IP Address

92.118.39.152

IPv4 Public
RO RO
AS47890
Unmanaged Ltd
251 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
10/10 Threat
70% Confidence
251 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 10% High Threat
RO
RO Location
Unmanaged Ltd ASN 47890
251 Reports
Honeypot Data Source

Extreme Threat

IP 92.118.39.152 is a critical-risk address that automated honeypot sensors flagged across 251 community reports between August 2025 and March 2026, with the overwhelming majority of confirmed hostile activity classified as SSH brute-force intrusion attempts targeting exposed Linux and network infrastructure. With a threat level rated at the maximum 10 out of 10, this Romanian-hosted IP presents a severe and immediate danger to any publicly accessible SSH service, regardless of whether the activity frequency metric registered as low during the most recent reporting window.

The detection profile reveals a sustained campaign of unauthorized access attempts, with 20 independent automated honeypot reports documenting SSH brute-force activity and an additional 20 reports cataloguing general hacking behaviour from this single source. All confirmed detections originated from automated honeypot sensors rather than voluntary community submissions, indicating a methodical scanning or credential-stuffing operation that operates continuously rather than opportunistically. The IP resides within AS47890 (Unmanaged Ltd), a network operator whose infrastructure has historically been associated with transient or anonymised hosting environments, which explains both the longevity of the abuse pattern spanning multiple months and the high volume of incident reports without corresponding remediation action.

SSH brute-force attacks represent one of the most common initial access vectors used by threat actors to compromise servers, with automated tooling capable of cycling through thousands of common credential combinations against exposed port 22 or non-standard SSH listeners in rapid succession. Once access is obtained through weak or default credentials, attackers routinely deploy backdoors, cryptocurrency miners or pivoting malware, turning compromised hosts into stepping stones for further network intrusion. The Suricata signatures triggered by activity from 92.118.39.152 specifically indicate active session establishment attempts on expected SSH ports, confirming that this is not passive scanning but an active authentication assault against target systems.

More threatening than 92% of monitored IPs

Threat Categories

Hacking 30
SSH 29

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

High-Risk Network Association

This IP belongs to a network (ASN 47890) with elevated threat levels. The ISP Unmanaged Ltd hosts multiple reported malicious addresses, suggesting systemic security issues or permissive policies.

Network-wide patterns may indicate this is part of a larger malicious infrastructure.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 0/10 Inactive
Confidence Score 68% High Confidence

Confidence History

1. Mar 2026 - 19. Mar 2026
70% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking SSH Honeypot x2 75%
SSH Hacking Honeypot x2 75%
SSH Hacking Honeypot x2 75%
Hacking SSH Honeypot x2 75%
SSH Hacking Honeypot x2 75%
SSH Hacking Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
SSH Hacking Honeypot x2 75%
SSH Hacking Honeypot x2 75%
Hacking SSH Honeypot x2 75%
SSH Hacking Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
SSH Hacking Honeypot x2 75%
Hacking SSH Honeypot x2 75%
SSH Hacking Honeypot x2 75%
SSH Hacking Honeypot x2 75%
Hacking SSH Honeypot x2 75%
SSH Hacking Honeypot x2 75%
SSH Hacking Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking Honeypot x4 75%
10 of 251 shown

Technical Details

Basic Information

IP Address
92.118.39.152
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
RO RO
ASN
AS47890
ISP
Unmanaged Ltd

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
251
First Reported
21 Aug 2025
Last Reported
19 Mar 2026, 08:10

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS47890
Unmanaged Ltd
RO RO

Network Threat Assessment

8/10
This network has a high threat level with significant malicious activity reported across multiple IPs.

Network Statistics

185
Total IPs Monitored
149,970
Total Reports
810.6
Reports per IP

Network Context

This IP address belongs to Unmanaged Ltd (AS47890), which manages 185 IP addresses in our monitoring system. Out of these, 149,970 have been reported for suspicious activities, resulting in a network-wide threat level of 8/10.

Network warning: This network has elevated threat levels. Exercise caution when interacting with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

92 %

Global Threat Ranking

This IP is more threatening than 92% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,359 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 251 avg: 23 ++

Network Comparison

Compared against 190 IPs in ASN 47890

Threat Level 10/10 network avg: 7.8 +
Total Reports 251 network avg: 806 --
Network Unmanaged Ltd has overall threat level 8/10

Geographic Comparison

Compared against 627 IPs in RO

Threat Level 10/10 country avg: 6.2 ++
Total Reports 251 country avg: 259 =
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,017 threat incidents tracked globally • Last 24h: 18,967 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,426 20.5%
  2. 02
    IN
    India IN
    28,977 15.5%
  3. 03
    CN
    China CN
    26,016 13.9%
  4. 04
    BR
    Brazil BR
    10,249 5.5%
  5. 05
    DE
    Germany DE
    7,139 3.8%
  6. 06
    SG
    Singapore SG
    6,475 3.5%
  7. 07
    ID
    Indonesia ID
    5,533 3%
  8. 08
    RU
    Russia RU
    4,701 2.5%
  9. 09
    PK
    Pakistan PK
    4,647 2.5%
  10. 10
    NL
    Netherlands NL
    4,355 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
9.7/10 Avg Threat
95% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
193.32.162.192 7/10
Confidence 100%
Reports 31
Location RO RO
25 Dec 2025
193.32.162.35 10/10
Confidence 98%
Reports 992
Location RO RO
2 Jun 2026
2.57.122.192 10/10
Confidence 98%
Reports 19
Location RO RO
18 May 2026
193.32.162.104 10/10
Confidence 96%
Reports 150
Location RO RO
24 May 2026
2.57.122.189 10/10
Confidence 95%
Reports 19
Location RO RO
6 Jun 2026
193.32.162.28 10/10
Confidence 94%
Reports 5,435
Location RO RO
25 May 2026
92.118.39.63 10/10
Confidence 94%
Reports 3,060
Location US US
25 May 2026
193.32.162.34 10/10
Confidence 94%
Reports 1,819
Location RO RO
2 Jun 2026
80.94.92.187 10/10
Confidence 94%
Reports 811
Location RO RO
13 Jan 2026
193.32.162.82 10/10
Confidence 94%
Reports 682
Location RO RO
5 Jun 2026
45.148.9.8 8/10
Confidence 94%
Reports 440
Location US US
18 May 2026
193.46.255.86 10/10
Confidence 94%
Reports 393
Location RO RO
3 Jun 2026
80.94.92.186 10/10
Confidence 94%
Reports 303
Location RO RO
2 Jun 2026
80.94.92.166 10/10
Confidence 94%
Reports 200
Location RO RO
9 Jan 2026
92.118.39.97 10/10
Confidence 94%
Reports 32
Location US US
9 Jun 2026
2.57.122.53 10/10
Confidence 94%
Reports 30
Location RO RO
14 May 2026
92.118.39.236 10/10
Confidence 94%
Reports 23
Location RO RO
7 Jun 2026
2.57.122.196 10/10
Confidence 94%
Reports 13
Location RO RO
28 May 2026
92.118.39.59 8/10
Confidence 93%
Reports 44
Location US US
9 Jun 2026
2.57.122.162 10/10
Confidence 92%
Reports 18
Location RO RO
5 May 2026

IPs from the same subnet range, likely same network segment.

20 Related IPs
9.8/10 Avg Threat
77% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
92.118.39.63 10/10
Confidence 94%
Reports 3,060
Location US US
25 May 2026
92.118.39.97 10/10
Confidence 94%
Reports 32
Location US US
9 Jun 2026
92.118.39.236 10/10
Confidence 94%
Reports 23
Location RO RO
7 Jun 2026
92.118.39.59 8/10
Confidence 93%
Reports 44
Location US US
9 Jun 2026
92.118.39.196 10/10
Confidence 79%
Reports 10
Location RO RO
19 May 2026
92.118.39.30 10/10
Confidence 77%
Reports 479
Location RO RO
12 Apr 2026
92.118.39.36 10/10
Confidence 76%
Reports 204
Location US US
15 May 2026
92.118.39.194 8/10
Confidence 76%
Reports 6
Location RO RO
8 Jun 2026
92.118.39.62 10/10
Confidence 73%
Reports 12,949
Location US US
9 Jun 2026
92.118.39.100 10/10
Confidence 72%
Reports 199
Location US US
19 Mar 2026
92.118.39.83 10/10
Confidence 72%
Reports 198
Location US US
19 Mar 2026
92.118.39.34 10/10
Confidence 72%
Reports 182
Location US US
19 Mar 2026
92.118.39.115 10/10
Confidence 72%
Reports 161
Location US US
19 Mar 2026
92.118.39.76 10/10
Confidence 71%
Reports 234
Location US US
17 Apr 2026
92.118.39.56 10/10
Confidence 71%
Reports 230
Location US US
17 Apr 2026
92.118.39.72 10/10
Confidence 70%
Reports 303
Location US US
16 Apr 2026
92.118.39.37 10/10
Confidence 70%
Reports 260
Location US US
19 Mar 2026
92.118.39.95 10/10
Confidence 70%
Reports 223
Location US US
16 Apr 2026
92.118.39.180 10/10
Confidence 70%
Reports 140
Location RO RO
18 Mar 2026
92.118.39.101 10/10
Confidence 69%
Reports 325
Location US US
15 Mar 2026

IPs from the same country with similar threat profiles.

