JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.104.167.38

178.104.167.38 was found in our database!

This IP was reported 329 times. Confidence of Abuse is 100%: ?

100%

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Hostname(s)	static.38.167.104.178.clients.your-server.de
Domain Name	hetzner.com
Country	🇩🇪 Germany
City	Nurnberg, Bavaria

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.104.167.38

Whois 178.104.167.38

IP Abuse Reports for 178.104.167.38:

This IP address has been reported a total of 329 times from 110 distinct sources. 178.104.167.38 was first reported on May 19th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-03 10:43:00 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-06-03 08:10:03 (1 day ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot
🇫🇷 ELYAZ	2026-06-03 08:06:53 (1 day ago)	(y4) Failed scan -byebye- from 178.104.167.38 (DE/Germany/static.38.167.104.178.clients.your-server. ... show more (y4) Failed scan -byebye- from 178.104.167.38 (DE/Germany/static.38.167.104.178.clients.your-server.de): (CF_ENABLE) show less	Hacking
Anonymous	2026-06-03 08:01:27 (1 day ago)	2026-06-03T10:01:26.879114+02:00 zanati wp(sahpa.co.za)[3235796]: Blocked user enumeration attempt f ... show more 2026-06-03T10:01:26.879114+02:00 zanati wp(sahpa.co.za)[3235796]: Blocked user enumeration attempt from 178.104.167.38 ... show less	Web App Attack
🇩🇪 FeG Deutschland	2026-06-03 00:45:25 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TAY	2026-06-02 16:01:10 (2 days ago)	178.104.167.38 - - [02/Jun/2026:23:52:47 +0800] "POST /wp-login.php HTTP/1.1" 200 2675 "https://litt ... show more 178.104.167.38 - - [02/Jun/2026:23:52:47 +0800] "POST /wp-login.php HTTP/1.1" 200 2675 "https://littleprairie.com.my/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 178.104.167.38 - - [03/Jun/2026:00:00:34 +0800] "POST /wp-login.php HTTP/1.1" 200 2676 "https://littleprairie.com.my/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 178.104.167.38 - - [03/Jun/2026:00:00:59 +0800] "POST /wp-login.php HTTP/1.1" 200 2675 "https://littleprairie.com.my/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force
🇫🇷 solution.it	2026-06-02 15:43:43 (2 days ago)	[Tue Jun 02 17:43:42.584595 2026] [php7:error] [pid 510758:tid 510758] [client 178.104.167.38:60034] ... show more [Tue Jun 02 17:43:42.584595 2026] [php7:error] [pid 510758:tid 510758] [client 178.104.167.38:60034] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat show less	Web App Attack
🇩🇪 BlueWire Hosting	2026-06-02 14:53:28 (2 days ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇩🇪 nyt	2026-06-02 14:05:16 (2 days ago)	Repeated WordPress login POSTs blocked by WAF (3 in 6h)	Brute-Force Web App Attack
🇩🇪 Marc	2026-06-02 11:18:18 (2 days ago)	178.104.167.38 - - [02/Jun/2026:12:13:35 +0200] "GET /wp-login.php HTTP/2.0" 200 3978 "-" "Mozilla/5 ... show more 178.104.167.38 - - [02/Jun/2026:12:13:35 +0200] "GET /wp-login.php HTTP/2.0" 200 3978 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 178.104.167.38 - - [02/Jun/2026:12:13:35 +0200] "POST /wp-login.php HTTP/2.0" 403 11120 "https://saatschule.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 178.104.167.38 - - [02/Jun/2026:12:52:15 +0200] "GET /wp-login.php HTTP/2.0" 200 3351 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 178.104.167.38 - - [02/Jun/2026:12:52:16 +0200] "POST /wp-login.php HTTP/2.0" 200 3291 "https://alsarnsberg.eu/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 178.104.167.38 - - [02/Jun/2026:13:18:17 +0200] "GET /wp-login.php HTTP/2.0" 200 3351 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_10) AppleWebKit/537.36 show less	Brute-Force Web App Attack
🇩🇪 Martin Lundstrom	2026-06-02 10:44:43 (2 days ago)	https://www.eagleeye-intelligence.com — WordPress attack. Automatically detected and blocked.	Web App Attack
🇺🇸 mind5t0rm	2026-06-02 10:39:04 (2 days ago)	(WPLOGIN) WP Login Attack 178.104.167.38 (DE/Germany/static.38.167.104.178.clients.your-server.de): ... show more (WPLOGIN) WP Login Attack 178.104.167.38 (DE/Germany/static.38.167.104.178.clients.your-server.de): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 178.104.167.38 - - [02/Jun/2026:16:55:39 +0700] "GET /wp-login.php HTTP/2.0" 200 3163 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 178.104.167.38 - - [02/Jun/2026:16:55:41 +0700] "POST /wp-login.php HTTP/2.0" 200 4114 "https://thevasilis.com/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 178.104.167.38 - - [02/Jun/2026:17:39:02 +0700] "GET /wp-login.php HTTP/2.0" 200 2345 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0" show less	Port Scan
🇺🇸 TAY	2026-06-02 10:10:35 (2 days ago)	178.104.167.38 - - [02/Jun/2026:18:03:25 +0800] "POST /wp-login.php HTTP/1.1" 200 2674 "https://litt ... show more 178.104.167.38 - - [02/Jun/2026:18:03:25 +0800] "POST /wp-login.php HTTP/1.1" 200 2674 "https://littleprairie.com.my/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 178.104.167.38 - - [02/Jun/2026:18:06:36 +0800] "POST /wp-login.php HTTP/1.1" 200 2676 "https://littleprairie.com.my/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 178.104.167.38 - - [02/Jun/2026:18:10:34 +0800] "POST /wp-login.php HTTP/1.1" 200 2674 "https://littleprairie.com.my/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" ... show less	Brute-Force
🇨🇦 KIsmay	2026-06-02 09:51:44 (2 days ago)	Jun 2 04:14:37 www4 WPAudit[351987]: 178.104.167.38 siscobc.com "Mozilla/5.0 (Windows NT 10.0) Appl ... show more Jun 2 04:14:37 www4 WPAudit[351987]: 178.104.167.38 siscobc.com "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" sbd-admin:sbdadmin1212 FAIL Jun 2 04:21:10 www4 WPAudit[362801]: 178.104.167.38 lemoncreekcampground.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" sbd-admin:0sbd-admin FAIL Jun 2 05:30:33 www4 WPAudit[367745]: 178.104.167.38 www.katharinedickerson.com "Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" katharine:com123456 FAIL Jun 2 05:40:16 www4 WPAudit[351987]: 178.104.167.38 siscobc.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" sbd-admin:Welcome@123 FAIL Jun 2 05:51:43 www4 WPAudit[367290]: 178.104.167.38 www.servicesfyi.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" pathwise:q374dm1n ... show less	Brute-Force Web App Attack
🇩🇪 bsoft.de	2026-06-02 09:12:29 (2 days ago)	178.104.167.38 - - [02/Jun/2026:07:23:20 +0200] "GET /wp-login.php HTTP/1.1" 200 2983 "-" "Mozilla/5 ... show more 178.104.167.38 - - [02/Jun/2026:07:23:20 +0200] "GET /wp-login.php HTTP/1.1" 200 2983 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 178.104.167.38 - - [02/Jun/2026:07:23:21 +0200] "POST /wp-login.php HTTP/1.1" 200 3134 "https://kgsjw-freunde.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 178.104.167.38 - - [02/Jun/2026:11:12:28 +0200] "GET /wp-login.php HTTP/1.1" 404 70027 "https://b-kits.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Web App Attack

Showing 1 to 15 of 329 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 92.118.39.62

🇨🇳 183.221.20.144

🇨🇳 180.167.207.234

🇮🇩 103.122.34.142

🇨🇳 27.24.90.94

🇨🇳 223.88.252.204

🇮🇪 52.169.217.131

🇱🇹 45.227.254.170

🇳🇱 176.65.149.194

🇨🇳 101.96.203.52

🇲🇾 47.250.43.66

🇨🇱 200.123.39.150

🇩🇪 167.99.132.8

🇭🇰 161.81.122.148

🇮🇳 103.183.231.137

🇺🇸 62.132.18.53

🇺🇸 20.96.179.87

🇺🇸 20.29.126.217

🇷🇴 2.57.121.112

🇸🇮 176.65.134.20