseIPDB Blocker Plugin	Brute-Force
🇫🇷 Sklurk	2026-06-11 15:36:15 (1 week ago)	Web App Attack	Web App Attack
🇺🇸 canine.tools	2026-06-08 22:13:59 (2 weeks ago)	[fail2ban Auto Report] {"time":"2026-06-08T18:13:58.999139023-04:00","level":"INFO","source":{"funct ... show more [fail2ban Auto Report] {"time":"2026-06-08T18:13:58.999139023-04:00","level":"INFO","source":{"function":"github.com/TecharoHQ/anubis/lib.(*Server).checkRules","file":"/Users/cadey/Code/TecharoHQ/botstopper/upstream/anubis/lib/anubis.go","line":309},"msg":"explicit deny","subsystem":"anubis","host":"searxng.canine.tools","method":"GET","path":"/ip","user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36","accept_language":"","priority":"","x-forwarded-for":"189.1.222.135","x-real-ip":"189.1.222.135","host":"searxng.canine.tools","check_result":{"name":"bot/huawei-cloud","rule":"DENY","weight":0}} ... show less	Bad Web Bot
🇫🇷 vtchost.com	2026-06-04 17:24:25 (2 weeks ago)	requested honeypot page - ignored robots.txt - scraping botnet or virus ...	Bad Web Bot Exploited Host
🇺🇸 jcbriar	2026-06-04 02:20:13 (2 weeks ago)	Searching for vulnerable scripts	Hacking Web App Attack
Anonymous	2026-06-03 13:25:40 (2 weeks ago)	Automated report from internal traffic review tool. Suspicious bot-like behavior observed.	Bad Web Bot
🇬🇧 CrystalMaker	2026-05-31 07:36:19 (3 weeks ago)	Vulnerability scan - GET /ip	Hacking
🇩🇪 ghostwarriors	2026-05-30 04:50:13 (3 weeks ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ksol-hostmaster	2026-05-30 04:46:15 (3 weeks ago)	2026/05/30 06:46:14 [error] 86155#101207: 305617 access forbidden by rule, client: 189.1.222.135, s ... show more 2026/05/30 06:46:14 [error] 86155#101207: 305617 access forbidden by rule, client: 189.1.222.135, server: chat.crxforum.ksol.io, request: "GET /ip HTTP/1.1", host: "chat.crxforum.ksol.io" ... show less	Web Spam
🇺🇸 billyw0nka	2026-05-27 11:16:32 (3 weeks ago)	pattern: admindev	Hacking
🇺🇸 pduggusa	2026-05-23 04:34:52 (4 weeks ago)	Detected attacking dugganusa.com at 2026-05-23T04:34:52.505Z \| Attack: Proxy \| Source: DugganUSA Pre ... show more Detected attacking dugganusa.com at 2026-05-23T04:34:52.505Z \| Attack: Proxy \| Source: DugganUSA PreCog auto-block show less	Hacking
🇺🇸 pduggusa	2026-05-23 04:17:29 (4 weeks ago)	Detected attacking dugganusa.com at 2026-05-23T04:17:29.644Z \| Attack: Proxy \| Source: DugganUSA Pre ... show more Detected attacking dugganusa.com at 2026-05-23T04:17:29.644Z \| Attack: Proxy \| Source: DugganUSA PreCog auto-block show less	Hacking
🇺🇸 pduggusa	2026-05-23 01:36:57 (4 weeks ago)	Detected attacking dugganusa.com at 2026-05-23T01:36:57.641Z \| Attack: Proxy \| Source: DugganUSA Pre ... show more Detected attacking dugganusa.com at 2026-05-23T01:36:57.641Z \| Attack: Proxy \| Source: DugganUSA PreCog auto-block show less	Hacking
🇺🇸 pduggusa	2026-05-23 00:36:45 (4 weeks ago)	Detected attacking dugganusa.com at 2026-05-23T00:36:44.986Z \| Attack: Proxy \| Source: DugganUSA Pre ... show more Detected attacking dugganusa.com at 2026-05-23T00:36:44.986Z \| Attack: Proxy \| Source: DugganUSA PreCog auto-block show less	Hacking

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇱 170.168.96.121

🇨🇳 120.239.147.181

🇯🇵 8.216.5.90

🇺🇸 205.210.31.82

🇫🇮 170.168.172.70

🇫🇮 170.168.31.54

🇺🇸 166.62.41.190

🇨🇳 111.225.148.209

🇧🇬 79.124.56.146

🇧🇬 79.124.40.106

🇰🇼 62.150.237.107

🇱🇹 45.227.254.170

🇳🇱 45.148.10.147

🇳🇱 45.148.10.31

🇰🇷 1.235.192.214

🇳🇱 195.178.110.101

🇺🇸 170.130.204.2

🇿🇦 169.239.183.156

🇱🇻 81.30.98.158

🇺🇸 45.79.207.110