JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.3.48.131

192.3.48.131 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	192-3-48-131-host.colocrossing.com
Domain Name	colocrossing.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.3.48.131

Whois 192.3.48.131

IP Abuse Reports for 192.3.48.131:

This IP address has been reported a total of 9 times from 3 distinct sources. 192.3.48.131 was first reported on October 30th 2023, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-11-13 14:31:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 192.3.48.131 (192-3-48-131-host.colocrossing.co ... show more (mod_security) mod_security (id:210492) triggered by 192.3.48.131 (192-3-48-131-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 09:31:48.232183 2025] [security2:error] [pid 6302:tid 6302] [client 192.3.48.131:45477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/content../.git/config"] [unique_id "aRXr1CJMZb5-k9mAhcT3uwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:40:27 (10 months ago)	(mod_security) mod_security (id:222550) triggered by 192.3.48.131 (192-3-48-131-host.colocrossing.co ... show more (mod_security) mod_security (id:222550) triggered by 192.3.48.131 (192-3-48-131-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:40:23.204544 2025] [security2:error] [pid 389296:tid 389582] [client 192.3.48.131:52999] ModSecurity: Access denied with code 403 (phase 2). Pattern match "[^\\\\w\\\\ \\\\.]" at ARGS:list[fullordering]. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "82"] [id "222550"] [rev "1"] [msg "COMODO WAF: SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 (CVE-2017-8917)\|\|kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "kettlehill.net"] [uri "/index.php"] [unique_id "aIV1d5Zb4SZoFGUGqNwY7gAAAgo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 23:27:26 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 192.3.48.131 (192-3-48-131-host.colocrossing.co ... show more (mod_security) mod_security (id:210492) triggered by 192.3.48.131 (192-3-48-131-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 19:27:21.249736 2025] [security2:error] [pid 3754317:tid 3754317] [client 192.3.48.131:56609] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.farmers123.com"] [uri "/wp-config.php.bak"] [unique_id "aDjtWTUMJKWO5L9R4B5D_gAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-01-26 12:32:47 (2 years ago)	(mod_security) mod_security (id:210580) triggered by 192.3.48.131 (192-3-48-131-host.colocrossing.co ... show more (mod_security) mod_security (id:210580) triggered by 192.3.48.131 (192-3-48-131-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 26 07:32:40.504931 2024] [security2:error] [pid 14551] [client 192.3.48.131:36103] [client 192.3.48.131] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:local-destination-id. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|mail.stdavids-media.com\|F\|2"] [data "Matched Data: etc/passwd found within ARGS:local-destination-id: /etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "mail.stdavids-media.com"] [uri "/wp-admin/admin-post.php"] [unique_id "ZbOmaEXG7yoMeRm9LeOb6wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2023-12-05 17:20:40 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 192.3.48.131 (192-3-48-131-host.colocrossing.co ... show more (mod_security) mod_security (id:210492) triggered by 192.3.48.131 (192-3-48-131-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 05 12:20:28.014855 2023] [security2:error] [pid 15090:tid 47036160730880] [client 192.3.48.131:56227] [client 192.3.48.131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.kettlehill.net"] [uri "/.env.kettlehill"] [unique_id "ZW9b3G1bPs5nDG2eleQjBwAAAQU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2023-11-27 13:20:15 (2 years ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 ChamberofCommerce.com	2023-11-06 00:27:44 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-11-02 03:58:47 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-10-30 20:44:45 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2401:4900:9272:3a11:7437:6a81:fa72:2a67

🇧🇷 205.210.31.241

🇳🇱 176.65.139.233

🇵🇱 146.59.1.225

🇺🇸 144.91.207.226

🇫🇷 83.171.226.124

🇺🇸 69.55.59.200

🇮🇳 49.43.132.163

🇺🇸 48.217.108.244

🇩🇪 43.228.157.133

🇨🇳 42.51.41.137

🇺🇸 2a03:2880:18ff:55::

🇧🇪 198.235.24.166

🇳🇱 170.168.61.69

🇦🇪 165.154.12.82

🇺🇸 147.185.132.60

🇮🇩 124.40.252.3

🇺🇸 71.6.134.237

🇯🇵 20.153.204.5

🇺🇸 2a03:2880:18ff:53::