167.94.138.154

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
167.94.138.155	botsattack	KnownAttacker - BadReputation	2025-07-07 12:50:52
167.94.138.63	botsattackproxy	SSH dictionary attack	2025-06-19 12:58:59
167.94.138.41	attackproxy	VoIP blacklist IP	2025-06-16 12:53:41
167.94.138.120	botsattackproxy	SSH bot	2025-06-03 12:57:02
167.94.138.163	botsattack	Fraud scan	2025-02-07 17:59:37
167.94.138.167	attack	Fraud connect	2025-01-22 13:53:35
167.94.138.147	proxy	VPN fraud	2023-06-07 12:46:29
167.94.138.33	proxy	VPN fraud.	2023-06-07 12:43:58
167.94.138.136	proxy	VPN fraud	2023-06-05 12:53:02
167.94.138.131	proxy	VPN fraud	2023-05-29 13:10:03
167.94.138.124	proxy	VPN fraud	2023-05-29 13:06:05
167.94.138.127	proxy	VPN fraud	2023-05-25 12:38:28
167.94.138.52	proxy	VPN fraud	2023-05-16 12:51:16
167.94.138.152	proxy	Scanner VPN	2023-03-21 13:50:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 167.94.138.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19901
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;167.94.138.154.			IN	A

;; AUTHORITY SECTION:
.			570	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 09:34:42 CST 2022
;; MSG SIZE  rcvd: 107

Host info

154.138.94.167.in-addr.arpa domain name pointer scanner-14.ch1.censys-scanner.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
154.138.94.167.in-addr.arpa	name = scanner-14.ch1.censys-scanner.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
58.87.92.153	attack	$f2bV_matches	2019-12-26 04:01:36
93.87.234.77	attack	1577285412 - 12/25/2019 15:50:12 Host: 93.87.234.77/93.87.234.77 Port: 445 TCP Blocked	2019-12-26 03:48:50
156.216.182.249	attack	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 03:30:12
156.204.154.134	attackbots	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 03:45:27
222.186.173.226	attackbots	Dec 25 20:24:35 vps647732 sshd[28401]: Failed password for root from 222.186.173.226 port 2723 ssh2 Dec 25 20:24:48 vps647732 sshd[28401]: error: maximum authentication attempts exceeded for root from 222.186.173.226 port 2723 ssh2 [preauth] ...	2019-12-26 03:28:00
194.38.2.99	attackspambots	[portscan] Port scan	2019-12-26 03:47:25
185.153.199.155	attackspambots	Invalid user 0	2019-12-26 03:51:41
146.148.13.23	attack	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 03:57:06
171.239.201.180	attackspam	Dec 24 10:38:38 pl2server sshd[18472]: Address 171.239.201.180 maps to dynamic-ip-adsl.viettel.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 24 10:38:38 pl2server sshd[18472]: Invalid user admin from 171.239.201.180 Dec 24 10:38:39 pl2server sshd[18472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.239.201.180 Dec 24 10:38:41 pl2server sshd[18472]: Failed password for invalid user admin from 171.239.201.180 port 63442 ssh2 Dec 24 10:38:41 pl2server sshd[18472]: Connection closed by 171.239.201.180 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=171.239.201.180	2019-12-26 03:26:17
196.52.43.60	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-26 03:37:52
190.119.190.122	attackbots	$f2bV_matches	2019-12-26 03:28:31
185.117.152.80	attackspambots	Lines containing failures of 185.117.152.80 Dec 23 00:16:19 shared11 sshd[27578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.117.152.80 user=r.r Dec 23 00:16:21 shared11 sshd[27578]: Failed password for r.r from 185.117.152.80 port 45280 ssh2 Dec 23 00:16:21 shared11 sshd[27578]: Received disconnect from 185.117.152.80 port 45280:11: Bye Bye [preauth] Dec 23 00:16:21 shared11 sshd[27578]: Disconnected from authenticating user r.r 185.117.152.80 port 45280 [preauth] Dec 23 05:02:19 shared11 sshd[18166]: Invalid user macmartin from 185.117.152.80 port 55944 Dec 23 05:02:19 shared11 sshd[18166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.117.152.80 Dec 23 05:02:21 shared11 sshd[18166]: Failed password for invalid user macmartin from 185.117.152.80 port 55944 ssh2 Dec 23 05:02:21 shared11 sshd[18166]: Received disconnect from 185.117.152.80 port 55944:11: Bye Bye [preauth] Dec ........ ------------------------------	2019-12-26 03:52:06
171.241.27.211	attackspambots	firewall-block, port(s): 1433/tcp	2019-12-26 03:40:31
43.249.204.198	attackspam	scan r	2019-12-26 03:39:51
99.242.114.107	attack	Dec 25 19:10:16 pi sshd\[13909\]: Invalid user babasaki from 99.242.114.107 port 57264 Dec 25 19:10:16 pi sshd\[13909\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.242.114.107 Dec 25 19:10:18 pi sshd\[13909\]: Failed password for invalid user babasaki from 99.242.114.107 port 57264 ssh2 Dec 25 19:13:40 pi sshd\[13970\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.242.114.107 user=mysql Dec 25 19:13:42 pi sshd\[13970\]: Failed password for mysql from 99.242.114.107 port 60650 ssh2 ...	2019-12-26 03:48:18

Recently Reported IPs

60.243.249.114	191.241.65.194	125.165.233.99	95.216.62.97
168.151.226.35	72.252.112.192	207.46.13.106	40.107.0.115
220.250.63.239	117.195.90.245	167.249.78.9	94.19.49.235
223.155.193.22	75.172.63.72	192.241.213.143	191.53.240.204
45.5.131.201	120.242.194.248	201.156.122.5	190.36.123.145