JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 180.211.113.2

180.211.113.2 was found in our database!

This IP was reported 68 times. Confidence of Abuse is 76%: ?

76%

ISP	Blazenet Pvt Ltd
Usage Type	Fixed Line ISP
ASN	AS17625
Domain Name	blazenet.biz
Country	🇮🇳 India
City	Gandhinagar, Gujarat

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 180.211.113.2

Whois 180.211.113.2

IP Abuse Reports for 180.211.113.2:

This IP address has been reported a total of 68 times from 30 distinct sources. 180.211.113.2 was first reported on March 31st 2026, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-19 12:26:22 (13 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 integrantservices.com	2026-06-19 11:59:44 (14 hours ago)	(wordpress) Failed wordpress login from 180.211.113.2 (IN/India/-)	Brute-Force
🇳🇱 Site.eu	2026-06-19 07:29:57 (18 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-19 04:48:20 (21 hours ago)	(mod_security) mod_security (id:240335) triggered by 180.211.113.2 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 180.211.113.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 00:48:12.953257 2026] [security2:error] [pid 21633:tid 21633] [client 180.211.113.2:47523] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.211.113.2 (+1 hits since last alert)\|batfry.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "batfry.com"] [uri "/xmlrpc.php"] [unique_id "ajTKDLu2ib2Rn2hkhSBhUgAAADU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-18 10:05:26 (1 day ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (86/60 min)'; Requests=86	Port Scan
🇩🇪 ger-stg-sifi1	2026-06-18 09:04:46 (1 day ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
Anonymous	2026-06-17 09:39:35 (2 days ago)	(wordpress) Failed wordpress login from 180.211.113.2 (IN/India/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-17 08:40:25 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 180.211.113.2 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 180.211.113.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 04:40:19.133424 2026] [security2:error] [pid 26070:tid 26070] [client 180.211.113.2:16952] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.211.113.2 (+1 hits since last alert)\|desdier.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "desdier.com"] [uri "/xmlrpc.php"] [unique_id "ajJdc59mYz1gOFhBk5j6_wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-17 08:37:12 (2 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇫🇷 dynamix	2026-06-17 06:21:23 (2 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇩🇪 akasolutions.de	2026-06-17 05:50:46 (2 days ago)	(wordpress) Failed wordpress login from 180.211.113.2 (IN/India/-)	Brute-Force
🇩🇪 dbmwebdesign	2026-06-17 05:20:31 (2 days ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
Anonymous	2026-06-15 13:16:30 (4 days ago)	(wordpress) Failed wordpress login from 180.211.113.2 (IN/India/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-15 12:37:29 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 180.211.113.2 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 180.211.113.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 08:37:23.332969 2026] [security2:error] [pid 25582:tid 25582] [client 180.211.113.2:65532] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.211.113.2 (+1 hits since last alert)\|nextstepplus.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nextstepplus.net"] [uri "/xmlrpc.php"] [unique_id "ai_yA-BvtUZcsZAaNWWg5wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 11:05:53 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 180.211.113.2 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 180.211.113.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 07:05:48.158569 2026] [security2:error] [pid 9108:tid 9108] [client 180.211.113.2:26202] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 180.211.113.2 (+1 hits since last alert)\|tenmenband.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tenmenband.com"] [uri "/xmlrpc.php"] [unique_id "ai_cjLwOA_Yo4lcPZSkdSwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 68 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇹 185.197.8.143

🇨🇳 124.64.23.23

🇮🇩 112.215.238.23

🇳🇱 91.92.40.204

🇧🇬 84.252.66.79

🇩🇪 37.120.184.37

🇯🇵 8.216.12.108

🇺🇸 2607:fb92:2d85:abd4:6d1c:74f6:5e60:96d5

🇬🇧 217.146.80.108

🇺🇸 216.250.113.140

🇩🇪 213.209.159.56

🇧🇴 200.90.145.188

🇭🇰 199.45.154.181

🇳🇦 197.234.86.166

🇵🇱 194.180.49.217

🇦🇿 185.32.44.117

🇧🇷 181.191.168.176

🇩🇪 178.63.100.80

🇧🇷 177.75.108.200

🇳🇱 176.65.149.194