JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 198.37.109.208

198.37.109.208 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 0%: ?

ISP	Tier.Net Technologies LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS397423
Domain Name	tier.net
Country	🇺🇸 United States of America
City	Charlotte, North Carolina

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 198.37.109.208

Whois 198.37.109.208

IP Abuse Reports for 198.37.109.208:

This IP address has been reported a total of 12 times from 5 distinct sources. 198.37.109.208 was first reported on December 14th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 HandyTreff.de	2026-02-04 12:03:39 (4 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -21.115 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -21.115 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Sa show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 20:01:10 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 198.37.109.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 198.37.109.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 15:01:01.801236 2026] [security2:error] [pid 10217:tid 10217] [client 198.37.109.208:40107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/wp-config.php.bak"] [unique_id "aWvqfVXh3t18hcsfQxJZYwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 19:11:58 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 198.37.109.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 198.37.109.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 14:10:30.025322 2025] [security2:error] [pid 22842:tid 23028] [client 198.37.109.208:46761] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.com"] [uri "/htaccess_for_page_not_found_redirects.htaccess"] [unique_id "aVLSJlKoonkfA7MmLZcZrAAAARY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 22:34:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 198.37.109.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 198.37.109.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:34:47.309934 2025] [security2:error] [pid 15829:tid 15829] [client 198.37.109.208:40803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.farmers123.com"] [uri "/.env.dev"] [unique_id "aS9ph6n1LSVN9r2TmhzI-gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-29 09:55:42 (6 months ago)	(mod_security) mod_security (id:211190) triggered by 198.37.109.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 198.37.109.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 29 04:55:35.898516 2025] [security2:error] [pid 29290:tid 29439] [client 198.37.109.208:33517] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /log_download.cgi?type=../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kettlehill.net"] [uri "/log_download.cgi"] [unique_id "aSrDF7IpbMsELiP_zDf0XwAAARY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-01 14:26:33 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 198.37.109.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 198.37.109.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 01 10:26:27.441041 2025] [security2:error] [pid 8590:tid 8622] [client 198.37.109.208:57901] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kettlehill.net"] [uri "/.svn/wc.db"] [unique_id "aQYYk3l6EaMmM6sQysSJ-QAAAM4"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇬 raramos	2025-08-07 19:00:07 (10 months ago)	[SMB remote code execution attempt: port tcp/445] in blocklist.de:'listed [pop3]' in SpamCop:'listed ... show more [SMB remote code execution attempt: port tcp/445] in blocklist.de:'listed [pop3]' in SpamCop:'listed' in sorbs:'listed [web], [spam]' in Unsubscore:'listed' *(RWIN=8192)(04:10) show less	Web Spam Email Spam Port Scan Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-08-05 22:03:46 (10 months ago)	(mod_security) mod_security (id:210730) triggered by 198.37.109.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 198.37.109.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 05 18:03:41.260598 2025] [security2:error] [pid 7001:tid 7001] [client 198.37.109.208:33805] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|nbcnewsradio.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nbcnewsradio.com"] [uri "/errors.log"] [unique_id "aJJ_vcM9_wRtYJQvvJtSSwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:56:04 (10 months ago)	(mod_security) mod_security (id:221260) triggered by 198.37.109.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 198.37.109.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:55:54.054169 2025] [security2:error] [pid 404372:tid 404538] [client 198.37.109.208:54807] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|cpanel.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kettlehill.com"] [uri "/cgi-bin/stats"] [unique_id "aIV5GhTdKN3sxMPXSjT6xgAAAQs"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 20:16:22 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 198.37.109.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 198.37.109.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 16:16:09.303861 2025] [security2:error] [pid 3419948:tid 3419948] [client 198.37.109.208:36221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.farmers123.com"] [uri "/.env.whm"] [unique_id "aDjAiThsG920LU4KwqqA-wAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-15 02:50:17 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇩🇪 nyuuzyou	2024-12-14 04:31:41 (1 year ago)	Intensive scraping: /web?s=Tax%20preparation%20services%20McCook&scraper=wiby. User-Agent: Mozilla/5 ... show more Intensive scraping: /web?s=Tax%20preparation%20services%20McCook&scraper=wiby. User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68. show less	Bad Web Bot

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 213.152.185.117

🇯🇵 203.25.124.230

🇷🇺 193.37.69.113

🇧🇷 187.50.226.182

🇨🇳 175.9.132.41

🇧🇩 103.131.144.53

🇺🇸 91.230.168.114

🇳🇱 91.92.42.227

🇲🇾 47.254.192.213

🇭🇰 46.247.61.149

🇵🇰 39.63.190.166

🇮🇳 152.59.142.125

🇹🇭 110.77.131.229

🇫🇷 82.102.18.126

🇺🇸 64.62.156.128

🇭🇰 43.155.21.198

🇰🇷 211.253.31.30

🇨🇳 123.158.52.73

🇺🇸 103.143.10.140

🇱🇻 81.30.98.158