JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 113.21.79.84

113.21.79.84 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 36%: ?

36%

ISP	WISH NET PRIVATE LIMITED
Usage Type	Fixed Line ISP
ASN	AS45775
Hostname(s)	ns0.wishnet.in
Domain Name	wnpl.co.in
Country	🇮🇳 India
City	Kolkata, West Bengal

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 113.21.79.84

Whois 113.21.79.84

IP Abuse Reports for 113.21.79.84:

This IP address has been reported a total of 6 times from 6 distinct sources. 113.21.79.84 was first reported on August 6th 2023, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TAY	2026-06-14 17:16:30 (2 days ago)	113.21.79.84 - - [15/Jun/2026:01:16:09 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4959 "-" "Jetpack by W ... show more 113.21.79.84 - - [15/Jun/2026:01:16:09 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4959 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.3)" 113.21.79.84 - - [15/Jun/2026:01:16:19 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4959 "-" "Jetpack by WordPress.com" 113.21.79.84 - - [15/Jun/2026:01:16:30 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4959 "-" "Jetpack by WordPress.com" ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-14 16:47:14 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 113.21.79.84 (ns0.wishnet.in): 1 in the last 30 ... show more (mod_security) mod_security (id:240335) triggered by 113.21.79.84 (ns0.wishnet.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 12:47:09.383998 2026] [security2:error] [pid 7837:tid 7837] [client 113.21.79.84:54327] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 113.21.79.84 (+1 hits since last alert)\|hodlmoser.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hodlmoser.com"] [uri "/xmlrpc.php"] [unique_id "ai7bDXsWpE6Z1Neh6nAwdwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-14 15:07:19 (2 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC IN/India/ns0.wishnet.in	Web App Attack
Anonymous	2026-06-14 13:42:10 (2 days ago)	Attac	Brute-Force
🇧🇪 cmbplf	2026-06-14 09:36:01 (2 days ago)	3.641 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇺🇦 URAN Publishing Service	2023-08-06 04:36:40 (2 years ago)	113.21.79.84 - - [06/Aug/2023:07:36:38 +0300] "GET /wp-login.php HTTP/1.1" 404 4849 "-" "Mozilla/5.0 ... show more 113.21.79.84 - - [06/Aug/2023:07:36:38 +0300] "GET /wp-login.php HTTP/1.1" 404 4849 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 113.21.79.84 - - [06/Aug/2023:07:36:39 +0300] "GET /xmlrpc.php HTTP/1.1" 404 366 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" ... show less	Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.109.252.235

🇰🇷 211.220.98.13

🇫🇮 178.20.210.151

🇺🇸 205.210.31.92

🇺🇸 192.178.119.149

🇨🇳 182.112.152.100

🇻🇳 125.212.244.35

🇮🇳 103.204.167.14

🇩🇪 103.153.157.28

🇺🇸 95.164.235.243

🇺🇸 91.242.125.107

🇨🇦 85.217.149.46

🇬🇷 85.73.18.11

🇩🇪 64.226.126.224

🇰🇷 54.180.119.215

🇹🇼 36.227.172.146

🇧🇴 200.105.172.184

🇩🇪 194.88.98.121

🇸🇦 130.94.59.134

🇩🇪 87.156.176.191