IP Risk Score: 82 / 100

This IP is considered potentially malicious and poses a serious security threat. Activity from this IP is consistent with active and malicious behavior. This assessment is backed by strong and consistent detection signals. The IP represents a severe and confirmed security risk. Immediate blocking or mitigation is strongly recommended.

Protect your system

What is this IP address?

IP Address: 170.238.51.11

Country: Brazil flag

Brazil (BR)

Region Name: São Paulo (SP)

City: Amparo

ISP: Desktop Sigmanet Comunicação Multimídia SA

Organization: Desktop Sigmanet Comunicação Multimídia SA

Threat level: 82 / 100
Conf. level: 100 / 100

Properties

ASN: AS28649

AS Name: Desktop Sigmanet Comunicação Multimídia SA

Timezone: America/Sao_Paulo

Status: Critical

Observed Client Profile

OS: Android (100%)
Device Type: Mobile (100%)
Browser Family: Chrome (100%)
Rendering Engine: Gecko (100%)

Behavioral Indicators

The IP shows signs of automated behavior with a mobile user-agent that lacks JavaScript support. The request to a potentially sensitive path raises concerns, especially given the botnet detection signal. The absence of RDNS further complicates the assessment.

The supernet (170.238.0.0/16), which this IP belongs to, exhibits suspicious behavior characterized by low-interaction, repetitive visits with a mix of outdated and modern user agents. The presence of identical or crawler-like user agents across multiple IPs, combined with DNS mismatches, suggests potential automation and scraping activities, raising concerns about coordinated stealth operations.

🕸️

Botnet Node

JavaScript Support

⚠️ No

User-Agent Samples

Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.3101.1869 Mobile Safari/537.36

Integrate IPIntel into your system

IP Location

Region: São Paulo, Brazil

City: Amparo

Local time: 2026-06-23 11:34:42

Subnet
170.238.51.0/24
Supernet
170.238.0.0/16