Elevated Risk
IP 45.142.193.198 is a high-risk address linked to 177 reported hacking incidents detected by automated honeypot sensors between April and May 2026, originating from Romania-based Skynet Network Ltd (ASN AS214295).
The IP presents a threat level of 8/10 with a confidence score of 94%, indicating strong evidentiary support for malicious activity. All 177 abuse reports were generated by automated honeypot sensors, reflecting sustained automated attack attempts over a concentrated two-month period with an activity frequency rating of 8/10. The geographic origin in Romania and the assignment to a commercial ISP suggest this infrastructure may be part of an active campaign rather than casual scanning. The volume and consistency of reports rule out transient or accidental connections.
The dominant threat category of hacking encompasses intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts against exposed services. The detected Suricata alerts reveal specific behavioral indicators: invalid TLS record types suggest potential man-in-the-middle manipulation or malformed traffic designed to evade detection, while one-directional protocol detection implies reconnaissance activity probing service responses without completing legitimate handshakes. Together these patterns indicate systematic enumeration of network defenses and services, with the goal of identifying exploitable entry points.
Site operators should immediately block or rate-limit traffic from this IP at the firewall level, particularly on externally facing services. Implementing automated abuse-detection tools such as fail2ban can dynamically respond to the observed patterns. Ensuring all systems remain patched, enabling intrusion detection signatures for the specific Suricata alerts noted, and reviewing authentication mechanisms for exposed services will reduce vulnerability to the intrusion techniques this address has demonstrated.
IR 
FR 
SE 
TR