199.115.116.82 Fraud Risk

Very high Risk
← Lowest Risk
Highest Risk →
0
Fraud Score: 100
100
IP address ​​199.115.116.82 is operated by ​Marshire Inc whose ​​web traffic we consider to present a potentially very high​ fraud risk. This IP address is owned by ​​Leaseweb USA whose web traffic we also consider to present a potentially high fraud risk. In both cases, non-web traffic may present a different risk or no risk at all. According to our most recent port scan, the IP address points to a server running the proxy server 3Proxy http proxy on port 80, as well as the SSH server OpenSSH 5.5p1 Debian 6+squeeze3 (protocol 2.0) on port 22. Scamalytics see very high levels of traffic from Marshire Inc across our global network, ​almost all of which we suspect to be potentially fraudulent. We have no visibility into the web traffic directly from ​199.115.116.82​, and therefore apply a risk score of ​100​/100 based on the overall risk from ​Marshire Inc​’s IP addresses where we do have visibility. If you see web traffic from this IP address there is potentially a very high risk that it is criminals engaged in fraudulent activity. Other types of traffic may present a different risk or no risk. The device on​ 199.115.116.82 is operating ​an anonymising VPN, which could be proxying traffic from another geographical location. The geographical location of 199.115.116.82 is in the United States, however the geographical location of the user could be anywhere in the world.
IP Fraud Risk API
{
  "ip":"199.115.116.82",
  "score":"100",
  "risk":"very high"
}
        
Click here for details of our free usage tier, free trial, and pricing information.
Operator
Hostname n/a
ASN 30633 - LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc.
ISP Name Leaseweb USA
Organization Name Marshire Inc
Connection type n/a
Location
Country Name United States
Country Code US
Region District of Columbia
City Washington D.C.
Postal Code 20068
Metro Code n/a
Area Code n/a
Latitude 38.9072
Longitude -77.0369
Port Scan
TCP
139/netbios-ssn
Filtered
TCP
443/ssl/http-proxy
Open
(proxy authentication required)
TCP
3389/tcpwrapped
Open
TCP
25/smtp
Filtered
TCP
179/bgp
Filtered
TCP
22/ssh
Open
OpenSSH 5.5p1 Debian 6+squeeze3 (protocol 2.0)
TCP
53/domain
Open
TCP
80/http-proxy
Open
3Proxy http proxy
TCP
1723/pptp
Open
linux (Firmware: 1)
TCP
113/ident
Closed
TCP
5060/sip?
Open
TCP
389/ldap
Filtered
TCP
646/ldp
Filtered
TCP
1720/h323q931
Filtered
TCP
2000/cisco-sccp
Filtered
TCP
135/msrpc
Filtered
TCP
445/microsoft-ds
Filtered
TCP
1025/NFS-or-IIS
Filtered
TCP
1026/LSA-or-nterm
Filtered
TCP
1027/IIS
Filtered
TCP
1028/unknown
Filtered
TCP
1029/ms-lsa
Filtered
TCP
3128/squid-http
Filtered
TCP
111/rpcbind
Open
2-4 (RPC #100000)
TCP
5666/tcpwrapped
Open
TCP
8443/ssl/http
Open
nginx 1.14.0 (Ubuntu)
TCP
993/ssl/imaps?
Open
TCP
995/ssl/pop3s?
Open
Proxies
Anonymizing VPN
Yes
Tor Exit Node
No
Server
No
Public Proxy
No
Web Proxy
No
Search Engine Robot
No
Domain Names
n/a

IP Address data partner DB-IP.com:

Proxy data sponsored by IP2Proxy:

IMPORTANT: Scamalytics Ltd operate a fraud-detection network with visibility into many millions of internet users per month. We do not have visibility into the entire internet. The statements on this page represent our opinion based on the limited information we have available to us, and specifically only cover web connections made by internet users to websites and applications, not other connections such as server to server connections.