IP Address

64.39.103.51

IPv4 Public
US US
AS27385
QUALYS
1,212 Reports
This IP is under Observation Suspicious activity detected - monitor closely
8/10 Threat
58% Confidence
1,212 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
US
US Location
QUALYS ASN 27385
1,212 Reports
Honeypot Data Source

Elevated Risk

IP 64.39.103.51 is a high-risk address that generated 1,212 abuse reports in a single month, placing it firmly in the high-threat category with a threat level of 8/10. The volume of community reports combined with detection across 20 automated honeypot sensors reveals persistent malicious activity originating from this US-based IP address. Email spam represents the dominant reported threat category, followed by web application attacks and general hacking attempts, indicating this address has been used for multiple attack vectors against exposed services.

The data shows this address was first and last reported in October 2025, meaning all documented activity occurred within a compressed timeframe. Despite the substantial report count, the activity frequency registers at 0/10, which may indicate the IP is currently dormant or that its detection rate has subsided since the reporting period. The IP routes through AS27385, operated by Qualys, a US-based network operator. The 58% confidence score suggests moderate certainty in the classification, while the 1,212 total reports provide strong empirical evidence of sustained hostile behavior rather than isolated probe events.

Email spam activity of this magnitude typically indicates the address has been used for mass distribution of unsolicited messages, a common vector for phishing campaigns and malware delivery. The web application attack reports suggest automated scanning for vulnerabilities such as injection flaws, path traversal, or authentication weaknesses in internet-facing applications. Hacking activity encompasses various intrusion attempts and unauthorized access probing against services exposed to the internet. Together, these categories represent a multi-vector threat profile where an exposed mail relay, vulnerable web application, or unpatched service could be compromised in short order.

Site operators should implement SPF, DKIM, and DMARC email authentication protocols to prevent abuse of any mail infrastructure, deploy a web application firewall to filter common attack patterns, and ensure all internet-facing systems are patched against known vulnerabilities. Implementing fail2ban or similar dynamic blocking tools can automatically mitigate brute-force and scanning activity. Organizations may also consider blocking or rate-limiting traffic from this IP based on current threat intelligence feeds as a precautionary measure.

More threatening than 78% of monitored IPs

Threat Categories

Email Spam 12
Web App Attack 11
Hacking 7

Technical Details

Email spam involves mass distribution of unwanted emails, often for advertising, phishing, or malware delivery.

Recommended Mitigations

Implement SPF, DKIM, DMARC, and use reputable email filtering services.

High-Risk Network Association

This IP belongs to a network (ASN 27385) with elevated threat levels. The ISP QUALYS hosts multiple reported malicious addresses, suggesting systemic security issues or permissive policies.

Network-wide patterns may indicate this is part of a larger malicious infrastructure.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 0/10 Inactive
Confidence Score 58% High Confidence

Confidence History

19. Oct 2025
58% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Web App Attack Honeypot 75%
Hacking Honeypot 75%
Web App Attack Honeypot 75%
Hacking Honeypot 75%
Web App Attack Honeypot 75%
Hacking Honeypot 75%
Email Spam Honeypot 75%
Web App Attack Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Hacking Honeypot 75%
Web App Attack Honeypot 75%
Web App Attack Honeypot 75%
Hacking Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Web App Attack Honeypot 75%
Email Spam Honeypot 75%
Hacking Honeypot 75%
Web App Attack Honeypot 75%
Web App Attack Honeypot 75%
Hacking Honeypot 75%
Web App Attack Honeypot 75%
Web App Attack Honeypot 75%
Email Spam Honeypot 75%
10 of 1212 shown

Technical Details

Basic Information

IP Address
64.39.103.51
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
US US
ASN
AS27385
ISP
QUALYS

DNS Information

Reverse DNS
sn051.s02.sjc01.qualys.com
PTR Record
Yes
Connection Type
Static

Statistics

Total Reports
1,212
First Reported
18 Oct 2025
Last Reported
19 Oct 2025, 06:13

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS27385
QUALYS
US US

Network Threat Assessment

10/10
This network has a high threat level with significant malicious activity reported across multiple IPs.

Network Statistics

1
Total IPs Monitored
1,214
Total Reports
1214
Reports per IP

Network Context

This IP address belongs to QUALYS (AS27385), which manages 1 IP addresses in our monitoring system. Out of these, 1,214 have been reported for suspicious activities, resulting in a network-wide threat level of 10/10.

Network warning: This network has elevated threat levels. Exercise caution when interacting with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

78 %

Global Threat Ranking

This IP is more threatening than 78% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,581 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 1,212 avg: 23 ++

Geographic Comparison

Compared against 38,457 IPs in US

Threat Level 8/10 country avg: 5.9 +
Total Reports 1,212 country avg: 41 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,273 threat incidents tracked globally • Last 24h: 18,965 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US THIS IP
    38,457 20.5%
  2. 02
    IN
    India IN
    29,090 15.5%
  3. 03
    CN
    China CN
    26,027 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE
    7,143 3.8%
  6. 06
    SG
    Singapore SG
    6,476 3.5%
  7. 07
    ID
    Indonesia ID
    5,543 3%
  8. 08
    RU
    Russia RU
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,670 2.5%
  10. 10
    NL
    Netherlands NL
    4,357 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs with similar threat level and confidence scores.

15 Related IPs
7.5/10 Avg Threat
58% Avg Confidence
10 High Threat
High-risk network: Majority of related IPs are flagged
158.94.210.39 5/10
Confidence 58%
Reports 1,682
Location NL NL
22 Jan 2026
77.83.39.253 5/10
Confidence 58%
Reports 891
Location DE DE
29 Jan 2026
196.251.115.108 10/10
Confidence 58%
Reports 326
Location NL NL
16 Aug 2025
87.120.191.67 10/10
Confidence 58%
Reports 309
Location US US
24 Feb 2026
45.10.175.246 10/10
Confidence 58%
Reports 253
Location GB GB
16 Aug 2025
213.165.52.9 5/10
Confidence 58%
Reports 164
Location DE DE
30 Sep 2025
91.209.135.33 5/10
Confidence 58%
Reports 160
Location GE GE
5 Oct 2025
176.65.134.20 10/10
Confidence 58%
Reports 110
Location SI SI
15 Mar 2026
45.84.107.222 8/10
Confidence 58%
Reports 108
Location SE SE
7 Jun 2026
34.127.2.183 5/10
Confidence 58%
Reports 101
Location US US
30 Sep 2025
37.77.150.123 8/10
Confidence 58%
Reports 98
Location RU RU
26 Feb 2026
117.52.84.157 8/10
Confidence 58%
Reports 78
Location KR KR
15 Aug 2025
91.92.243.249 7/10
Confidence 58%
Reports 71
Location US US
9 Jun 2026
45.141.215.150 8/10
Confidence 58%
Reports 64
Location PL PL
8 Sep 2025
193.46.255.185 8/10
Confidence 58%
Reports 50
Location RO RO
21 Aug 2025

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "64.39.103.51",
    "threat_level": 8,
    "confidence_score": 58,
    "total_reports": 1212,
    "country_code": "US",
    "isp_name": "QUALYS",
    "asn": "27385",
    "first_reported": "2025-10-18 14:17:35",
    "last_reported": "2025-10-19 06:13:06",
    "exported_at": "2026-06-09T09:54:19+02:00",
    "source": "https://reportedip.de/ip/64.39.103.51/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses