This IP is considered high risk and shows signs of malicious behavior. Strong indicators point to automated scanning or suspicious access attempts. This assessment is backed by strong and consistent detection signals. The combined indicators suggest a high overall security risk. Defensive measures such as rate limiting or blocking are recommended.
The IP shows signs of automated behavior with a single POST request to a known XML-RPC endpoint, resulting in a 404 status. The absence of JavaScript support and the use of a generic user-agent suggest potential bot activity. Additionally, the lack of RDNS raises concerns about the legitimacy of the traffic.
The supernet (103.84.0.0/16), which this IP belongs to, exhibits signs of coordinated low-interaction behavior with multiple IPs showing repetitive access patterns to similar sites, suggesting possible automation or scraping activities. The presence of identical user agents across several IPs, along with DNS mismatches, raises concerns about potential misuse of legitimate infrastructure.
Region: Tamil Nadu, India
City: Sivakasi
Local time: 2026-07-05 15:38:59