JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 41.203.18.12

41.203.18.12 was found in our database!

This IP was reported 53 times. Confidence of Abuse is 0%: ?

ISP	Xneelo (Pty) Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37153
Hostname(s)	www12.jnb2.host-h.net
Domain Name	xneelo.com
Country	🇿🇦 South Africa
City	Johannesburg, Gauteng

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 41.203.18.12

Whois 41.203.18.12

IP Abuse Reports for 41.203.18.12:

This IP address has been reported a total of 53 times from 23 distinct sources. 41.203.18.12 was first reported on December 8th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2025-02-21 00:13:58 (1 year ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
🇹🇷 rtbh.com.tr	2025-02-20 20:49:38 (1 year ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 octageeks.com	2025-02-20 05:06:05 (1 year ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇹🇷 rtbh.com.tr	2025-02-19 20:49:39 (1 year ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 TPI-Abuse	2025-02-19 02:40:29 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 41.203.18.12 (www12.jnb2.host-h.net): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 41.203.18.12 (www12.jnb2.host-h.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 18 21:40:23.509205 2025] [security2:error] [pid 17129:tid 17129] [client 41.203.18.12:41610] [client 41.203.18.12] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jolankagroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z7VEl7M9eMxqM2AtFUZqtAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 stinpriza	2025-02-19 02:33:28 (1 year ago)	WP Authentication attempt for unknown user	Brute-Force Web App Attack
🇩🇪 LRob.fr	2025-02-19 00:07:06 (1 year ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
🇺🇸 TPI-Abuse	2025-02-18 23:14:11 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 41.203.18.12 (www12.jnb2.host-h.net): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 41.203.18.12 (www12.jnb2.host-h.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 18 18:14:04.340463 2025] [security2:error] [pid 1122:tid 1122] [client 41.203.18.12:37094] [client 41.203.18.12] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|dwightbrown.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dwightbrown.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z7UUPHn1cmVPNGBwE8tTrQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-18 22:58:36 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 41.203.18.12 (www12.jnb2.host-h.net): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 41.203.18.12 (www12.jnb2.host-h.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 18 17:58:31.873059 2025] [security2:error] [pid 16314:tid 16314] [client 41.203.18.12:44922] [client 41.203.18.12] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|urbanreinventors.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "urbanreinventors.net"] [uri "/wp-json/wp/v2/users"] [unique_id "Z7UQl_NJBKoH45MsSid7sQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-18 20:57:04 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 41.203.18.12 (www12.jnb2.host-h.net): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 41.203.18.12 (www12.jnb2.host-h.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 18 15:57:00.442402 2025] [security2:error] [pid 25067:tid 25067] [client 41.203.18.12:52752] [client 41.203.18.12] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.cafelimelight.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.cafelimelight.info"] [uri "/wp-json/wp/v2/users"] [unique_id "Z7T0HO0-v4vMVtGwzwNO4AAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 weblite	2025-02-18 20:37:43 (1 year ago)	WP_AUTHOR_SCANNING WP_LOGIN_FAIL	Brute-Force Web App Attack
Anonymous	2025-02-18 04:57:53 (1 year ago)	Reported from Nginx log analysis 18. Log: 41.203.18.12 - - [18/Feb/2025:xx:xx:xx 0100] "POST /wp-lo ... show more Reported from Nginx log analysis 18. Log: 41.203.18.12 - - [18/Feb/2025:xx:xx:xx 0100] "POST /wp-login.php HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0" "-" "ZA South Africa -" "AS37153" "xneelo" show less	Port Scan Brute-Force SSH
🇳🇱 WeCloudit-Anti-Abuse	2025-02-17 23:30:11 (1 year ago)	1739834540 41.203.18.12 ZA 1 IM360 WAF: WordPress Bruteforce RBL block 2 ... show more 1739834540 41.203.18.12 ZA 1 IM360 WAF: WordPress Bruteforce RBL block 2 - alpha show less	Email Spam Brute-Force
🇺🇸 dtorrer	2025-02-17 22:16:08 (1 year ago)	Brute-force general attack.	Brute-Force
🇩🇪 SCHAPPY	2025-02-17 21:44:00 (1 year ago)	Wordpress attack: Submitted data to wp-login.php prior getting page content, attempt blocked. POST c ... show more Wordpress attack: Submitted data to wp-login.php prior getting page content, attempt blocked. POST counter 1 is greater than GET counter 0 for /wp-login.php by 41.203.18.12. show less	Web Spam

Showing 1 to 15 of 53 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 2607:f8b0:4023:1803::12d

🇰🇷 222.239.251.12

🇰🇷 121.1.120.182

🇺🇸 208.87.243.35

🇮🇳 159.65.148.158

🇻🇳 125.212.217.143

🇨🇳 124.71.37.81

🇨🇳 120.26.30.193

🇺🇸 52.73.169.169

🇺🇸 50.84.211.204

🇧🇪 198.235.24.181

🇮🇳 152.32.156.95

🇭🇰 112.118.82.193

🇺🇸 100.28.191.174

🇯🇵 8.216.17.135

🇺🇸 6.132.172.47

🇺🇸 205.210.31.46

🇳🇱 195.178.110.26

🇮🇱 185.246.255.183

🇧🇩 161.248.189.72