JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.3.48.55

192.3.48.55 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 0%: ?

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	192-3-48-55-host.colocrossing.com
Domain Name	colocrossing.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.3.48.55

Whois 192.3.48.55

IP Abuse Reports for 192.3.48.55:

This IP address has been reported a total of 13 times from 4 distinct sources. 192.3.48.55 was first reported on October 30th 2023, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 16:17:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 192.3.48.55 (192-3-48-55-host.colocrossing.com) ... show more (mod_security) mod_security (id:210492) triggered by 192.3.48.55 (192-3-48-55-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 11:17:34.231551 2026] [security2:error] [pid 30622:tid 30622] [client 192.3.48.55:45711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.env.example"] [unique_id "aWu2HvjJxYVidK7Nk8cEWAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-01-15 23:50:06 (4 months ago)	Blocked by UFW (TCP on 80) Source port: 44275 TTL: 46 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 44275 TTL: 46 Packet length: 60 TOS: 0x00 This report (for 192.3.48.55) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 20:06:57 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 192.3.48.55 (192-3-48-55-host.colocrossing.com) ... show more (mod_security) mod_security (id:210730) triggered by 192.3.48.55 (192-3-48-55-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 15:06:50.271563 2025] [security2:error] [pid 22839:tid 22981] [client 192.3.48.55:57155] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.kettlehill.net\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.kettlehill.net"] [uri "/web/static/c:/windows/win.ini"] [unique_id "aVLfWqhQT-NrkrxX7z3g3gAAAFU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-12 04:48:01 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 192.3.48.55 (192-3-48-55-host.colocrossing.com) ... show more (mod_security) mod_security (id:210492) triggered by 192.3.48.55 (192-3-48-55-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 23:47:56.801047 2025] [security2:error] [pid 26991:tid 26991] [client 192.3.48.55:44201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.nbcnewsradio.com"] [uri "/.env"] [unique_id "aRQRfMhMfKM3aa1O1KBxmwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:07:36 (10 months ago)	(mod_security) mod_security (id:243420) triggered by 192.3.48.55 (192-3-48-55-host.colocrossing.com) ... show more (mod_security) mod_security (id:243420) triggered by 192.3.48.55 (192-3-48-55-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:07:32.439593 2025] [security2:error] [pid 24709:tid 24790] [client 192.3.48.55:43271] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "ARGS: config-create /" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|ftp.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ftp.kettlehill.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aIVtuiLBaxayrfPM3JFP3gAAAFY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 16:35:54 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 192.3.48.55 (192-3-48-55-host.colocrossing.com) ... show more (mod_security) mod_security (id:210730) triggered by 192.3.48.55 (192-3-48-55-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 12:35:46.923227 2025] [security2:error] [pid 2980628:tid 2980628] [client 192.3.48.55:47029] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.farmers123.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.farmers123.com"] [uri "/roundcube/logs/errors.log"] [unique_id "aDiM4mW5wTbROrMQFWyX0wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-02-13 23:56:51 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 192.3.48.55 (192-3-48-55-host.colocrossing.com) ... show more (mod_security) mod_security (id:210492) triggered by 192.3.48.55 (192-3-48-55-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 13 18:54:52.368725 2024] [security2:error] [pid 13161:tid 46964685186816] [client 192.3.48.55:51155] [client 192.3.48.55] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kettlehill.net"] [uri "/.env_sample"] [unique_id "ZcwBTKemS_vM90JN0V6xPwAAAdE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-01-26 12:33:23 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 192.3.48.55 (192-3-48-55-host.colocrossing.com) ... show more (mod_security) mod_security (id:210730) triggered by 192.3.48.55 (192-3-48-55-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 26 07:33:09.280330 2024] [security2:error] [pid 31979] [client 192.3.48.55:42091] [client 192.3.48.55] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.stdavids-media.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.stdavids-media.com"] [uri "/application/logs/default.log"] [unique_id "ZbOmheYyK4LHDn1AfB0SGwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2023-11-28 23:30:09 (2 years ago)	(mod_security) mod_security (id:211190) triggered by 192.3.48.55 (192-3-48-55-host.colocrossing.com) ... show more (mod_security) mod_security (id:211190) triggered by 192.3.48.55 (192-3-48-55-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 28 18:27:42.162333 2023] [security2:error] [pid 30529:tid 47740308424448] [client 192.3.48.55:47553] [client 192.3.48.55] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /awcuser/cgi-bin/vcs_access_file.cgi?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.net"] [uri "/awcuser/cgi-bin/vcs_access_file.cgi"] [unique_id "ZWZ3bj9foCocTh9XSXCFewAAAII"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2023-11-27 13:50:12 (2 years ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 ChamberofCommerce.com	2023-11-06 00:36:02 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-11-02 06:54:55 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-10-30 21:29:41 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 172.94.9.120

🇬🇧 2a06:4880:8000::aa

🇺🇸 2604:a880:400:d1:0:4:963d:c001

🇨🇳 220.197.85.191

🇨🇳 220.188.138.30

🇨🇳 182.204.181.126

🇨🇳 182.204.179.183

🇧🇷 177.11.196.84

🇭🇰 154.219.116.25

🇵🇰 144.48.130.211

🇬🇧 143.110.160.90

🇺🇸 135.237.125.137

🇨🇳 111.121.93.82

🇺🇿 82.215.98.12

🇺🇸 66.132.224.25

🇺🇸 34.182.188.22

🇩🇪 31.76.98.214

🇹🇼 198.235.24.33

🇷🇴 185.134.49.116

🇺🇸 172.96.161.212