IP Address

86.54.31.32

IPv4 Public
CA CA
AS12989
Black HOST Ltd
182 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
8/10 Threat
95% Confidence
182 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
CA
CA Location
Black HOST Ltd ASN 12989
182 Reports
Honeypot Data Source

Notable Threat

IP 86.54.31.32 is a high-risk address based in Canada and operated through AS12989 (Black HOST Ltd) that has generated 168 total abuse reports with a 96% confidence score, indicating a sustained and aggressive threat pattern consistent with active intrusion activity.

The data shows an 8/10 activity frequency sustained across an eleven-month observation window between August 2025 and June 2026. Detection came from 20 distinct automated honeypot sensors, confirming broad exposure across distributed monitoring infrastructure. The report breakdown reveals hacking activity as the dominant threat category with 18 documented instances, alongside single reports for IoT-targeted probes and exploited-host behavior. This distribution suggests the address is actively engaged in multi-vector reconnaissance and exploitation attempts rather than isolated scanning.

Hacking activity in this context refers to systematic intrusion attempts, vulnerability exploitation and unauthorized access campaigns targeting exposed services. When combined with the IoT-targeted and exploited-host reports, the IP address presents a compound threat profile indicating both active offensive operations and potential use as a compromised attack platform. The 96% confidence score reflects highly consistent detection patterns across multiple independent sensor sources, making false-positive attribution unlikely.

Site operators should immediately block this IP at the network perimeter and implement fail2ban or equivalent rate-limiting rules to detect and mitigate automated authentication attacks. Organizations should ensure all exposed services run current security patches, enforce strong multi-factor authentication and avoid default credentials. Network segmentation isolating IoT devices and internal assets from internet-facing systems significantly reduces exposure to this type of persistent threat actor. Proactive monitoring of IP reputation feeds and abuse databases helps maintain up-to-date blocklists against known malicious infrastructure.

More threatening than 82% of monitored IPs

Threat Categories

Hacking 27
Email Spam 1
Exploited Host 1
IoT Targeted 1

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Behavioral Analysis

Activity Pattern: Consistent Activity

Steady malicious activity over 4 weeks indicates persistent threat actor operations.

First Observed 11. May 2026
Last Activity 8. June 2026
Recent (7 days) 13 incidents

Reputable Network

This IP is hosted on a network (ASN 12989) with generally good reputation. The ISP Black HOST Ltd maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Long-term blocking recommended.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 8/10 High
Confidence Score 95% Verified

Confidence History

25. May 2026 - 8. Jun 2026
95% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
New Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Email Spam Honeypot 75%
Exploited Host Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
IoT Targeted Honeypot 75%
Hacking Honeypot 75%
10 of 182 shown

Technical Details

Basic Information

IP Address
86.54.31.32
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
CA CA
ASN
AS12989
ISP
Black HOST Ltd

DNS Information

Reverse DNS
hat.census.shodan.io
PTR Record
Yes
Connection Type
Static

Statistics

Total Reports
182
First Reported
15 Aug 2025
Last Reported
8 Jun 2026, 12:28

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS12989
Black HOST Ltd
CA CA

Network Threat Assessment

3/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

9
Total IPs Monitored
1,440
Total Reports
160
Reports per IP

Network Context

This IP address belongs to Black HOST Ltd (AS12989), which manages 9 IP addresses in our monitoring system. Out of these, 1,440 have been reported for suspicious activities, resulting in a network-wide threat level of 3/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

82 %

Global Threat Ranking

This IP is more threatening than 82% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,209 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 182 avg: 23 ++

Network Comparison

Compared against 9 IPs in ASN 12989

Threat Level 8/10 network avg: 8.2 =
Total Reports 182 network avg: 216 -
Network Black HOST Ltd has overall threat level 3/10

Geographic Comparison

Compared against 2,094 IPs in CA

Threat Level 8/10 country avg: 5.0 ++
Total Reports 182 country avg: 23 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

186,914 threat incidents tracked globally • Last 24h: 18,893 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,421 20.6%
  2. 02
    IN
    India IN
    28,931 15.5%
  3. 03
    CN
    China CN
    26,004 13.9%
  4. 04
    BR
    Brazil BR
    10,236 5.5%
  5. 05
    DE
    Germany DE
    7,138 3.8%
  6. 06
    SG
    Singapore SG
    6,475 3.5%
  7. 07
    ID
    Indonesia ID
    5,522 3%
  8. 08
    RU
    Russia RU
    4,700 2.5%
  9. 09
    PK
    Pakistan PK
    4,646 2.5%
  10. 10
    NL
    Netherlands NL
    4,354 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same subnet range, likely same network segment.

6 Related IPs
8.7/10 Avg Threat
85% Avg Confidence
6 High Threat
High-risk network: Majority of related IPs are flagged
86.54.31.36 10/10
Confidence 94%
Reports 317
Location CA CA
9 Jun 2026
86.54.31.40 8/10
Confidence 89%
Reports 137
Location CA CA
1 Jun 2026
86.54.31.38 8/10
Confidence 88%
Reports 204
Location CA CA
8 Jun 2026
86.54.31.34 8/10
Confidence 85%
Reports 290
Location CA CA
8 Jun 2026
86.54.31.44 10/10
Confidence 80%
Reports 637
Location CA CA
9 Jun 2026
86.54.31.42 8/10
Confidence 76%
Reports 172
Location CA CA
23 Apr 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.7/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
54.39.17.116 8/10
Confidence 100%
Reports 204
ISP OVH SAS
7 May 2026
20.116.34.103 10/10
Confidence 100%
Reports 47
ISP Microsoft Corpo...
8 Jun 2026
38.49.217.60 8/10
Confidence 100%
Reports 46
ISP Rica Web Services
7 Jun 2026
192.99.10.178 8/10
Confidence 100%
Reports 30
ISP OVH SAS
25 May 2026
216.251.35.201 8/10
Confidence 100%
Reports 30
ISP Internet Names ...
8 Jun 2026
209.235.136.136 8/10
Confidence 100%
Reports 28
ISP INFB-AS
9 Jun 2026
216.251.35.204 10/10
Confidence 100%
Reports 25
ISP Internet Names ...
9 Jun 2026
20.151.117.104 8/10
Confidence 100%
Reports 23
ISP Microsoft Corpo...
3 Jun 2026
51.222.205.120 10/10
Confidence 100%
Reports 19
ISP OVH SAS
1 Jun 2026
74.56.214.214 8/10
Confidence 100%
Reports 18
ISP Videotron Ltee
8 Jun 2026
20.116.59.164 8/10
Confidence 100%
Reports 18
ISP Microsoft Corpo...
4 Jun 2026
207.35.211.98 8/10
Confidence 99%
Reports 43
ISP Bell Canada
5 Jun 2026
4.206.92.183 10/10
Confidence 99%
Reports 24
ISP Microsoft Corpo...
4 Jun 2026
24.203.79.110 8/10
Confidence 99%
Reports 20
ISP Videotron Ltee
5 Jun 2026
20.220.211.108 10/10
Confidence 98%
Reports 38
ISP Microsoft Corpo...
3 Mar 2026

IPs with similar threat level and confidence scores.

15 Related IPs
10/10 Avg Threat
95% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
93.123.109.114 10/10
Confidence 95%
Reports 744
Location BG BG
6 Jun 2026
106.75.188.200 10/10
Confidence 95%
Reports 705
Location CN CN
9 Jun 2026
185.242.226.81 10/10
Confidence 95%
Reports 375
Location US US
8 Jun 2026
185.242.226.72 10/10
Confidence 95%
Reports 334
Location US US
8 Jun 2026
20.220.148.239 10/10
Confidence 95%
Reports 190
Location CA CA
6 Feb 2026
117.176.131.191 10/10
Confidence 95%
Reports 180
Location CN CN
3 Jun 2026
103.99.144.99 10/10
Confidence 95%
Reports 171
Location IN IN
27 May 2026
195.184.76.208 10/10
Confidence 95%
Reports 165
Location US US
9 Jun 2026
91.230.168.8 10/10
Confidence 95%
Reports 158
Location US US
9 Jun 2026
91.231.89.246 10/10
Confidence 95%
Reports 153
Location FR FR
9 Jun 2026
170.79.37.88 10/10
Confidence 95%
Reports 144
Location PE PE
31 May 2026
91.196.152.177 10/10
Confidence 95%
Reports 142
Location FR FR
8 Jun 2026
186.96.151.198 10/10
Confidence 95%
Reports 132
Location MX MX
3 Jun 2026
185.113.139.51 10/10
Confidence 95%
Reports 129
Location LV LV
8 Jun 2026
175.144.16.85 10/10
Confidence 95%
Reports 128
Location MY MY
14 May 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "86.54.31.32",
    "threat_level": 8,
    "confidence_score": 95,
    "total_reports": 182,
    "country_code": "CA",
    "isp_name": "Black HOST Ltd",
    "asn": "12989",
    "first_reported": "2025-08-15 04:33:49",
    "last_reported": "2026-06-08 12:28:36",
    "exported_at": "2026-06-09T06:56:41+02:00",
    "source": "https://reportedip.de/ip/86.54.31.32/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses