IP Address

185.243.96.105

IPv4 Public
UA UA
AS48693
Rices Privately owned enterprise
17,727 Reports
This IP is under Observation Suspicious activity detected - monitor closely
10/10 Threat
59% Confidence
17,727 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
UA
UA Location
Rices Privately owned ent... ASN 48693
17,727 Reports
Honeypot Data Source

Critical Threat

IP address 185.243.96.105 is a critical-risk address originating from Ukraine that has been associated with 17,727 total abuse reports dominated by general hacking activity, including intrusion attempts and exploitation of vulnerabilities, warranting immediate blocking or strict rate-limiting for any exposed services.

The IP, registered to network operator Rices Privately owned enterprise under ASN AS48693, was first reported in October 2025 and most recently reported in February 2026, spanning approximately five months of active engagement with honeypot sensors. The total abuse volume of 17,727 reports is substantial and reflects sustained, repeated scanning behaviour over the observation window, while the last reported dataset shows 20 specific hacking-category incidents captured by automated honeypot sensors. The 59% confidence score indicates a moderate level of certainty in the attribution, and the current activity frequency score of 0/10 suggests that, as of the most recent reports, the IP is not currently emitting detectable hostile traffic — a common pattern with cyclical or sporadic threat actors that go dormant between campaigns.

The dominant reported category, hacking, encompasses a broad range of intrusion activity including unauthorized access attempts, vulnerability probing and exploitation attempts against exposed services. Although the current activity frequency registers as zero, the massive historical report count demonstrates that this address has operated as an aggressive, automated threat actor in the recent past. Such IPs frequently cycle between active and dormant phases, meaning exposed services remain at risk of renewed scanning or exploitation attempts at any time, particularly if the operator repurposes the infrastructure for new campaigns.

Site operators should block or heavily rate-limit connections from 185.243.96.105 at the firewall level, and consider implementing automated blocking tools such as fail2ban or equivalent intrusion-prevention systems that respond to repeated authentication failures and suspicious connection patterns. All exposed services should enforce strong, unique credentials and disable unnecessary services or ports to reduce attack surface. Regular monitoring of abuse feeds and maintain intrusion-detection logging will help identify any resumption of hostile activity from this or adjacent infrastructure quickly.

More threatening than 89% of monitored IPs

Threat Categories

Hacking 30

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Moderate Network Risk

The network hosting this IP (ASN 48693, operated by Rices Privately owned enterprise) shows moderate threat indicators. Some concerning activity has been detected from neighboring addresses.

Consider the network context when assessing this individual IP.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 0/10 Inactive
Confidence Score 59% High Confidence

Confidence History

4. Feb 2026 - 5. Feb 2026
59% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking Honeypot x3 75%
Hacking Honeypot x3 75%
Hacking Honeypot x2 75%
Hacking Honeypot x3 75%
Hacking Honeypot x3 75%
Hacking Honeypot x3 75%
Hacking Honeypot x3 75%
Hacking Honeypot x6 75%
Hacking Honeypot x3 75%
Hacking Honeypot x3 75%
Hacking Honeypot x6 75%
Hacking Honeypot x3 75%
Hacking Honeypot x6 75%
Hacking Honeypot x7 75%
Hacking Honeypot x4 75%
Hacking Honeypot x4 75%
Hacking Honeypot x4 75%
Hacking Honeypot x4 75%
Hacking Honeypot x4 75%
Hacking Honeypot 75%
Hacking Honeypot x4 75%
Hacking Honeypot x4 75%
Hacking Honeypot x8 75%
Hacking Honeypot x4 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot x4 75%
Hacking Honeypot x3 75%
Hacking Honeypot x5 75%
Hacking Honeypot 75%
10 of 17727 shown

Technical Details

Basic Information

IP Address
185.243.96.105
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class B

Geolocation

Country
UA UA
ASN
AS48693
ISP
Rices Privately owned enterprise

DNS Information

Reverse DNS
srv02.jericomvoce.com.br
PTR Record
Yes
Connection Type
Static

Statistics

Total Reports
17,727
First Reported
6 Oct 2025
Last Reported
5 Feb 2026, 09:23

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS48693
Rices Privately owned enterprise
UA UA

Network Threat Assessment

4/10
This network has low threat indicators with minimal suspicious activity.

Network Statistics

10
Total IPs Monitored
111,079
Total Reports
11107.9
Reports per IP

Network Context

This IP address belongs to Rices Privately owned enterprise (AS48693), which manages 10 IP addresses in our monitoring system. Out of these, 111,079 have been reported for suspicious activities, resulting in a network-wide threat level of 4/10.

Network notice: This network shows some suspicious activity patterns. Monitor interactions with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

89 %

Global Threat Ranking

This IP is more threatening than 89% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,742 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 17,727 avg: 23 ++

Network Comparison

Compared against 11 IPs in ASN 48693

Threat Level 10/10 network avg: 9.1 =
Total Reports 17,727 network avg: 1,676 ++
Network Rices Privately owned enterprise has overall threat level 4/10

Geographic Comparison

Compared against 682 IPs in UA

Threat Level 10/10 country avg: 5.6 ++
Total Reports 17,727 country avg: 145 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,378 threat incidents tracked globally • Last 24h: 18,990 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,468 20.5%
  2. 02
    IN
    India IN
    29,138 15.6%
  3. 03
    CN
    China CN
    26,029 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE
    7,144 3.8%
  6. 06
    SG
    Singapore SG
    6,476 3.5%
  7. 07
    ID
    Indonesia ID
    5,551 3%
  8. 08
    RU
    Russia RU
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,677 2.5%
  10. 10
    NL
    Netherlands NL
    4,358 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same subnet range, likely same network segment.

5 Related IPs
9.2/10 Avg Threat
49% Avg Confidence
4 High Threat
High-risk network: Majority of related IPs are flagged
185.243.96.20 10/10
Confidence 94%
Reports 103
Location UA UA
4 Feb 2026
185.243.96.116 10/10
Confidence 63%
Reports 270
Location UA UA
5 Feb 2026
185.243.96.135 10/10
Confidence 53%
Reports 9
Location UA UA
26 Jan 2026
185.243.96.107 10/10
Confidence 31%
Reports 6
Location UA UA
17 Aug 2025
185.243.96.137 6/10
Confidence 4%
Reports 1
Location UA UA
28 Aug 2025

IPs from the same country with similar threat profiles.

15 Related IPs
9.5/10 Avg Threat
97% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
45.88.138.44 8/10
Confidence 100%
Reports 210
ISP Ayosoft Ltd
9 Jun 2026
109.95.33.211 10/10
Confidence 100%
Reports 114
ISP ISP Shtorm LTD
7 May 2026
195.49.128.211 10/10
Confidence 100%
Reports 89
ISP SPD Polyudov Al...
8 Jun 2026
92.60.189.21 10/10
Confidence 100%
Reports 89
ISP WNET TELECOM US...
8 Jun 2026
193.176.251.229 10/10
Confidence 99%
Reports 20
ISP CHP Poddubny Se...
8 Jun 2026
92.113.142.203 10/10
Confidence 97%
Reports 25
ISP IDC Cube
7 Jun 2026
77.83.39.197 10/10
Confidence 96%
Reports 73
ISP Kprohost LLC
9 Jun 2026
91.201.108.198 8/10
Confidence 96%
Reports 27
ISP Lugansk Telepho...
5 Jun 2026
77.83.39.9 10/10
Confidence 96%
Reports 17
ISP Kprohost LLC
11 May 2026
92.63.197.22 10/10
Confidence 94%
Reports 989
ISP FOP Dmytro Nedi...
1 Jun 2026
77.83.39.217 7/10
Confidence 94%
Reports 357
ISP Kprohost LLC
6 Jun 2026
45.144.212.75 10/10
Confidence 94%
Reports 283
ISP Kprohost LLC
6 Jun 2026
77.83.39.227 10/10
Confidence 94%
Reports 239
ISP Kprohost LLC
6 Jun 2026
77.83.39.154 10/10
Confidence 94%
Reports 238
ISP Kprohost LLC
6 Jun 2026
77.83.39.237 10/10
Confidence 94%
Reports 237
ISP Kprohost LLC
6 Jun 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.5/10 Avg Threat
59% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
77.90.185.141 10/10
Confidence 59%
Reports 46,654
Location DE DE
11 Nov 2025
198.23.190.58 10/10
Confidence 59%
Reports 40,333
Location US US
17 Nov 2025
45.234.176.18 8/10
Confidence 59%
Reports 31,506
Location BR BR
5 Oct 2025
103.146.203.60 10/10
Confidence 59%
Reports 31,330
Location ID ID
1 Sep 2025
176.65.134.8 10/10
Confidence 59%
Reports 29,990
Location DE DE
29 Sep 2025
176.65.134.7 7/10
Confidence 59%
Reports 26,776
Location DE DE
21 Sep 2025
2.57.121.148 10/10
Confidence 59%
Reports 25,577
Location RO RO
1 Oct 2025
103.91.140.28 10/10
Confidence 59%
Reports 23,540
Location PH PH
16 Sep 2025
206.81.13.37 8/10
Confidence 59%
Reports 20,549
Location US US
5 Sep 2025
104.164.110.7 10/10
Confidence 59%
Reports 17,849
Location US US
27 Dec 2025
45.187.40.40 10/10
Confidence 59%
Reports 16,203
Location BR BR
9 Sep 2025
198.12.68.114 10/10
Confidence 59%
Reports 14,600
Location US US
17 Nov 2025
173.231.185.164 10/10
Confidence 59%
Reports 14,563
Location US US
15 Sep 2025
103.162.15.126 10/10
Confidence 59%
Reports 13,612
Location VN VN
8 Nov 2025
45.32.210.176 10/10
Confidence 59%
Reports 13,308
Location US US
8 Sep 2025

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "185.243.96.105",
    "threat_level": 10,
    "confidence_score": 59,
    "total_reports": 17727,
    "country_code": "UA",
    "isp_name": "Rices Privately owned enterprise",
    "asn": "48693",
    "first_reported": "2025-10-06 06:21:20",
    "last_reported": "2026-02-05 09:23:09",
    "exported_at": "2026-06-09T11:01:18+02:00",
    "source": "https://reportedip.de/ip/185.243.96.105/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses