IP Address

185.220.101.34

IPv4 Public Tor Exit Node
DE DE
AS60729
Stiftung Erneuerbare Freiheit
178 Reports
This IP is under Observation Suspicious activity detected - monitor closely
8/10 Threat
65% Confidence
178 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
DE
DE Location
Stiftung Erneuerbare Frei... ASN 60729
178 Reports
Mixed Data Source

High Risk

IP 185.220.101.34, registered to German network operator Stiftung Erneuerbare Freiheit (AS60729), presents a high-risk threat profile with a threat level of 8/10 based on 178 total abuse reports spanning October 2025 through May 2026. The address demonstrates persistent hacking activity alongside brute-force authentication attempts and reconnaissance port scanning, with automated honeypot sensors flagging the majority of detections.

Security telemetry indicates 178 total reports across 18 automated honeypot sensors and 2 community sources, yielding a 65% confidence score in malicious intent. The activity frequency of 2/10 suggests opportunistic rather than continuous engagement, yet the volume of reports remains significant. Attack pattern analysis reveals Cisco ASA port scanning behavior and detection of SSH sessions on non-standard ports, consistent with pre-attack reconnaissance and unauthorized access vectors targeting exposed services.

The dominant threat category for IP 185.220.101.34 is hacking activity, accounting for 17 recent reports and indicating systematic intrusion attempts against target systems. Port scanning and brute-force attacks further compound this risk by mapping network defenses and attempting to compromise authentication mechanisms. Observed Cisco ASA reconnaissance patterns suggest the operator may be targeting specific infrastructure configurations, while SSH session detection implies ongoing attempts to establish unauthorized remote access. These combined techniques enable threat actors to identify vulnerabilities, bypass authentication controls, and potentially gain persistent foothold within targeted networks.

Network defenders should implement strict ingress filtering on perimeter firewalls, blocking this address at the network edge. Deploying rate-limiting solutions such as fail2ban mitigates brute-force attempts by temporarily blocking repeat offending sources. Enforcing multi-factor authentication and strong credential policies across all remote access services substantially reduces authentication-based attack success rates. Continuous monitoring for scanning patterns and unusual SSH traffic on non-standard ports aids in early detection and response to reconnaissance activity.

More threatening than 79% of monitored IPs

Threat Categories

Hacking 27
Brute-Force 2
Port Scan 1

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Behavioral Analysis

Activity Pattern: Consistent Activity

Steady malicious activity over 2 weeks indicates persistent threat actor operations.

First Observed 15. May 2026
Last Activity 29. May 2026
Recent (7 days) 0 incidents

Reputable Network

This IP is hosted on a network (ASN 60729) with generally good reputation. The ISP Stiftung Erneuerbare Freiheit maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Long-term blocking recommended.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 2/10 Very Low
Confidence Score 63% High Confidence

Confidence History

9. Oct 2025 - 29. May 2026
65% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Brute-Force Community 75%
Brute-Force Community 75%
Port Scan Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
10 of 178 shown

Technical Details

Basic Information

IP Address
185.220.101.34
IP Version
IPv4
Network Type
Public
Tor Network
Tor Exit Node
Network Class
Class B

Geolocation

Country
DE DE
ASN
AS60729
ISP
Stiftung Erneuerbare Freiheit

DNS Information

Reverse DNS
tor-exit-34.for-privacy.net
PTR Record
Yes
Connection Type
Static

Statistics

Total Reports
178
First Reported
9 Oct 2025
Last Reported
29 May 2026, 17:14

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS60729
Stiftung Erneuerbare Freiheit
DE DE

Network Threat Assessment

3/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

135
Total IPs Monitored
2,641
Total Reports
19.6
Reports per IP

Network Context

This IP address belongs to Stiftung Erneuerbare Freiheit (AS60729), which manages 135 IP addresses in our monitoring system. Out of these, 2,641 have been reported for suspicious activities, resulting in a network-wide threat level of 3/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

79 %

Global Threat Ranking

This IP is more threatening than 79% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,763 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 178 avg: 23 ++

Network Comparison

Compared against 137 IPs in ASN 60729

Threat Level 8/10 network avg: 6.5 +
Total Reports 178 network avg: 21 ++
Network Stiftung Erneuerbare Freiheit has overall threat level 3/10

Geographic Comparison

Compared against 7,146 IPs in DE

Threat Level 8/10 country avg: 5.8 +
Total Reports 178 country avg: 61 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,378 threat incidents tracked globally • Last 24h: 18,990 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,468 20.5%
  2. 02
    IN
    India IN
    29,138 15.6%
  3. 03
    CN
    China CN
    26,029 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE THIS IP
    7,144 3.8%
  6. 06
    SG
    Singapore SG
    6,476 3.5%
  7. 07
    ID
    Indonesia ID
    5,551 3%
  8. 08
    RU
    Russia RU
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,677 2.5%
  10. 10
    NL
    Netherlands NL
    4,358 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
8.5/10 Avg Threat
67% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
185.220.101.140 8/10
Confidence 73%
Reports 29
Location DE DE
19 May 2026
185.220.101.139 10/10
Confidence 73%
Reports 11
Location DE DE
29 May 2026
185.220.101.136 8/10
Confidence 72%
Reports 17
Location DE DE
17 May 2026
185.220.101.163 8/10
Confidence 72%
Reports 6
Location DE DE
28 May 2026
185.220.101.154 8/10
Confidence 70%
Reports 7
Location DE DE
15 May 2026
185.220.101.39 8/10
Confidence 69%
Reports 115
Location DE DE
31 May 2026
185.220.101.186 8/10
Confidence 69%
Reports 18
Location DE DE
28 May 2026
185.220.101.43 10/10
Confidence 68%
Reports 197
Location DE DE
29 May 2026
185.220.101.187 8/10
Confidence 67%
Reports 71
Location DE DE
24 May 2026
185.220.101.104 8/10
Confidence 66%
Reports 13
Location DE DE
29 May 2026
185.220.101.62 10/10
Confidence 65%
Reports 60
Location DE DE
31 May 2026
185.220.101.51 8/10
Confidence 65%
Reports 51
Location DE DE
28 May 2026
185.220.101.137 8/10
Confidence 65%
Reports 50
Location DE DE
6 Jun 2026
185.220.101.162 8/10
Confidence 65%
Reports 49
Location DE DE
9 Oct 2025
185.220.101.48 10/10
Confidence 64%
Reports 38
Location DE DE
9 Oct 2025
185.220.101.179 10/10
Confidence 64%
Reports 21
Location DE DE
25 May 2026
185.220.101.183 8/10
Confidence 64%
Reports 13
Location DE DE
9 Mar 2026
185.220.101.100 8/10
Confidence 63%
Reports 23
Location DE DE
18 May 2026
185.220.101.165 8/10
Confidence 62%
Reports 65
Location DE DE
14 May 2026
185.220.101.38 8/10
Confidence 61%
Reports 12
Location DE DE
6 Jun 2026

IPs from the same subnet range, likely same network segment.

20 Related IPs
8.5/10 Avg Threat
67% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
185.220.101.140 8/10
Confidence 73%
Reports 29
Location DE DE
19 May 2026
185.220.101.139 10/10
Confidence 73%
Reports 11
Location DE DE
29 May 2026
185.220.101.136 8/10
Confidence 72%
Reports 17
Location DE DE
17 May 2026
185.220.101.163 8/10
Confidence 72%
Reports 6
Location DE DE
28 May 2026
185.220.101.154 8/10
Confidence 70%
Reports 7
Location DE DE
15 May 2026
185.220.101.39 8/10
Confidence 69%
Reports 115
Location DE DE
31 May 2026
185.220.101.186 8/10
Confidence 69%
Reports 18
Location DE DE
28 May 2026
185.220.101.43 10/10
Confidence 68%
Reports 197
Location DE DE
29 May 2026
185.220.101.187 8/10
Confidence 67%
Reports 71
Location DE DE
24 May 2026
185.220.101.104 8/10
Confidence 66%
Reports 13
Location DE DE
29 May 2026
185.220.101.62 10/10
Confidence 65%
Reports 60
Location DE DE
31 May 2026
185.220.101.51 8/10
Confidence 65%
Reports 51
Location DE DE
28 May 2026
185.220.101.137 8/10
Confidence 65%
Reports 50
Location DE DE
6 Jun 2026
185.220.101.162 8/10
Confidence 65%
Reports 49
Location DE DE
9 Oct 2025
185.220.101.48 10/10
Confidence 64%
Reports 38
Location DE DE
9 Oct 2025
185.220.101.179 10/10
Confidence 64%
Reports 21
Location DE DE
25 May 2026
185.220.101.183 8/10
Confidence 64%
Reports 13
Location DE DE
9 Mar 2026
185.220.101.100 8/10
Confidence 63%
Reports 23
Location DE DE
18 May 2026
185.220.101.165 8/10
Confidence 62%
Reports 65
Location DE DE
14 May 2026
185.220.101.38 8/10
Confidence 61%
Reports 12
Location DE DE
6 Jun 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.6/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
45.92.11.94 8/10
Confidence 100%
Reports 274
ISP Contabo GmbH
1 Mar 2026
88.198.64.173 8/10
Confidence 100%
Reports 174
ISP Hetzner Online ...
22 May 2026
159.100.13.237 8/10
Confidence 100%
Reports 169
ISP Ultahost, Inc.
6 May 2026
46.224.234.158 8/10
Confidence 100%
Reports 131
ISP Hetzner Online ...
9 Jun 2026
5.83.135.249 8/10
Confidence 100%
Reports 116
ISP active 1 GmbH
7 Jun 2026
3.70.164.132 8/10
Confidence 100%
Reports 99
ISP Amazon.com, Inc.
19 May 2026
118.193.59.142 7/10
Confidence 100%
Reports 89
ISP UCLOUD INFORMAT...
5 Jun 2026
94.26.106.90 8/10
Confidence 100%
Reports 86
ISP dataforest GmbH
7 Jun 2026
49.12.3.147 10/10
Confidence 100%
Reports 78
ISP Hetzner Online ...
31 May 2026
94.26.106.111 10/10
Confidence 100%
Reports 75
ISP dataforest GmbH
13 May 2026
80.158.109.51 10/10
Confidence 100%
Reports 73
ISP T-Systems Inter...
6 Jun 2026
212.224.100.2 10/10
Confidence 100%
Reports 61
ISP firstcolo GmbH
31 May 2026
94.130.219.13 10/10
Confidence 100%
Reports 58
ISP Hetzner Online ...
9 May 2026
5.83.135.102 8/10
Confidence 100%
Reports 44
ISP AltunHOST LTD
8 Jun 2026
94.26.106.209 8/10
Confidence 100%
Reports 38
ISP dataforest GmbH
4 Jun 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.5/10 Avg Threat
65% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
204.76.203.231 8/10
Confidence 65%
Reports 7,735
Location NL NL
2 Jun 2026
91.202.233.33 10/10
Confidence 65%
Reports 4,992
Location TM TM
22 Mar 2026
203.209.181.4 10/10
Confidence 65%
Reports 3,393
Location VN VN
24 Mar 2026
66.132.153.48 10/10
Confidence 65%
Reports 2,612
Location US US
23 Mar 2026
66.132.153.62 10/10
Confidence 65%
Reports 2,573
Location US US
23 Mar 2026
66.132.153.58 10/10
Confidence 65%
Reports 2,493
Location US US
23 Mar 2026
45.144.212.177 7/10
Confidence 65%
Reports 2,400
Location UA UA
14 May 2026
66.132.153.59 10/10
Confidence 65%
Reports 2,318
Location US US
23 Mar 2026
66.132.153.54 10/10
Confidence 65%
Reports 2,191
Location US US
23 Mar 2026
35.233.95.0 8/10
Confidence 65%
Reports 1,776
Location BE BE
11 Apr 2026
41.111.162.34 10/10
Confidence 65%
Reports 1,602
Location DZ DZ
12 Mar 2026
77.90.185.18 10/10
Confidence 65%
Reports 1,441
Location DE DE
5 Apr 2026
204.76.203.28 10/10
Confidence 65%
Reports 1,440
Location NL NL
2 Dec 2025
209.141.33.240 10/10
Confidence 65%
Reports 1,340
Location US US
1 Mar 2026
45.81.23.49 10/10
Confidence 65%
Reports 1,102
Location NL NL
28 Feb 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "185.220.101.34",
    "threat_level": 8,
    "confidence_score": 65,
    "total_reports": 178,
    "country_code": "DE",
    "isp_name": "Stiftung Erneuerbare Freiheit",
    "asn": "60729",
    "first_reported": "2025-10-09 06:20:34",
    "last_reported": "2026-05-29 17:14:21",
    "exported_at": "2026-06-09T11:10:36+02:00",
    "source": "https://reportedip.de/ip/185.220.101.34/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses