AbuseIPDB » 167.94.138.118

167.94.138.118 was found in our database!

This IP was reported 4,984 times. Confidence of Abuse is 0%: ?

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	scanner-27.ch1.censys-scanner.com
Domain Name	censys.com
Country	United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Important Note: 167.94.138.118 is an IP address from within our whitelist belonging to the subnet 167.94.138.0/24, which we identify as: "Censys (https://about.censys.io/)".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 167.94.138.118

Whois 167.94.138.118

IP Abuse Reports for 167.94.138.118:

This IP address has been reported a total of 4,984 times from 577 distinct sources. 167.94.138.118 was first reported on March 20th 2023, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
sid3windr	2025-06-20 18:36:23 (2 hours ago)	SSH port scan (Tarpitted for 20s, wasted 19B)	Port Scan SSH
MPL	2025-06-20 17:35:57 (3 hours ago)	tcp ports: 26,5533 (18 or more attempts)	Port Scan
webbfabriken	2025-06-20 13:27:02 (7 hours ago)	spam or other hacking activities reported by webbfabriken security servers Attack reported by ... show morespam or other hacking activities reported by webbfabriken security servers Attack reported by Webbfabriken Security API - WFSecAPI show less	Web Spam
rtbh.com.tr	2025-06-20 12:07:15 (8 hours ago)	list.rtbh.com.tr report: tcp/111	Brute-Force
azminawwar	2025-06-20 10:03:15 (10 hours ago)	[Honey-SG1] 167.94.138.118 triggered Icarus honeypot on port 143.	Port Scan Hacking
georgengelmann	2025-06-20 07:25:02 (13 hours ago)	Blaster, Trojan from scanner-27.ch1.censys-scanner.com port 56012	Hacking
security.rdmc.fr	2025-06-20 07:05:16 (13 hours ago)	IP in Malicious Database	Web App Attack
Anonymous	2025-06-20 06:56:34 (13 hours ago)	Hit honeypot r.	Port Scan Hacking Exploited Host
DXC-0	2025-06-20 03:02:50 (17 hours ago)	Multiple attacks on Honeypot servers	Web Spam Hacking Brute-Force Web App Attack
Study Bitcoin 🤗	2025-06-20 01:37:05 (19 hours ago)	Port probe to tcp/25 (smtp) [srv134]	Email Spam Port Scan
mkaraki	2025-06-20 01:02:07 (19 hours ago)	1750381325 # Service_probe # SIGNATURE_SEND # source_ip:167.94.138.118 # dst_port:8732 ...	Port Scan
nfsec.pl	2025-06-19 23:26:06 (21 hours ago)	Detected: TCP scan on port: 8080 with flags: SYN	Port Scan
COMPLEX	2025-06-19 23:12:42 (21 hours ago)	Honeypot [1]: Empty payload (likely service probe); 8089 [1] TCP	Port Scan
Sawasdee	2025-06-19 22:50:10 (21 hours ago)	Port Scan ...	Port Scan
Tamsweb	2025-06-19 21:12:01 (23 hours ago)	Unauthorized connection attempt or scan from 167.94.138.118 on port 56612 ...	Port Scan

Showing 1 to 15 of 4984 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

81.30.107.153

49.213.166.180

34.218.77.152

218.156.176.223

162.216.149.241

167.94.145.83

205.210.31.248

113.141.178.116

117.196.200.213

162.216.149.165

186.91.113.188

172.245.42.201

180.184.52.206

184.181.74.4

49.12.97.198

51.178.141.32

202.142.173.162

186.233.115.229

159.89.30.191

172.208.49.78