IP Risk Score: 90 / 100

This IP is considered potentially malicious and poses a serious security threat. Activity from this IP is consistent with active and malicious behavior. This assessment is backed by strong and consistent detection signals. The IP represents a severe and confirmed security risk. Immediate blocking or mitigation is strongly recommended.

Protect your system

What is this IP address?

IP Address: 5.175.234.89

Country: United States flag

United States (US)

Region Name: Utah (UT)

City: Salt Lake City

ISP: FiberState, LLC

Organization: GHOSTnet GmbH

Threat level: 90 / 100
Conf. level: 100 / 100

Properties

ASN: AS26042

AS Name: FiberState, LLC

Timezone: America/Denver

Status: Critical Scraper

Proxy

Observed Client Profile

OS: Unknown (100%)
Device Type: Desktop (100%)
Browser Family: Unknown (100%)
Rendering Engine: Unknown (100%)

Behavioral Indicators

The IP exhibits suspicious behavior consistent with automated scanning, including a malformed user-agent and access to sensitive paths. The lack of RDNS and proxy usage further indicate potential malicious intent.

The supernet (5.175.0.0/16), which this IP belongs to, exhibits suspicious behavior characterized by repetitive, low-interaction visits to a specific site, with multiple IPs using similar user agents. The presence of a known scraper user agent and DNS mismatches raises concerns about automated scraping and potential misuse of legitimate infrastructure.

📡

Scanner

🐙

Scraper

User-Agent Samples

python-requests/2.27.1

Integrate IPIntel into your system

IP Location

Region: Utah, United States

City: Salt Lake City

Local time: 2026-06-26 07:27:46

Subnet
5.175.234.0/24
Supernet
5.175.0.0/16