JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.3.48.10

192.3.48.10 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 0%: ?

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	192-3-48-10-host.colocrossing.com
Domain Name	colocrossing.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.3.48.10

Whois 192.3.48.10

IP Abuse Reports for 192.3.48.10:

This IP address has been reported a total of 8 times from 4 distinct sources. 192.3.48.10 was first reported on June 3rd 2023, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-27 02:39:57 (4 months ago)	(mod_security) mod_security (id:220150) triggered by 192.3.48.10 (192-3-48-10-host.colocrossing.com) ... show more (mod_security) mod_security (id:220150) triggered by 192.3.48.10 (192-3-48-10-host.colocrossing.com): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 21:39:48.512688 2026] [security2:error] [pid 23296:tid 23318] [client 192.3.48.10:49563] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\.{0,399}\\\\*\\\\/)?select)" at ARGS:term. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)\|\|ftp.kettlehill.com\|F\|2"] [data "aaa'unionselect1,sleep(6),3---"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ftp.kettlehill.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aXgldEnBpq4P6Y3u9V79DAAAANI"], referer: http://ftp.kettlehill.com/wp-admin/admin-ajax.php?action=vtprd_product_search_ajax&term=aaa%27+union+select+1,sleep(6),3--+- show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 08:59:49 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 192.3.48.10 (192-3-48-10-host.colocrossing.com) ... show more (mod_security) mod_security (id:210730) triggered by 192.3.48.10 (192-3-48-10-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 03:59:32.637428 2025] [security2:error] [pid 2514:tid 2514] [client 192.3.48.10:58319] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/log.log"] [unique_id "aRWd9Pi5wMMLqXM1ntLdEwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-26 23:11:33 (10 months ago)	(mod_security) mod_security (id:221260) triggered by 192.3.48.10 (192-3-48-10-host.colocrossing.com) ... show more (mod_security) mod_security (id:221260) triggered by 192.3.48.10 (192-3-48-10-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 19:10:29.922037 2025] [security2:error] [pid 28940:tid 28961] [client 192.3.48.10:47051] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|webmail.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kettlehill.com"] [uri "/cgi-bin/test"] [unique_id "aIVgZRkWs7qQTYmgnsCg0QAAAAo"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 15:32:33 (1 year ago)	(mod_security) mod_security (id:226830) triggered by 192.3.48.10 (192-3-48-10-host.colocrossing.com) ... show more (mod_security) mod_security (id:226830) triggered by 192.3.48.10 (192-3-48-10-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 11:31:59.357992 2025] [security2:error] [pid 2882110:tid 2882110] [client 192.3.48.10:39233] ModSecurity: Access denied with code 403 (phase 1). Operator GE matched 1 at ARGS_GET. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6392"] [id "226830"] [rev "2"] [msg "COMODO WAF: Open redirect vulnerability in the Redirect function in the StageShow plugin before 5.0.9 for WordPress (CVE-2015-5461)\|\|autodiscover.farmers123.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "autodiscover.farmers123.com"] [uri "/wp-content/plugins/stageshow/stageshow_redirect.php"] [unique_id "aDh97-6KKiPnU-4c6WI4NgAAADI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-27 15:02:02 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 192.3.48.10 (192-3-48-10-host.colocrossing.com) ... show more (mod_security) mod_security (id:210730) triggered by 192.3.48.10 (192-3-48-10-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 27 10:00:37.162922 2025] [security2:error] [pid 27063:tid 27219] [client 192.3.48.10:42195] [client 192.3.48.10] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.com"] [uri "/sql.sql"] [unique_id "Z8B-FcnGgNPGej7DPucVWwAAAIw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 EGP Abuse Dept	2025-02-16 12:56:53 (1 year ago)	SQL injection attack	SQL Injection
🇦🇺 oncord	2023-08-31 15:49:43 (2 years ago)	Form spam	Web Spam
🇮🇪 RoboSOC	2023-06-03 04:01:43 (3 years ago)	HTTP Directory Traversal Request Attempt , PTR: 192-3-48-10-host.colocrossing.com.	Hacking

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 209.99.186.137

🇮🇱 147.235.199.177

🇧🇷 108.174.147.120

🇷🇴 92.118.39.236

🇧🇬 91.191.209.74

🇺🇸 74.101.120.131

🇮🇳 59.145.160.158

🇮🇩 38.253.239.21

🇩🇪 213.209.159.11

🇩🇪 92.122.215.107

🇸🇾 91.144.21.210

🇺🇸 66.132.186.213

🇸🇬 193.37.32.10

🇵🇰 182.190.218.246

🇨🇳 171.37.92.120

🇸🇬 101.32.128.28

🇺🇸 49.51.204.105

🇵🇱 34.158.239.151

🇯🇵 20.89.43.232

🇮🇳 2401:4900:1c5c:970c:99df:6e19:166f:a4d0