JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 222.138.68.29

222.138.68.29 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 35%: ?

35%

ISP	China Unicom Henan province network
Usage Type	Fixed Line ISP
ASN	AS4837
Hostname(s)	hn.kd.ny.adsl
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Zhengzhou, Henan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 222.138.68.29

Whois 222.138.68.29

IP Abuse Reports for 222.138.68.29:

This IP address has been reported a total of 14 times from 12 distinct sources. 222.138.68.29 was first reported on May 26th 2021, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 soverin	2026-06-05 15:10:02 (4 days ago)	spam	Email Spam
🇦🇹 AustrianSimon	2026-05-26 00:48:22 (2 weeks ago)	26 May 2026 00:48:22UTC:spam e-mail originating from IP address 222.138.68.29 abusing our domain by ... show more 26 May 2026 00:48:22UTC:spam e-mail originating from IP address 222.138.68.29 abusing our domain by pretending to originate from our domain (sender posing as/spoofing our domains) including illegal criminal extortionate content (e.g. blackmail, sextortion, ...) demanding payment to bitcoin address 1G1zmqks1vd9V3SdxCY71Hv9C7rHBLQbCY show less	Email Spam Spoofing
🇩🇪 _ArminS_	2026-05-25 23:44:35 (2 weeks ago)	Spam detected 2026.05.26 01:44:35 blocked until 2026.06.09 01:44:35	Email Spam
🇭🇺 wap.dynu.net	2026-05-25 20:53:29 (2 weeks ago)	Mail Rejected due to Dynamic/Pool EHLO on port 25, EHLO: [222.138.68.29]	Email Spam Exploited Host
🇳🇱 Cloud86 B.V.	2026-05-06 18:00:09 (1 month ago)	categories: Email Spam	Email Spam
🇩🇪 ksol-hostmaster	2026-04-30 08:51:56 (1 month ago)	Apr 30 10:51:55 ksol postfix/postscreen[77156]: PREGREET 22 after 1.3 from [222.138.68.29]:61102: EH ... show more Apr 30 10:51:55 ksol postfix/postscreen[77156]: PREGREET 22 after 1.3 from [222.138.68.29]:61102: EHLO [222.138.68.29]\r\n Apr 30 10:51:56 ksol postfix/postscreen[77156]: NOQUEUE: reject: RCPT from [222.138.68.29]:61102: 550 5.7.1 Service unavailable; client [222.138.68.29] blocked using bl.spamcop.net; from=<anonymized@email>, to=<anonymized@email>, proto=ESMTP, helo=<[222.138.68.29]> ... show less	Email Spam
🇳🇴 Fredrik_2015	2026-04-29 07:45:59 (1 month ago)	Tries for open relay	Hacking Brute-Force
🇷🇸 Smel	2026-04-28 08:49:24 (1 month ago)	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	Email Spam Hacking Brute-Force
Anonymous	2026-04-26 08:15:11 (1 month ago)	SPAM EMAIL 222.138.68.29 (hn.kd.ny.adsl)	Email Spam
Anonymous	2026-04-08 16:02:29 (2 months ago)	Web attack	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-06 13:46:21 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 222.138.68.29 (hn.kd.ny.adsl): 1 in the last 30 ... show more (mod_security) mod_security (id:210350) triggered by 222.138.68.29 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 09:46:17.932662 2025] [security2:error] [pid 3266:tid 3266] [client 222.138.68.29:53130] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.renju.net\|F\|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.renju.net"] [uri "/tournament/2421/game/98607"] [unique_id "aLw7Kc1h3EfoZij5XI43fgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇿🇦 IrisFlower	2022-03-19 06:01:26 (4 years ago)	Unauthorized connection attempt detected from IP address 222.138.68.29 to port 443 [J]	Port Scan Hacking
🇿🇦 IrisFlower	2021-12-28 06:14:03 (4 years ago)	Unauthorized connection attempt detected from IP address 222.138.68.29 to port 443 [J]	Port Scan Hacking
🇿🇦 IrisFlower	2021-05-26 07:01:22 (5 years ago)	Unauthorized connection attempt detected from IP address 222.138.68.29 to port 443 [J]	Port Scan Hacking

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.55.146.72

🇳🇱 213.177.179.123

🇺🇸 136.111.215.135

🇮🇳 103.226.186.129

🇺🇦 176.103.5.23

🇺🇸 172.190.24.225

🇸🇪 155.4.244.169

🇮🇹 151.81.64.200

🇰🇷 121.189.226.81

🇧🇩 103.153.110.190

🇺🇸 20.115.103.90

🇩🇪 167.94.145.24

🇩🇪 130.12.182.140

🇻🇳 116.99.173.32

🇹🇷 95.173.180.164

🇺🇸 82.24.129.45

🇫🇷 51.77.217.11

🇹🇳 41.226.114.224

🇨🇳 36.134.126.74

🇺🇸 34.122.16.212