This IP is considered high risk and shows signs of malicious behavior. Strong indicators point to automated scanning or suspicious access attempts. This assessment is backed by strong and consistent detection signals. The combined indicators suggest a high overall security risk. Defensive measures such as rate limiting or blocking are recommended.
The IP exhibits high-frequency access using a known automation tool (python-httpx) with no JavaScript support detected. The traffic is concentrated on a single site, indicating potential scraping activity. The lack of RDNS and the cloud hosting origin further raise concerns about the legitimacy of this behavior.
The supernet (178.170.0.0/16), which this IP belongs to, exhibits signs of coordinated automated behavior, with multiple IPs utilizing similar user agents and generating repetitive low-interaction traffic, primarily resulting in 403 errors. The presence of proxy and hosting IPs, along with DNS mismatches, raises suspicions of potential scraping or botnet activity.
Region: Moscow, Russia
City: Moscow
Local time: 2026-07-03 19:57:00