Critical Alert
IP 4.145.113.4 is a high-risk address operating from Microsoft Azure infrastructure in Singapore that has generated 581 abuse reports over approximately six months, with all recent activity classified as hacking activity targeting vulnerable services. The threat level of 10/10 reflects the persistent and aggressive nature of intrusion attempts attributed to this IP, making it a clear danger to any exposed network endpoint.
Security monitoring systems detected IP 4.145.113.4 through automated honeypot sensors beginning in September 2025, with continued reporting activity extending through March 2026. The 581 total reports concentrated on hacking category threats indicates sustained, deliberate attempts to compromise systems rather than opportunistic scanning. The IP resides on AS8075, operated by Microsoft Corporation, suggesting the address may represent a compromised cloud resource or a malicious actor exploiting cloud infrastructure to mask the true origin of their operations. Singapore's position as a major Asia-Pacific network hub makes it a frequent location for both legitimate cloud traffic and malicious activity seeking geographic diversity.
The dominant hacking classification encompasses various intrusion methodologies including exploitation attempts against known vulnerabilities, brute-force authentication attacks, and unauthorized access vectors. For organizations running exposed services such as remote administration interfaces, databases, or web applications, these attacks pose concrete risks of data exfiltration, service disruption, or complete system compromise through successful exploitation. The persistent nature of the reports spanning multiple months indicates a determined adversary rather than transient automated scanning.
Network defenders should immediately block or rate-limit traffic from this address at the firewall or load balancer level. Organizations running exposed services should enforce strong, unique credentials and consider implementing fail2ban or similar tools to automatically ban repeated offenders. Keeping all systems fully patched, maintaining an intrusion detection system, and regularly auditing access logs for connections originating from this address will significantly reduce exposure to the threat patterns observed. Monitoring infrastructure should be configured to flag any current connections from 4.145.113.4 for immediate investigation.
NL 
AU 
JP 
IE 
HK 
SE 
CA 
FR 
MA 
GB 
UA