IP Risk Score: 83 / 100

This IP is considered potentially malicious and poses a serious security threat. Activity from this IP is consistent with active and malicious behavior. This assessment is backed by strong and consistent detection signals. The IP represents a severe and confirmed security risk. Immediate blocking or mitigation is strongly recommended.

Protect your system

What is this IP address?

IP Address: 152.249.6.38

Country: Brazil flag

Brazil (BR)

Region Name: São Paulo (SP)

City: Guarujá

ISP: Vivo

Organization: TELEF�NICA BRASIL S.A

Threat level: 83 / 100
Conf. level: 100 / 100

Properties

ASN: AS27699

AS Name: TELEFÔNICA BRASIL S.A

Timezone: America/Sao_Paulo

Reverse DNS: 152-249-6-38.user.vivozap.com.br

Status: Critical

Observed Client Profile

OS: Windows (100%)
Device Type: Desktop (100%)
Browser Family: Chrome (100%)
Rendering Engine: Gecko (100%)

Behavioral Indicators

The IP shows signs of automated behavior with a malformed user-agent and no JavaScript support, indicating potential bot activity. The access pattern is suspicious, particularly given the botnet detection signal.

The supernet (152.249.0.0/16), which this IP belongs to, exhibits signs of coordinated low-interaction behavior with repetitive one-page visits and a lack of legitimate user agent diversity. The use of identical RDNS entries and non-matching forward DNS raises suspicions of automated scraping or bot activity, though the absence of significant threat detection indicators suggests a lower immediate risk.

🕸️

Botnet Node

JavaScript Support

⚠️ No

User-Agent Samples

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Edg/120.0.0.0

Integrate IPIntel into your system

IP Location

Region: São Paulo, Brazil

City: Guarujá

Local time: 2026-06-23 07:06:39

Subnet
152.249.6.0/24
Supernet
152.249.0.0/16