is an
Open Proxy
used by
100 %
Report Abuse
17attacks reported
2Brute-ForceMailserver Attack
1HackingPort Scan
1Port ScanHackingSpoofingBrute-ForceBad Web BotExploited HostWeb App Attack
1PhishingHackingExploited Host
1Fraud OrdersDDoS AttackFTP Brute-ForcePing of DeathPhishingFraud VoIPOpen ProxyWeb SpamEmail SpamBlog SpamVPN IPPort ScanHackingSQL InjectionSpoofingBrute-ForceBad Web BotExploited HostWeb App AttackSSHIoT Targeted
1Fraud OrdersDDoS AttackOpen ProxyWeb SpamEmail SpamPort ScanBrute-ForceBad Web BotExploited HostWeb App AttackSSHIoT Targeted
1Email Spam
7malware reported
1Exploited Host
1Exploited HostWeb App AttackDDoS AttackPort ScanBrute-ForceSSH
5reputation reported
4abuse reported
3Email Spam
1Email SpamBrute-Force
3organizations reported
from 10 distinct reporters
and 7 distinct sources : hpHosts, Bambenek Consulting, BadIPs.com, Snort.org Labs, TalosIntel.com, FireHOL, AbuseIPDB was first signaled at 2017-12-03 05:59 and last record was at 2019-09-23 05:32.

Internet Assigned Numbers Authority
NetRange : First & Last IP -
Network CIDR

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2019-09-23 05:32 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=39642 . dpt=80 . src=xx.xx.4.90 . dst= . (listed on Bambenek Consulting Sep 23) (622)
2019-08-05 15:06 abuse Email Spam AbuseIPDB  
2019-07-30 01:44 attacks Hacking AbuseIPDB Malware
2019-07-13 19:25 attacks Hacking AbuseIPDB  
2019-06-11 21:41 malware Exploited Host AbuseIPDB  
2019-06-11 15:11 abuse Email Spam AbuseIPDB  
2019-06-11 04:35 attacks HackingPort Scan AbuseIPDB ISP/domain admins/uk/i.e. abroad/known/hacking.me - bold-whilst working in DE/local de lag locks/hacking.me A hacking.me MX 5 mail.h-emai
2019-04-28 08:31 attacks Port ScanHackingSpoofingBrute-Force AbuseIPDB *Blacklisted German WordPress Botnet
2019-02-12 03:54 attacks Hacking AbuseIPDB domain/? used to redirect/ Web Server Location Germany Last Updated: Feb 12, 2019 Website and Web Server Information Website Title questio
2018-12-19 22:03 attacks PhishingHackingExploited Host AbuseIPDB pretend to send a O365 update
2018-03-02 20:31 attacks Fraud OrdersDDoS AttackFTP Brute-ForcePing of Death AbuseIPDB  
2018-02-01 16:11 abuse Email Spam AbuseIPDB  
2017-12-03 08:23 attacks Fraud OrdersDDoS AttackOpen ProxyWeb Spam AbuseIPDB Terroristical activities and support
2017-12-03 05:59 malware Exploited HostWeb App AttackDDoS AttackPort Scan AbuseIPDB This IP address is consistently trying to do ???? I am not sure what is going on, not smart about this. I have Avast and keeps popping up Threat has b
2019-03-29 18:23 organizations coinbl_hosts  
2019-03-29 18:35 organizations hphosts_ats  
2019-03-29 18:35 malware Malware hphosts_emd hpHosts  
2019-03-29 18:35 reputation hphosts_fsa  
2019-03-29 18:35 reputation hphosts_mmt  
2019-03-29 18:35 reputation hphosts_pha  
2019-03-29 18:36 reputation hphosts_psh  
2019-03-29 18:36 reputation hphosts_wrz  
2019-03-29 18:42 malware Malware ransomware_feed  
2019-05-28 23:17 malware Malware bambenek_c2 Bambenek Consulting  
2019-05-28 23:17 malware Malware bambenek_suppobox Bambenek Consulting  
2019-05-28 23:26 organizations coinbl_hosts_browser  
2019-06-03 22:42 malware Malware bambenek_simda Bambenek Consulting  
2019-06-28 22:41 attacks bi_any_0_1d BadIPs.com  
2019-06-28 22:42 attacks bi_assp_0_1d BadIPs.com  
2019-06-28 22:42 attacks Brute-ForceMailserver Attack bi_mail_0_1d BadIPs.com  
2019-06-28 22:42 attacks Brute-ForceMailserver Attack bi_postfix_0_1d BadIPs.com  
2019-06-28 22:42 attacks Email Spam bi_spam_0_1d BadIPs.com  
2019-07-04 15:54 attacks snort_ipfilter Snort.org Labs  
2019-07-04 15:57 attacks talosintel_ipfilter TalosIntel.com  
2019-08-03 15:07 attacks firehol_level3 FireHOL  
2019-07-04 15:46 attacks firehol_level3 FireHOL  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware


inetnum: -
netname: IANA-BLK
descr: The whole IPv4 address space
country: EU # Country field is actually all countries in the world and not just EU countries
admin-c: IANA1-RIPE
tech-c: IANA1-RIPE
remarks: This object represents all IPv4 addresses.
remarks: If you see this object as a result of a single IP query, it
remarks: means that the IP address you are querying is currently not
remarks: assigned to any organisation.
mnt-lower: RIPE-NCC-HM-MNT
created: 2002-06-25T14:19:09Z
last-modified: 2018-11-23T10:30:34Z
source: RIPE

organisation: ORG-IANA1-RIPE
org-name: Internet Assigned Numbers Authority
org-type: IANA
address: see http://www.iana.org
remarks: The IANA allocates IP addresses and AS number blocks to RIRs
remarks: see http://www.iana.org/numbers
admin-c: IANA1-RIPE
tech-c: IANA1-RIPE
mnt-ref: RIPE-NCC-HM-MNT
created: 2004-04-17T09:57:29Z
last-modified: 2013-07-22T12:03:42Z
source: RIPE # Filtered

role: Internet Assigned Numbers Authority
address: see http://www.iana.org.
admin-c: IANA1-RIPE
tech-c: IANA1-RIPE
nic-hdl: IANA1-RIPE
remarks: For more information on IANA services
remarks: go to IANA web site at http://www.iana.org.
mnt-by: RIPE-NCC-MNT
created: 1970-01-01T00:00:00Z
last-modified: 2001-09-22T09:31:27Z
source: RIPE # Filtered
most specific ip range is highlighted
Updated : 2022-05-20