IP Address

80.75.212.83

IPv4 Public
DE DE
AS49581
Tube-Hosting
539 Reports
This IP is under Observation Suspicious activity detected - monitor closely
10/10 Threat
63% Confidence
539 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 10% High Threat
DE
DE Location
Tube-Hosting ASN 49581
539 Reports
Honeypot Data Source

Critical Alert

IP 80.75.212.83, allocated to Tube-Hosting under ASN AS49581 and geolocated to Germany, is a critical-risk address associated with widespread hacking activity, having generated 539 abuse reports from automated honeypot sensors during a concentrated reporting window spanning September to October 2025.

The dataset supporting this assessment draws from 20 distinct automated honeypot sources that collectively recorded honeypot events and attack connections attributed to this endpoint. Despite a moderate 63% confidence score, the volume of reports is substantial and indicates persistent malicious behavior rather than isolated scanning. The network operator, Tube-Hosting, operates this German IP space in a manner consistent with hosting environments that may inadvertently serve as launch points for automated intrusion campaigns. The activity frequency metric of 0/10 suggests that while report volume is high, the active scanning cadence may have paused at the time of last reporting, which is typical of botnets that rotate through compromised infrastructure on irregular schedules.

The dominant threat classification is hacking activity, encompassing intrusion attempts, exploitation attempts against vulnerable services, and unauthorized access probes. This pattern typically indicates that the address is being used to systematically probe internet-facing systems for weaknesses, often through scripted tools that attempt to identify misconfigured or unpatched services. The real-world risk manifests as potential credential compromise, service disruption, or foothold establishment for further network intrusion if any exposed system proves vulnerable.

Site operators should treat connections from this address as hostile and block it at the firewall or network edge. Implementing fail2ban or equivalent dynamic blocking tools can automate this process for SSH and similar services. Enforcing strong authentication policies, disabling unused services, and ensuring timely patching of internet-facing software significantly reduces the attack surface. Continuous monitoring with intrusion detection systems will capture any follow-up activity from adjacent infrastructure.

More threatening than 91% of monitored IPs

Threat Categories

Hacking 30

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Moderate Network Risk

The network hosting this IP (ASN 49581, operated by Tube-Hosting) shows moderate threat indicators. Some concerning activity has been detected from neighboring addresses.

Consider the network context when assessing this individual IP.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 0/10 Inactive
Confidence Score 59% High Confidence

Confidence History

6. Oct 2025
63% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
10 of 539 shown

Technical Details

Basic Information

IP Address
80.75.212.83
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
DE DE
ASN
AS49581
ISP
Tube-Hosting

DNS Information

Reverse DNS
tube-server.com
PTR Record
Yes
Connection Type
Static

Statistics

Total Reports
539
First Reported
29 Sep 2025
Last Reported
6 Oct 2025, 21:27

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS49581
Tube-Hosting
DE DE

Network Threat Assessment

4/10
This network has low threat indicators with minimal suspicious activity.

Network Statistics

16
Total IPs Monitored
1,472
Total Reports
92
Reports per IP

Network Context

This IP address belongs to Tube-Hosting (AS49581), which manages 16 IP addresses in our monitoring system. Out of these, 1,472 have been reported for suspicious activities, resulting in a network-wide threat level of 4/10.

Network notice: This network shows some suspicious activity patterns. Monitor interactions with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

91 %

Global Threat Ranking

This IP is more threatening than 91% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 198,829 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 539 avg: 23 ++

Network Comparison

Compared against 20 IPs in ASN 49581

Threat Level 10/10 network avg: 6.4 ++
Total Reports 539 network avg: 89 ++
Network Tube-Hosting has overall threat level 4/10

Geographic Comparison

Compared against 7,134 IPs in DE

Threat Level 10/10 country avg: 5.8 ++
Total Reports 539 country avg: 61 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

186,577 threat incidents tracked globally • Last 24h: 18,644 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,346 20.6%
  2. 02
    IN
    India IN
    28,859 15.5%
  3. 03
    CN
    China CN
    25,975 13.9%
  4. 04
    BR
    Brazil BR
    10,216 5.5%
  5. 05
    DE
    Germany DE THIS IP
    7,134 3.8%
  6. 06
    SG
    Singapore SG
    6,459 3.5%
  7. 07
    ID
    Indonesia ID
    5,497 2.9%
  8. 08
    RU
    Russia RU
    4,696 2.5%
  9. 09
    PK
    Pakistan PK
    4,635 2.5%
  10. 10
    NL
    Netherlands NL
    4,351 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same subnet range, likely same network segment.

2 Related IPs
10/10 Avg Threat
78% Avg Confidence
2 High Threat
High-risk network: Majority of related IPs are flagged
80.75.212.14 10/10
Confidence 94%
Reports 16
Location DE DE
30 Apr 2026
80.75.212.17 10/10
Confidence 61%
Reports 60
Location DE DE
11 Sep 2025

IPs from the same country with similar threat profiles.

15 Related IPs
8.6/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
45.92.11.94 8/10
Confidence 100%
Reports 274
ISP Contabo GmbH
1 Mar 2026
88.198.64.173 8/10
Confidence 100%
Reports 174
ISP Hetzner Online ...
22 May 2026
159.100.13.237 8/10
Confidence 100%
Reports 169
ISP Ultahost, Inc.
6 May 2026
46.224.234.158 8/10
Confidence 100%
Reports 122
ISP Hetzner Online ...
9 Jun 2026
5.83.135.249 8/10
Confidence 100%
Reports 116
ISP active 1 GmbH
7 Jun 2026
3.70.164.132 8/10
Confidence 100%
Reports 99
ISP Amazon.com, Inc.
19 May 2026
118.193.59.142 7/10
Confidence 100%
Reports 89
ISP UCLOUD INFORMAT...
5 Jun 2026
94.26.106.90 8/10
Confidence 100%
Reports 86
ISP dataforest GmbH
7 Jun 2026
49.12.3.147 10/10
Confidence 100%
Reports 78
ISP Hetzner Online ...
31 May 2026
94.26.106.111 10/10
Confidence 100%
Reports 75
ISP dataforest GmbH
13 May 2026
80.158.109.51 10/10
Confidence 100%
Reports 73
ISP T-Systems Inter...
6 Jun 2026
212.224.100.2 10/10
Confidence 100%
Reports 61
ISP firstcolo GmbH
31 May 2026
94.130.219.13 10/10
Confidence 100%
Reports 58
ISP Hetzner Online ...
9 May 2026
5.83.135.102 8/10
Confidence 100%
Reports 44
ISP AltunHOST LTD
8 Jun 2026
94.26.106.209 8/10
Confidence 100%
Reports 38
ISP dataforest GmbH
4 Jun 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.2/10 Avg Threat
63% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
3.130.96.91 8/10
Confidence 63%
Reports 43,462
Location US US
4 Feb 2026
3.134.148.59 8/10
Confidence 63%
Reports 14,980
Location US US
4 Feb 2026
92.118.39.87 10/10
Confidence 63%
Reports 14,713
Location US US
18 Apr 2026
87.120.191.13 10/10
Confidence 63%
Reports 13,131
Location US US
19 Feb 2026
3.137.73.221 8/10
Confidence 63%
Reports 10,228
Location US US
4 Feb 2026
3.132.23.201 8/10
Confidence 63%
Reports 9,576
Location US US
4 Feb 2026
3.149.59.26 8/10
Confidence 63%
Reports 8,795
Location US US
4 Feb 2026
167.250.224.25 10/10
Confidence 63%
Reports 8,244
Location BR BR
14 May 2026
176.117.107.74 10/10
Confidence 63%
Reports 5,739
Location NL NL
21 Dec 2025
142.202.188.211 10/10
Confidence 63%
Reports 4,136
Location US US
8 Apr 2026
176.117.107.91 10/10
Confidence 63%
Reports 3,994
Location NL NL
17 Dec 2025
196.251.70.234 10/10
Confidence 63%
Reports 3,796
Location SC SC
15 Oct 2025
45.88.186.70 8/10
Confidence 63%
Reports 3,632
Location NL NL
2 Feb 2026
2.57.122.209 10/10
Confidence 63%
Reports 2,573
Location RO RO
10 Feb 2026
64.188.91.248 10/10
Confidence 63%
Reports 2,232
Location DE DE
3 Mar 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "80.75.212.83",
    "threat_level": 10,
    "confidence_score": 63,
    "total_reports": 539,
    "country_code": "DE",
    "isp_name": "Tube-Hosting",
    "asn": "49581",
    "first_reported": "2025-09-29 06:18:46",
    "last_reported": "2025-10-06 21:27:50",
    "exported_at": "2026-06-09T02:13:57+02:00",
    "source": "https://reportedip.de/ip/80.75.212.83/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses