IP Address

154.239.6.163

IPv4 Public
EG EG
AS36992
Etisalat Misr
470 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
8/10 Threat
93% Confidence
470 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
EG
EG Location
Etisalat Misr ASN 36992
470 Reports
Honeypot Data Source

Elevated Risk

IP 154.239.6.163 is a high-risk address originating from Egypt's Etisalat Misr network (AS36992) that has generated 470 incident reports from automated honeypot sensors since April 2026, indicating sustained hostile reconnaissance and intrusion activity with an elevated 8/10 threat level and 93% confidence score.

The IP was first reported in April 2026 and remained active through May 2026, accumulating reports across 20 distinct honeypot sensor sources. Detection patterns show a primary focus on Ciscoasa port scanning operations combined with Suricata stream anomaly alerts indicating malformed acknowledgment packets, consistent with sophisticated reconnaissance probes designed to map network defenses and identify vulnerable entry points for subsequent exploitation attempts.

Port scanning activity as observed from IP 154.239.6.163 represents active network reconnaissance where the address systematically probes target systems for open ports and services that could serve as attack vectors. The accompanying Suricata alerts regarding broken acknowledgment packets suggest the scanning implementation includes techniques to evade detection or exploit stateful inspection gaps in firewall configurations. The "Hacking" classification reflects confirmed intrusion attempt patterns beyond passive reconnaissance, indicating this address has progressed from simple scanning to active exploitation attempts against exposed services. Organizations with misconfigured or unpatched services facing the internet face genuine risk of unauthorized access originating from this source.

Site operators should implement blocking or rate-limiting measures for this IP address at the network perimeter, enforce strong authentication requirements on all exposed services, and monitor logs for any authentication failures or unusual traffic patterns originating from this source. Deploying intrusion detection systems and keeping systems patched reduces vulnerability to the exploitation techniques this address has demonstrated. Additionally, configuring firewall rules to drop traffic from this address and implementing fail2ban or similar automated blocking tools provides layered defense against continued reconnaissance.

More threatening than 81% of monitored IPs

Threat Categories

Port Scan 30
Hacking 20

Technical Details

Port scanning identifies open services and potential attack vectors on target systems as reconnaissance for attacks.

Recommended Mitigations

Minimize exposed services, implement firewall rules, and monitor for scanning patterns.

Reputable Network

This IP is hosted on a network (ASN 36992) with generally good reputation. The ISP Etisalat Misr maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 8/10 High
Confidence Score 80% Verified

Confidence History

3. May 2026 - 10. May 2026
93% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Port Scan Hacking Honeypot x2 75%
Port Scan Honeypot 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Hacking Honeypot x2 75%
Hacking Port Scan Honeypot x2 75%
Port Scan Honeypot 75%
Port Scan Honeypot 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Honeypot 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Honeypot 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Honeypot 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Honeypot 75%
Port Scan Honeypot 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Hacking Honeypot x2 75%
Hacking Port Scan Honeypot x2 75%
Port Scan Honeypot 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Honeypot 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Hacking Honeypot x2 75%
10 of 470 shown

Technical Details

Basic Information

IP Address
154.239.6.163
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class B

Geolocation

Country
EG EG
ASN
AS36992
ISP
Etisalat Misr

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
470
First Reported
23 Apr 2026
Last Reported
10 May 2026, 05:53

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS36992
Etisalat Misr
EG EG

Network Threat Assessment

1/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

26
Total IPs Monitored
594
Total Reports
22.8
Reports per IP

Network Context

This IP address belongs to Etisalat Misr (AS36992), which manages 26 IP addresses in our monitoring system. Out of these, 594 have been reported for suspicious activities, resulting in a network-wide threat level of 1/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

81 %

Global Threat Ranking

This IP is more threatening than 81% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,218 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 470 avg: 23 ++

Network Comparison

Compared against 57 IPs in ASN 36992

Threat Level 8/10 network avg: 6.1 +
Total Reports 470 network avg: 17 ++
Network Etisalat Misr has overall threat level 1/10

Geographic Comparison

Compared against 1,159 IPs in EG

Threat Level 8/10 country avg: 4.8 ++
Total Reports 470 country avg: 5 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

186,914 threat incidents tracked globally • Last 24h: 18,893 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,421 20.6%
  2. 02
    IN
    India IN
    28,931 15.5%
  3. 03
    CN
    China CN
    26,004 13.9%
  4. 04
    BR
    Brazil BR
    10,236 5.5%
  5. 05
    DE
    Germany DE
    7,138 3.8%
  6. 06
    SG
    Singapore SG
    6,475 3.5%
  7. 07
    ID
    Indonesia ID
    5,522 3%
  8. 08
    RU
    Russia RU
    4,700 2.5%
  9. 09
    PK
    Pakistan PK
    4,646 2.5%
  10. 10
    NL
    Netherlands NL
    4,354 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
6.5/10 Avg Threat
58% Avg Confidence
14 High Threat
High-risk network: Majority of related IPs are flagged
62.193.106.227 10/10
Confidence 95%
Reports 115
Location EG EG
20 May 2026
197.199.224.52 10/10
Confidence 94%
Reports 132
Location EG EG
9 Jun 2026
84.36.142.9 8/10
Confidence 94%
Reports 14
Location EG EG
7 Jun 2026
84.36.11.162 10/10
Confidence 90%
Reports 13
Location EG EG
23 May 2026
154.236.187.90 10/10
Confidence 81%
Reports 66
Location EG EG
21 Apr 2026
41.65.226.84 10/10
Confidence 77%
Reports 16
Location EG EG
17 May 2026
84.36.95.218 10/10
Confidence 76%
Reports 11
Location EG EG
21 May 2026
154.239.9.174 8/10
Confidence 68%
Reports 37
Location EG EG
1 Mar 2026
62.193.91.121 8/10
Confidence 56%
Reports 6
Location EG EG
8 Jun 2026
84.36.150.2 10/10
Confidence 52%
Reports 4
Location EG EG
9 Jun 2026
194.79.103.229 0/10
Confidence 51%
Reports 4
Location EG EG
23 Apr 2026
41.65.30.137 0/10
Confidence 46%
Reports 4
Location EG EG
10 Apr 2026
41.199.252.49 10/10
Confidence 40%
Reports 5
Location EG EG
21 Apr 2026
62.114.161.94 0/10
Confidence 40%
Reports 2
Location EG EG
15 Mar 2026
84.36.38.102 0/10
Confidence 40%
Reports 2
Location EG EG
27 Mar 2026
41.153.30.107 8/10
Confidence 38%
Reports 3
Location EG EG
26 Apr 2026
84.36.141.2 0/10
Confidence 35%
Reports 2
Location EG EG
30 Mar 2026
217.55.156.100 10/10
Confidence 30%
Reports 3
Location EG EG
18 Feb 2026
154.237.118.192 0/10
Confidence 30%
Reports 1
Location EG EG
13 Mar 2026
41.199.124.93 7/10
Confidence 30%
Reports 1
Location EG EG

IPs from the same country with similar threat profiles.

15 Related IPs
9.7/10 Avg Threat
95% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
196.218.222.18 10/10
Confidence 98%
Reports 19
ISP TE Data
21 May 2026
197.44.15.210 8/10
Confidence 97%
Reports 42
ISP TE Data
6 Jun 2026
41.33.91.226 10/10
Confidence 96%
Reports 94
ISP TE Data
8 Jun 2026
41.128.181.199 10/10
Confidence 95%
Reports 116
ISP LINKdotNET
6 Jun 2026
62.193.106.227 10/10
Confidence 95%
Reports 115
ISP Etisalat Misr
20 May 2026
45.246.76.124 8/10
Confidence 95%
Reports 13
ISP LINKdotNET
24 Feb 2026
41.32.25.178 10/10
Confidence 94%
Reports 135
ISP TE Data
11 Jan 2026
197.199.224.52 10/10
Confidence 94%
Reports 132
ISP Etisalat Misr
9 Jun 2026
41.38.96.28 10/10
Confidence 94%
Reports 70
ISP TE Data
10 May 2026
196.131.184.18 10/10
Confidence 94%
Reports 69
ISP RAYA Telecom - ...
30 Dec 2025
102.191.231.103 10/10
Confidence 94%
Reports 66
ISP RAYA Telecom - ...
26 Dec 2025
156.204.71.130 10/10
Confidence 94%
Reports 52
ISP TE Data
26 Dec 2025
156.204.68.7 10/10
Confidence 94%
Reports 28
ISP TE Data
26 Dec 2025
196.221.207.125 10/10
Confidence 94%
Reports 28
ISP RAYA Telecom - ...
17 May 2026
197.44.230.50 10/10
Confidence 94%
Reports 22
ISP TE Data
20 Jan 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.5/10 Avg Threat
93% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
176.65.149.31 10/10
Confidence 93%
Reports 4,020
Location NL NL
9 Jun 2026
45.205.1.5 10/10
Confidence 93%
Reports 2,947
Location MU MU
9 Jun 2026
46.151.178.13 8/10
Confidence 93%
Reports 2,753
Location NL NL
9 Jun 2026
200.124.160.2 10/10
Confidence 93%
Reports 2,116
Location MX MX
21 Apr 2026
80.66.83.43 10/10
Confidence 93%
Reports 1,973
Location RU RU
8 Jun 2026
130.12.181.98 8/10
Confidence 93%
Reports 1,224
Location DE DE
6 Jun 2026
91.92.240.13 8/10
Confidence 93%
Reports 841
Location DE DE
18 May 2026
5.83.143.40 10/10
Confidence 93%
Reports 823
Location NL NL
9 Jun 2026
160.119.76.4 8/10
Confidence 93%
Reports 820
Location SC SC
2 Jun 2026
103.56.148.184 10/10
Confidence 93%
Reports 634
Location ID ID
9 Jun 2026
185.224.128.16 10/10
Confidence 93%
Reports 609
Location NL NL
9 Jun 2026
207.90.244.12 10/10
Confidence 93%
Reports 542
Location US US
8 Jun 2026
185.156.73.157 10/10
Confidence 93%
Reports 525
Location UA UA
31 May 2026
80.94.95.83 10/10
Confidence 93%
Reports 487
Location RO RO
8 Jun 2026
5.83.143.80 10/10
Confidence 93%
Reports 461
Location NL NL
3 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "154.239.6.163",
    "threat_level": 8,
    "confidence_score": 93,
    "total_reports": 470,
    "country_code": "EG",
    "isp_name": "Etisalat Misr",
    "asn": "36992",
    "first_reported": "2026-04-23 12:50:20",
    "last_reported": "2026-05-10 05:53:20",
    "exported_at": "2026-06-09T07:01:44+02:00",
    "source": "https://reportedip.de/ip/154.239.6.163/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses