JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.73.216.206

216.73.216.206 was found in our database!

This IP was reported 143 times. Confidence of Abuse is 65%: ?

65%

ISP	Anthropic, PBC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Domain Name	anthropic.com
Country	🇺🇸 United States of America
City	Columbus, Ohio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.73.216.206

Whois 216.73.216.206

IP Abuse Reports for 216.73.216.206:

This IP address has been reported a total of 143 times from 37 distinct sources. 216.73.216.206 was first reported on May 20th 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-14 08:07:33 (2 hours ago)	06/14/2026-15:07:30.747945 [Drop] [] [1:748608:4] Suricata WEB-MISC TLS1 Client_Hello with pad vi ... show more 06/14/2026-15:07:30.747945 [Drop] [] [1:748608:4] Suricata WEB-MISC TLS1 Client_Hello with pad via SSLv2 handshake request [**] [Classification: Generic Protocol Command Decode] [Priority: 3] {TCP} 216.73.216.206:46255 -> 103.166.156.58:443 ... show less	Email Spam Hacking
🇩🇪 Inamin	2026-06-13 23:29:00 (11 hours ago)	216.73.216.206 - - [14/Jun/2026:07:28:50 +0800] "GET /index.php?diff=cur&oldid=11489&title=%E9%AB%98 ... show more 216.73.216.206 - - [14/Jun/2026:07:28:50 +0800] "GET /index.php?diff=cur&oldid=11489&title=%E9%AB%98%E6%B5%B7%E5%8D%83%E6%AD%8C%2F%E3%82%A8%E3%83%94%E3%82%BD%E3%83%BC%E3%83%89%2FZH%2F%E7%AC%AC13%E8%A9%B1_%E9%9A%8A%E9%95%B7%E8%A6%81%E5%8A%A0%E6%B2%B9%EF%BC%81 HTTP/2.0" 200 52339 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])" 216.73.216.206 - - [14/Jun/2026:07:28:51 +0800] "GET /index.php?diff=cur&oldid=5631&title=%E9%BB%92%E6%BE%A4%E3%83%80%E3%82%A4%E3%83%A4%2F%E3%82%A8%E3%83%94%E3%82%BD%E3%83%BC%E3%83%89%2F9%E8%A9%B1_%E6%87%90%E3%81%8B%E3%81%97%E3%81%84%E3%81%AC%E3%81%8F%E3%82%82%E3%82%8A HTTP/2.0" 200 53779 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])" 216.73.216.206 - - [14/Jun/2026:07:28:52 +0800] "GET /index.php?diff=prev&oldid=5631&title=%E9%BB%92%E6%BE%A4%E3%83%80%E3%82%A4%E3%83%A4%2F%E3%82%A8%E3%83%94%E3%82%BD%E3%83%BC%E3%83%89%2F9%E8%A9%B1_%E6%87%90%E3% ... show less	Port Scan
🇺🇸 TNZ	2026-06-13 23:20:18 (11 hours ago)	Automated honeypot: bot_detected:no_accept_language \| Path: /sitemap.xml \| ISP: AS16509 Amazon.com, ... show more Automated honeypot: bot_detected:no_accept_language \| Path: /sitemap.xml \| ISP: AS16509 Amazon.com, Inc. \| ASN: AS16509 Amazon.com, Inc. [HOSTING] \| Abuse score: 55 \| Open ports: [] \| UA: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Claude-SearchBot/ show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 02:46:41 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 216.73.216.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 216.73.216.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 22:46:35.612014 2026] [security2:error] [pid 26813:tid 26813] [client 216.73.216.206:29913] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.chrisdenem.com\|F\|2"] [data ".grille31.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.chrisdenem.com"] [uri "/www.grille31.com"] [unique_id "aiohiyq380r7F094dlnKRgAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nyt	2026-06-10 11:23:47 (3 days ago)	404 error on unknown path, 404 flood (16/60s)	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 05:17:32 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 216.73.216.206 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 216.73.216.