This IP is considered high risk and shows signs of malicious behavior. Strong indicators point to automated scanning or suspicious access attempts. This assessment is backed by strong and consistent detection signals. The combined indicators suggest a high overall security risk. Defensive measures such as rate limiting or blocking are recommended.
The IP exhibits signs of automated behavior, including lack of JavaScript support and use of a proxy. The user-agent appears to be a standard browser UA, but the context suggests potential evasion tactics. The single access event raises concerns about the intent behind the request.
The supernet (185.239.0.0/16), which this IP belongs to, exhibits behavior indicative of automated scraping or bot activity, with multiple IPs utilizing similar user agents and engaging in repetitive, low-interaction visits to the same target. The presence of DNS mismatches and a lack of legitimate forward DNS resolution further raises suspicions of coordinated stealth automation.
Region: Cherkasy Oblast, Ukraine
City: Kaniv
Local time: 2026-07-05 04:28:53