Location, Reputation, and Bot results

The IP address is very high risk and with an F grade should be blocked from accessing your site.
Country Luxembourg
Bot Activity Yes
Cloaking Yes
Reputation On 5 lists
Type Proxy
Provider BuyVM - Affordable Hosting with a touch of Insanity
Network Neighborhood

A scan of the IPs surrounding your target IP of

Starting at and ending at

KEY: (B)ot, (T)or, (V)PN, (P)roxy, (S)pider

Danger 100% bad hosts found.

254 of 254 host IPs were found to have engaged in bot activity or are running cloaking software in this network block.

This is a sign that the owner of this block may not taking the necessary steps to stop threat actors from using their systems.

Autonomous System (Owner)
Name PONYNET, US, FranTech Solutions
Number 53667
Established 2013 (11 years ago)
  • buyvm.net
Name BuyVM - Affordable Hosting with a touch of Insanity
Website https://buyvm.net/
Type Proxy
IP Geolocation
Continent Eu
Lat/Long 49.61154 / 6.130018
Country Luxembourg
Region Luxembourg
City Luxembourg
TZ Offset +02:00 GMT
TZ Name Central European Summer Time (CEST)
Currency EUR
Live Information
Launch Probe

Real-time detection of behaviors that indicate bot, proxy and VPN cloaking on the host IP address. Highest accuracy.

Completes in ~15 seconds.

IP Cloaking Information
Is Tor Yes
Is VPN Yes
Is Proxy Yes
Bot Detection Info
Is Bot Yes
Categories Bot, Exploit Bot, Proxy, Spam Bot, Tor, VPN
Is Malware -
Is Hijacked -
Is Exploit Bot Yes
Is Spider -
Is Dshield -
Is Spyware -
Last Seen 2024-06-15 06:22:50 UTC
Wafris Waitlist Signup

Go beyond lookups. Identify dark traffic hitting your site and block it before attacks hit you. More info...

Bot Activity Log
  • Tor Router
  • Cins Army List
  • Vulnerability Scanning Or D Do S Bot
  • Comment And Forum Spammers
  • Brute Force Bot (Ssh, Smtp, IMAP Or Http)
  • Hacking Or Attack Bot
  • Tor Node
  • Exploit Attacks Against Website
  • HTTP Form Spam Bot
  • Tor Exit Node
  • Web Server Attack Source
  • Harvester, Spam Or Comment Spam Host
  • Public HTTP Proxy
  • VPN Service Hosting
  • Tor Exit Node
  • Forum, Blog Or Other Website Spammer
  • IP Connected To A Known Honeypot
  • Brute Force Bot (Ssh)
  • Brute Force Bot (Smtp)
  • Brute Force Bot (Apache Http)
  • Brute Force Bot (Website Logins)
  • Hacking, Exploit Or Other Attack Source
  • Scanning Or Brute Force Attacks (Last 30 Days)
  • Hacked IP Or Spam Source
  • HTTP Attack Source
  • Email/Smtp Attack Source
  • SSH Attack Source
  • Abuse Source (Hacking Or Spam)
Reputation Blocklists

The IP address was found on 5 out of the 133 IP reputation blocklists we monitor.

  • Fmb.La
  • Ns Zones.Com Sbl
  • Ns Zones.Com Sbl+Dyn
  • Spam Rats! All
  • Spam Rats! Spam

Look up another IP

Do this next

We're on a mission to better secure every web app on internet. Here's some ways you can jump in:

1. Check out our Open Source Web Application Firewall

Wafris is the free open source WAF that you can use to understand and visualize the requests hitting your apps and then take steps to protect them. It's still in early development, but you can signup for the waitlist to get early access at wafris.org

2. Investigate IP addresses with our IP Lookup service

Bad bots and probes hit sites within minutes of being put on the Internet. Sort the good from the bad by identifying request IPs as coming from bots, Tor networks, VPNs, proxies and malware hosts at wafris.org/ip-lookup

3. Anything else?

If you have any questions or need help finding the right way to handle web app security issues, please let us know at: help@wafris.org