JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.78.54.47

195.78.54.47 was found in our database!

This IP was reported 211 times. Confidence of Abuse is 6%: ?

ISP	Internet Utilities NA LLC
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	iana.org
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.78.54.47

Whois 195.78.54.47

IP Abuse Reports for 195.78.54.47:

This IP address has been reported a total of 211 times from 98 distinct sources. 195.78.54.47 was first reported on November 7th 2021, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 Origon	2026-04-14 21:42:08 (1 month ago)	postfix-non-smtp-command - IP: 195.78.54.47 - time="2026-04-14T23:42:08+02:00" level=info msg="(555 ... show more postfix-non-smtp-command - IP: 195.78.54.47 - time="2026-04-14T23:42:08+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/postfix-non-smtp-command by ip 195.78.54.47 (NL/174) : 4h ban on Ip 195.78.54.47" module=db show less	Email Spam
🇬🇧 OptimusGO	2026-04-14 20:18:31 (1 month ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-04-14 21:18:31 UTC Log evidence: 04/14/2026-21:18:18.020240 [] [1:1000101:2] SECURITY Port Scan Detected - Multiple Unauthorized Ports [] [Classification: Attempted Information Leak] [Priority: 1] {TCP} 195.78.54.47:55951 -> 185.127.18.66:6443 04/14/2026-21:18:18.104339 [] [1:1000101:2] SECURITY Port Scan Detected - Multiple Unauthorized Ports [] [Classification: Attempted Information Leak] [Priority: 1] {TCP} 195.78.54.47:35885 -> 185.127.18.66:8008 show less	Port Scan Brute-Force
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇹🇷 rtbh.com.tr	2025-08-11 20:08:11 (10 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇩🇪 SpaceHost-Server	2025-08-10 22:41:20 (10 months ago)		Brute-Force Web App Attack
🇹🇷 rtbh.com.tr	2025-08-10 20:08:10 (10 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
Anonymous	2025-08-10 05:33:14 (10 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 ipblock.com	2025-08-10 05:15:00 (10 months ago)	IPBlock protected site ID [3390-wh]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇵🇱 strefapi_com	2025-08-10 05:05:42 (10 months ago)	Brute-force, web ...	Hacking Brute-Force Web App Attack
🇺🇸 octageeks.com	2025-08-10 04:15:59 (10 months ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇳🇱 Site.eu	2025-08-10 03:57:22 (10 months ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇵🇱 nfsec.pl	2025-08-10 03:22:34 (10 months ago)	195.78.54.47 - - [10/Aug/2025:05:22:31 +0200] "GET /xmlrpc.php?rsd HTTP/1.1" 403 2384 "-" "Mozilla/5 ... show more 195.78.54.47 - - [10/Aug/2025:05:22:31 +0200] "GET /xmlrpc.php?rsd HTTP/1.1" 403 2384 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 195.78.54.47 - - [10/Aug/2025:05:22:32 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 403 8391 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 195.78.54.47 - - [10/Aug/2025:05:22:33 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 403 8391 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 195.78.54.47 - - [10/Aug/2025:05:22:33 +0200] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 403 8391 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 195.78.54.47 - - [10/Aug/2025:05:22:34 +0200] "GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1" 403 8391 "-" "Mozilla ... show less	Exploited Host Web App Attack
🇩🇪 Ba-Yu	2025-08-09 23:39:33 (10 months ago)	WordPress hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 SpaceHost-Server	2025-08-09 22:36:43 (10 months ago)		Brute-Force Web App Attack
🇺🇦 URAN Publishing Service	2025-08-09 22:10:16 (10 months ago)	195.78.54.47 - - [10/Aug/2025:01:10:14 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 "- ... show more 195.78.54.47 - - [10/Aug/2025:01:10:14 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 195.78.54.47 - - [10/Aug/2025:01:10:15 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" ... show less	Web App Attack

Showing 1 to 15 of 211 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 209.14.89.9

🇺🇸 144.172.100.186

🇷🇸 77.105.37.219

🇺🇸 47.77.225.61

🇺🇸 45.145.128.177

🇧🇷 205.210.31.182

🇧🇷 187.111.28.131

🇨🇳 183.21.85.217

🇺🇸 165.154.206.151

🇯🇵 106.155.9.28

🇺🇸 104.234.208.240

🇳🇵 103.130.207.227

🇳🇱 45.148.10.157

🇮🇳 182.95.181.50

🇭🇰 137.220.134.223

🇩🇪 104.248.242.193

🇮🇳 103.54.101.248

🇩🇪 65.111.28.34

🇸🇬 43.156.61.33

🇨🇳 27.18.58.255