JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 198.37.109.113

198.37.109.113 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 0%: ?

ISP	Tier.Net Technologies LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS397423
Domain Name	tier.net
Country	🇺🇸 United States of America
City	Charlotte, North Carolina

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 198.37.109.113

Whois 198.37.109.113

IP Abuse Reports for 198.37.109.113:

This IP address has been reported a total of 7 times from 4 distinct sources. 198.37.109.113 was first reported on January 17th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-27 02:38:06 (4 months ago)	(mod_security) mod_security (id:212620) triggered by 198.37.109.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212620) triggered by 198.37.109.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 21:37:11.242260 2026] [security2:error] [pid 16656:tid 16678] [client 198.37.109.113:56707] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|www.kettlehill.com\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /?ct_mobile_keyword&ct_keyword&ct_city&ct_zipcode&search-listings=true&ct_price_from&ct_price_to&ct_beds_plus&ct_baths_plus&ct_sqft_from&ct_sqft_to&ct_lotsize_from&ct_lotsize_to&ct_year_from&ct_year_to&ct_community=<script>alert(document.domain);</script>&ct_mls&ct_brokerage=0&lat&lng"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "www.kettlehill.com"] [uri "/"] [unique_id "aXgk1z4D1upuVdMC6K72IAAAAFM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 09:22:43 (7 months ago)	(mod_security) mod_security (id:211070) triggered by 198.37.109.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211070) triggered by 198.37.109.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 04:22:37.598084 2025] [security2:error] [pid 1665:tid 1665] [client 198.37.109.113:38749] ModSecurity: Access denied with code 403 (phase 1). Pattern match "," at REQUEST_HEADERS:Transfer-Encoding. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "38"] [id "211070"] [rev "1"] [msg "COMODO WAF: HTTP Request Smuggling Attack.\|\|ftp.nbcnewsradio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/tmui/login.jsp"] [unique_id "aRWjXRmm7TnluWMA0rmwJQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dpsbs	2025-10-14 11:35:56 (8 months ago)	multiple ips intrustions detected	Hacking
🇺🇸 TPI-Abuse	2025-07-27 00:05:58 (10 months ago)	(mod_security) mod_security (id:211070) triggered by 198.37.109.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211070) triggered by 198.37.109.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:04:03.346156 2025] [security2:error] [pid 24709:tid 24770] [client 198.37.109.113:45707] ModSecurity: Access denied with code 403 (phase 1). Pattern match "," at REQUEST_HEADERS:Transfer-Encoding. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "38"] [id "211070"] [rev "1"] [msg "COMODO WAF: HTTP Request Smuggling Attack.\|\|whm.kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "whm.kettlehill.net"] [uri "/tmui/login.jsp"] [unique_id "aIVs8yLBaxayrfPM3JFJJgAAAEM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-07-16 20:30:10 (11 months ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 20:52:21 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 198.37.109.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 198.37.109.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 16:52:16.053267 2025] [security2:error] [pid 3489061:tid 3489061] [client 198.37.109.113:48759] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.farmers123.com"] [uri "/.env.backup"] [unique_id "aDjJAJZtwAbTtq7PjaXPaQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-17 15:51:09 (1 year ago)	\| Shellshock attack detected	Hacking SQL Injection Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇰 188.44.20.33

🇨🇳 122.224.240.99

🇳🇱 176.65.139.181

🇿🇦 102.209.184.46

🇫🇷 85.217.140.49

🇺🇸 71.6.134.235

🇺🇸 71.6.134.234

🇫🇷 64.204.13.215

🇩🇪 45.43.62.37

🇨🇳 8.153.38.116

🇯🇵 194.5.48.104

🇭🇰 152.32.240.167

🇮🇳 123.108.206.3

🇺🇸 91.230.168.228

🇺🇸 47.251.59.83

🇹🇷 212.252.73.26

🇺🇸 207.90.244.17

🇩🇪 185.220.100.251

🇨🇳 123.182.51.133

🇻🇳 103.176.20.115