IP Address

147.185.133.125

IPv4 Public
US US
AS396982
GOOGLE-CLOUD-PLATFORM
635 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
10/10 Threat
70% Confidence
635 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 10% High Threat
US
US Location
GOOGLE-CLOUD-PLATFORM ASN 396982
635 Reports
Honeypot Data Source

Severe Risk

IP 147.185.133.125 is a critical-risk address operating from Google Cloud Platform infrastructure in the United States, carrying a perfect 10/10 threat level derived from 632 total abuse reports and consistent engagement with automated honeypot sensors over approximately seven months of observed activity.

Automated honeypot sensors first detected this IP in October 2025, with sustained malicious activity continuing through May 2026. The 632 reports are entirely categorized as hacking-related intrusion attempts, with all attribution originating from honeypot sensors at a 70% confidence rating. The consistent activity frequency of 5/10 across the seven-month observation window indicates persistent rather than opportunistic behavior. The address routes through AS396982 (GOOGLE-CLOUD-PLATFORM), suggesting the actor is leveraging cloud-based infrastructure either for anonymity or as a stable pivot point for widespread scanning operations.

The dominant threat category—general hacking activity—encompasses unauthorized access attempts, exploitation probing of services, and vulnerability scanning against exposed entry points. With 632 confirmed connection attempts logged against honeypot infrastructure, this IP has almost certainly conducted parallel reconnaissance against production environments. The sustained nature of the activity strongly implies automated scanning tool usage, likely as part of credential stuffing, brute-force, or vulnerability exploitation campaigns targeting exposed SSH, RDP, HTTP interfaces, or other network-accessible services.

Site operators should immediately block this IP at the network perimeter or firewall level given its critical threat designation. Implementing fail2ban,CrowdSec, or similar dynamic deny-listing tools can automate blocking based on honeypot and log-derived signals. Multi-factor authentication should be enforced across all externally accessible authentication endpoints, and exposure of unnecessary services should be minimized through network segmentation. Continuous monitoring of authentication logs for patterns consistent with the observed intrusion attempts will help identify any successful compromise attempts.

More threatening than 92% of monitored IPs

Threat Categories

Hacking 30

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Behavioral Analysis

Activity Pattern: Consistent Activity

Steady malicious activity over 3 weeks indicates persistent threat actor operations.

First Observed 15. May 2026
Last Activity 7. June 2026
Recent (7 days) 3 incidents

Cloud Infrastructure

This IP operates from Google Cloud Platform cloud infrastructure. Cloud-hosted threats can be provisioned and abandoned quickly, affecting attribution.

Cloud-hosted malicious activity often indicates automated or scalable attack infrastructure.

Security Recommendations

Long-term blocking recommended.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 3/10 Low
Confidence Score 70% High Confidence

Confidence History

31. Mar 2026 - 7. Jun 2026
70% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
10 of 635 shown

Technical Details

Basic Information

IP Address
147.185.133.125
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class B

Geolocation

Country
US US
ASN
AS396982
ISP
GOOGLE-CLOUD-PLATFORM

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
635
First Reported
5 Oct 2025
Last Reported
7 Jun 2026, 10:01

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS396982
Google LLC
JP JP

Network Threat Assessment

2/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

4,147
Total IPs Monitored
193,206
Total Reports
46.6
Reports per IP

Network Context

This IP address belongs to Google LLC (AS396982), which manages 4,147 IP addresses in our monitoring system. Out of these, 193,206 have been reported for suspicious activities, resulting in a network-wide threat level of 2/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

92 %

Global Threat Ranking

This IP is more threatening than 92% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,713 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 635 avg: 23 ++

Network Comparison

Compared against 6,036 IPs in ASN 396982

Threat Level 10/10 network avg: 6.9 +
Total Reports 635 network avg: 36 ++
Network GOOGLE-CLOUD-PLATFORM has overall threat level 2/10

Geographic Comparison

Compared against 38,468 IPs in US

Threat Level 10/10 country avg: 5.9 ++
Total Reports 635 country avg: 41 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,375 threat incidents tracked globally • Last 24h: 18,936 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US THIS IP
    38,468 20.5%
  2. 02
    IN
    India IN
    29,136 15.5%
  3. 03
    CN
    China CN
    26,029 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE
    7,144 3.8%
  6. 06
    SG
    Singapore SG
    6,476 3.5%
  7. 07
    ID
    Indonesia ID
    5,551 3%
  8. 08
    RU
    Russia RU
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,677 2.5%
  10. 10
    NL
    Netherlands NL
    4,358 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
9/10 Avg Threat
97% Avg Confidence
18 High Threat
High-risk network: Majority of related IPs are flagged
35.226.7.126 8/10
Confidence 100%
Reports 131
Location US US
18 May 2026
104.155.29.73 8/10
Confidence 100%
Reports 71
Location BE BE
9 Jun 2026
35.225.56.202 10/10
Confidence 100%
Reports 50
Location US US
30 May 2026
34.39.58.191 8/10
Confidence 99%
Reports 108
Location GB GB
3 May 2026
34.135.200.178 10/10
Confidence 99%
Reports 55
Location US US
6 Jun 2026
34.71.30.159 10/10
Confidence 99%
Reports 47
Location US US
6 Jun 2026
146.148.26.145 10/10
Confidence 98%
Reports 229
Location BE BE
7 Feb 2026
34.76.134.123 10/10
Confidence 98%
Reports 122
Location BE BE
6 Feb 2026
34.80.97.94 8/10
Confidence 97%
Reports 22
Location TW TW
25 Feb 2026
34.72.208.101 10/10
Confidence 97%
Reports 20
Location US US
26 May 2026
34.101.189.231 8/10
Confidence 97%
Reports 14
Location ID ID
6 Jun 2026
34.14.33.150 8/10
Confidence 96%
Reports 325
Location BE BE
9 Jun 2026
35.187.31.145 10/10
Confidence 96%
Reports 223
Location BE BE
27 Feb 2026
35.241.212.143 10/10
Confidence 96%
Reports 210
Location BE BE
28 Feb 2026
34.77.70.250 10/10
Confidence 96%
Reports 205
Location BE BE
14 Feb 2026
35.233.5.189 10/10
Confidence 96%
Reports 199
Location BE BE
5 Mar 2026
34.14.103.46 6/10
Confidence 96%
Reports 193
Location BE BE
24 Feb 2026
104.199.46.221 6/10
Confidence 96%
Reports 174
Location BE BE
28 Feb 2026
34.72.239.183 10/10
Confidence 96%
Reports 168
Location US US
20 May 2026
35.233.24.129 10/10
Confidence 96%
Reports 154
Location BE BE
2 Feb 2026

IPs from the same subnet range, likely same network segment.

20 Related IPs
10/10 Avg Threat
95% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
147.185.133.47 10/10
Confidence 96%
Reports 69
Location US US
6 Jun 2026
147.185.133.84 10/10
Confidence 96%
Reports 66
Location US US
9 Jun 2026
147.185.133.112 10/10
Confidence 96%
Reports 45
Location US US
5 Jun 2026
147.185.133.100 10/10
Confidence 95%
Reports 64
Location US US
7 Jun 2026
147.185.133.222 10/10
Confidence 95%
Reports 64
Location US US
6 Jun 2026
147.185.133.68 10/10
Confidence 95%
Reports 63
Location US US
7 Jun 2026
147.185.133.201 10/10
Confidence 95%
Reports 56
Location US US
6 Jun 2026
147.185.133.88 10/10
Confidence 95%
Reports 50
Location US US
7 Jun 2026
147.185.133.99 10/10
Confidence 94%
Reports 72
Location US US
6 Jun 2026
147.185.133.76 10/10
Confidence 94%
Reports 68
Location US US
7 Jun 2026
147.185.133.3 10/10
Confidence 94%
Reports 68
Location US US
9 Jun 2026
147.185.133.48 10/10
Confidence 94%
Reports 67
Location US US
6 Jun 2026
147.185.133.30 10/10
Confidence 94%
Reports 65
Location US US
8 Jun 2026
147.185.133.57 10/10
Confidence 94%
Reports 64
Location US US
5 Jun 2026
147.185.133.249 10/10
Confidence 94%
Reports 63
Location US US
4 Jun 2026
147.185.133.69 10/10
Confidence 94%
Reports 62
Location US US
7 Jun 2026
147.185.133.124 10/10
Confidence 94%
Reports 62
Location US US
7 Jun 2026
147.185.133.65 10/10
Confidence 94%
Reports 61
Location US US
7 Jun 2026
147.185.133.167 10/10
Confidence 94%
Reports 58
Location US US
3 Jun 2026
147.185.133.52 10/10
Confidence 94%
Reports 58
Location US US
6 Jun 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.3/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
208.109.188.137 8/10
Confidence 100%
Reports 514
ISP GO-DADDY-COM-LLC
9 Jun 2026
50.6.7.129 8/10
Confidence 100%
Reports 447
ISP ORACLE-BMC-31898
22 May 2026
72.167.150.128 8/10
Confidence 100%
Reports 429
ISP GO-DADDY-COM-LLC
27 May 2026
50.6.229.148 8/10
Confidence 100%
Reports 346
ISP ORACLE-BMC-31898
9 May 2026
87.121.84.30 8/10
Confidence 100%
Reports 295
ISP Vpsvault.host Ltd
20 Apr 2026
50.6.226.221 10/10
Confidence 100%
Reports 223
ISP ORACLE-BMC-31898
2 Mar 2026
31.57.184.107 8/10
Confidence 100%
Reports 202
ISP Netiface LLC
3 Jun 2026
64.31.25.250 8/10
Confidence 100%
Reports 176
ISP Limestone Netwo...
8 Jun 2026
74.206.180.196 8/10
Confidence 100%
Reports 143
ISP MOJOHOST
4 Jun 2026
35.226.7.126 8/10
Confidence 100%
Reports 131
ISP Google LLC
18 May 2026
147.135.37.185 8/10
Confidence 100%
Reports 131
ISP OVH SAS
14 May 2026
162.241.152.21 8/10
Confidence 100%
Reports 126
ISP Network Solutio...
8 Jun 2026
38.95.35.74 8/10
Confidence 100%
Reports 112
ISP Limestone Netwo...
2 Jun 2026
50.6.169.131 8/10
Confidence 100%
Reports 106
ISP Network Solutio...
6 Jun 2026
162.214.206.32 10/10
Confidence 100%
Reports 98
ISP Unified Layer
30 May 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.7/10 Avg Threat
70% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
207.90.244.26 8/10
Confidence 70%
Reports 17,657
Location US US
9 Jun 2026
45.82.78.103 10/10
Confidence 70%
Reports 3,928
Location DE DE
9 Jun 2026
93.157.248.178 10/10
Confidence 70%
Reports 2,846
Location RU RU
17 May 2026
208.3.195.65 8/10
Confidence 70%
Reports 1,337
Location US US
12 Apr 2026
111.61.229.78 10/10
Confidence 70%
Reports 1,065
Location CN CN
2 Jun 2026
118.193.68.150 10/10
Confidence 70%
Reports 942
Location KR KR
3 Jun 2026
162.216.150.133 10/10
Confidence 70%
Reports 834
Location US US
9 Jun 2026
35.203.211.233 10/10
Confidence 70%
Reports 791
Location GB GB
8 Jun 2026
103.226.138.52 10/10
Confidence 70%
Reports 705
Location ID ID
7 Jun 2026
94.74.182.167 10/10
Confidence 70%
Reports 688
Location US US
12 Nov 2025
169.150.203.62 10/10
Confidence 70%
Reports 663
Location US US
8 Nov 2025
101.36.116.45 10/10
Confidence 70%
Reports 541
Location HK HK
7 Jun 2026
35.203.210.113 10/10
Confidence 70%
Reports 525
Location GB GB
8 Jun 2026
49.115.217.27 10/10
Confidence 70%
Reports 509
Location CN CN
8 Jun 2026
103.181.143.216 10/10
Confidence 70%
Reports 495
Location ID ID
9 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "147.185.133.125",
    "threat_level": 10,
    "confidence_score": 70,
    "total_reports": 635,
    "country_code": "US",
    "isp_name": "GOOGLE-CLOUD-PLATFORM",
    "asn": "396982",
    "first_reported": "2025-10-05 08:34:18",
    "last_reported": "2026-06-07 10:01:39",
    "exported_at": "2026-06-09T10:43:51+02:00",
    "source": "https://reportedip.de/ip/147.185.133.125/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses