IP address


.307199.195.249.114.zlabs.dev
Shodan(more info)
Passive DNS
Tags:
IP blacklists
CI Army
199.195.249.11 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2026-07-01 02:50:00.817000
Was present on blacklist at: 2026-06-28 02:50, 2026-06-30 02:50, 2026-07-01 02:50
Echelon SIP register scanner
199.195.249.11 is listed on the Echelon SIP register scanner blacklist.

Description: SIP VoIP registration scanning on port 5060
Type of feed: primary (feed detail page)

Last checked at: 2026-07-01 09:30:00.309000
Was present on blacklist at: 2026-06-30 09:30, 2026-07-01 09:30

Threat categories

TLRoleCategoryDetails
52 src scan port: 5060
36 src

Warden events (2)
2026-06-30
AnomalyTraffic (node.ce2b59): 1
ReconScanning (node.ce2b59): 1
DShield reports (IP summary, reports)
2026-06-26
Number of reports: 168
Distinct targets: 94
2026-06-27
Number of reports: 308
Distinct targets: 174
2026-06-29
Number of reports: 328
Distinct targets: 224
2026-06-30
Number of reports: 328
Distinct targets: 224
Origin AS
AS53667 - PONYNET
BGP Prefix
199.195.248.0/21
geo
United States, Staten Island
🕑 America/New_York
hostname
4.zlabs.dev
Address block ('inetnum' or 'NetRange' in whois database)
199.195.248.0 - 199.195.255.255
last_activity
2026-06-30 06:01:36
last_warden_event
2026-06-30 06:01:36
rep
0.3065037125440033
reserved_range
0
ts_added
2026-06-27 05:00:30.504000
ts_last_update
2026-07-01 09:30:06.800000

Warden event timeline

DShield event timeline

Presence on blacklists