IP Address

92.118.39.101

IPv4 Public
US US
AS47890
Unmanaged Ltd
325 Reports
This IP is under Observation Suspicious activity detected - monitor closely
10/10 Threat
69% Confidence
325 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 10% High Threat
US
US Location
Unmanaged Ltd ASN 47890
325 Reports
Honeypot Data Source

Critical Threat

IP 92.118.39.101 is a maximum-threat address with a 10/10 threat level that has generated 325 abuse reports, predominantly documenting sustained SSH brute-force intrusion attempts originating from US-based infrastructure under AS47890 (Unmanaged Ltd).

The 325 reports spanning August 2025 to March 2026 were detected exclusively through automated honeypot sensors, with community reports contributing additional context. Suricata alert signatures confirm active SSH sessions on expected ports alongside credential-guessing patterns consistent with brute-force campaigns. The network is operated by Unmanaged Ltd, and while the activity frequency metric remains low, the sustained volume of reports over an eight-month window indicates persistent, targeted scanning behaviour rather than opportunistic noise. The single Exploited Host classification within the reported categories suggests this address may, at some point, have been characterised as a compromised system being weaponised without its operator's knowledge.

SSH brute-force attacks represent one of the most common initial-access vectors facing publicly reachable servers. Attackers deploy automated tooling to cycle through username/password combinations, exploiting weak or default credentials to gain shell access. Successful authentication provides a foothold for data exfiltration, secondary payload delivery, lateral movement within networks, or cryptojacking operations. The confidence score of 69% reflects that while the hostile intent is well-established, attribution to a specific threat actor or campaign remains partial.

Defensive measures should be deployed immediately: block 92.118.39.101 at the network perimeter, enforce key-based authentication for all SSH access, disable direct root login, and consider moving the SSH daemon to a non-standard port. Implementing automated rate-limiting tools such as fail2ban will mitigate repeated authentication attempts. Operators should ensure SSH daemons are current with security patches, restrict inbound access via IP allowlists where feasible, and review authentication logs routinely for anomalous patterns consistent with credential-stuffing activity.

More threatening than 92% of monitored IPs

Threat Categories

Hacking 30
SSH 24
Exploited Host 1

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

High-Risk Network Association

This IP belongs to a network (ASN 47890) with elevated threat levels. The ISP Unmanaged Ltd hosts multiple reported malicious addresses, suggesting systemic security issues or permissive policies.

Network-wide patterns may indicate this is part of a larger malicious infrastructure.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 0/10 Inactive
Confidence Score 67% High Confidence

Confidence History

1. Mar 2026 - 15. Mar 2026
69% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
SSH Hacking Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking Exploited Host Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
SSH Hacking Honeypot x2 75%
Hacking SSH Honeypot x2 75%
SSH Hacking Honeypot x2 75%
SSH Hacking Honeypot x2 75%
SSH Hacking Honeypot x2 75%
Hacking SSH Honeypot x2 75%
SSH Hacking Honeypot x2 75%
SSH Hacking Honeypot x2 75%
SSH Hacking Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking Honeypot x3 75%
Hacking Honeypot x2 75%
Hacking Honeypot x2 75%
Hacking Honeypot x2 75%
Hacking Honeypot 75%
10 of 325 shown

Technical Details

Basic Information

IP Address
92.118.39.101
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
US US
ASN
AS47890
ISP
Unmanaged Ltd

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
325
First Reported
21 Aug 2025
Last Reported
15 Mar 2026, 11:47

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS47890
Unmanaged Ltd
RO RO

Network Threat Assessment

8/10
This network has a high threat level with significant malicious activity reported across multiple IPs.

Network Statistics

185
Total IPs Monitored
149,970
Total Reports
810.6
Reports per IP

Network Context

This IP address belongs to Unmanaged Ltd (AS47890), which manages 185 IP addresses in our monitoring system. Out of these, 149,970 have been reported for suspicious activities, resulting in a network-wide threat level of 8/10.

Network warning: This network has elevated threat levels. Exercise caution when interacting with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

92 %

Global Threat Ranking

This IP is more threatening than 92% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,372 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 325 avg: 23 ++

Network Comparison

Compared against 190 IPs in ASN 47890

Threat Level 10/10 network avg: 7.8 +
Total Reports 325 network avg: 806 --
Network Unmanaged Ltd has overall threat level 8/10

Geographic Comparison

Compared against 38,445 IPs in US

Threat Level 10/10 country avg: 5.9 ++
Total Reports 325 country avg: 41 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,017 threat incidents tracked globally • Last 24h: 18,967 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US THIS IP
    38,426 20.5%
  2. 02
    IN
    India IN
    28,977 15.5%
  3. 03
    CN
    China CN
    26,016 13.9%
  4. 04
    BR
    Brazil BR
    10,249 5.5%
  5. 05
    DE
    Germany DE
    7,139 3.8%
  6. 06
    SG
    Singapore SG
    6,475 3.5%
  7. 07
    ID
    Indonesia ID
    5,533 3%
  8. 08
    RU
    Russia RU
    4,701 2.5%
  9. 09
    PK
    Pakistan PK
    4,647 2.5%
  10. 10
    NL
    Netherlands NL
    4,355 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
9.7/10 Avg Threat
95% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
193.32.162.192 7/10
Confidence 100%
Reports 31
Location RO RO
25 Dec 2025
193.32.162.35 10/10
Confidence 98%
Reports 992
Location RO RO
2 Jun 2026
2.57.122.192 10/10
Confidence 98%
Reports 19
Location RO RO
18 May 2026
193.32.162.104 10/10
Confidence 96%
Reports 150
Location RO RO
24 May 2026
2.57.122.189 10/10
Confidence 95%
Reports 19
Location RO RO
6 Jun 2026
193.32.162.28 10/10
Confidence 94%
Reports 5,435
Location RO RO
25 May 2026
92.118.39.63 10/10
Confidence 94%
Reports 3,060
Location US US
25 May 2026
193.32.162.34 10/10
Confidence 94%
Reports 1,819
Location RO RO
2 Jun 2026
80.94.92.187 10/10
Confidence 94%
Reports 811
Location RO RO
13 Jan 2026
193.32.162.82 10/10
Confidence 94%
Reports 682
Location RO RO
5 Jun 2026
45.148.9.8 8/10
Confidence 94%
Reports 440
Location US US
18 May 2026
193.46.255.86 10/10
Confidence 94%
Reports 393
Location RO RO
3 Jun 2026
80.94.92.186 10/10
Confidence 94%
Reports 303
Location RO RO
2 Jun 2026
80.94.92.166 10/10
Confidence 94%
Reports 200
Location RO RO
9 Jan 2026
92.118.39.97 10/10
Confidence 94%
Reports 32
Location US US
9 Jun 2026
2.57.122.53 10/10
Confidence 94%
Reports 30
Location RO RO
14 May 2026
92.118.39.236 10/10
Confidence 94%
Reports 23
Location RO RO
7 Jun 2026
2.57.122.196 10/10
Confidence 94%
Reports 13
Location RO RO
28 May 2026
92.118.39.59 8/10
Confidence 93%
Reports 44
Location US US
9 Jun 2026
2.57.122.162 10/10
Confidence 92%
Reports 18
Location RO RO
5 May 2026

IPs from the same subnet range, likely same network segment.

20 Related IPs
9.8/10 Avg Threat
77% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
92.118.39.63 10/10
Confidence 94%
Reports 3,060
Location US US
25 May 2026
92.118.39.97 10/10
Confidence 94%
Reports 32
Location US US
9 Jun 2026
92.118.39.236 10/10
Confidence 94%
Reports 23
Location RO RO
7 Jun 2026
92.118.39.59 8/10
Confidence 93%
Reports 44
Location US US
9 Jun 2026
92.118.39.196 10/10
Confidence 79%
Reports 10
Location RO RO
19 May 2026
92.118.39.30 10/10
Confidence 77%
Reports 479
Location RO RO
12 Apr 2026
92.118.39.36 10/10
Confidence 76%
Reports 204
Location US US
15 May 2026
92.118.39.194 8/10
Confidence 76%
Reports 6
Location RO RO
8 Jun 2026
92.118.39.62 10/10
Confidence 73%
Reports 12,949
Location US US
9 Jun 2026
92.118.39.100 10/10
Confidence 72%
Reports 199
Location US US
19 Mar 2026
92.118.39.83 10/10
Confidence 72%
Reports 198
Location US US
19 Mar 2026
92.118.39.34 10/10
Confidence 72%
Reports 182
Location US US
19 Mar 2026
92.118.39.115 10/10
Confidence 72%
Reports 161
Location US US
19 Mar 2026
92.118.39.76 10/10
Confidence 71%
Reports 234
Location US US
17 Apr 2026
92.118.39.56 10/10
Confidence 71%
Reports 230
Location US US
17 Apr 2026
92.118.39.72 10/10
Confidence 70%
Reports 303
Location US US
16 Apr 2026
92.118.39.37 10/10
Confidence 70%
Reports 260
Location US US
19 Mar 2026
92.118.39.152 10/10
Confidence 70%
Reports 251
Location RO RO
19 Mar 2026
92.118.39.95 10/10
Confidence 70%
Reports 223
Location US US
16 Apr 2026
92.118.39.180 10/10
Confidence 70%
Reports 140
Location RO RO
18 Mar 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.3/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
208.109.188.137 8/10
Confidence 100%
Reports 514
ISP GO-DADDY-COM-LLC
9 Jun 2026
50.6.7.129 8/10
Confidence 100%
Reports 447
ISP ORACLE-BMC-31898
22 May 2026
72.167.150.128 8/10
Confidence 100%
Reports 429
ISP GO-DADDY-COM-LLC
27 May 2026
50.6.229.148 8/10
Confidence 100%
Reports 346
ISP ORACLE-BMC-31898
9 May 2026
87.121.84.30 8/10
Confidence 100%
Reports 295
ISP Vpsvault.host Ltd
20 Apr 2026
50.6.226.221 10/10
Confidence 100%
Reports 223
ISP ORACLE-BMC-31898
2 Mar 2026
31.57.184.107 8/10
Confidence 100%
Reports 202
ISP Netiface LLC
3 Jun 2026
64.31.25.250 8/10
Confidence 100%
Reports 176
ISP Limestone Netwo...
8 Jun 2026
74.206.180.196 8/10
Confidence 100%
Reports 143
ISP MOJOHOST
4 Jun 2026
35.226.7.126 8/10
Confidence 100%
Reports 131
ISP Google LLC
18 May 2026
147.135.37.185 8/10
Confidence 100%
Reports 131
ISP OVH SAS
14 May 2026
162.241.152.21 8/10
Confidence 100%
Reports 126
ISP Network Solutio...
8 Jun 2026
38.95.35.74 8/10
Confidence 100%
Reports 112
ISP Limestone Netwo...
2 Jun 2026
50.6.169.131 8/10
Confidence 100%
Reports 106
ISP Network Solutio...
6 Jun 2026
162.214.206.32 10/10
Confidence 100%
Reports 98
ISP Unified Layer
30 May 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.5/10 Avg Threat
69% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
45.95.147.229 8/10
Confidence 69%
Reports 36,354
Location NL NL
7 Jun 2026
77.83.240.70 8/10
Confidence 69%
Reports 34,366
Location US US
5 Jun 2026
91.196.152.88 10/10
Confidence 69%
Reports 1,952
Location FR FR
5 Jun 2026
162.216.150.49 10/10
Confidence 69%
Reports 1,912
Location US US
9 Jun 2026
91.196.152.3 10/10
Confidence 69%
Reports 1,854
Location FR FR
9 Jun 2026
51.91.168.102 8/10
Confidence 69%
Reports 1,760
Location FR FR
7 Apr 2026
66.132.153.55 10/10
Confidence 69%
Reports 1,191
Location US US
23 Mar 2026
128.14.239.39 8/10
Confidence 69%
Reports 1,142
Location US US
3 Jun 2026
172.105.128.12 10/10
Confidence 69%
Reports 950
Location US US
2 Jun 2026
161.132.50.196 10/10
Confidence 69%
Reports 921
Location PE PE
7 Nov 2025
46.19.137.194 10/10
Confidence 69%
Reports 894
Location CH CH
29 Mar 2026
35.203.210.70 10/10
Confidence 69%
Reports 863
Location GB GB
7 Jun 2026
167.99.137.131 10/10
Confidence 69%
Reports 835
Location DE DE
3 Mar 2026
152.32.191.98 10/10
Confidence 69%
Reports 831
Location HK HK
4 Jun 2026
78.41.63.6 10/10
Confidence 69%
Reports 796
Location NL NL
4 Nov 2025

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "92.118.39.101",
    "threat_level": 10,
    "confidence_score": 69,
    "total_reports": 325,
    "country_code": "US",
    "isp_name": "Unmanaged Ltd",
    "asn": "47890",
    "first_reported": "2025-08-21 01:05:02",
    "last_reported": "2026-03-15 11:47:38",
    "exported_at": "2026-06-09T08:11:12+02:00",
    "source": "https://reportedip.de/ip/92.118.39.101/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses