Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Switzerland

Internet Service Provider: UPC Schweiz GmbH

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:
Type Details Datetime
attack
2019-12-02T12:23:49.726830abusebot-3.cloudsearch.cf sshd\[28372\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62-2-148-66.static.cablecom.ch  user=root
2019-12-02 20:59:54
attack
2019-12-02T08:20:24.874564abusebot-3.cloudsearch.cf sshd\[26875\]: Invalid user tshort from 62.2.148.66 port 53409
2019-12-02 16:26:46
attackbots
Nov  1 06:03:30 legacy sshd[9458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.2.148.66
Nov  1 06:03:32 legacy sshd[9458]: Failed password for invalid user aleksandir from 62.2.148.66 port 57529 ssh2
Nov  1 06:07:51 legacy sshd[9585]: Failed password for root from 62.2.148.66 port 50285 ssh2
...
2019-11-01 13:22:35
attackbotsspam
Oct 27 22:25:40 SilenceServices sshd[7138]: Failed password for root from 62.2.148.66 port 43440 ssh2
Oct 27 22:29:51 SilenceServices sshd[9802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.2.148.66
Oct 27 22:29:53 SilenceServices sshd[9802]: Failed password for invalid user elf from 62.2.148.66 port 36111 ssh2
2019-10-28 05:31:48
attack
Oct 26 01:00:27 uapps sshd[19747]: User r.r from 62-2-148-66.static.cablecom.ch not allowed because not listed in AllowUsers
Oct 26 01:00:27 uapps sshd[19747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62-2-148-66.static.cablecom.ch  user=r.r
Oct 26 01:00:29 uapps sshd[19747]: Failed password for invalid user r.r from 62.2.148.66 port 58377 ssh2
Oct 26 01:00:29 uapps sshd[19747]: Received disconnect from 62.2.148.66: 11: Bye Bye [preauth]
Oct 26 01:21:32 uapps sshd[19966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62-2-148-66.static.cablecom.ch
Oct 26 01:21:34 uapps sshd[19966]: Failed password for invalid user ts3 from 62.2.148.66 port 43424 ssh2
Oct 26 01:21:34 uapps sshd[19966]: Received disconnect from 62.2.148.66: 11: Bye Bye [preauth]
Oct 26 01:25:46 uapps sshd[19991]: User r.r from 62-2-148-66.static.cablecom.ch not allowed because not listed in AllowUsers
Oct 26 01:25:46 ........
-------------------------------
2019-10-27 18:14:37
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 62.2.148.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63998
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;62.2.148.66.			IN	A

;; AUTHORITY SECTION:
.			350	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102700 1800 900 604800 86400

;; Query time: 182 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 27 18:14:34 CST 2019
;; MSG SIZE  rcvd: 115
Host info
66.148.2.62.in-addr.arpa domain name pointer 62-2-148-66.static.cablecom.ch.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.148.2.62.in-addr.arpa	name = 62-2-148-66.static.cablecom.ch.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
185.10.68.53 attack
firewall-block, port(s): 7443/tcp
2019-06-28 23:34:04
87.250.224.91 attack
[Thu Jun 27 20:11:56.318500 2019] [:error] [pid 14487:tid 140348525344512] [client 87.250.224.91:35129] [client 87.250.224.91] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.1.1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "792"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.1.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XRTAnChJ9UCYUMl6cLuTTwAAAAs"]
...
2019-06-29 00:12:31
58.214.13.42 attackbotsspam
RDP Bruteforce
2019-06-28 23:41:29
223.255.10.6 attack
fraudulent SSH attempt
2019-06-28 23:26:59
42.98.129.9 attackspambots
Honeypot attack, port: 5555, PTR: 42-98-129-009.static.netvigator.com.
2019-06-29 00:26:37
121.160.56.30 attackspambots
Honeypot attack, port: 23, PTR: PTR record not found
2019-06-29 00:21:53
2.184.208.48 attackbotsspam
2019-06-28 14:30:37,405 fail2ban.actions        [23326]: NOTICE  [portsentry] Ban 2.184.208.48
...
2019-06-28 23:53:35
196.41.122.250 attackspambots
Jun 28 16:24:23 rpi sshd\[30002\]: Invalid user lun from 196.41.122.250 port 34172
Jun 28 16:24:23 rpi sshd\[30002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.41.122.250
Jun 28 16:24:25 rpi sshd\[30002\]: Failed password for invalid user lun from 196.41.122.250 port 34172 ssh2
2019-06-29 00:10:20
104.248.255.118 attackbots
Automatic report - Web App Attack
2019-06-28 23:28:10
208.163.47.100 attackbotsspam
2019-06-27 23:29:40,180 fail2ban.actions        [23326]: NOTICE  [portsentry] Ban 208.163.47.100
...
2019-06-28 23:48:51
71.6.232.4 attackspambots
scan r
2019-06-29 00:06:32
158.255.107.6 attackbotsspam
@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-28 13:32:35,943 INFO [amun_request_handler] PortScan Detected on Port: 445 (158.255.107.6)
2019-06-28 23:29:27
89.140.193.194 attackbotsspam
@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-28 13:09:12,275 INFO [shellcode_manager] (89.140.193.194) no match, writing hexdump (62fac287814c195fd321eaba9c13180c :6283) - SMB (Unknown)
2019-06-28 23:32:29
207.154.254.64 attackspam
2019-06-27 18:10:43,824 fail2ban.actions        [23326]: NOTICE  [portsentry] Ban 207.154.254.64
...
2019-06-28 23:51:07
82.55.56.19 attackspam
IP: 82.55.56.19
ASN: AS3269 Telecom Italia
Port: Simple Mail Transfer 25
Found in one or more Blacklists
Date: 28/06/2019 1:48:10 PM UTC
2019-06-29 00:23:11

Recently Reported IPs

151.75.111.157 80.158.32.174 46.176.12.226 185.76.34.87
78.25.89.80 139.59.93.112 58.245.125.48 62.234.155.56
103.52.147.175 139.59.95.125 123.11.78.148 192.129.26.102
96.80.238.22 103.131.200.96 217.61.63.7 70.132.32.91
178.128.153.185 140.115.53.154 222.93.145.43 95.191.243.128