15 Related IPs
9.5/10 Avg Threat
96% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
80.94.95.211 10/10
Confidence 100%
Reports 49
ISP SS-Net
8 Jun 2026
82.152.132.24 10/10
Confidence 100%
Reports 36
ISP X-zone It Srl
6 Jun 2026
193.32.162.192 7/10
Confidence 100%
Reports 31
ISP Unmanaged Ltd
25 Dec 2025
193.32.162.35 10/10
Confidence 98%
Reports 992
ISP Unmanaged Ltd
2 Jun 2026
2.57.122.192 10/10
Confidence 98%
Reports 19
ISP Unmanaged Ltd
18 May 2026
89.44.137.240 8/10
Confidence 97%
Reports 30
ISP ROMARG SRL
26 Feb 2026
193.32.162.104 10/10
Confidence 96%
Reports 150
ISP Unmanaged Ltd
24 May 2026
80.94.95.7 7/10
Confidence 96%
Reports 31
ISP SS-Net
16 May 2026
2.57.122.189 10/10
Confidence 95%
Reports 19
ISP Unmanaged Ltd
6 Jun 2026
193.32.162.28 10/10
Confidence 94%
Reports 5,435
ISP Unmanaged Ltd
25 May 2026
193.32.162.34 10/10
Confidence 94%
Reports 1,819
ISP Unmanaged Ltd
2 Jun 2026
80.94.92.187 10/10
Confidence 94%
Reports 811
ISP Unmanaged Ltd
13 Jan 2026
193.32.162.82 10/10
Confidence 94%
Reports 682
ISP Unmanaged Ltd
5 Jun 2026
45.142.193.6 10/10
Confidence 94%
Reports 553
ISP Skynet Network Ltd
23 May 2026
193.46.255.86 10/10
Confidence 94%
Reports 393
ISP Unmanaged Ltd
3 Jun 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.7/10 Avg Threat
70% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
207.90.244.26 8/10
Confidence 70%
Reports 17,657
Location US US
9 Jun 2026
45.82.78.103 10/10
Confidence 70%
Reports 3,927
Location DE DE
9 Jun 2026
93.157.248.178 10/10
Confidence 70%
Reports 2,846
Location RU RU
17 May 2026
208.3.195.65 8/10
Confidence 70%
Reports 1,337
Location US US
12 Apr 2026
111.61.229.78 10/10
Confidence 70%
Reports 1,065
Location CN CN
2 Jun 2026
118.193.68.150 10/10
Confidence 70%
Reports 942
Location KR KR
3 Jun 2026
162.216.150.133 10/10
Confidence 70%
Reports 833
Location US US
6 Jun 2026
35.203.211.233 10/10
Confidence 70%
Reports 791
Location GB GB
8 Jun 2026
103.226.138.52 10/10
Confidence 70%
Reports 705
Location ID ID
7 Jun 2026
94.74.182.167 10/10
Confidence 70%
Reports 688
Location US US
12 Nov 2025
169.150.203.62 10/10
Confidence 70%
Reports 663
Location US US
8 Nov 2025
147.185.133.125 10/10
Confidence 70%
Reports 635
Location US US
7 Jun 2026
101.36.116.45 10/10
Confidence 70%
Reports 541
Location HK HK
7 Jun 2026
35.203.210.113 10/10
Confidence 70%
Reports 525
Location GB GB
8 Jun 2026
49.115.217.27 10/10
Confidence 70%
Reports 509
Location CN CN
8 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "92.118.39.152",
    "threat_level": 10,
    "confidence_score": 70,
    "total_reports": 251,
    "country_code": "RO",
    "isp_name": "Unmanaged Ltd",
    "asn": "47890",
    "first_reported": "2025-08-21 01:05:02",
    "last_reported": "2026-03-19 08:10:08",
    "exported_at": "2026-06-09T08:06:07+02:00",
    "source": "https://reportedip.de/ip/92.118.39.152/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses