JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.61.41.77

194.61.41.77 was found in our database!

This IP was reported 54 times. Confidence of Abuse is 36%: ?

36%

ISP	VPN Consumer Manila, Philippines
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.61.41.77

Whois 194.61.41.77

IP Abuse Reports for 194.61.41.77:

This IP address has been reported a total of 54 times from 36 distinct sources. 194.61.41.77 was first reported on April 12th 2023, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-21 14:51:46 (20 hours ago)	Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-197)	Hacking
🇺🇸 TPI-Abuse	2026-06-21 10:01:36 (1 day ago)	(mod_security) mod_security (id:240000) triggered by 194.61.41.77 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 194.61.41.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 06:01:32.293910 2026] [security2:error] [pid 902:tid 902] [client 194.61.41.77:38629] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|insidepublications.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "insidepublications.com"] [uri "/images/stories/themes.php"] [unique_id "aje2fOsp9cQMqpyffAOxTAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-20 23:15:44 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 Site.eu	2026-06-18 21:34:52 (3 days ago)	Excessive 404/403 errors	Brute-Force
🇫🇷 Octopuce	2026-06-11 04:18:56 (1 week ago)	Aggressive web search of vulnerable pages: /wp-content/uploads/2023/05/ /wp-content/themes/hello-ele ... show more Aggressive web search of vulnerable pages: /wp-content/uploads/2023/05/ /wp-content/themes/hello-element/ /wp-includes/Text/ /wp-includes/sitem ... show less	Web App Attack
Anonymous	2026-03-16 01:10:10 (3 months ago)	\| [Dangerous/Philippines] Aggressive IP 194.61.41.77 (~30 hits). Type: DoS Defender- Web server 400 ... show more \| [Dangerous/Philippines] Aggressive IP 194.61.41.77 (~30 hits). Type: DoS Defender- Web server 400 error code show less	Web App Attack Hacking SQL Injection
🇺🇸 TPI-Abuse	2026-03-03 01:25:12 (3 months ago)	(mod_security) mod_security (id:240000) triggered by 194.61.41.77 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 194.61.41.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 02 20:25:06.741866 2026] [security2:error] [pid 597:tid 637] [client 194.61.41.77:64801] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|east-lease.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "east-lease.com"] [uri "/images/stories/themes.php"] [unique_id "aaY4ciXkEOh9bBrD3-5OkQAAANA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-03-03 00:16:03 (3 months ago)	194.61.41.77 - - [03/Mar/2026:02:16:02 +0200] "GET /wp-admin/images/admin.php HTTP/1.1" 404 276 "-" ... show more 194.61.41.77 - - [03/Mar/2026:02:16:02 +0200] "GET /wp-admin/images/admin.php HTTP/1.1" 404 276 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-03-02 14:38:26 (3 months ago)	194.61.41.77 - - [02/Mar/2026:16:38:25 +0200] "GET /wp-admin/css/colors/ HTTP/1.1" 404 275 "-" "Mozi ... show more 194.61.41.77 - - [02/Mar/2026:16:38:25 +0200] "GET /wp-admin/css/colors/ HTTP/1.1" 404 275 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 194.61.41.77 - - [02/Mar/2026:16:38:25 +0200] "GET /wp-includes/css/ HTTP/1.1" 404 275 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" ... show less	Web App Attack
🇫🇷 dynamix	2026-03-02 12:27:23 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 kosada.com	2026-02-28 23:37:35 (3 months ago)	Web vulnerability probing: /wso.php	Web App Attack
Anonymous	2026-02-24 10:25:38 (3 months ago)	[redacted] 194.61.41.77 - - [24/Feb/2026:11:25:27 +0100] "GET /wp-admin/css/colors/error.php HTTP/1. ... show more [redacted] 194.61.41.77 - - [24/Feb/2026:11:25:27 +0100] "GET /wp-admin/css/colors/error.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" [redacted] 194.61.41.77 - - [24/Feb/2026:11:25:28 +0100] "GET /wp-admin/images/autoload_classmap.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0" [redacted] 194.61.41.77 - - [24/Feb/2026:11:25:29 +0100] "GET /wp-admin/maint/repairs.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" [redacted] 194.61.41.77 - - [24/Feb/2026:11:25:31 +0100] "GET /vendor/phpunit/phpunit/src/Util/PHP/adminfusm.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" [redacted] 194.61.41.77 - - [ ... show less	Hacking Web App Attack
🇫🇷 dynamix	2026-02-24 07:01:25 (3 months ago)	Multiple WAF Violations	Web App Attack
🇬🇧 consul.to	2026-02-24 03:51:24 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇿 Antinson	2026-02-12 03:19:24 (4 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot

Showing 1 to 15 of 54 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 165.99.16.135

🇩🇪 69.5.169.55

🇨🇳 47.120.56.129

🇨🇭 179.43.186.241

🇨🇳 123.56.83.180

🇺🇿 62.164.148.87

🇳🇱 45.198.224.115

🇸🇬 43.173.177.103

🇧🇷 43.164.197.146

🇺🇸 2602:80d:1007::1d

🇰🇷 221.165.6.102

🇨🇭 195.15.227.114

🇨🇳 180.102.110.163

🇩🇪 167.94.146.32

🇯🇵 152.32.146.235

🇺🇸 104.234.53.101

🇫🇷 91.231.89.4

🇳🇱 45.156.87.166

🇳🇱 45.153.34.16

🇪🇬 196.202.80.96