167.94.138.120

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
botsattackproxy	SSH bot	2025-06-03 12:57:02

Comments on same subnet:

IP	Type	Details	Datetime
167.94.138.155	botsattack	KnownAttacker - BadReputation	2025-07-07 12:50:52
167.94.138.63	botsattackproxy	SSH dictionary attack	2025-06-19 12:58:59
167.94.138.41	attackproxy	VoIP blacklist IP	2025-06-16 12:53:41
167.94.138.163	botsattack	Fraud scan	2025-02-07 17:59:37
167.94.138.167	attack	Fraud connect	2025-01-22 13:53:35
167.94.138.147	proxy	VPN fraud	2023-06-07 12:46:29
167.94.138.33	proxy	VPN fraud.	2023-06-07 12:43:58
167.94.138.136	proxy	VPN fraud	2023-06-05 12:53:02
167.94.138.131	proxy	VPN fraud	2023-05-29 13:10:03
167.94.138.124	proxy	VPN fraud	2023-05-29 13:06:05
167.94.138.127	proxy	VPN fraud	2023-05-25 12:38:28
167.94.138.52	proxy	VPN fraud	2023-05-16 12:51:16
167.94.138.152	proxy	Scanner VPN	2023-03-21 13:50:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 167.94.138.120
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56866
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;167.94.138.120.			IN	A

;; AUTHORITY SECTION:
.			473	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 80 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 12:09:20 CST 2022
;; MSG SIZE  rcvd: 107

Host info

120.138.94.167.in-addr.arpa domain name pointer scanner-27.ch1.censys-scanner.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
120.138.94.167.in-addr.arpa	name = scanner-27.ch1.censys-scanner.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.234.15.105	attackspambots	Dec 27 07:30:19 ws19vmsma01 sshd[56699]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.15.105 Dec 27 07:30:21 ws19vmsma01 sshd[56699]: Failed password for invalid user server from 49.234.15.105 port 57922 ssh2 ...	2019-12-27 18:38:59
185.53.88.17	attack	\[2019-12-27 03:21:32\] NOTICE\[2839\] chan_sip.c: Registration from '\' failed for '185.53.88.17:64473' - Wrong password \[2019-12-27 03:21:32\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-27T03:21:32.527-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="8489",SessionID="0x7f0fb4392c38",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.17/64473",Challenge="39ccbc69",ReceivedChallenge="39ccbc69",ReceivedHash="7e1e71f6b4681cfbbb469e5264896c59" \[2019-12-27 03:21:32\] NOTICE\[2839\] chan_sip.c: Registration from '\' failed for '185.53.88.17:64474' - Wrong password \[2019-12-27 03:21:32\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-27T03:21:32.554-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="8489",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.17	2019-12-27 18:01:18
77.236.195.122	attackspambots	Port 22 Scan, PTR: 77-236-195-122.static.edera.cz.	2019-12-27 18:11:21
37.211.18.49	attack	Host Scan	2019-12-27 18:40:50
196.50.4.94	attack	Lines containing failures of 196.50.4.94 Dec 24 23:43:39 shared05 sshd[21856]: Invalid user pi from 196.50.4.94 port 51586 Dec 24 23:43:39 shared05 sshd[21856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.50.4.94 Dec 24 23:43:41 shared05 sshd[21856]: Failed password for invalid user pi from 196.50.4.94 port 51586 ssh2 Dec 24 23:43:42 shared05 sshd[21856]: Connection closed by invalid user pi 196.50.4.94 port 51586 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=196.50.4.94	2019-12-27 18:10:35
213.131.39.108	attackspam	Dec 27 07:25:42 mail kernel: [2447684.604464] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=213.131.39.108 DST=91.205.173.180 LEN=52 TOS=0x00 PREC=0x00 TTL=119 ID=13230 DF PROTO=TCP SPT=63077 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 27 07:25:45 mail kernel: [2447688.153596] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=213.131.39.108 DST=91.205.173.180 LEN=52 TOS=0x00 PREC=0x00 TTL=119 ID=7562 DF PROTO=TCP SPT=63060 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 27 07:25:48 mail kernel: [2447691.172701] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=213.131.39.108 DST=91.205.173.180 LEN=52 TOS=0x00 PREC=0x00 TTL=119 ID=28332 DF PROTO=TCP SPT=63060 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0	2019-12-27 18:25:48
87.101.72.81	attackspam	Dec 27 10:36:20 minden010 sshd[6486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.101.72.81 Dec 27 10:36:21 minden010 sshd[6486]: Failed password for invalid user dolson from 87.101.72.81 port 50717 ssh2 Dec 27 10:40:42 minden010 sshd[10535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.101.72.81 ...	2019-12-27 18:28:37
183.111.104.197	attackbots	Host Scan	2019-12-27 18:34:14
103.214.233.30	attack	Unauthorized connection attempt detected from IP address 103.214.233.30 to port 445	2019-12-27 18:12:12
222.186.173.238	attackspambots	Dec 27 11:33:21 silence02 sshd[19280]: Failed password for root from 222.186.173.238 port 49994 ssh2 Dec 27 11:33:33 silence02 sshd[19280]: error: maximum authentication attempts exceeded for root from 222.186.173.238 port 49994 ssh2 [preauth] Dec 27 11:33:39 silence02 sshd[19284]: Failed password for root from 222.186.173.238 port 64636 ssh2	2019-12-27 18:35:38
185.175.93.21	attack	12/27/2019-10:51:15.060095 185.175.93.21 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-12-27 18:26:16
202.137.154.160	attack	Dec 27 07:25:28 vpn01 sshd[10147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.137.154.160 Dec 27 07:25:30 vpn01 sshd[10147]: Failed password for invalid user admin from 202.137.154.160 port 54120 ssh2 ...	2019-12-27 18:39:25
49.235.212.247	attackspambots	Brute-force attempt banned	2019-12-27 18:14:24
14.187.49.252	attackspam	Dec 27 07:25:24 vpn01 sshd[10136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.187.49.252 Dec 27 07:25:25 vpn01 sshd[10136]: Failed password for invalid user admin from 14.187.49.252 port 36326 ssh2 ...	2019-12-27 18:44:08
218.92.0.157	attackbotsspam	Dec 27 11:13:02 nextcloud sshd\[8513\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.157 user=root Dec 27 11:13:04 nextcloud sshd\[8513\]: Failed password for root from 218.92.0.157 port 26464 ssh2 Dec 27 11:13:24 nextcloud sshd\[8999\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.157 user=root ...	2019-12-27 18:22:33

Recently Reported IPs

185.236.231.142	40.92.74.71	212.174.189.85	189.207.101.177
43.254.220.27	167.88.21.40	95.217.211.190	201.48.142.131
18.117.193.193	45.127.108.132	167.248.133.133	15.235.5.98
170.130.62.202	192.24.36.62	59.88.138.120	178.72.78.150
117.251.62.137	210.210.255.23	114.237.52.232	185.144.156.188