JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.61.41.89

194.61.41.89 was found in our database!

This IP was reported 58 times. Confidence of Abuse is 47%: ?

47%

ISP	VPN Consumer Manila, Philippines
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.61.41.89

Whois 194.61.41.89

IP Abuse Reports for 194.61.41.89:

This IP address has been reported a total of 58 times from 28 distinct sources. 194.61.41.89 was first reported on July 29th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-22 16:42:31 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 01:12:50 (1 day ago)	(mod_security) mod_security (id:240000) triggered by 194.61.41.89 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 194.61.41.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 21:12:46.686282 2026] [security2:error] [pid 5783:tid 5783] [client 194.61.41.89:0] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|globetechsecurities.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "globetechsecurities.com"] [uri "/images/stories/themes.php"] [unique_id "ajiMDqHCoZ-3E6VbrWystAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-22 00:10:37 (1 day ago)	alfa-rex.php	Hacking Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-21 14:40:09 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 maxpower	2026-06-21 12:56:01 (2 days ago)	(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 194.61.41.89 (PH/Philippines/-): 1 in the las ... show more (aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 194.61.41.89 (PH/Philippines/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 194.61.41.89 - - [21/Jun/2026:14:55:58 +0200] "GET /lock360.php HTTP/1.1" 301 286 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" "-" host=mediaqualitylab.it show less	Port Scan
🇫🇷 masterguru	2026-06-21 02:38:57 (2 days ago)	Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-193)	Hacking
🇳🇱 Site.eu	2026-06-18 21:36:18 (5 days ago)	Excessive 404/403 errors	Brute-Force
🇪🇸 robotstxt	2026-06-11 12:49:42 (1 week ago)	194.61.41.89 - - [11/Jun/2026:12:48:42 +0000] "GET /cgi-bin/bypass.php HTTP/1.1" 404 146 "-" "Mozill ... show more 194.61.41.89 - - [11/Jun/2026:12:48:42 +0000] "GET /cgi-bin/bypass.php HTTP/1.1" 404 146 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" "-" 194.61.41.89 - - [11/Jun/2026:12:48:44 +0000] "GET /wp-signup.php HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" "-" 194.61.41.89 - - [11/Jun/2026:12:49:25 +0000] "GET /cgi-bin/class.api.php HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" "-" 194.61.41.89 - - [11/Jun/2026:12:49:31 +0000] "GET /cgi-bin/autoload_classmap.php HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" "-" 194.61.41.89 - - [11/Jun/2026:12:49:42 +0000] "GET /cgi-bin/index.php HTTP/1.1" 404 548 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0 ... show less	Bad Web Bot
🇫🇷 tecnoacquisti.com	2026-05-09 03:29:33 (1 month ago)	PrestaShop Security Module: Calls WordPress paths probing known vulnerabilities	Web App Attack
🇳🇿 Antinson	2026-03-03 08:50:32 (3 months ago)	Scraping with a high error ratio and request rate Requests to unauthorized or suspicious endpoints ( ... show more Scraping with a high error ratio and request rate Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.) show less	Bad Web Bot
🇺🇦 URAN Publishing Service	2026-03-03 00:16:40 (3 months ago)	194.61.41.89 - - [03/Mar/2026:02:16:37 +0200] "GET /wp-content/themes/tflow/up.php HTTP/1.1" 404 276 ... show more 194.61.41.89 - - [03/Mar/2026:02:16:37 +0200] "GET /wp-content/themes/tflow/up.php HTTP/1.1" 404 276 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 194.61.41.89 - - [03/Mar/2026:02:16:39 +0200] "GET /wp-admin/function.php HTTP/1.1" 404 276 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" ... show less	Web App Attack
🇫🇷 dynamix	2026-03-02 22:45:05 (3 months ago)	Multiple WAF Violations	Web App Attack
🇳🇿 Antinson	2026-03-02 10:25:59 (3 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇫🇷 dynamix	2026-02-24 07:02:48 (3 months ago)	Multiple WAF Violations	Web App Attack
🇬🇧 consul.to	2026-02-24 05:49:21 (3 months ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 58 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.238

🇭🇰 210.177.143.61

🇧🇪 198.235.24.245

🇧🇷 186.194.23.242

🇹🇭 159.192.133.140

🇩🇪 138.68.80.15

🇺🇸 136.144.35.56

🇨🇳 115.190.155.5

🇻🇳 115.75.187.3

🇱🇻 81.30.98.62

🇬🇧 35.203.210.43

🇳🇱 34.178.21.247

🇨🇳 8.135.29.109

🇫🇮 204.168.224.93

🇧🇪 198.235.24.234

🇺🇸 191.101.33.110

🇸🇬 188.166.251.103

🇳🇱 176.65.139.219

🇮🇩 163.7.3.26

🇫🇮 147.185.133.86