IP address

Search at other sites:

.82995.85.238.22

Shodan(more info)

Passive DNS

IP blacklists

Spamhaus SBL

95.85.238.22 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-06-19 21:27:10.271000
Was present on blacklist at: 2026-06-05 21:27, 2026-06-12 21:27, 2026-06-19 21:27

Spamhaus DROP

95.85.238.22 is listed on the Spamhaus DROP blacklist.

Description: Spamhaus DROP (Don't Route Or Peer) list. Netblocks controlled by spammers or cyber criminals. The DROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-06-19 21:27:10.271000
Was present on blacklist at: 2026-06-05 21:27, 2026-06-12 21:27, 2026-06-19 21:27

AbuseIPDB

95.85.238.22 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-06-23 04:00:00.619000
Was present on blacklist at: 2026-06-06 04:00, 2026-06-07 04:00, 2026-06-08 04:00, 2026-06-09 04:00, 2026-06-10 04:00, 2026-06-11 04:00, 2026-06-12 04:00, 2026-06-13 04:00, 2026-06-14 04:00, 2026-06-15 04:00, 2026-06-17 04:00, 2026-06-18 04:00, 2026-06-19 04:00, 2026-06-21 04:00, 2026-06-22 04:00, 2026-06-23 04:00

Echelon telnet bruteforce

95.85.238.22 is listed on the Echelon telnet bruteforce blacklist.

Description: Multiple telnet authentication attempts detected
Type of feed: primary (feed detail page)

Last checked at: 2026-06-10 09:45:00.367000
Was present on blacklist at: 2026-06-07 09:45, 2026-06-08 09:45, 2026-06-09 09:45, 2026-06-10 09:45

Echelon web crawler

95.85.238.22 is listed on the Echelon web crawler blacklist.

Description: HTTP web crawling activity detected on web honeypots
Type of feed: primary (feed detail page)

Last checked at: 2026-06-23 09:50:00.433000
Was present on blacklist at: 2026-06-08 09:50, 2026-06-09 09:50, 2026-06-10 09:50, 2026-06-11 09:50, 2026-06-12 09:50, 2026-06-15 09:50, 2026-06-16 09:50, 2026-06-17 09:50, 2026-06-18 09:50, 2026-06-19 09:50, 2026-06-20 09:50, 2026-06-21 09:50, 2026-06-22 09:50, 2026-06-23 09:50

Spamhaus XBL CBL

95.85.238.22 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-06-19 21:27:10.271000
Was present on blacklist at: 2026-06-12 21:27, 2026-06-19 21:27

Threat categories

TL	Role	Category	Details
79	src	scan	port: 80, 8080
25	src	—

---

Warden events (6571)

2026-06-24

ReconScanning (node.4dc198): 29

ReconScanning (node.9c1411): 5

ReconScanning (node.368407): 14

ReconScanning (node.ce2b59): 3

2026-06-23

ReconScanning (node.368407): 118

ReconScanning (node.4dc198): 265

ReconScanning (node.9c1411): 35

ReconScanning (node.ce2b59): 29

2026-06-22

ReconScanning (node.4dc198): 279

ReconScanning (node.368407): 128

ReconScanning (node.ce2b59): 28

ReconScanning (node.9c1411): 53

2026-06-21

ReconScanning (node.4dc198): 214

ReconScanning (node.ce2b59): 31

ReconScanning (node.9c1411): 61

ReconScanning (node.368407): 128

2026-06-20

ReconScanning (node.ce2b59): 53

ReconScanning (node.4dc198): 252

ReconScanning (node.368407): 103

ReconScanning (node.9c1411): 56

2026-06-19

ReconScanning (node.ce2b59): 79

ReconScanning (node.4dc198): 206

ReconScanning (node.9c1411): 61

ReconScanning (node.368407): 104

2026-06-18

ReconScanning (node.9c1411): 59

ReconScanning (node.ce2b59): 79

ReconScanning (node.368407): 102

ReconScanning (node.4dc198): 98

2026-06-17

ReconScanning (node.4dc198): 185

ReconScanning (node.368407): 97

ReconScanning (node.9c1411): 59

ReconScanning (node.ce2b59): 78

2026-06-16

ReconScanning (node.ce2b59): 75

ReconScanning (node.4dc198): 144

ReconScanning (node.9c1411): 64

ReconScanning (node.368407): 103

2026-06-15

ReconScanning (node.368407): 110

ReconScanning (node.9c1411): 55

ReconScanning (node.ce2b59): 47

ReconScanning (node.4dc198): 197

2026-06-14

ReconScanning (node.368407): 103

ReconScanning (node.9c1411): 55

ReconScanning (node.ce2b59): 44

ReconScanning (node.4dc198): 96

2026-06-13

ReconScanning (node.368407): 114

ReconScanning (node.ce2b59): 49

ReconScanning (node.9c1411): 65

ReconScanning (node.4dc198): 43

2026-06-12

ReconScanning (node.9c1411): 65

ReconScanning (node.ce2b59): 43

ReconScanning (node.368407): 92

ReconScanning (node.4dc198): 11

2026-06-11

ReconScanning (node.9c1411): 67

ReconScanning (node.ce2b59): 40

ReconScanning (node.368407): 98

ReconScanning (node.4dc198): 41

2026-06-10

ReconScanning (node.4dc198): 200

ReconScanning (node.9c1411): 67

ReconScanning (node.ce2b59): 48

ReconScanning (node.368407): 73

2026-06-09

ReconScanning (node.4dc198): 239

ReconScanning (node.9c1411): 65

ReconScanning (node.ce2b59): 48

ReconScanning (node.368407): 59

2026-06-08

ReconScanning (node.ce2b59): 79

ReconScanning (node.9c1411): 65

ReconScanning (node.4dc198): 185

ReconScanning (node.368407): 49

2026-06-07

ReconScanning (node.ce2b59): 79

ReconScanning (node.9c1411): 70

ReconScanning (node.368407): 20

ReconScanning (node.4dc198): 63

2026-06-06

ReconScanning (node.ce2b59): 76

ReconScanning (node.9c1411): 78

ReconScanning (node.4dc198): 22

ReconScanning (node.368407): 4

2026-06-05

ReconScanning (node.ce2b59): 10

IntrusionUserCompromise (node.cfb4f7): 60

DShield reports (IP summary, reports)

2026-06-06

Number of reports: 386

Distinct targets: 233

2026-06-07

Number of reports: 386

Distinct targets: 233

2026-06-08

Number of reports: 460

Distinct targets: 232

2026-06-09

Number of reports: 395

Distinct targets: 202

2026-06-10

Number of reports: 395

Distinct targets: 202

2026-06-12

Number of reports: 446

Distinct targets: 215

2026-06-13

Number of reports: 446

Distinct targets: 215

2026-06-14

Number of reports: 496

Distinct targets: 233

2026-06-16

Number of reports: 363

Distinct targets: 197

2026-06-17

Number of reports: 477

Distinct targets: 229

2026-06-18

Number of reports: 460

Distinct targets: 222

2026-06-19

Number of reports: 482

Distinct targets: 222

2026-06-20

Number of reports: 351

Distinct targets: 199

2026-06-21

Number of reports: 310

Distinct targets: 179

2026-06-22

Number of reports: 455

Distinct targets: 259

Origin AS

AS205775 - neoncorenetworks

AS209946 - ALINDA-AS

BGP Prefix

95.85.238.0/24

geo

Czech Republic

🕑 Europe/Prague

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

95.85.192.0 - 95.85.255.255

last_activity

2026-06-24 02:25:09

last_warden_event

2026-06-24 02:25:09

rep

0.8286001633193906

reserved_range

0

Shodan's InternetDB

Open ports: 3389

Tags: self-signed

CPEs: –

ts_added

2026-06-05 21:27:04.436000

ts_last_update

2026-06-24 02:25:17.788000

Warden event timeline

DShield event timeline

Presence on blacklists