AbuseIPDB » 167.94.138.53

167.94.138.53 was found in our database!

This IP was reported 5,040 times. Confidence of Abuse is 0%: ?

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	scanner-07.ch1.censys-scanner.com
Domain Name	censys.com
Country	United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Important Note: 167.94.138.53 is an IP address from within our whitelist belonging to the subnet 167.94.138.0/24, which we identify as: "Censys (https://about.censys.io/)".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 167.94.138.53

Whois 167.94.138.53

IP Abuse Reports for 167.94.138.53:

This IP address has been reported a total of 5,040 times from 613 distinct sources. 167.94.138.53 was first reported on March 27th 2023, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
llighthunter	2025-07-10 06:21:17 (1 hour ago)	Jul 10 09:21:12 mail postfix/submission/smtpd[22074]: lost connection after UNKNOWN from unknown[167 ... show moreJul 10 09:21:12 mail postfix/submission/smtpd[22074]: lost connection after UNKNOWN from unknown[167.94.138.53] Jul 10 09:21:14 mail postfix/submission/smtpd[22074]: lost connection after UNKNOWN from unknown[167.94.138.53] show less	Hacking SSH
6o6ep	2025-07-10 00:06:55 (7 hours ago)	Automatic report from firewall log. Connection attempt to port 443	Port Scan Hacking Brute-Force Web App Attack
security.rdmc.fr	2025-07-09 22:19:16 (9 hours ago)	IP in Malicious Database	Web App Attack
georgengelmann	2025-07-09 21:57:02 (9 hours ago)	Telnet intrusion attempt from scanner-07.ch1.censys-scanner.com port 47060	Brute-Force SSH
marcel-knorr.de	2025-07-09 21:04:41 (10 hours ago)	[MK-Root1] Blocked by UFW	Port Scan Brute-Force
Study Bitcoin 🤗	2025-07-09 12:10:07 (19 hours ago)	6 port probes: 6x tcp/44324 [ros]	Port Scan
mkaraki	2025-07-09 09:46:18 (21 hours ago)	1752054375 # Service_probe # SIGNATURE_SEND # source_ip:167.94.138.53 # dst_port:55307 ...	Port Scan
Anonymous	2025-07-09 09:26:46 (22 hours ago)	attempts to hack passwords	Port Scan Brute-Force
oonux.net	2025-07-09 08:56:40 (22 hours ago)	RouterOS: Scanning detected TCP 167.94.138.53:58396 > x.x.x.x:8005	Port Scan
dusfor72	2025-07-09 08:12:04 (23 hours ago)	aggressive portscan ...	Port Scan
QUADEMU Abuse Dpt	2025-07-09 06:53:06 (1 day ago)	Noxious/Nuisible/вредоносный Host.	Port Scan Exploited Host
Sawasdee	2025-07-09 05:12:57 (1 day ago)	Port Scan ...	Port Scan
Anonymous	2025-07-09 04:44:27 (1 day ago)	Port Scan detected from 167.94.138.53 (US/United States/scanner-07.ch1.censys-scanner.com). 5 hits ... show morePort Scan detected from 167.94.138.53 (US/United States/scanner-07.ch1.censys-scanner.com). 5 hits in the last 20 seconds show less	Port Scan Brute-Force
public csirt	2025-07-09 04:19:17 (1 day ago)	Honeypot hit: Empty payload (likely service probe); 8007 [3] TCP	Port Scan
webnestify	2025-07-09 03:51:34 (1 day ago)	[Webnestify Honeypot - Europe] Unauthorized connection attempt on port 222.	Port Scan Hacking Brute-Force

Showing 1 to 15 of 5040 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

205.210.31.78

18.222.192.238

45.146.130.113

20.74.223.225

175.100.24.139

196.251.116.16

103.139.10.49

164.92.68.192

180.184.178.165

167.94.146.29

8.219.113.88

43.224.248.187

50.87.144.101

103.243.44.27

8.211.33.23

117.50.115.41

162.216.149.202

188.243.9.80

205.210.31.153

112.86.225.23