IP Address

45.140.17.124

IPv4 Public
RU RU
AS198953
Proton66 OOO
2,717 Reports
This IP is under Observation Suspicious activity detected - monitor closely
8/10 Threat
59% Confidence
2,717 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
RU
RU Location
Proton66 OOO ASN 198953
2,717 Reports
Honeypot Data Source

High Risk

IP address 45.140.17.124 is a high-risk Russian address that has accumulated 2,717 abuse reports, predominantly for SSH brute-force activity, warranting an immediate block or strict access control for any exposed SSH services. The IP is registered to Proton66 OOO on ASN AS198953 and has been flagged by automated honeypot sensors since August 2025, with the most recent reports dating to January 2026.

The volume of reports is substantial, though the activity frequency metric of 0/10 suggests a declining or intermittent attack pattern rather than sustained continuous probing. All 20 most recent threat reports specifically cite SSH attack vectors, indicating this address has been systematically targeting Secure Shell services. The 59% confidence score reflects that while the malicious behavior is well-documented, some contextual attribution remains uncertain. The geographic location in Russia and the association with a commercial network operator provides little ambiguity about the source region of this hostile traffic.

SSH brute-force attacks represent a concrete threat to any server exposing port 22 to the internet, as successful credential compromise grants attackers direct command-line access and potentially lateral movement opportunities across a network. The automated nature of these attacks means servers with weak or default credentials can be compromised within hours of exposure. Even failed attempts generate significant log noise and resource consumption, degrading server performance and filling authentication logs.

Site operators should block 45.140.17.124 at the firewall level immediately and monitor for any emerging connections from adjacent address space. Implementing fail2ban or similar intrusion-prevention tools will dynamically ban repeated SSH authentication failures. hardening SSH configurations with key-based authentication, disabling root login, and moving SSH to a non-standard port will substantially reduce exposure. Regular audit of authentication logs and implementation of account lockout policies provide additional defensive layers against this class of attack.

More threatening than 78% of monitored IPs

Threat Categories

SSH 30

Technical Details

SSH attacks attempt to gain server access through password guessing or exploitation of SSH vulnerabilities.

Recommended Mitigations

Use key-based authentication, change default ports, implement fail2ban, and disable root login.

Reputable Network

This IP is hosted on a network (ASN 198953) with generally good reputation. The ISP Proton66 OOO maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 0/10 Inactive
Confidence Score 58% High Confidence

Confidence History

15. Jan 2026 - 16. Jan 2026
59% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
SSH Honeypot 75%
10 of 2717 shown

Technical Details

Basic Information

IP Address
45.140.17.124
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
RU RU
ASN
AS198953
ISP
Proton66 OOO

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
2,717
First Reported
31 Aug 2025
Last Reported
16 Jan 2026, 10:28

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS198953
Proton66 OOO
RU RU

Network Threat Assessment

3/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

29
Total IPs Monitored
9,673
Total Reports
333.6
Reports per IP

Network Context

This IP address belongs to Proton66 OOO (AS198953), which manages 29 IP addresses in our monitoring system. Out of these, 9,673 have been reported for suspicious activities, resulting in a network-wide threat level of 3/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

78 %

Global Threat Ranking

This IP is more threatening than 78% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,733 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 2,717 avg: 23 ++

Network Comparison

Compared against 35 IPs in ASN 198953

Threat Level 8/10 network avg: 8.3 =
Total Reports 2,717 network avg: 265 ++
Network Proton66 OOO has overall threat level 3/10

Geographic Comparison

Compared against 4,703 IPs in RU

Threat Level 8/10 country avg: 5.3 ++
Total Reports 2,717 country avg: 17 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,378 threat incidents tracked globally • Last 24h: 18,990 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,468 20.5%
  2. 02
    IN
    India IN
    29,138 15.6%
  3. 03
    CN
    China CN
    26,029 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE
    7,144 3.8%
  6. 06
    SG
    Singapore SG
    6,476 3.5%
  7. 07
    ID
    Indonesia ID
    5,551 3%
  8. 08
    RU
    Russia RU THIS IP
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,677 2.5%
  10. 10
    NL
    Netherlands NL
    4,358 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
9.5/10 Avg Threat
82% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
176.120.22.192 10/10
Confidence 94%
Reports 291
Location RU RU
6 Jun 2026
176.120.22.135 10/10
Confidence 94%
Reports 200
Location RU RU
27 Apr 2026
37.77.150.67 10/10
Confidence 94%
Reports 114
Location RU RU
9 Jun 2026
176.120.22.176 10/10
Confidence 94%
Reports 21
Location RU RU
23 May 2026
45.140.17.52 10/10
Confidence 93%
Reports 272
Location RU RU
16 Jan 2026
37.77.150.10 8/10
Confidence 93%
Reports 14
Location RU RU
7 May 2026
37.77.150.83 10/10
Confidence 92%
Reports 288
Location RU RU
31 May 2026
176.120.22.147 10/10
Confidence 92%
Reports 20
Location RU RU
16 May 2026
193.143.1.66 10/10
Confidence 89%
Reports 12
Location RU RU
1 Jun 2026
176.120.22.113 10/10
Confidence 85%
Reports 11
Location RU RU
8 Jun 2026
37.77.150.121 10/10
Confidence 81%
Reports 16
Location RU RU
22 Apr 2026
176.120.22.52 10/10
Confidence 79%
Reports 280
Location RU RU
7 Apr 2026
193.143.1.23 10/10
Confidence 77%
Reports 100
Location RU RU
17 Apr 2026
176.120.22.240 10/10
Confidence 76%
Reports 24
Location RU RU
29 May 2026
45.134.26.25 8/10
Confidence 72%
Reports 18
Location RU RU
5 Nov 2025
176.120.22.66 10/10
Confidence 71%
Reports 11
Location RU RU
24 Apr 2026
45.135.232.177 8/10
Confidence 67%
Reports 876
Location RU RU
16 Nov 2025
176.120.22.47 8/10
Confidence 66%
Reports 881
Location RU RU
3 Mar 2026
193.143.1.78 10/10
Confidence 65%
Reports 284
Location RU RU
18 Oct 2025
45.134.26.79 8/10
Confidence 65%
Reports 170
Location RU RU
27 Oct 2025

IPs from the same subnet range, likely same network segment.

1 Related IPs
10/10 Avg Threat
93% Avg Confidence
1 High Threat
High-risk network: Majority of related IPs are flagged
45.140.17.52 10/10
Confidence 93%
Reports 272
Location RU RU
16 Jan 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.7/10 Avg Threat
98% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
5.35.7.175 8/10
Confidence 99%
Reports 82
ISP JSC Selectel
16 May 2026
46.165.56.242 8/10
Confidence 99%
Reports 53
ISP Nizhnetagilskie...
8 Jun 2026
85.95.166.40 10/10
Confidence 99%
Reports 36
ISP Rostelecom
8 Jun 2026
176.211.42.202 10/10
Confidence 99%
Reports 31
ISP Rostelecom
8 Jun 2026
188.92.241.150 10/10
Confidence 99%
Reports 24
ISP JSC Avantel
8 Jun 2026
213.167.43.130 10/10
Confidence 99%
Reports 23
ISP Digit One LLC
20 May 2026
81.28.167.30 10/10
Confidence 98%
Reports 12
ISP Rostelecom
25 May 2026
91.205.128.170 8/10
Confidence 97%
Reports 98
ISP LTD Erline
22 Apr 2026
91.237.163.110 8/10
Confidence 97%
Reports 65
ISP Systematica LLC
3 Mar 2026
212.33.247.195 8/10
Confidence 97%
Reports 45
ISP JSC ER-Telecom ...
27 Feb 2026
37.139.53.129 8/10
Confidence 97%
Reports 40
ISP Petersburg Inte...
1 Jun 2026
94.180.238.116 8/10
Confidence 97%
Reports 39
ISP JSC ER-Telecom ...
14 May 2026
37.230.245.194 8/10
Confidence 97%
Reports 34
ISP PJSC MegaFon
27 Feb 2026
91.151.178.74 8/10
Confidence 97%
Reports 29
ISP Petersburg Inte...
2 Mar 2026
103.136.43.74 8/10
Confidence 97%
Reports 28
ISP Ip Server LLC
5 Mar 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.5/10 Avg Threat
59% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
77.90.185.141 10/10
Confidence 59%
Reports 46,654
Location DE DE
11 Nov 2025
198.23.190.58 10/10
Confidence 59%
Reports 40,333
Location US US
17 Nov 2025
45.234.176.18 8/10
Confidence 59%
Reports 31,506
Location BR BR
5 Oct 2025
103.146.203.60 10/10
Confidence 59%
Reports 31,330
Location ID ID
1 Sep 2025
176.65.134.8 10/10
Confidence 59%
Reports 29,990
Location DE DE
29 Sep 2025
176.65.134.7 7/10
Confidence 59%
Reports 26,776
Location DE DE
21 Sep 2025
2.57.121.148 10/10
Confidence 59%
Reports 25,577
Location RO RO
1 Oct 2025
103.91.140.28 10/10
Confidence 59%
Reports 23,540
Location PH PH
16 Sep 2025
206.81.13.37 8/10
Confidence 59%
Reports 20,549
Location US US
5 Sep 2025
104.164.110.7 10/10
Confidence 59%
Reports 17,849
Location US US
27 Dec 2025
185.243.96.105 10/10
Confidence 59%
Reports 17,727
Location UA UA
5 Feb 2026
45.187.40.40 10/10
Confidence 59%
Reports 16,203
Location BR BR
9 Sep 2025
198.12.68.114 10/10
Confidence 59%
Reports 14,600
Location US US
17 Nov 2025
173.231.185.164 10/10
Confidence 59%
Reports 14,563
Location US US
15 Sep 2025
103.162.15.126 10/10
Confidence 59%
Reports 13,612
Location VN VN
8 Nov 2025

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "45.140.17.124",
    "threat_level": 8,
    "confidence_score": 59,
    "total_reports": 2717,
    "country_code": "RU",
    "isp_name": "Proton66 OOO",
    "asn": "198953",
    "first_reported": "2025-08-31 09:23:42",
    "last_reported": "2026-01-16 10:28:17",
    "exported_at": "2026-06-09T10:56:48+02:00",
    "source": "https://reportedip.de/ip/45.140.17.124/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses