IP Address

87.120.191.13

IPv4 Public
US US
AS215925
Vpsvault.host Ltd
13,131 Reports
This IP is under Observation Suspicious activity detected - monitor closely
10/10 Threat
63% Confidence
13,131 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 10% High Threat
US
US Location
Vpsvault.host Ltd ASN 215925
13,131 Reports
Honeypot Data Source

Severe Risk

IP 87.120.191.13 is a critical-risk address operated by Vpsvault.host Ltd under ASN AS215925 that has accumulated 13,131 abuse reports since first detected in August 2025, with automated honeypot sensors flagging it primarily for general hacking activity including intrusion attempts and exploitation attempts against exposed services.

The volume of reports associated with this IP is exceptionally high, ranking among the most-reported addresses in comparable threat-intelligence datasets, yet the activity frequency metric of 0/10 suggests that the most aggressive campaign has subsided or shifted. The 20 recent reports in the hacking category all originated from automated honeypot sensors, indicating sustained automated scanning and exploit-probing behavior rather than isolated manual intrusion attempts. The geographic attribution to the United States places this address within a commercial VPS infrastructure environment commonly leveraged by threat actors for its reliability and anonymity, which aligns with the pattern of mass-scale automated attacks originating from compromised or rented cloud resources.

Hacking activity encompasses a broad spectrum of unauthorized access techniques, from brute-force credential attacks against services like SSH, RDP and web panels to targeted probing for known software vulnerabilities and misconfiguration exploits. Even with reduced current activity, the historical magnitude of abuse reports indicates this address has repeatedly demonstrated hostile intent toward internet-facing systems. The underlying threat lies not only in successful compromise but also in the reconnaissance and enumeration phases that precede attacks, which can themselves exhaust server resources and generate anomalous log noise that obscures genuine security incidents.

Site operators should implement defensive controls immediately: block or rate-limit traffic from this IP at the firewall level, enforce strong authentication on all exposed services with account-lockout policies, and deploy monitoring rules to alert on connection patterns associated with port scanning or credential-stuffing campaigns. Tools such as fail2ban or equivalent log-analysis utilities can automate dynamic blocking based on observed attack signatures. Regularly reviewing authentication logs for source IP 87.120.191.13 and correlating with threat-intelligence feeds will help determine whether the address remains active against specific infrastructure.

More threatening than 91% of monitored IPs

Threat Categories

Hacking 30

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Reputable Network

This IP is hosted on a network (ASN 215925) with generally good reputation. The ISP Vpsvault.host Ltd maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 0/10 Inactive
Confidence Score 63% High Confidence

Confidence History

18. Feb 2026 - 19. Feb 2026
63% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking Honeypot x5 75%
Hacking Honeypot x2 75%
Hacking Honeypot x2 75%
Hacking Honeypot x5 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x2 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot x2 75%
Hacking Honeypot x3 75%
Hacking Honeypot x2 75%
Hacking Honeypot x5 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x6 75%
Hacking Honeypot x7 75%
Hacking Honeypot x2 75%
Hacking Honeypot x5 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
Hacking Honeypot x7 75%
10 of 13131 shown

Technical Details

Basic Information

IP Address
87.120.191.13
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
US US
ASN
AS215925
ISP
Vpsvault.host Ltd

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
13,131
First Reported
15 Aug 2025
Last Reported
19 Feb 2026, 04:09

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS215925
Vpsvault.host Ltd
US US

Network Threat Assessment

3/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

119
Total IPs Monitored
27,203
Total Reports
228.6
Reports per IP

Network Context

This IP address belongs to Vpsvault.host Ltd (AS215925), which manages 119 IP addresses in our monitoring system. Out of these, 27,203 have been reported for suspicious activities, resulting in a network-wide threat level of 3/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

91 %

Global Threat Ranking

This IP is more threatening than 91% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,713 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 13,131 avg: 23 ++

Network Comparison

Compared against 157 IPs in ASN 215925

Threat Level 10/10 network avg: 8.4 +
Total Reports 13,131 network avg: 184 ++
Network Vpsvault.host Ltd has overall threat level 3/10

