IP address

Passive DNS

Tags: Scanner

Threat categories

TL	Role	Category	Details
25	src	scan

Warden events (34)

2026-02-19: ReconScanning (node.86eb21): 1
2026-02-13: ReconScanning (node.86eb21): 1
2026-02-12: ReconScanning (node.86eb21): 1
2026-02-11: ReconScanning (node.86eb21): 1
2026-02-07: ReconScanning (node.86eb21): 1
2026-02-06: ReconScanning (node.86eb21): 1
2026-01-31: ReconScanning (node.86eb21): 2
2026-01-30: ReconScanning (node.86eb21): 2
2026-01-21: ReconScanning (node.86eb21): 2
2026-01-19: ReconScanning (node.86eb21): 4
2026-01-18: ReconScanning (node.86eb21): 2
2026-01-15: ReconScanning (node.86eb21): 2
2026-01-13: ReconScanning (node.86eb21): 2
2026-01-11: ReconScanning (node.86eb21): 3
2026-01-09: ReconScanning (node.86eb21): 1
2025-12-25: ReconScanning (node.86eb21): 1
2025-12-24: ReconScanning (node.86eb21): 1
2025-12-13: ReconScanning (node.86eb21): 1
2025-12-09: ReconScanning (node.86eb21): 1
2025-12-08: ReconScanning (node.86eb21): 1
2025-12-07: ReconScanning (node.86eb21): 1
2025-12-02: ReconScanning (node.86eb21): 1
2025-12-01: ReconScanning (node.86eb21): 1

DShield reports (IP summary, reports)

2025-11-25: Number of reports: 36; Distinct targets: 5
2025-12-03: Number of reports: 24; Distinct targets: 4
2025-12-09: Number of reports: 32; Distinct targets: 4
2025-12-10: Number of reports: 96; Distinct targets: 14
2025-12-17: Number of reports: 84; Distinct targets: 13
2025-12-18: Number of reports: 84; Distinct targets: 13
2025-12-23: Number of reports: 32; Distinct targets: 4
2025-12-24: Number of reports: 32; Distinct targets: 4
2025-12-31: Number of reports: 24; Distinct targets: 3
2026-01-01: Number of reports: 76; Distinct targets: 10
2026-01-02: Number of reports: 76; Distinct targets: 10
2026-01-06: Number of reports: 28; Distinct targets: 4
2026-01-15: Number of reports: 32; Distinct targets: 4

Origin AS: AS136258 - ONEPROVIDER-AS
BGP Prefix: 185.213.23.0/24
geo: Norway, Oslo; 🕑 Europe/Oslo
hostname: (null)
Address block ('inetnum' or 'NetRange' in whois database): 185.213.20.0 - 185.213.23.255
last_activity: 2026-02-19 02:09:11
last_warden_event: 2026-02-19 02:09:11
rep: 0.04523809523809523
reserved_range: 0
Shodan's InternetDB: Open ports: 11, 17, 19, 21, 25, 26, 37, 49, 65, 70, 79, 80, 81, 82, 83, 88, 104, 110, 111, 113, 122, 135, 143, 175, 179, 195, 221, 264, 311, 340, 389, 444, 451, 487, 503, 515, 548, 554, 593, 631, 666, 771, 782, 789, 801, 832, 902, 992, 993, 995, 1080, 1099, 1167, 1224, 1234, 1244, 1249, 1250, 1293, 1311, 1337, 1400, 1414, 1433, 1443, 1457, 1460, 1599, 1604, 1605, 1741, 1800, 1801, 1925, 1926, 1935, 1954, 1962, 1982, 1987, 2000, 2008, 2010, 2048, 2064, 2067, 2081, 2083, 2087, 2101, 2108, 2121, 2222, 2232, 2345, 2376, 2382, 2404, 2455, 2480, 2628, 2761, 3000, 3001, 3005, 3020, 3049, 3074, 3112, 3113, 3120, 3128, 3147, 3166, 3190, 3192, 3199, 3260, 3268, 3269, 3299, 3301, 3306, 3310, 3333, 3352, 3389, 3404, 3412, 3460, 3541, 3542, 3551, 3689, 3749, 3780, 3790, 3953, 4000, 4022, 4040, 4064, 4148, 4150, 4160, 4165, 4282, 4321, 4430, 4434, 4439, 4443, 4444, 4451, 4461, 4482, 4499, 4500, 4505, 4506, 4567, 4602, 4664, 4782, 4786, 4840, 4899, 4911, 4949, 5000, 5001, 5006, 5009, 5010, 5011, 5025, 5083, 5090, 5100, 5105, 5222, 5227, 5246, 5253, 5255, 5351, 5357, 5432, 5440, 5591, 5592, 5595, 5601, 5672, 5800, 5801, 5853, 5901, 5938, 5985, 5999, 6001, 6022, 6080, 6308, 6379, 6443, 6505, 6561, 6602, 6633, 6653, 6664, 6666, 6668, 6697, 6955, 7002, 7071, 7100, 7434, 7443, 7474, 7537, 7547, 7657, 7773, 7779, 7900, 7980, 8000, 8008, 8009, 8060, 8069, 8079, 8081, 8085, 8086, 8087, 8090, 8092, 8098, 8114, 8120, 8123, 8125, 8126, 8139, 8140, 8164, 8179, 8181, 8188, 8200, 8239, 8291, 8333, 8384, 8405, 8431, 8443, 8455, 8480, 8494, 8533, 8544, 8545, 8551, 8554, 8569, 8575, 8583, 8587, 8630, 8643, 8649, 8701, 8728, 8745, 8789, 8800, 8821, 8823, 8834, 8846, 8859, 8879, 8884, 8888, 8907, 9000, 9001, 9002, 9004, 9031, 9034, 9036, 9051, 9067, 9080, 9088, 9090, 9091, 9100, 9102, 9104, 9109, 9111, 9112, 9119, 9134, 9142, 9145, 9146, 9151, 9158, 9160, 9172, 9200, 9223, 9242, 9243, 9283, 9295, 9301, 9306, 9351, 9383, 9389, 9398, 9418, 9433, 9529, 9532, 9595, 9600, 9633, 9743, 9761, 9800, 9802, 9869, 9876, 9898, 9943, 9944, 9950, 9981, 9993, 9999; Tags: honeypot; CPEs: –
ts_added: 2024-04-28 03:43:08.215000
ts_last_update: 2026-02-23 03:43:12.760000

Warden event timeline

DShield event timeline