IP Address

87.121.84.119

IPv4 Public
US US
AS215925
Vpsvault.host Ltd
162 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
8/10 Threat
97% Confidence
162 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
US
US Location
Vpsvault.host Ltd ASN 215925
162 Reports
Honeypot Data Source

Elevated Risk

IP 87.121.84.119 is a high-risk address operated by Vpsvault.host Ltd under ASN AS215925 in the United States, definitively linked to sustained SSH brute-force attacks as confirmed by 162 independent abuse reports with a 97 percent confidence score. The IP has been repeatedly flagged by automated honeypot sensors across 20 distinct detection points, with activity concentrated in April 2026 and showing characteristics of a multi-jail recidivist offender.

Analysis of the reported threat categories reveals SSH-related activity dominating the dataset with 18 reports, supplemented by 4 reports each for general hacking and brute-force authentication attempts. The detection data from automated honeypot sensors documents extreme violation counts, including instances of 132 and 128 authentication failures attributed to a single source, alongside multiple recidive-jail triggers indicating this actor repeatedly targets the same infrastructure. The activity frequency score of 3 out of 10 suggests persistent rather than burst-pattern behaviour, consistent with methodical credential-stuffing campaigns rather than opportunistic scanning.

SSH brute-force attacks represent a concrete and immediate threat to any exposed Secure Shell service, as successful authentication grants attackers direct command-line access to servers, enabling data exfiltration, lateral movement within networks, deployment of secondary payloads, and establishment of persistent backdoors. The volume of violations observed for this address indicates automated tooling capable of sustaining hundreds of authentication attempts against targeted systems. When conducted from a dedicated VPS infrastructure as indicated by the network operator, these attacks benefit from reliable connectivity and can easily pivot to new targets upon detection.

Network defenders should immediately block or rate-limit traffic from this address at the firewall level and monitor inbound authentication logs for similar patterns. Deploying key-based authentication exclusively, moving SSH to a non-standard port, and implementing fail2ban with aggressive recidive-jail settings will substantially reduce exposure. Enforcing multi-factor authentication on all SSH access and disabling root login eliminates the primary attack surface that this IP has demonstrated consistent interest in exploiting.

More threatening than 82% of monitored IPs

Threat Categories

SSH 28
Hacking 4
Brute-Force 4

Technical Details

SSH attacks attempt to gain server access through password guessing or exploitation of SSH vulnerabilities.

Recommended Mitigations

Use key-based authentication, change default ports, implement fail2ban, and disable root login.

Reputable Network

This IP is hosted on a network (ASN 215925) with generally good reputation. The ISP Vpsvault.host Ltd maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 3/10 Low
Confidence Score 79% Verified

Confidence History

19. Apr 2026 - 21. Apr 2026
97% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking Brute-Force Honeypot 75%
Hacking Brute-Force Honeypot 75%
SSH Hacking Brute-Force Honeypot x2 75%
SSH Hacking Brute-Force Honeypot x2 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
10 of 162 shown

Technical Details

Basic Information

IP Address
87.121.84.119
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
US US
ASN
AS215925
ISP
Vpsvault.host Ltd

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
162
First Reported
8 Apr 2026
Last Reported
21 Apr 2026, 01:01

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS215925
Vpsvault.host Ltd
US US

Network Threat Assessment

3/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

119
Total IPs Monitored
27,203
Total Reports
228.6
Reports per IP

Network Context

This IP address belongs to Vpsvault.host Ltd (AS215925), which manages 119 IP addresses in our monitoring system. Out of these, 27,203 have been reported for suspicious activities, resulting in a network-wide threat level of 3/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

82 %

Global Threat Ranking

This IP is more threatening than 82% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,575 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 162 avg: 23 ++

Network Comparison

Compared against 157 IPs in ASN 215925

Threat Level 8/10 network avg: 8.4 =
Total Reports 162 network avg: 184 =
Network Vpsvault.host Ltd has overall threat level 3/10

Geographic Comparison

Compared against 38,457 IPs in US

Threat Level 8/10 country avg: 5.9 +
Total Reports 162 country avg: 41 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,273 threat incidents tracked globally • Last 24h: 18,965 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US THIS IP
    38,457 20.5%
  2. 02
    IN
    India IN
    29,090 15.5%
  3. 03
    CN
    China CN
    26,027 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE
    7,143 3.8%
  6. 06
    SG
    Singapore SG
    6,476 3.5%
  7. 07
    ID
    Indonesia ID
    5,543 3%
  8. 08
    RU
    Russia RU
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,670 2.5%
  10. 10
    NL
    Netherlands NL
    4,357 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
9.1/10 Avg Threat
96% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
87.121.84.30 8/10
Confidence 100%
Reports 295
Location US US
20 Apr 2026
87.121.84.81 8/10
Confidence 99%
Reports 152
Location US US
20 Apr 2026
87.121.84.126 8/10
Confidence 97%
Reports 259
Location US US
20 Apr 2026
87.121.84.80 10/10
Confidence 97%
Reports 210
Location US US
21 Apr 2026
87.121.84.82 8/10
Confidence 97%
Reports 209
Location US US
21 Apr 2026
87.121.84.127 8/10
Confidence 97%
Reports 195
Location US US
21 Apr 2026
87.121.84.121 8/10
Confidence 97%
Reports 149
Location US US
21 Apr 2026
87.121.84.125 8/10
Confidence 97%
Reports 112
Location US US
20 Apr 2026
87.121.84.130 8/10
Confidence 97%
Reports 110
Location US US
21 Apr 2026
87.121.84.120 8/10
Confidence 96%
Reports 129
Location US US
20 Apr 2026
45.205.1.110 10/10
Confidence 94%
Reports 2,318
Location US US
20 May 2026
45.198.224.18 10/10
Confidence 94%
Reports 1,076
Location US US
9 Jun 2026
45.198.224.5 10/10
Confidence 94%
Reports 885
Location US US
9 Jun 2026
45.205.1.8 10/10
Confidence 94%
Reports 704
Location US US
12 May 2026
87.120.191.23 10/10
Confidence 94%
Reports 457
Location US US
29 Dec 2025
45.205.1.26 10/10
Confidence 94%
Reports 312
Location US US
4 May 2026
87.121.84.40 10/10
Confidence 94%
Reports 188
Location US US
20 May 2026
87.121.84.51 10/10
Confidence 94%
Reports 65
Location US US
6 Feb 2026
45.198.224.138 10/10
Confidence 94%
Reports 64
Location US US
7 Jun 2026
45.198.224.85 10/10
Confidence 94%
Reports 52
Location US US
2 Jun 2026

IPs from the same subnet range, likely same network segment.

20 Related IPs
9.1/10 Avg Threat
96% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
87.121.84.30 8/10
Confidence 100%
Reports 295
Location US US
20 Apr 2026
87.121.84.81 8/10
Confidence 99%
Reports 152
Location US US
20 Apr 2026
87.121.84.126 8/10
Confidence 97%
Reports 259
Location US US
20 Apr 2026
87.121.84.80 10/10
Confidence 97%
Reports 210
Location US US
21 Apr 2026
87.121.84.82 8/10
Confidence 97%
Reports 209
Location US US
21 Apr 2026
87.121.84.127 8/10
Confidence 97%
Reports 195
Location US US
21 Apr 2026
87.121.84.121 8/10
Confidence 97%
Reports 149
Location US US
21 Apr 2026
87.121.84.125 8/10
Confidence 97%
Reports 112
Location US US
20 Apr 2026
87.121.84.130 8/10
Confidence 97%
Reports 110
Location US US
21 Apr 2026
87.121.84.120 8/10
Confidence 96%
Reports 129
Location US US
20 Apr 2026
87.121.84.40 10/10
Confidence 94%
Reports 188
Location US US
20 May 2026
87.121.84.51 10/10
Confidence 94%
Reports 65
Location US US
6 Feb 2026
87.121.84.8 10/10
Confidence 94%
Reports 36
Location US US
10 May 2026
87.121.84.77 10/10
Confidence 94%
Reports 31
Location US US
20 May 2026
87.121.84.28 10/10
Confidence 94%
Reports 22
Location US US
19 May 2026
87.121.84.146 10/10
Confidence 94%
Reports 22
Location US US
21 May 2026
87.121.84.129 10/10
Confidence 94%
Reports 15
Location US US
13 Jan 2026
87.121.84.67 10/10
Confidence 93%
Reports 128
Location US US
20 May 2026
87.121.84.102 10/10
Confidence 93%
Reports 49
Location US US
21 May 2026
87.121.84.56 10/10
Confidence 92%
Reports 19
Location US US
20 May 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.3/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
208.109.188.137 8/10
Confidence 100%
Reports 514
ISP GO-DADDY-COM-LLC
9 Jun 2026
50.6.7.129 8/10
Confidence 100%
Reports 447
ISP ORACLE-BMC-31898
22 May 2026
72.167.150.128 8/10
Confidence 100%
Reports 429
ISP GO-DADDY-COM-LLC
27 May 2026
50.6.229.148 8/10
Confidence 100%
Reports 346
ISP ORACLE-BMC-31898
9 May 2026
87.121.84.30 8/10
Confidence 100%
Reports 295
ISP Vpsvault.host Ltd
20 Apr 2026
50.6.226.221 10/10
Confidence 100%
Reports 223
ISP ORACLE-BMC-31898
2 Mar 2026
31.57.184.107 8/10
Confidence 100%
Reports 202
ISP Netiface LLC
3 Jun 2026
64.31.25.250 8/10
Confidence 100%
Reports 176
ISP Limestone Netwo...
8 Jun 2026
74.206.180.196 8/10
Confidence 100%
Reports 143
ISP MOJOHOST
4 Jun 2026
35.226.7.126 8/10
Confidence 100%
Reports 131
ISP Google LLC
18 May 2026
147.135.37.185 8/10
Confidence 100%
Reports 131
ISP OVH SAS
14 May 2026
162.241.152.21 8/10
Confidence 100%
Reports 126
ISP Network Solutio...
8 Jun 2026
38.95.35.74 8/10
Confidence 100%
Reports 112
ISP Limestone Netwo...
2 Jun 2026
50.6.169.131 8/10
Confidence 100%
Reports 106
ISP Network Solutio...
6 Jun 2026
162.214.206.32 10/10
Confidence 100%
Reports 98
ISP Unified Layer
30 May 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.1/10 Avg Threat
97% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
106.75.186.101 10/10
Confidence 97%
Reports 717
Location CN CN
9 Jun 2026
106.75.164.40 10/10
Confidence 97%
Reports 712
Location CN CN
9 Jun 2026
87.121.84.126 8/10
Confidence 97%
Reports 259
Location US US
20 Apr 2026
87.121.84.80 10/10
Confidence 97%
Reports 210
Location US US
21 Apr 2026
87.121.84.82 8/10
Confidence 97%
Reports 209
Location US US
21 Apr 2026
87.121.84.127 8/10
Confidence 97%
Reports 195
Location US US
21 Apr 2026
103.98.176.164 10/10
Confidence 97%
Reports 173
Location ID ID
8 Jun 2026
87.121.84.121 8/10
Confidence 97%
Reports 149
Location US US
21 Apr 2026
103.88.76.27 10/10
Confidence 97%
Reports 131
Location IN IN
28 May 2026
124.55.178.99 8/10
Confidence 97%
Reports 120
Location KR KR
24 Apr 2026
185.100.212.141 10/10
Confidence 97%
Reports 118
Location IN IN
29 May 2026
156.239.225.149 10/10
Confidence 97%
Reports 115
Location SC SC
2 Mar 2026
87.121.84.125 8/10
Confidence 97%
Reports 112
Location US US
20 Apr 2026
172.94.9.62 10/10
Confidence 97%
Reports 112
Location US US
27 Apr 2026
185.218.84.20 8/10
Confidence 97%
Reports 111
Location US US
19 Jan 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "87.121.84.119",
    "threat_level": 8,
    "confidence_score": 97,
    "total_reports": 162,
    "country_code": "US",
    "isp_name": "Vpsvault.host Ltd",
    "asn": "215925",
    "first_reported": "2026-04-08 00:48:03",
    "last_reported": "2026-04-21 01:01:54",
    "exported_at": "2026-06-09T09:51:05+02:00",
    "source": "https://reportedip.de/ip/87.121.84.119/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses