JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 217.165.27.80

217.165.27.80 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 35%: ?

35%

ISP	Emirates Telecommunications Corporation
Usage Type	Fixed Line ISP
ASN	AS5384
Hostname(s)	bba-217-165-27-80.alshamil.net.ae
Domain Name	etisalat.ae
Country	🇦🇪 United Arab Emirates
City	Sharjah, Sharjah

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 217.165.27.80

Whois 217.165.27.80

IP Abuse Reports for 217.165.27.80:

This IP address has been reported a total of 13 times from 8 distinct sources. 217.165.27.80 was first reported on July 30th 2024, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-04 04:45:49 (4 hours ago)	(mod_security) mod_security (id:240335) triggered by 217.165.27.80 (bba-217-165-27-80.alshamil.net.a ... show more (mod_security) mod_security (id:240335) triggered by 217.165.27.80 (bba-217-165-27-80.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 00:45:37.335751 2026] [security2:error] [pid 22572:tid 22572] [client 217.165.27.80:52660] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 217.165.27.80 (+1 hits since last alert)\|stop902.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stop902.org"] [uri "/xmlrpc.php"] [unique_id "aiEC8TQIr3094A-ybHAhogAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 02:01:36 (7 hours ago)	(mod_security) mod_security (id:240335) triggered by 217.165.27.80 (bba-217-165-27-80.alshamil.net.a ... show more (mod_security) mod_security (id:240335) triggered by 217.165.27.80 (bba-217-165-27-80.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 22:01:28.126589 2026] [security2:error] [pid 2802:tid 2816] [client 217.165.27.80:64700] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 217.165.27.80 (+1 hits since last alert)\|supercyprus.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "supercyprus.com"] [uri "/xmlrpc.php"] [unique_id "aiDceGLPyuwUlXNYS0IDGwAAAIo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 01:31:18 (8 hours ago)	(mod_security) mod_security (id:240335) triggered by 217.165.27.80 (bba-217-165-27-80.alshamil.net.a ... show more (mod_security) mod_security (id:240335) triggered by 217.165.27.80 (bba-217-165-27-80.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 21:31:14.530075 2026] [security2:error] [pid 26925:tid 26925] [client 217.165.27.80:55364] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 217.165.27.80 (+1 hits since last alert)\|peacecampus.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "peacecampus.org"] [uri "/xmlrpc.php"] [unique_id "aiDVYoNPrz4cgioaBErUKgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Marc	2026-06-04 00:23:48 (9 hours ago)	217.165.27.80 - - [04/Jun/2026:02:23:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3461 "-" "Jetpack by ... show more 217.165.27.80 - - [04/Jun/2026:02:23:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3461 "-" "Jetpack by WordPress.com" 217.165.27.80 - - [04/Jun/2026:02:23:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3463 "-" "WordPress.com; https://wordpress.com" 217.165.27.80 - - [04/Jun/2026:02:23:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3461 "-" "WordPress.com; https://wordpress.com" show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 23:53:39 (9 hours ago)	(mod_security) mod_security (id:240335) triggered by 217.165.27.80 (bba-217-165-27-80.alshamil.net.a ... show more (mod_security) mod_security (id:240335) triggered by 217.165.27.80 (bba-217-165-27-80.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 19:53:31.048619 2026] [security2:error] [pid 645:tid 645] [client 217.165.27.80:55339] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 217.165.27.80 (+1 hits since last alert)\|tracytappan.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tracytappan.net"] [uri "/xmlrpc.php"] [unique_id "aiC-e6o4UcdmidhRgWgKugAAAC0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-03 19:39:55 (14 hours ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 18:42:25 (15 hours ago)	(mod_security) mod_security (id:240335) triggered by 217.165.27.80 (bba-217-165-27-80.alshamil.net.a ... show more (mod_security) mod_security (id:240335) triggered by 217.165.27.80 (bba-217-165-27-80.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 14:42:19.276306 2026] [security2:error] [pid 31494:tid 31494] [client 217.165.27.80:42019] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 217.165.27.80 (+1 hits since last alert)\|qed-consulting.co\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "qed-consulting.co"] [uri "/xmlrpc.php"] [unique_id "aiB1i1mTtyabt0K9vqh4DAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 17:39:20 (16 hours ago)	(mod_security) mod_security (id:240335) triggered by 217.165.27.80 (bba-217-165-27-80.alshamil.net.a ... show more (mod_security) mod_security (id:240335) triggered by 217.165.27.80 (bba-217-165-27-80.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 13:39:16.602412 2026] [security2:error] [pid 29587:tid 29587] [client 217.165.27.80:13054] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 217.165.27.80 (+1 hits since last alert)\|the-it-man.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "the-it-man.com"] [uri "/xmlrpc.php"] [unique_id "aiBmxP6MBCTqVqJauRLv5gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-06-03 14:34:31 (19 hours ago)	(wordpress) Failed wordpress login from 217.165.27.80 (AE/United Arab Emirates/Dubai/Dubai/bba-217-1 ... show more (wordpress) Failed wordpress login from 217.165.27.80 (AE/United Arab Emirates/Dubai/Dubai/bba-217-165-27-80.alshamil.net.ae) show less	Brute-Force
Anonymous	2026-06-03 12:52:13 (20 hours ago)	Attac	Brute-Force
🇫🇷 oonux.net	2024-08-15 22:56:36 (1 year ago)	RouterOS: Scanning detected TCP 217.165.27.80:27425 > x.x.x.x:445	Port Scan
🇬🇧 paradox-hub.fr	2024-08-06 23:07:55 (1 year ago)	1722985674 - 08/06/2024 23:07:54 Host: 217.165.27.80/217.165.27.80 Port: 445 TCP Blocked ...	Port Scan
🇺🇸 Block_Steady_Crew	2024-07-30 23:45:29 (1 year ago)	Honeypot snared from 217.165.27.80	Port Scan Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a13:9500:16b:cac9::1

🇪🇨 157.100.191.3

🇮🇩 103.181.143.131

🇮🇩 103.67.80.61

🇲🇽 98.97.179.177

🇮🇳 43.230.201.87

🇺🇸 3.228.171.127

🇰🇷 222.111.148.83

🇲🇻 209.212.205.50

🇨🇳 182.43.76.81

🇨🇳 115.190.181.18

🇨🇳 110.166.67.189

🇰🇷 101.36.114.222

🇫🇷 31.36.163.95

🇲🇽 186.96.145.241

🇧🇷 177.234.190.25

🇸🇳 154.124.219.74

🇩🇪 116.203.204.171

🇨🇳 115.190.162.240

🇧🇩 103.145.113.206