220.158.148.243

Basic Info

City: unknown

Region: unknown

Country: Cambodia

Internet Service Provider: Kingtel KH

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2019-11-19T13:32:38.4852211495-001 sshd\[11575\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=movie1.snowball.com.kh 2019-11-19T13:47:14.5908951495-001 sshd\[12013\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=movie1.snowball.com.kh user=squid 2019-11-19T13:51:10.4986861495-001 sshd\[12134\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=movie1.snowball.com.kh user=root 2019-11-19T14:55:13.4345541495-001 sshd\[14290\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=movie1.snowball.com.kh 2019-11-19T14:59:18.1381211495-001 sshd\[14488\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=movie1.snowball.com.kh user=root 2019-11-19T16:01:35.6275811495-001 sshd\[16562\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=movie ...	2019-11-20 07:13:05

Type

Details

Datetime

attack

2019-11-19T13:32:38.4852211495-001 sshd\[11575\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=movie1.snowball.com.kh
2019-11-19T13:47:14.5908951495-001 sshd\[12013\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=movie1.snowball.com.kh  user=squid
2019-11-19T13:51:10.4986861495-001 sshd\[12134\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=movie1.snowball.com.kh  user=root
2019-11-19T14:55:13.4345541495-001 sshd\[14290\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=movie1.snowball.com.kh
2019-11-19T14:59:18.1381211495-001 sshd\[14488\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=movie1.snowball.com.kh  user=root
2019-11-19T16:01:35.6275811495-001 sshd\[16562\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=movie
...

2019-11-20 07:13:05

Comments on same subnet:

