IP Address

93.152.208.38

IPv4 Public
ZA ZA
IPv
495 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
8/10 Threat
94% Confidence
495 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
ZA
South Africa Location
IPv ISP
495 Reports
Honeypot Data Source

Elevated Risk

IP 93.152.208.38, originating from South Africa, represents a high-risk threat actor with a threat level of 8/10 and a confidence score of 94%, according to community reports and automated honeypot detection systems. This address has accumulated 372 abuse reports within a concentrated two-month window from May to June 2026, indicating sustained and persistent malicious activity. The activity frequency rating of 8/10 underscores the aggressive nature of this actor's operations, with an average of approximately 186 reports per month during this period.

The detection data reveals that all 372 reports originate from automated honeypot sensors, which passively catalogue intrusion attempts against exposed network services. The geographic attribution to South Africa places this activity within the IPv address space allocated to a regional network operator. The dominance of hacking-related threat categories in the reported data confirms that this IP is engaged in systematic exploitation attempts rather than opportunistic scanning. The consistent monthly volume of reports suggests this is not transient scanning behavior but rather an active campaign targeting vulnerable services accessible from this address.

Hacking activity, as classified in these reports, encompasses a broad spectrum of unauthorized access attempts including vulnerability exploitation, credential-based attacks, and exploitation of misconfigured services. For organizations running exposed services, this pattern translates to concrete risk of unauthorized access, data exfiltration, or pivot attacks into internal networks. The sustained frequency of reports indicates an actor actively adapting techniques to identify and compromise accessible systems, rather than relying on static, easily mitigated scripts.

Site operators should immediately block or heavily rate-limit connections from this IP address at the network perimeter firewall level. Implementing fail2ban or equivalent log-based intrusion prevention tools can automatically ban IPs exhibiting brute-force patterns. All exposed services should enforce strong, unique credentials and multi-factor authentication where feasible. Continuous monitoring of authentication logs for source IPs matching this address, combined with regular vulnerability scanning and prompt patching cycles, will significantly reduce the attack surface this actor could exploit.

More threatening than 81% of monitored IPs

Threat Categories

Hacking 30

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Behavioral Analysis

Activity Pattern: Sporadic

Irregular burst activity pattern indicates intermittent use of a compromised system.

First Observed 13. May 2026
Last Activity 9. June 2026
Recent (7 days) 106 incidents

Reputable Network

This IP is hosted on a network (ASN 0) with generally good reputation. The ISP IPv maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Implement adaptive blocking rules.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 8/10 High
Confidence Score 94% Verified

Confidence History

7. Jun 2026 - 9. Jun 2026
94% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
10 of 495 shown

Technical Details

Basic Information

IP Address
93.152.208.38
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
ZA ZA
ASN
Unknown
ISP
IPv

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
495
First Reported
13 May 2026
Last Reported
9 Jun 2026, 03:04

Comparative Analysis

How this IP compares to others in our threat intelligence database

81 %

Global Threat Ranking

This IP is more threatening than 81% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,218 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 495 avg: 23 ++

Geographic Comparison

Compared against 835 IPs in ZA

Threat Level 8/10 country avg: 5.1 ++
Total Reports 495 country avg: 6 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

186,914 threat incidents tracked globally • Last 24h: 18,893 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,421 20.6%
  2. 02
    IN
    India IN
    28,931 15.5%
  3. 03
    CN
    China CN
    26,004 13.9%
  4. 04
    BR
    Brazil BR
    10,236 5.5%
  5. 05
    DE
    Germany DE
    7,138 3.8%
  6. 06
    SG
    Singapore SG
    6,475 3.5%
  7. 07
    ID
    Indonesia ID
    5,522 3%
  8. 08
    RU
    Russia RU
    4,700 2.5%
  9. 09
    PK
    Pakistan PK
    4,646 2.5%
  10. 10
    NL
    Netherlands NL
    4,354 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same country with similar threat profiles.

