IP address

Passive DNS

Tags:

Threat categories

TL	Role	Category	Details
37	src	scan

Warden events (26)

2026-02-27: ReconScanning (node.86eb21): 1
2026-02-24: ReconScanning (node.86eb21): 2
2026-02-13: ReconScanning (node.86eb21): 2
2026-02-06: ReconScanning (node.86eb21): 1
2026-01-21: ReconScanning (node.86eb21): 2
2026-01-19: ReconScanning (node.86eb21): 2
2026-01-18: ReconScanning (node.86eb21): 2
2026-01-15: ReconScanning (node.86eb21): 2
2026-01-11: ReconScanning (node.86eb21): 3
2026-01-09: ReconScanning (node.86eb21): 1
2025-12-25: ReconScanning (node.86eb21): 1
2025-12-24: ReconScanning (node.86eb21): 1
2025-12-13: ReconScanning (node.86eb21): 1
2025-12-09: ReconScanning (node.86eb21): 1
2025-12-08: ReconScanning (node.86eb21): 1
2025-12-07: ReconScanning (node.86eb21): 1
2025-12-02: ReconScanning (node.86eb21): 1
2025-12-01: ReconScanning (node.86eb21): 1

DShield reports (IP summary, reports)

2025-12-10: Number of reports: 68; Distinct targets: 11
2025-12-17: Number of reports: 48; Distinct targets: 10
2025-12-18: Number of reports: 48; Distinct targets: 10
2026-01-01: Number of reports: 52; Distinct targets: 10
2026-01-02: Number of reports: 52; Distinct targets: 10
2026-01-06: Number of reports: 16; Distinct targets: 3
2026-02-26: Number of reports: 28; Distinct targets: 5

Origin AS: AS397373 - H4Y-TECHNOLOGIES
BGP Prefix: 192.158.229.0/24
geo: United States, Los Angeles; 🕑 America/Los_Angeles
hostname: (null)
Address block ('inetnum' or 'NetRange' in whois database): 192.158.224.0 - 192.158.239.255
last_activity: 2026-02-27 01:25:42
last_warden_event: 2026-02-27 01:25:42
rep: 0.06071428571428572
reserved_range: 0
Shodan's InternetDB: Open ports: 11, 15, 17, 19, 20, 21, 22, 26, 37, 43, 70, 79, 80, 82, 83, 84, 85, 102, 110, 111, 113, 119, 135, 179, 180, 195, 311, 343, 347, 427, 443, 444, 451, 461, 465, 513, 541, 554, 587, 593, 636, 771, 789, 902, 992, 993, 995, 1002, 1022, 1050, 1080, 1099, 1110, 1153, 1234, 1235, 1249, 1337, 1388, 1400, 1414, 1433, 1443, 1450, 1451, 1457, 1471, 1515, 1521, 1588, 1599, 1604, 1723, 1741, 1800, 1911, 1926, 1954, 1962, 1978, 1983, 1987, 2008, 2018, 2022, 2055, 2057, 2058, 2067, 2081, 2086, 2087, 2154, 2156, 2181, 2201, 2202, 2222, 2233, 2345, 2376, 2404, 2480, 2559, 2599, 2628, 2761, 2762, 3001, 3050, 3053, 3057, 3059, 3070, 3086, 3105, 3109, 3134, 3175, 3184, 3199, 3268, 3269, 3301, 3306, 3310, 3333, 3342, 3388, 3389, 3558, 3559, 3562, 3563, 3689, 3780, 4022, 4040, 4064, 4101, 4150, 4155, 4159, 4242, 4282, 4343, 4369, 4402, 4434, 4436, 4437, 4444, 4500, 4506, 4567, 4782, 4786, 4848, 4899, 4911, 4949, 5001, 5005, 5006, 5009, 5010, 5025, 5089, 5090, 5130, 5222, 5251, 5274, 5432, 5435, 5454, 5523, 5542, 5558, 5593, 5600, 5601, 5620, 5672, 5678, 5800, 5801, 5858, 5900, 5901, 5938, 5984, 5985, 5986, 5998, 6000, 6080, 6102, 6363, 6443, 6464, 6500, 6503, 6544, 6560, 6602, 6633, 6653, 6668, 7001, 7071, 7081, 7171, 7415, 7434, 7474, 7547, 7634, 7676, 7687, 7989, 8000, 8003, 8009, 8010, 8028, 8060, 8065, 8081, 8086, 8087, 8089, 8098, 8099, 8104, 8112, 8123, 8129, 8139, 8140, 8164, 8177, 8181, 8188, 8192, 8196, 8200, 8222, 8238, 8241, 8243, 8285, 8291, 8315, 8319, 8333, 8404, 8413, 8426, 8427, 8443, 8459, 8465, 8505, 8548, 8567, 8595, 8599, 8649, 8663, 8728, 8800, 8834, 8844, 8847, 8880, 8883, 8888, 8889, 8991, 9000, 9001, 9009, 9013, 9034, 9042, 9052, 9058, 9080, 9091, 9092, 9095, 9100, 9122, 9151, 9156, 9160, 9191, 9222, 9236, 9241, 9300, 9306, 9309, 9350, 9418, 9443, 9501, 9505, 9595, 9600, 9611, 9633, 9700, 9761, 9876, 9898, 9926, 9943, 9944, 9998, 9999; Tags: honeypot; CPEs: cpe:/a:openbsd:openssh:8.9p1, cpe:/o:canonical:ubuntu_linux
ts_added: 2024-10-15 05:01:07.935000
ts_last_update: 2026-03-01 05:01:13.876000

Warden event timeline

DShield event timeline