IP address

Search at other sites:

.00023.95.197.19823-95-197-198-host.colocrossing.com

Shodan(more info)

Passive DNS

IP blacklists

Turris greylist

23.95.197.198 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-03 22:15:00.181000
Was present on blacklist at: 2025-11-05 22:15, 2025-11-11 22:15, 2025-11-12 22:15, 2025-11-14 22:15, 2025-12-03 22:15

CI Army

23.95.197.198 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-12-13 03:50:01.120000
Was present on blacklist at: 2025-12-10 03:50, 2025-12-11 03:50, 2025-12-12 03:50, 2025-12-13 03:50

Warden events (3224)

2025-11-13

ReconScanning (node.f90c6b): 371

ReconScanning (node.9c1411): 1

ReconScanning (node.86eb21): 3

2025-11-12

ReconScanning (node.f90c6b): 829

AnomalyTraffic (node.ffe95c): 1

ReconScanning (node.86eb21): 8

ReconScanning (node.9c1411): 2

2025-11-11

ReconScanning (node.f90c6b): 929

ReconScanning (node.86eb21): 20

2025-11-10

ReconScanning (node.f90c6b): 864

ReconScanning (node.86eb21): 81

AnomalyTraffic (node.ffe95c): 1

2025-11-09

AnomalyTraffic (node.ffe95c): 3

ReconScanning (node.f90c6b): 98

ReconScanning (node.86eb21): 13

DShield reports (IP summary, reports)

2025-11-03

Number of reports: 939

Distinct targets: 520

2025-11-04

Number of reports: 939

Distinct targets: 520

2025-11-05

Number of reports: 620

Distinct targets: 620

2025-11-06

Number of reports: 620

Distinct targets: 620

2025-11-07

Number of reports: 1049

Distinct targets: 589

2025-11-08

Number of reports: 1114

Distinct targets: 612

2025-11-09

Number of reports: 926

Distinct targets: 543

2025-11-10

Number of reports: 1285

Distinct targets: 1285

2025-11-11

Number of reports: 1285

Distinct targets: 1285

2025-11-12

Number of reports: 1329

Distinct targets: 1329

2025-11-13

Number of reports: 602

Distinct targets: 602

2025-11-30

Number of reports: 480

Distinct targets: 480

2025-12-08

Number of reports: 78

Distinct targets: 73

2025-12-09

Number of reports: 746

Distinct targets: 574

Origin AS

AS36352 - AS-COLOCROSSING

BGP Prefix

23.95.197.0/24

geo

United States, Buffalo

🕑 America/New_York

hostname

23-95-197-198-host.colocrossing.com

hostname_class

['ip_in_hostname']

Address block ('inetnum' or 'NetRange' in whois database)

23.94.0.0 - 23.95.255.255

last_activity

2025-11-13 10:15:33

last_warden_event

2025-11-13 10:15:33

rep

0.0

reserved_range

0

Shodan's InternetDB

Open ports: 22, 53, 443, 587, 2077, 2083, 2087, 3389

Tags: starttls, open-dir, self-signed

CPEs: cpe:/o:linux:linux_kernel, cpe:/a:apache:http_server, cpe:/o:debian:debian_linux, cpe:/a:cpanel:cpanel, cpe:/a:exim:exim:4.98.2, cpe:/a:openbsd:openssh:8.4p1

ts_added

2025-11-04 05:05:55.621000

ts_last_update

2025-12-18 05:12:01.682000

Warden event timeline

DShield event timeline

Presence on blacklists