IP Risk Score: 66 / 100

This IP presents a moderate risk and may be associated with automated activity. Moderate behavioral signals suggest possible automated probing or scanning. This assessment is backed by strong and consistent detection signals. The combined signals place this IP in a moderate risk category. Monitoring is recommended, with defensive action considered if activity continues.

Detect suspicious IPs early

What is this IP address?

IP Address: 138.185.185.85

Country: Brazil flag

Brazil (BR)

Region Name: Rio Grande do Sul (RS)

City: Torres

ISP: RM dos Santos Informatica

Organization: RM dos Santos Informatica

Threat level: 66 / 100
Conf. level: 100 / 100

Properties

ASN: AS61893

AS Name: RM dos Santos Informatica

Timezone: America/Sao_Paulo

Reverse DNS: 138.185.185.85.rmstelecom.net.br

Status: Suspicious

Observed Client Profile

OS: Android (100%)
Device Type: Mobile (100%)
Browser Family: Chrome (100%)
Rendering Engine: Gecko (100%)

Behavioral Indicators

The IP shows signs of potential automated activity, including a botnet detection signal and lack of JavaScript support. The user-agent appears to be a mobile device but may be spoofed. The behavior suggests possible reconnaissance or probing.

The supernet (138.185.0.0/16), which this IP belongs to, exhibits signs of coordinated automation with repetitive low-interaction visits and a variety of user agents, some of which are indicative of potential scraping behavior. The presence of multiple IPs with mismatched DNS records raises suspicion about the legitimacy of the traffic, suggesting possible misuse of infrastructure.

🕸️

Botnet Node

JavaScript Support

⚠️ No

User-Agent Samples

Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.5333.1272 Mobile Safari/537.36

Integrate IPIntel into your system

IP Location

Region: Rio Grande do Sul, Brazil

City: Torres

Local time: 2026-06-26 04:56:59

Subnet
138.185.185.0/24
Supernet
138.185.0.0/16