138.199.35.3
IP Risk Score: 90 / 100
This IP is considered potentially malicious and poses a serious security threat. Activity from this IP is consistent with active and malicious behavior. This assessment is backed by strong and consistent detection signals. The IP represents a severe and confirmed security risk. Immediate blocking or mitigation is strongly recommended.
What is this IP address?
United States (US)
Conf. level: 100 / 100
Properties
Observed Client Profile
- OS: Windows (100%)
- Device Type: Desktop (100%)
- Browser Family: Chrome (100%)
- Rendering Engine: Gecko (100%)
Behavioral Indicators
The IP address has shown repeated access attempts to restricted paths resulting in 403 errors, indicating potential probing behavior. The lack of JavaScript support further suggests automated activity. Additionally, the IP is associated with a hosting provider, raising concerns about the nature of the traffic.
The supernet (138.199.0.0/16), which this IP belongs to, exhibits suspicious behavior characterized by repetitive, low-interaction visits across multiple IPs, with a high incidence of 403 and honeypot hits. The use of identical user agents and a lack of forward DNS matches suggest potential automated scraping or bot activity, raising concerns about coordinated stealth automation and analytics pollution.
JavaScript Support
โ ๏ธ NoUser-Agent Samples
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
IP Location
Region: California, United States
City: Los Angeles
Local time: 2026-06-22 04:24:13