149.40.62.25
IP Risk Score: 81 / 100
This IP is considered potentially malicious and poses a serious security threat. Activity from this IP is consistent with active and malicious behavior. This assessment is backed by strong and consistent detection signals. The IP represents a severe and confirmed security risk. Immediate blocking or mitigation is strongly recommended.
What is this IP address?
United States (US)
Conf. level: 100 / 100
Properties
Observed Client Profile
- OS: Android (100%)
- Device Type: Desktop (100%)
- Browser Family: Safari (100%)
- Rendering Engine: Gecko (100%)
Behavioral Indicators
The IP shows signs of automated behavior with a single POST request to a common endpoint, resulting in a 404 status. The user-agent appears to be a mobile browser, which can be easily spoofed. The traffic originates from a hosting provider, raising concerns about potential scraping or probing activity.
The supernet (149.40.0.0/16), which this IP belongs to, exhibits coordinated behavior characterized by repetitive, low-interaction visits across multiple IPs, suggesting potential automated scraping or bot activity. The use of identical user agents and a high number of honeypot hits indicates possible malicious intent, particularly with the presence of multiple POST requests to admin endpoints.
JavaScript Support
โ ๏ธ NoUser-Agent Samples
- Mozilla/5.0 (Linux; Android 10; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/100.0.0.0 Safari/537.36
IP Location
Region: Washington, United States
City: Seattle
Local time: 2026-06-22 05:24:30