Go
185.104.152.243
is an
Open Proxy
used by
Hackers
100 %
Spain
Report Abuse
205attacks reported
73Web App Attack
41Brute-ForceWeb App Attack
23Brute-Force
21DDoS AttackWeb App Attack
13uncategorized
8HackingWeb App Attack
7Brute-ForceMailserver Attack
3Web App AttackCMS Attack
3Brute-ForceWindows RDP Attack
3Web App AttackApache Attack
...
40abuse reported
10Email SpamBrute-Force
8Bad Web BotWeb SpamBlog Spam
7Web SpamForum Spam
6Email Spam
3Web SpamBad Web BotWeb App Attack
2Bad Web BotWeb App Attack
2uncategorized
1Bad Web Bot
1Blog SpamPort ScanHackingBrute-ForceBad Web Bot
4anonymizers reported
4Open Proxy
2spam reported
1uncategorized
1Email Spam
from 42 distinct reporters
and 9 distinct sources : FireHOL, CleanTalk, GreenSnow.co, BadIPs.com, blocklist.net.ua, Blocklist.de, StopForumSpam.com, Free Proxy List, AbuseIPDB
185.104.152.243 was first signaled at 2017-12-03 00:58 and last record was at 2019-07-31 18:00.
IP

185.104.152.243

Organization
CubeNode System
Localisation
Spain
NetRange : First & Last IP
185.104.152.0 - 185.104.152.255
Network CIDR
185.104.152.0/24

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2019-07-27 11:15 attacks Brute-Force AbuseIPDB WordPress brute force
2019-07-26 15:26 attacks Web App Attack AbuseIPDB Automatic report - Banned IP Access
2019-07-26 14:21 attacks Web App Attack AbuseIPDB langenachtfulda.de 185.104.152.243 \[27/Jul/2019:01:21:10 +0200\] "POST /wp-login.php HTTP/1.1" 200 6029 "-" "Mozilla/5.0 \(X
2019-07-26 11:57 attacks Brute-Force AbuseIPDB access intents with admin and system users
2019-07-25 21:22 attacks Brute-Force AbuseIPDB WordPress login Brute force / Web App Attack on client site.
2019-07-25 16:36 attacks Brute-ForceWeb App Attack AbuseIPDB 185.104.152.243 - - [26/Jul/2019:03:36:46 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x
2019-07-25 12:36 attacks Web App Attack AbuseIPDB Automatic report - Banned IP Access
2019-07-25 05:31 attacks Brute-ForceWeb App Attack AbuseIPDB 185.104.152.243 - - [25/Jul/2019:16:31:21 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x
2019-07-25 00:57 attacks Brute-ForceWeb App Attack AbuseIPDB 185.104.152.243 - - [25/Jul/2019:11:57:46 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x
2019-07-24 09:20 attacks DDoS AttackWeb App Attack AbuseIPDB xmlrpc attack
2019-07-24 04:47 attacks Web App Attack AbuseIPDB fail2ban honeypot
2019-07-24 03:03 attacks Brute-Force AbuseIPDB WordPress login Brute force / Web App Attack on client site.
2019-07-23 12:10 attacks Web App Attack AbuseIPDB Automatic report - Banned IP Access
2019-07-23 06:04 attacks Brute-Force AbuseIPDB WordPress login Brute force / Web App Attack on client site.
2019-07-23 04:13 abuse Web SpamBad Web BotWeb App Attack AbuseIPDB C1,DEF GET /wp-login.php
2019-07-22 18:24 attacks Web App Attack AbuseIPDB www.ft-1848-basketball.de 185.104.152.243 \[23/Jul/2019:05:24:01 +0200\] "POST /wp-login.php HTTP/1.1" 200 2172 "-" "Mozilla/
2019-07-22 16:27 attacks Brute-Force AbuseIPDB WordPress login Brute force / Web App Attack on client site.
2019-07-21 09:02 attacks Brute-Force AbuseIPDB Time: Sun Jul 21 14:40:21 2019 -0300 IP: 185.104.152.243 (ES/Spain/server.encode.es) Failures: 20 (WordPressBruteForcePOST) Interval: 3600 seconds Blo
2019-07-21 06:33 attacks Web App Attack AbuseIPDB Automatic report - Banned IP Access
2019-07-20 22:17 attacks Web App Attack AbuseIPDB fail2ban honeypot
2019-07-20 18:06 attacks Web App Attack AbuseIPDB www.geburtshaus-fulda.de 185.104.152.243 \[21/Jul/2019:05:06:45 +0200\] "POST /wp-login.php HTTP/1.1" 200 5786 "-" "Mozilla/5
2019-07-19 20:19 attacks Web App Attack AbuseIPDB Auto reported by IDS
2019-07-19 17:47 attacks Web App Attack AbuseIPDB  
2019-07-19 14:39 attacks Brute-Force AbuseIPDB WordPress login Brute force / Web App Attack on client site.
2019-07-19 13:50 attacks HackingBrute-ForceWeb App Attack AbuseIPDB WordPress XMLRPC scan :: 185.104.152.243 0.380 BYPASS [20/Jul/2019:08:50:07 1000] [censored_1] "POST /xmlrpc.php HTTP/1.1" 503 19382 "-
2019-07-19 11:32 attacks Brute-Force AbuseIPDB WordPress brute force
2019-07-19 02:23 attacks Brute-Force AbuseIPDB  
2019-07-18 16:21 attacks Web App Attack AbuseIPDB Automatic report - Banned IP Access
2019-07-18 13:08 attacks Web App Attack AbuseIPDB pixelfritteuse.de 185.104.152.243 \[19/Jul/2019:00:08:00 +0200\] "POST /wp-login.php HTTP/1.1" 200 5627 "-" "Mozilla/5.0 \(X1
2019-07-18 10:39 attacks Brute-ForceWeb App Attack AbuseIPDB 185.104.152.243 - - [18/Jul/2019:21:39:26 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x
2019-07-18 01:11 attacks Web App Attack AbuseIPDB Automatic report - Banned IP Access
2019-07-17 13:31 attacks Web App Attack AbuseIPDB Automatic report - Banned IP Access
2019-07-17 13:20 attacks Web App Attack AbuseIPDB fail2ban honeypot
2019-07-17 12:44 attacks Brute-ForceWeb App Attack AbuseIPDB 185.104.152.243 - - [17/Jul/2019:23:44:08 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x
2019-07-17 11:52 attacks Brute-ForceWeb App Attack AbuseIPDB 185.104.152.243 - - [17/Jul/2019:22:52:44 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x
2019-07-17 01:12 attacks Brute-Force AbuseIPDB WordPress login Brute force / Web App Attack on client site.
2019-07-16 11:04 attacks Brute-Force AbuseIPDB WordPress brute force
2019-07-15 18:48 attacks Web App Attack AbuseIPDB Automatic report - Banned IP Access
2019-07-15 14:13 attacks HackingWeb App Attack AbuseIPDB 16.07.2019 01:13:58 - Wordpress fail Detected by ELinOX-ALM
2019-07-15 12:10 abuse Web SpamBad Web BotWeb App Attack AbuseIPDB SS5,WP GET /wp-login.php
2019-07-15 11:16 attacks Brute-Force AbuseIPDB WordPress brute force
2019-07-15 09:38 abuse Bad Web BotWeb App Attack AbuseIPDB [15/Jul/2019:20:38:08 +0200] Web-Request: "GET /wp-login.php", User-Agent: "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/2010
2019-07-15 04:46 attacks Brute-ForceWeb App Attack AbuseIPDB 185.104.152.243 - - \[15/Jul/2019:15:46:40 +0200\] "POST /wp-login.php HTTP/1.1" 200 2110 "-" "Mozilla/5.0 \(X11\; Ubuntu\; L
2019-07-15 03:04 attacks Brute-ForceWeb App Attack AbuseIPDB Jul 15 14:04:40 s1 wordpress\(www.fehst.de\)\[14262\]: Authentication attempt for unknown user fehst from 185.104.152.243
2019-07-14 21:57 attacks Web App Attack AbuseIPDB ft-1848-fussball.de 185.104.152.243 \[15/Jul/2019:08:57:38 +0200\] "POST /wp-login.php HTTP/1.1" 200 2312 "-" "Mozilla/5.0 \(
2019-07-14 15:06 attacks Brute-Force AbuseIPDB WordPress login Brute force / Web App Attack on client site.
2019-07-14 13:47 attacks Web App Attack AbuseIPDB Automatic report - Banned IP Access
2019-07-14 11:16 attacks Brute-Force AbuseIPDB WordPress brute force
2019-07-14 08:36 attacks Brute-Force AbuseIPDB Wordpress Admin Login attack
2019-07-14 05:21 attacks Web App Attack AbuseIPDB joshuajohannes.de 185.104.152.243 \[14/Jul/2019:16:21:35 +0200\] "POST /wp-login.php HTTP/1.1" 200 5606 "-" "Mozilla/5.0 \(X1
2017-12-03 00:58 abuse Email SpamBrute-Force AbuseIPDB SMTP/25/465/587 Probe, Reject, BadAuth, SPAM -
2017-12-03 03:44 abuse Email Spam AbuseIPDB sends email spam
2017-12-03 04:27 abuse Email SpamBrute-Force AbuseIPDB SMTP/25/465/587 Probe, Bad Auth, Spam -
2017-12-03 04:28 abuse Email SpamBrute-Force AbuseIPDB SMTP/25/465/587 Probe, Bad Auth, Spam -
2017-12-03 04:45 abuse Email Spam AbuseIPDB SMTP/25 Probe, Spam -
2017-12-03 05:09 abuse Email Spam AbuseIPDB SMTP/25 Probe, Spam -
2017-12-03 05:20 abuse Email Spam AbuseIPDB SMTP/25 Probe, Spam -
2018-07-30 15:17 attacks Web App Attack AbuseIPDB  
2018-08-01 12:36 attacks Web App Attack AbuseIPDB  
2018-08-08 10:54 abuse Blog SpamPort ScanHackingBrute-Force AbuseIPDB refferer Spam ! russen B'A'S'T'R'A'D'S! httpdocs/wp-content/themes/setup.php, referer: http://site.ru
2019-03-29 18:33 anonymizers Open Proxy firehol_proxies FireHOL  
2019-05-30 09:31 abuse Bad Web BotWeb SpamBlog Spam cleantalk_1d CleanTalk  
2019-05-30 09:32 abuse Bad Web BotWeb SpamBlog Spam cleantalk_30d CleanTalk  
2019-05-30 09:33 abuse Bad Web BotWeb SpamBlog Spam cleantalk_7d CleanTalk  
2019-05-30 09:34 abuse Bad Web BotWeb SpamBlog Spam cleantalk_updated_1d CleanTalk  
2019-05-30 09:34 abuse Bad Web BotWeb SpamBlog Spam cleantalk_updated_30d CleanTalk  
2019-05-30 09:34 abuse Bad Web BotWeb SpamBlog Spam cleantalk_updated_7d CleanTalk  
2019-05-30 09:35 abuse firehol_abusers_1d FireHOL  
2019-05-30 09:36 abuse firehol_abusers_30d FireHOL  
2019-05-30 09:37 attacks firehol_level2 FireHOL  
2019-05-30 09:41 attacks greensnow GreenSnow.co  
2019-06-03 22:43 attacks bi_any_1_7d BadIPs.com  
2019-06-03 22:43 attacks bi_any_2_30d BadIPs.com  
2019-06-03 22:43 attacks bi_any_2_7d BadIPs.com  
2019-06-03 22:43 attacks Web App AttackCMS Attack bi_cms_1_7d BadIPs.com  
2019-06-03 22:43 attacks Web App AttackCMS Attack bi_cms_2_30d BadIPs.com  
2019-06-03 22:44 attacks bi_http_1_7d BadIPs.com  
2019-06-03 22:44 attacks bi_http_2_30d BadIPs.com  
2019-06-03 22:44 attacks Brute-ForceWindows RDP Attack bi_wordpress_1_7d BadIPs.com  
2019-06-03 22:44 attacks Brute-ForceWindows RDP Attack bi_wordpress_2_30d BadIPs.com  
2019-06-03 22:45 abuse Email Spam blocklist_net_ua blocklist.net.ua  
2019-06-03 22:53 attacks firehol_level4 FireHOL  
2019-06-09 17:20 attacks bi_any_0_1d BadIPs.com  
2019-06-09 17:20 attacks bi_any_2_1d BadIPs.com  
2019-06-09 17:20 attacks Web App AttackCMS Attack bi_cms_0_1d BadIPs.com  
2019-06-09 17:20 attacks bi_http_0_1d BadIPs.com  
2019-06-09 17:21 attacks Brute-ForceWindows RDP Attack bi_wordpress_0_1d BadIPs.com  
2019-06-09 17:21 attacks Web App AttackApache Attack blocklist_de_apache Blocklist.de  
2019-06-09 17:21 attacks Brute-Force blocklist_de_bruteforce Blocklist.de  
2019-06-10 16:01 attacks blocklist_de Blocklist.de  
2019-06-17 09:37 abuse Web SpamForum Spam stopforumspam_1d StopForumSpam.com  
2019-06-17 09:37 abuse Web SpamForum Spam stopforumspam_30d StopForumSpam.com  
2019-06-17 09:38 abuse Web SpamForum Spam stopforumspam_365d StopForumSpam.com  
2019-06-17 09:38 abuse Web SpamForum Spam stopforumspam_7d StopForumSpam.com  
2019-06-18 08:40 abuse Web SpamForum Spam stopforumspam StopForumSpam.com  
2019-06-18 08:41 abuse Web SpamForum Spam stopforumspam_180d StopForumSpam.com  
2019-06-18 08:43 abuse Web SpamForum Spam stopforumspam_90d StopForumSpam.com  
2019-06-19 07:45 anonymizers Open Proxy socks_proxy_1d Free Proxy List  
2019-06-19 07:45 anonymizers Open Proxy socks_proxy_30d Free Proxy List  
2019-06-19 07:45 anonymizers Open Proxy socks_proxy_7d Free Proxy List  
2019-06-20 06:26 attacks Web App AttackApache Attack bi_apache-modsec_0_1d BadIPs.com  
2019-06-20 06:26 attacks Web App AttackApache Attack bi_apache_0_1d BadIPs.com  
2019-06-22 04:33 attacks Brute-ForceMailserver Attack bi_mail_0_1d BadIPs.com  
2019-06-22 04:33 attacks Brute-ForceMailserver Attack bi_mail_1_7d BadIPs.com  
2019-06-22 04:33 attacks Brute-ForceMailserver Attack bi_postfix_0_1d BadIPs.com  
2019-06-22 04:33 attacks Brute-ForceMailserver Attack bi_postfix_1_7d BadIPs.com  
2019-06-22 05:30 spam lashback_ubl  
2019-06-22 05:32 spam Email Spam nixspam  
2019-06-23 02:55 attacks Brute-ForceMailserver Attack bi_mail_2_30d BadIPs.com  
2019-06-23 02:55 attacks Brute-ForceMailserver Attack bi_postfix_2_30d BadIPs.com  
2019-06-25 01:36 attacks Brute-ForceMailserver Attack blocklist_de_mail Blocklist.de  
2019-06-26 22:42 attacks Email Spam bi_spam_0_1d BadIPs.com  
2019-06-26 22:42 attacks Email Spam bi_spam_1_7d BadIPs.com  
2019-06-30 19:24 attacks firehol_level3 FireHOL  
2019-07-02 17:23 attacks Bad Web Bot blocklist_de_bots Blocklist.de  
2019-07-14 05:11 abuse Bad Web BotWeb SpamBlog Spam cleantalk CleanTalk  
2019-07-14 05:18 abuse Bad Web BotWeb SpamBlog Spam cleantalk_updated CleanTalk  
2019-07-31 18:00 attacks Mailserver Attack bi_sasl_0_1d BadIPs.com  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

