Elevated Risk
IP 5.187.35.26 is a high-risk address operating from the Netherlands with a threat level of 8/10 and a 94% confidence score, associated with 1811 abuse reports filed through automated honeypot sensors between March and May 2026.
The IP traces to AS206264, operated by Amarutu Technology Ltd, and has been flagged with a persistent activity frequency of 8/10 over this three-month window. All 20 most recent threat reports consistently cite hacking activity as the dominant category, with no signs of tapering in the detection timeline. The volume of reports and sustained attack cadence suggest this is not opportunistic scanning but a systematically deployed asset engaged in ongoing intrusion attempts against exposed services worldwide.
Hacking activity in this context encompasses a broad spectrum of unauthorized access attempts, vulnerability exploitation, and intrusion behaviors detected by honeypot sensors designed to emulate vulnerable services. The real-world risk to any exposed SSH, Telnet, HTTP, or database interface lies in the potential for credential compromise, firmware exploitation, or lateral movement within a network once initial access is achieved.
Site operators should block or heavily rate-limit traffic from this address at the firewall or edge device level, implement fail2ban or similar dynamic denial-of-service tools to automatically ban repeat offenders, enforce strong multi-factor authentication on all remote-access services, and maintain rigorous patching cycles to close known vulnerabilities that exploitation toolkits commonly target.
SC 
RO 
FR 
SE 
TR