Severe Risk
IP address 216.238.73.116 is a critical-risk address that automated honeypot sensors and community reports confirm as a persistent source of hacking activity, with 198 abuse reports filed against this single endpoint and a threat score of 10 out of 10. The IP originates from Mexico and operates within AS20473, a network allocated to The Constant Company, LLC, representing a moderately active but highly dangerous actor with an 8 out of 10 activity frequency rating and 94% detection confidence. The concentration of identical threat-category reports and the consistent detection across multiple automated honeypot sources strongly indicate that this address is actively engaged in systematic intrusion attempts rather than incidental scanning.
The 198 abuse reports attributed to 216.238.73.116 were all logged within May 2026, with every report categorizing the activity as hacking-related intrusion attempts. This timeframe concentration, combined with the uniform threat classification, suggests concentrated exploitation activity against vulnerable services during this period. The network operator, The Constant Company, LLC, operates AS20473, and while the geographic origin in Mexico provides context for the IP's registration, the autonomous system assignment indicates the infrastructure may be provisioned through a hosting provider with a broad global footprint. The 94% confidence score from automated honeypot sensors provides high reliability that this activity represents genuine malicious behavior rather than false positive detection.
Hacking activity as classified by these reports encompasses unauthorized access attempts, exploitation of vulnerabilities, and intrusion behaviors targeting exposed services. For organizations running publicly accessible systems, this means 216.238.73.116 has demonstrated concrete attempts to compromise network defenses through exploitation vectors. The consistent pattern of 198 identically categorized incidents within a single reporting period indicates sustained, automated assault capability rather than opportunistic single-attempt behavior, elevating the real-world risk profile for any exposed service encountering this address. Organizations with SSH, RDP, web applications, or other network-accessible services face direct exposure to credential stuffing, brute-force, or vulnerability exploitation attempts originating from this source.
PL 
GB 
AU 
RO 
FR 
SE 
TR