JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.234.21.73

1.234.21.73 was found in our database!

This IP was reported 401 times. Confidence of Abuse is 99%: ?

99%

ISP	SK Broadband Co Ltd
Usage Type	Fixed Line ISP
ASN	AS9318
Domain Name	skbroadband.com
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.234.21.73

Whois 1.234.21.73

IP Abuse Reports for 1.234.21.73:

This IP address has been reported a total of 401 times from 139 distinct sources. 1.234.21.73 was first reported on December 21st 2021, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 _ArminS_	2026-06-07 11:58:32 (4 days ago)	WEB-Scan 50349:80 detected 2026.06.07 13:58:32 blocked until 2026.07.27 07:01:19	Port Scan
🇩🇪 dsp	2026-06-07 11:17:52 (4 days ago)	Firewall (ufw): port scanning on [80]	Port Scan
🇹🇭 Sawasdee	2026-06-07 00:03:07 (4 days ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-06 14:47:28 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 1.234.21.73 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 1.234.21.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 10:47:22.275308 2026] [security2:error] [pid 7822:tid 7929] [client 1.234.21.73:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raytbrown.com"] [uri "/.env"] [unique_id "aiQy-mfVqHmk3xxpyzXhUwAAAEc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 Tripwire	2026-06-06 12:59:47 (5 days ago)	Scanning for exploits - /.env	Web App Attack
🇺🇸 nationaleventpros.com	2026-06-06 11:30:15 (5 days ago)	vulnerability scan	Web App Attack
🇨🇭 lufi	2026-06-06 11:05:57 (5 days ago)	2026-06-06T13:05:57+02:00 lufischer04 ids442 2026-06-06 13:05:57 1.234.21.73: blacklistedPath: /.env ... show more 2026-06-06T13:05:57+02:00 lufischer04 ids442 2026-06-06 13:05:57 1.234.21.73: blacklistedPath: /.env ... show less	Web Spam Brute-Force Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 07:58:25 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 1.234.21.73 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 1.234.21.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 03:58:17.775465 2026] [security2:error] [pid 19697:tid 19697] [client 1.234.21.73:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antitribu.com"] [uri "/.env"] [unique_id "aiPTGcoHy6ivPi3sOR1hjQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ambor	2026-06-06 07:04:36 (5 days ago)	Attack type: honeypot_lure \| Target: /.env \| UA: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NR ... show more Attack type: honeypot_lure \| Target: /.env \| UA: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NR \| Country: KR show less	Hacking
🇺🇸 TPI-Abuse	2026-06-06 05:27:24 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 1.234.21.73 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 1.234.21.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 01:27:19.541932 2026] [security2:error] [pid 20623:tid 20623] [client 1.234.21.73:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ralphrichardson.com"] [uri "/.env"] [unique_id "aiOvtwTJhkMyKnc2pnm3bgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 05:10:40 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 1.234.21.73 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 1.234.21.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 01:10:34.486167 2026] [security2:error] [pid 25624:tid 25624] [client 1.234.21.73:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.kidswithcamerasmovie.com"] [uri "/.env"] [unique_id "aiOrynjj4kU5qeGo2Yp6MwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 conseilgouz	2026-06-06 03:05:49 (5 days ago)	ave-17 : Block hidden directories=>/.env(/)	Hacking
🇬🇧 consul.to	2026-06-06 02:45:04 (5 days ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 02:41:34 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 1.234.21.73 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 1.234.21.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 22:41:26.521211 2026] [security2:error] [pid 32699:tid 32699] [client 1.234.21.73:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pixacast.com"] [uri "/.env"] [unique_id "aiOI1jOgZjofzB1Idq_flwAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 interbiznw.com	2026-06-06 00:52:06 (5 days ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 401 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.8

🇬🇧 185.247.137.144

🇬🇧 185.247.137.142

🇺🇸 172.182.195.129

🇺🇸 162.0.237.182

🇨🇳 117.139.123.153

🇺🇸 107.170.40.174

🇩🇪 69.5.169.204

🇳🇱 64.89.162.78

🇺🇸 2607:f8b0:4001:c5f::125

🇰🇪 197.248.8.33

192.168.18.188

🇬🇧 185.247.137.134

🇬🇧 185.247.137.133

🇬🇧 185.247.137.14

🇫🇷 83.171.226.124

🇺🇸 76.132.238.43

🇩🇪 64.89.163.83

🇬🇧 35.203.210.35

🇧🇪 34.22.144.205