IP Address

192.176.172.166

IPv4 Public
SE SE
AS212220
Kepler Technologies AB
248 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
8/10 Threat
100% Confidence
248 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
SE
SE Location
Kepler Technologies AB ASN 212220
248 Reports
Mixed Data Source

High Risk

IP address 192.176.172.166, registered to Kepler Technologies AB in Sweden under ASN AS212220, presents a high-risk threat profile with a threat level of 8/10 and 248 total abuse reports from automated honeypot sensors and community contributors. The dominant attack vectors are WordPress login brute-force campaigns and general hacking activity, with additional brute-force and distributed denial-of-service attempts recorded over a five-month active period from February to June 2026.

The 248 reports collected against this address demonstrate sustained, high-frequency malicious behaviour with an activity frequency rating of 8/10. Fourteen automated honeypot sensors and six community sources independently confirmed the hostile activity, yielding a 100% confidence score. Fail2ban monitoring logs reveal the address as a recidive offender responsible for 50 WordPress escalation violations and five multi-jail recidive violations, indicating systematic, repeated attempts to compromise web authentication systems. Credential stuffing operations targeting common administrative login paths were observed, along with brute-force attempts against generic web endpoints.

The concentration of WordPress login brute-force attacks and credential stuffing activity poses a concrete risk to any publicly accessible content management system or authentication portal. Automated brute-force tools systematically cycle through credential combinations, increasing the likelihood of compromising weak or reused passwords. The additional DDoS capability suggests this infrastructure may participate in coordinated attack campaigns, amplifying its threat potential beyond individual site compromise.

Network operators should implement strict inbound traffic filtering, and administrators managing publicly accessible services should enforce strong password policies alongside multi-factor authentication. Deploying or strengthening fail2ban rules or equivalent intrusion prevention tools with aggressive retry lockouts and bans will disrupt repeated authentication attempts. Rate limiting on login endpoints and continuous monitoring of authentication logs for patterns consistent with credential stuffing further reduce exposure to this address and similar threats.

More threatening than 82% of monitored IPs

Threat Categories

Hacking 15
Brute-Force 15
WP Login Brute Force 15
DDoS Attack 7

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Behavioral Analysis

Activity Pattern: Sporadic

Irregular burst activity pattern indicates intermittent use of a compromised system.

First Observed 11. May 2026
Last Activity 1. June 2026
Recent (7 days) 0 incidents

High-Risk Network Association

This IP belongs to a network (ASN 212220) with elevated threat levels. The ISP Kepler Technologies AB hosts multiple reported malicious addresses, suggesting systemic security issues or permissive policies.

Network-wide patterns may indicate this is part of a larger malicious infrastructure.

Security Recommendations

Implement adaptive blocking rules.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 8/10 High
Confidence Score 100% Verified

Confidence History

24. May 2026 - 1. Jun 2026
100% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking DDoS Attack Community 75%
Hacking DDoS Attack Community 75%
Brute-Force Community 75%
Hacking DDoS Attack Community 75%
Hacking Brute-Force WP Login Brute Force Honeypot 75%
Hacking DDoS Attack Community 75%
Hacking Brute-Force Honeypot 75%
WP Login Brute Force Honeypot x2 75%
WP Login Brute Force Honeypot 75%
Hacking Brute-Force WP Login Brute Force Honeypot 75%
WP Login Brute Force Honeypot 75%
Brute-Force Community 75%
WP Login Brute Force Honeypot 75%
Hacking Brute-Force WP Login Brute Force Honeypot 75%
Hacking Brute-Force WP Login Brute Force Honeypot 75%
WP Login Brute Force Hacking Brute-Force Honeypot x2 75%
Hacking Brute-Force WP Login Brute Force Honeypot 75%
WP Login Brute Force Honeypot 75%
Hacking Brute-Force WP Login Brute Force Honeypot 75%
WP Login Brute Force Honeypot 75%
WP Login Brute Force Honeypot 75%
WP Login Brute Force Honeypot 75%
Brute-Force Community 75%
Hacking DDoS Attack Community 75%
Hacking DDoS Attack Community 75%
Brute-Force Community 75%
Hacking DDoS Attack Community 75%
Brute-Force Community 75%
Brute-Force Community 75%
Brute-Force Community 75%
10 of 248 shown