IP	Type	Details	Datetime
220.158.148.132	attackspambots	Jul 31 06:54:20 minden010 sshd[5254]: Failed password for root from 220.158.148.132 port 49762 ssh2 Jul 31 06:59:09 minden010 sshd[7221]: Failed password for root from 220.158.148.132 port 55446 ssh2 ...	2020-07-31 15:23:40
220.158.148.132	attack	Jul 29 15:12:58 minden010 sshd[2976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 Jul 29 15:13:00 minden010 sshd[2976]: Failed password for invalid user mujing from 220.158.148.132 port 52864 ssh2 Jul 29 15:16:45 minden010 sshd[3478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 ...	2020-07-30 00:52:11
220.158.148.132	attackbotsspam	Jul 27 06:24:56 meumeu sshd[237054]: Invalid user mysql from 220.158.148.132 port 49146 Jul 27 06:24:56 meumeu sshd[237054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 Jul 27 06:24:56 meumeu sshd[237054]: Invalid user mysql from 220.158.148.132 port 49146 Jul 27 06:24:58 meumeu sshd[237054]: Failed password for invalid user mysql from 220.158.148.132 port 49146 ssh2 Jul 27 06:27:25 meumeu sshd[237128]: Invalid user admin from 220.158.148.132 port 53562 Jul 27 06:27:25 meumeu sshd[237128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 Jul 27 06:27:25 meumeu sshd[237128]: Invalid user admin from 220.158.148.132 port 53562 Jul 27 06:27:27 meumeu sshd[237128]: Failed password for invalid user admin from 220.158.148.132 port 53562 ssh2 Jul 27 06:29:48 meumeu sshd[237207]: Invalid user ubuntu from 220.158.148.132 port 57974 ...	2020-07-27 12:41:46
220.158.148.132	attackspambots	Jul 14 17:19:00 abendstille sshd\[24605\]: Invalid user mcj from 220.158.148.132 Jul 14 17:19:00 abendstille sshd\[24605\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 Jul 14 17:19:02 abendstille sshd\[24605\]: Failed password for invalid user mcj from 220.158.148.132 port 42432 ssh2 Jul 14 17:21:42 abendstille sshd\[27187\]: Invalid user internet from 220.158.148.132 Jul 14 17:21:42 abendstille sshd\[27187\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 ...	2020-07-15 02:17:36
220.158.148.132	attack	Jul 7 13:37:23 onepixel sshd[3470123]: Invalid user szd from 220.158.148.132 port 37124 Jul 7 13:37:23 onepixel sshd[3470123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 Jul 7 13:37:23 onepixel sshd[3470123]: Invalid user szd from 220.158.148.132 port 37124 Jul 7 13:37:25 onepixel sshd[3470123]: Failed password for invalid user szd from 220.158.148.132 port 37124 ssh2 Jul 7 13:40:06 onepixel sshd[3471647]: Invalid user eric from 220.158.148.132 port 52548	2020-07-07 23:56:34
220.158.148.132	attackbots	2020-07-07T15:01:09.173515hostname sshd[14639]: Invalid user appserver from 220.158.148.132 port 54030 2020-07-07T15:01:11.174780hostname sshd[14639]: Failed password for invalid user appserver from 220.158.148.132 port 54030 ssh2 2020-07-07T15:04:27.048355hostname sshd[15998]: Invalid user martin from 220.158.148.132 port 52188 ...	2020-07-07 17:10:58
220.158.148.132	attack	Jun 23 22:48:32 piServer sshd[20178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 Jun 23 22:48:34 piServer sshd[20178]: Failed password for invalid user build from 220.158.148.132 port 44370 ssh2 Jun 23 22:51:55 piServer sshd[20453]: Failed password for root from 220.158.148.132 port 43504 ssh2 ...	2020-06-24 05:05:56
220.158.148.132	attack	Jun 16 14:12:29 ns382633 sshd\[30319\]: Invalid user venus from 220.158.148.132 port 38268 Jun 16 14:12:29 ns382633 sshd\[30319\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 Jun 16 14:12:31 ns382633 sshd\[30319\]: Failed password for invalid user venus from 220.158.148.132 port 38268 ssh2 Jun 16 14:23:10 ns382633 sshd\[32046\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 user=root Jun 16 14:23:12 ns382633 sshd\[32046\]: Failed password for root from 220.158.148.132 port 46022 ssh2	2020-06-16 21:53:51
220.158.148.132	attackspam	(sshd) Failed SSH login from 220.158.148.132 (KH/Cambodia/movie1.snowball.com.kh): 5 in the last 3600 secs	2020-06-07 01:19:46
220.158.148.132	attackspam	Jun 5 21:58:24 web1 sshd[29846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 user=root Jun 5 21:58:26 web1 sshd[29846]: Failed password for root from 220.158.148.132 port 44650 ssh2 Jun 5 22:07:28 web1 sshd[32381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 user=root Jun 5 22:07:30 web1 sshd[32381]: Failed password for root from 220.158.148.132 port 56114 ssh2 Jun 5 22:10:58 web1 sshd[932]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 user=root Jun 5 22:11:00 web1 sshd[932]: Failed password for root from 220.158.148.132 port 54652 ssh2 Jun 5 22:14:24 web1 sshd[1728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 user=root Jun 5 22:14:26 web1 sshd[1728]: Failed password for root from 220.158.148.132 port 53188 ssh2 Jun 5 22:17:46 web1 sshd[ ...	2020-06-06 00:47:17
220.158.148.132	attack	SSH login attempts.	2020-05-28 16:45:51
220.158.148.132	attack	(sshd) Failed SSH login from 220.158.148.132 (KH/Cambodia/movie1.snowball.com.kh): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 26 01:23:14 ubnt-55d23 sshd[25218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 user=root May 26 01:23:16 ubnt-55d23 sshd[25218]: Failed password for root from 220.158.148.132 port 46212 ssh2	2020-05-26 12:22:29
220.158.148.132	attackspam	May 23 07:53:45 sigma sshd\[1886\]: Invalid user kh from 220.158.148.132May 23 07:53:48 sigma sshd\[1886\]: Failed password for invalid user kh from 220.158.148.132 port 50958 ssh2 ...	2020-05-23 18:33:57
220.158.148.132	attackbotsspam	2020-05-13T00:47:54.300920linuxbox-skyline sshd[135235]: Invalid user ec from 220.158.148.132 port 38092 ...	2020-05-13 14:52:46
220.158.148.132	attackspam	May 10 23:01:36 inter-technics sshd[22944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 user=root May 10 23:01:38 inter-technics sshd[22944]: Failed password for root from 220.158.148.132 port 52342 ssh2 May 10 23:05:32 inter-technics sshd[23225]: Invalid user misha from 220.158.148.132 port 60222 May 10 23:05:32 inter-technics sshd[23225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.158.148.132 May 10 23:05:32 inter-technics sshd[23225]: Invalid user misha from 220.158.148.132 port 60222 May 10 23:05:35 inter-technics sshd[23225]: Failed password for invalid user misha from 220.158.148.132 port 60222 ssh2 ...	2020-05-11 07:10:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.158.148.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6181
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.158.148.243.		IN	A

;; AUTHORITY SECTION:
.			880	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081900 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 19 17:01:16 CST 2019
;; MSG SIZE  rcvd: 119

Host info

243.148.158.220.in-addr.arpa domain name pointer pns2.kingtel.com.kh.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
243.148.158.220.in-addr.arpa	name = pns2.kingtel.com.kh.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.93.104.164	attackspambots	Unauthorized connection attempt detected from IP address 114.93.104.164 to port 5555	2020-07-23 06:54:55
154.68.196.6	attackspam	Port probing on unauthorized port 23	2020-07-23 06:34:10
222.186.42.136	attackspam	Fail2Ban Ban Triggered (2)	2020-07-23 06:22:53
52.130.85.214	attack	Jul 22 16:00:20 server1 sshd\[16872\]: Invalid user syam from 52.130.85.214 Jul 22 16:00:20 server1 sshd\[16872\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.130.85.214 Jul 22 16:00:23 server1 sshd\[16872\]: Failed password for invalid user syam from 52.130.85.214 port 51880 ssh2 Jul 22 16:05:07 server1 sshd\[18207\]: Invalid user uts from 52.130.85.214 Jul 22 16:05:07 server1 sshd\[18207\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.130.85.214 ...	2020-07-23 06:18:44
45.83.66.150	attackspambots	Unauthorized connection attempt detected from IP address 45.83.66.150 to port 443	2020-07-23 06:44:11
94.21.158.175	attackbotsspam	php WP PHPmyadamin ABUSE blocked for 12h	2020-07-23 06:18:11
179.229.78.212	attackspam	Unauthorized connection attempt detected from IP address 179.229.78.212 to port 22	2020-07-23 06:50:42
73.57.140.214	attack	Unauthorized connection attempt detected from IP address 73.57.140.214 to port 23	2020-07-23 06:41:44
187.116.209.15	attack	Unauthorized connection attempt detected from IP address 187.116.209.15 to port 22	2020-07-23 06:49:06
193.112.102.95	attackbots	Unauthorized connection attempt detected from IP address 193.112.102.95 to port 5315	2020-07-23 06:28:31
175.139.1.34	attackspambots	SSH Invalid Login	2020-07-23 06:23:32
185.53.88.63	attack	Fail2Ban Ban Triggered	2020-07-23 06:22:03
183.91.87.162	attackspam	Unauthorized connection attempt detected from IP address 183.91.87.162 to port 445	2020-07-23 06:50:02
37.6.226.140	attackbotsspam	Unauthorized connection attempt detected from IP address 37.6.226.140 to port 23	2020-07-23 06:44:27
37.4.252.229	attack	Unauthorized connection attempt detected from IP address 37.4.252.229 to port 80	2020-07-23 06:44:59

Recently Reported IPs

172.104.166.184	183.63.49.21	142.93.208.219	136.55.162.246
88.122.156.151	114.101.255.156	165.22.237.183	124.187.221.13
188.234.150.27	152.42.226.193	123.11.183.254	112.240.231.100
121.28.165.122	3.36.182.104	96.253.204.168	148.170.198.105
182.186.116.50	171.48.50.149	137.150.57.96	47.91.108.168