JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.4.221.22

1.4.221.22 was found in our database!

This IP was reported 158 times. Confidence of Abuse is 100%: ?

100%

ISP	TOT Public Company Limited
Usage Type	Fixed Line ISP
ASN	AS23969
Hostname(s)	node-idy.pool-1-4.dynamic.nt-isp.net
Domain Name	totidc.net
Country	🇹🇭 Thailand
City	Nakhon Pathom, Nakhon Pathom

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.4.221.22

Whois 1.4.221.22

IP Abuse Reports for 1.4.221.22:

This IP address has been reported a total of 158 times from 54 distinct sources. 1.4.221.22 was first reported on September 21st 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Marc	2026-06-16 10:01:26 (1 day ago)	1.4.221.22 - - [16/Jun/2026:12:01:11 +0200] "GET /wp-login.php HTTP/1.1" 200 6461 "https://duckduckg ... show more 1.4.221.22 - - [16/Jun/2026:12:01:11 +0200] "GET /wp-login.php HTTP/1.1" 200 6461 "https://duckduckgo.com/" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" 1.4.221.22 - - [16/Jun/2026:12:01:21 +0200] "POST /wp-login.php HTTP/1.1" 403 11353 "https://kurse.tortenatelier-schwanbeck.de/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:119.0) Gecko/20100101 Firefox/119.0" 1.4.221.22 - - [16/Jun/2026:12:01:22 +0200] "GET /wp-login.php?redirect_to=https%3A%2F%2Fkurse.tortenatelier-schwanbeck.de%2Fwp-admin%2Findex.php&reauth=1 HTTP/1.1" 200 6049 "https://kurse.tortenatelier-schwanbeck.de/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 1.4.221.22 - - [16/Jun/2026:12:01:23 +0200] "POST /wp-login.php HTTP/1.1" 403 11362 "https://kurse.tortenatelier-schwanbeck.de/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 1.4.221. show less	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-16 01:51:06 (2 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇸🇬 abuseipreport.darajati	2026-06-15 23:50:40 (2 days ago)	1.4.221.22 - - [2026-06-16T07:50:39+08:00] "POST /wp-login.php HTTP/1.1" 200 2107 "http://hestiaisti ... show more 1.4.221.22 - - [2026-06-16T07:50:39+08:00] "POST /wp-login.php HTTP/1.1" 200 2107 "http://hestiaistiviani.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 1.4.221.22 - - [2026-06-16T07:50:39+08:00] "POST /wp-login.php HTTP/1.1" 200 2107 "http://hestiaistiviani.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 1.4.221.22 - - [2026-06-16T07:50:39+08:00] "POST /wp-login.php HTTP/1.1" 200 2107 "http://hestiaistiviani.com/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:118.0) Gecko/20100101 Firefox/118.0" 1.4.221.22 - - [2026-06-16T07:50:39+08:00] "POST /wp-login.php HTTP/1.1" 200 2107 "http://hestiaistiviani.com/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 1.4.221.22 - - [2026-06-16T07:50:40+08:00] "POST /wp-login.php HTTP/1.1" 200 2107 "http:/ ... show less	Web App Attack
🇲🇾 Rizzy	2026-06-15 11:15:56 (2 days ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇩🇪 akasolutions.de	2026-06-15 09:03:12 (2 days ago)	(wordpress) Failed wordpress login from 1.4.221.22 (TH/Thailand/node-idy.pool-1-4.dynamic.nt-isp.net ... show more (wordpress) Failed wordpress login from 1.4.221.22 (TH/Thailand/node-idy.pool-1-4.dynamic.nt-isp.net) show less	Brute-Force
🇺🇸 gu-alvareza	2026-06-15 07:05:28 (3 days ago)	WordPress.REST.API.Username.Enumeration.Information.Disclosure	Web App Attack
🇩🇪 abdubhai	2026-06-14 12:52:35 (3 days ago)	1.4.221.22 - - [14/Jun/2026:17:5 ...	Brute-Force
🇩🇪 FeG Deutschland	2026-06-14 05:10:33 (4 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇫🇷 LRob.fr	2026-06-13 23:30:03 (4 days ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇺🇸 Jason Howell	2026-06-13 15:28:32 (4 days ago)	1.4.221.22 - - [13/Jun/2026:10:28:23 -0500] "GET /wp-login.php HTTP/1.1" 200 6249 "https://wordpress ... show more 1.4.221.22 - - [13/Jun/2026:10:28:23 -0500] "GET /wp-login.php HTTP/1.1" 200 6249 "https://wordpress.org/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 1.4.221.22 - - [13/Jun/2026:10:28:30 -0500] "POST /wp-login.php HTTP/1.1" 200 2390 "https://totalsepticserviceiowa.com/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 1.4.221.22 - - [13/Jun/2026:10:28:30 -0500] "GET /wp-admin/index.php HTTP/1.1" 302 490 "https://totalsepticserviceiowa.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 1.4.221.22 - - [13/Jun/2026:10:28:31 -0500] "GET /wp-login.php?redirect_to=https%3A%2F%2Ftotalsepticserviceiowa.com%2Fwp-admin%2Findex.php&reauth=1 HTTP/1.1" 200 4407 "https://totalsepticserviceiowa.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWeb ... show less	Web App Attack
🇳🇱 Site.eu	2026-06-13 11:29:10 (4 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇩🇪 ger-stg-sifi1	2026-06-12 07:17:13 (6 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 Jason Howell	2026-06-12 00:24:21 (6 days ago)	1.4.221.22 - - [11/Jun/2026:19:24:16 -0500] "GET /wp-login.php HTTP/1.1" 200 5180 "-" "Mozilla/5.0 ( ... show more 1.4.221.22 - - [11/Jun/2026:19:24:16 -0500] "GET /wp-login.php HTTP/1.1" 200 5180 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Safari/605.1.15" 1.4.221.22 - - [11/Jun/2026:19:24:20 -0500] "POST /wp-login.php HTTP/1.1" 200 2715 "https://mcgivernappraisal.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 1.4.221.22 - - [11/Jun/2026:19:24:20 -0500] "GET /wp-admin/index.php HTTP/1.1" 302 499 "https://mcgivernappraisal.com/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 1.4.221.22 - - [11/Jun/2026:19:24:20 -0500] "GET /wp-login.php?redirect_to=https%3A%2F%2Fmcgivernappraisal.com%2Fwp-admin%2Findex.php&reauth=1 HTTP/1.1" 200 4625 "https://mcgivernappraisal.com/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 avgsmoe	2026-06-11 14:59:02 (6 days ago)	PERMA offender. Observed 5497 times.	Port Scan Brute-Force
🇫🇷 dynamix	2026-06-11 05:39:43 (1 week ago)	WordPress wp-login.php Brute Force Attack	Brute-Force Web App Attack

Showing 1 to 15 of 158 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.62.73.218

🇩🇪 207.154.216.114

🇩🇪 139.59.130.75

🇳🇱 45.148.10.240

🇷🇺 188.124.54.246

🇺🇸 172.202.113.251

🇮🇩 103.131.61.163

🇺🇸 74.208.42.164

🇷🇺 62.182.203.10

🇩🇪 51.195.62.42

🇸🇬 43.98.169.198

🇷🇴 2.57.121.25

🇩🇪 206.81.19.9

🇩🇪 167.99.133.242

🇮🇹 151.95.211.132

🇻🇳 123.22.200.179

🇫🇷 92.205.225.165

🇸🇪 77.53.194.10

🇧🇷 72.44.21.5

🇧🇷 4.201.96.144