IP Address

80.94.92.71

IPv4 Public
RO RO
AS47890
Unmanaged Ltd
1,718 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
10/10 Threat
83% Confidence
1,718 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 5% Most Dangerous
RO
RO Location
Unmanaged Ltd ASN 47890
1,718 Reports
Honeypot Data Source

Critical Threat

IP address 80.94.92.71 is a high-risk source of malicious activity classified at threat level 10/10, with automated honeypot sensors recording over 1,700 separate incident reports spanning roughly seven months of continuous operation originating from Romanian network infrastructure.

The address, registered to AS47890 under the operator Unmanaged Ltd, generated 1,716 abuse reports from automated honeypot sensors between November 2025 and June 2026, yielding a confidence score of 84 percent and an activity frequency rating of 5/10 — indicating persistent, sustained malicious behavior rather than a brief opportunistic scan. All 20 of the most recent categorized reports classify the activity as hacking, with detection signatures consistently flagging SSH sessions established on unusual non-standard ports and protocol anomalies where only one direction of communication followed expected patterns. This signature profile strongly suggests the address is being used to probe and compromise exposed SSH services through techniques designed to evade basic detection mechanisms that monitor only standard port configurations.

The attack patterns observed — including SSH sessions on non-standard ports and bidirectional protocol mismatches — represent a calculated reconnaissance and intrusion strategy where threat actors route authentication attempts through unusual port numbers to bypass naive firewall rules and signature-based detection that assumes SSH operates exclusively on port 22. These methods enable automated credential stuffing and brute-force campaigns against any exposed SSH service regardless of its configured listening port, making traditional port-blocking alone insufficient as a defensive measure for any publicly accessible Linux infrastructure.

Organizations with exposed SSH services should immediately audit authentication logs for unusual source addresses, implement fail2ban or equivalent dynamic blocking mechanisms tuned to detect rapid authentication failures, enforce key-based authentication with password authentication disabled entirely, and ensure all SSH daemons are updated to versions supporting modern encryption standards. Network operators should also consider implementing strict outbound connection logging and rate-limiting policies to disrupt the infrastructure supporting this persistent scanning campaign.

More threatening than 95% of monitored IPs

Threat Categories

Hacking 30

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Behavioral Analysis

Activity Pattern: Consistent Activity

Steady malicious activity over 2 weeks indicates persistent threat actor operations.

First Observed 15. May 2026
Last Activity 3. June 2026
Recent (7 days) 1 incidents

High-Risk Network Association

This IP belongs to a network (ASN 47890) with elevated threat levels. The ISP Unmanaged Ltd hosts multiple reported malicious addresses, suggesting systemic security issues or permissive policies.

Network-wide patterns may indicate this is part of a larger malicious infrastructure.

Security Recommendations

Long-term blocking recommended.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 6/10 Moderate
Confidence Score 82% Verified

Confidence History

21. Mar 2026 - 3. Jun 2026
83% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
10 of 1718 shown

Technical Details

Basic Information

IP Address
80.94.92.71
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
RO RO
ASN
AS47890
ISP
Unmanaged Ltd

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
1,718
First Reported
11 Nov 2025
Last Reported
3 Jun 2026, 02:13

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS47890
Unmanaged Ltd
RO RO

Network Threat Assessment

8/10
This network has a high threat level with significant malicious activity reported across multiple IPs.

Network Statistics

185
Total IPs Monitored
149,970
Total Reports
810.6
Reports per IP

Network Context

This IP address belongs to Unmanaged Ltd (AS47890), which manages 185 IP addresses in our monitoring system. Out of these, 149,970 have been reported for suspicious activities, resulting in a network-wide threat level of 8/10.

Network warning: This network has elevated threat levels. Exercise caution when interacting with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

95 %

Global Threat Ranking

This IP is more threatening than 95% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,213 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 1,718 avg: 23 ++

Network Comparison

Compared against 190 IPs in ASN 47890

Threat Level 10/10 network avg: 7.8 +
Total Reports 1,718 network avg: 806 ++
Network Unmanaged Ltd has overall threat level 8/10

Geographic Comparison

Compared against 627 IPs in RO

Threat Level 10/10 country avg: 6.2 ++
Total Reports 1,718 country avg: 259 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

186,914 threat incidents tracked globally • Last 24h: 18,893 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,421 20.6%
  2. 02
    IN
    India IN
    28,931 15.5%
  3. 03
    CN
    China CN
    26,004 13.9%
  4. 04
    BR
    Brazil BR
    10,236 5.5%
  5. 05
    DE
    Germany DE
    7,138 3.8%
  6. 06
    SG
    Singapore SG
    6,475 3.5%
  7. 07
    ID
    Indonesia ID
    5,522 3%
  8. 08
    RU
    Russia RU
    4,700 2.5%
  9. 09
    PK
    Pakistan PK
    4,646 2.5%
  10. 10
    NL
    Netherlands NL
    4,354 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
9.7/10 Avg Threat
95% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
193.32.162.192 7/10
Confidence 100%
Reports 31
Location RO RO
25 Dec 2025
193.32.162.35 10/10
Confidence 98%
Reports 992
Location RO RO
2 Jun 2026
2.57.122.192 10/10
Confidence 98%
Reports 19
Location RO RO
18 May 2026
193.32.162.104 10/10
Confidence 96%
Reports 150
Location RO RO
24 May 2026
2.57.122.189 10/10
Confidence 95%
Reports 19
Location RO RO
6 Jun 2026
193.32.162.28 10/10
Confidence 94%
Reports 5,435
Location RO RO
25 May 2026
92.118.39.63 10/10
Confidence 94%
Reports 3,060
Location US US
25 May 2026
193.32.162.34 10/10
Confidence 94%
Reports 1,819
Location RO RO
2 Jun 2026
80.94.92.187 10/10
Confidence 94%
Reports 811
Location RO RO
13 Jan 2026
193.32.162.82 10/10
Confidence 94%
Reports 682
Location RO RO
5 Jun 2026
45.148.9.8 8/10
Confidence 94%
Reports 440
Location US US
18 May 2026
193.46.255.86 10/10
Confidence 94%
Reports 393
Location RO RO
3 Jun 2026
80.94.92.186 10/10
Confidence 94%
Reports 303
Location RO RO
2 Jun 2026
80.94.92.166 10/10
Confidence 94%
Reports 200
Location RO RO
9 Jan 2026
92.118.39.97 10/10
Confidence 94%
Reports 32
Location US US
9 Jun 2026
2.57.122.53 10/10
Confidence 94%
Reports 30
Location RO RO
14 May 2026
92.118.39.236 10/10
Confidence 94%
Reports 23
Location RO RO
7 Jun 2026
2.57.122.196 10/10
Confidence 94%
Reports 13
Location RO RO
28 May 2026
92.118.39.59 8/10
Confidence 93%
Reports 44
Location US US
9 Jun 2026
2.57.122.162 10/10
Confidence 92%
Reports 18
Location RO RO
5 May 2026

IPs from the same subnet range, likely same network segment.

20 Related IPs
9.7/10 Avg Threat
79% Avg Confidence
19 High Threat
High-risk network: Majority of related IPs are flagged
80.94.92.187 10/10
Confidence 94%
Reports 811
Location RO RO
13 Jan 2026
80.94.92.186 10/10
Confidence 94%
Reports 303
Location RO RO
2 Jun 2026
80.94.92.166 10/10
Confidence 94%
Reports 200
Location RO RO
9 Jan 2026
80.94.92.183 10/10
Confidence 88%
Reports 5,389
Location RO RO
18 May 2026
80.94.92.156 5/10
Confidence 87%
Reports 17
Location RO RO
9 Jun 2026
80.94.92.171 10/10
Confidence 85%
Reports 314
Location RO RO
8 Jun 2026
80.94.92.184 10/10
Confidence 83%
Reports 577
Location RO RO
4 Jun 2026
80.94.92.67 10/10
Confidence 78%
Reports 1,569
Location RO RO
11 May 2026
80.94.92.182 10/10
Confidence 78%
Reports 671
Location RO RO
23 May 2026
80.94.92.68 10/10
Confidence 76%
Reports 1,485
Location RO RO
21 Mar 2026
80.94.92.66 10/10
Confidence 75%
Reports 1,652
Location RO RO
21 Mar 2026
80.94.92.63 10/10
Confidence 75%
Reports 907
Location RO RO
22 Apr 2026
80.94.92.64 10/10
Confidence 74%
Reports 1,206
Location RO RO
22 Apr 2026
80.94.92.65 10/10
Confidence 74%
Reports 904
Location RO RO
21 Mar 2026
80.94.92.70 10/10
Confidence 74%
Reports 895
Location RO RO
21 Mar 2026
80.94.92.69 10/10
Confidence 74%
Reports 795
Location RO RO
21 Mar 2026
80.94.92.130 10/10
Confidence 74%
Reports 9
Location RO RO
12 Mar 2026
80.94.92.168 10/10
Confidence 71%
Reports 2,254
Location RO RO
5 Jun 2026
80.94.92.101 8/10
Confidence 65%
Reports 567
Location RO RO
12 Nov 2025
80.94.92.50 10/10
Confidence 64%
Reports 133
Location RO RO
26 Oct 2025

IPs from the same country with similar threat profiles.

15 Related IPs
9.5/10 Avg Threat
96% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
80.94.95.211 10/10
Confidence 100%
Reports 49
ISP SS-Net
8 Jun 2026
82.152.132.24 10/10
Confidence 100%
Reports 36
ISP X-zone It Srl
6 Jun 2026
193.32.162.192 7/10
Confidence 100%
Reports 31
ISP Unmanaged Ltd
25 Dec 2025
193.32.162.35 10/10
Confidence 98%
Reports 992
ISP Unmanaged Ltd
2 Jun 2026
2.57.122.192 10/10
Confidence 98%
Reports 19
ISP Unmanaged Ltd
18 May 2026
89.44.137.240 8/10
Confidence 97%
Reports 30
ISP ROMARG SRL
26 Feb 2026
193.32.162.104 10/10
Confidence 96%
Reports 150
ISP Unmanaged Ltd
24 May 2026
80.94.95.7 7/10
Confidence 96%
Reports 31
ISP SS-Net
16 May 2026
2.57.122.189 10/10
Confidence 95%
Reports 19
ISP Unmanaged Ltd
6 Jun 2026
193.32.162.28 10/10
Confidence 94%
Reports 5,435
ISP Unmanaged Ltd
25 May 2026
193.32.162.34 10/10
Confidence 94%
Reports 1,819
ISP Unmanaged Ltd
2 Jun 2026
80.94.92.187 10/10
Confidence 94%
Reports 811
ISP Unmanaged Ltd
13 Jan 2026
193.32.162.82 10/10
Confidence 94%
Reports 682
ISP Unmanaged Ltd
5 Jun 2026
45.142.193.6 10/10
Confidence 94%
Reports 553
ISP Skynet Network Ltd
23 May 2026
193.46.255.86 10/10
Confidence 94%
Reports 393
ISP Unmanaged Ltd
3 Jun 2026

IPs with similar threat level and confidence scores.

15 Related IPs
8.8/10 Avg Threat
83% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
2a01:04f8:c012:4640:0000:0000:0000:0001 10/10
Confidence 83%
Reports 19,885
Location DE DE
9 Jun 2026
207.90.244.21 8/10
Confidence 83%
Reports 12,269
Location US US
9 Jun 2026
207.90.244.22 8/10
Confidence 83%
Reports 12,089
Location US US
9 Jun 2026
130.12.181.108 8/10
Confidence 83%
Reports 3,208
Location DE DE
6 Jun 2026
130.12.181.100 8/10
Confidence 83%
Reports 3,068
Location DE DE
6 Jun 2026
2.57.122.208 10/10
Confidence 83%
Reports 2,772
Location RO RO
13 May 2026
137.184.190.246 8/10
Confidence 83%
Reports 1,972
Location US US
9 Jun 2026
64.62.197.197 8/10
Confidence 83%
Reports 581
Location US US
9 Jun 2026
80.94.92.184 10/10
Confidence 83%
Reports 577
Location RO RO
4 Jun 2026
65.49.1.162 8/10
Confidence 83%
Reports 562
Location US US
9 Jun 2026
167.94.146.49 8/10
Confidence 83%
Reports 552
Location US US
9 Jun 2026
77.90.185.17 10/10
Confidence 83%
Reports 448
Location DE DE
9 Jun 2026
14.18.190.138 10/10
Confidence 83%
Reports 437
Location CN CN
9 Jun 2026
62.60.130.228 10/10
Confidence 83%
Reports 378
Location IR IR
9 Jun 2026
194.213.3.5 8/10
Confidence 83%
Reports 376
Location GB GB
2 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "80.94.92.71",
    "threat_level": 10,
    "confidence_score": 83,
    "total_reports": 1718,
    "country_code": "RO",
    "isp_name": "Unmanaged Ltd",
    "asn": "47890",
    "first_reported": "2025-11-11 10:41:13",
    "last_reported": "2026-06-03 02:13:42",
    "exported_at": "2026-06-09T06:58:42+02:00",
    "source": "https://reportedip.de/ip/80.94.92.71/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses