JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 222.252.105.111

222.252.105.111 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 39%: ?

39%

ISP	Hanoi Post and Telecom Company
Usage Type	Fixed Line ISP
ASN	AS45899
Domain Name	vnpt-hanoi.com.vn
Country	🇻🇳 Viet Nam
City	Hanoi, Hanoi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 222.252.105.111

Whois 222.252.105.111

IP Abuse Reports for 222.252.105.111:

This IP address has been reported a total of 24 times from 13 distinct sources. 222.252.105.111 was first reported on April 15th 2026, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 sefinek.net	2026-05-30 12:56:40 (3 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from VN. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from VN. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.1 Safari/605.1.15 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇯🇵 demonsword	2026-05-30 10:22:42 (3 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: 23.239.9.178:80 show less	Open Proxy Port Scan
🇪🇸 el-brujo	2026-05-30 03:20:35 (3 weeks ago)	Cloudflare WAF: Request Path: /register.html Request Query: Host: foro.elhacker.net userAgent: Mozi ... show more Cloudflare WAF: Request Path: /register.html Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36 Action: block Source: firewallCustom ASN Description: VNPT Corp Country: VN Method: GET Timestamp: 2026-05-30T03:20:35Z ruleId: 966a7d5204864934b148d9588ade6bd4. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-05-30 01:44:06 (3 weeks ago)	Cloudflare WAF: Request Path: /register.html Request Query: Host: foro.elhacker.net userAgent: Mozi ... show more Cloudflare WAF: Request Path: /register.html Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.3.1 Safari/605.1.15 Action: block Source: firewallCustom ASN Description: VNPT Corp Country: VN Method: GET Timestamp: 2026-05-30T01:44:06Z ruleId: 966a7d5204864934b148d9588ade6bd4. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇮🇩 soc-yk	2026-05-29 08:58:11 (3 weeks ago)	Type: suspicious_network_activity Threat: suspicious_public_web_client Risk: 75 Events: 352 Evidenc ... show more Type: suspicious_network_activity Threat: suspicious_public_web_client Risk: 75 Events: 352 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified show less	Port Scan Hacking
🇯🇵 demonsword	2026-05-28 08:21:24 (3 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: 23.239.9.178:80 show less	Open Proxy Port Scan
🇪🇸 el-brujo	2026-05-28 07:15:07 (3 weeks ago)	Cloudflare WAF: Request Path: /register.html Request Query: Host: foro.elhacker.net userAgent: Mozi ... show more Cloudflare WAF: Request Path: /register.html Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 YaBrowser/25.12.0.0 Safari/537.36 Action: block Source: firewallCustom ASN Description: VNPT Corp Country: VN Method: GET Timestamp: 2026-05-28T07:15:07Z ruleId: 966a7d5204864934b148d9588ade6bd4. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇮🇩 soc-yk	2026-05-28 06:34:14 (3 weeks ago)	Type: suspicious_network_activity Threat: suspicious_public_web_client Risk: 75 Events: 176 Evidenc ... show more Type: suspicious_network_activity Threat: suspicious_public_web_client Risk: 75 Events: 176 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Port Scan Hacking
🇪🇸 el-brujo	2026-05-27 12:50:55 (3 weeks ago)	Cloudflare WAF: Request Path: /register.html Request Query: Host: foro.elhacker.net userAgent: Mozi ... show more Cloudflare WAF: Request Path: /register.html Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0 Action: block Source: firewallCustom ASN Description: VNPT Corp Country: VN Method: GET Timestamp: 2026-05-27T12:50:55Z ruleId: 966a7d5204864934b148d9588ade6bd4. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇮🇩 itsocindo	2026-05-25 07:22:53 (3 weeks ago)	Type: web_scanning Threat: public_web_exploitation_scanner Risk: 75 Events: 704 Evidence: - Automat ... show more Type: web_scanning Threat: public_web_exploitation_scanner Risk: 75 Events: 704 Evidence: - Automated hostile web probing detected - Repeated web scanning activity observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Web App Attack
🇯🇵 SentinalX by uzumaru	2026-05-25 06:14:51 (3 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: 23.239.9.178:80 show less	Open Proxy Port Scan
🇮🇹 LTM	2026-05-24 06:20:01 (4 weeks ago)	WebServer - Attempts to exploit	Hacking Brute-Force Web App Attack
Anonymous	2026-05-24 02:01:55 (4 weeks ago)	Forum/form spam	Web Spam
🇺🇸 Mundo Bueno	2026-05-24 01:56:33 (4 weeks ago)	[ISILIA Protection v2.1] Tentative d'accès: /xmlrpc.php \| Pays: VN \| UA: PHP/7.2.35	Hacking Web App Attack
🇮🇩 soc-yk	2026-05-23 22:15:24 (4 weeks ago)	Type: exploitation_attempt Threat: public_web_exploitation_scanner Risk: 76 Events: 82 Evidence: - ... show more Type: exploitation_attempt Threat: public_web_exploitation_scanner Risk: 76 Events: 82 Evidence: - Repeated exploitation attempts detected - Malicious infrastructure behavior observed show less	Web App Attack Hacking

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.42

🇺🇸 44.204.94.227

🇺🇸 44.17.172.250

🇧🇷 20.226.42.95

🇺🇸 2607:f8b0:4001:c1f::126

🇳🇱 217.60.195.26

🇩🇪 167.94.145.19

🇸🇬 165.22.49.237

🇨🇳 112.18.182.202

🇩🇪 69.5.169.139

🇰🇷 59.17.201.231

🇺🇸 44.60.106.155

🇭🇰 8.210.139.0

🇮🇹 4.232.80.255

🇺🇸 216.25.89.77

🇫🇮 74.125.112.26

🇺🇸 44.158.164.52

🇺🇸 20.169.104.253

🇺🇸 20.163.15.20

🇫🇷 135.125.29.132