JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.1.220.166

1.1.220.166 was found in our database!

This IP was reported 949 times. Confidence of Abuse is 100%: ?

100%

ISP	TOT Public Company Limited
Usage Type	Fixed Line ISP
ASN	AS23969
Hostname(s)	node-iau.pool-1-1.dynamic.nt-isp.net
Domain Name	totidc.net
Country	🇹🇭 Thailand
City	Tha Maka, Kanchanaburi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.1.220.166

Whois 1.1.220.166

IP Abuse Reports for 1.1.220.166:

This IP address has been reported a total of 949 times from 444 distinct sources. 1.1.220.166 was first reported on November 1st 2021, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ecs.ge	2026-06-14 18:23:26 (1 hour ago)	Automatic Fail2Ban report from jail ssh: multiple matching events detected.	Brute-Force SSH
🇩🇪 joschuak	2026-06-14 18:04:45 (1 hour ago)	SSH brute force attack detected from [1.1.220.166]	SSH Brute-Force
🇩🇪 rd1742	2026-06-14 16:33:43 (2 hours ago)	2026-06-14 16:33:42,953 quad proftpd[1363095] 2a03:4000:3e:312:360a:466c:8ea1:45b9 (node-iau.pool-1- ... show more 2026-06-14 16:33:42,953 quad proftpd[1363095] 2a03:4000:3e:312:360a:466c:8ea1:45b9 (node-iau.pool-1-1.dynamic.nt-isp.net[1.1.220.166]): USER root: no such user found from node-iau.pool-1-1.dynamic.nt-isp.net [1.1.220.166] to 2.56.97.107:22 show less	Brute-Force Exploited Host SSH
🇧🇷 modscleo4	2026-06-14 16:32:03 (3 hours ago)	2026-06-14T13:32:03.600130-03:00 salada-de-fruta sshd[2883807]: Connection closed by authenticating ... show more 2026-06-14T13:32:03.600130-03:00 salada-de-fruta sshd[2883807]: Connection closed by authenticating user root 1.1.220.166 port 55206 [preauth] ... show less	Port Scan Brute-Force SSH
🇩🇪 Riko	2026-06-14 16:00:11 (3 hours ago)	Fail2ban SSH Bruteforce	Brute-Force SSH
🇫🇷 jk jk	2026-06-14 15:13:47 (4 hours ago)	GoPot Honeypot	Port Scan Hacking
🇫🇷 bulletz	2026-06-14 15:02:00 (4 hours ago)	2026-06-14T17:00:29.723409+02:00 vps sshd[12063]: Failed password for root from 1.1.220.166 port 333 ... show more 2026-06-14T17:00:29.723409+02:00 vps sshd[12063]: Failed password for root from 1.1.220.166 port 33356 ssh2 2026-06-14T17:01:57.443826+02:00 vps sshd[12091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.1.220.166 user=root 2026-06-14T17:01:59.082139+02:00 vps sshd[12091]: Failed password for root from 1.1.220.166 port 39448 ssh2 ... show less	Brute-Force SSH
Anonymous	2026-06-14 10:51:38 (8 hours ago)	...	Brute-Force SSH
🇩🇪 formality	2026-06-14 10:50:18 (8 hours ago)	Invalid user git from 1.1.220.166 port 58226	Brute-Force SSH
🇩🇪 LRob.fr	2026-06-14 10:30:09 (9 hours ago)	SSH abuse or brute-force attack detected by Fail2Ban in ssh jail	Brute-Force SSH
🇩🇪 THYRAKLES_EINZELUNTERNEHMEN_NOAH_FINLEY WOLF	2026-06-14 10:11:57 (9 hours ago)	systemd timer sync; fail2ban jail=sshd host=tk ip=1.1.220.166; evidence=fail2ban log NOTICE Ban even ... show more systemd timer sync; fail2ban jail=sshd host=tk ip=1.1.220.166; evidence=fail2ban log NOTICE Ban event show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-06-14 10:04:38 (9 hours ago)	1.1.220.166 (TH/Thailand/node-iau.pool-1-1.dynamic.nt-isp.net), 5 distributed sshd attacks on accoun ... show more 1.1.220.166 (TH/Thailand/node-iau.pool-1-1.dynamic.nt-isp.net), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 14 04:59:22 15216 sshd[6145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.224.166 user=root Jun 14 04:59:24 15216 sshd[6145]: Failed password for root from 202.29.224.166 port 60284 ssh2 Jun 14 04:59:52 15216 sshd[6151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.1.220.166 user=root Jun 14 04:59:54 15216 sshd[6151]: Failed password for root from 1.1.220.166 port 45252 ssh2 Jun 14 05:04:22 15216 sshd[7070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.42.108.132 user=root IP Addresses Blocked: 202.29.224.166 (TH/Thailand/-) show less	Brute-Force SSH
🇨🇿 gszasz	2026-06-14 08:37:09 (10 hours ago)	2026-06-14T10:37:04.913634+02:00 thor sshd-session[101580]: pam_unix(sshd:auth): authentication fail ... show more 2026-06-14T10:37:04.913634+02:00 thor sshd-session[101580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.1.220.166 2026-06-14T10:37:07.363558+02:00 thor sshd-session[101580]: Failed password for invalid user tomcat from 1.1.220.166 port 41220 ssh2 2026-06-14T10:37:07.995225+02:00 thor sshd-session[101580]: Connection closed by invalid user tomcat 1.1.220.166 port 41220 [preauth] ... show less	Brute-Force SSH
🇦🇩 bakunin1848	2026-06-14 07:43:29 (11 hours ago)	SSH Login Attemp Blocked	SSH Brute-Force
🇸🇪 Kotiacat_one	2026-06-14 06:39:43 (12 hours ago)	2026-06-14T09:39:42.828189+03:00 kotia sshd[153587]: Invalid user walrus from 1.1.220.166 port 49932 ... show more 2026-06-14T09:39:42.828189+03:00 kotia sshd[153587]: Invalid user walrus from 1.1.220.166 port 49932 ... show less	Brute-Force SSH

Showing 1 to 15 of 949 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.83

🇨🇳 116.179.37.205

🇨🇳 106.63.26.140

🇹🇭 83.118.107.46

🇨🇴 38.252.157.170

🇹🇼 202.39.153.245

🇧🇷 200.223.232.26

🇭🇰 152.32.211.69

🇩🇪 136.0.66.114

🇨🇳 122.8.92.49

🇬🇧 86.17.201.222

🇸🇦 79.72.3.119

🇮🇩 34.101.151.9

🇧🇪 34.62.56.180

🇺🇸 34.42.34.237

🇨🇳 14.103.118.217

🇧🇪 198.235.24.227

🇧🇷 191.53.181.252

🇧🇴 190.11.92.98

🇫🇮 178.20.210.208