138.199.21.243
IP Risk Score: 100 / 100
This IP is considered potentially malicious and poses a serious security threat. Activity from this IP is consistent with active and malicious behavior. This assessment is backed by strong and consistent detection signals. The IP represents a severe and confirmed security risk. Immediate blocking or mitigation is strongly recommended.
What is this IP address?
Japan (JP)
Conf. level: 100 / 100
Properties
Observed Client Profile
- OS: Windows (100%)
- Device Type: Desktop (100%)
- Browser Family: Chrome (100%)
- Rendering Engine: Gecko (100%)
Behavioral Indicators
The IP address exhibits suspicious behavior with multiple 403 hits and a lack of JavaScript support, indicating potential automated probing. The presence of honeypot hits further suggests malicious intent. The traffic originates from a hosting provider, raising concerns about the legitimacy of the access.
The supernet (138.199.0.0/16), which this IP belongs to, exhibits suspicious behavior characterized by repetitive, low-interaction visits across multiple IPs, with a high incidence of 403 and honeypot hits. The use of identical user agents and a lack of forward DNS matches suggest potential automated scraping or bot activity, raising concerns about coordinated stealth automation and analytics pollution.
JavaScript Support
โ ๏ธ NoUser-Agent Samples
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
IP Location
Region: Tokyo, Japan
City: Tokyo
Local time: 2026-06-22 21:26:06