IP Address

80.94.95.216

IPv4 Public
RO RO
AS204428
SS-Net
160 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
7/10 Threat
76% Confidence
160 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Moderate Risk
RO
RO Location
SS-Net ASN 204428
160 Reports
Honeypot Data Source

Elevated Risk

The IP address 80.94.95.216 is a high-risk address associated with email spam activity, originating from Romanian network infrastructure and generating 160 abuse reports from automated honeypot sensors over a three-month observation window.

Analysis of the available telemetry reveals a consistent abuse pattern across the February–April 2026 reporting period. All 20 recent threat reports consistently flagged this address for email spam activity, yielding a threat-level score of 7 out of 10 with a 76% confidence rating. The address routes through AS204428 (operated by SS-Net), placing it within Romanian network space. Despite a low activity-frequency rating of 0 out of 10 in recent intervals, the sustained report volume over several months indicates persistent abuse rather than an isolated incident. Community and honeypot detection systems have reliably tracked this address, suggesting it operates as part of automated spam infrastructure rather than opportunistic scanning.

Email spam represents a concrete threat to exposed mail servers, as malicious actors commonly leverage compromised or spoofed SMTP endpoints to distribute phishing payloads, advertise fraudulent services, or deliver malware-laden attachments. When an external address repeatedly attempts SMTP relay or unauthorized message injection, it risks degrading mail-server performance, damaging sender reputation scores, and increasing the likelihood that legitimate correspondence is blocked or flagged as suspicious by downstream filters. Organizations with exposed SMTP services face the greatest exposure to this category of abuse.

Site operators should enforce strict SMTP authentication requirements and consider implementing allowlisting or deny-listing controls based on observed abuse patterns. Deploying and properly configuring SPF, DKIM, and DMARC records across managed domains significantly reduces the impact of spoofed email originating from addresses like this one. Incorporating the IP into existing defensive tools such as fail2ban or comparable log-analysis utilities can automate temporary blocking of repeated offenders. Subscribing to real-time threat-intelligence feeds and routing inbound mail through reputable filtering services adds an additional layer of protection against unsolicited bulk email.

More threatening than 74% of monitored IPs

Threat Categories

Email Spam 30

Technical Details

Email spam involves mass distribution of unwanted emails, often for advertising, phishing, or malware delivery.

Recommended Mitigations

Implement SPF, DKIM, DMARC, and use reputable email filtering services.

High-Risk Network Association

This IP belongs to a network (ASN 204428) with elevated threat levels. The ISP SS-Net hosts multiple reported malicious addresses, suggesting systemic security issues or permissive policies.

Network-wide patterns may indicate this is part of a larger malicious infrastructure.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 7/10 High
High
Activity Frequency 0/10 Inactive
Confidence Score 70% High Confidence

Confidence History

9. Apr 2026 - 15. Apr 2026
76% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
Email Spam Honeypot 75%
10 of 160 shown

Technical Details

Basic Information

IP Address
80.94.95.216
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
RO RO
ASN
AS204428
ISP
SS-Net

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
160
First Reported
10 Feb 2026
Last Reported
15 Apr 2026, 13:16

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS204428
SS-Net
RO RO

Network Threat Assessment

8/10
This network has a high threat level with significant malicious activity reported across multiple IPs.

Network Statistics

43
Total IPs Monitored
36,130
Total Reports
840.2
Reports per IP

Network Context

This IP address belongs to SS-Net (AS204428), which manages 43 IP addresses in our monitoring system. Out of these, 36,130 have been reported for suspicious activities, resulting in a network-wide threat level of 8/10.

Network warning: This network has elevated threat levels. Exercise caution when interacting with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

74 %

Global Threat Ranking

This IP is more threatening than 74% of all IPs in our database.

Above Average Threat

Global Comparison

Compared against 199,335 reported IPs worldwide

Threat Level 7/10 avg: 5.3 +
Total Reports 160 avg: 23 ++

Network Comparison

Compared against 43 IPs in ASN 204428

Threat Level 7/10 network avg: 7.7 =
Total Reports 160 network avg: 844 --
Network SS-Net has overall threat level 8/10

Geographic Comparison

Compared against 627 IPs in RO

Threat Level 7/10 country avg: 6.2 =
Total Reports 160 country avg: 259 -
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,017 threat incidents tracked globally • Last 24h: 18,967 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,426 20.5%
  2. 02
    IN
    India IN
    28,977 15.5%
  3. 03
    CN
    China CN
    26,016 13.9%
  4. 04
    BR
    Brazil BR
    10,249 5.5%
  5. 05
    DE
    Germany DE
    7,139 3.8%
  6. 06
    SG
    Singapore SG
    6,475 3.5%
  7. 07
    ID
    Indonesia ID
    5,533 3%
  8. 08
    RU
    Russia RU
    4,701 2.5%
  9. 09
    PK
    Pakistan PK
    4,647 2.5%
  10. 10
    NL
    Netherlands NL
    4,355 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
9.6/10 Avg Threat
80% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
80.94.95.211 10/10
Confidence 100%
Reports 49
Location RO RO
8 Jun 2026
80.94.95.7 7/10
Confidence 96%
Reports 31
Location RO RO
16 May 2026
80.94.95.110 10/10
Confidence 94%
Reports 21
Location RO RO
20 Apr 2026
80.94.95.40 10/10
Confidence 94%
Reports 16
Location RO RO
30 Apr 2026
80.94.95.83 10/10
Confidence 93%
Reports 487
Location RO RO
8 Jun 2026
80.94.95.116 10/10
Confidence 91%
Reports 38
Location RO RO
8 Jun 2026
80.94.95.242 7/10
Confidence 91%
Reports 26
Location RO RO
27 May 2026
80.94.95.169 8/10
Confidence 88%
Reports 1,001
Location RO RO
24 Apr 2026
80.94.95.43 10/10
Confidence 87%
Reports 293
Location RO RO
7 Jun 2026
80.94.95.221 10/10
Confidence 82%
Reports 469
Location RO RO
9 Jun 2026
80.94.95.115 10/10
Confidence 78%
Reports 105
Location RO RO
2 Jun 2026
80.94.95.71 10/10
Confidence 78%
Reports 14
Location RO RO
16 Apr 2026
80.94.95.248 10/10
Confidence 77%
Reports 18
Location RO RO
4 Dec 2025
80.94.95.118 10/10
Confidence 73%
Reports 497
Location RO RO
9 Jun 2026
80.94.95.173 10/10
Confidence 66%
Reports 8
Location RO RO
29 May 2026
80.94.95.202 10/10
Confidence 65%
Reports 8
Location RO RO
4 Jun 2026
80.94.95.25 10/10
Confidence 63%
Reports 224
Location RO RO
2 Oct 2025
80.94.95.75 10/10
Confidence 62%
Reports 82
Location RO RO
27 Jan 2026
80.94.95.15 10/10
Confidence 61%
Reports 29,208
Location RO RO
30 Sep 2025
80.94.95.112 10/10
Confidence 61%
Reports 3,047
Location RO RO
1 Oct 2025

IPs from the same subnet range, likely same network segment.

20 Related IPs
9.6/10 Avg Threat
80% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
80.94.95.211 10/10
Confidence 100%
Reports 49
Location RO RO
8 Jun 2026
80.94.95.7 7/10
Confidence 96%
Reports 31
Location RO RO
16 May 2026
80.94.95.110 10/10
Confidence 94%
Reports 21
Location RO RO
20 Apr 2026
80.94.95.40 10/10
Confidence 94%
Reports 16
Location RO RO
30 Apr 2026
80.94.95.83 10/10
Confidence 93%
Reports 487
Location RO RO
8 Jun 2026
80.94.95.116 10/10
Confidence 91%
Reports 38
Location RO RO
8 Jun 2026
80.94.95.242 7/10
Confidence 91%
Reports 26
Location RO RO
27 May 2026
80.94.95.169 8/10
Confidence 88%
Reports 1,001
Location RO RO
24 Apr 2026
80.94.95.43 10/10
Confidence 87%
Reports 293
Location RO RO
7 Jun 2026
80.94.95.221 10/10
Confidence 82%
Reports 469
Location RO RO
9 Jun 2026
80.94.95.115 10/10
Confidence 78%
Reports 105
Location RO RO
2 Jun 2026
80.94.95.71 10/10
Confidence 78%
Reports 14
Location RO RO
16 Apr 2026
80.94.95.248 10/10
Confidence 77%
Reports 18
Location RO RO
4 Dec 2025
80.94.95.118 10/10
Confidence 73%
Reports 497
Location RO RO
9 Jun 2026
80.94.95.173 10/10
Confidence 66%
Reports 8
Location RO RO
29 May 2026
80.94.95.202 10/10
Confidence 65%
Reports 8
Location RO RO
4 Jun 2026
80.94.95.25 10/10
Confidence 63%
Reports 224
Location RO RO
2 Oct 2025
80.94.95.75 10/10
Confidence 62%
Reports 82
Location RO RO
27 Jan 2026
80.94.95.15 10/10
Confidence 61%
Reports 29,208
Location RO RO
30 Sep 2025
80.94.95.112 10/10
Confidence 61%
Reports 3,047
Location RO RO
1 Oct 2025

IPs from the same country with similar threat profiles.

15 Related IPs
9.5/10 Avg Threat
96% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
80.94.95.211 10/10
Confidence 100%
Reports 49
ISP SS-Net
8 Jun 2026
82.152.132.24 10/10
Confidence 100%
Reports 36
ISP X-zone It Srl
6 Jun 2026
193.32.162.192 7/10
Confidence 100%
Reports 31
ISP Unmanaged Ltd
25 Dec 2025
193.32.162.35 10/10
Confidence 98%
Reports 992
ISP Unmanaged Ltd
2 Jun 2026
2.57.122.192 10/10
Confidence 98%
Reports 19
ISP Unmanaged Ltd
18 May 2026
89.44.137.240 8/10
Confidence 97%
Reports 30
ISP ROMARG SRL
26 Feb 2026
193.32.162.104 10/10
Confidence 96%
Reports 150
ISP Unmanaged Ltd
24 May 2026
80.94.95.7 7/10
Confidence 96%
Reports 31
ISP SS-Net
16 May 2026
2.57.122.189 10/10
Confidence 95%
Reports 19
ISP Unmanaged Ltd
6 Jun 2026
193.32.162.28 10/10
Confidence 94%
Reports 5,435
ISP Unmanaged Ltd
25 May 2026
193.32.162.34 10/10
Confidence 94%
Reports 1,819
ISP Unmanaged Ltd
2 Jun 2026
80.94.92.187 10/10
Confidence 94%
Reports 811
ISP Unmanaged Ltd
13 Jan 2026
193.32.162.82 10/10
Confidence 94%
Reports 682
ISP Unmanaged Ltd
5 Jun 2026
45.142.193.6 10/10
Confidence 94%
Reports 553
ISP Skynet Network Ltd
23 May 2026
193.46.255.86 10/10
Confidence 94%
Reports 393
ISP Unmanaged Ltd
3 Jun 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.3/10 Avg Threat
76% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
186.96.145.241 10/10
Confidence 76%
Reports 25,442
Location MX MX
9 Jun 2026
207.90.244.10 8/10
Confidence 76%
Reports 21,405
Location US US
9 Jun 2026
159.89.124.112 8/10
Confidence 76%
Reports 12,041
Location CA CA
9 Jun 2026
185.156.73.166 7/10
Confidence 76%
Reports 2,518
Location UA UA
3 Apr 2026
194.107.115.199 10/10
Confidence 76%
Reports 1,957
Location UZ UZ
8 Jun 2026
80.94.92.68 10/10
Confidence 76%
Reports 1,485
Location RO RO
21 Mar 2026
184.105.247.194 8/10
Confidence 76%
Reports 1,352
Location US US
8 Jun 2026
71.6.135.131 8/10
Confidence 76%
Reports 866
Location US US
8 Jun 2026
216.126.229.7 10/10
Confidence 76%
Reports 856
Location DE DE
30 Nov 2025
45.156.87.211 10/10
Confidence 76%
Reports 846
Location NL NL
4 Dec 2025
78.153.140.39 10/10
Confidence 76%
Reports 804
Location GB GB
8 Jun 2026
78.153.140.149 10/10
Confidence 76%
Reports 753
Location GB GB
8 Jun 2026
146.70.124.165 10/10
Confidence 76%
Reports 749
Location RO RO
2 Dec 2025
91.224.92.125 10/10
Confidence 76%
Reports 713
Location GB GB
9 Apr 2026
103.86.198.162 10/10
Confidence 76%
Reports 683
Location BD BD
2 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "80.94.95.216",
    "threat_level": 7,
    "confidence_score": 76,
    "total_reports": 160,
    "country_code": "RO",
    "isp_name": "SS-Net",
    "asn": "204428",
    "first_reported": "2026-02-10 15:50:10",
    "last_reported": "2026-04-15 13:16:13",
    "exported_at": "2026-06-09T07:58:42+02:00",
    "source": "https://reportedip.de/ip/80.94.95.216/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses