IP Address

80.95.195.71

IPv4 Public
GB GB
AS51561
ICUK Computing Services Limited
606 Reports
This IP is under Observation Suspicious activity detected - monitor closely
10/10 Threat
60% Confidence
606 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 10% High Threat
GB
GB Location
ICUK Computing Services L... ASN 51561
606 Reports
Honeypot Data Source

Severe Risk

IP 80.95.195.71, allocated to ICUK Computing Services Limited in the United Kingdom under ASN AS51561, is a critical-risk address with a maximum threat level of 10/10, supported by 606 total abuse reports from automated honeypot sensors. The dominant threat activity centers on SSH brute-force attempts, supplemented by broader hacking reconnaissance, indicating a sustained automated intrusion campaign against exposed Secure Shell services.

The detection data reveals 20 separate honeypot sensors contributed to the 606 reports filed during September 2025, establishing a concentrated timeframe for this campaign. While the activity frequency metric registers at 0/10, the sheer volume of reports within a single month demonstrates aggressive, automated targeting rather than isolated probing. The 60% confidence score reflects typical uncertainty inherent in community-sourced threat data, yet the consistency across multiple independent sensors substantially corroborates the malicious classification. Geographic attribution to the United Kingdom does not diminish the threat posed; threat actors routinely operate from infrastructure in well-connected regions with mature internet ecosystems.

SSH brute-force attacks represent one of the most common initial-access vectors in unauthorized server compromise, where automated tools systematically attempt credential combinations against exposed daemons. The concrete risk extends beyond successful authentication: even failed attempts generate authentication logs that can mask genuine traffic, exhaust system resources, and signal attacker persistence. When combined with the broader hacking activity classification referencing honeypot events and command-input attempts, the evidence suggests this IP participates in credential-stuffing workflows designed to harvest or escalate access across targeted infrastructure.

Site operators exposing SSH services should immediately implement defensive controls to mitigate this threat vector. Deploying key-based authentication eliminates the password-guessing attack surface entirely, while repositioning SSH to a non-standard port reduces automated target selection. Configuring fail2ban or equivalent log-analysis tools to dynamically ban repeat offenders after a threshold of failed attempts provides automated response without manual intervention. Ensuring regular credential rotation, disabling root login over SSH, and maintaining intrusion-detection monitoring on authentication logs will further harden exposure against the attack patterns evidenced by this address.

More threatening than 90% of monitored IPs

Threat Categories

Hacking 25
SSH 5

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

High-Risk Network Association

This IP belongs to a network (ASN 51561) with elevated threat levels. The ISP ICUK Computing Services Limited hosts multiple reported malicious addresses, suggesting systemic security issues or permissive policies.

Network-wide patterns may indicate this is part of a larger malicious infrastructure.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 0/10 Inactive
Confidence Score 59% High Confidence

Confidence History

3. Sep 2025
60% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking Honeypot 75%
Hacking Honeypot 75%
SSH Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
SSH Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
SSH Honeypot 75%
Hacking Honeypot 75%
SSH Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
SSH Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
10 of 606 shown

Technical Details

Basic Information

IP Address
80.95.195.71
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
GB GB
ASN
AS51561
ISP
ICUK Computing Services Limited

DNS Information

Reverse DNS
default-80-95-195-71.interdsl.co.uk
PTR Record
Yes
Connection Type
Dynamic

Statistics

Total Reports
606
First Reported
2 Sep 2025
Last Reported
3 Sep 2025, 06:08

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS51561
ICUK Computing Services Limited
GB GB

Network Threat Assessment

10/10
This network has a high threat level with significant malicious activity reported across multiple IPs.

Network Statistics

1
Total IPs Monitored
608
Total Reports
608
Reports per IP

Network Context

This IP address belongs to ICUK Computing Services Limited (AS51561), which manages 1 IP addresses in our monitoring system. Out of these, 608 have been reported for suspicious activities, resulting in a network-wide threat level of 10/10.

Network warning: This network has elevated threat levels. Exercise caution when interacting with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

90 %

Global Threat Ranking

This IP is more threatening than 90% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,562 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 606 avg: 23 ++

Geographic Comparison

Compared against 4,298 IPs in GB

Threat Level 10/10 country avg: 5.4 ++
Total Reports 606 country avg: 27 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,269 threat incidents tracked globally • Last 24h: 19,041 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,456 20.5%
  2. 02
    IN
    India IN
    29,090 15.5%
  3. 03
    CN
    China CN
    26,026 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE
    7,143 3.8%
  6. 06
    SG
    Singapore SG
    6,476 3.5%
  7. 07
    ID
    Indonesia ID
    5,543 3%
  8. 08
    RU
    Russia RU
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,670 2.5%
  10. 10
    NL
    Netherlands NL
    4,357 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs with similar threat level and confidence scores.

15 Related IPs
9.8/10 Avg Threat
60% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
91.92.241.148 10/10
Confidence 60%
Reports 7,812
Location BG BG
4 Mar 2026
85.105.205.63 10/10
Confidence 60%
Reports 5,965
Location TR TR
14 Feb 2026
146.70.178.116 10/10
Confidence 60%
Reports 2,593
Location DE DE
28 Dec 2025
181.49.161.173 10/10
Confidence 60%
Reports 1,692
Location CO CO
4 Mar 2026
185.11.61.252 10/10
Confidence 60%
Reports 1,291
Location RU RU
6 Jan 2026
207.46.224.85 10/10
Confidence 60%
Reports 1,045
Location SG SG
22 Jan 2026
77.83.39.131 7/10
Confidence 60%
Reports 1,040
Location UA UA
5 Mar 2026
27.79.41.119 10/10
Confidence 60%
Reports 953
Location VN VN
27 Dec 2025
15.235.122.237 10/10
Confidence 60%
Reports 887
Location CA CA
3 Sep 2025
45.142.193.122 10/10
Confidence 60%
Reports 853
Location RO RO
27 Jan 2026
198.23.159.62 10/10
Confidence 60%
Reports 838
Location US US
3 Sep 2025
213.209.150.239 10/10
Confidence 60%
Reports 761
Location DE DE
15 Sep 2025
61.7.241.149 10/10
Confidence 60%
Reports 712
Location TH TH
10 Sep 2025
209.15.168.138 10/10
Confidence 60%
Reports 626
Location CA CA
5 Sep 2025
87.121.84.6 10/10
Confidence 60%
Reports 573
Location US US
18 Feb 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "80.95.195.71",
    "threat_level": 10,
    "confidence_score": 60,
    "total_reports": 606,
    "country_code": "GB",
    "isp_name": "ICUK Computing Services Limited",
    "asn": "51561",
    "first_reported": "2025-09-02 13:51:19",
    "last_reported": "2025-09-03 06:08:36",
    "exported_at": "2026-06-09T09:44:59+02:00",
    "source": "https://reportedip.de/ip/80.95.195.71/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses