IP Address

87.251.64.145

IPv4 Public
US US
AS200730
ISAEV Igor
346 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
8/10 Threat
93% Confidence
346 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
US
US Location
ISAEV Igor ASN 200730
346 Reports
Honeypot Data Source

Elevated Risk

IP 87.251.64.145 is a high-risk address assessed at 8/10 threat level with a 93% confidence score, definitively linked to persistent SSH brute-force attacks against exposed servers. This US-based IP has generated 327 total abuse reports through automated honeypot sensors between April and June 2026, indicating sustained and aggressive scanning activity with an activity frequency rated 8/10. The volume and consistency of these reports establish a clear pattern of malicious probing behaviour rather than isolated incident noise.

Network reconnaissance reveals this address originates from AS200730, operated by ISAEV Igor, a network entity that has attracted significant negative reputation metrics across security communities. The honeypot telemetry shows the IP conducting continuous SSH brute-force campaigns, with recorded violations reaching 25 instances on monitored sshd services. This concentration of identical attack methodology across multiple detection points confirms coordinated, automated exploitation attempts targeting the SSH protocol as an entry vector into Linux-based infrastructure.

SSH brute-force attacks represent a critical initial-access threat, where adversaries systematically guess authentication credentials to compromise servers running OpenSSH or similar implementations. The real-world risk extends beyond successful unauthorized access: even failed attempts consume server resources, generate authentication logs, and reveal the existence of target systems to threat actors conducting broader reconnaissance. Successful compromise through weak or default credentials typically grants shell access, enabling lateral movement, data exfiltration or deployment of secondary payloads such as cryptocurrency miners and backdoors.

Network defenders should immediately block 87.251.64.145 at the firewall level and implement fail2ban to dynamically ban repeat offenders after configurable violation thresholds. SSH services should enforce key-based authentication exclusively, disable root login and change the default port from 22 to a non-standard alternative. Rate-limiting authentication attempts and enforcing strong password policies with regular rotation further reduce attack surface. Continuous monitoring of authentication logs for this IP address and similar scanning patterns from adjacent network ranges in AS200730 will help identify follow-up threat activity targeting previously scanned environments.

More threatening than 81% of monitored IPs

Threat Categories

SSH 30

Technical Details

SSH attacks attempt to gain server access through password guessing or exploitation of SSH vulnerabilities.

Recommended Mitigations

Use key-based authentication, change default ports, implement fail2ban, and disable root login.

Behavioral Analysis

Activity Pattern: Consistent Activity

Steady malicious activity over 4 weeks indicates persistent threat actor operations.

First Observed 11. May 2026
Last Activity 8. June 2026
Recent (7 days) 18 incidents

Moderate Network Risk

The network hosting this IP (ASN 200730, operated by ISAEV Igor) shows moderate threat indicators. Some concerning activity has been detected from neighboring addresses.

Consider the network context when assessing this individual IP.

Security Recommendations

Long-term blocking recommended.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 8/10 High
Confidence Score 93% Verified

Confidence History

29. May 2026 - 8. Jun 2026
93% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
New SSH Honeypot 75%
New SSH Honeypot 75%
New SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
10 of 346 shown

Technical Details

Basic Information

IP Address
87.251.64.145
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
US US
ASN
AS200730
ISP
ISAEV Igor

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
346
First Reported
14 Apr 2026
Last Reported
8 Jun 2026, 21:12

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS200730
ISAEV Igor
US US

Network Threat Assessment

4/10
This network has low threat indicators with minimal suspicious activity.

Network Statistics

12
Total IPs Monitored
1,918
Total Reports
159.8
Reports per IP

Network Context

This IP address belongs to ISAEV Igor (AS200730), which manages 12 IP addresses in our monitoring system. Out of these, 1,918 have been reported for suspicious activities, resulting in a network-wide threat level of 4/10.

Network notice: This network shows some suspicious activity patterns. Monitor interactions with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

81 %

Global Threat Ranking

This IP is more threatening than 81% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 198,918 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 346 avg: 23 ++

Network Comparison

Compared against 14 IPs in ASN 200730

Threat Level 8/10 network avg: 6.6 +
Total Reports 346 network avg: 410 -
Network ISAEV Igor has overall threat level 4/10

Geographic Comparison

Compared against 38,381 IPs in US

Threat Level 8/10 country avg: 5.9 +
Total Reports 346 country avg: 41 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

186,683 threat incidents tracked globally • Last 24h: 18,667 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US THIS IP
    38,381 20.6%
  2. 02
    IN
    India IN
    28,865 15.5%
  3. 03
    CN
    China CN
    25,983 13.9%
  4. 04
    BR
    Brazil BR
    10,224 5.5%
  5. 05
    DE
    Germany DE
    7,135 3.8%
  6. 06
    SG
    Singapore SG
    6,460 3.5%
  7. 07
    ID
    Indonesia ID
    5,505 2.9%
  8. 08
    RU
    Russia RU
    4,698 2.5%
  9. 09
    PK
    Pakistan PK
    4,637 2.5%
  10. 10
    NL
    Netherlands NL
    4,351 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same subnet range, likely same network segment.

13 Related IPs
6.5/10 Avg Threat
66% Avg Confidence
9 High Threat
High-risk network: Majority of related IPs are flagged
87.251.64.146 10/10
Confidence 98%
Reports 1,942
Location US US
9 Jun 2026
87.251.64.159 10/10
Confidence 94%
Reports 2,236
Location US US
7 May 2026
87.251.64.149 8/10
Confidence 93%
Reports 449
Location US US
9 Jun 2026
87.251.64.147 8/10
Confidence 93%
Reports 387
Location US US
8 Jun 2026
87.251.64.144 8/10
Confidence 93%
Reports 337
Location US US
8 Jun 2026
87.251.64.50 10/10
Confidence 92%
Reports 13
Location PL PL
5 Jun 2026
87.251.64.125 10/10
Confidence 74%
Reports 9
Location PL PL
13 May 2026
87.251.64.150 10/10
Confidence 47%
Reports 5
Location US US
15 Apr 2026
87.251.64.74 10/10
Confidence 47%
Reports 5
Location US US
6 Apr 2026
87.251.64.75 0/10
Confidence 39%
Reports 2
Location US US
5 Apr 2026
87.251.64.73 0/10
Confidence 30%
Reports 1
Location US US
4 Apr 2026
87.251.64.180 0/10
Confidence 30%
Reports 1
Location US US
13 Apr 2026
87.251.64.141 0/10
Confidence 29%
Reports 1
Location US US
29 Mar 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.2/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
50.6.7.129 8/10
Confidence 100%
Reports 447
ISP ORACLE-BMC-31898
22 May 2026
72.167.150.128 8/10
Confidence 100%
Reports 429
ISP GO-DADDY-COM-LLC
27 May 2026
50.6.229.148 8/10
Confidence 100%
Reports 346
ISP ORACLE-BMC-31898
9 May 2026
87.121.84.30 8/10
Confidence 100%
Reports 295
ISP Vpsvault.host Ltd
20 Apr 2026
50.6.226.221 10/10
Confidence 100%
Reports 223
ISP ORACLE-BMC-31898
2 Mar 2026
31.57.184.107 8/10
Confidence 100%
Reports 202
ISP Netiface LLC
3 Jun 2026
64.31.25.250 8/10
Confidence 100%
Reports 176
ISP Limestone Netwo...
8 Jun 2026
74.206.180.196 8/10
Confidence 100%
Reports 143
ISP MOJOHOST
4 Jun 2026
35.226.7.126 8/10
Confidence 100%
Reports 131
ISP Google LLC
18 May 2026
147.135.37.185 8/10
Confidence 100%
Reports 131
ISP OVH SAS
14 May 2026
162.241.152.21 8/10
Confidence 100%
Reports 126
ISP Network Solutio...
8 Jun 2026
38.95.35.74 8/10
Confidence 100%
Reports 112
ISP Limestone Netwo...
2 Jun 2026
50.6.169.131 8/10
Confidence 100%
Reports 106
ISP Network Solutio...
6 Jun 2026
162.214.206.32 10/10
Confidence 100%
Reports 98
ISP Unified Layer
30 May 2026
152.32.148.250 7/10
Confidence 100%
Reports 88
ISP UCLOUD INFORMAT...
8 Jun 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.3/10 Avg Threat
93% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
176.65.149.31 10/10
Confidence 93%
Reports 4,014
Location NL NL
9 Jun 2026
45.205.1.5 10/10
Confidence 93%
Reports 2,945
Location MU MU
9 Jun 2026
46.151.178.13 8/10
Confidence 93%
Reports 2,752
Location NL NL
9 Jun 2026
200.124.160.2 10/10
Confidence 93%
Reports 2,116
Location MX MX
21 Apr 2026
80.66.83.43 10/10
Confidence 93%
Reports 1,973
Location RU RU
8 Jun 2026
130.12.181.98 8/10
Confidence 93%
Reports 1,224
Location DE DE
6 Jun 2026
91.92.240.13 8/10
Confidence 93%
Reports 841
Location DE DE
18 May 2026
160.119.76.4 8/10
Confidence 93%
Reports 820
Location SC SC
2 Jun 2026
5.83.143.40 10/10
Confidence 93%
Reports 815
Location NL NL
9 Jun 2026
103.56.148.184 10/10
Confidence 93%
Reports 634
Location ID ID
9 Jun 2026
185.224.128.16 10/10
Confidence 93%
Reports 607
Location NL NL
9 Jun 2026
207.90.244.12 10/10
Confidence 93%
Reports 542
Location US US
8 Jun 2026
185.156.73.157 10/10
Confidence 93%
Reports 525
Location UA UA
31 May 2026
80.94.95.83 10/10
Confidence 93%
Reports 487
Location RO RO
8 Jun 2026
154.239.6.163 8/10
Confidence 93%
Reports 470
Location EG EG
10 May 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "87.251.64.145",
    "threat_level": 8,
    "confidence_score": 93,
    "total_reports": 346,
    "country_code": "US",
    "isp_name": "ISAEV Igor",
    "asn": "200730",
    "first_reported": "2026-04-14 12:42:33",
    "last_reported": "2026-06-08 21:12:18",
    "exported_at": "2026-06-09T03:24:54+02:00",
    "source": "https://reportedip.de/ip/87.251.64.145/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses