JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.61.41.54

194.61.41.54 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 30%: ?

30%

ISP	VPN Consumer Manila, Philippines
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.61.41.54

Whois 194.61.41.54

IP Abuse Reports for 194.61.41.54:

This IP address has been reported a total of 48 times from 29 distinct sources. 194.61.41.54 was first reported on April 12th 2023, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 2000cn.com.au	2026-06-11 15:28:03 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-admin-interface-probing	Web App Attack Hacking
🇫🇷 Octopuce	2026-06-11 14:38:20 (2 days ago)	Aggressive web search of vulnerable pages: /bless.php /O-Simple.php /lock360.php /zwso.php /chosen.p ... show more Aggressive web search of vulnerable pages: /bless.php /O-Simple.php /lock360.php /zwso.php /chosen.php /about.php /admin.php /mah.php /.wp/wso. ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 07:28:49 (2 days ago)	(mod_security) mod_security (id:240000) triggered by 194.61.41.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 194.61.41.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 03:28:43.181360 2026] [security2:error] [pid 29789:tid 29789] [client 194.61.41.54:56853] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|www.independentmusicconference.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "www.independentmusicconference.com"] [uri "/images/stories/themes.php"] [unique_id "aipjq3p_S3joiSxm9t79FAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 threatintelligence_bvc	2026-05-18 08:04:57 (3 weeks ago)		Brute-Force
🇺🇸 Wonderland	2026-05-07 13:12:15 (1 month ago)	May 7 06:12:15 jabberwocky dovecot: imap-login: Disconnected (auth failed, 1 attempts in 12 secs): ... show more May 7 06:12:15 jabberwocky dovecot: imap-login: Disconnected (auth failed, 1 attempts in 12 secs): user=<lastfm>, method=PLAIN, rip=194.61.41.54, lip=192.168.42.15, TLS: Connection closed, session=<ePbABjpRECLCPSk2> ... show less	Brute-Force
🇫🇷 dynamix	2026-03-16 06:33:22 (2 months ago)	Multiple WAF Violations	Web App Attack
🇺🇦 URAN Publishing Service	2026-03-03 00:17:48 (3 months ago)	194.61.41.54 - - [03/Mar/2026:02:17:48 +0200] "GET /wp-includes/css/dist/ HTTP/1.1" 404 276 "-" "Moz ... show more 194.61.41.54 - - [03/Mar/2026:02:17:48 +0200] "GET /wp-includes/css/dist/ HTTP/1.1" 404 276 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" ... show less	Web App Attack
🇫🇷 dynamix	2026-03-02 18:12:15 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇦 URAN Publishing Service	2026-03-02 14:36:05 (3 months ago)	194.61.41.54 - - [02/Mar/2026:16:36:04 +0200] "GET /wp-content/plugins/core-plugin/include.php HTTP/ ... show more 194.61.41.54 - - [02/Mar/2026:16:36:04 +0200] "GET /wp-content/plugins/core-plugin/include.php HTTP/1.1" 404 275 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 194.61.41.54 - - [02/Mar/2026:16:36:04 +0200] "GET /wp-content/plugins/envato-css.php HTTP/1.1" 404 275 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" ... show less	Web App Attack
🇳🇱 Site.eu	2026-03-02 07:03:59 (3 months ago)	Excessive 404/403 errors	Brute-Force
🇫🇷 dynamix	2026-03-01 14:41:55 (3 months ago)	Multiple WAF Violations	Web App Attack
🇫🇷 Octopuce	2026-02-24 22:25:36 (3 months ago)	Aggressive web search of vulnerable pages: /wp-content/index.php /filemanager.php /cgi-bin/bypass.ph ... show more Aggressive web search of vulnerable pages: /wp-content/index.php /filemanager.php /cgi-bin/bypass.php /.well-known/pki-validation/admin.php /wp ... show less	Web App Attack
🇫🇷 dynamix	2026-02-24 14:37:34 (3 months ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-02-24 07:06:37 (3 months ago)	[redacted] 194.61.41.54 - - [24/Feb/2026:08:06:30 +0100] "GET /admin/controller/extension/extension/ ... show more [redacted] 194.61.41.54 - - [24/Feb/2026:08:06:30 +0100] "GET /admin/controller/extension/extension/ HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" [redacted] 194.61.41.54 - - [24/Feb/2026:08:06:30 +0100] "GET /admin/editor/ HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" [redacted] 194.61.41.54 - - [24/Feb/2026:08:06:31 +0100] "GET /admin/images/slider/ HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" [redacted] 194.61.41.54 - - [24/Feb/2026:08:06:31 +0100] "GET /admin/tmp/ HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" [redacted] 194.61.41.54 - - [24/Feb/2026:08:06:31 +0100] "GET /admin/uploads/ HTTP/1.1" 404 236 "-" "Mozilla/ ... show less	Hacking Web App Attack
🇳🇿 Antinson	2026-02-12 03:19:24 (4 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 119.192.210.110

🇸🇬 114.119.148.37

🇧🇷 45.229.91.34

🇩🇪 217.154.253.251

🇭🇰 194.187.178.218

🇭🇰 194.187.178.205

🇩🇪 194.88.98.118

🇧🇷 187.87.247.94

🇺🇸 172.252.13.90

🇵🇰 154.80.13.228

🇨🇳 115.151.72.155

🇨🇳 113.31.115.157

🇺🇸 66.132.172.109

🇨🇳 58.242.190.39

🇧🇷 20.206.89.121

🇺🇸 206.223.228.197

🇭🇰 194.187.178.204

🇵🇦 190.218.233.234

🇦🇴 154.118.218.203

🇸🇬 129.226.221.96