JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 198.37.99.234

198.37.99.234 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 0%: ?

ISP	Tier.Net Technologies LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS397423
Domain Name	tier.net
Country	🇺🇸 United States of America
City	Charlotte, North Carolina

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 198.37.99.234

Whois 198.37.99.234

IP Abuse Reports for 198.37.99.234:

This IP address has been reported a total of 7 times from 2 distinct sources. 198.37.99.234 was first reported on February 27th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-04-01 14:27:00 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 198.37.99.234 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 198.37.99.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 10:26:52.637036 2026] [security2:error] [pid 31043:tid 31074] [client 198.37.99.234:56903] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kettlehill.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ac0rLM4zrSKdmLxn1buGJgAAAJM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 18:52:21 (5 months ago)	(mod_security) mod_security (id:211190) triggered by 198.37.99.234 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211190) triggered by 198.37.99.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 13:51:52.468977 2025] [security2:error] [pid 22839:tid 22979] [client 198.37.99.234:34581] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.net"] [uri "/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp"] [unique_id "aVLNyKhQT-NrkrxX7z3DpAAAAFM"], referer: http://ftp.kettlehill.net/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 00:44:06 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 198.37.99.234 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 198.37.99.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 19:43:59.760148 2025] [security2:error] [pid 6324:tid 6337] [client 198.37.99.234:57709] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.staging.kettlehill.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "staging.kettlehill.com"] [uri "/roundcube/logs/errors.log"] [unique_id "aSjwT0GaXWDiAoD3IleAIgAAAUM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 09:29:31 (6 months ago)	(mod_security) mod_security (id:211190) triggered by 198.37.99.234 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211190) triggered by 198.37.99.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 04:29:24.926690 2025] [security2:error] [pid 16617:tid 16617] [client 198.37.99.234:58125] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /page/sl_logdl?dcfct=DCMlog.download_log&dbkey%3Asyslog.rlog=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/page/sl_logdl"] [unique_id "aRWk9BlzswadKC9RTt4RXgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 01:07:50 (10 months ago)	(mod_security) mod_security (id:211190) triggered by 198.37.99.234 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211190) triggered by 198.37.99.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:07:45.048372 2025] [security2:error] [pid 653296:tid 653315] [client 198.37.99.234:60103] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_hsconfig&controller=../../../../../../../../../../etc/passwd%00"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/index.php"] [unique_id "aIV74b5epZI5Xx2m9sk3XQAAAUc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 00:12:09 (1 year ago)	(mod_security) mod_security (id:220150) triggered by 198.37.99.234 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:220150) triggered by 198.37.99.234 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 20:12:01.797201 2025] [security2:error] [pid 3817986:tid 3817986] [client 198.37.99.234:37185] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\.{0,399}\\\\*\\\\/)?select)" at ARGS:id. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)\|\|mail.farmers123.com\|F\|2"] [data "-1unionselectmd5(999999999)#"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mail.farmers123.com"] [uri "/admin/ajax/avatar.php"] [unique_id "aDj30ZEPViY7NWyECwsAUQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-02-27 17:20:11 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 202.172.25.51

🇬🇧 194.50.235.131

🇪🇨 193.30.14.163

🇧🇷 168.194.18.187

🇺🇸 149.72.240.239

🇩🇪 148.251.18.107

🇮🇳 116.73.240.74

🇺🇸 48.216.242.171

🇧🇪 34.118.255.235

🇷🇺 5.102.158.107

🇪🇬 197.51.116.100

🇧🇷 189.23.205.242

🇬🇧 185.247.137.118

🇮🇶 185.244.154.66

🇲🇩 176.123.2.115

🇩🇪 148.251.108.1

🇨🇳 120.48.7.234

🇻🇳 115.75.178.122

🇺🇸 65.49.1.192

🇳🇱 45.148.10.152