Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Romania

Internet Service Provider: UPC Romania S.A.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:
Type Details Datetime
attackspambots
DATE:2020-10-05 22:03:12, IP:83.103.150.72, PORT:ssh SSH brute force auth (docker-dc)
2020-10-06 05:14:59
attackbotsspam
(sshd) Failed SSH login from 83.103.150.72 (RO/Romania/primarie-fo-flt.suceava.astral.ro): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct  5 08:07:37 optimus sshd[31964]: Failed password for root from 83.103.150.72 port 60399 ssh2
Oct  5 08:18:48 optimus sshd[13181]: Failed password for root from 83.103.150.72 port 42912 ssh2
Oct  5 08:22:45 optimus sshd[15526]: Failed password for root from 83.103.150.72 port 45949 ssh2
Oct  5 08:26:51 optimus sshd[20190]: Failed password for root from 83.103.150.72 port 48972 ssh2
Oct  5 08:30:49 optimus sshd[22213]: Failed password for root from 83.103.150.72 port 52014 ssh2
2020-10-05 21:18:54
attackspam
Oct  5 06:28:13 server sshd[37321]: Failed password for root from 83.103.150.72 port 32802 ssh2
Oct  5 06:32:03 server sshd[38067]: Failed password for root from 83.103.150.72 port 35528 ssh2
Oct  5 06:35:56 server sshd[38885]: Failed password for root from 83.103.150.72 port 38268 ssh2
2020-10-05 13:10:04
attackspambots
SSH/22 MH Probe, BF, Hack -
2020-09-15 20:32:44
attack
Sep 15 05:32:01 nuernberg-4g-01 sshd[25293]: Failed password for root from 83.103.150.72 port 55554 ssh2
Sep 15 05:35:23 nuernberg-4g-01 sshd[26407]: Failed password for root from 83.103.150.72 port 54825 ssh2
2020-09-15 12:33:43
attackbots
Lines containing failures of 83.103.150.72
Sep 14 22:23:13 nemesis sshd[21341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.103.150.72  user=r.r
Sep 14 22:23:15 nemesis sshd[21341]: Failed password for r.r from 83.103.150.72 port 50867 ssh2
Sep 14 22:23:16 nemesis sshd[21341]: Received disconnect from 83.103.150.72 port 50867:11: Bye Bye [preauth]
Sep 14 22:23:16 nemesis sshd[21341]: Disconnected from authenticating user r.r 83.103.150.72 port 50867 [preauth]
Sep 14 22:29:41 nemesis sshd[23715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.103.150.72  user=r.r


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=83.103.150.72
2020-09-15 04:42:26
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 83.103.150.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11693
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;83.103.150.72.			IN	A

;; AUTHORITY SECTION:
.			503	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091402 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 15 04:42:23 CST 2020
;; MSG SIZE  rcvd: 117
Host info
72.150.103.83.in-addr.arpa domain name pointer primarie-fo-flt.suceava.astral.ro.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
72.150.103.83.in-addr.arpa	name = primarie-fo-flt.suceava.astral.ro.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
213.138.209.109 attack
Unauthorized connection attempt from IP address 213.138.209.109 on Port 445(SMB)
2020-05-22 00:15:53
94.102.56.215 attackbotsspam
May 21 18:30:01 debian-2gb-nbg1-2 kernel: \[12337422.905576\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.56.215 DST=195.201.40.59 LEN=57 TOS=0x00 PREC=0x00 TTL=247 ID=54321 PROTO=UDP SPT=48016 DPT=7760 LEN=37
2020-05-22 00:31:04
162.243.143.49 attackspambots
scans once in preceeding hours on the ports (in chronological order) 42702 resulting in total of 54 scans from 162.243.0.0/16 block.
2020-05-22 01:01:17
162.243.144.201 attackspambots
May 21 14:06:04 xxx sshd[16788]: Did not receive identification string from 162.243.144.201
May 21 14:06:14 xxx sshd[16809]: Did not receive identification string from 162.243.144.201
May 21 14:08:04 xxx sshd[16842]: Did not receive identification string from 162.243.144.201
May 21 14:08:40 xxx sshd[16882]: Did not receive identification string from 162.243.144.201
May 21 14:10:35 xxx sshd[17537]: Did not receive identification string from 162.243.144.201


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=162.243.144.201
2020-05-22 00:56:59
162.243.144.135 attack
scans once in preceeding hours on the ports (in chronological order) 53020 resulting in total of 54 scans from 162.243.0.0/16 block.
2020-05-22 00:57:58
162.243.143.188 attackspam
scans once in preceeding hours on the ports (in chronological order) 2379 resulting in total of 54 scans from 162.243.0.0/16 block.
2020-05-22 01:00:40
162.243.144.215 attack
Connection by 162.243.144.215 on port: 109 got caught by honeypot at 5/21/2020 2:51:04 PM
2020-05-22 00:56:11
167.172.49.247 attackbotsspam
scans once in preceeding hours on the ports (in chronological order) 12336 resulting in total of 8 scans from 167.172.0.0/16 block.
2020-05-22 00:51:09
185.216.140.6 attackspambots
firewall-block, port(s): 8089/tcp
2020-05-22 00:18:10
162.243.140.191 attack
111/udp 7210/tcp 2376/tcp...
[2020-04-29/05-21]14pkt,12pt.(tcp),2pt.(udp)
2020-05-22 01:04:53
162.243.139.107 attackbots
scans once in preceeding hours on the ports (in chronological order) 5432 resulting in total of 54 scans from 162.243.0.0/16 block.
2020-05-22 01:09:28
223.71.167.164 attackspambots
SmallBizIT.US 8 packets to tcp(2306,5222,7288,7779,8098,9090,34567,50805)
2020-05-22 00:38:40
185.200.118.58 attack
scans once in preceeding hours on the ports (in chronological order) 1723 resulting in total of 4 scans from 185.200.118.0/24 block.
2020-05-22 00:19:14
162.243.144.203 attackspam
" "
2020-05-22 00:56:43
194.26.29.118 attackbots
scans 20 times in preceeding hours on the ports (in chronological order) 36935 37004 36936 36875 37094 37006 37009 36963 36894 36805 37100 36896 37056 36889 37053 36972 36936 36832 36981 37052 resulting in total of 51 scans from 194.26.29.0/24 block.
2020-05-22 00:17:38

Recently Reported IPs

161.132.217.240 169.74.148.147 78.72.123.217 36.145.54.162
74.72.192.179 161.117.47.63 109.177.48.130 104.41.24.235
133.43.245.54 5.79.239.130 178.207.51.78 156.54.170.161
215.88.67.59 147.0.184.53 113.220.60.113 154.219.155.235
28.115.32.43 160.83.147.152 161.164.182.105 75.24.50.215