This IP is considered potentially malicious and poses a serious security threat. Activity from this IP is consistent with active and malicious behavior. This assessment is backed by strong and consistent detection signals. The IP represents a severe and confirmed security risk. Immediate blocking or mitigation is strongly recommended.
The IP has exhibited suspicious behavior with multiple access attempts to admin paths, including a login attempt with valid credentials. The presence of honeypot hits and lack of JavaScript support further indicate potential malicious intent. The use of a proxy adds to the risk profile.
The supernet (213.232.0.0/16), which this IP belongs to, exhibits highly coordinated behavior indicative of automated scraping attempts, primarily targeting a specific site with repeated login attempts and low interaction page visits. The use of identical user agents across multiple IPs, combined with a high number of honeypot hits, suggests a malicious intent to exploit vulnerabilities, despite some legitimate infrastructure indicators.
Region: Uusimaa, Finland
City: Helsinki
Local time: 2026-07-05 13:09:27