Maximum Danger
IP 206.123.145.72 is a critical-risk address associated with 783 reported hacking incidents detected by automated honeypot sensors, primarily targeting SSH services with active session intrusion attempts originating from Netiface Limited's network in the United States.
The threat intelligence shows a concentrated attack pattern, with all 20 most recent reports filed between March and April 2026. Originating from Netiface Limited's AS60223 network in the United States, this IP has generated significant abuse activity within a compressed timeframe. The 79% confidence score reflects substantial corroboration across multiple honeypot detection systems, establishing reliable attribution to hostile scanning behavior.
The dominant threat category detected was general hacking activity, with automated sensors specifically flagging an active SSH session in progress on a commonly probed port. This pattern indicates the IP is being used to establish unauthorized remote access connections rather than merely scanning for vulnerabilities. For any exposed SSH service, an established session from a known malicious source represents immediate risk of credential compromise, lateral movement within a network, or deployment of secondary attack payloads.
Site operators should treat any inbound connection attempts from 206.123.145.72 as hostile. Recommended defensive measures include implementing key-based authentication for SSH access and disabling password authentication entirely to render credential-guessing attacks ineffective, configuring the firewall to block or severely rate-limit traffic from this address, deploying automated abuse-detection tools such as fail2ban to dynamically ban repeated offending IPs, and reviewing authentication logs for any prior contact from this source to rule out successful compromise.
NL 
GB