JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.173.80.12

216.173.80.12 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 0%: ?

ISP	FASTPLANET LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	fastplanet.com
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.173.80.12

Whois 216.173.80.12

IP Abuse Reports for 216.173.80.12:

This IP address has been reported a total of 7 times from 4 distinct sources. 216.173.80.12 was first reported on February 1st 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 HandyTreff.de	2026-02-21 17:41:35 (3 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -33.487 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -33.487 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Sa show less	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-01-27 04:23:23 (4 months ago)	(mod_security) mod_security (id:211190) triggered by 216.173.80.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211190) triggered by 216.173.80.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 23:23:18.646160 2026] [security2:error] [pid 8340:tid 8457] [client 216.173.80.12:32951] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /maint/modules/home/index.php?lang=english\|cat%20/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.com"] [uri "/maint/modules/home/index.php"] [unique_id "aXg9tpdz8F31Nrc2UVRFCAAAAo8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 11:09:06 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 216.173.80.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 216.173.80.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 06:09:00.798102 2025] [security2:error] [pid 6641:tid 6641] [client 216.173.80.12:34321] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/data.sql"] [unique_id "aRW8TGK9gydcypk7Jfk38gAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-26 23:13:56 (10 months ago)	(mod_security) mod_security (id:221260) triggered by 216.173.80.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:221260) triggered by 216.173.80.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 19:08:25.671967 2025] [security2:error] [pid 19347:tid 19372] [client 216.173.80.12:43065] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|whm.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.kettlehill.com"] [uri "/cgi-bin/stats"] [unique_id "aIVf6b-V5dLnzWTrDIooWwAAARc"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-22 21:07:26 (11 months ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-05-29 22:02:02 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 216.173.80.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.173.80.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 18:01:54.130561 2025] [security2:error] [pid 3601669:tid 3601669] [client 216.173.80.12:39975] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.farmers123.com"] [uri "/.env.local"] [unique_id "aDjZUqRAKzn5ErGI2hIOMgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-02-01 10:00:10 (1 year ago)	\| Shellshock attack attempt	Hacking SQL Injection Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 220.86.176.134

🇵🇱 194.180.49.220

🇺🇸 162.216.150.29

🇫🇮 147.185.133.226

🇫🇮 147.185.133.48

🇺🇸 147.185.132.79

🇪🇬 41.32.22.202

🇷🇴 2.57.122.238

🇺🇸 205.210.31.19

🇩🇪 194.88.98.122

🇮🇳 183.83.155.236

🇫🇮 178.20.210.138

🇳🇱 160.119.76.59

🇮🇳 122.160.85.144

🇮🇳 120.62.8.17

🇨🇳 116.1.179.117

🇨🇳 101.82.239.9

🇪🇸 88.20.33.175

🇱🇹 81.30.98.144

🇷🇺 77.41.156.64