JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.121.44.33

192.121.44.33 was found in our database!

This IP was reported 114 times. Confidence of Abuse is 66%: ?

66%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	Playstar, Sweden
Usage Type	Data Center/Web Hosting/Transit
ASN	AS199950
Hostname(s)	tor-relay03.playstar.se
Domain Name	playstar.se
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.121.44.33

Whois 192.121.44.33

IP Abuse Reports for 192.121.44.33:

This IP address has been reported a total of 114 times from 47 distinct sources. 192.121.44.33 was first reported on November 18th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-02 18:55:07 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in t ... show more (mod_security) mod_security (id:240335) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 14:54:54.735447 2026] [security2:error] [pid 20096:tid 20096] [client 192.121.44.33:35002] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 192.121.44.33 (+1 hits since last alert)\|infinityartistsgroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "infinityartistsgroup.com"] [uri "/xmlrpc.php"] [unique_id "ah8m_uhiDLciGtCnfadg1QAAACw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 11:36:13 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 07:36:07.851226 2026] [security2:error] [pid 32670:tid 32670] [client 192.121.44.33:58664] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.freemanfoundationcle.org"] [uri "/.git/config"] [unique_id "ah7AJ7GAxtPxPKtVZKKVSQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-05-31 17:05:05 (4 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 13:21:36 (5 days ago)	(mod_security) mod_security (id:210730) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in t ... show more (mod_security) mod_security (id:210730) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 09:21:29.527967 2026] [security2:error] [pid 15373:tid 15385] [client 192.121.44.33:49674] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|clinicadelparabrisas.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "clinicadelparabrisas.com"] [uri "/dump.sql"] [unique_id "ahw12SIk-dE2lnNWT4v0HAAAAUo"], referer: clinicadelparabrisas.com/dump.sql show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 04:30:51 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 00:30:45.755263 2026] [security2:error] [pid 11939:tid 11939] [client 192.121.44.33:36564] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.joqlawn.com"] [uri "/.git/config"] [unique_id "ahu5deCd_eBhwWkE15ctGgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 22:38:07 (5 days ago)	(mod_security) mod_security (id:210730) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in t ... show more (mod_security) mod_security (id:210730) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 18:38:01.993767 2026] [security2:error] [pid 5358:tid 5369] [client 192.121.44.33:48310] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|daraluz.net\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "daraluz.net"] [uri "/dump.sql"] [unique_id "ahtmyes-2rA-eRwtBeDjwwAAAEg"], referer: daraluz.net/dump.sql show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 14:12:33 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 10:12:27.165756 2026] [security2:error] [pid 17399:tid 17399] [client 192.121.44.33:55004] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.evolutionmedical.help"] [uri "/.git/config"] [unique_id "ahrwSyH-MibRGE1Es8ug7gAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 04:20:58 (6 days ago)	(mod_security) mod_security (id:210730) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in t ... show more (mod_security) mod_security (id:210730) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 00:20:53.560721 2026] [security2:error] [pid 12459:tid 12459] [client 192.121.44.33:53942] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|werzi.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "werzi.com"] [uri "/dump.sql"] [unique_id "ahplpRh_15ovnZMZqEAPYgAAAAg"], referer: werzi.com/dump.sql show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-05-29 23:10:35 (6 days ago)	1637 limiting connections by zone (2w9h35m)	DDoS Attack
🇩🇪 raph	2026-05-29 16:31:47 (6 days ago)	[005] content filter failure, web form spam detected	Web Spam Blog Spam
🇦🇺 oncord	2026-05-29 15:53:13 (6 days ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-05-29 02:48:49 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 22:48:41.342368 2026] [security2:error] [pid 25333:tid 25333] [client 192.121.44.33:42662] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|flybits.co.uk\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "flybits.co.uk"] [uri "/wp-json/wp/v2/users"] [unique_id "ahj-icRaob26cqIwAX-eTAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-05-28 13:33:39 (1 week ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇩🇪 bescared	2026-05-28 09:36:56 (1 week ago)	F2B - Malicious activity detected. URL Probing. -151302cd-	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 07:55:14 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in t ... show more (mod_security) mod_security (id:210730) triggered by 192.121.44.33 (tor-relay03.playstar.se): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 03:55:02.888368 2026] [security2:error] [pid 29358:tid 29358] [client 192.121.44.33:44928] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|saltyrootsyogaco.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "saltyrootsyogaco.com"] [uri "/dump.sql"] [unique_id "ahf01n49cwzrHN2OAz-cWgAAAAM"], referer: saltyrootsyogaco.com/dump.sql show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 114 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇿 195.7.13.250

🇫🇷 185.255.126.4

🇺🇸 184.105.247.212

🇭🇰 165.154.225.20

🇩🇿 154.241.49.117

🇦🇴 105.168.82.255

🇮🇹 93.92.78.10

🇰🇿 85.193.107.63

🇻🇳 27.71.85.46

🇬🇧 193.163.125.210

🇰🇿 188.247.204.207

🇺🇿 188.113.254.227

🇷🇺 176.214.205.74

🇰🇿 176.64.30.120

🇺🇸 173.239.249.3

🇩🇪 167.94.145.31

🇮🇩 165.99.192.105

🇩🇿 154.255.65.42

🇬🇧 149.13.200.46

🇨🇳 114.222.252.120