138.199.63.55
IP Risk Score: 79 / 100
This IP is considered high risk and shows signs of malicious behavior. Strong indicators point to automated scanning or suspicious access attempts. This assessment is backed by strong and consistent detection signals. The combined indicators suggest a high overall security risk. Defensive measures such as rate limiting or blocking are recommended.
What is this IP address?
United Kingdom (GB)
Conf. level: 100 / 100
Properties
Observed Client Profile
- OS: Windows (100%)
- Device Type: Desktop (100%)
- Browser Family: Chrome (100%)
- Rendering Engine: Gecko (100%)
Behavioral Indicators
The IP address exhibits strong indicators of automated behavior, including lack of JavaScript support and usage of a cloud hosting service. The user-agent appears to be a standard browser UA but is likely spoofed given the context. The access pattern is limited but suspicious due to the hosting and proxy characteristics.
The supernet (138.199.0.0/16), which this IP belongs to, exhibits suspicious behavior characterized by repetitive, low-interaction visits across multiple IPs, with a high incidence of 403 and honeypot hits. The use of identical user agents and a lack of forward DNS matches suggest potential automated scraping or bot activity, raising concerns about coordinated stealth automation and analytics pollution.
JavaScript Support
โ ๏ธ NoUser-Agent Samples
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.67 Safari/537.36
IP Location
Region: England, United Kingdom
City: London
Local time: 2026-06-22 15:18:34