JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.47.238.44

195.47.238.44 was found in our database!

This IP was reported 268 times. Confidence of Abuse is 61%: ?

61%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	Information: Most of this subnet is used for tor-exit related services.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS30893
Hostname(s)	anonode.se-1.prod.encrypt.co.il
Domain Name	noackhosting.se
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.47.238.44

Whois 195.47.238.44

IP Abuse Reports for 195.47.238.44:

This IP address has been reported a total of 268 times from 91 distinct sources. 195.47.238.44 was first reported on May 6th 2025, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-06-02 11:55:33 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il) ... show more (mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 02 07:55:28.606930 2025] [security2:error] [pid 3838933:tid 3838933] [client 195.47.238.44:46260] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.puregoldmorgans.com"] [uri "/wp-config.php.save.5"] [unique_id "aD2RMO_ODj-8pIviBjnruQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 20:28:19 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il) ... show more (mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 16:28:15.221919 2025] [security2:error] [pid 3258126:tid 3258126] [client 195.47.238.44:54438] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "banyonsbookdoctor.com"] [uri "/.git/config"] [unique_id "aDjDX0xF8ucz8w1XtI_u1wAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2025-05-29 13:47:08 (1 year ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [wa01]	Bad Web Bot Web App Attack
🇺🇸 dot.mg	2025-05-29 08:03:20 (1 year ago)	"Low quality URL in comment spam"	Web Spam Blog Spam
Anonymous	2025-05-28 08:26:40 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-05-28 04:15:39 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il) ... show more (mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 28 00:15:32.489173 2025] [security2:error] [pid 1495142:tid 1495142] [client 195.47.238.44:41418] [client 195.47.238.44] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "asiaan.net"] [uri "/.git/config"] [unique_id "aDaN5EiSFTNeQm5vfDBhZAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-24 10:10:36 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il) ... show more (mod_security) mod_security (id:210730) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 24 06:10:30.925279 2025] [security2:error] [pid 1155326:tid 1155326] [client 195.47.238.44:34876] [client 195.47.238.44] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|goldcountrygermanamericanclub.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "goldcountrygermanamericanclub.org"] [uri "/main_wordpress.sql"] [unique_id "aDGbFoL8ryM4R_8HyUALfAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-24 02:02:04 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il) ... show more (mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 23 22:01:57.571186 2025] [security2:error] [pid 3898216:tid 3898216] [client 195.47.238.44:39422] [client 195.47.238.44] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.in-hometechsupport.com"] [uri "/.git/config"] [unique_id "aDEolc-g-DfogzWKZcGkCQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-23 09:24:13 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il) ... show more (mod_security) mod_security (id:210492) triggered by 195.47.238.44 (anonode.se-1.prod.encrypt.co.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 23 05:24:09.436825 2025] [security2:error] [pid 291581:tid 291581] [client 195.47.238.44:37266] [client 195.47.238.44] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.budpowellbio.com"] [uri "/.git/config"] [unique_id "aDA-uWnrNXeTwRnZeqfhaAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2025-05-22 22:42:05 (1 year ago)	ThreatBook Intelligence: tor_proxy,Zombie more details on https://threatbook.io/ip/195.47.238.44 202 ... show more ThreatBook Intelligence: tor_proxy,Zombie more details on https://threatbook.io/ip/195.47.238.44 2025-05-22 23:54:24 / show less	Web App Attack
🇦🇺 MAGIC	2025-05-22 09:01:54 (1 year ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 oncord	2025-05-22 07:41:51 (1 year ago)	Form spam	Web Spam
🇺🇸 COMPLEX	2025-05-22 03:31:58 (1 year ago)	Triggered Cloudflare WAF (l7ddos) from T1. Action taken: BLOCK ASN: 30893 (NOACKHOSTING-AS) Protocol ... show more Triggered Cloudflare WAF (l7ddos) from T1. Action taken: BLOCK ASN: 30893 (NOACKHOSTING-AS) Protocol: HTTP/2 (GET method) Endpoint: /login show less	DDoS Attack Bad Web Bot
🇦🇺 oncord	2025-05-19 06:48:26 (1 year ago)	Form spam	Web Spam
🇩🇪 Packets-Decreaser.NET	2025-05-18 12:17:20 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 241 to 255 of 268 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2401:4900:1c01:14eb:f0f1:d940:7989:8a1

🇬🇧 193.163.125.225

🇬🇧 193.163.125.176

🇧🇷 164.163.24.11

🇧🇩 114.130.180.124

🇺🇸 66.132.195.44

🇰🇷 182.31.36.202

🇮🇳 168.144.122.135

🇨🇦 159.89.123.205

🇩🇪 143.244.83.22

🇺🇸 109.105.210.78

🇺🇸 75.177.118.67

🇳🇱 45.148.10.151

🇳🇱 45.148.10.141

🇩🇪 45.131.109.76

🇳🇱 212.30.37.51

🇰🇷 211.223.107.86

🇵🇰 202.143.120.241

🇲🇽 187.140.21.167

🇨🇳 183.135.225.63