This IP is considered high risk and shows signs of malicious behavior. Strong indicators point to automated scanning or suspicious access attempts. This assessment is backed by strong and consistent detection signals. The combined indicators suggest a high overall security risk. Defensive measures such as rate limiting or blocking are recommended.
The IP address exhibits characteristics of automated behavior, including the use of a generic user-agent and proxy infrastructure. The lack of reverse DNS and the nature of the access suggest potential scraping or probing activity.
The supernet (77.90.0.0/16), which this IP belongs to, exhibits coordinated behavior indicative of automated scraping attempts, with multiple IPs utilizing similar user agents and targeting specific resources across a limited number of sites. The presence of honeypot hits and repeated access to sensitive files suggests malicious intent, despite some legitimate-looking infrastructure.
Region: Limburg, The Netherlands
City: Eygelshoven
Local time: 2026-07-05 00:37:36