JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.20.174.22

1.20.174.22 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 100%: ?

100%

ISP	TOT Mobile Co LTD
Usage Type	Fixed Line ISP
ASN	AS23969
Domain Name	tot.co.th
Country	🇹🇭 Thailand
City	Chanthaburi, Chanthaburi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.20.174.22

Whois 1.20.174.22

IP Abuse Reports for 1.20.174.22:

This IP address has been reported a total of 29 times from 26 distinct sources. 1.20.174.22 was first reported on June 5th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-06 02:23:51 (2 days ago)	Knockin' on Heaven's Door, SSH crap	Brute-Force SSH
🇦🇹 urnilxfgbez	2026-06-05 22:45:00 (2 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2026-06-05 12:36:50 (2 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇧🇷 SOC Blue Team	2026-06-05 07:25:41 (2 days ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇵🇱 jekob	2026-06-05 07:21:15 (2 days ago)	Automated malicious activity detected (1 events)	Hacking Web App Attack
🇺🇸 xmission.com	2026-06-05 07:05:41 (2 days ago)	Blocked by UFW (TCP on 80) Source port: 7259 TTL: 49 Packet length: 44 TOS: 0x00 This report (for 1 ... show more Blocked by UFW (TCP on 80) Source port: 7259 TTL: 49 Packet length: 44 TOS: 0x00 This report (for 1.20.174.22) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 yzfdude1	2026-06-05 06:54:58 (2 days ago)	Jun 5 00:54:55 b146-InstructorB sshd[446685]: Invalid user orangepi from 1.20.174.22 port 23182 Jun ... show more Jun 5 00:54:55 b146-InstructorB sshd[446685]: Invalid user orangepi from 1.20.174.22 port 23182 Jun 5 00:54:55 b146-InstructorB sshd[446685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.20.174.22 Jun 5 00:54:57 b146-InstructorB sshd[446685]: Failed password for invalid user orangepi from 1.20.174.22 port 23182 ssh2 ... show less	Brute-Force SSH
🇺🇸 RAP	2026-06-05 06:39:26 (2 days ago)	2026-06-05 06:39:26 UTC Unauthorized activity to TCP port 22. SSH	SSH
🇺🇸 Matthew Ping	2026-06-05 06:00:02 (2 days ago)	ModSecurity rule 949110 triggered on clearedge3d. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
🇺🇸 MPL	2026-06-05 05:45:05 (2 days ago)	tcp/2222 (2 or more attempts)	Port Scan
🇺🇸 bigscoots.com	2026-06-05 05:11:26 (3 days ago)	(sshd) Failed SSH login from 1.20.174.22 (TH/Thailand/-): 5 in the last 3600 secs; Ports: ; Directi ... show more (sshd) Failed SSH login from 1.20.174.22 (TH/Thailand/-): 5 in the last 3600 secs; Ports: ; Direction: 1; Trigger: LF_SSHD; Logs: Jun 5 00:09:57 17509 sshd[19319]: Invalid user admin from 1.20.174.22 port 12040 Jun 5 00:10:00 17509 sshd[19319]: Failed password for invalid user admin from 1.20.174.22 port 12040 ssh2 Jun 5 00:10:47 17509 sshd[19868]: Invalid user orangepi from 1.20.174.22 port 33882 Jun 5 00:10:49 17509 sshd[19868]: Failed password for invalid user orangepi from 1.20.174.22 port 33882 ssh2 Jun 5 00:11:22 17509 sshd[20277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.20.174.22 user=root show less	Brute-Force SSH
🇩🇪 EGP Abuse Dept	2026-06-05 04:56:51 (3 days ago)	Scanning for web/db/file exploits on tpc-031.mach3builders.nl	SQL Injection Bad Web Bot Web App Attack
Anonymous	2026-06-05 04:53:16 (3 days ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇫🇷 Version Net	2026-06-05 04:26:42 (3 days ago)	IPS Detection: Apache.HTTP.Server.cgi-bin.Path.Traversal	Hacking
🇺🇸 MPL	2026-06-05 03:42:51 (3 days ago)	tcp/80 (4 or more attempts)	Port Scan

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 178.128.84.187

🇺🇸 162.243.76.125

🇵🇰 154.192.112.193

🇮🇳 125.20.228.146

🇭🇰 119.246.15.94

🇨🇳 117.191.127.86

🇨🇳 116.179.33.83

🇺🇸 104.168.4.239

🇺🇸 91.230.168.211

🇨🇦 85.217.149.3

🇨🇳 58.220.39.200

🇺🇸 47.77.182.54

🇱🇹 45.227.254.170

🇰🇷 4.230.28.141

🇺🇸 2604:a880:400:d1:0:4:8bfc:a001

🇯🇵 205.234.196.32

🇺🇸 166.88.81.234

🇺🇸 130.131.220.95

🇨🇳 114.106.136.7

🇮🇳 103.64.129.98