Did you get a chance to see what software it was running? I’d be interested in reverse engineering it if you did.

I suspect it’s a domestic proxy. There are a bunch of shady proxy providers on the internet that sell domestic IP addresses for the purpose of scraping websites and other dodgy stuff. I’ve always wondered how they get hardware on people’s local networks, and this would be the way they do it. Domestic IPs are always sold at a premium so the 15$ a month would be spare change.