149.40.53.3
IP Risk Score: 71 / 100
This IP is considered high risk and shows signs of malicious behavior. Strong indicators point to automated scanning or suspicious access attempts. This assessment is backed by strong and consistent detection signals. The combined indicators suggest a high overall security risk. Defensive measures such as rate limiting or blocking are recommended.
What is this IP address?
United States (US)
Conf. level: 100 / 100
Properties
Observed Client Profile
- OS: Windows (100%)
- Device Type: Desktop (100%)
- Browser Family: Chrome (100%)
- Rendering Engine: Gecko (100%)
Behavioral Indicators
The IP address exhibits suspicious behavior with repeated access to restricted paths resulting in 403 errors. The lack of JavaScript support and the use of a proxy suggest automated activity. The user-agent appears to be spoofed, raising further concerns about the intent behind the access.
The supernet (149.40.0.0/16), which this IP belongs to, exhibits coordinated behavior characterized by repetitive, low-interaction visits across multiple IPs, suggesting potential automated scraping or bot activity. The use of identical user agents and a high number of honeypot hits indicates possible malicious intent, particularly with the presence of multiple POST requests to admin endpoints.
JavaScript Support
โ ๏ธ NoUser-Agent Samples
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
IP Location
Region: California, United States
City: Los Angeles
Local time: 2026-06-23 00:06:23