AbuseIPDB » 167.94.138.167

167.94.138.167 was found in our database!

This IP was reported 2,917 times. Confidence of Abuse is 0%: ?

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Domain Name	censys.com
Country	United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Important Note: 167.94.138.167 is an IP address from within our whitelist belonging to the subnet 167.94.138.0/24, which we identify as: "Censys (https://about.censys.io/)".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 167.94.138.167

Whois 167.94.138.167

IP Abuse Reports for 167.94.138.167:

This IP address has been reported a total of 2,917 times from 442 distinct sources. 167.94.138.167 was first reported on October 17th 2024, and the most recent report was 58 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
sefinek.net	2025-07-16 05:07:42 (58 minutes ago)	Honeypot hit: Empty payload (likely service probe); 18244 [4] TCP	Port Scan
Admins@FBN	2025-07-16 04:48:29 (1 hour ago)	Threat Host blocked...	Web Spam Email Spam Port Scan Hacking Exploited Host
Anonymous	2025-07-16 02:10:05 (3 hours ago)		Hacking
Crxa	2025-07-16 02:00:40 (4 hours ago)	Blocked by UFW on homeserver [31746/tcp] Source port: 34418 TTL: 52 Packet length: ... show moreBlocked by UFW on homeserver [31746/tcp] Source port: 34418 TTL: 52 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
axiomofchoice.xyz	2025-07-15 22:34:38 (7 hours ago)	endlessh trap: attempts=4 total_time_stuck=90.108s	Port Scan Hacking SSH
ThreatBook.io	2025-07-15 22:33:48 (7 hours ago)	ThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/167.94.138.167<br / ... show moreThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/167.94.138.167 2025-07-15 01:00:49 * 2025-07-15 01:01:11 /security.txt 2025-07-15 00:59:14 / 2025-07-15 00:59:51 * show less	Web App Attack
mailox	2025-07-15 15:48:02 (14 hours ago)	Unauthorized SSH connection on tarpit ...	SSH
mkaraki	2025-07-15 14:48:29 (15 hours ago)	1752590905 # Service_probe # SIGNATURE_SEND # source_ip:167.94.138.167 # dst_port:102 ...	Port Scan
Study Bitcoin 🤗	2025-07-15 12:14:58 (17 hours ago)	Port probe to tcp/6333 [srv135]	Port Scan
Anonymous	2025-07-15 10:25:50 (19 hours ago)	Excessive crawling/scraping	Hacking Brute-Force
azminawwar	2025-07-15 09:27:33 (20 hours ago)	[Honey-SG1] 167.94.138.167 triggered Icarus honeypot on port 445.	Port Scan Hacking
sefinek.net	2025-07-15 09:19:52 (20 hours ago)	Honeypot hit: Empty payload (likely service probe); 3829 [3] TCP	Port Scan
Parth Maniar	2025-07-15 07:05:40 (23 hours ago)	This IP address carried out 4 port scanning attempts on 14-07-2025. For more information or to repor ... show moreThis IP address carried out 4 port scanning attempts on 14-07-2025. For more information or to report interesting / incorrect findings, give me a shoutout @parthmaniar on Twitter. show less	Port Scan SSH
gu-alvareza	2025-07-15 07:05:04 (23 hours ago)	Censys.io.Scanner	Port Scan
JCB	2025-07-15 06:58:00 (23 hours ago)	167.94.138.167 - - [15/Jul/2025:00:48:10 +0300] "PRI * HTTP/2.0" 400 226 "-" "-" 167.94.138.1 ... show more167.94.138.167 - - [15/Jul/2025:00:48:10 +0300] "PRI * HTTP/2.0" 400 226 "-" "-" 167.94.138.167 - - [15/Jul/2025:00:49:57 +0300] "GET /wiki HTTP/1.1" 404 196 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" show less	Hacking Bad Web Bot Web App Attack