15 Related IPs
9.3/10 Avg Threat
96% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
41.181.156.205 10/10
Confidence 99%
Reports 39
ISP MTN Business So...
28 May 2026
13.246.179.73 8/10
Confidence 99%
Reports 24
ISP Amazon.com, Inc.
7 May 2026
105.28.108.165 10/10
Confidence 98%
Reports 12
ISP SEACOM-AS
8 Jun 2026
102.210.149.236 10/10
Confidence 97%
Reports 33
ISP KoTDA
8 Jun 2026
102.210.148.92 10/10
Confidence 96%
Reports 111
ISP KoTDA
4 Jun 2026
41.76.214.94 8/10
Confidence 96%
Reports 20
ISP AFRIHOST-SP
6 May 2026
41.76.213.235 8/10
Confidence 96%
Reports 13
ISP AFRIHOST-SP
5 Jun 2026
4.221.162.168 10/10
Confidence 95%
Reports 44
ISP MICROSOFT-CORP-...
6 Jun 2026
93.152.208.42 10/10
Confidence 94%
Reports 530
ISP IPv
9 Jun 2026
93.152.208.26 8/10
Confidence 94%
Reports 477
ISP IPv
9 Jun 2026
93.152.208.14 10/10
Confidence 94%
Reports 142
ISP IPv
20 May 2026
93.152.208.18 8/10
Confidence 94%
Reports 127
ISP IPv
19 May 2026
168.76.131.178 10/10
Confidence 94%
Reports 93
ISP ASLINE LIMITED
7 Jun 2026
169.239.47.178 10/10
Confidence 94%
Reports 69
ISP Perlcom-iSPOT
11 Jan 2026
164.151.136.50 10/10
Confidence 94%
Reports 53
ISP SITA-AS
6 Jun 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.7/10 Avg Threat
94% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
193.32.162.28 10/10
Confidence 94%
Reports 5,435
Location RO RO
25 May 2026
51.68.207.118 10/10
Confidence 94%
Reports 5,247
Location FR FR
9 Jun 2026
185.246.128.133 10/10
Confidence 94%
Reports 5,106
Location SE SE
9 Jun 2026
185.233.247.245 8/10
Confidence 94%
Reports 3,686
Location TR TR
6 Jun 2026
49.12.27.102 10/10
Confidence 94%
Reports 3,548
Location DE DE
8 Jun 2026
128.199.240.7 10/10
Confidence 94%
Reports 3,512
Location SG SG
25 May 2026
162.55.119.195 10/10
Confidence 94%
Reports 3,404
Location DE DE
30 Apr 2026
66.132.172.165 10/10
Confidence 94%
Reports 3,320
Location US US
9 Jun 2026
66.132.172.162 10/10
Confidence 94%
Reports 3,319
Location US US
9 Jun 2026
66.132.172.175 10/10
Confidence 94%
Reports 3,312
Location US US
9 Jun 2026
66.132.172.164 10/10
Confidence 94%
Reports 3,302
Location US US
9 Jun 2026
66.132.172.167 10/10
Confidence 94%
Reports 3,297
Location US US
9 Jun 2026
66.132.172.171 10/10
Confidence 94%
Reports 3,283
Location US US
9 Jun 2026
66.132.172.160 8/10
Confidence 94%
Reports 3,266
Location US US
9 Jun 2026
66.132.172.161 10/10
Confidence 94%
Reports 3,264
Location US US
9 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "93.152.208.38",
    "threat_level": 8,
    "confidence_score": 94,
    "total_reports": 495,
    "country_code": "ZA",
    "isp_name": "IPv",
    "asn": "0",
    "first_reported": "2026-05-13 10:26:43",
    "last_reported": "2026-06-09 03:04:44",
    "exported_at": "2026-06-09T07:01:47+02:00",
    "source": "https://reportedip.de/ip/93.152.208.38/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses