IP Address

87.120.191.65

IPv4 Public
US US
AS215925
Vpsvault.host Ltd
720 Reports
This IP is under Observation Suspicious activity detected - monitor closely
10/10 Threat
66% Confidence
720 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 10% High Threat
US
US Location
Vpsvault.host Ltd ASN 215925
720 Reports
Honeypot Data Source

Severe Risk

IP 87.120.191.65 is a maximum-threat-level address linked to 720 reported incidents of hacking activity, originating from US-based infrastructure operated by Vpsvault.host Ltd under ASN AS215925, with automated honeypot sensors recording sustained hostile engagement over a four-month window from December 2025 through March 2026.

The data paints a concerning picture of persistent intrusion activity: 720 total abuse reports against this single IP, with 20 of the most recent reports specifically categorised as hacking attempts, all attributed to automated honeypot detections. Despite an unusually low activity frequency score of 0/10, the sheer volume of reports across multiple months indicates continuous automated scanning or exploitation attempts rather than isolated probes. The 66% confidence score reflects that while the threat classification is definitive, attribution nuances remain. The address sits within a commercial hosting environment operated by Vpsvault.host Ltd, a context that often correlates with compromised servers, bulletproof hosting, or exit-node abuse.

Hacking activity in this context encompasses vulnerability exploitation, credential attacks, and unauthorized access attempts targeting exposed services. For an organisation with directly reachable infrastructure, an IP accumulating this volume of hacking reports poses a concrete risk of successful compromise through brute-force attempts, exploitation of unpatched software, or targeted service abuse. Automated honeypot sensors recording consistent reports suggest the address is actively involved in systematic reconnaissance or exploitation campaigns against internet-facing systems.

Site operators should implement immediate defensive measures: block or heavily rate-limit connections from this address at the firewall level, enforce strong authentication on all accessible services with particular attention to SSH and RDP, and apply security patches systematically. Deploying fail2ban or equivalent log-analysis tools can automate the blocking of repeated intrusion patterns. Continuous traffic analysis and log monitoring will help determine whether this address has been used in prior successful compromises against your infrastructure.

More threatening than 92% of monitored IPs

Threat Categories

Hacking 30

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Reputable Network

This IP is hosted on a network (ASN 215925) with generally good reputation. The ISP Vpsvault.host Ltd maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 0/10 Inactive
Confidence Score 63% High Confidence

Confidence History

14. Feb 2026 - 1. Mar 2026
66% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking Honeypot x7 75%
Hacking Honeypot x5 75%
Hacking Honeypot x2 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot 75%
Hacking Honeypot x6 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x3 75%
Hacking Honeypot x4 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot 75%
Hacking Honeypot x5 75%
Hacking Honeypot x7 75%
Hacking Honeypot x10 75%
Hacking Honeypot x7 75%
Hacking Honeypot x4 75%
Hacking Honeypot x3 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
10 of 720 shown

Technical Details

Basic Information

IP Address
87.120.191.65
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
US US
ASN
AS215925
ISP
Vpsvault.host Ltd

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
720
First Reported
20 Dec 2025
Last Reported
1 Mar 2026, 05:08

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS215925
Vpsvault.host Ltd
US US

Network Threat Assessment

3/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

119
Total IPs Monitored
27,203
Total Reports
228.6
Reports per IP

Network Context

This IP address belongs to Vpsvault.host Ltd (AS215925), which manages 119 IP addresses in our monitoring system. Out of these, 27,203 have been reported for suspicious activities, resulting in a network-wide threat level of 3/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

92 %

Global Threat Ranking

This IP is more threatening than 92% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,716 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 720 avg: 23 ++

Network Comparison

Compared against 157 IPs in ASN 215925

Threat Level 10/10 network avg: 8.4 +
Total Reports 720 network avg: 184 ++
Network Vpsvault.host Ltd has overall threat level 3/10

Geographic Comparison

Compared against 38,468 IPs in US

Threat Level 10/10 country avg: 5.9 ++
Total Reports 720 country avg: 41 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,375 threat incidents tracked globally • Last 24h: 18,936 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US THIS IP
    38,468 20.5%
  2. 02
    IN
    India IN
    29,136 15.5%
  3. 03
    CN
    China CN
    26,029 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE
    7,144 3.8%
  6. 06
    SG
    Singapore SG
    6,476 3.5%
  7. 07
    ID
    Indonesia ID
    5,551 3%
  8. 08
    RU
    Russia RU
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,677 2.5%
  10. 10
    NL
    Netherlands NL
    4,358 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
9/10 Avg Threat
96% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
87.121.84.30 8/10
Confidence 100%
Reports 295
Location US US
20 Apr 2026
87.121.84.81 8/10
Confidence 99%
Reports 152
Location US US
20 Apr 2026
87.121.84.126 8/10
Confidence 97%
Reports 259
Location US US
20 Apr 2026
87.121.84.80 10/10
Confidence 97%
Reports 210
Location US US
21 Apr 2026
87.121.84.82 8/10
Confidence 97%
Reports 209
Location US US
21 Apr 2026
87.121.84.127 8/10
Confidence 97%
Reports 195
Location US US
21 Apr 2026
87.121.84.119 8/10
Confidence 97%
Reports 162
Location US US
21 Apr 2026
87.121.84.121 8/10
Confidence 97%
Reports 149
Location US US
21 Apr 2026
87.121.84.125 8/10
Confidence 97%
Reports 112
Location US US
20 Apr 2026
87.121.84.130 8/10
Confidence 97%
Reports 110
Location US US
21 Apr 2026
87.121.84.120 8/10
Confidence 96%
Reports 129
Location US US
20 Apr 2026
45.205.1.110 10/10
Confidence 94%
Reports 2,318
Location US US
20 May 2026
45.198.224.18 10/10
Confidence 94%
Reports 1,078
Location US US
9 Jun 2026
45.198.224.5 10/10
Confidence 94%
Reports 886
Location US US
9 Jun 2026
45.205.1.8 10/10
Confidence 94%
Reports 704
Location US US
12 May 2026
87.120.191.23 10/10
Confidence 94%
Reports 457
Location US US
29 Dec 2025
45.205.1.26 10/10
Confidence 94%
Reports 312
Location US US
4 May 2026
87.121.84.40 10/10
Confidence 94%
Reports 188
Location US US
20 May 2026
87.121.84.51 10/10
Confidence 94%
Reports 65
Location US US
6 Feb 2026
45.198.224.138 10/10
Confidence 94%
Reports 64
Location US US
7 Jun 2026

IPs from the same subnet range, likely same network segment.

20 Related IPs
8.5/10 Avg Threat
55% Avg Confidence
17 High Threat
High-risk network: Majority of related IPs are flagged
87.120.191.23 10/10
Confidence 94%
Reports 457
Location US US
29 Dec 2025
87.120.191.124 10/10
Confidence 77%
Reports 547
Location US US
5 Dec 2025
87.120.191.125 10/10
Confidence 75%
Reports 301
Location US US
29 Nov 2025
87.120.191.81 10/10
Confidence 66%
Reports 156
Location US US
19 Feb 2026
87.120.191.84 10/10
Confidence 65%
Reports 52
Location US US
5 Nov 2025
87.120.191.37 10/10
Confidence 64%
Reports 122
Location US US
18 Oct 2025
87.120.191.91 10/10
Confidence 64%
Reports 25
Location US US
13 Oct 2025
87.120.191.13 10/10
Confidence 63%
Reports 13,131
Location US US
19 Feb 2026
87.120.191.93 10/10
Confidence 61%
Reports 15
Location US US
22 Mar 2026
87.120.191.67 10/10
Confidence 58%
Reports 309
Location US US
24 Feb 2026
87.120.191.121 10/10
Confidence 58%
Reports 10
Location US US
18 Nov 2025
87.120.191.94 10/10
Confidence 48%
Reports 8
Location US US
29 Nov 2025
87.120.191.6 10/10
Confidence 44%
Reports 9
Location US US
24 Aug 2025
87.120.191.127 0/10
Confidence 40%
Reports 2
Location US US
19 Mar 2026
87.120.191.21 10/10
Confidence 39%
Reports 4
Location US US
29 Nov 2025
87.120.191.90 10/10
Confidence 38%
Reports 5
Location US US
13 Oct 2025
87.120.191.97 0/10
Confidence 38%
Reports 2
Location US US
27 Mar 2026
87.120.191.70 10/10
Confidence 36%
Reports 7
Location US US
1 Oct 2025
87.120.191.104 10/10
Confidence 33%
Reports 6
Location US US
16 Oct 2025
87.120.191.53 0/10
Confidence 30%
Reports 2
Location US US
8 Feb 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.3/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
208.109.188.137 8/10
Confidence 100%
Reports 514
ISP GO-DADDY-COM-LLC
9 Jun 2026
50.6.7.129 8/10
Confidence 100%
Reports 447
ISP ORACLE-BMC-31898
22 May 2026
72.167.150.128 8/10
Confidence 100%
Reports 429
ISP GO-DADDY-COM-LLC
27 May 2026
50.6.229.148 8/10
Confidence 100%
Reports 346
ISP ORACLE-BMC-31898
9 May 2026
87.121.84.30 8/10
Confidence 100%
Reports 295
ISP Vpsvault.host Ltd
20 Apr 2026
50.6.226.221 10/10
Confidence 100%
Reports 223
ISP ORACLE-BMC-31898
2 Mar 2026
31.57.184.107 8/10
Confidence 100%
Reports 202
ISP Netiface LLC
3 Jun 2026
64.31.25.250 8/10
Confidence 100%
Reports 176
ISP Limestone Netwo...
8 Jun 2026
74.206.180.196 8/10
Confidence 100%
Reports 143
ISP MOJOHOST
4 Jun 2026
35.226.7.126 8/10
Confidence 100%
Reports 131
ISP Google LLC
18 May 2026
147.135.37.185 8/10
Confidence 100%
Reports 131
ISP OVH SAS
14 May 2026
162.241.152.21 8/10
Confidence 100%
Reports 126
ISP Network Solutio...
8 Jun 2026
38.95.35.74 8/10
Confidence 100%
Reports 112
ISP Limestone Netwo...
2 Jun 2026
50.6.169.131 8/10
Confidence 100%
Reports 106
ISP Network Solutio...
6 Jun 2026
162.214.206.32 10/10
Confidence 100%
Reports 98
ISP Unified Layer
30 May 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.9/10 Avg Threat
66% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
66.132.153.51 10/10
Confidence 66%
Reports 1,778
Location US US
23 Mar 2026
66.132.153.56 10/10
Confidence 66%
Reports 1,696
Location US US
23 Mar 2026
66.132.153.53 10/10
Confidence 66%
Reports 1,533
Location US US
23 Mar 2026
66.132.153.49 10/10
Confidence 66%
Reports 1,471
Location US US
23 Mar 2026
161.97.159.246 10/10
Confidence 66%
Reports 943
Location FR FR
3 Mar 2026
176.120.22.47 8/10
Confidence 66%
Reports 881
Location RU RU
3 Mar 2026
35.200.237.19 10/10
Confidence 66%
Reports 880
Location IN IN
17 Apr 2026
103.174.103.249 10/10
Confidence 66%
Reports 780
Location IN IN
19 Feb 2026
87.121.84.24 10/10
Confidence 66%
Reports 746
Location US US
8 Mar 2026
154.83.16.198 10/10
Confidence 66%
Reports 725
Location HK HK
24 Oct 2025
185.217.0.130 10/10
Confidence 66%
Reports 717
Location SE SE
5 Mar 2026
36.50.54.13 10/10
Confidence 66%
Reports 634
Location VN VN
20 Oct 2025
63.41.9.210 10/10
Confidence 66%
Reports 619
Location US US
30 Oct 2025
45.149.204.47 10/10
Confidence 66%
Reports 615
Location DE DE
5 Dec 2025
91.237.163.113 10/10
Confidence 66%
Reports 561
Location RU RU
2 Mar 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "87.120.191.65",
    "threat_level": 10,
    "confidence_score": 66,
    "total_reports": 720,
    "country_code": "US",
    "isp_name": "Vpsvault.host Ltd",
    "asn": "215925",
    "first_reported": "2025-12-20 05:17:56",
    "last_reported": "2026-03-01 05:08:03",
    "exported_at": "2026-06-09T10:46:56+02:00",
    "source": "https://reportedip.de/ip/87.120.191.65/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses