Severe Risk
IP 45.205.1.5 is a critical-risk address originating from Mauritius that has generated 2,890 abuse reports through automated honeypot sensors over approximately four months in early-to-mid 2026, indicating sustained and aggressive hacking activity at a volume far exceeding typical threat actors.
The target IP is routed through AS328608, operated by Africa-on-Cloud-AS, a network provider based in Mauritius. The threat level has been assessed at 10 out of 10 with a confidence score of 93 percent, reflecting the consistency and volume of observed malicious behaviour. All 20 most recent report sources derive from automated honeypot sensors, confirming that this address is actively conducting intrusion attempts rather than generating incidental or ambiguous traffic. The activity frequency rating of 8 out of 10 and the four-month reporting window from February through June 2026 establish this as a persistent, dedicated threat rather than a transient scanning event.
Hacking activity in this context encompasses a broad range of intrusion attempts, including exploitation of vulnerabilities and repeated unauthorized access probes against exposed services. The sheer volume of reports from a single IP address suggests the use of automated attack tooling operating continuously against a wide range of targets. For any exposed service, these patterns represent a concrete risk of credential compromise, data breach or system takeover, particularly for services with weak authentication, unpatched software or exposed management interfaces.
Site operators should immediately block or rate-limit traffic originating from this address at the network perimeter. Authentication surfaces should be hardened through enforcement of strong, unique passwords and implementation of two-factor authentication where supported. Keeping all software and firmware current with security patches is essential to eliminate known vulnerabilities that such actors attempt to exploit. Intrusion detection and logging systems should be configured to flag repeated connection attempts from this IP, and defensive tools such as fail2ban can automate the blocking of sources exhibiting brute-force or scanning behaviour.
ZA 
MX 
SC 
UA 
RO 
EG