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 01:17:28.238195 2026] [security2:error] [pid 9719:tid 9719] [client 216.73.216.206:50470] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.hazardrecords.org\|F\|2"] [data "[email protected]"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.hazardrecords.org"] [uri "/artists/[email protected]"] [unique_id "aijzaOiaUnj2aE1fzSSzkQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-09 07:06:18 (5 days ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇪🇸 librebit	2026-06-09 01:57:48 (5 days ago)	Brute force	Brute-Force
🇫🇷 Sklurk	2026-06-08 17:45:24 (5 days ago)	Web App Attack	Web App Attack
🇩🇪 maxpower	2026-06-07 23:55:36 (6 days ago)	(junkbot) REGOLA 8 - Junk Bot Blocked 216.73.216.206 (US/United States/-): 1 in the last 3600 secs; ... show more (junkbot) REGOLA 8 - Junk Bot Blocked 216.73.216.206 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 216.73.216.206 - - [08/Jun/2026:01:55:29 +0200] "GET /sitemap.xml HTTP/2.0" 404 201 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])" "216.73.216.206" host=archivio.liverpoolitalia.it show less	Port Scan
🇪🇸 librebit	2026-06-07 03:57:14 (1 week ago)	Brute force	Brute-Force
🇵🇱 sefinek.net	2026-06-05 17:23:06 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action: BLOCK \| Protocol: HTTP/2 (GET) \| Endpoint ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action: BLOCK \| Protocol: HTTP/2 (GET) \| Endpoint: / \| UA: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected]) • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇬🇧 Mendip_Defender	2026-06-05 16:52:37 (1 week ago)	216.73.216.206 - - [05/Jun/2026:17:52:32 +0100] "GET /robots.txt HTTP/1.1" 301 4072 "-" "Mozilla/5.0 ... show more 216.73.216.206 - - [05/Jun/2026:17:52:32 +0100] "GET /robots.txt HTTP/1.1" 301 4072 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])" ... show less	Bad Web Bot
🇺🇸 TheJimmo	2026-06-05 02:37:40 (1 week ago)	216.73.216.206 216.73.216.206 - - [05/Jun/2026:02:25:35 +0000] "GET /2012/08/15/dissecting-the-safet ... show more 216.73.216.206 216.73.216.206 - - [05/Jun/2026:02:25:35 +0000] "GET /2012/08/15/dissecting-the-safety-cage-that-saved-jeremy-foleys-life-at-pik/ HTTP/1.1" 404 13476 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])" 216.73.216.206 216.73.216.206 - - [05/Jun/2026:02:37:36 +0000] "GET /uploads/monthly_2022_05/IMG_9444.thumb.JPG.5fef6f30ecf66e6ea0583631b19e4281.JPG HTTP/1.1" 404 13494 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])" 216.73.216.206 216.73.216.206 - - [05/Jun/2026:02:37:37 +0000] "GET /uploads/monthly_2022_06/IMG_9378.thumb.JPG.8b1809f6402a07f7c0b633c3f454eef4.JPG HTTP/1.1" 404 13494 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])" 216.73.216.206 216.73.216.206 - - [05/Jun/2026:02:37:37 +0000] "GET /uploads/monthly_2022_05/IMG_9471.thumb.JPG.d06e85b64a9d91ba678d8e3bfb70bffc.JPG HTTP/1.1" 404 1349 ... show less	Bad Web Bot Web App Attack
🇫🇷 guizmo34	2026-04-18 10:05:00 (1 month ago)	80/443 brute-force	Port Scan Brute-Force

Showing 1 to 15 of 143 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 192.64.61.188

🇲🇽 187.230.115.212

🇫🇮 178.20.210.208

🇳🇱 45.148.10.147

🇨🇳 43.226.39.182

🇺🇬 41.220.3.101

🇨🇦 20.151.201.255

🇩🇪 193.124.20.244

🇵🇭 180.191.204.236

🇧🇬 79.124.49.226

🇺🇸 74.82.47.2

🇻🇳 45.122.242.218

🇬🇧 35.203.211.33

🇦🇪 5.192.140.211

🇬🇧 216.226.76.30

🇷🇺 185.40.30.168

🇺🇸 162.216.150.173

🇺🇸 154.83.197.148

🇺🇸 107.152.44.215

🇨🇳 101.96.220.237