167.94.138.104

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
167.94.138.155	botsattack	KnownAttacker - BadReputation	2025-07-07 12:50:52
167.94.138.63	botsattackproxy	SSH dictionary attack	2025-06-19 12:58:59
167.94.138.41	attackproxy	VoIP blacklist IP	2025-06-16 12:53:41
167.94.138.120	botsattackproxy	SSH bot	2025-06-03 12:57:02
167.94.138.163	botsattack	Fraud scan	2025-02-07 17:59:37
167.94.138.167	attack	Fraud connect	2025-01-22 13:53:35
167.94.138.147	proxy	VPN fraud	2023-06-07 12:46:29
167.94.138.33	proxy	VPN fraud.	2023-06-07 12:43:58
167.94.138.136	proxy	VPN fraud	2023-06-05 12:53:02
167.94.138.131	proxy	VPN fraud	2023-05-29 13:10:03
167.94.138.124	proxy	VPN fraud	2023-05-29 13:06:05
167.94.138.127	proxy	VPN fraud	2023-05-25 12:38:28
167.94.138.52	proxy	VPN fraud	2023-05-16 12:51:16
167.94.138.152	proxy	Scanner VPN	2023-03-21 13:50:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 167.94.138.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37345
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;167.94.138.104.			IN	A

;; AUTHORITY SECTION:
.			197	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 68 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 09:40:55 CST 2022
;; MSG SIZE  rcvd: 107

Host info

104.138.94.167.in-addr.arpa domain name pointer scanner-02.ch1.censys-scanner.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
104.138.94.167.in-addr.arpa	name = scanner-02.ch1.censys-scanner.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
107.170.196.101	attack	Port scan: Attack repeated for 24 hours	2019-07-11 00:00:21
121.85.16.137	attackbots	23/tcp [2019-07-10]1pkt	2019-07-11 00:12:08
41.77.145.14	attack	Unauthorized connection attempt from IP address 41.77.145.14 on Port 445(SMB)	2019-07-10 23:51:23
103.252.5.93	attackspam	445/tcp [2019-07-10]1pkt	2019-07-11 00:02:42
46.151.255.34	attackspambots	Jul 10 16:34:56 m2 sshd[11010]: Failed password for r.r from 46.151.255.34 port 44040 ssh2 Jul 10 16:34:59 m2 sshd[11010]: Failed password for r.r from 46.151.255.34 port 44040 ssh2 Jul 10 16:35:01 m2 sshd[11010]: Failed password for r.r from 46.151.255.34 port 44040 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=46.151.255.34	2019-07-10 23:41:42
220.235.128.149	attackbots	Jul 8 15:59:18 apex-mail dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=220.235.128.149 user=tupper Jul 8 15:59:29 apex-mail dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=220.235.128.149 user=tupper Jul 8 16:13:27 apex-mail dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=220.235.128.149 user=tupper Jul 8 16:13:37 apex-mail dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=220.235.128.149 user=tupper Jul 8 16:28:49 apex-mail dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=220.235.128.149 user=tupper Jul 8 16:29:02 apex-mail dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=220.235.128.149 user=tupper Jul 8 16:34:45 apex-mail dovecot-auth: pa........ -------------------------------	2019-07-11 00:32:25
71.6.232.6	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-10 23:36:52
106.12.206.253	attackspambots	Jul 8 03:35:04 l01 sshd[545754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.253 user=r.r Jul 8 03:35:06 l01 sshd[545754]: Failed password for r.r from 106.12.206.253 port 52312 ssh2 Jul 8 03:38:26 l01 sshd[546481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.253 user=r.r Jul 8 03:38:28 l01 sshd[546481]: Failed password for r.r from 106.12.206.253 port 55728 ssh2 Jul 8 03:40:18 l01 sshd[546845]: Invalid user emerson from 106.12.206.253 Jul 8 03:40:18 l01 sshd[546845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.206.253 Jul 8 03:40:20 l01 sshd[546845]: Failed password for invalid user emerson from 106.12.206.253 port 44306 ssh2 Jul 8 03:42:09 l01 sshd[547240]: Invalid user fileshare from 106.12.206.253 Jul 8 03:42:09 l01 sshd[547240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 ........ -------------------------------	2019-07-10 23:42:55
122.227.101.105	attack	Lines containing failures of 122.227.101.105 Jul 8 06:41:07 ariston sshd[3379]: Invalid user test2 from 122.227.101.105 port 32966 Jul 8 06:41:07 ariston sshd[3379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.227.101.105 Jul 8 06:41:09 ariston sshd[3379]: Failed password for invalid user test2 from 122.227.101.105 port 32966 ssh2 Jul 8 06:41:11 ariston sshd[3379]: Received disconnect from 122.227.101.105 port 32966:11: Bye Bye [preauth] Jul 8 06:41:11 ariston sshd[3379]: Disconnected from invalid user test2 122.227.101.105 port 32966 [preauth] Jul 8 06:45:41 ariston sshd[3954]: Invalid user ftpuser from 122.227.101.105 port 37868 Jul 8 06:45:41 ariston sshd[3954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.227.101.105 Jul 8 06:45:43 ariston sshd[3954]: Failed password for invalid user ftpuser from 122.227.101.105 port 37868 ssh2 Jul 8 06:45:44 ariston sshd[3954]: Re........ ------------------------------	2019-07-10 23:33:02
104.236.224.134	attackspam	(sshd) Failed SSH login from 104.236.224.134 (-): 5 in the last 3600 secs	2019-07-11 00:03:51
162.243.144.171	attackspam	31201/tcp 3389/tcp 88/tcp... [2019-05-09/07-10]70pkt,53pt.(tcp),7pt.(udp)	2019-07-11 00:01:12
171.25.193.25	attackbots	Triggered by Fail2Ban at Ares web server	2019-07-10 23:35:49
128.199.145.242	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-11 00:19:04
62.234.5.142	attack	This address tries to hack into our database, bruteforce with dictionary. 62.234.5.142 - - [10/Jul/2019:10:28:49 +0200] "GET /phpmyadmin/index.php?pma_username=root&pma_password=star&server=1 HTTP/1.1" 200 15880 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT$ 62.234.5.142 - - [10/Jul/2019:10:28:51 +0200] "GET /phpmyadmin/index.php?pma_username=root&pma_password=aaa&server=1 HTTP/1.1" 200 15874 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT $ 62.234.5.142 - - [10/Jul/2019:10:28:51 +0200] "GET /phpmyadmin/index.php?pma_username=root&pma_password=web&server=1 HTTP/1.1" 200 15886 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT $ 62.234.5.142 - - [10/Jul/2019:10:28:53 +0200] "GET /phpmyadmin/index.php?pma_username=root&pma_password=asd&server=1 HTTP/1.1" 200 15875 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT $	2019-07-11 00:13:49
217.70.37.66	attackbotsspam	Many RDP login attempts detected by IDS script	2019-07-11 00:14:42

Recently Reported IPs

49.205.233.132	172.70.142.234	2.56.59.35	177.23.118.48
59.33.213.13	146.251.133.220	116.8.61.26	42.116.167.202
59.97.141.4	79.105.96.118	223.149.163.135	151.106.168.1
40.107.223.53	178.164.202.192	139.0.4.34	213.204.76.88
154.160.24.9	113.161.77.11	101.43.138.242	49.228.225.108