108.181.3.239
IP Risk Score: 91 / 100
This IP is considered potentially malicious and poses a serious security threat. Activity from this IP is consistent with active and malicious behavior. This assessment is backed by strong and consistent detection signals. The IP represents a severe and confirmed security risk. Immediate blocking or mitigation is strongly recommended.
What is this IP address?
United States (US)
Conf. level: 100 / 100
Properties
Observed Client Profile
- OS: Android (100%)
- Device Type: Mobile (100%)
- Browser Family: Chrome (67%)
- Rendering Engine: Gecko (100%)
Behavioral Indicators
The IP has exhibited highly suspicious behavior, including multiple hits to admin paths and a significant number of honeypot interactions. The access pattern indicates potential brute-force attempts, particularly with repeated login POST requests. The use of a cloud hosting provider further raises concerns about the legitimacy of the traffic.
The supernet (108.181.0.0/16), which this IP belongs to, exhibits coordinated behavior indicative of automated scraping, with multiple IPs utilizing identical user agents and engaging in repetitive low-interaction visits to a specific site. The presence of multiple honeypot hits and failed login attempts suggests potential misuse of legitimate infrastructure for malicious purposes.
JavaScript Support
โ YesUser-Agent Samples
- Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Mobile Safari/537.36
- Mozilla/5.0 (Android 12; Mobile; rv:128.0) Gecko/128.0 Firefox/128.0
- Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Mobile Safari/537.36
IP Location
Region: California, United States
City: Los Angeles
Local time: 2026-06-23 03:07:00