inetnum: 185.104.152.0 - 185.104.152.255
netname: CUBENODE
descr: Cubenode System SL
country: ES
admin-c: JJHM7-RIPE
tech-c: JJHM7-RIPE
status: ASSIGNED PA
org: ORG-CS285-RIPE
mnt-by: MNT-ADJENET
created: 2016-04-27T11:01:47Z
last-modified: 2016-04-27T11:01:47Z
source: RIPE

organisation: ORG-CS285-RIPE
org-name: CubeNode System
org-type: OTHER
address: C/ La trucha edificio Victoria, n9, 5A
address: 18015 - Granada
address: SPAIN
mnt-ref: MNT-ADJENET
mnt-by: MNT-ADJENET
abuse-c: CAT50-RIPE
created: 2014-04-23T03:08:33Z
last-modified: 2014-04-23T03:08:33Z
source: RIPE # Filtered

person: Juan Jesus Hernandez Moya
address: C/ La trucha edificio Victoria, n?9, 5?A
address: 18015 - Granada
address: SPAIN
phone: +34 900 52 52 43
nic-hdl: JJHM7-RIPE
mnt-by: MNT-ADJENET
created: 2014-01-13T18:52:02Z
last-modified: 2014-04-23T01:22:24Z
source: RIPE

route: 185.104.152.0/24
origin: AS39020
mnt-by: MNT-ADJENET
mnt-by: COMVIVE-MNT
created: 2016-04-27T17:34:27Z
last-modified: 2016-04-27T17:34:27Z
source: RIPE
most specific ip range is highlighted
Updated : 2019-01-25