Technical Details

Basic Information

IP Address
192.176.172.166
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class C

Geolocation

Country
SE SE
ASN
AS212220
ISP
Kepler Technologies AB

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
248
First Reported
28 Feb 2026
Last Reported
1 Jun 2026, 14:08

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS212220
Kepler Technologies AB
SE SE

Network Threat Assessment

8/10
This network has a high threat level with significant malicious activity reported across multiple IPs.

Network Statistics

1
Total IPs Monitored
36
Total Reports
36
Reports per IP

Network Context

This IP address belongs to Kepler Technologies AB (AS212220), which manages 1 IP addresses in our monitoring system. Out of these, 36 have been reported for suspicious activities, resulting in a network-wide threat level of 8/10.

Network warning: This network has elevated threat levels. Exercise caution when interacting with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

82 %

Global Threat Ranking

This IP is more threatening than 82% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,229 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 248 avg: 23 ++

Geographic Comparison

Compared against 1,018 IPs in SE

Threat Level 8/10 country avg: 5.6 +
Total Reports 248 country avg: 19 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

186,914 threat incidents tracked globally • Last 24h: 18,893 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,421 20.6%
  2. 02
    IN
    India IN
    28,931 15.5%
  3. 03
    CN
    China CN
    26,004 13.9%
  4. 04
    BR
    Brazil BR
    10,236 5.5%
  5. 05
    DE
    Germany DE
    7,138 3.8%
  6. 06
    SG
    Singapore SG
    6,475 3.5%
  7. 07
    ID
    Indonesia ID
    5,522 3%
  8. 08
    RU
    Russia RU
    4,700 2.5%
  9. 09
    PK
    Pakistan PK
    4,646 2.5%
  10. 10
    NL
    Netherlands NL
    4,354 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs with similar threat level and confidence scores.

15 Related IPs
8.3/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
222.165.190.235 8/10
Confidence 100%
Reports 592
Location LK LK
29 May 2026
78.142.18.172 8/10
Confidence 100%
Reports 578
Location BG BG
9 Jun 2026
4.197.100.161 10/10
Confidence 100%
Reports 522
Location AU AU
13 Jan 2026
141.98.11.117 8/10
Confidence 100%
Reports 520
Location LT LT
9 Jun 2026
208.109.188.137 8/10
Confidence 100%
Reports 513
Location US US
9 Jun 2026
74.91.224.220 8/10
Confidence 100%
Reports 490
Location SG SG
4 Jun 2026
20.27.219.18 10/10
Confidence 100%
Reports 449
Location JP JP
30 Dec 2025
50.6.7.129 8/10
Confidence 100%
Reports 447
Location US US
22 May 2026
72.167.150.128 8/10
Confidence 100%
Reports 429
Location US US
27 May 2026
50.6.229.148 8/10
Confidence 100%
Reports 346
Location US US
9 May 2026
123.30.233.13 8/10
Confidence 100%
Reports 318
Location VN VN
31 May 2026
103.76.120.219 8/10
Confidence 100%
Reports 310
Location ID ID
24 Feb 2026
123.30.233.12 8/10
Confidence 100%
Reports 303
Location VN VN
7 Jun 2026
116.118.2.113 8/10
Confidence 100%
Reports 296
Location VN VN
30 Apr 2026
87.121.84.30 8/10
Confidence 100%
Reports 295
Location US US
20 Apr 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "192.176.172.166",
    "threat_level": 8,
    "confidence_score": 100,
    "total_reports": 248,
    "country_code": "SE",
    "isp_name": "Kepler Technologies AB",
    "asn": "212220",
    "first_reported": "2026-02-28 13:50:35",
    "last_reported": "2026-06-01 14:08:06",
    "exported_at": "2026-06-09T07:06:42+02:00",
    "source": "https://reportedip.de/ip/192.176.172.166/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses