IP address

Threat categories

TL	Role	Category	Details
52	src	scan

---

Warden events (39)

2026-03-25

ReconScanning (node.86eb21): 1

2026-03-21

ReconScanning (node.86eb21): 2

2026-03-16

ReconScanning (node.86eb21): 1

2026-03-15

ReconScanning (node.86eb21): 1

2026-03-13

ReconScanning (node.86eb21): 1

2026-03-11

ReconScanning (node.86eb21): 1

2026-03-07

ReconScanning (node.86eb21): 1

2026-03-06

ReconScanning (node.86eb21): 1

2026-03-03

ReconScanning (node.86eb21): 1

2026-02-27

ReconScanning (node.86eb21): 1

2026-02-26

ReconScanning (node.86eb21): 1

2026-02-24

ReconScanning (node.86eb21): 1

2026-02-19

ReconScanning (node.86eb21): 1

2026-02-13

ReconScanning (node.86eb21): 1

2026-02-12

ReconScanning (node.86eb21): 1

2026-02-11

ReconScanning (node.86eb21): 1

2026-02-07

ReconScanning (node.86eb21): 1

2026-02-06

ReconScanning (node.86eb21): 1

2026-01-31

ReconScanning (node.86eb21): 2

2026-01-30

ReconScanning (node.86eb21): 2

2026-01-21

ReconScanning (node.86eb21): 2

2026-01-19

ReconScanning (node.86eb21): 4

2026-01-18

ReconScanning (node.86eb21): 2

2026-01-15

ReconScanning (node.86eb21): 2

2026-01-13

ReconScanning (node.86eb21): 2

2026-01-11

ReconScanning (node.86eb21): 3

2026-01-09

ReconScanning (node.86eb21): 1

DShield reports (IP summary, reports)

2025-12-31

Number of reports: 24

Distinct targets: 3

2026-01-01

Number of reports: 76

Distinct targets: 10

2026-01-02

Number of reports: 76

Distinct targets: 10

2026-01-06

Number of reports: 28

Distinct targets: 4

2026-01-15

Number of reports: 32

Distinct targets: 4

2026-02-24

Number of reports: 20

Distinct targets: 3

2026-02-25

Number of reports: 20

Distinct targets: 3

2026-02-26

Number of reports: 68

Distinct targets: 10

2026-03-03

Number of reports: 24

Distinct targets: 4

2026-03-04

Number of reports: 68

Distinct targets: 9

2026-03-05

Number of reports: 68

Distinct targets: 9

2026-03-09

Number of reports: 16

Distinct targets: 3

2026-03-11

Number of reports: 68

Distinct targets: 10

2026-03-17

Number of reports: 60

Distinct targets: 9

2026-03-25

Number of reports: 84

Distinct targets: 11

2026-03-26

Number of reports: 84

Distinct targets: 11

Origin AS

AS136258 - ONEPROVIDER-AS

BGP Prefix

185.213.23.0/24

geo

Norway, Oslo

🕑 Europe/Oslo

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

185.213.20.0 - 185.213.23.255

last_activity

2026-03-25 03:08:48

last_warden_event

2026-03-25 03:08:48

rep

0.06904761904761904

reserved_range

0

Shodan's InternetDB

Open ports: 11, 15, 17, 19, 21, 22, 25, 26, 37, 43, 49, 51, 65, 70, 79, 80, 81, 82, 83, 84, 88, 95, 102, 104, 110, 111, 113, 119, 122, 135, 143, 175, 179, 192, 195, 221, 264, 311, 340, 343, 347, 389, 444, 445, 451, 465, 487, 491, 502, 503, 513, 515, 548, 554, 555, 587, 593, 631, 636, 666, 689, 771, 785, 789, 801, 832, 853, 873, 902, 992, 993, 995, 1024, 1028, 1080, 1099, 1153, 1167, 1200, 1224, 1234, 1244, 1249, 1250, 1283, 1292, 1293, 1311, 1337, 1400, 1414, 1433, 1443, 1471, 1515, 1521, 1599, 1604, 1605, 1723, 1741, 1800, 1801, 1911, 1925, 1926, 1935, 1953, 1954, 1955, 1957, 1958, 1962, 1973, 1982, 1987, 2000, 2008, 2010, 2021, 2048, 2056, 2064, 2067, 2070, 2080, 2081, 2082, 2083, 2087, 2101, 2108, 2121, 2122, 2181, 2196, 2211, 2222, 2232, 2250, 2345, 2351, 2352, 2376, 2379, 2382, 2404, 2423, 2455, 2480, 2548, 2572, 2599, 2628, 2761, 2762, 3000, 3001, 3002, 3005, 3016, 3020, 3049, 3057, 3074, 3084, 3085, 3092, 3095, 3112, 3113, 3117, 3124, 3128, 3132, 3137, 3141, 3147, 3161, 3166, 3168, 3190, 3192, 3196, 3198, 3199, 3260, 3268, 3269, 3299, 3301, 3306, 3310, 3333, 3342, 3352, 3389, 3404, 3412, 3460, 3510, 3541, 3542, 3551, 3567, 3568, 3689, 3749, 3780, 3790, 3792, 3793, 3841, 3953, 4000, 4022, 4040, 4064, 4101, 4148, 4150, 4157, 4160, 4165, 4242, 4282, 4321, 4369, 4402, 4430, 4433, 4434, 4439, 4440, 4443, 4444, 4449, 4451, 4461, 4482, 4499, 4500, 4505, 4506, 4567, 4602, 4646, 4664, 4782, 4786, 4840, 4848, 4899, 4911, 4949, 5000, 5001, 5005, 5006, 5009, 5010, 5011, 5025, 5080, 5083, 5090, 5100, 5105, 5201, 5222, 5223, 5227, 5232, 5241, 5246, 5253, 5255, 5351, 5357, 5400, 5432, 5435, 5440, 5444, 5555, 5558, 5560, 5591, 5593, 5595, 5598, 5601, 5608, 5672, 5698, 5800, 5801, 5853, 5900, 5901, 5938, 5984, 5985, 5991, 5992, 5998, 5999, 6000, 6001, 6010, 6022, 6080, 6262, 6308, 6352, 6363, 6379, 6432, 6443, 6464, 6482, 6503, 6505, 6514, 6560, 6565, 6581, 6602, 6622, 6633, 6653, 6664, 6666, 6667, 6668, 6697, 6799, 6955, 7002, 7071, 7100, 7170, 7171, 7272, 7331, 7401, 7434, 7443, 7445, 7474, 7493, 7537, 7547, 7634, 7657, 7773, 7777, 7779, 7900, 7980, 7989, 8000, 8008, 8009, 8030, 8040, 8044, 8060, 8068, 8069, 8076, 8079, 8081, 8083, 8085, 8086, 8087, 8089, 8090, 8091, 8092, 8098, 8099, 8105, 8114, 8118, 8120, 8123, 8125, 8126, 8135, 8139, 8140, 8163, 8164, 8179, 8181, 8188, 8197, 8200, 8203, 8282, 8283, 8284, 8291, 8333, 8384, 8401, 8405, 8406, 8421, 8423, 8431, 8443, 8452, 8455, 8456, 8480, 8493, 8494, 8521, 8533, 8544, 8545, 8548, 8551, 8554, 8573, 8575, 8576, 8582, 8583, 8587, 8588, 8594, 8605, 8630, 8649, 8701, 8707, 8709, 8728, 8745, 8771, 8789, 8800, 8805, 8821, 8823, 8834, 8835, 8841, 8846, 8851, 8859, 8879, 8880, 8881, 8884, 8888, 8889, 8907, 8912, 8980, 8989, 9000, 9001, 9002, 9004, 9010, 9015, 9023, 9031, 9034, 9036, 9037, 9042, 9045, 9048, 9051, 9060, 9062, 9067, 9080, 9088, 9090, 9091, 9092, 9095, 9100, 9102, 9104, 9108, 9109, 9111, 9112, 9119, 9131, 9134, 9138, 9142, 9145, 9146, 9148, 9151, 9158, 9160, 9165, 9168, 9172, 9173, 9195, 9200, 9216, 9218, 9223, 9241, 9242, 9243, 9253, 9283, 9295, 9301, 9304, 9306, 9351, 9389, 9398, 9418, 9443, 9447, 9529, 9532, 9595, 9600, 9633, 9734, 9761, 9765, 9800, 9869, 9876, 9898, 9901, 9918, 9943, 9944, 9950, 9981, 9993, 9998, 9999

Tags: honeypot

CPEs: cpe:/o:canonical:ubuntu_linux, cpe:/a:openbsd:openssh:8.9p1

ts_added

2024-04-28 03:43:08.215000

ts_last_update

2026-03-27 05:01:18.515000

Warden event timeline

DShield event timeline