AbuseIPDB » 167.248.133.138

Check an IP Address, Domain Name, or Subnet

e.g. 3.236.209.138, microsoft.com, or 5.188.10.0/24

167.248.133.138 was found in our database!

This IP was reported 458 times. Confidence of Abuse is 0%: ?

ISP	Censys Inc.
Usage Type	Search Engine Spider
Hostname(s)	scanner-03.ch1.censys-scanner.com
Domain Name	censys.io
Country	United States of America
City	Ann Arbor, Michigan

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Important Note: 167.248.133.138 is an IP address from within our whitelist. Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

According to our records, this IP belongs to the subnet 167.248.133.0/24, identified as: "Censys (https://about.censys.io/)"

Report 167.248.133.138

Whois 167.248.133.138

IP Abuse Reports for 167.248.133.138:

This IP address has been reported a total of 458 times from 54 distinct sources. 167.248.133.138 was first reported on March 20th 2023, and the most recent report was 2 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	Date	Comment	Categories
kwLPCqucjz	2 minutes ago	2023-03-30T03:28:16+01:00 TCP Port scan: DPT=636	Port Scan
MPL	4 minutes ago	tcp port scan (14 or more attempts)	Port Scan
abuse_IP_reporter	22 minutes ago	Mar 30 07:34:45 server UFW BLOCK SRC=167.248.133.138 PROTO=TCP SPT=60550 DPT=21	Port Scan
MPL	1 hour ago	tcp port scan (8 or more attempts)	Port Scan
MPL	2 hours ago	tcp port scan (7 or more attempts)	Port Scan
abuse_IP_reporter	2 hours ago	Mar 30 05:24:20 server UFW BLOCK SRC=167.248.133.138 PROTO=TCP SPT=30043 DPT=5683	Port Scan
MPL	3 hours ago	tcp port scan (10 or more attempts)	Port Scan
sebaro11	3 hours ago	Portscan on 5672/TCP blocked by UFW	Port Scan
EticCybersecurity	3 hours ago	Port Scan 2023-03-29T22:23:09.111Z -> 167.248.133.138 scanned port 161 on one of our servers	Hacking
Honzas	4 hours ago	Unauthorized POP/IMAP login attempts 2023-03-30T1:05:35	Hacking
MPL	4 hours ago	tcp port scan (5 or more attempts)	Port Scan
stroytrest	4 hours ago	2023-03-30T03:56:33.833192mx1 kernel: [9085855.153555] nftables: SCAN-SSH IN=ens192 OUT= MAC= SRC=16 ... show more2023-03-30T03:56:33.833192mx1 kernel: [9085855.153555] nftables: SCAN-SSH IN=ens192 OUT= MAC= SRC=167.248.133.138 DST=xxx.xxx.xxx.xxx LEN=44 TOS=0x08 PREC=0x40 TTL=30 ID=59210 PROTO=TCP SPT=59044 DPT=22 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x348 ... show less	Port Scan
Block_Steady_Crew	4 hours ago	Honeypot snared from 167.248.133.138	Port Scan Web App Attack
en0	4 hours ago	167.248.133.138 was recorded 3 times by 3 hosts attempting to connect to 3 unique ports. Incident co ... show more167.248.133.138 was recorded 3 times by 3 hosts attempting to connect to 3 unique ports. Incident counter (4h, 24h, all-time): 3, 27, 5100 show less	Port Scan
MPL	5 hours ago	tcp port scan (13 or more attempts)	Port Scan