JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 41.185.64.163

41.185.64.163 was found in our database!

This IP was reported 238 times. Confidence of Abuse is 31%: ?

31%

ISP	1 GRID (PTY) LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36943
Hostname(s)	syf05-cvps01.hostserv.co.za
Domain Name	1-grid.com
Country	🇿🇦 South Africa
City	Cape Town, Western Cape

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 41.185.64.163

Whois 41.185.64.163

IP Abuse Reports for 41.185.64.163:

This IP address has been reported a total of 238 times from 84 distinct sources. 41.185.64.163 was first reported on January 23rd 2025, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 18:46:53 (13 hours ago)	(mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 ... show more (mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 14:46:45.552616 2026] [security2:error] [pid 13378:tid 13378] [client 41.185.64.163:34942] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|dianamead.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dianamead.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aixUFacTzdvYXHftiZ2YDgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 18:23:37 (13 hours ago)	(mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 ... show more (mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 14:23:31.743459 2026] [security2:error] [pid 31267:tid 31267] [client 41.185.64.163:34802] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|arkqp.kreweofhyatt.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "arkqp.kreweofhyatt.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aixOo10vsDswoEBpraF-IQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 17:21:25 (14 hours ago)	(mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 ... show more (mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 13:21:21.068819 2026] [security2:error] [pid 24564:tid 24564] [client 41.185.64.163:34118] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ultratecnologia.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ultratecnologia.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aixAEb6nkheDmDbhqw2xpAAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 16:59:16 (15 hours ago)	(mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 ... show more (mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 12:59:12.017366 2026] [security2:error] [pid 27579:tid 27579] [client 41.185.64.163:54754] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|pcga.golf\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pcga.golf"] [uri "/wp-json/wp/v2/users"] [unique_id "aiw64ODvDH5URxC7fKgO3wAAAAc"], referer: https://pcga.golf/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 16:34:06 (15 hours ago)	(mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 ... show more (mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 12:33:59.239345 2026] [security2:error] [pid 18190:tid 18190] [client 41.185.64.163:34006] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|solporpoise.com.herston.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "solporpoise.com.herston.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aiw0936jDKRSmP1COuGv7wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-12 16:13:07 (15 hours ago)	Try to access /sinterklaas/xmlrpc.php	Web App Attack
🇫🇷 ELYAZ	2026-06-12 15:57:22 (16 hours ago)	(y4) Failed scan -byebye- from 41.185.64.163 (syf05-cvps01.hostserv.co.za): (CF_ENABLE)	Hacking
🇺🇸 TPI-Abuse	2026-06-12 15:40:34 (16 hours ago)	(mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 ... show more (mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 11:40:30.000206 2026] [security2:error] [pid 8143:tid 8164] [client 41.185.64.163:38468] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|theyogicat.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "theyogicat.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiwobcII_MEWQi0s8hlZewAAANE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 14:52:50 (17 hours ago)	(mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 ... show more (mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 10:52:42.343084 2026] [security2:error] [pid 30737:tid 30737] [client 41.185.64.163:39398] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|geriterry.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "geriterry.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiwdOjQmUW_o0ZM9E3ZP7gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 14:21:56 (17 hours ago)	(mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 ... show more (mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 10:21:48.076377 2026] [security2:error] [pid 8761:tid 8761] [client 41.185.64.163:42876] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|michaelmoorefield.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "michaelmoorefield.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiwV_KCJI6fK34im3AVVRQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-12 14:07:22 (18 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 14:03:30 (18 hours ago)	(mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 ... show more (mod_security) mod_security (id:225170) triggered by 41.185.64.163 (syf05-cvps01.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 10:03:26.821023 2026] [security2:error] [pid 12565:tid 12667] [client 41.185.64.163:48400] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|vinylnotespodcast.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "vinylnotespodcast.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiwRrvgQ4ocQO604q9OqjwAAAYY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-25 09:00:27 (5 months ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2025-12-14 16:30:09 (5 months ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2025-12-09 08:00:17 (6 months ago)	Failed Wordpress Logins	Web App Attack

Showing 1 to 15 of 238 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇿 213.230.127.104

🇳🇱 195.178.110.30

🇧🇷 191.5.205.64

🇺🇸 162.216.149.124

🇧🇩 103.225.218.12

🇺🇸 69.116.94.225

🇬🇧 35.178.181.236

🇺🇸 34.181.232.107

🇺🇸 34.162.42.2

🇨🇭 34.65.83.127

🇺🇸 34.48.148.50

🇳🇱 34.12.101.116

🇯🇵 15.152.111.216

🇸🇪 13.60.211.127

🇸🇪 185.246.130.20

🇫🇷 185.188.249.30

🇺🇸 159.65.216.50

🇸🇪 155.4.244.179

🇷🇴 80.94.92.165

🇨🇦 66.212.187.214