Go
198.185.159.145
is an
Open Proxy
used by
Abusers
100 %
United States
Report Abuse
27abuse reported
20Email SpamBrute-Force
4Email Spam
1Web SpamEmail Spam
1Email SpamWeb App Attack
1Web Spam
18attacks reported
3Phishing
2Hacking
1Fraud OrdersEmail Spam
1PhishingEmail Spam
1HackingWeb App Attack
1PhishingWeb SpamEmail SpamBlog Spam
1DDoS AttackPhishingOpen ProxyWeb SpamEmail SpamBlog SpamHackingBad Web BotExploited HostWeb App Attack
1DDoS AttackPing of DeathPhishingOpen ProxyWeb SpamEmail SpamVPN IPPort ScanHackingSQL InjectionSpoofingBad Web BotExploited HostWeb App AttackSSHIoT Targeted
1DDoS AttackBrute-Force
1Fraud OrdersDDoS AttackHackingBad Web BotWeb App AttackIoT Targeted
...
7malware reported
6Malware
1Exploited Host
4reputation reported
4uncategorized
1organizations reported
1uncategorized
from 7 distinct reporters
and 5 distinct sources : Bambenek Consulting, Cyber Threat Alliance, hpHosts, blueliv.com, AbuseIPDB
198.185.159.145 was first signaled at 2017-12-03 06:40 and last record was at 2019-06-26 01:30.
IP

198.185.159.145

Organization
Squarespace, Inc.
Localisation
United States
New York, New York
NetRange : First & Last IP
198.185.159.0 - 198.185.159.255
Network CIDR
198.185.159.0/24

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2019-06-26 01:30 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=46547 . dpt=443 . src=xx.xx.7.214 . dst=198.185.159.145 . (listed on Bambenek Consulting Jun 26) (705)
2019-06-25 00:37 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=34292 . dpt=443 . src=xx.xx.4.91 . dst=198.185.159.145 . (listed on Bambenek Consulting Jun 25) (795)
2019-06-12 11:04 attacks Phishing AbuseIPDB  
2019-05-16 03:25 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=48905 . dpt=443 . src=xx.xx.4.90 . dst=198.185.159.145 . (listed on Bambenek Consulting May 16) (395)
2019-05-15 01:23 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=33681 . dpt=80 . src=xx.xx.4.91 . dst=198.185.159.145 . (listed on Bambenek Consulting May 15) (447)
2019-04-29 06:23 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=34824 . dpt=443 . src=xx.xx.4.90 . dst=198.185.159.145 . (listed on Bambenek Consulting Apr 28 19:13) (481)
2019-04-23 04:35 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=58779 . dpt=443 . src=xx.xx.4.90 . dst=198.185.159.145 . (listed on Bambenek Consulting Apr 23 05:13) (789)
2019-04-17 08:27 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=32815 . dpt=443 . src=xx.xx.4.90 . dst=198.185.159.145 . (listed on Bambenek Consulting Apr 16 19:13) (815)
2019-04-08 14:03 attacks Fraud OrdersEmail Spam AbuseIPDB SPAM with attachment to a fishing site
2019-04-01 06:42 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=50068 . dpt=80 . src=xx.xx.4.90 . dst=198.185.159.145 . (listed on github Apr 01 06:13) (1342)
2019-03-25 10:52 abuse Web SpamEmail Spam AbuseIPDB X-EN-AuthUser [email protected] spoofing various senders
2019-03-14 03:37 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=47154 . dpt=443 . src=xx.xx.4.90 . dst=198.185.159.145 . (listed on Blocklist de Mar 13 18:33) (956)
2019-03-08 08:23 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=55960 . dpt=80 . src=xx.xx.7.214 . dst=198.185.159.145 . (listed on Blocklist de Mar 07 18:33) (1039)
2019-03-06 08:31 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=42727 . dpt=80 . src=xx.xx.4.90 . dst=198.185.159.145 . (listed on Blocklist de Mar 05 18:33) (1018)
2019-02-20 01:21 attacks PhishingEmail Spam AbuseIPDB  
2019-02-15 10:21 attacks HackingWeb App Attack AbuseIPDB synology router safe access keeps blocking as malicious. not sure category
2019-02-08 10:28 malware Exploited Host AbuseIPDB  
2019-02-07 06:29 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=55348 . dpt=443 . src=xx.xx.4.90 . dst=198.185.159.145 . (listed on Blocklist de Feb 06 18:33) (1694)
2019-02-05 22:24 abuse Email Spam AbuseIPDB SPAM with attachment including link to Sharepoint Site
2019-02-05 02:42 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=55591 . dpt=443 . src=xx.xx.4.115 . dst=198.185.159.145 . (listed on Blocklist de Feb 04 18:33) (754)
2019-02-01 16:49 attacks PhishingWeb SpamEmail SpamBlog Spam AbuseIPDB web spam email spam blog spam unsafe site
2019-01-25 05:33 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=34417 . dpt=80 . src=xx.xx.4.90 . dst=198.185.159.145 . (listed on Alienvault Jan 25 07:10) (953)
2019-01-18 04:41 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=51300 . dpt=443 . src=xx.xx.4.91 . dst=198.185.159.145 . (listed on Blocklist de Jan 17 18:33) (382)
2019-01-14 00:33 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=57103 . dpt=80 . src=xx.xx.4.90 . dst=198.185.159.145 . (listed on github Jan 14 06:33) (368)
2019-01-10 04:41 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=38458 . dpt=80 . src=xx.xx.4.90 . dst=198.185.159.145 . (listed on Blocklist de Jan 09 18:33) (414)
2018-12-20 05:30 abuse Email SpamBrute-Force AbuseIPDB PROTO=TCP . SPT=53387 . DPT=80 . SRC=xx.xx.4.90 . DST=198.185.159.145 . (listed on Blocklist de Dec 19 18:33) (673)
2018-12-14 08:24 abuse Email SpamBrute-Force AbuseIPDB PROTO=TCP . SPT=50380 . DPT=443 . SRC=xx.xx.7.214 . DST=198.185.159.145 . (listed on Alienvault Dec 14 07:10) (713)
2018-12-12 05:31 abuse Email SpamBrute-Force AbuseIPDB PROTO=TCP . SPT=36405 . DPT=80 . SRC=xx.xx.4.90 . DST=198.185.159.145 . (listed on Blocklist de Dec 11 18:33) (664)
2018-11-26 11:09 attacks Phishing AbuseIPDB  
2018-10-17 10:07 abuse Email Spam AbuseIPDB Spammer hosted here
2018-10-02 18:44 attacks DDoS AttackPhishingOpen ProxyWeb Spam AbuseIPDB THIS GOES BACK TO A GROUP OF SERVERS THAT ARE ALL EXPLOITED, DELETING MY REPORTS WILL DO YOU NO GOOD, I WILL POST THEM RIGHT BACK UP. https://seattle.
2018-09-16 22:22 attacks DDoS AttackPing of DeathPhishingOpen Proxy AbuseIPDB  
2018-06-28 19:55 attacks Hacking AbuseIPDB  
2018-06-24 08:53 attacks DDoS AttackBrute-Force AbuseIPDB Too Many Connections Or General Abuse
2018-06-09 18:01 attacks Fraud OrdersDDoS AttackHackingBad Web Bot AbuseIPDB  
2018-06-05 03:04 attacks Fraud OrdersPhishing AbuseIPDB  
2018-05-23 11:52 attacks HackingBad Web Bot AbuseIPDB  
2018-05-22 13:17 abuse Email Spam AbuseIPDB  
2018-05-11 11:40 attacks Fraud OrdersFTP Brute-ForceWeb SpamBrute-Force AbuseIPDB  
2018-04-28 09:26 attacks Fraud OrdersOpen ProxyEmail SpamVPN IP AbuseIPDB  
2018-04-26 08:19 attacks Phishing AbuseIPDB  
2018-04-23 10:23 abuse Email Spam AbuseIPDB  
2018-03-15 20:04 attacks Port Scan AbuseIPDB Firewall-block on port: 18700
2017-12-08 06:18 abuse Email SpamWeb App Attack AbuseIPDB trojan mail, point to this IP
2017-12-03 06:40 abuse Web Spam AbuseIPDB  
2019-03-29 18:18 malware Malware bambenek_c2 Bambenek Consulting  
2019-03-29 18:18 malware Malware bambenek_suppobox Bambenek Consulting  
2019-03-29 18:23 malware Malware cta_cryptowall Cyber Threat Alliance  
2019-03-29 18:35 malware Malware hphosts_emd hpHosts  
2019-03-29 18:35 malware Malware hphosts_exp hpHosts  
2019-03-29 18:35 reputation hphosts_fsa  
2019-03-29 18:35 reputation hphosts_mmt  
2019-03-29 18:35 reputation hphosts_pha  
2019-03-29 18:36 reputation hphosts_psh  
2019-03-29 18:42 malware Malware ransomware_feed  
2019-05-28 23:34 organizations hphosts_ats  
2019-03-29 18:21 attacks Hacking blueliv_crimeserver_last_30d blueliv.com  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

NetRange: 198.185.159.0 - 198.185.159.255
CIDR: 198.185.159.0/24
NetName: SQUARESPACE
NetHandle: NET-198-185-159-0-1
Parent: NET198 (NET-198-0-0-0-0)
NetType: Direct Assignment
OriginAS: AS53831
Organization: Squarespace, Inc. (SQUAR-30)
RegDate: 2013-01-15
Updated: 2013-01-15
Comment: http://www.squarespace.com
Ref: https://rdap.arin.net/registry/ip/ 198.185.159.0

OrgName: Squarespace, Inc.
OrgId: SQUAR-30
Address: 225 Varick St
City: New York
StateProv: NY
PostalCode: 10014
Country: US
RegDate: 2012-04-26
Updated: 2017-01-04
Comment: https://squarespace.com
Ref: https://rdap.arin.net/registry/entity/SQUAR-30

OrgAbuseHandle: ABUSE5803-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-347-758-4644
OrgAbuseEmail: abuse-network@squarespace.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE5803-ARIN

OrgTechHandle: SYSTE409-ARIN
OrgTechName: Systems
OrgTechPhone: +1-347-758-4644
OrgTechEmail: systems-net@squarespace.com
OrgTechRef: https://rdap.arin.net/registry/entity/SYSTE409-ARIN

OrgNOCHandle: SYSTE409-ARIN
OrgNOCName: Systems
OrgNOCPhone: +1-347-758-4644
OrgNOCEmail: systems-net@squarespace.com
OrgNOCRef: https://rdap.arin.net/registry/entity/SYSTE409-ARIN
most specific ip range is highlighted
Updated : 2019-01-22