JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.61.41.44

194.61.41.44 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 30%: ?

30%

ISP	VPN Consumer Manila, Philippines
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.61.41.44

Whois 194.61.41.44

IP Abuse Reports for 194.61.41.44:

This IP address has been reported a total of 55 times from 32 distinct sources. 194.61.41.44 was first reported on February 1st 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 URAN Publishing Service	2026-06-08 07:44:31 (1 week ago)	194.61.41.44 - - [08/Jun/2026:10:44:30 +0300] "GET /wp-includes/js/jquery/jquery.php HTTP/1.1" 404 7 ... show more 194.61.41.44 - - [08/Jun/2026:10:44:30 +0300] "GET /wp-includes/js/jquery/jquery.php HTTP/1.1" 404 707 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 194.61.41.44 - - [08/Jun/2026:10:44:30 +0300] "GET /wp-includes/block-supports/autoload_classmap.php HTTP/1.1" 404 707 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" ... show less	Web App Attack
🇭🇺 DumaNet	2026-06-07 22:54:00 (1 week ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 07. 21:44:18 Source IP: 194.61 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 07. 21:44:18 Source IP: 194.61.41.44 Portion of the log(s): 194.61.41.44 - [07/Jun/2026:21:44:17 +0200] "GET /goods.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36" 194.61.41.44 - [07/Jun/2026:21:44:16 +0200] "GET /mini.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 194.61.41.44 - [07/Jun/2026:21:44:16 +0200] "GET /inputs.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" 194.61.41.44 - [07/Jun/2026:21:44:16 +0200] "GET /robots.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 194.61.41.44 - [07/Jun/2026:21:44:15 +0200] "GET /core.php HTTP/1.1" 404 153 "-" "Mo show less	Web App Attack
🇧🇪 taivas.nl	2026-06-07 17:02:10 (2 weeks ago)	Site scraper	Web App Attack
🇫🇷 Octopuce	2026-06-05 22:19:05 (2 weeks ago)	Aggressive web search of vulnerable pages: /wp-content/themes/twentytwentytwo/waf_defender.php /wp-a ... show more Aggressive web search of vulnerable pages: /wp-content/themes/twentytwentytwo/waf_defender.php /wp-admin/css/colors/coffee/index.php /Simple.ph ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 16:07:18 (2 weeks ago)	(mod_security) mod_security (id:240000) triggered by 194.61.41.44 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 194.61.41.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 12:07:15.206781 2026] [security2:error] [pid 17798:tid 17798] [client 194.61.41.44:35843] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|thereddoorlounge.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "thereddoorlounge.com"] [uri "/images/stories/themes.php"] [unique_id "aiBRM7r1Ux1B_-dDlk9HYwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-05-05 10:47:29 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 Site.eu	2026-04-11 08:00:48 (2 months ago)	Excessive 404/403 errors	Brute-Force
🇳🇱 ConsulHosting	2026-04-10 12:44:18 (2 months ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇳🇿 Antinson	2026-04-10 01:46:47 (2 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-09 21:56:02 (2 months ago)	(mod_security) mod_security (id:240000) triggered by 194.61.41.44 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 194.61.41.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 17:55:53.912909 2026] [security2:error] [pid 1246915:tid 1246915] [client 194.61.41.44:42947] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|vzan.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "vzan.org"] [uri "/images/stories/themes.php"] [unique_id "adggabsyJ-uxTXGHOSwRGQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 filstal.org	2026-04-09 17:59:36 (2 months ago)	Security scan or malicious bot activity detected by Fail2Ban	Bad Web Bot Web App Attack
🇹🇷 rtbh.com.tr	2026-03-04 20:11:53 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 TPI-Abuse	2026-03-03 22:17:32 (3 months ago)	(mod_security) mod_security (id:240000) triggered by 194.61.41.44 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 194.61.41.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 03 17:17:28.071126 2026] [security2:error] [pid 26156:tid 26156] [client 194.61.41.44:33915] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|wendeenicole.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "wendeenicole.com"] [uri "/images/stories/themes.php"] [unique_id "aadd-BUe1d8S-QWHuQhw0wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-03-03 12:20:35 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇷🇺 sms.ru	2026-02-23 14:11:24 (3 months ago)	/wp-admin/theme-editor.php	Web App Attack

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 209.38.120.71

🇳🇱 195.178.110.2

🇺🇸 172.172.180.124

🇸🇨 45.194.67.146

🇳🇱 45.148.10.141

🇸🇬 43.133.61.254

🇺🇸 8.228.95.32

🇰🇷 222.108.100.117

🇭🇰 150.109.119.38

🇸🇬 150.109.12.46

🇺🇸 104.28.213.40

🇬🇧 87.106.65.126

🇩🇪 69.5.169.200

🇳🇱 193.176.31.149

🇭🇷 185.203.18.54

🇨🇳 183.197.75.208

🇺🇸 150.107.38.40

🇺🇸 150.107.36.236

🇮🇳 122.176.122.24

🇨🇦 91.90.120.24