Extreme Threat
IP 35.187.13.22 is a critical-risk address operating from a Google LLC network in Belgium (AS396982) that has generated 332 abuse reports through automated honeypot sensors since March 2026, indicating sustained and aggressive hacking activity across multiple threat vectors.
The IP demonstrates an activity frequency of 8/10 with a 94% confidence score, placing it firmly in the highest threat tier. Detection data from 20 separate automated honeypot sensors captured the address performing general intrusion attempts, probing for vulnerable services, and attempting to exploit both web applications and IoT devices. Observed attack patterns include generic connection attempts, IoT device targeting, ElasticPot-style web application reconnaissance, and malware or exploit activity. All reported activity falls within a compressed two-month window from March through May 2026, indicating concentrated and deliberate hostile scanning behaviour.
The dominant threat category for IP 35.187.13.22 is general hacking activity encompassing unauthorized access attempts, vulnerability exploitation, and intrusion into exposed services. This IP also demonstrated interest in targeting IoT devices and web applications, suggesting a broad scanning methodology designed to identify any exploitable entry point across both server infrastructure and connected devices. The combination of multiple detection signatures indicates this address is part of automated attack infrastructure rather than opportunistic individual probing.
Site operators should immediately block or rate-limit connections from this IP at the network perimeter using firewall rules. Deploying fail2ban or similar dynamic blocking tools will automatically mitigate repeated connection attempts from hostile addresses. Web application firewalls provide essential protection against the probing activity detected, while regular security audits of web-facing applications and IoT device firmware updates reduce available attack surface. Network segmentation isolating IoT devices from critical infrastructure limits the impact of any successful compromise.
JP 
TW 
GB 
MX 
SC 
EG