JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 222.252.99.9

222.252.99.9 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 97%: ?

97%

ISP	Hanoi Post and Telecom Company
Usage Type	Fixed Line ISP
ASN	AS45899
Hostname(s)	static.vnpt-hanoi.com.vn
Domain Name	vnpt-hanoi.com.vn
Country	🇻🇳 Viet Nam
City	Hanoi, Hanoi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 222.252.99.9

Whois 222.252.99.9

IP Abuse Reports for 222.252.99.9:

This IP address has been reported a total of 25 times from 19 distinct sources. 222.252.99.9 was first reported on June 18th 2026, and the most recent report was 12 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 voormedia	2026-06-30 07:53:43 (12 minutes ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇺🇸 mnsf	2026-06-30 02:05:28 (6 hours ago)	Xmlrpc Caught (6)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-30 01:46:25 (6 hours ago)	(mod_security) mod_security (id:225170) triggered by 222.252.99.9 (static.vnpt-hanoi.com.vn): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 222.252.99.9 (static.vnpt-hanoi.com.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 21:46:17.581630 2026] [security2:error] [pid 15930:tid 15930] [client 222.252.99.9:50740] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mytapt.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mytapt.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akMf6ThEP4f04LCLcHujEQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-29 11:43:45 (20 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 Jason Howell	2026-06-29 10:56:06 (21 hours ago)	222.252.99.9 - - [29/Jun/2026:05:43:13 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4993 "-" "Mozilla/5.0 ... show more 222.252.99.9 - - [29/Jun/2026:05:43:13 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4993 "-" "Mozilla/5.0 (Windows NT 6.2; x64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/72.0.0.0 Safari/537.36" 222.252.99.9 - - [29/Jun/2026:05:50:08 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4992 "-" "Mozilla/5.0 (Windows NT 6.2; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/83.0.0.0 Safari/537.36" 222.252.99.9 - - [29/Jun/2026:05:50:37 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4991 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.0.0 Safari/537.36" 222.252.99.9 - - [29/Jun/2026:05:51:02 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4991 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.0.0 Safari/537.36" 222.252.99.9 - - [29/Jun/2026:05:56:06 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4992 "-" "Mozilla/5.0 (Linux; Android 10; x86) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.0.0 Safari/537. ... show less	Web App Attack
🇩🇪 dbmwebdesign	2026-06-29 07:40:40 (1 day ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
Anonymous	2026-06-29 05:19:10 (1 day ago)	Attac	Brute-Force
🇺🇸 juguemosalacarioca.com	2026-06-29 01:10:49 (1 day ago)	Multiple HTTP calls attempting to GET resources using common API calls or formats on port 8080	Web App Attack
🇮🇹 ciccio diddo	2026-06-26 04:36:36 (4 days ago)	CMS/WP Exploit xmlrpc port:Tcp/80,443	Brute-Force Web App Attack
🇮🇩 Burayot	2026-06-24 10:02:38 (5 days ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 222.252.99.9 (VN/Vietnam/static.vnp ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 222.252.99.9 (VN/Vietnam/static.vnpt-hanoi.com.vn): 1 in the last 3600 secs show less	Web App Attack
Anonymous	2026-06-24 07:35:16 (6 days ago)	[ssd5.kdns.gr] httpd-xmlrpc-post: sites=enerescpm.com; logs=/var/log/httpd/domains/enerescpm.com.log ... show more [ssd5.kdns.gr] httpd-xmlrpc-post: sites=enerescpm.com; logs=/var/log/httpd/domains/enerescpm.com.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-06-23 09:45:07 (6 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
Anonymous	2026-06-23 04:41:49 (1 week ago)	[redacted] 222.252.99.9 - - [23/Jun/2026:06:40:57 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mo ... show more [redacted] 222.252.99.9 - - [23/Jun/2026:06:40:57 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Linux; Android 10; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/82.0.0.0 Safari/537.36" [redacted] 222.252.99.9 - - [23/Jun/2026:06:41:08 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 6.3; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/10.0.0.0 Safari/537.36" [redacted] 222.252.99.9 - - [23/Jun/2026:06:41:21 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 6.3; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/70.0.0.0 Safari/537.36" [redacted] 222.252.99.9 - - [23/Jun/2026:06:41:47 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 6.2; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.0.0 Safari/537.36" [redacted] 222.252.99.9 - - [23/Jun/2026:06:41:32 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 6.3; x86) AppleWebKit/537.36 (KHTML, ... show less	Hacking Web App Attack
🇩🇪 big-cloud.nl	2026-06-23 04:01:39 (1 week ago)	Try to access /xmlrpc.php	Web App Attack
🇳🇱 wlt-blocker	2026-06-22 10:42:47 (1 week ago)	Unauthorized access to webpage admin	Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 213.201.139.232

🇧🇷 190.115.84.25

🇱🇧 185.187.131.151

🇮🇳 182.95.228.106

🇺🇸 159.223.103.141

🇨🇳 120.48.42.17

🇳🇱 45.148.10.141

🇺🇸 20.221.56.179

🇷🇴 2.57.121.112

🇬🇧 195.96.139.114

🇺🇸 184.105.247.252

🇮🇹 172.213.2.229

🇺🇸 147.185.132.110

🇦🇹 139.178.118.202

🇮🇹 78.134.49.171

🇸🇬 45.43.63.207

🇧🇪 34.78.190.22

🇮🇳 2406:7400:ff03:c7c9:5482:7c16:c76d:2231

🇮🇩 202.133.66.246

🇬🇧 194.74.196.10