This IP is considered potentially malicious and poses a serious security threat. Activity from this IP is consistent with active and malicious behavior. This assessment is backed by strong and consistent detection signals. The IP represents a severe and confirmed security risk. Immediate blocking or mitigation is strongly recommended.
The IP shows suspicious behavior with multiple access attempts to admin paths, including a login attempt with valid credentials. The presence of honeypot hits and lack of JavaScript support further indicate potential malicious intent. The traffic originates from a known hosting provider, raising concerns about automation.
The supernet (45.140.0.0/16), which this IP belongs to, exhibits coordinated behavior with multiple IPs using the same user agent 'Anthill' to access the same target website with repetitive, low-interaction requests. The lack of forward DNS matches and the use of hosting and proxy services suggest potential automation for scraping or other non-human activities.
Region: New York, United States
City: New York
Local time: 2026-07-05 08:57:54