IP address
Search at other sites: 
.009185.213.23.35
Shodan(more info)
Passive DNS
- Warden events (32)
- 2026-05-22
-
- ReconScanning (node.f90c6b): 3
- 2026-05-15
-
- ReconScanning (node.86eb21): 1
- 2026-05-03
-
- ReconScanning (node.86eb21): 1
- 2026-04-24
-
- ReconScanning (node.86eb21): 1
- 2026-04-21
-
- ReconScanning (node.86eb21): 1
- 2026-04-19
-
- ReconScanning (node.86eb21): 2
- 2026-04-18
-
- ReconScanning (node.86eb21): 1
- 2026-04-10
-
- ReconScanning (node.86eb21): 1
- 2026-04-08
-
- ReconScanning (node.f90c6b): 3
- 2026-04-05
-
- ReconScanning (node.86eb21): 1
- 2026-04-03
-
- ReconScanning (node.f90c6b): 3
- ReconScanning (node.86eb21): 1
- 2026-03-25
-
- ReconScanning (node.86eb21): 1
- 2026-03-21
-
- ReconScanning (node.86eb21): 2
- 2026-03-16
-
- ReconScanning (node.86eb21): 1
- 2026-03-15
-
- ReconScanning (node.86eb21): 1
- 2026-03-13
-
- ReconScanning (node.86eb21): 1
- 2026-03-11
-
- ReconScanning (node.86eb21): 1
- 2026-03-07
-
- ReconScanning (node.86eb21): 1
- 2026-03-06
-
- ReconScanning (node.86eb21): 1
- 2026-03-03
-
- ReconScanning (node.86eb21): 1
- 2026-02-27
-
- ReconScanning (node.86eb21): 1
- 2026-02-26
-
- ReconScanning (node.86eb21): 1
- 2026-02-24
-
- ReconScanning (node.86eb21): 1
- DShield reports (IP summary, reports)
- 2026-02-24
- Number of reports: 20
- Distinct targets: 3
- 2026-02-25
- Number of reports: 20
- Distinct targets: 3
- 2026-02-26
- Number of reports: 68
- Distinct targets: 10
- 2026-03-03
- Number of reports: 24
- Distinct targets: 4
- 2026-03-04
- Number of reports: 68
- Distinct targets: 9
- 2026-03-05
- Number of reports: 68
- Distinct targets: 9
- 2026-03-09
- Number of reports: 16
- Distinct targets: 3
- 2026-03-11
- Number of reports: 68
- Distinct targets: 10
- 2026-03-17
- Number of reports: 60
- Distinct targets: 9
- 2026-03-25
- Number of reports: 84
- Distinct targets: 11
- 2026-03-26
- Number of reports: 84
- Distinct targets: 11
- 2026-04-02
- Number of reports: 56
- Distinct targets: 9
- 2026-04-09
- Number of reports: 60
- Distinct targets: 10
- 2026-04-20
- Number of reports: 24
- Distinct targets: 6
- 2026-04-22
- Number of reports: 76
- Distinct targets: 11
- 2026-04-29
- Number of reports: 80
- Distinct targets: 10
- 2026-04-30
- Number of reports: 80
- Distinct targets: 10
- 2026-05-09
- Number of reports: 69
- Distinct targets: 10
- 2026-05-14
- Number of reports: 81
- Distinct targets: 12
- 2026-05-20
- Number of reports: 74
- Distinct targets: 11
Threat categories
| TL | Role | Category | Details |
|---|---|---|---|
| 43 | src | scan |
- Origin AS
- AS136258 - ONEPROVIDER-AS
- BGP Prefix
- 185.213.23.0/24
- geo
- Norway, Oslo
- 🕑 Europe/Oslo
- hostname
- (null)
- Address block ('inetnum' or 'NetRange' in whois database)
- 185.213.20.0 - 185.213.23.255
- last_activity
- 2026-05-22 03:04:24
- last_warden_event
- 2026-05-22 03:04:24
- rep
- 0.008814962435592655
- reserved_range
- 0
- Shodan's InternetDB
- Open ports: 11, 17, 25, 26, 37, 80, 81, 82, 83, 88, 92, 93, 96, 102, 104, 110, 111, 113, 139, 143, 175, 179, 195, 221, 264, 311, 389, 440, 441, 443, 444, 452, 465, 487, 502, 503, 515, 541, 548, 591, 631, 646, 666, 700, 771, 782, 805, 873, 947, 993, 994, 1025, 1029, 1080, 1109, 1110, 1120, 1153, 1195, 1234, 1337, 1388, 1400, 1414, 1433, 1453, 1500, 1521, 1604, 1660, 1741, 1800, 1830, 1911, 1925, 1926, 1935, 1957, 1959, 1962, 2000, 2010, 2016, 2054, 2067, 2070, 2072, 2081, 2082, 2083, 2087, 2107, 2121, 2167, 2181, 2195, 2222, 2259, 2345, 2363, 2375, 2376, 2379, 2423, 2455, 2568, 2570, 2598, 2601, 2628, 2761, 2762, 2806, 3000, 3001, 3009, 3060, 3067, 3068, 3107, 3109, 3116, 3120, 3157, 3167, 3184, 3260, 3301, 3307, 3310, 3388, 3389, 3404, 3406, 3460, 3500, 3541, 3542, 3550, 3551, 3569, 3689, 3952, 4000, 4040, 4095, 4100, 4147, 4150, 4200, 4282, 4343, 4344, 4369, 4431, 4451, 4461, 4468, 4477, 4499, 4500, 4506, 4521, 4572, 4643, 4782, 4786, 4808, 4840, 4848, 4899, 4949, 5000, 5001, 5005, 5009, 5010, 5025, 5051, 5053, 5209, 5222, 5238, 5242, 5243, 5252, 5269, 5278, 5357, 5432, 5555, 5557, 5560, 5590, 5595, 5606, 5671, 5800, 5853, 5919, 5938, 5957, 5994, 6000, 6001, 6050, 6080, 6161, 6262, 6264, 6348, 6352, 6405, 6432, 6443, 6464, 6601, 6605, 6633, 6653, 6666, 6686, 6697, 7000, 7001, 7006, 7015, 7070, 7071, 7086, 7170, 7171, 7283, 7349, 7434, 7443, 7465, 7474, 7480, 7547, 7548, 7779, 7799, 7900, 7989, 7999, 8000, 8001, 8009, 8013, 8017, 8043, 8044, 8061, 8067, 8081, 8089, 8094, 8099, 8108, 8112, 8119, 8122, 8123, 8125, 8126, 8144, 8167, 8170, 8181, 8188, 8192, 8200, 8280, 8291, 8333, 8405, 8422, 8425, 8448, 8464, 8473, 8484, 8523, 8545, 8549, 8563, 8580, 8680, 8728, 8800, 8802, 8804, 8805, 8806, 8808, 8834, 8835, 8845, 8856, 8859, 8860, 8871, 8884, 8888, 8889, 8891, 8991, 9000, 9001, 9009, 9018, 9025, 9026, 9029, 9031, 9032, 9037, 9042, 9047, 9059, 9066, 9080, 9083, 9088, 9090, 9091, 9093, 9095, 9097, 9109, 9113, 9151, 9175, 9176, 9191, 9202, 9203, 9236, 9250, 9280, 9306, 9315, 9393, 9398, 9399, 9418, 9456, 9465, 9510, 9513, 9519, 9530, 9566, 9595, 9600, 9606, 9658, 9663, 9761, 9779, 9861, 9876, 9898, 9899, 9929, 9943, 9944, 9981, 9998
- Tags: honeypot
- CPEs: –
- ts_added
- 2024-04-28 03:43:08.215000
- ts_last_update
- 2026-05-22 03:43:10.443000
Warden event timeline
DShield event timeline