IP Address

196.251.92.124

IPv4 Public
NL NL
AS401109
ZHONGGUANCUN-CO
944 Reports
This IP is under Observation Suspicious activity detected - monitor closely
8/10 Threat
62% Confidence
944 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
NL
NL Location
ZHONGGUANCUN-CO ASN 401109
944 Reports
Honeypot Data Source

High Risk

IP address 196.251.92.124 is a high-risk Dutch address with a threat level of 8/10 that has been linked to 944 total abuse reports, predominantly for email spam activity detected through automated honeypot sensors and community reporting between August and October 2025.

Routing through network operator ZHONGGUANCUN-CO on ASN AS401109, this address was flagged across 20 separate honeypot detections during the most recent reporting window. The threat confidence stands at 62 percent, indicating moderate certainty that this address is responsible for the observed SMTP abuse. The Netherlands-based IP has accumulated its substantial report volume over approximately three months, suggesting persistent rather than opportunistic malicious behavior. The zero activity frequency score may indicate that the most recent attacks have tapered, though the historical volume of reports signals an established pattern of abuse rather than isolated incidents.

Email spam operations represent a significant threat to exposed mail infrastructure, enabling threat actors to distribute unsolicited bulk messages at scale for purposes including advertising, phishing credential harvesting, and malware delivery. SMTP spam abuse specifically exploits misconfigured or weakly secured mail servers to relay or originate large volumes of unwanted correspondence. The risk to operators with exposed SMTP services includes blacklisting of legitimate mail infrastructure, degradation of email deliverability, consumption of bandwidth and storage resources, and potential compromise of end users who interact with phishing content distributed from such sources.

Operators should implement strict email authentication protocols including SPF, DKIM, and DMARC to verify legitimate sending sources and prevent spoofing. Deploying reputation-based email filtering services can block messages originating from known abusive sources. Configuring fail2ban or equivalent intrusion prevention tools to automatically block repeated SMTP abuse attempts strengthens perimeter defenses. Regular monitoring of mail server logs for patterns consistent with relay abuse and maintaining current blocklists based on community abuse reports will further reduce exposure to threats associated with this address.

More threatening than 78% of monitored IPs

Threat Categories

Email Spam 30

Technical Details

Email spam involves mass distribution of unwanted emails, often for advertising, phishing, or malware delivery.

Recommended Mitigations

Implement SPF, DKIM, DMARC, and use reputable email filtering services.

High-Risk Network Association

This IP belongs to a network (ASN 401109) with elevated threat levels. The ISP ZHONGGUANCUN-CO hosts multiple reported malicious addresses, suggesting systemic security issues or permissive policies.

Network-wide patterns may indicate this is part of a larger malicious infrastructure.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 0/10 Inactive
Confidence Score 59% High Confidence

Confidence History

22. Oct 2025
62% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
10 of 944 shown

Technical Details

Basic Information

IP Address
196.251.92.124
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class C

Geolocation

Country
NL NL
ASN
AS401109
ISP
ZHONGGUANCUN-CO

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
944
First Reported
21 Aug 2025
Last Reported
22 Oct 2025, 13:41

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS401109
ZHONGGUANCUN-CO
NL NL

Network Threat Assessment

7/10
This network shows moderate threat levels with some malicious activity patterns.

Network Statistics

5
Total IPs Monitored
76,883
Total Reports
15376.6
Reports per IP

Network Context

This IP address belongs to ZHONGGUANCUN-CO (AS401109), which manages 5 IP addresses in our monitoring system. Out of these, 76,883 have been reported for suspicious activities, resulting in a network-wide threat level of 7/10.

Network warning: This network has elevated threat levels. Exercise caution when interacting with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

78 %

Global Threat Ranking

This IP is more threatening than 78% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,840 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 944 avg: 23 ++

Network Comparison

Compared against 5 IPs in ASN 401109

Threat Level 8/10 network avg: 7.0 =
Total Reports 944 network avg: 15,372 --
Network ZHONGGUANCUN-CO has overall threat level 7/10

Geographic Comparison

Compared against 4,361 IPs in NL

Threat Level 8/10 country avg: 6.0 +
Total Reports 944 country avg: 95 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,519 threat incidents tracked globally • Last 24h: 18,988 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,480 20.5%
  2. 02
    IN
    India IN
    29,193 15.6%
  3. 03
    CN
    China CN
    26,036 13.9%
  4. 04
    BR
    Brazil BR
    10,259 5.5%
  5. 05
    DE
    Germany DE
    7,147 3.8%
  6. 06
    SG
    Singapore SG
    6,479 3.5%
  7. 07
    ID
    Indonesia ID
    5,557 3%
  8. 08
    RU
    Russia RU
    4,707 2.5%
  9. 09
    PK
    Pakistan PK
    4,689 2.5%
  10. 10
    NL
    Netherlands NL THIS IP
    4,361 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same subnet range, likely same network segment.

4 Related IPs
6.8/10 Avg Threat
42% Avg Confidence
3 High Threat
High-risk network: Majority of related IPs are flagged
196.251.92.134 7/10
Confidence 55%
Reports 75,414
Location NL NL
14 Oct 2025
196.251.92.85 5/10
Confidence 55%
Reports 493
Location NL NL
15 Sep 2025
196.251.92.141 8/10
Confidence 34%
Reports 5
Location NL NL
21 Aug 2025
196.251.92.207 7/10
Confidence 25%
Reports 2
Location NL NL
21 Aug 2025

IPs from the same country with similar threat profiles.

15 Related IPs
8.9/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
52.232.35.131 8/10
Confidence 100%
Reports 106
ISP Microsoft Corpo...
14 May 2026
158.94.210.72 8/10
Confidence 100%
Reports 77
ISP Omegatech LTD
1 Jun 2026
45.148.10.166 10/10
Confidence 100%
Reports 35
ISP Techoff Srv Lim...
13 May 2026
45.148.10.249 10/10
Confidence 100%
Reports 27
ISP Techoff Srv Lim...
28 May 2026
45.148.10.5 8/10
Confidence 100%
Reports 26
ISP Techoff Srv Lim...
29 May 2026
45.148.10.62 8/10
Confidence 100%
Reports 19
ISP Techoff Srv Lim...
5 Jun 2026
93.119.1.128 8/10
Confidence 100%
Reports 18
ISP Signet B.V.
8 May 2026
77.246.100.120 10/10
Confidence 100%
Reports 17
ISP Servers Tech Fzco
3 Jun 2026
20.224.168.82 10/10
Confidence 100%
Reports 16
ISP Microsoft Corpo...
9 Jun 2026
45.154.98.96 8/10
Confidence 100%
Reports 15
ISP 1337 Services GmbH
6 Jun 2026
46.151.182.172 8/10
Confidence 100%
Reports 13
ISP Ghosty Networks...
8 Jun 2026
83.83.112.125 10/10
Confidence 100%
Reports 12
ISP Vodafone Libert...
1 Jun 2026
213.176.16.100 10/10
Confidence 99%
Reports 44
ISP Global Connecti...
4 Jun 2026
107.189.27.179 10/10
Confidence 99%
Reports 43
ISP RouterHosting LLC
7 Jun 2026
45.94.31.24 8/10
Confidence 99%
Reports 34
ISP 1337 Services GmbH
27 May 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.7/10 Avg Threat
62% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
185.11.61.151 10/10
Confidence 62%
Reports 3,569
Location RU RU
31 Jan 2026
167.86.74.173 7/10
Confidence 62%
Reports 3,271
Location DE DE
20 Jan 2026
62.149.25.72 10/10
Confidence 62%
Reports 3,180
Location UA UA
9 Mar 2026
125.163.139.181 10/10
Confidence 62%
Reports 3,148
Location ID ID
22 Jan 2026
193.22.146.182 8/10
Confidence 62%
Reports 2,704
Location DE DE
6 Feb 2026
185.243.5.75 10/10
Confidence 62%
Reports 2,500
Location HK HK
29 May 2026
138.197.71.145 10/10
Confidence 62%
Reports 2,121
Location US US
20 Jan 2026
142.202.191.102 10/10
Confidence 62%
Reports 2,118
Location US US
13 Feb 2026
64.188.91.243 10/10
Confidence 62%
Reports 2,084
Location US US
3 Mar 2026
172.81.63.125 10/10
Confidence 62%
Reports 1,846
Location US US
12 Feb 2026
185.132.187.58 10/10
Confidence 62%
Reports 1,484
Location BE BE
27 Jan 2026
212.56.40.202 10/10
Confidence 62%
Reports 1,228
Location US US
23 Jan 2026
159.223.239.42 10/10
Confidence 62%
Reports 1,188
Location NL NL
21 Jan 2026
95.214.54.147 10/10
Confidence 62%
Reports 1,133
Location PL PL
30 Jan 2026
206.189.98.110 10/10
Confidence 62%
Reports 1,096
Location NL NL
19 Jan 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "196.251.92.124",
    "threat_level": 8,
    "confidence_score": 62,
    "total_reports": 944,
    "country_code": "NL",
    "isp_name": "ZHONGGUANCUN-CO",
    "asn": "401109",
    "first_reported": "2025-08-21 18:30:01",
    "last_reported": "2025-10-22 13:41:28",
    "exported_at": "2026-06-09T11:55:08+02:00",
    "source": "https://reportedip.de/ip/196.251.92.124/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses