This IP is considered high risk and shows signs of malicious behavior. Strong indicators point to automated scanning or suspicious access attempts. This assessment is backed by strong and consistent detection signals. The combined indicators suggest a high overall security risk. Defensive measures such as rate limiting or blocking are recommended.
The IP exhibits signs of potential scanning behavior, including access to a well-known configuration endpoint resulting in a 404 response. The user-agent suggests a desktop environment, but the lack of JavaScript support raises concerns about automation. The IP is associated with a hosting provider, which adds to the suspicion.
The supernet (152.53.0.0/16), which this IP belongs to, exhibits suspicious behavior characterized by repetitive low-interaction visits, a high number of identical user agents, and a mix of legitimate and potentially malicious bot activity. The presence of multiple IPs with crawler-like behavior and some with mismatched DNS records raises concerns about coordinated automation and potential scraping activities.
Region: Vienna, Austria
City: Vienna
Local time: 2026-07-05 13:08:27