185.100.86.154 Fraud Risk

Very high Risk
← Lowest Risk
Highest Risk →
0
Fraud Score: 100
100
We consider ​web traffic​ from IP address ​185.100.86.154​ to present a potentially very high fraud risk. This IP address is operated by whose web traffic we ​consider to present a potentially ​medium​ fraud risk, and is owned by ​FlokiNET ehf​ whose web traffic we​ also consider to present a potentially ​medium​ fraud risk. In each of these cases, non-web traffic may present a different risk or no risk at all. According to our most recent port scan, the IP address points to a server running the SSH server Dropbear sshd 2018.76 (protocol 2.0) on port 22. Scamalytics see high levels of web traffic from this IP address across our global network, ​almost all of which we suspect to be potentially fraudulent. Considering only the web traffic where we have visibility, we apply a risk score of 100​/100 to 185.100.86.154​, which reflects the proportion of this traffic which we suspect to be potentially fraudulent. If you see web traffic from this IP address there is potentially a very high risk that it is criminals engaged in fraudulent activity. Other types of traffic may present a different risk or no risk. The device on​ 185.100.86.154 is operating ​a TOR exit node, which could be proxying traffic from another geographical location. The geographical location of 185.100.86.154 is in Finland, however the geographical location of the user could be anywhere in the world.
IP Fraud Risk API
{
  "ip":"185.100.86.154",
  "score":"100",
  "risk":"very high"
}
        
Click here for details of our free usage tier, free trial, and pricing information.
Operator
Hostname torsrv0.snydernet.net
ASN 200651 - FLOKINET
ISP Name FlokiNET ehf
Organization Name n/a
Connection type n/a
Location
Country Name Finland
Country Code FI
Region Uusimaa
City Helsinki
Postal Code 230
Metro Code n/a
Area Code n/a
Latitude 60.2127
Longitude 24.9182
Port Scan
TCP
22/ssh
Open
Dropbear sshd 2018.76 (protocol 2.0)
TCP
443/ssl/https?
Open
TCP
8443/https-alt
Open
nghttpx
TCP
21/ftp
Closed
TCP
113/ident
Closed
TCP
554/rtsp
Open
Apple AirTunes rtspd
TCP
995/http
Open
lighttpd
TCP
8000/ipcam
Open
Hikvision IPCam control port
TCP
8080/ssl/http
Open
Apache httpd 2.4.25 ((Raspbian))
TCP
5060/sip
Closed
TCP
88/http
Open
lighttpd 1.4.31
TCP
111/rpcbind
Open
2-4 (RPC #100000)
TCP
25/smtp
Filtered
TCP
32768/filenet-tms
Closed
TCP
49152/unknown
Closed
TCP
49153/unknown
Closed
TCP
49154/unknown
Closed
TCP
49155/unknown
Closed
TCP
49156/unknown
Closed
TCP
49157/unknown
Closed
TCP
80/http
Open
Tor built-in httpd (DirPortFrontPage configured)
TCP
8081/blackice-icecap?
Open
TCP
53/domain
Closed
Proxies
Anonymizing VPN
No
Tor Exit Node
Yes
Server
No
Public Proxy
No
Web Proxy
No
Search Engine Robot
No
Domain Names
torsrv0.snydernet.net

IP Address data partner DB-IP.com:

Proxy data sponsored by IP2Proxy:

IMPORTANT: Scamalytics Ltd operate a fraud-detection network with visibility into many millions of internet users per month. We do not have visibility into the entire internet. The statements on this page represent our opinion based on the limited information we have available to us, and specifically only cover web connections made by internet users to websites and applications, not other connections such as server to server connections.