IP address


.007216.106.191.228228-191-106-216.clients.gthost.com
Shodan(more info)
Passive DNS
Tags: IP in hostname

Threat categories

TLRoleCategoryDetails
31 src scan

Warden events (8)
2026-07-03
ReconScanning (node.86eb21): 1
2026-07-01
ReconScanning (node.86eb21): 1
2026-06-27
ReconScanning (node.86eb21): 1
2026-06-24
ReconScanning (node.86eb21): 1
2026-06-17
ReconScanning (node.86eb21): 1
2026-06-14
ReconScanning (node.86eb21): 1
2026-06-13
ReconScanning (node.86eb21): 1
2026-06-08
ReconScanning (node.86eb21): 1
DShield reports (IP summary, reports)
2026-06-02
Number of reports: 36
Distinct targets: 6
2026-06-03
Number of reports: 36
Distinct targets: 6
2026-06-09
Number of reports: 48
Distinct targets: 7
2026-06-10
Number of reports: 48
Distinct targets: 7
2026-06-16
Number of reports: 65
Distinct targets: 10
2026-07-02
Number of reports: 52
Distinct targets: 8
Origin AS
AS63023 - AS-GLOBALTELEHOST
BGP Prefix
216.106.191.0/24
geo
United States
🕑 America/Chicago
hostname
228-191-106-216.clients.gthost.com
hostname_class
['ip_in_hostname']
Address block ('inetnum' or 'NetRange' in whois database)
216.106.176.0 - 216.106.191.255
last_activity
2026-07-03 02:33:45
last_warden_event
2026-07-03 02:33:45
rep
0.0065927542181623
reserved_range
0
Shodan's InternetDB
Open ports: 19, 22, 24, 80, 110, 111, 113, 179, 427, 443, 502, 636, 789, 853, 902, 1080, 1099, 1414, 1433, 1554, 1604, 1741, 1801, 1833, 2083, 2222, 2248, 2320, 2506, 2562, 2568, 3000, 3050, 3078, 3102, 3108, 3112, 3200, 3268, 3310, 4064, 4150, 4443, 4899, 4911, 5006, 5061, 5201, 5432, 5696, 6379, 6664, 7011, 7779, 8126, 8140, 8333, 8334, 8407, 8445, 8655, 8819, 8862, 8884, 9000, 9045, 9090, 9152, 9155, 9157, 9797, 9888, 9943
Tags: honeypot
CPEs: cpe:/a:openbsd:openssh:9.6p1, cpe:/o:canonical:ubuntu_linux
ts_added
2026-06-03 05:04:56.604000
ts_last_update
2026-07-04 05:06:24.295000

Warden event timeline

DShield event timeline