JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.61.41.63

194.61.41.63 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 22%: ?

22%

ISP	VPN Consumer Manila, Philippines
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.61.41.63

Whois 194.61.41.63

IP Abuse Reports for 194.61.41.63:

This IP address has been reported a total of 37 times from 21 distinct sources. 194.61.41.63 was first reported on April 15th 2023, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-20 07:32:51 (5 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 05:03:20 (1 day ago)	(mod_security) mod_security (id:240000) triggered by 194.61.41.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 194.61.41.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 01:03:12.103665 2026] [security2:error] [pid 1188:tid 1188] [client 194.61.41.63:0] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|mail.sportsbookcommission.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "mail.sportsbookcommission.com"] [uri "/images/stories/themes.php"] [unique_id "ajTNkH8kornVsP1JV2_otAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Octopuce	2026-06-11 04:15:42 (1 week ago)	Aggressive web search of vulnerable pages: /wp-admin/images/admin.php /wp-includes/theme-compat/abou ... show more Aggressive web search of vulnerable pages: /wp-admin/images/admin.php /wp-includes/theme-compat/about.php /about/function.php /wp-includes/Requ ... show less	Web App Attack
🇱🇻 garmtech.com	2026-03-24 19:48:15 (2 months ago)	IM360 WAF: Block access to the shell MV:/wp-admin/xleet.php	Hacking
🇺🇦 URAN Publishing Service	2026-03-03 00:15:17 (3 months ago)	194.61.41.63 - - [03/Mar/2026:02:15:16 +0200] "GET /wp-admin/network/network.php HTTP/1.1" 404 276 " ... show more 194.61.41.63 - - [03/Mar/2026:02:15:16 +0200] "GET /wp-admin/network/network.php HTTP/1.1" 404 276 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-03-02 14:35:39 (3 months ago)	194.61.41.63 - - [02/Mar/2026:16:35:38 +0200] "GET /wp-content/plugins/ubh/up.php HTTP/1.1" 404 275 ... show more 194.61.41.63 - - [02/Mar/2026:16:35:38 +0200] "GET /wp-content/plugins/ubh/up.php HTTP/1.1" 404 275 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 194.61.41.63 - - [02/Mar/2026:16:35:38 +0200] "GET /wp-admin/images/bootstrap.php HTTP/1.1" 404 275 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" ... show less	Web App Attack
🇳🇿 Antinson	2026-03-02 10:41:22 (3 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇫🇷 dynamix	2026-03-01 14:40:45 (3 months ago)	Multiple WAF Violations	Web App Attack
🇫🇷 dynamix	2026-02-24 14:40:18 (3 months ago)	Multiple WAF Violations	Web App Attack
🇳🇿 Antinson	2026-02-12 03:19:24 (4 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇧🇪 cmbplf	2026-02-11 08:30:56 (4 months ago)	286 requests with url.path /.well-known/acme-challenge/.php	Brute-Force Bad Web Bot
🇦🇺 aranguren.org	2026-02-11 07:21:41 (4 months ago)	194.61.41.63 - - [11/Feb/2026:18:21:38 +1100] "GET /as.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Window ... show more 194.61.41.63 - - [11/Feb/2026:18:21:38 +1100] "GET /as.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" 194.61.41.63 - - [11/Feb/2026:18:21:38 +1100] "GET /shell.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 194.61.41.63 - - [11/Feb/2026:18:21:38 +1100] "GET /ws.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 194.61.41.63 - - [11/Feb/2026:18:21:39 +1100] "GET /makeasmtp.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 194.61.41.63 - - [11/Feb/2026:18:21:39 +1100] "GET /wp-sigunq.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 194.61.41.63 - - [11/Feb/2026:18:21:39 +1100] "GET /wso112233.php HTTP/ ... show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-10 21:45:47 (4 months ago)	(mod_security) mod_security (id:240000) triggered by 194.61.41.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 194.61.41.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 16:45:44.154685 2026] [security2:error] [pid 1528682:tid 1528682] [client 194.61.41.63:36913] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|jodstar.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "jodstar.com"] [uri "/images/stories/themes.php"] [unique_id "aYunCFO3wsIIIB6OfdA1-QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-06 17:05:35 (4 months ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (15/60 min)'; Requests=15	Port Scan
🇳🇿 Antinson	2026-02-06 01:32:20 (4 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 186.139.179.228

🇺🇸 66.132.224.26

🇿🇦 196.41.207.112

🇻🇳 180.93.172.213

🇨🇳 111.57.17.167

🇺🇸 93.152.208.38

🇳🇱 91.92.40.8

🇭🇰 58.152.42.174

🇧🇷 45.187.108.43

🇸🇬 45.78.198.199

🇺🇸 40.77.179.175

🇬🇧 35.203.211.142

🇻🇪 201.238.0.128

🇧🇷 181.218.9.86

🇷🇺 178.176.82.59

🇺🇸 162.216.149.160

🇺🇸 157.55.39.204

🇺🇸 142.111.152.171

🇨🇳 120.246.123.50

🇩🇪 45.135.141.12