Notable Threat
IP 207.90.244.22 is a high-risk address linked to widespread hacking activity, with 11,617 abuse reports filed against it by automated honeypot sensors between September 2025 and June 2026. The threat level of 8/10 and activity frequency of 8/10 indicate sustained, repeated intrusion attempts originating from this US-based IP address.
The IP routes through AS174 (COGENT-174), a major US backbone provider, and the volume of reports suggests the address may be assigned to a compromised end-user connection, an exit node for anonymisation infrastructure, or an inadequately secured corporate system. All 20 recent reports classify the activity as general hacking attempts detected across honeypot sensors, confirming sustained automated scanning and exploitation probing targeting exposed services.
The dominant threat category of hacking encompasses a broad spectrum of intrusion activity including vulnerability exploitation, brute-force authentication attempts, and reconnaissance scanning. With over eleven thousand accumulated reports and a confidence score of 84%, this IP poses a concrete risk to any exposed service, particularly those with weak authentication mechanisms, outdated software, or misconfigured network settings. The sustained nature of the activity suggests it operates as part of an automated botnet or coordinated scanning campaign rather than isolated manual probing.
Site operators should block this address at the network perimeter or firewall level and monitor logs for any associated authentication attempts. Implementing strict rate-limiting on authentication endpoints, enforcing strong password policies, and deploying intrusion detection tools such as fail2ban can reduce exposure. Regular patch management and vulnerability scanning will further limit the attack surface that this IP and others like it attempt to exploit.
CA 
AT 
RO 
IR 
GB