196.251.120.9 Fraud Risk

High Risk
← Lowest Risk
Highest Risk →
0
Fraud Score: 99
100
IP address 196.251.120.9 is a very high fraud risk. This IP address is owned by Host1Plus who are themselves a high risk ISP. Scamalytics see very high levels of traffic from this IP address across our global network, almost all of which is fraudulent. We apply a risk score of 99/100 to 196.251.120.9, meaning that of the traffic where we have visibility, 99% is suspected to be fraudulent. If you see traffic from this IP address there is a very high risk that it is criminals engaged in fraudulent activity. 196.251.120.9 is operating an anonymising VPN, which is likely to be proxying traffic from another geographical location. The geographical location of 196.251.120.9 is in South Africa, however the geographical location of the user could be anywhere in the world.
Operator
Hostname n/a
ASN 37692 - NetStack-AS
ISP Name Host1Plus
Organization Name Host1Plus
Connection type n/a
Location
Country Name South Africa
Country Code ZA
Region Gauteng
City Johannesburg
Postal Code 2000
Metro Code n/a
Area Code n/a
Latitude -26.2309
Longitude 28.0583
Port Scan
TCP
22/ssh
Open
OpenSSH 7.2 (protocol 2.0)
TCP
80/http
Closed
TCP
88/kerberos-sec
Closed
TCP
443/http-proxy
Open
Squid http proxy 3.5.25
TCP
8000/http-proxy
Open
Squid http proxy 3.5.20
TCP
3389/ms-wbt-server
Open
Microsoft Terminal Service
TCP
23/telnet
Filtered
TCP
53/tcpwrapped
Open
TCP
25/smtp
Closed
TCP
514/shell
Closed
TCP
1027/IIS
Closed
TCP
1110/nfsd-status
Closed
TCP
2001/dc
Closed
TCP
8080/http-proxy
Open
Squid http proxy 3.5.20
TCP
81/http
Open
DB Power IP Camera HTTP/ONVIF/P2P/RTSP/VOD multi-server
TCP
1900/upnp
Closed
TCP
5000/http
Open
nginx
Proxies
Anonymizing VPN
Yes
Tor Exit Node
No
Server
No
Public Proxy
No
Web Proxy
No
Domain Names

IP address data sponsored by IP2Location

Execution time: 13ms