18.175.230.20
IP Risk Score: 100 / 100
This IP is considered potentially malicious and poses a serious security threat. Activity from this IP is consistent with active and malicious behavior. This assessment is backed by strong and consistent detection signals. The IP represents a severe and confirmed security risk. Immediate blocking or mitigation is strongly recommended.
What is this IP address?
United Kingdom (GB)
Conf. level: 100 / 100
Properties
Observed Client Profile
- OS: Windows (100%)
- Device Type: Desktop (100%)
- Browser Family: Chrome (100%)
- Rendering Engine: Gecko (100%)
Behavioral Indicators
The IP address has exhibited highly suspicious behavior, characterized by a significant number of honeypot hits and repeated access to various admin paths, all resulting in 404 errors. The traffic appears automated, with no JavaScript support detected, and originates from a known cloud hosting provider. This indicates potential malicious intent.
The supernet (18.175.0.0/16), which this IP belongs to, exhibits suspicious behavior characterized by multiple IPs engaging in repetitive, low-interaction requests to the same site, with significant honeypot hits indicating potential automated scraping or probing. The use of diverse user agents across a few IPs, alongside a high volume of requests from one IP, suggests possible coordinated automation, raising concerns about analytics pollution and potential misuse of legitimate infrastructure.
JavaScript Support
โ ๏ธ NoUser-Agent Samples
- Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
IP Location
Region: England, United Kingdom
City: London
Local time: 2026-06-22 09:37:56