Geographic Comparison

Compared against 38,468 IPs in US

Threat Level 10/10 country avg: 5.9 ++
Total Reports 13,131 country avg: 41 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,375 threat incidents tracked globally • Last 24h: 18,936 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US THIS IP
    38,468 20.5%
  2. 02
    IN
    India IN
    29,136 15.5%
  3. 03
    CN
    China CN
    26,029 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE
    7,144 3.8%
  6. 06
    SG
    Singapore SG
    6,476 3.5%
  7. 07
    ID
    Indonesia ID
    5,551 3%
  8. 08
    RU
    Russia RU
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,677 2.5%
  10. 10
    NL
    Netherlands NL
    4,358 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
9/10 Avg Threat
96% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
87.121.84.30 8/10
Confidence 100%
Reports 295
Location US US
20 Apr 2026
87.121.84.81 8/10
Confidence 99%
Reports 152
Location US US
20 Apr 2026
87.121.84.126 8/10
Confidence 97%
Reports 259
Location US US
20 Apr 2026
87.121.84.80 10/10
Confidence 97%
Reports 210
Location US US
21 Apr 2026
87.121.84.82 8/10
Confidence 97%
Reports 209
Location US US
21 Apr 2026
87.121.84.127 8/10
Confidence 97%
Reports 195
Location US US
21 Apr 2026
87.121.84.119 8/10
Confidence 97%
Reports 162
Location US US
21 Apr 2026
87.121.84.121 8/10
Confidence 97%
Reports 149
Location US US
21 Apr 2026
87.121.84.125 8/10
Confidence 97%
Reports 112
Location US US
20 Apr 2026
87.121.84.130 8/10
Confidence 97%
Reports 110
Location US US
21 Apr 2026
87.121.84.120 8/10
Confidence 96%
Reports 129
Location US US
20 Apr 2026
45.205.1.110 10/10
Confidence 94%
Reports 2,318
Location US US
20 May 2026
45.198.224.18 10/10
Confidence 94%
Reports 1,078
Location US US
9 Jun 2026
45.198.224.5 10/10
Confidence 94%
Reports 886
Location US US
9 Jun 2026
45.205.1.8 10/10
Confidence 94%
Reports 704
Location US US
12 May 2026
87.120.191.23 10/10
Confidence 94%
Reports 457
Location US US
29 Dec 2025
45.205.1.26 10/10
Confidence 94%
Reports 312
Location US US
4 May 2026
87.121.84.40 10/10
Confidence 94%
Reports 188
Location US US
20 May 2026
87.121.84.51 10/10
Confidence 94%
Reports 65
Location US US
6 Feb 2026
45.198.224.138 10/10
Confidence 94%
Reports 64
Location US US
7 Jun 2026

IPs from the same subnet range, likely same network segment.

20 Related IPs
8.5/10 Avg Threat
55% Avg Confidence
17 High Threat
High-risk network: Majority of related IPs are flagged
87.120.191.23 10/10
Confidence 94%
Reports 457
Location US US
29 Dec 2025
87.120.191.124 10/10
Confidence 77%
Reports 547
Location US US
5 Dec 2025
87.120.191.125 10/10
Confidence 75%
Reports 301
Location US US
29 Nov 2025
87.120.191.65 10/10
Confidence 66%
Reports 720
Location US US
1 Mar 2026
87.120.191.81 10/10
Confidence 66%
Reports 156
Location US US
19 Feb 2026
87.120.191.84 10/10
Confidence 65%
Reports 52
Location US US
5 Nov 2025
87.120.191.37 10/10
Confidence 64%
Reports 122
Location US US
18 Oct 2025
87.120.191.91 10/10
Confidence 64%
Reports 25
Location US US
13 Oct 2025
87.120.191.93 10/10
Confidence 61%
Reports 15
Location US US
22 Mar 2026
87.120.191.67 10/10
Confidence 58%
Reports 309
Location US US
24 Feb 2026
87.120.191.121 10/10
Confidence 58%
Reports 10
Location US US
18 Nov 2025
87.120.191.94 10/10
Confidence 48%
Reports 8
Location US US
29 Nov 2025
87.120.191.6 10/10
Confidence 44%
Reports 9
Location US US
24 Aug 2025
87.120.191.127 0/10
Confidence 40%
Reports 2
Location US US
19 Mar 2026
87.120.191.21 10/10
Confidence 39%
Reports 4
Location US US
29 Nov 2025
87.120.191.90 10/10
Confidence 38%
Reports 5
Location US US
13 Oct 2025
87.120.191.97 0/10
Confidence 38%
Reports 2
Location US US
27 Mar 2026
87.120.191.70 10/10
Confidence 36%
Reports 7
Location US US
1 Oct 2025
87.120.191.104 10/10
Confidence 33%
Reports 6
Location US US
16 Oct 2025
87.120.191.53 0/10
Confidence 30%
Reports 2
Location US US
8 Feb 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.3/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
208.109.188.137 8/10
Confidence 100%
Reports 514
ISP GO-DADDY-COM-LLC
9 Jun 2026
50.6.7.129 8/10
Confidence 100%
Reports 447
ISP ORACLE-BMC-31898
22 May 2026
72.167.150.128 8/10
Confidence 100%
Reports 429
ISP GO-DADDY-COM-LLC
27 May 2026
50.6.229.148 8/10
Confidence 100%
Reports 346
ISP ORACLE-BMC-31898
9 May 2026
87.121.84.30 8/10
Confidence 100%
Reports 295
ISP Vpsvault.host Ltd
20 Apr 2026
50.6.226.221 10/10
Confidence 100%
Reports 223
ISP ORACLE-BMC-31898
2 Mar 2026
31.57.184.107 8/10
Confidence 100%
Reports 202
ISP Netiface LLC
3 Jun 2026
64.31.25.250 8/10
Confidence 100%
Reports 176
ISP Limestone Netwo...
8 Jun 2026
74.206.180.196 8/10
Confidence 100%
Reports 143
ISP MOJOHOST
4 Jun 2026
35.226.7.126 8/10
Confidence 100%
Reports 131
ISP Google LLC
18 May 2026
147.135.37.185 8/10
Confidence 100%
Reports 131
ISP OVH SAS
14 May 2026
162.241.152.21 8/10
Confidence 100%
Reports 126
ISP Network Solutio...
8 Jun 2026
38.95.35.74 8/10
Confidence 100%
Reports 112
ISP Limestone Netwo...
2 Jun 2026
50.6.169.131 8/10
Confidence 100%
Reports 106
ISP Network Solutio...
6 Jun 2026
162.214.206.32 10/10
Confidence 100%
Reports 98
ISP Unified Layer
30 May 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.2/10 Avg Threat
63% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
3.130.96.91 8/10
Confidence 63%
Reports 43,462
Location US US
4 Feb 2026
3.134.148.59 8/10
Confidence 63%
Reports 14,980
Location US US
4 Feb 2026
92.118.39.87 10/10
Confidence 63%
Reports 14,713
Location US US
18 Apr 2026
3.137.73.221 8/10
Confidence 63%
Reports 10,228
Location US US
4 Feb 2026
3.132.23.201 8/10
Confidence 63%
Reports 9,576
Location US US
4 Feb 2026
3.149.59.26 8/10
Confidence 63%
Reports 8,795
Location US US
4 Feb 2026
167.250.224.25 10/10
Confidence 63%
Reports 8,244
Location BR BR
14 May 2026
176.117.107.74 10/10
Confidence 63%
Reports 5,739
Location NL NL
21 Dec 2025
142.202.188.211 10/10
Confidence 63%
Reports 4,136
Location US US
8 Apr 2026
176.117.107.91 10/10
Confidence 63%
Reports 3,994
Location NL NL
17 Dec 2025
196.251.70.234 10/10
Confidence 63%
Reports 3,796
Location SC SC
15 Oct 2025
45.88.186.70 8/10
Confidence 63%
Reports 3,632
Location NL NL
2 Feb 2026
2.57.122.209 10/10
Confidence 63%
Reports 2,573
Location RO RO
10 Feb 2026
64.188.91.248 10/10
Confidence 63%
Reports 2,232
Location DE DE
3 Mar 2026
64.188.91.244 10/10
Confidence 63%
Reports 1,776
Location DE DE
3 Mar 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "87.120.191.13",
    "threat_level": 10,
    "confidence_score": 63,
    "total_reports": 13131,
    "country_code": "US",
    "isp_name": "Vpsvault.host Ltd",
    "asn": "215925",
    "first_reported": "2025-08-15 03:18:45",
    "last_reported": "2026-02-19 04:09:08",
    "exported_at": "2026-06-09T10:43:36+02:00",
    "source": "https://reportedip.de/ip/87.120.191.13/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses