JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.47.238.44

195.47.238.44 was found in our database!

This IP was reported 270 times. Confidence of Abuse is 53%: ?

53%

ISP	Information: Most of this subnet is used for tor-exit related services.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS30893
Hostname(s)	anonode.se-1.prod.encrypt.co.il
Domain Name	noackhosting.se
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.47.238.44

Whois 195.47.238.44

IP Abuse Reports for 195.47.238.44:

This IP address has been reported a total of 270 times from 92 distinct sources. 195.47.238.44 was first reported on May 6th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 BIV	2026-06-05 18:26:21 (1 week ago)	Honeypot multi-source hit. Sources: tpot:P0f,tpot:Suricata. Ports: 443. Automated tiered (T-Pot+DShi ... show more Honeypot multi-source hit. Sources: tpot:P0f,tpot:Suricata. Ports: 443. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-05 00:02:09 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il) ... show more (mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 20:02:05.211419 2026] [security2:error] [pid 21997:tid 21997] [client 195.47.238.44:15154] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.austintrauma.com"] [uri "/.git/config"] [unique_id "aiIR_W1L14TmjxOKPRV0NwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 02:20:40 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il) ... show more (mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 22:20:32.514138 2026] [security2:error] [pid 32558:tid 32558] [client 195.47.238.44:16126] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.michaelgatley.com"] [uri "/.git/config"] [unique_id "aiDg8HMpfn3k2Qh58TWeqQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oncord	2026-06-03 15:16:11 (1 week ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-06-02 15:06:50 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il) ... show more (mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 11:06:43.856531 2026] [security2:error] [pid 17492:tid 17492] [client 195.47.238.44:47486] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.nuegrapes.com"] [uri "/.git/config"] [unique_id "ah7xg0VYPcJYqbaZfVI9yAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 20:46:47 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il) ... show more (mod_security) mod_security (id:210730) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 16:46:41.767315 2026] [security2:error] [pid 7958:tid 7964] [client 195.47.238.44:62508] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|healingwithtouch.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "healingwithtouch.com"] [uri "/dump.sql"] [unique_id "ahyeMVIwQkI4C6BV31fB9wAAAUI"], referer: healingwithtouch.com/dump.sql show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 leithzz	2026-05-30 18:29:08 (2 weeks ago)	Report by Cloudflare.Time: 2026-05-30T18:28:41Z	DDoS Attack
🇺🇸 TPI-Abuse	2026-05-30 11:46:50 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il) ... show more (mod_security) mod_security (id:210730) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 07:46:42.013463 2026] [security2:error] [pid 25562:tid 25562] [client 195.47.238.44:28930] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|annropp.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "annropp.com"] [uri "/dump.sql"] [unique_id "ahrOIuNKhCaAWIh4Q2NRuQAAABk"], referer: annropp.com/dump.sql show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2026-05-30 10:36:53 (2 weeks ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-05-29 18:34:52 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il) ... show more (mod_security) mod_security (id:210730) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 14:34:44.084400 2026] [security2:error] [pid 3878:tid 3878] [client 195.47.238.44:61044] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|boat-registration-turkey.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "boat-registration-turkey.com"] [uri "/dump.sql"] [unique_id "ahncRFkNS9CJUcK875f4BwAAAA4"], referer: boat-registration-turkey.com/dump.sql show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 17:17:20 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il) ... show more (mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 13:17:13.669541 2026] [security2:error] [pid 24519:tid 24548] [client 195.47.238.44:9282] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.blog.juantrece.com"] [uri "/.git/config"] [unique_id "ahnKGQO_UWK0VxkO-_90OAAAAIc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 07:40:53 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il) ... show more (mod_security) mod_security (id:210730) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 03:40:47.283016 2026] [security2:error] [pid 26958:tid 26982] [client 195.47.238.44:34016] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|lauricella.us\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lauricella.us"] [uri "/dump.sql"] [unique_id "ahaf__o9Q5oaNg6qsQfdAQAAAU4"], referer: lauricella.us/dump.sql show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Nicolmn	2026-05-26 05:17:58 (2 weeks ago)	Web form spam ( id ccrd-mm.l )	Web Spam
🇫🇷 MatStef132	2026-05-24 20:58:29 (2 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-23 16:11:13 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il) ... show more (mod_security) mod_security (id:210730) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 12:11:10.760480 2026] [security2:error] [pid 16331:tid 16331] [client 195.47.238.44:11294] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|my-pitch.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "my-pitch.org"] [uri "/dump.sql"] [unique_id "ahHRnmuSfy5RrFeqpOgxIwAAABs"], referer: my-pitch.org/dump.sql show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 270 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 202.51.208.195

🇨🇳 118.196.116.42

🇮🇳 103.255.134.61

🇮🇳 103.25.47.94

🇺🇸 66.132.195.109

🇫🇷 51.75.200.91

🇨🇦 185.92.26.32

🇺🇸 162.248.102.38

🇯🇵 160.251.101.169

🇳🇬 102.88.137.80

🇯🇵 61.115.64.186

🇺🇸 40.124.174.199

🇦🇺 34.129.218.249

🇫🇷 145.239.79.139

🇳🇱 45.148.10.157

🇬🇧 35.203.211.104

🇹🇷 195.33.200.58

🇵🇾 181.85.209.81

🇰🇷 110.14.190.221

🇳🇱 45.156.128.173