Is IP address 91.224.92.177 dangerous?

Yes, 91.224.92.177 is considered dangerous with a threat level of 10/10. It has been reported 608 times for malicious activities including . We recommend blocking this IP address.

Who owns or operates IP address 91.224.92.177?

IP address 91.224.92.177 is operated by UAB Host Baltic (ASN 209605) and is geolocated to GB. This information is derived from public WHOIS and geolocation databases.

Should I block IP address 91.224.92.177?

Yes, blocking 91.224.92.177 is strongly recommended. With a threat level of 10/10 and 608 security reports, this IP poses significant risk. Implement firewall rules to block incoming and outgoing traffic.

How accurate is this threat assessment for 91.224.92.177?

Our threat assessment for 91.224.92.177 has a confidence score of 91%, based on 608 independent reports from multiple independent sources. Higher confidence scores indicate more reliable assessments.

IP Address

91.224.92.177

IPv4 Public

AS209605

UAB Host Baltic

608 Reports

GB Location

UAB Host Baltic ASN 209605

608 Reports

Honeypot Data Source

Critical Threat

IP 91.224.92.177 is a high-risk address with a maximum threat score of 10/10 that has generated 608 incident reports, primarily consisting of general hacking activity targeting exposed services, and should be treated as dangerous by any organization discovering it in their logs or network traffic.

Detected by 20 automated honeypot sensors across a three-month window from February 2026 through April 2026, this address originates from the United Kingdom within autonomous system AS209605 operated by UAB Host Baltic. The sheer volume of 608 reports concentrated across a relatively small sensor network indicates sustained, high-frequency malicious activity rather than opportunistic scanning. With a confidence score of 91%, the attribution of this activity to hostile intent is highly reliable. The activity frequency has been assessed at 3 out of 10, suggesting consistent rather than constant engagement, yet the report density remains significant given the limited detection footprint.

The dominant threat category associated with 91.224.92.177 is general hacking activity, which encompasses intrusion attempts, vulnerability exploitation, and unauthorized access attempts against exposed services. A secondary component of IoT-targeted activity rounds out the threat profile, indicating this address may be actively scanning for poorly secured connected devices such as cameras, routers, and smart equipment. The dual threat vector suggests the operator is pursuing both traditional server compromise and opportunistic IoT device capture, potentially building a botnet or establishing persistent footholds across diverse target types.

Site operators should immediately block 91.224.92.177 at the firewall level and monitor logs for any successful connections from this address. Deploying fail2ban or equivalent intrusion prevention tools to automatically ban repeat offenders provides an additional layer of defense against the automated nature of these attacks. Ensuring all exposed services run current patches, enforcing strong and unique credentials, and implementing network segmentation for IoT devices will reduce the attack surface available to this threat actor. Regular review of honeypot telemetry and community abuse feeds helps maintain current blocklists against evolving scanning campaigns.

More threatening than 97% of monitored IPs

Threat Categories

Hacking 19

IoT Targeted 12

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Moderate Network Risk

The network hosting this IP (ASN 209605, operated by UAB Host Baltic) shows moderate threat indicators. Some concerning activity has been detected from neighboring addresses.

Consider the network context when assessing this individual IP.

Security Recommendations

Continue monitoring for emerging patterns.

Reputation Summary

Threat Level 10/10 Critical

Critical

Activity Frequency 3/10 Low

Confidence Score 70% High Confidence

Confidence History

21. Apr 2026 - 22. Apr 2026

91% Current

Stable Trend

Date	Categories	Source	Confidence
22. Apr 2026	Hacking	Honeypot	75%
22. Apr 2026	Hacking	Honeypot	75%
22. Apr 2026	Hacking	Honeypot	75%
22. Apr 2026	IoT Targeted	Honeypot	75%
22. Apr 2026	Hacking IoT Targeted	Honeypot x2	75%
22. Apr 2026	IoT Targeted	Honeypot	75%
22. Apr 2026	IoT Targeted	Honeypot	75%
22. Apr 2026	Hacking	Honeypot	75%
22. Apr 2026	IoT Targeted	Honeypot	75%
22. Apr 2026	Hacking	Honeypot	75%
22. Apr 2026	Hacking	Honeypot	75%
22. Apr 2026	Hacking	Honeypot	75%
22. Apr 2026	Hacking	Honeypot	75%
22. Apr 2026	Hacking	Honeypot	75%
22. Apr 2026	Hacking	Honeypot	75%
22. Apr 2026	Hacking	Honeypot	75%
22. Apr 2026	Hacking	Honeypot	75%
22. Apr 2026	Hacking	Honeypot	75%
22. Apr 2026	Hacking	Honeypot	75%
22. Apr 2026	Hacking	Honeypot	75%
22. Apr 2026	Hacking	Honeypot	75%
21. Apr 2026	IoT Targeted	Honeypot	75%
21. Apr 2026	IoT Targeted	Honeypot	75%
21. Apr 2026	IoT Targeted	Honeypot	75%
21. Apr 2026	Hacking	Honeypot	75%
21. Apr 2026	Hacking	Honeypot	75%
21. Apr 2026	IoT Targeted	Honeypot	75%
21. Apr 2026	IoT Targeted	Honeypot	75%
21. Apr 2026	IoT Targeted	Honeypot	75%
21. Apr 2026	IoT Targeted	Honeypot	75%

Basic Information

IP Address: 91.224.92.177
IP Version: IPv4
Network Type: Public
Tor Network: No
Network Class: Class A

Geolocation

Country: GB
ASN: AS209605
ISP: UAB Host Baltic

DNS Information

Reverse DNS: srv-91-224-92-177.serveroffer.net
PTR Record: Yes
Connection Type: Dynamic

Statistics

Total Reports: 608
First Reported: 1 Feb 2026
Last Reported: 22 Apr 2026, 21:51

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

ASN: AS209605

Organization: UAB Host Baltic

Country:

Network Threat Assessment

6/10

This network shows moderate threat levels with some malicious activity patterns.

Network Statistics

184

Total IPs Monitored

14,057

Total Reports

76.4

Reports per IP

Network Context

This IP address belongs to UAB Host Baltic (AS209605), which manages 184 IP addresses in our monitoring system. Out of these, 14,057 have been reported for suspicious activities, resulting in a network-wide threat level of 6/10.

Network warning: This network has elevated threat levels. Exercise caution when interacting with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

97 %

Global Threat Ranking

This IP is more threatening than 97% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,713 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++

Total Reports 608 avg: 23 ++

Network Comparison

Compared against 192 IPs in ASN 209605

Threat Level 10/10 network avg: 6.5 ++

Total Reports 608 network avg: 75 ++

Network UAB Host Baltic has overall threat level 6/10

Geographic Comparison

Compared against 4,299 IPs in GB

Threat Level 10/10 country avg: 5.4 ++

Total Reports 608 country avg: 27 ++

Daily report activity over the last 30 days showing patterns and peaks.

Peak Day 0 reports

Daily Average 0 reports/day

Most Active Wednesday 136 reports

Evolution of threat level over time based on reported categories and frequency.

Initial Threat 6/10

Current Threat 6/10

Distribution of threat categories reported over time.

Top Threat Categories

Hacking 583

IoT Targeted 27

SSH 2

Exploited Host 2

Activity patterns showing when this IP is most active during the day and week.

Hourly Activity

Peak activity at 23:00 with 35 reports

Weekly Activity

Geographic Threat Distribution

187,375 threat incidents tracked globally • Last 24h: 18,936 Logs

FEED

Top Threat Sources

01

United States US

38,468 20.5%
02

India IN

29,136 15.5%
03

China CN

26,029 13.9%
04

Brazil BR

10,256 5.5%
05

Germany DE

7,144 3.8%
06

Singapore SG

6,476 3.5%
07

Indonesia ID

5,551 3%
08

Russia RU

4,703 2.5%
09

Pakistan PK

4,677 2.5%
10

Netherlands NL

4,358 2.3%

+40 more countries

THREAT LEVEL

LOW MED HIGH

IPs from the same Autonomous System (AS) network provider.

20 Related IPs

8.6/10 Avg Threat

93% Avg Confidence

20 High Threat

High-risk network: Majority of related IPs are flagged

Critical Threat

Threat Categories

Technical Details

Recommended Mitigations

Moderate Network Risk

Security Recommendations

Basic Information

Geolocation

DNS Information

Statistics

Network Reputation

Network Identity

Network Threat Assessment

Network Statistics

Network Context

Global Threat Ranking

Top Threat Categories

Hourly Activity

Weekly Activity

FEED

Top Threat Sources

JSON Report

Firewall Rules

iptables / netfilter

UFW (Ubuntu)

Windows Firewall

Cloudflare

nginx

Apache .htaccess

PDF Report

Analyzed high-risk IP addresses

reportedIP

Parkstraße 19, 80339 München

Consultation

+49-89-215505888

Report a IP

[email protected]