Elevated Risk
IP 45.91.64.6 is a high-risk address originating from Russia within network AS214664 (JSC Buduschee), assessed at threat level 8/10 with 508 total abuse reports from automated honeypot sensors, indicating sustained and aggressive intrusion activity targeting exposed services across the internet.
The address demonstrates an activity frequency rated 8/10, with detection across 20 distinct automated honeypot sensors over approximately six months, from December 2025 through June 2026. Analysis of the report categories shows Hacking activity dominating with 19 confirmed instances, complemented by a single Web App Attack report. Network-level analysis by detection sensors identified anomalous TCP behavior, specifically malformed acknowledgment packets indicative of reconnaissance or evasion techniques. Application-layer sensors captured targeted web probing consistent with vulnerability scanning methodologies.
The sustained volume and diversity of hostile traffic from IP 45.91.64.6 presents a concrete risk to any exposed SSH, RDP or similar authentication interfaces and web-facing applications. The detected network anomalies suggest the actor may be conducting connection manipulation to bypass basic detection or probing for stateful firewall weaknesses, while the web application activity points to active scanning for injection, inclusion or authentication bypass vulnerabilities in internet-facing software.
Site operators should block or significantly restrict access from this IP address at the network perimeter firewall, implement automated abuse-management tools such as fail2ban to detect and block repeated connection attempts, enforce strong multi-factor authentication on all remote-access services, and ensure all internet-facing applications are current with security patches and monitored for exploitation attempts matching OWASP Top 10 patterns.
HK 
UA 
IR 
NO