AbuseIPDB » 167.94.138.189

167.94.138.189 was found in our database!

This IP was reported 4,056 times. Confidence of Abuse is 0%: ?

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Domain Name	censys.com
Country	United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Important Note: 167.94.138.189 is an IP address from within our whitelist belonging to the subnet 167.94.138.0/24, which we identify as: "Censys (https://about.censys.io/)".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 167.94.138.189

Whois 167.94.138.189

IP Abuse Reports for 167.94.138.189:

This IP address has been reported a total of 4,056 times from 473 distinct sources. 167.94.138.189 was first reported on October 17th 2024, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
yangfan	2025-07-11 11:06:03 (4 hours ago)	UFW Blocked [842/TCP] Source: 167.94.138.189:38424 TTL: 57 Lenth: 60 TOS: 0x ... show moreUFW Blocked [842/TCP] Source: 167.94.138.189:38424 TTL: 57 Lenth: 60 TOS: 0x00 show less	Port Scan
MPL	2025-07-11 09:30:27 (5 hours ago)	tcp/26 (6 or more attempts)	Port Scan
KPS	2025-07-11 08:18:44 (6 hours ago)	PortscanM	Port Scan
mkaraki	2025-07-11 08:07:13 (7 hours ago)	1752221231 # Service_probe # SIGNATURE_SEND # source_ip:167.94.138.189 # dst_port:49150 ...	Port Scan
VMHeaven.io	2025-07-11 08:06:31 (7 hours ago)	Blocked by UFW [81/tcp] Source port: 54704 TTL: 46 Packet length: 60	Port Scan
dusfor72	2025-07-11 07:58:21 (7 hours ago)	aggressive portscan ...	Port Scan
Anonymous	2025-07-11 07:13:04 (8 hours ago)	Shorewall log file match.	Port Scan
gu-alvareza	2025-07-11 07:05:02 (8 hours ago)	Censys.io.Scanner	Port Scan
webnestify	2025-07-11 06:37:22 (8 hours ago)	[Webnestify Honeypot - Europe] Unauthorized connection attempt on port 8888.	Port Scan Hacking Brute-Force
Anonymous	2025-07-11 06:22:57 (8 hours ago)	2025-07-11T07:32:41.087398+02:00 aion postfix/smtpd[3431399]: lost connection after STARTTLS from un ... show more2025-07-11T07:32:41.087398+02:00 aion postfix/smtpd[3431399]: lost connection after STARTTLS from unknown[167.94.138.189] 2025-07-11T08:22:56.946981+02:00 aion postfix/smtps/smtpd[3467552]: lost connection after EHLO from unknown[167.94.138.189] ... show less	Hacking Brute-Force
Study Bitcoin 🤗	2025-07-11 06:22:19 (8 hours ago)	Port probe to tcp/8091 [srv128]	Port Scan
Study Bitcoin 🤗	2025-07-11 05:50:35 (9 hours ago)	Port probe to tcp/12322 [srv131]	Port Scan
Sawasdee	2025-07-11 04:14:38 (11 hours ago)	Port Scan ...	Port Scan
public csirt	2025-07-11 01:04:05 (14 hours ago)	Honeypot hit: Empty payload (likely service probe); 8902 [1] TCP	Port Scan
StatsMe	2025-07-10 21:18:38 (17 hours ago)	2025-07-10T13:23:46.631088+0300 ET DROP Dshield Block Listed Source group 1	Port Scan Hacking Spoofing Brute-Force

Showing 1 to 15 of 4056 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

5.11.143.72

103.77.247.203

36.66.16.233

193.32.162.157

108.162.249.35

216.24.210.71

96.78.177.249

122.160.142.194

50.6.195.35

35.203.211.83

103.75.139.17

14.103.118.150

147.185.132.176

210.121.5.58

82.65.121.222

107.150.117.187

103.36.84.107

45.79.204.222

205.210.31.71

188.166.247.75