IP Address

208.3.195.65

IPv4 Public
US US
AS18632
VOLCANO-VISION
1,337 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
8/10 Threat
70% Confidence
1,337 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
US
US Location
VOLCANO-VISION ASN 18632
1,337 Reports
Honeypot Data Source

Significant Threat

IP 208.3.195.65 is a high-risk address assessed at 8/10 threat level, linked primarily to VoIP fraud activity and representing a US-based network node with a substantial abuse history. Automated honeypot sensors and community reports recorded 1,337 total incident reports spanning from January 2026 through April 2026, indicating a concentrated burst of malicious activity followed by apparent cessation.

The evidence base for this assessment draws from 20 distinct automated honeypot sources that collectively flagged the IP across two dominant threat categories: Fraud VoIP accounting for 14 recent reports and Exploited Host contributing 6 additional reports. The network is registered to AS18632 under operator VOLCANO-VISION, situated within United States infrastructure. Despite the elevated total report volume, the activity frequency metric stands at 0/10, suggesting the malicious behavior pattern has subsided in the most recent detection windows. The 70% confidence score reflects reasonable certainty given the multiple independent detection sources and consistent threat categorization, though some uncertainty remains regarding the current operational status of this address.

Fraud VoIP exploitation involves manipulation of voice-over-internet-protocol systems to route unauthorized calls, frequently targeting premium-rate or international number ranges for direct financial extraction. The concurrent presence of Exploited Host signatures indicates this IP may simultaneously function as a compromised platform being weaponized by threat actors for outbound call fraud or as part of a broader telephony attack infrastructure. Real-world risk manifests through unauthorized charges accruing to victim organizations, potential involvement in larger telephony fraud schemes, and the broader threat of a compromised system serving as an anonymized attack pivot.

Defensive recommendations include implementing call authentication protocols such as STIR/SHAKEN frameworks to validate VoIP call origins, enforcing strict controls on premium-rate and international dialing, and monitoring call pattern anomalies that may indicate exploitation. Network operators should consider blocking this IP at the firewall level given the confirmed abuse history. Organizations running publicly accessible SSH or authentication services should ensure fail2ban or equivalent rate-limiting tools are active to mitigate credential-based attack vectors. If this IP has contacted your infrastructure, verify no unauthorized VoIP routing has occurred and consider notifying the hosting provider to report the confirmed compromise indicators.

More threatening than 79% of monitored IPs

Threat Categories

Fraud VoIP 24
Exploited Host 6

Technical Details

VoIP fraud exploits phone systems to make unauthorized calls, often to premium rate numbers for financial gain.

Recommended Mitigations

Implement call authentication, monitor call patterns, and restrict international/premium rate dialing.

High-Risk Network Association

This IP belongs to a network (ASN 18632) with elevated threat levels. The ISP VOLCANO-VISION hosts multiple reported malicious addresses, suggesting systemic security issues or permissive policies.

Network-wide patterns may indicate this is part of a larger malicious infrastructure.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 0/10 Inactive
Confidence Score 65% High Confidence

Confidence History

28. Mar 2026 - 12. Apr 2026
70% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Fraud VoIP Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Exploited Host Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
Fraud VoIP Honeypot 75%
10 of 1337 shown

Technical Details

Basic Information

IP Address
208.3.195.65
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class C

Geolocation

Country
US US
ASN
AS18632
ISP
VOLCANO-VISION

DNS Information

Reverse DNS
208-3-195-65.volcano.net
PTR Record
Yes
Connection Type
Dynamic

Statistics

Total Reports
1,337
First Reported
17 Jan 2026
Last Reported
12 Apr 2026, 07:26

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS18632
Volcano Vision, Inc.
US US

Network Threat Assessment

7/10
This network shows moderate threat levels with some malicious activity patterns.

Network Statistics

1
Total IPs Monitored
1,337
Total Reports
1337
Reports per IP

Network Context

This IP address belongs to Volcano Vision, Inc. (AS18632), which manages 1 IP addresses in our monitoring system. Out of these, 1,337 have been reported for suspicious activities, resulting in a network-wide threat level of 7/10.

Network warning: This network has elevated threat levels. Exercise caution when interacting with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

79 %

Global Threat Ranking

This IP is more threatening than 79% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,335 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 1,337 avg: 23 ++

Geographic Comparison

Compared against 38,426 IPs in US

Threat Level 8/10 country avg: 5.9 +
Total Reports 1,337 country avg: 41 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,017 threat incidents tracked globally • Last 24h: 18,967 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US THIS IP
    38,426 20.5%
  2. 02
    IN
    India IN
    28,977 15.5%
  3. 03
    CN
    China CN
    26,016 13.9%
  4. 04
    BR
    Brazil BR
    10,249 5.5%
  5. 05
    DE
    Germany DE
    7,139 3.8%
  6. 06
    SG
    Singapore SG
    6,475 3.5%
  7. 07
    ID
    Indonesia ID
    5,533 3%
  8. 08
    RU
    Russia RU
    4,701 2.5%
  9. 09
    PK
    Pakistan PK
    4,647 2.5%
  10. 10
    NL
    Netherlands NL
    4,355 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs with similar threat level and confidence scores.

15 Related IPs
9.9/10 Avg Threat
70% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
207.90.244.26 8/10
Confidence 70%
Reports 17,657
Location US US
9 Jun 2026
45.82.78.103 10/10
Confidence 70%
Reports 3,927
Location DE DE
9 Jun 2026
93.157.248.178 10/10
Confidence 70%
Reports 2,846
Location RU RU
17 May 2026
111.61.229.78 10/10
Confidence 70%
Reports 1,065
Location CN CN
2 Jun 2026
118.193.68.150 10/10
Confidence 70%
Reports 942
Location KR KR
3 Jun 2026
162.216.150.133 10/10
Confidence 70%
Reports 833
Location US US
6 Jun 2026
35.203.211.233 10/10
Confidence 70%
Reports 791
Location GB GB
8 Jun 2026
103.226.138.52 10/10
Confidence 70%
Reports 705
Location ID ID
7 Jun 2026
94.74.182.167 10/10
Confidence 70%
Reports 688
Location US US
12 Nov 2025
169.150.203.62 10/10
Confidence 70%
Reports 663
Location US US
8 Nov 2025
147.185.133.125 10/10
Confidence 70%
Reports 635
Location US US
7 Jun 2026
101.36.116.45 10/10
Confidence 70%
Reports 541
Location HK HK
7 Jun 2026
35.203.210.113 10/10
Confidence 70%
Reports 525
Location GB GB
8 Jun 2026
49.115.217.27 10/10
Confidence 70%
Reports 509
Location CN CN
8 Jun 2026
103.181.143.216 10/10
Confidence 70%
Reports 495
Location ID ID
9 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "208.3.195.65",
    "threat_level": 8,
    "confidence_score": 70,
    "total_reports": 1337,
    "country_code": "US",
    "isp_name": "VOLCANO-VISION",
    "asn": "18632",
    "first_reported": "2026-01-17 15:01:00",
    "last_reported": "2026-04-12 07:26:06",
    "exported_at": "2026-06-09T07:58:37+02:00",
    "source": "https://reportedip.de/ip/208.3.195.65/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses