I have one small project running on Google Cloud. And during last couple of weeks I notice serious unexpected traffic to it and (a bit surprisingly in 2020-ths) additional bills for it. The volume of traffic is like
This is November. I am not seasoned in administration and Unixes so don't know this area and the site is not very important. What I tried:
iftop
Apache's access.log
What it can be? I understand that hackers can try to find vulnerabilities or guess password. But this doesn't look even as this. What is this? Is there any more or less simple way to block it?
Site's IP is 35.185.230.240