This IP is considered high risk and shows signs of malicious behavior. Strong indicators point to automated scanning or suspicious access attempts. This assessment is backed by strong and consistent detection signals. The combined indicators suggest a high overall security risk. Defensive measures such as rate limiting or blocking are recommended.
The IP has exhibited suspicious behavior with multiple access attempts to admin paths, including a login attempt with valid credentials. The presence of honeypot hits and lack of JavaScript support further indicate potential malicious intent. The user-agent appears structured but may be spoofed given the context.
The supernet (213.232.0.0/16), which this IP belongs to, exhibits highly coordinated behavior indicative of automated scraping attempts, primarily targeting a specific site with repeated login attempts and low interaction page visits. The use of identical user agents across multiple IPs, combined with a high number of honeypot hits, suggests a malicious intent to exploit vulnerabilities, despite some legitimate infrastructure indicators.
Region: Γle-de-France, France
City: Paris
Local time: 2026-07-05 10:20:17