I've noticed something strange happening on my business website, which is built on WordPress. Over the last two days, I've received around 2,000 visits from a single IP address owned by a local ISP. I also have HubSpot Buyer Intent enabled, and one business in particular shows up repeatedly in the analytics—an IT/CyberSecurity company that appears to be almost nonexistent outside of its locale. When I Googled the company, it seems to have just one employee and is located right within the ISP's service area. I've blocked and unblocked the IP range on both my CDN and the website, but the hits just keep coming. This whole situation is frustrating and feels unprofessional on their part. I'm starting to wonder if this individual is targeting my site maliciously or if others are experiencing similar issues. Given these details, am I justified in filing an IC3 report?
3 Answers
Filing an IC3 report might not be necessary here. It's likely just some automated traffic from a scraper or a scanning tool—not a denial of service attempt. I'd recommend blocking the IP and moving on. If you feel it's serious, contacting the ISP could be helpful too.
If the person is on the same ISP as you, they could just be scanning the network range. Opening a ticket with the ISP and informing their security team might help. It's worth reaching out to them!
But, crawling like that wouldn’t generate 2,000 hits. It's more likely they're actively checking your site every few seconds.
Blocking the IP seems like the best first step. It sounds like they could be scraping your content, which isn’t ideal. I'm not familiar with IC3 reports, but unless you have solid evidence they are being malicious, I'd just stick to blocking and monitoring.
Agreed! 2000 requests just don't scream 'threat' unless they're coming in all at once. Just keep an eye on your traffic and block any bad actors.
Exactly! 2,000 hits over two days isn’t even that concerning. It averages out to about 1 hit per minute, which isn't really a threat.