This IP is considered high risk and shows signs of malicious behavior. Strong indicators point to automated scanning or suspicious access attempts. This assessment is backed by strong and consistent detection signals. The combined indicators suggest a high overall security risk. Defensive measures such as rate limiting or blocking are recommended.
The IP address shows suspicious behavior with multiple hits to a single site, including access to a favicon that returned a 404 status. The presence of honeypot hits indicates potential malicious intent. The traffic is coming from a proxy, and the user-agent appears to be a mobile browser, which can be easily spoofed. Overall, the combination of these factors raises significant concerns about the nature of this activity.
The supernet (104.232.0.0/16), which this IP belongs to, exhibits coordinated behavior with multiple IPs showing repetitive, low-interaction visits to the same site, utilizing a variety of user agents that appear to mimic legitimate browsers but lack proper DNS resolution. This suggests potential automation and scraping activity, raising concerns about analytics pollution and possible misuse of legitimate infrastructure.
Region: Texas, United States
City: Dallas
Local time: 2026-07-05 08:21:52