This IP is considered potentially malicious and poses a serious security threat. Activity from this IP is consistent with active and malicious behavior. This assessment is backed by strong and consistent detection signals. The IP represents a severe and confirmed security risk. Immediate blocking or mitigation is strongly recommended.
The IP has exhibited suspicious behavior with multiple access attempts to admin paths, including a successful login attempt. The presence of honeypot hits and lack of JavaScript support further indicate potential malicious intent. The user-agent appears structured but may be spoofed given the context.
The supernet (213.232.0.0/16), which this IP belongs to, exhibits highly coordinated behavior indicative of automated scraping attempts, primarily targeting a specific site with repeated login attempts and low interaction page visits. The use of identical user agents across multiple IPs, combined with a high number of honeypot hits, suggests a malicious intent to exploit vulnerabilities, despite some legitimate infrastructure indicators.
Region: Γle-de-France, France
City: Paris
Local time: 2026-07-05 11:20:30