IP Address

195.250.79.2

IPv4 Public
AM AM
AS49800
GNC-Alfa CJSC
275 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
10/10 Threat
94% Confidence
275 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 5% Most Dangerous
AM
AM Location
GNC-Alfa CJSC ASN 49800
275 Reports
Honeypot Data Source

Critical Alert

IP 195.250.79.2 is a high-risk address linked to sustained hacking activity originating from Armenia, with a threat level of 10/10 and a confidence score of 94% based on 253 abuse reports submitted over a three-month window between March and June 2026. This IP demonstrates persistent malicious behavior consistent with systematic intrusion attempts against exposed network services.

Network telemetry indicates that all 253 reports were generated by automated honeypot sensors distributed across multiple reporting nodes, producing an activity frequency rating of 8/10. The IP is routed through ASN AS49800, operated by GNC-Alfa CJSC, an Armenian network entity. The concentration of reports exclusively from honeypot infrastructure rather than production networks suggests the attacking infrastructure is specifically designed to probe and exploit vulnerable services at scale, likely as part of an automated scanning campaign.

The dominant threat classification of "hacking" encompasses a broad spectrum of intrusion activities, including attempts to exploit known vulnerabilities, brute-force authentication attacks, and probing for misconfigured services. For organizations with exposed SSH, FTP, HTTP or similar services, such an IP represents a concrete risk of unauthorized access, data exfiltration, or use of compromised systems as pivots for deeper network intrusion. The sustained volume of reports over several months indicates persistent, rather than opportunistic, targeting.

Site operators should immediately block 195.250.79.2 at the firewall or network edge, implement strict inbound traffic rules for Armenian address space if remote access is not business-critical, and deploy rate-limiting on authentication endpoints to mitigate credential-guessing attempts. Maintaining up-to-date patching cycles, enabling intrusion detection alerts on repeated connection failures, and leveraging defensive tooling such as fail2ban or equivalent log-analysis frameworks will further reduce exposure to the scanning patterns this IP exhibits.

More threatening than 98% of monitored IPs

Threat Categories

Hacking 30

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Behavioral Analysis

Activity Pattern: Consistent Activity

Steady malicious activity over 4 weeks indicates persistent threat actor operations.

First Observed 11. May 2026
Last Activity 9. June 2026
Recent (7 days) 21 incidents

Reputable Network

This IP is hosted on a network (ASN 49800) with generally good reputation. The ISP GNC-Alfa CJSC maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Long-term blocking recommended.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 8/10 High
Confidence Score 94% Verified

Confidence History

31. May 2026 - 9. Jun 2026
94% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
New Hacking Honeypot 75%
New Hacking Honeypot 75%
New Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
10 of 275 shown

Technical Details

Basic Information

IP Address
195.250.79.2
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class C

Geolocation

Country
AM AM
ASN
AS49800
ISP
GNC-Alfa CJSC

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
275
First Reported
19 Mar 2026
Last Reported
9 Jun 2026, 08:10

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS49800
GNC-Alfa CJSC
AM AM

Network Threat Assessment

2/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

14
Total IPs Monitored
339
Total Reports
24.2
Reports per IP

Network Context

This IP address belongs to GNC-Alfa CJSC (AS49800), which manages 14 IP addresses in our monitoring system. Out of these, 339 have been reported for suspicious activities, resulting in a network-wide threat level of 2/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

98 %

Global Threat Ranking

This IP is more threatening than 98% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,723 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 275 avg: 23 ++

Network Comparison

Compared against 29 IPs in ASN 49800

Threat Level 10/10 network avg: 4.8 ++
Total Reports 275 network avg: 19 ++
Network GNC-Alfa CJSC has overall threat level 2/10

Geographic Comparison

Compared against 128 IPs in AM

Threat Level 10/10 country avg: 5.4 ++
Total Reports 275 country avg: 15 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,378 threat incidents tracked globally • Last 24h: 18,990 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,468 20.5%
  2. 02
    IN
    India IN
    29,138 15.6%
  3. 03
    CN
    China CN
    26,029 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE
    7,144 3.8%
  6. 06
    SG
    Singapore SG
    6,476 3.5%
  7. 07
    ID
    Indonesia ID
    5,551 3%
  8. 08
    RU
    Russia RU
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,677 2.5%
  10. 10
    NL
    Netherlands NL
    4,358 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
4.7/10 Avg Threat
46% Avg Confidence
11 High Threat
High-risk network: Majority of related IPs are flagged
78.109.71.149 8/10
Confidence 98%
Reports 36
Location AM AM
3 Jun 2026
195.250.72.168 10/10
Confidence 94%
Reports 64
Location AM AM
18 May 2026
37.186.124.222 10/10
Confidence 65%
Reports 37
Location AM AM
16 Oct 2025
195.250.92.182 10/10
Confidence 61%
Reports 8
Location AM AM
15 May 2026
195.250.66.170 10/10
Confidence 59%
Reports 84
Location AM AM
3 Feb 2026
37.186.115.105 0/10
Confidence 56%
Reports 4
Location AM AM
16 Apr 2026
31.47.192.146 0/10
Confidence 56%
Reports 4
Location AM AM
20 Apr 2026
195.250.76.85 7/10
Confidence 44%
Reports 2
Location AM AM
28 Apr 2026
62.89.6.114 10/10
Confidence 41%
Reports 3
Location AM AM
3 Jun 2026
62.89.21.105 0/10
Confidence 40%
Reports 2
Location AM AM
18 Mar 2026
78.109.79.104 7/10
Confidence 31%
Reports 3
Location AM AM
5 Jun 2026
37.186.72.62 7/10
Confidence 30%
Reports 5
Location AM AM
18 Feb 2026
37.186.114.96 0/10
Confidence 30%
Reports 1
Location AM AM
16 May 2026
37.186.73.114 0/10
Confidence 30%
Reports 1
Location AM AM
1 Apr 2026
62.89.27.96 7/10
Confidence 30%
Reports 1
Location AM AM
4 Jun 2026
37.186.126.33 0/10
Confidence 30%
Reports 1
Location AM AM
16 May 2026
62.89.0.10 0/10
Confidence 30%
Reports 1
Location AM AM
16 May 2026
62.89.30.31 7/10
Confidence 30%
Reports 1
Location AM AM
22 May 2026
2a02:2a57:2bc3:0:8dbd:aea5:7e6:2aa 0/10
Confidence 29%
Reports 2
Location AM AM
16 May 2026
2a02:2a57:16fb:0:85f4:79a3:a3e6:d516 0/10
Confidence 29%
Reports 1
Location AM AM
22 Apr 2026

IPs from the same country with similar threat profiles.

15 Related IPs
9.1/10 Avg Threat
90% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
46.162.203.179 8/10
Confidence 98%
Reports 53
ISP Ucom CJSC
5 Jun 2026
78.109.71.149 8/10
Confidence 98%
Reports 36
ISP GNC-Alfa CJSC
3 Jun 2026
77.105.130.18 10/10
Confidence 97%
Reports 12
ISP Closed Joint St...
29 May 2026
37.157.212.188 8/10
Confidence 96%
Reports 30
ISP Ucom CJSC
9 Jun 2026
46.70.206.6 10/10
Confidence 96%
Reports 11
ISP Supercom LLC
1 Jun 2026
176.32.193.16 8/10
Confidence 94%
Reports 260
ISP Ucom CJSC
8 Jun 2026
195.250.72.168 10/10
Confidence 94%
Reports 64
ISP GNC-Alfa CJSC
18 May 2026
194.156.103.11 8/10
Confidence 93%
Reports 16
ISP Global Connecti...
20 May 2026
45.129.185.7 8/10
Confidence 90%
Reports 57
ISP Global Connecti...
5 Jun 2026
109.75.47.10 8/10
Confidence 89%
Reports 40
ISP Ucom CJSC
9 Jun 2026
212.34.246.3 10/10
Confidence 89%
Reports 12
ISP Ucom CJSC
25 May 2026
46.162.209.20 10/10
Confidence 87%
Reports 23
ISP Ucom CJSC
5 Jun 2026
178.160.228.51 10/10
Confidence 81%
Reports 31
ISP Telecom Armenia...
5 May 2026
178.160.211.119 10/10
Confidence 79%
Reports 24
ISP Telecom Armenia...
13 Dec 2025
109.75.40.243 10/10
Confidence 69%
Reports 46
ISP Ucom CJSC
31 May 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.7/10 Avg Threat
94% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
193.32.162.28 10/10
Confidence 94%
Reports 5,435
Location RO RO
25 May 2026
51.68.207.118 10/10
Confidence 94%
Reports 5,263
Location FR FR
9 Jun 2026
185.246.128.133 10/10
Confidence 94%
Reports 5,117
Location SE SE
9 Jun 2026
185.233.247.245 8/10
Confidence 94%
Reports 3,686
Location TR TR
6 Jun 2026
49.12.27.102 10/10
Confidence 94%
Reports 3,548
Location DE DE
8 Jun 2026
128.199.240.7 10/10
Confidence 94%
Reports 3,512
Location SG SG
25 May 2026
162.55.119.195 10/10
Confidence 94%
Reports 3,404
Location DE DE
30 Apr 2026
66.132.172.162 10/10
Confidence 94%
Reports 3,326
Location US US
9 Jun 2026
66.132.172.165 10/10
Confidence 94%
Reports 3,323
Location US US
9 Jun 2026
66.132.172.175 10/10
Confidence 94%
Reports 3,317
Location US US
9 Jun 2026
66.132.172.164 10/10
Confidence 94%
Reports 3,310
Location US US
9 Jun 2026
66.132.172.167 10/10
Confidence 94%
Reports 3,304
Location US US
9 Jun 2026
66.132.172.171 10/10
Confidence 94%
Reports 3,291
Location US US
9 Jun 2026
66.132.172.160 8/10
Confidence 94%
Reports 3,274
Location US US
9 Jun 2026
66.132.172.161 10/10
Confidence 94%
Reports 3,273
Location US US
9 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "195.250.79.2",
    "threat_level": 10,
    "confidence_score": 94,
    "total_reports": 275,
    "country_code": "AM",
    "isp_name": "GNC-Alfa CJSC",
    "asn": "49800",
    "first_reported": "2026-03-19 13:50:47",
    "last_reported": "2026-06-09 08:10:06",
    "exported_at": "2026-06-09T10:51:23+02:00",
    "source": "https://reportedip.de/ip/195.250.79.2/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses