Identicon of IP address 185.239.237.216

185.239.237.216

IP Risk Score: 90 / 100

This IP is considered potentially malicious and poses a serious security threat. Activity from this IP is consistent with active and malicious behavior. This assessment is backed by strong and consistent detection signals. The IP represents a severe and confirmed security risk. Immediate blocking or mitigation is strongly recommended.

What is this IP address?
IP Address: 185.239.237.216
Country: Germany flag Germany (DE)
Region Name: North Rhine-Westphalia (NW)
City: Münster
ISP: ZAP-Hosting GmbH
Organization: Dezaphosting2002
Threat level: 90 / 100
Conf. level: 100 / 100
Properties
ASN: AS206996
AS Name: ZAP-Hosting GmbH
Timezone: Europe/Berlin
Reverse DNS: dedicated-zap1252237-1.zap-srv.com
Status: Critical

Observed Client Profile
  • OS: Windows (100%)
  • Device Type: Desktop (100%)
  • Browser Family: Chrome (100%)
  • Rendering Engine: Gecko (100%)
Behavioral Indicators

The IP has triggered a honeypot hit, indicating potential malicious intent. It shows a single access event with a common user-agent, but the lack of JavaScript support and the hosting infrastructure raise significant concerns about automated behavior.

The supernet (185.239.0.0/16), which this IP belongs to, exhibits behavior indicative of automated scraping or bot activity, with multiple IPs utilizing similar user agents and engaging in repetitive, low-interaction visits to the same target. The presence of DNS mismatches and a lack of legitimate forward DNS resolution further raises suspicions of coordinated stealth automation.

🍯
Honeypot Hit
JavaScript Support
⚠️ No
User-Agent Samples
  • Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36

IP Location

Region: North Rhine-Westphalia, Germany

City: Münster

District: Hiltrup

Local time: 2026-07-04 00:37:36