Maximum Danger
IP 5.29.10.22 is a critical-risk address originating from Hot-Net internet services Ltd. in Israel, associated with 395 high-confidence abuse reports predominantly documenting active hacking activity against exposed services.
Automated honeypot sensors across the network recorded 20 distinct hacking attempt reports attributed to this address over April 2026, yielding a threat-level score of 10 out of 10 and a 94 percent confidence rating. The IP's activity frequency of 8 out of 10 indicates sustained, persistent engagement with target systems rather than opportunistic or single-occurrence behaviour. AS12849, operated by Hot-Net internet services Ltd., serves as the originating network for this traffic. The volume and consistency of reports during this single-month window suggest an automated or semi-automated campaign actively scanning and probing internet-facing infrastructure.
Hacking activity encompasses a broad spectrum of intrusion attempts, including the exploitation of software vulnerabilities, credential-based attacks, and unauthorized access attempts against exposed services. The "attack connection" pattern observed in reports indicates this address has been documented establishing connections to honeypot endpoints in a manner consistent with reconnaissance and exploitation attempts. For organizations running publicly accessible services such as remote administration interfaces, web portals, or API endpoints, such sustained probing from a high-confidence malicious source represents a tangible risk of compromise if vulnerabilities or weak credentials exist.
Operators should consider blocking IP 5.29.10.22 at the firewall level or via intrusion-prevention rules, implementing aggressive rate-limiting on authentication interfaces to disrupt automated attack cycles, and enforcing strong multi-factor authentication on all remote-access services. Deploying tools such as fail2ban to dynamically update firewall rules based on failed authentication attempts provides an additional automated layer of defence. Continuous monitoring of abuse feeds and maintaining timely patching cycles remains essential to mitigate exposure to whatever specific exploitation vectors this address is targeting.
RO 
FR 
SE 
TR