167.94.138.49 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
167.94.138.155	botsattack	KnownAttacker - BadReputation	2025-07-07 12:50:52
167.94.138.63	botsattackproxy	SSH dictionary attack	2025-06-19 12:58:59
167.94.138.41	attackproxy	VoIP blacklist IP	2025-06-16 12:53:41
167.94.138.120	botsattackproxy	SSH bot	2025-06-03 12:57:02
167.94.138.163	botsattack	Fraud scan	2025-02-07 17:59:37
167.94.138.167	attack	Fraud connect	2025-01-22 13:53:35
167.94.138.147	proxy	VPN fraud	2023-06-07 12:46:29
167.94.138.33	proxy	VPN fraud.	2023-06-07 12:43:58
167.94.138.136	proxy	VPN fraud	2023-06-05 12:53:02
167.94.138.131	proxy	VPN fraud	2023-05-29 13:10:03
167.94.138.124	proxy	VPN fraud	2023-05-29 13:06:05
167.94.138.127	proxy	VPN fraud	2023-05-25 12:38:28
167.94.138.52	proxy	VPN fraud	2023-05-16 12:51:16
167.94.138.152	proxy	Scanner VPN	2023-03-21 13:50:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 167.94.138.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46005
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;167.94.138.49.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400

;; Query time: 415 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 15:00:31 CST 2022
;; MSG SIZE  rcvd: 106

Host info

49.138.94.167.in-addr.arpa domain name pointer scanner-07.ch1.censys-scanner.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
49.138.94.167.in-addr.arpa	name = scanner-07.ch1.censys-scanner.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.14.184.143	attackspambots	Invalid user ter from 185.14.184.143 port 36910	2020-08-22 18:47:37
104.224.128.61	attackspam	Invalid user test from 104.224.128.61 port 44792	2020-08-22 18:13:52
45.175.225.50	attack	Attempted connection to port 445.	2020-08-22 18:11:53
152.136.98.80	attackspam	Aug 22 11:47:22 ns382633 sshd\[9549\]: Invalid user babu from 152.136.98.80 port 56896 Aug 22 11:47:22 ns382633 sshd\[9549\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.98.80 Aug 22 11:47:24 ns382633 sshd\[9549\]: Failed password for invalid user babu from 152.136.98.80 port 56896 ssh2 Aug 22 11:59:15 ns382633 sshd\[11974\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.98.80 user=root Aug 22 11:59:17 ns382633 sshd\[11974\]: Failed password for root from 152.136.98.80 port 55518 ssh2	2020-08-22 18:30:32
217.168.218.52	attackbotsspam	1× attempts to log on to WP. However, we do not use WP. Last visit 2020-08-21 23:39:01	2020-08-22 18:38:52
113.200.156.180	attackspambots	Invalid user mongodb from 113.200.156.180 port 43278	2020-08-22 18:30:57
114.67.254.244	attackspambots	2020-08-21 UTC: (2x) - ikan(2x)	2020-08-22 18:10:16
185.50.25.52	attack	RU - - [22/Aug/2020:04:53:31 +0300] POST /xmlrpc.php HTTP/1.1 200 269 - Mozilla/5.0 X11; Ubuntu; Linux x86_64; rv:62.0 Gecko/20100101 Firefox/62.0	2020-08-22 18:41:42
114.104.134.120	attack	Aug 22 07:36:34 srv01 postfix/smtpd\[25642\]: warning: unknown\[114.104.134.120\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 22 07:46:53 srv01 postfix/smtpd\[5708\]: warning: unknown\[114.104.134.120\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 22 07:47:05 srv01 postfix/smtpd\[5708\]: warning: unknown\[114.104.134.120\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 22 07:47:21 srv01 postfix/smtpd\[5708\]: warning: unknown\[114.104.134.120\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 22 07:47:41 srv01 postfix/smtpd\[5708\]: warning: unknown\[114.104.134.120\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-22 18:21:22
78.36.152.186	attackspambots	Invalid user adminuser from 78.36.152.186 port 59070	2020-08-22 18:39:27
42.119.222.251	attack	Attempted connection to port 23.	2020-08-22 18:12:30
106.52.179.227	attack	web-1 [ssh_2] SSH Attack	2020-08-22 18:37:07
222.186.175.167	attackbotsspam	Aug 22 12:11:55 santamaria sshd\[3204\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167 user=root Aug 22 12:11:56 santamaria sshd\[3204\]: Failed password for root from 222.186.175.167 port 25342 ssh2 Aug 22 12:12:13 santamaria sshd\[3206\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167 user=root ...	2020-08-22 18:15:00
185.143.223.244	attack	Fail2Ban Ban Triggered	2020-08-22 18:27:06
36.49.158.214	attack	Cluster member 67.227.229.95 (US/United States/host.cjthedj97.me) said, DENY 36.49.158.214, Reason:[(sshd) Failed SSH login from 36.49.158.214 (CN/China/-): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER	2020-08-22 18:18:43

Recently Reported IPs

167.94.138.52	167.94.138.51	167.94.138.48	167.94.138.56
167.71.81.121	167.94.138.54	167.98.119.114	167.99.156.128
167.99.139.159	167.99.206.6	167.99.136.84	167.99.164.186
167.99.228.174	167.94.138.55	167.99.43.127	167.99.40.144
167.99.219.96	167.99.251.108	167.99.252.226	167.99.44.130