IP address


.000192.3.199.159192-3-199-159-host.colocrossing.com
Shodan(more info)
Passive DNS
Tags: IP in hostname
IP blacklists
Echelon SSH connection attempt
192.3.199.159 is listed on the Echelon SSH connection attempt blacklist.

Description: SSH connection attempt detected on port 22 or 2222
Type of feed: primary (feed detail page)

Last checked at: 2026-06-16 09:35:00.754000
Was present on blacklist at: 2026-06-06 09:35, 2026-06-07 09:35, 2026-06-08 09:35, 2026-06-09 09:35, 2026-06-10 09:35, 2026-06-11 09:35, 2026-06-12 09:35, 2026-06-13 09:35, 2026-06-14 09:35, 2026-06-15 09:35, 2026-06-16 09:35
Spamhaus SBL
192.3.199.159 was recently listed on the Spamhaus SBL blacklist, but currently it is not.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-07-04 09:36:50.459000
Was present on blacklist at: 2026-06-06 09:36
Echelon SSH bruteforce
192.3.199.159 is listed on the Echelon SSH bruteforce blacklist.

Description: Multiple SSH authentication attempts detected
Type of feed: primary (feed detail page)

Last checked at: 2026-06-09 09:35:00.318000
Was present on blacklist at: 2026-06-08 09:35, 2026-06-09 09:35
CI Army
192.3.199.159 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2026-06-26 02:50:00.848000
Was present on blacklist at: 2026-06-12 02:50, 2026-06-13 02:50, 2026-06-14 02:50, 2026-06-15 02:50, 2026-06-17 02:50, 2026-06-18 02:50, 2026-06-19 02:50, 2026-06-20 02:50, 2026-06-21 02:50, 2026-06-25 02:50, 2026-06-26 02:50
AbuseIPDB
192.3.199.159 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-06-25 04:00:00.583000
Was present on blacklist at: 2026-06-12 04:00, 2026-06-14 04:00, 2026-06-15 04:00, 2026-06-25 04:00

Threat categories

TLRoleCategoryDetails
50 src scan
30 src

DShield reports (IP summary, reports)
2026-06-06
Number of reports: 127
Distinct targets: 61
2026-06-07
Number of reports: 127
Distinct targets: 61
2026-06-08
Number of reports: 67
Distinct targets: 20
2026-06-09
Number of reports: 146
Distinct targets: 63
2026-06-10
Number of reports: 146
Distinct targets: 63
2026-06-12
Number of reports: 87
Distinct targets: 57
2026-06-13
Number of reports: 87
Distinct targets: 57
2026-06-14
Number of reports: 143
Distinct targets: 95
2026-06-16
Number of reports: 38
Distinct targets: 14
2026-06-17
Number of reports: 204
Distinct targets: 68
2026-06-18
Number of reports: 140
Distinct targets: 90
2026-06-24
Number of reports: 61
Distinct targets: 45
2026-06-25
Number of reports: 61
Distinct targets: 45
Origin AS
AS36352 - AS-COLOCROSSING
BGP Prefix
192.3.199.0/24
geo
United States, Elk Grove Village
🕑 America/Chicago
hostname
192-3-199-159-host.colocrossing.com
hostname_class
['ip_in_hostname']
Address block ('inetnum' or 'NetRange' in whois database)
192.3.0.0 - 192.3.255.255
rep
0.00024023221663704852
reserved_range
0
Shodan's InternetDB
Open ports: 22
Tags:
CPEs: cpe:/o:canonical:ubuntu_linux, cpe:/a:openbsd:openssh:8.9p1
ts_added
2026-06-06 09:36:47.445000
ts_last_update
2026-07-04 09:36:50.562000

Warden event timeline

DShield event timeline

Presence on blacklists