IP Address

2.59.22.234

IPv4 Public
AT AT
AS174
COGENT-174
265 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
8/10 Threat
83% Confidence
265 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
AT
AT Location
COGENT-174 ASN 174
265 Reports
Honeypot Data Source

Notable Threat

IP 2.59.22.234 is a high-risk address originating from Austria, operated through AS174 (Cogent Communications), that has been flagged in 265 security reports since August 2025 with a threat level of 8 out of 10. The volume of abuse reports and sustained activity frequency of 7 out of 10 indicate persistent malicious behavior rather than opportunistic scanning.

Security monitoring through automated honeypot sensors identified this threat activity, with 20 distinct honeypot sources contributing reports spanning from August 2025 through May 2026. The dominant threat category logged against this IP is Hacking, accounting for 19 of the most recent incidents, while a single report classified this address as an Exploited Host. The 265 total reports with an 83% confidence score provide substantial grounds for treating this address as a credible threat to any exposed service.

The Hacking classification encompasses systematic intrusion attempts, vulnerability exploitation and unauthorized access campaigns. Detected attack patterns involving connection attempts and malware or exploit activity suggest this address is actively scanning and probing target infrastructure. The Exploited Host designation raises the possibility that this IP belongs to a compromised system being leveraged as an attack platform without the legitimate operator's awareness, potentially amplifying its danger as part of a distributed threat operation.

Site operators should immediately block this IP at the firewall level given its elevated threat score and confirmed hostile activity. Implementing automated blocking tools such as fail2ban can dynamically respond to the observed connection-pattern behavior. Authentication hardening including enforcement of strong credentials, multi-factor authentication and account lockout policies will reduce the effectiveness of any intrusion attempts. Regular patching of exposed services eliminates the vulnerabilities such addresses typically exploit. Organizations receiving connections from this IP should conduct thorough log reviews to identify any successful compromise attempts.

More threatening than 80% of monitored IPs

Threat Categories

Hacking 28
Exploited Host 1
IoT Targeted 1

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Behavioral Analysis

Activity Pattern: Consistent Activity

Steady malicious activity over 2 weeks indicates persistent threat actor operations.

First Observed 11. May 2026
Last Activity 26. May 2026
Recent (7 days) 0 incidents

Moderate Network Risk

The network hosting this IP (ASN 174, operated by COGENT-174) shows moderate threat indicators. Some concerning activity has been detected from neighboring addresses.

Consider the network context when assessing this individual IP.

Security Recommendations

Long-term blocking recommended.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 7/10 High
Confidence Score 80% Verified

Confidence History

3. May 2026 - 26. May 2026
83% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Exploited Host Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
IoT Targeted Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
10 of 265 shown

Technical Details

Basic Information

IP Address
2.59.22.234
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
AT AT
ASN
AS174
ISP
COGENT-174

DNS Information

Reverse DNS
red3.census.shodan.io
PTR Record
Yes
Connection Type
Static

Statistics

Total Reports
265
First Reported
15 Aug 2025
Last Reported
26 May 2026, 15:35

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS174
Cogent Communications, LLC
CA CA

Network Threat Assessment

4/10
This network has low threat indicators with minimal suspicious activity.

Network Statistics

127
Total IPs Monitored
156,835
Total Reports
1234.9
Reports per IP

Network Context

This IP address belongs to Cogent Communications, LLC (AS174), which manages 127 IP addresses in our monitoring system. Out of these, 156,835 have been reported for suspicious activities, resulting in a network-wide threat level of 4/10.

Network notice: This network shows some suspicious activity patterns. Monitor interactions with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

80 %

Global Threat Ranking

This IP is more threatening than 80% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,229 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 265 avg: 23 ++

Network Comparison

Compared against 171 IPs in ASN 174

Threat Level 8/10 network avg: 5.8 +
Total Reports 265 network avg: 1,027 --
Network COGENT-174 has overall threat level 4/10

Geographic Comparison

Compared against 177 IPs in AT

Threat Level 8/10 country avg: 5.9 +
Total Reports 265 country avg: 22 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

186,914 threat incidents tracked globally • Last 24h: 18,893 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,421 20.6%
  2. 02
    IN
    India IN
    28,931 15.5%
  3. 03
    CN
    China CN
    26,004 13.9%
  4. 04
    BR
    Brazil BR
    10,236 5.5%
  5. 05
    DE
    Germany DE
    7,138 3.8%
  6. 06
    SG
    Singapore SG
    6,475 3.5%
  7. 07
    ID
    Indonesia ID
    5,522 3%
  8. 08
    RU
    Russia RU
    4,700 2.5%
  9. 09
    PK
    Pakistan PK
    4,646 2.5%
  10. 10
    NL
    Netherlands NL
    4,354 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
8.7/10 Avg Threat
88% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
38.99.81.38 8/10
Confidence 100%
Reports 23
Location US US
23 May 2026
207.90.244.19 8/10
Confidence 98%
Reports 452
Location US US
8 Jun 2026
207.90.244.18 8/10
Confidence 96%
Reports 461
Location US US
9 Jun 2026
38.96.178.220 10/10
Confidence 94%
Reports 53
Location US US
9 Jun 2026
38.96.178.216 10/10
Confidence 94%
Reports 37
Location US US
8 Jun 2026
38.95.100.220 10/10
Confidence 94%
Reports 28
Location US US
21 Apr 2026
38.76.31.219 10/10
Confidence 94%
Reports 19
Location US US
2 Feb 2026
207.90.244.12 10/10
Confidence 93%
Reports 542
Location US US
8 Jun 2026
207.90.244.6 10/10
Confidence 93%
Reports 335
Location US US
9 Jun 2026
207.90.244.4 10/10
Confidence 91%
Reports 369
Location US US
8 Jun 2026
207.90.244.17 8/10
Confidence 88%
Reports 641
Location US US
9 Jun 2026
207.90.244.27 8/10
Confidence 87%
Reports 9,886
Location US US
9 Jun 2026
207.90.244.21 8/10
Confidence 83%
Reports 12,269
Location US US
9 Jun 2026
207.90.244.22 8/10
Confidence 83%
Reports 12,089
Location US US
9 Jun 2026
207.90.244.3 8/10
Confidence 82%
Reports 13,308
Location US US
9 Jun 2026
207.90.244.2 8/10
Confidence 82%
Reports 13,200
Location US US
9 Jun 2026
207.90.244.25 8/10
Confidence 81%
Reports 14,035
Location US US
6 Jun 2026
207.90.244.13 8/10
Confidence 80%
Reports 16,202
Location US US
9 Jun 2026
207.90.244.5 8/10
Confidence 78%
Reports 18,175
Location US US
9 Jun 2026
207.90.244.20 8/10
Confidence 77%
Reports 20,134
Location US US
9 Jun 2026

IPs from the same country with similar threat profiles.

15 Related IPs
9.6/10 Avg Threat
95% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
152.53.111.131 8/10
Confidence 100%
Reports 122
ISP netcup GmbH
9 Jun 2026
152.53.44.20 8/10
Confidence 100%
Reports 74
ISP netcup GmbH
11 May 2026
185.230.219.29 10/10
Confidence 99%
Reports 51
ISP IONOS SE
2 Jun 2026
185.249.74.198 10/10
Confidence 99%
Reports 45
ISP IONOS SE
6 Jun 2026
89.144.211.139 10/10
Confidence 95%
Reports 11
ISP Telekom Austria
20 May 2026
151.236.6.71 10/10
Confidence 94%
Reports 742
ISP EDIS GmbH
10 Feb 2026
86.56.171.245 10/10
Confidence 94%
Reports 50
ISP LIWEST Kabelmed...
22 Jan 2026
45.141.56.114 10/10
Confidence 94%
Reports 45
ISP IP Connect Inc
4 May 2026
152.53.120.90 10/10
Confidence 94%
Reports 22
ISP netcup GmbH
8 Jun 2026
77.119.236.198 10/10
Confidence 94%
Reports 21
ISP Hutchison Drei ...
20 Jan 2026
152.53.81.2 10/10
Confidence 94%
Reports 17
ISP netcup GmbH
29 Dec 2025
152.53.184.147 10/10
Confidence 93%
Reports 59
ISP netcup GmbH
6 May 2026
212.186.191.20 8/10
Confidence 92%
Reports 245
ISP T-Mobile Austri...
20 May 2026
45.137.172.116 10/10
Confidence 89%
Reports 122
ISP INTAC Services ...
2 Jun 2026
152.53.251.179 10/10
Confidence 87%
Reports 8
ISP netcup GmbH
3 Jun 2026

IPs with similar threat level and confidence scores.

15 Related IPs
8.9/10 Avg Threat
83% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
2a01:04f8:c012:4640:0000:0000:0000:0001 10/10
Confidence 83%
Reports 19,886
Location DE DE
9 Jun 2026
207.90.244.21 8/10
Confidence 83%
Reports 12,269
Location US US
9 Jun 2026
207.90.244.22 8/10
Confidence 83%
Reports 12,089
Location US US
9 Jun 2026
130.12.181.108 8/10
Confidence 83%
Reports 3,208
Location DE DE
6 Jun 2026
130.12.181.100 8/10
Confidence 83%
Reports 3,068
Location DE DE
6 Jun 2026
2.57.122.208 10/10
Confidence 83%
Reports 2,772
Location RO RO
13 May 2026
137.184.190.246 8/10
Confidence 83%
Reports 1,972
Location US US
9 Jun 2026
80.94.92.71 10/10
Confidence 83%
Reports 1,718
Location RO RO
3 Jun 2026
64.62.197.197 8/10
Confidence 83%
Reports 581
Location US US
9 Jun 2026
80.94.92.184 10/10
Confidence 83%
Reports 577
Location RO RO
4 Jun 2026
65.49.1.162 8/10
Confidence 83%
Reports 562
Location US US
9 Jun 2026
167.94.146.49 8/10
Confidence 83%
Reports 552
Location US US
9 Jun 2026
77.90.185.17 10/10
Confidence 83%
Reports 448
Location DE DE
9 Jun 2026
14.18.190.138 10/10
Confidence 83%
Reports 437
Location CN CN
9 Jun 2026
62.60.130.228 10/10
Confidence 83%
Reports 378
Location IR IR
9 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "2.59.22.234",
    "threat_level": 8,
    "confidence_score": 83,
    "total_reports": 265,
    "country_code": "AT",
    "isp_name": "COGENT-174",
    "asn": "174",
    "first_reported": "2025-08-15 06:00:06",
    "last_reported": "2026-05-26 15:35:44",
    "exported_at": "2026-06-09T07:06:28+02:00",
    "source": "https://reportedip.de/ip/2.59.22.234/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses