This IP is considered high risk and shows signs of malicious behavior. Strong indicators point to automated scanning or suspicious access attempts. This assessment is backed by strong and consistent detection signals. The combined indicators suggest a high overall security risk. Defensive measures such as rate limiting or blocking are recommended.
The IP address exhibits signs of automated behavior, including the use of a non-standard user-agent and lack of JavaScript support. It originates from a hosting provider and has no reverse DNS, indicating potential evasion tactics. The single access event raises concerns about its intent.
The supernet (45.80.0.0/16), which this IP belongs to, exhibits suspicious behavior characterized by repetitive, low-interaction visits to specific pages, primarily using identical user agents across multiple IPs, which suggests potential automated scraping or bot activity. The presence of multiple IPs with mismatched DNS records and a significant number of honeypot hits indicates a coordinated effort that raises concerns about automation and possible malicious intent.
Region: New York, United States
City: New York
Local time: 2026-07-05 03:25:00