IP Address

80.94.95.169

IPv4 Public
RO RO
AS204428
SS-Net
1,001 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
8/10 Threat
88% Confidence
1,001 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
RO
RO Location
SS-Net ASN 204428
1,001 Reports
Honeypot Data Source

Substantial Risk

IP 80.94.95.169, registered to SS-Net in Romania under ASN AS204428, is a high-risk address with a threat level of 8/10 and an 88% confidence score, accumulating 1,001 abuse reports across automated honeypot sensors over a concentrated reporting window. The volume of reports significantly outpaces the reported activity frequency, suggesting this IP has been flagged repeatedly for persistent or batched malicious operations rather than sustained continuous activity.

Detection data from 20 separate honeypot sensors identified the address engaging in general hacking intrusions (17 recent reports), alongside single instances of web application probing, exploitation activity, and IoT targeting. The abstract attack-pattern indicators—attack connections, web app probes, malware and exploit behavior, and directed IoT activity—reveal a multi-vector threat profile. The network's geographic origin in Romania and its association with SS-Net provide contextual background, though the operator's specific profile remains limited in public intelligence sources. The first and last reported dates fall within March and April 2026, indicating active engagement during that reporting period.

The dominant hacking category encompasses a broad range of intrusion attempts, vulnerability exploitation, and unauthorized-access activities that pose concrete risks to exposed services. Web application attacks compound this risk by targeting application-layer weaknesses, while exploitation activity suggests the deployment of malware or weaponized payloads. IoT targeting indicates the IP may be leveraged in campaigns against internet-of-things devices, which often lack robust security controls. Combined, these patterns suggest this address is used by an actor—or compromised host—capable of executing diverse offensive operations.

Site operators should block IP 80.94.95.169 at the firewall or network edge and monitor inbound traffic from this address for any attempted connections. Implementing rate-limiting and strong authentication mechanisms—particularly on services exposed to the internet—reduces the effectiveness of intrusion attempts. Deploying a web application firewall provides an additional layer of defense against application-layer probes. Regularly auditing exposed services, enforcing prompt patching cycles, and using intrusion-detection tools such as fail2ban or equivalent solutions help mitigate exploitation risks from addresses exhibiting this activity profile.

More threatening than 81% of monitored IPs

Threat Categories

Hacking 26
IoT Targeted 3
Web App Attack 2
Exploited Host 2

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

High-Risk Network Association

This IP belongs to a network (ASN 204428) with elevated threat levels. The ISP SS-Net hosts multiple reported malicious addresses, suggesting systemic security issues or permissive policies.

Network-wide patterns may indicate this is part of a larger malicious infrastructure.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 0/10 Inactive
Confidence Score 69% High Confidence

Confidence History

29. Mar 2026 - 24. Apr 2026
88% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Web App Attack Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Exploited Host Honeypot 75%
Hacking Honeypot 75%
IoT Targeted Honeypot 75%
Hacking Honeypot 75%
IoT Targeted Hacking Honeypot x2 75%
Exploited Host Honeypot 75%
IoT Targeted Hacking Web App Attack Honeypot x3 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
10 of 1001 shown

Technical Details

Basic Information

IP Address
80.94.95.169
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
RO RO
ASN
AS204428
ISP
SS-Net

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
1,001
First Reported
17 Mar 2026
Last Reported
24 Apr 2026, 12:08

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS204428
SS-Net
RO RO

Network Threat Assessment

8/10
This network has a high threat level with significant malicious activity reported across multiple IPs.

Network Statistics

43
Total IPs Monitored
36,130
Total Reports
840.2
Reports per IP

Network Context

This IP address belongs to SS-Net (AS204428), which manages 43 IP addresses in our monitoring system. Out of these, 36,130 have been reported for suspicious activities, resulting in a network-wide threat level of 8/10.

Network warning: This network has elevated threat levels. Exercise caution when interacting with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

81 %

Global Threat Ranking

This IP is more threatening than 81% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,209 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 1,001 avg: 23 ++

Network Comparison

Compared against 43 IPs in ASN 204428

Threat Level 8/10 network avg: 7.7 =
Total Reports 1,001 network avg: 844 +
Network SS-Net has overall threat level 8/10

Geographic Comparison

Compared against 627 IPs in RO

Threat Level 8/10 country avg: 6.2 +
Total Reports 1,001 country avg: 259 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

186,914 threat incidents tracked globally • Last 24h: 18,893 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,421 20.6%
  2. 02
    IN
    India IN
    28,931 15.5%
  3. 03
    CN
    China CN
    26,004 13.9%
  4. 04
    BR
    Brazil BR
    10,236 5.5%
  5. 05
    DE
    Germany DE
    7,138 3.8%
  6. 06
    SG
    Singapore SG
    6,475 3.5%
  7. 07
    ID
    Indonesia ID
    5,522 3%
  8. 08
    RU
    Russia RU
    4,700 2.5%
  9. 09
    PK
    Pakistan PK
    4,646 2.5%
  10. 10
    NL
    Netherlands NL
    4,354 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
9.6/10 Avg Threat
79% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
80.94.95.211 10/10
Confidence 100%
Reports 49
Location RO RO
8 Jun 2026
80.94.95.7 7/10
Confidence 96%
Reports 31
Location RO RO
16 May 2026
80.94.95.110 10/10
Confidence 94%
Reports 21
Location RO RO
20 Apr 2026
80.94.95.40 10/10
Confidence 94%
Reports 16
Location RO RO
30 Apr 2026
80.94.95.83 10/10
Confidence 93%
Reports 487
Location RO RO
8 Jun 2026
80.94.95.116 10/10
Confidence 91%
Reports 38
Location RO RO
8 Jun 2026
80.94.95.242 7/10
Confidence 91%
Reports 26
Location RO RO
27 May 2026
80.94.95.43 10/10
Confidence 87%
Reports 293
Location RO RO
7 Jun 2026
80.94.95.221 10/10
Confidence 82%
Reports 468
Location RO RO
8 Jun 2026
80.94.95.115 10/10
Confidence 78%
Reports 105
Location RO RO
2 Jun 2026
80.94.95.71 10/10
Confidence 78%
Reports 14
Location RO RO
16 Apr 2026
80.94.95.248 10/10
Confidence 77%
Reports 18
Location RO RO
4 Dec 2025
80.94.95.216 7/10
Confidence 76%
Reports 160
Location RO RO
15 Apr 2026
80.94.95.118 10/10
Confidence 73%
Reports 497
Location RO RO
9 Jun 2026
80.94.95.173 10/10
Confidence 66%
Reports 8
Location RO RO
29 May 2026
80.94.95.202 10/10
Confidence 65%
Reports 8
Location RO RO
4 Jun 2026
80.94.95.25 10/10
Confidence 63%
Reports 224
Location RO RO
2 Oct 2025
80.94.95.75 10/10
Confidence 62%
Reports 82
Location RO RO
27 Jan 2026
80.94.95.15 10/10
Confidence 61%
Reports 29,208
Location RO RO
30 Sep 2025
80.94.95.112 10/10
Confidence 61%
Reports 3,047
Location RO RO
1 Oct 2025

IPs from the same subnet range, likely same network segment.

20 Related IPs
9.6/10 Avg Threat
79% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
80.94.95.211 10/10
Confidence 100%
Reports 49
Location RO RO
8 Jun 2026
80.94.95.7 7/10
Confidence 96%
Reports 31
Location RO RO
16 May 2026
80.94.95.110 10/10
Confidence 94%
Reports 21
Location RO RO
20 Apr 2026
80.94.95.40 10/10
Confidence 94%
Reports 16
Location RO RO
30 Apr 2026
80.94.95.83 10/10
Confidence 93%
Reports 487
Location RO RO
8 Jun 2026
80.94.95.116 10/10
Confidence 91%
Reports 38
Location RO RO
8 Jun 2026
80.94.95.242 7/10
Confidence 91%
Reports 26
Location RO RO
27 May 2026
80.94.95.43 10/10
Confidence 87%
Reports 293
Location RO RO
7 Jun 2026
80.94.95.221 10/10
Confidence 82%
Reports 468
Location RO RO
8 Jun 2026
80.94.95.115 10/10
Confidence 78%
Reports 105
Location RO RO
2 Jun 2026
80.94.95.71 10/10
Confidence 78%
Reports 14
Location RO RO
16 Apr 2026
80.94.95.248 10/10
Confidence 77%
Reports 18
Location RO RO
4 Dec 2025
80.94.95.216 7/10
Confidence 76%
Reports 160
Location RO RO
15 Apr 2026
80.94.95.118 10/10
Confidence 73%
Reports 497
Location RO RO
9 Jun 2026
80.94.95.173 10/10
Confidence 66%
Reports 8
Location RO RO
29 May 2026
80.94.95.202 10/10
Confidence 65%
Reports 8
Location RO RO
4 Jun 2026
80.94.95.25 10/10
Confidence 63%
Reports 224
Location RO RO
2 Oct 2025
80.94.95.75 10/10
Confidence 62%
Reports 82
Location RO RO
27 Jan 2026
80.94.95.15 10/10
Confidence 61%
Reports 29,208
Location RO RO
30 Sep 2025
80.94.95.112 10/10
Confidence 61%
Reports 3,047
Location RO RO
1 Oct 2025

IPs from the same country with similar threat profiles.

15 Related IPs
9.5/10 Avg Threat
96% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
80.94.95.211 10/10
Confidence 100%
Reports 49
ISP SS-Net
8 Jun 2026
82.152.132.24 10/10
Confidence 100%
Reports 36
ISP X-zone It Srl
6 Jun 2026
193.32.162.192 7/10
Confidence 100%
Reports 31
ISP Unmanaged Ltd
25 Dec 2025
193.32.162.35 10/10
Confidence 98%
Reports 992
ISP Unmanaged Ltd
2 Jun 2026
2.57.122.192 10/10
Confidence 98%
Reports 19
ISP Unmanaged Ltd
18 May 2026
89.44.137.240 8/10
Confidence 97%
Reports 30
ISP ROMARG SRL
26 Feb 2026
193.32.162.104 10/10
Confidence 96%
Reports 150
ISP Unmanaged Ltd
24 May 2026
80.94.95.7 7/10
Confidence 96%
Reports 31
ISP SS-Net
16 May 2026
2.57.122.189 10/10
Confidence 95%
Reports 19
ISP Unmanaged Ltd
6 Jun 2026
193.32.162.28 10/10
Confidence 94%
Reports 5,435
ISP Unmanaged Ltd
25 May 2026
193.32.162.34 10/10
Confidence 94%
Reports 1,819
ISP Unmanaged Ltd
2 Jun 2026
80.94.92.187 10/10
Confidence 94%
Reports 811
ISP Unmanaged Ltd
13 Jan 2026
193.32.162.82 10/10
Confidence 94%
Reports 682
ISP Unmanaged Ltd
5 Jun 2026
45.142.193.6 10/10
Confidence 94%
Reports 553
ISP Skynet Network Ltd
23 May 2026
193.46.255.86 10/10
Confidence 94%
Reports 393
ISP Unmanaged Ltd
3 Jun 2026

IPs with similar threat level and confidence scores.

15 Related IPs
8.9/10 Avg Threat
88% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
80.94.92.183 10/10
Confidence 88%
Reports 5,389
Location RO RO
18 May 2026
176.65.149.64 10/10
Confidence 88%
Reports 5,346
Location NL NL
9 Jun 2026
178.128.32.203 8/10
Confidence 88%
Reports 4,651
Location GB GB
9 Jun 2026
79.124.59.78 10/10
Confidence 88%
Reports 3,364
Location BG BG
9 Jun 2026
35.240.174.82 10/10
Confidence 88%
Reports 1,724
Location SG SG
31 May 2026
204.76.203.73 10/10
Confidence 88%
Reports 1,724
Location NL NL
26 May 2026
106.75.137.178 10/10
Confidence 88%
Reports 973
Location CN CN
9 Jun 2026
185.242.3.100 7/10
Confidence 88%
Reports 791
Location NL NL
13 May 2026
207.90.244.17 8/10
Confidence 88%
Reports 641
Location US US
9 Jun 2026
65.49.20.69 8/10
Confidence 88%
Reports 570
Location US US
9 Jun 2026
64.62.156.108 8/10
Confidence 88%
Reports 537
Location US US
9 Jun 2026
93.174.93.12 8/10
Confidence 88%
Reports 506
Location NL NL
9 Jun 2026
167.94.146.56 8/10
Confidence 88%
Reports 504
Location US US
9 Jun 2026
167.94.146.62 10/10
Confidence 88%
Reports 500
Location US US
8 Jun 2026
64.62.197.167 8/10
Confidence 88%
Reports 495
Location US US
9 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "80.94.95.169",
    "threat_level": 8,
    "confidence_score": 88,
    "total_reports": 1001,
    "country_code": "RO",
    "isp_name": "SS-Net",
    "asn": "204428",
    "first_reported": "2026-03-17 21:51:10",
    "last_reported": "2026-04-24 12:08:46",
    "exported_at": "2026-06-09T06:57:34+02:00",
    "source": "https://reportedip.de/ip/80.94.95.169/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses