IP Address

92.118.39.37

IPv4 Public
US US
AS47890
Unmanaged Ltd
260 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
10/10 Threat
70% Confidence
260 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 10% High Threat
US
US Location
Unmanaged Ltd ASN 47890
260 Reports
Honeypot Data Source

Maximum Danger

IP 92.118.39.37 is a critical-risk address evaluated at a 10/10 threat level, definitively associated with sustained SSH brute-force intrusion attempts against exposed servers worldwide. This IP has accumulated 260 separate abuse reports across automated honeypot detection networks between August 2025 and March 2026, making it one of the most persistently reported addresses observed within that timeframe.

The threat intelligence surrounding 92.118.39.37 draws from 20 distinct automated honeypot sensors that collectively documented Hacking (19 reports), SSH (18 reports), and a single Exploited Host classification. Network routing places this address within AS47890 operated by Unmanaged Ltd, a US-based autonomous system whose "unmanaged" designation aligns with its use as an active attack platform rather than a typical residential or business endpoint. Suricata intrusion-detection signatures specifically captured SSH session establishment attempts on expected ports and documented active SSH command activity consistent with compromised-host behaviour, suggesting this address may be functioning both as an attack launcher and potentially as a partially compromised system itself.

SSH brute-force attacks represent one of the most common and effective initial-access vectors in credential-based intrusions. Automated tools systematically cycle through username and password combinations against exposed SSH daemons, exploiting weak or default credentials to gain shell access. Once inside, threat actors deploy backdoors, cryptocurrency miners, or pivot further into victim networks. The 260 reports linked to this address indicate sustained, high-volume assault campaigns rather than opportunistic probe-and-move activity.

Network defenders encountering this IP in logs should immediately block it at the firewall or network edge and implement fail2ban or similar rate-limiting rules to throttle repeated authentication failures. Transitioning SSH services to key-based authentication, disabling root login, and moving default port 22 to a non-standard port substantially reduces exposure to this attack category. Logs should be audited for any successful authentication events originating from this address, and hosting providers should be contacted regarding the abusive activity observed from their infrastructure.

More threatening than 92% of monitored IPs

Threat Categories

Hacking 29
SSH 27
Exploited Host 2

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

High-Risk Network Association

This IP belongs to a network (ASN 47890) with elevated threat levels. The ISP Unmanaged Ltd hosts multiple reported malicious addresses, suggesting systemic security issues or permissive policies.

Network-wide patterns may indicate this is part of a larger malicious infrastructure.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 0/10 Inactive
Confidence Score 68% High Confidence

Confidence History

4. Mar 2026 - 19. Mar 2026
70% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
SSH Honeypot 75%
Hacking Honeypot 75%
Hacking Exploited Host Honeypot x2 75%
Hacking SSH Honeypot x2 75%
SSH Hacking Honeypot x2 75%
SSH Hacking Honeypot x2 75%
SSH Hacking Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
SSH Hacking Honeypot x2 75%
SSH Hacking Honeypot x2 75%
SSH Hacking Honeypot x2 75%
SSH Hacking Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
SSH Hacking Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking SSH Honeypot x2 75%
Hacking Exploited Host Honeypot x2 75%
10 of 260 shown

Technical Details

Basic Information

IP Address
92.118.39.37
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
US US
ASN
AS47890
ISP
Unmanaged Ltd

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
260
First Reported
21 Aug 2025
Last Reported
19 Mar 2026, 09:17

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS47890
Unmanaged Ltd
RO RO

Network Threat Assessment

8/10
This network has a high threat level with significant malicious activity reported across multiple IPs.

Network Statistics

185
Total IPs Monitored
149,970
Total Reports
810.6
Reports per IP

Network Context

This IP address belongs to Unmanaged Ltd (AS47890), which manages 185 IP addresses in our monitoring system. Out of these, 149,970 have been reported for suspicious activities, resulting in a network-wide threat level of 8/10.

Network warning: This network has elevated threat levels. Exercise caution when interacting with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

92 %

Global Threat Ranking

This IP is more threatening than 92% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,372 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 260 avg: 23 ++

Network Comparison

Compared against 190 IPs in ASN 47890

Threat Level 10/10 network avg: 7.8 +
Total Reports 260 network avg: 806 --
Network Unmanaged Ltd has overall threat level 8/10

Geographic Comparison

Compared against 38,445 IPs in US

Threat Level 10/10 country avg: 5.9 ++
Total Reports 260 country avg: 41 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,017 threat incidents tracked globally • Last 24h: 18,967 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US THIS IP
    38,426 20.5%
  2. 02
    IN
    India IN
    28,977 15.5%
  3. 03
    CN
    China CN
    26,016 13.9%
  4. 04
    BR
    Brazil BR
    10,249 5.5%
  5. 05
    DE
    Germany DE
    7,139 3.8%
  6. 06
    SG
    Singapore SG
    6,475 3.5%
  7. 07
    ID
    Indonesia ID
    5,533 3%
  8. 08
    RU
    Russia RU
    4,701 2.5%
  9. 09
    PK
    Pakistan PK
    4,647 2.5%
  10. 10
    NL
    Netherlands NL
    4,355 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
9.7/10 Avg Threat
95% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
193.32.162.192 7/10
Confidence 100%
Reports 31
Location RO RO
25 Dec 2025
193.32.162.35 10/10
Confidence 98%
Reports 992
Location RO RO
2 Jun 2026
2.57.122.192 10/10
Confidence 98%
Reports 19
Location RO RO
18 May 2026
193.32.162.104 10/10
Confidence 96%
Reports 150
Location RO RO
24 May 2026
2.57.122.189 10/10
Confidence 95%
Reports 19
Location RO RO
6 Jun 2026
193.32.162.28 10/10
Confidence 94%
Reports 5,435
Location RO RO
25 May 2026
92.118.39.63 10/10
Confidence 94%
Reports 3,060
Location US US
25 May 2026
193.32.162.34 10/10
Confidence 94%
Reports 1,819
Location RO RO
2 Jun 2026
80.94.92.187 10/10
Confidence 94%
Reports 811
Location RO RO
13 Jan 2026
193.32.162.82 10/10
Confidence 94%
Reports 682
Location RO RO
5 Jun 2026
45.148.9.8 8/10
Confidence 94%
Reports 440
Location US US
18 May 2026
193.46.255.86 10/10
Confidence 94%
Reports 393
Location RO RO
3 Jun 2026
80.94.92.186 10/10
Confidence 94%
Reports 303
Location RO RO
2 Jun 2026
80.94.92.166 10/10
Confidence 94%
Reports 200
Location RO RO
9 Jan 2026
92.118.39.97 10/10
Confidence 94%
Reports 32
Location US US
9 Jun 2026
2.57.122.53 10/10
Confidence 94%
Reports 30
Location RO RO
14 May 2026
92.118.39.236 10/10
Confidence 94%
Reports 23
Location RO RO
7 Jun 2026
2.57.122.196 10/10
Confidence 94%
Reports 13
Location RO RO
28 May 2026
92.118.39.59 8/10
Confidence 93%
Reports 44
Location US US
9 Jun 2026
2.57.122.162 10/10
Confidence 92%
Reports 18
Location RO RO
5 May 2026

IPs from the same subnet range, likely same network segment.

20 Related IPs
9.8/10 Avg Threat
77% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
92.118.39.63 10/10
Confidence 94%
Reports 3,060
Location US US
25 May 2026
92.118.39.97 10/10
Confidence 94%
Reports 32
Location US US
9 Jun 2026
92.118.39.236 10/10
Confidence 94%
Reports 23
Location RO RO
7 Jun 2026
92.118.39.59 8/10
Confidence 93%
Reports 44
Location US US
9 Jun 2026
92.118.39.196 10/10
Confidence 79%
Reports 10
Location RO RO
19 May 2026
92.118.39.30 10/10
Confidence 77%
Reports 479
Location RO RO
12 Apr 2026
92.118.39.36 10/10
Confidence 76%
Reports 204
Location US US
15 May 2026
92.118.39.194 8/10
Confidence 76%
Reports 6
Location RO RO
8 Jun 2026
92.118.39.62 10/10
Confidence 73%
Reports 12,949
Location US US
9 Jun 2026
92.118.39.100 10/10
Confidence 72%
Reports 199
Location US US
19 Mar 2026
92.118.39.83 10/10
Confidence 72%
Reports 198
Location US US
19 Mar 2026
92.118.39.34 10/10
Confidence 72%
Reports 182
Location US US
19 Mar 2026
92.118.39.115 10/10
Confidence 72%
Reports 161
Location US US
19 Mar 2026
92.118.39.76 10/10
Confidence 71%
Reports 234
Location US US
17 Apr 2026
92.118.39.56 10/10
Confidence 71%
Reports 230
Location US US
17 Apr 2026
92.118.39.72 10/10
Confidence 70%
Reports 303
Location US US
16 Apr 2026
92.118.39.152 10/10
Confidence 70%
Reports 251
Location RO RO
19 Mar 2026
92.118.39.95 10/10
Confidence 70%
Reports 223
Location US US
16 Apr 2026
92.118.39.180 10/10
Confidence 70%
Reports 140
Location RO RO
18 Mar 2026
92.118.39.101 10/10
Confidence 69%
Reports 325
Location US US
15 Mar 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.3/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
208.109.188.137 8/10
Confidence 100%
Reports 514
ISP GO-DADDY-COM-LLC
9 Jun 2026
50.6.7.129 8/10
Confidence 100%
Reports 447
ISP ORACLE-BMC-31898
22 May 2026
72.167.150.128 8/10
Confidence 100%
Reports 429
ISP GO-DADDY-COM-LLC
27 May 2026
50.6.229.148 8/10
Confidence 100%
Reports 346
ISP ORACLE-BMC-31898
9 May 2026
87.121.84.30 8/10
Confidence 100%
Reports 295
ISP Vpsvault.host Ltd
20 Apr 2026
50.6.226.221 10/10
Confidence 100%
Reports 223
ISP ORACLE-BMC-31898
2 Mar 2026
31.57.184.107 8/10
Confidence 100%
Reports 202
ISP Netiface LLC
3 Jun 2026
64.31.25.250 8/10
Confidence 100%
Reports 176
ISP Limestone Netwo...
8 Jun 2026
74.206.180.196 8/10
Confidence 100%
Reports 143
ISP MOJOHOST
4 Jun 2026
35.226.7.126 8/10
Confidence 100%
Reports 131
ISP Google LLC
18 May 2026
147.135.37.185 8/10
Confidence 100%
Reports 131
ISP OVH SAS
14 May 2026
162.241.152.21 8/10
Confidence 100%
Reports 126
ISP Network Solutio...
8 Jun 2026
38.95.35.74 8/10
Confidence 100%
Reports 112
ISP Limestone Netwo...
2 Jun 2026
50.6.169.131 8/10
Confidence 100%
Reports 106
ISP Network Solutio...
6 Jun 2026
162.214.206.32 10/10
Confidence 100%
Reports 98
ISP Unified Layer
30 May 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.7/10 Avg Threat
70% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
207.90.244.26 8/10
Confidence 70%
Reports 17,657
Location US US
9 Jun 2026
45.82.78.103 10/10
Confidence 70%
Reports 3,927
Location DE DE
9 Jun 2026
93.157.248.178 10/10
Confidence 70%
Reports 2,846
Location RU RU
17 May 2026
208.3.195.65 8/10
Confidence 70%
Reports 1,337
Location US US
12 Apr 2026
111.61.229.78 10/10
Confidence 70%
Reports 1,065
Location CN CN
2 Jun 2026
118.193.68.150 10/10
Confidence 70%
Reports 942
Location KR KR
3 Jun 2026
162.216.150.133 10/10
Confidence 70%
Reports 833
Location US US
6 Jun 2026
35.203.211.233 10/10
Confidence 70%
Reports 791
Location GB GB
8 Jun 2026
103.226.138.52 10/10
Confidence 70%
Reports 705
Location ID ID
7 Jun 2026
94.74.182.167 10/10
Confidence 70%
Reports 688
Location US US
12 Nov 2025
169.150.203.62 10/10
Confidence 70%
Reports 663
Location US US
8 Nov 2025
147.185.133.125 10/10
Confidence 70%
Reports 635
Location US US
7 Jun 2026
101.36.116.45 10/10
Confidence 70%
Reports 541
Location HK HK
7 Jun 2026
35.203.210.113 10/10
Confidence 70%
Reports 525
Location GB GB
8 Jun 2026
49.115.217.27 10/10
Confidence 70%
Reports 509
Location CN CN
8 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "92.118.39.37",
    "threat_level": 10,
    "confidence_score": 70,
    "total_reports": 260,
    "country_code": "US",
    "isp_name": "Unmanaged Ltd",
    "asn": "47890",
    "first_reported": "2025-08-21 01:05:02",
    "last_reported": "2026-03-19 09:17:22",
    "exported_at": "2026-06-09T08:11:14+02:00",
    "source": "https://reportedip.de/ip/92.118.39.37/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses