JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 8.138.238.164

8.138.238.164 was found in our database!

This IP was reported 51 times. Confidence of Abuse is 100%: ?

100%

ISP	Aliyun Computing Co.LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37963
Domain Name	alibabacloud.com
Country	🇨🇳 China
City	Guangzhou, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 8.138.238.164

Whois 8.138.238.164

IP Abuse Reports for 8.138.238.164:

This IP address has been reported a total of 51 times from 49 distinct sources. 8.138.238.164 was first reported on June 5th 2026, and the most recent report was 25 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇰 HILKA	2026-06-14 06:30:32 (25 minutes ago)	Automatic report from HLK firewall log.	Port Scan Hacking Brute-Force
🇦🇹 vikal	2026-06-14 03:55:04 (3 hours ago)	8.138.238.164 - - [14/Jun/2026:05:55:03 +0200] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 ... show more 8.138.238.164 - - [14/Jun/2026:05:55:03 +0200] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 (compatible; Scanner/1.0)" ... show less	Brute-Force SSH
🇹🇼 tyetriiix	2026-06-13 15:52:23 (15 hours ago)	Wazuh Alert Evidence: 8.138.238.164 - - [13/Jun/2026:15:52:20 +0000] "GET /.git/config HTTP/1.1" 404 ... show more Wazuh Alert Evidence: 8.138.238.164 - - [13/Jun/2026:15:52:20 +0000] "GET /.git/config HTTP/1.1" 404 146 "-" "Mozilla/5.0 (compatible; Scanner/1.0)" "-" Origin: "-" CORS_Header: "-" Sent_allow_origin: "-" show less	Web App Attack
🇫🇷 cityhunter_rhone	2026-06-12 21:06:07 (1 day ago)	Fail2Ban offender in jail [recidive] — 2 total attempts — tracked by mercurius-guide.com security sy ... show more Fail2Ban offender in jail [recidive] — 2 total attempts — tracked by mercurius-guide.com security system. show less	SSH Brute-Force
🇺🇸 OceanTreasure	2026-06-12 12:55:12 (1 day ago)	tcp/80; Git configuration exposure attempt: "GET /.git/config" @ 2026-06-12T12:49:58Z [azure]	Web App Attack
Anonymous	2026-06-12 09:05:41 (1 day ago)	8.138.238.164 - - [12/Jun/2026:09:05:40 +0000] "GET /.git/config HTTP/1.1" 404 400 "-" "Mozilla/5.0 ... show more 8.138.238.164 - - [12/Jun/2026:09:05:40 +0000] "GET /.git/config HTTP/1.1" 404 400 "-" "Mozilla/5.0 (compatible; Scanner/1.0)" ... show less	Bad Web Bot Web App Attack
🇳🇱 myip.foo	2026-06-12 07:54:12 (1 day ago)	[myip.foo] 8.138.238.164 - - [12/Jun/2026:07:54:11 +0000] "GET /.git/config HTTP/1.1" 404 146 "-" "M ... show more [myip.foo] 8.138.238.164 - - [12/Jun/2026:07:54:11 +0000] "GET /.git/config HTTP/1.1" 404 146 "-" "Mozilla/5.0 (compatible; Scanner/1.0)" show less	Bad Web Bot Web App Attack
🇫🇷 Vaction	2026-06-12 06:56:08 (2 days ago)	8.138.238.164 - - [12/Jun/2026:08:56:08 +0200] "GET /.git/config HTTP/1.1" 404 400 "-" "Mozilla/5.0 ... show more 8.138.238.164 - - [12/Jun/2026:08:56:08 +0200] "GET /.git/config HTTP/1.1" 404 400 "-" "Mozilla/5.0 (compatible; Scanner/1.0)" show less	Hacking Bad Web Bot Web App Attack
🇬🇧 Interceptor_HQ	2026-06-12 05:58:17 (2 days ago)	request_uri: /.git/config -- automatic report --	Brute-Force Hacking
🇸🇪 donarev419	2026-06-12 05:39:58 (2 days ago)	Connection to port 80 with data transfer. Data preview: GET /.git/config HTTP/1.1 Host: 51.21.134.1 ... show more Connection to port 80 with data transfer. Data preview: GET /.git/config HTTP/1.1 Host: 51.21.134.169 User-Agent: Mozilla/5.0 (compatible; Scanner/1.0) A show less	Port Scan Hacking
🇳🇱 ParaBug	2026-06-12 05:32:57 (2 days ago)	8.138.238.164 - - [12/Jun/2026:07:32:57 +0200] "GET /.git/config HTTP/1.1" 403 403 "-" "Mozilla/5.0 ... show more 8.138.238.164 - - [12/Jun/2026:07:32:57 +0200] "GET /.git/config HTTP/1.1" 403 403 "-" "Mozilla/5.0 (compatible; Scanner/1.0)" ... show less	Phishing Brute-Force Web App Attack
🇩🇪 ManagedStack	2026-06-11 20:30:03 (2 days ago)	Probing access to unauthorized locations	Hacking Exploited Host Web App Attack
🇩🇪 iRaphi05	2026-06-11 11:10:14 (2 days ago)	Honeypot detection: GET request on /.git/config \| User-Agent: Mozilla/5.0 (compatible; Scanner/1.0)	Hacking Web App Attack
Anonymous	2026-06-11 11:07:36 (2 days ago)	[Thu Jun 11 13:07:35.491805 2026] [:error] [pid 719277:tid 719277] [client 8.138.238.164:49202] ModS ... show more [Thu Jun 11 13:07:35.491805 2026] [:error] [pid 719277:tid 719277] [client 8.138.238.164:49202] ModSecurity: Warning. Matched "Operator `PmFromFile' with parameter `restricted-files.data' against variable `REQUEST_FILENAME' (Value: `/.git/config' ) [file "/usr/local/modsecurity-crs/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "131"] [id "930130"] [rev ""] [msg "Restricted File Access Attempt"] [data "Matched Data: .git/ found within REQUEST_FILENAME: /.git/config"] [severity "2"] [ver "OWASP_CRS/4.28.0-dev"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/ATTACK-LFI"] [tag "capec/1000/255/153/126"] [uri "/.git/config"] [unique_id "178117605558.705793"] [ref "o1,5v4,12t:utf8toUnicode,t:urlDecodeUni,t:normalizePathWin"] [Thu Jun 11 13:07:36.075526 2026] [:error] [pid 726302:tid 726302] [client 8.138.238.164:41404] ModSecurity: ... show less	Web App Attack
🇫🇮 smallhost_helsinki	2026-06-11 10:46:22 (2 days ago)	Tried to access non existent path: /.git	Web App Attack

Showing 1 to 15 of 51 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 171.217.40.172

🇹🇼 101.13.5.26

🇱🇹 81.30.98.144

🇩🇪 69.5.169.4

🇩🇪 69.5.169.3

🇲🇽 200.77.172.159

🇧🇪 198.235.24.171

🇫🇷 185.190.142.15

🇺🇸 172.184.175.144

🇺🇸 162.216.150.89

🇮🇳 103.68.52.210

🇺🇸 74.82.47.62

🇮🇩 69.5.23.222

🇫🇮 45.154.244.2

🇩🇪 207.154.209.254

🇳🇿 203.211.78.213

🇪🇨 186.47.139.75

🇻🇳 103.56.161.126

🇹🇼 101.13.4.128

🇵🇹 89.153.125.230