JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.148.92.225

193.148.92.225 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 0%: ?

ISP	Collins Communications
Usage Type	Commercial
ASN	AS133944
Domain Name	collinscommunications.com
Country	🇭🇷 Croatia
City	Zagreb, Zagreb

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.148.92.225

Whois 193.148.92.225

IP Abuse Reports for 193.148.92.225:

This IP address has been reported a total of 24 times from 9 distinct sources. 193.148.92.225 was first reported on October 30th 2023, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 18:52:51 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 193.148.92.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 193.148.92.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 13:52:45.337916 2026] [security2:error] [pid 11731:tid 11731] [client 193.148.92.225:60137] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/wp-config.old"] [unique_id "aWvafSJYm9tRP6aS1xawXQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-09-15 08:00:48 (9 months ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:58:24 (10 months ago)	(mod_security) mod_security (id:210350) triggered by 193.148.92.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 193.148.92.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:58:20.570904 2025] [security2:error] [pid 404368:tid 404585] [client 193.148.92.225:40231] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|staging.kettlehill.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "staging.kettlehill.com"] [uri "/"] [unique_id "aIV5rKsKpTtRNU_PZbqOrwAAAEY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-11-28 06:25:25 (1 year ago)	193.148.92.225 - - [28/Nov/2024:07:25:25 +0100] "GET /../../../../../../../../windows/win.ini HTTP/1 ... show more 193.148.92.225 - - [28/Nov/2024:07:25:25 +0100] "GET /../../../../../../../../windows/win.ini HTTP/1.1" 400 5490 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" ... show less	Hacking
🇩🇪 ps-center	2024-11-27 10:40:18 (1 year ago)	SS1: Web Attack GET /asd/../../../../../../../../etc/passwd	Web Spam Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-11-26 23:26:02 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 193.148.92.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 193.148.92.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 26 18:25:44.707392 2024] [security2:error] [pid 14716:tid 14988] [client 193.148.92.225:49665] [client 193.148.92.225] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.kettlehill.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /pages/systemcall.php?command=cat%20/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.kettlehill.com"] [uri "/pages/systemcall.php"] [unique_id "Z0ZY-AhXN1-tm_FGp0dgpQAAANM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Alejandro Docasar	2024-11-26 14:28:11 (1 year ago)		Web App Attack
🇺🇸 TPI-Abuse	2024-09-04 04:07:56 (1 year ago)	(mod_security) mod_security (id:221260) triggered by 193.148.92.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 193.148.92.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 04 00:07:50.001154 2024] [security2:error] [pid 1530:tid 1530] [client 193.148.92.225:52291] [client 193.148.92.225] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "80"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|www.stdavids-media.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.stdavids-media.com"] [uri "/cgi-bin/stats"] [unique_id "ZtfdFmIlfKcoFlppWzUN8wAAAAI"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-01 01:45:58 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 193.148.92.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 193.148.92.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 31 21:45:33.627838 2024] [security2:error] [pid 3087700:tid 3087751] [client 193.148.92.225:36891] [client 193.148.92.225] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|staging.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php?files[]=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "staging.kettlehill.com"] [uri "/plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php"] [unique_id "ZtPHPdyH84duF-C5mXU_sQAAAZU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-07-24 02:20:14 (1 year ago)	Common attack or app scan event detected and blocked	Port Scan Hacking Web App Attack
🇩🇪 ps-center	2024-07-15 19:20:07 (1 year ago)	SS1: Web Attack POST /admin/login/?next=/admin/	Web Spam Hacking Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2024-06-27 13:00:45 (1 year ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇺🇸 TPI-Abuse	2024-06-27 07:04:50 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 193.148.92.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 193.148.92.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 27 03:04:43.263288 2024] [security2:error] [pid 31360:tid 47386295392000] [client 193.148.92.225:59697] [client 193.148.92.225] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_kp&controller=../../../../../../../../../../../../etc/passwd%00"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.net"] [uri "/index.php"] [unique_id "Zn0PC1yO989uQdQJj5NTLQAAAQk"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2024-05-08 07:00:43 (2 years ago)	Unauthorized login attempts []	Brute-Force
🇪🇸 10dencehispahard SL	2024-05-08 06:39:13 (2 years ago)	Web Attack	DDoS Attack Brute-Force Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 104.152.52.108

🇳🇬 102.88.137.80

🇰🇼 37.36.205.253

🇺🇸 34.162.133.5

🇮🇪 20.190.159.68

🇺🇸 2604:a880:400:d1:0:4:9e8a:4001

🇺🇸 209.87.169.148

🇩🇪 207.241.172.201

🇳🇱 204.76.203.219

🇵🇦 190.34.133.226

🇩🇪 156.236.31.85

🇹🇼 111.70.23.251

🇮🇪 20.105.65.67

🇺🇸 2604:a880:400:d1:0:4:9e8c:a001

🇻🇳 113.190.34.180

🇰🇷 110.15.180.184

🇰🇷 110.10.176.51

🇳🇱 107.150.22.227

🇹🇼 103.159.89.120

🇮🇳 103.70.40.36