216.218.206.75

基本信息:

城市(city): Cazadero

省份(region): California

国家(country): United States

运营商(isp): Hurricane Electric LLC

主机名(hostname): unknown

机构(organization): Hurricane Electric LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Tried our host z.	2020-07-19 19:38:44
attack	Unwanted checking 80 or 443 port ...	2020-07-16 13:59:47
attackbots	firewall-block, port(s): 137/udp	2020-03-11 16:13:17
attackbots	3389BruteforceFW23	2020-02-07 02:08:10
attackspambots	3389BruteforceFW23	2019-11-09 02:45:11
attack	445/tcp 11211/tcp 23/tcp... [2019-09-02/11-03]41pkt,18pt.(tcp),2pt.(udp)	2019-11-03 21:23:00
attackspam	" "	2019-10-24 03:34:12
attackspam	" "	2019-10-04 19:34:17
attack	8443/tcp 3702/udp 5900/tcp... [2019-07-10/09-08]45pkt,9pt.(tcp),4pt.(udp)	2019-09-09 06:00:03
attackbotsspam	firewall-block, port(s): 111/udp	2019-07-06 01:53:24

相同子网IP讨论:

IP	类型	评论内容	时间
216.218.206.72	attackproxy	Vulnerability Scanner	2025-06-26 12:55:51
216.218.206.102	proxy	Vulnerability Scanner	2024-08-22 21:15:28
216.218.206.101	botsattackproxy	SMB bot	2024-06-19 20:50:36
216.218.206.125	attackproxy	Vulnerability Scanner	2024-04-25 21:28:54
216.218.206.55	spam	There is alot of spammers at uphsl.edu.ph aka a0800616@uphsl.edu.ph	2023-08-08 01:09:41
216.218.206.92	proxy	VPN	2023-01-23 13:58:39
216.218.206.66	proxy	VPN	2023-01-20 13:48:44
216.218.206.126	proxy	Attack VPN	2022-12-08 13:51:17
216.218.206.90	attackproxy	ataque a router	2021-05-17 12:16:31
216.218.206.102	attackproxy	ataque a mi router	2021-05-17 12:12:18
216.218.206.86	attack	This IP has been trying for about a month (since then I noticed) to try to connect via VPN / WEB to the router using different accounts (admin, root, vpn, test, etc.). What does an ISP do in this situation? May/06/2021 03:52:17 216.218.206.82 failed to get valid proposal. May/06/2021 03:52:17 216.218.206.82 failed to pre-process ph1 packet (side: 1, status 1). May/06/2021 03:52:17 216.218.206.82 phase1 negotiation failed.	2021-05-06 19:38:14
216.218.206.97	attack	Port scan: Attack repeated for 24 hours	2020-10-14 01:00:06
216.218.206.97	attackspam	srv02 Mass scanning activity detected Target: 1434(ms-sql-m) ..	2020-10-13 16:10:07
216.218.206.97	attackspambots	srv02 Mass scanning activity detected Target: 445(microsoft-ds) ..	2020-10-13 08:45:33
216.218.206.106	attack	UDP port : 500	2020-10-12 22:22:49

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 216.218.206.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42854
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;216.218.206.75.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 21 15:15:48 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

75.206.218.216.in-addr.arpa is an alias for 75.64-26.206.218.216.in-addr.arpa.
75.64-26.206.218.216.in-addr.arpa domain name pointer scan-06b.shadowserver.org.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
75.206.218.216.in-addr.arpa	canonical name = 75.64-26.206.218.216.in-addr.arpa.
75.64-26.206.218.216.in-addr.arpa	name = scan-06b.shadowserver.org.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
96.127.158.234	attackbots	Unauthorized connection attempt detected from IP address 96.127.158.234 to port 2323	2020-06-04 04:42:45
202.147.198.154	attack	2020-06-03T20:05:13.830704Z a1bd5d65c056 New connection: 202.147.198.154:49932 (172.17.0.3:2222) [session: a1bd5d65c056] 2020-06-03T20:22:04.786676Z 48ae04dcd8ed New connection: 202.147.198.154:43716 (172.17.0.3:2222) [session: 48ae04dcd8ed]	2020-06-04 04:24:32
188.213.49.176	attackspam	(mod_security) mod_security (id:210492) triggered by 188.213.49.176 (RO/Romania/-): 5 in the last 3600 secs	2020-06-04 04:37:41
188.162.166.132	attackspambots	Unauthorized connection attempt from IP address 188.162.166.132 on Port 445(SMB)	2020-06-04 04:42:03
222.186.180.41	attack	Jun 3 22:13:26 server sshd[38875]: Failed none for root from 222.186.180.41 port 14386 ssh2 Jun 3 22:13:28 server sshd[38875]: Failed password for root from 222.186.180.41 port 14386 ssh2 Jun 3 22:13:32 server sshd[38875]: Failed password for root from 222.186.180.41 port 14386 ssh2	2020-06-04 04:14:55
67.205.135.65	attack	Jun 3 21:55:21 DAAP sshd[2334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.135.65 user=root Jun 3 21:55:23 DAAP sshd[2334]: Failed password for root from 67.205.135.65 port 43590 ssh2 Jun 3 21:58:29 DAAP sshd[2422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.135.65 user=root Jun 3 21:58:31 DAAP sshd[2422]: Failed password for root from 67.205.135.65 port 38878 ssh2 Jun 3 22:00:41 DAAP sshd[2491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.135.65 user=root Jun 3 22:00:43 DAAP sshd[2491]: Failed password for root from 67.205.135.65 port 53360 ssh2 ...	2020-06-04 04:13:49
117.50.40.157	attackspambots	Jun 3 12:44:38 Host-KLAX-C sshd[21437]: User root from 117.50.40.157 not allowed because not listed in AllowUsers ...	2020-06-04 04:11:06
80.106.74.137	attackbotsspam	Honeypot attack, port: 81, PTR: ocamha.static.otenet.gr.	2020-06-04 04:22:41
195.54.160.107	attackbots	Jun 3 19:05:02 webctf kernel: [405960.734307] [UFW BLOCK] IN=ens3 OUT= MAC=fa:16:3e:1e:56:95:da:da:88:24:bd:ed:08:00 SRC=195.54.160.107 DST=137.74.115.118 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=28235 PROTO=TCP SPT=8080 DPT=11009 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 3 19:07:17 webctf kernel: [406095.682040] [UFW BLOCK] IN=ens3 OUT= MAC=fa:16:3e:1e:56:95:da:da:88:24:bd:ed:08:00 SRC=195.54.160.107 DST=137.74.115.118 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=16189 PROTO=TCP SPT=8080 DPT=11100 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 3 19:15:03 webctf kernel: [406561.869224] [UFW BLOCK] IN=ens3 OUT= MAC=fa:16:3e:1e:56:95:da:da:88:24:bd:ed:08:00 SRC=195.54.160.107 DST=137.74.115.118 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=33103 PROTO=TCP SPT=8080 DPT=11242 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 3 19:26:32 webctf kernel: [407250.819065] [UFW BLOCK] IN=ens3 OUT= MAC=fa:16:3e:1e:56:95:da:da:88:24:bd:ed:08:00 SRC=195.54.160.107 DST=137.74.115.118 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=2947 PROTO=TCP SPT=8080 ...	2020-06-04 04:26:20
5.117.94.29	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-06-04 04:39:02
200.219.207.42	attack	Jun 3 21:11:48 ajax sshd[6400]: Failed password for root from 200.219.207.42 port 40100 ssh2	2020-06-04 04:37:10
222.186.175.183	attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-04 04:18:38
80.211.13.167	attack	Failed password for root from 80.211.13.167 port 56616 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.13.167 user=root Failed password for root from 80.211.13.167 port 60454 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.13.167 user=root Failed password for root from 80.211.13.167 port 36058 ssh2	2020-06-04 04:13:09
51.75.125.16	attack	Jun 3 22:08:53 server sshd[23061]: Failed password for root from 51.75.125.16 port 44900 ssh2 Jun 3 22:12:16 server sshd[26239]: Failed password for root from 51.75.125.16 port 48318 ssh2 Jun 3 22:15:39 server sshd[29259]: Failed password for root from 51.75.125.16 port 51734 ssh2	2020-06-04 04:32:30
95.27.46.68	attackspam	Unauthorized connection attempt from IP address 95.27.46.68 on Port 445(SMB)	2020-06-04 04:40:55

最近上报的IP列表

97.97.51.97	194.183.0.91	212.22.93.6	2.150.119.187
185.244.25.147	35.40.230.92	89.220.148.79	103.58.66.238
221.13.91.18	92.118.161.53	218.227.195.153	47.213.164.175
71.6.233.40	154.72.69.94	103.75.183.99	122.141.13.154
103.36.18.91	206.72.199.46	41.123.53.9	221.52.116.147