198.49.23.144 is an Open Proxy used by Hackers

IP informations Cybercrime IP Feeds Raw whois

198.49.23.144

is an

Open Proxy

used by

Hackers

100 %

United States

Report Abuse

26attacks reported

4Web App Attack

3Phishing

2Hacking

2Port ScanHacking

2Fraud VoIP

1PhishingWeb SpamSpoofingExploited Host

1Fraud OrdersDDoS AttackFTP Brute-ForcePing of DeathPhishingOpen ProxyVPN IPSpoofing

1Ping of DeathEmail Spam

1Fraud OrdersDDoS AttackFTP Brute-ForcePing of DeathPhishingOpen Proxy

1DDoS Attack

...

25abuse reported

21Email SpamBrute-Force

4Email Spam

7malware reported

6Malware

1Exploited Host

4reputation reported

4uncategorized

4organizations reported

4uncategorized

from 9 distinct reporters

and 5 distinct sources : Bambenek Consulting, Cyber Threat Alliance, hpHosts, VoIPBL.org, AbuseIPDB

198.49.23.144 was first signaled at 2017-12-02 18:46 and last record was at 2020-07-31 15:59.

198.49.23.144

Organization

Squarespace, Inc.

all IP owned by Squarespace, Inc.

Localisation

United States

New York, New York

NetRange : First & Last IP

198.49.23.0 - 198.49.23.255

Network CIDR

198.49.23.0/24

ASN

53831

list IP by ASN 53831

Note about 198.0.0.0/8

198.18.0.0/15 reserved for Network Interconnect Device Benchmark Testing [RFC2544]. Complete registration details for 198.18.0.0/15 are found in [IANA registry iana-ipv4-special-registry]. 198.51.100.0/24 reserved for TEST-NET-2 [RFC5737]. Complete registration details for 198.51.100.0/24 are found in [IANA registry iana-ipv4-special-registry].

Cybercrime IP Feeds

Date UTC	Category	Sub Categories	Source List	Source	Logs
2019-06-26 01:30	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=35562 . dpt=443 . src=xx.xx.7.214 . dst=198.49.23.144 . (listed on Bambenek Consulting Jun 26) (706)
2019-06-25 00:36	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=52748 . dpt=443 . src=xx.xx.4.91 . dst=198.49.23.144 . (listed on Bambenek Consulting Jun 25) (792)
2019-06-18 10:24	attacks	Phishing		AbuseIPDB
2019-06-12 11:06	attacks	Phishing		AbuseIPDB
2019-06-04 12:08	abuse	Email Spam		AbuseIPDB	EMAIL SPAM
2019-05-16 03:25	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=48744 . dpt=443 . src=xx.xx.4.90 . dst=198.49.23.144 . (listed on Bambenek Consulting May 16) (394)
2019-05-15 01:23	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=53070 . dpt=80 . src=xx.xx.4.91 . dst=198.49.23.144 . (listed on Bambenek Consulting May 15) (444)
2019-05-13 11:18	attacks	PhishingWeb SpamSpoofingExploited Host		AbuseIPDB	Reported as a Malicious IP on our system.
2019-04-29 06:23	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=39831 . dpt=443 . src=xx.xx.4.90 . dst=198.49.23.144 . (listed on Bambenek Consulting Apr 28 19:13) (483)
2019-04-23 04:35	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=52827 . dpt=443 . src=xx.xx.4.90 . dst=198.49.23.144 . (listed on Bambenek Consulting Apr 23 05:13) (788)
2019-04-19 09:13	attacks	Web App Attack		AbuseIPDB
2019-04-17 08:27	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=40498 . dpt=443 . src=xx.xx.4.90 . dst=198.49.23.144 . (listed on Bambenek Consulting Apr 16 19:13) (817)
2019-04-17 03:02	attacks	Web App Attack		AbuseIPDB
2019-04-01 06:43	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=51857 . dpt=80 . src=xx.xx.4.90 . dst=198.49.23.144 . (listed on github Apr 01 06:13) (1343)
2019-03-27 12:43	attacks	Fraud OrdersDDoS AttackFTP Brute-ForcePing of Death		AbuseIPDB
2019-03-20 09:34	attacks	Web App Attack		AbuseIPDB
2019-03-14 03:37	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=48499 . dpt=443 . src=xx.xx.4.90 . dst=198.49.23.144 . (listed on Blocklist de Mar 13 18:33) (957)
2019-03-08 08:24	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=36933 . dpt=80 . src=xx.xx.7.214 . dst=198.49.23.144 . (listed on Blocklist de Mar 07 18:33) (1041)
2019-03-06 08:31	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=35885 . dpt=80 . src=xx.xx.4.90 . dst=198.49.23.144 . (listed on Blocklist de Mar 05 18:33) (1019)
2019-03-04 21:25	attacks	Ping of DeathEmail Spam		AbuseIPDB
2019-02-15 10:25	attacks	Hacking		AbuseIPDB	synology router keeps tagging as malicious
2019-02-07 06:28	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=42806 . dpt=443 . src=xx.xx.4.90 . dst=198.49.23.144 . (listed on Blocklist de Feb 06 18:33) (1693)
2019-02-05 02:41	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=55578 . dpt=443 . src=xx.xx.4.115 . dst=198.49.23.144 . (listed on Blocklist de Feb 04 18:33) (749)
2019-02-01 22:27	attacks	Fraud OrdersDDoS AttackFTP Brute-ForcePing of Death		AbuseIPDB
2019-01-25 06:33	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=63989 . dpt=443 . src=xx.xx.4.115 . dst=198.49.23.144 . (listed on Alienvault Jan 25 07:10) (1056)
2019-01-23 06:29	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=33610 . dpt=80 . src=xx.xx.7.214 . dst=198.49.23.144 . (listed on Alienvault Jan 23 07:10) (357)
2019-01-18 04:41	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=47901 . dpt=443 . src=xx.xx.4.91 . dst=198.49.23.144 . (listed on Blocklist de Jan 17 18:33) (380)
2019-01-14 00:33	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=34950 . dpt=80 . src=xx.xx.4.90 . dst=198.49.23.144 . (listed on github Jan 14 06:33) (369)
2019-01-10 04:42	abuse	Email SpamBrute-Force		AbuseIPDB	proto=tcp . spt=42888 . dpt=80 . src=xx.xx.4.90 . dst=198.49.23.144 . (listed on Blocklist de Jan 09 18:33) (415)
2019-01-08 04:08	attacks	Web App Attack		AbuseIPDB
2018-12-27 11:57	malware	Exploited Host		AbuseIPDB
2018-12-20 05:30	abuse	Email SpamBrute-Force		AbuseIPDB	PROTO=TCP . SPT=41086 . DPT=80 . SRC=xx.xx.4.90 . DST=198.49.23.144 . (listed on Blocklist de Dec 19 18:33) (674)
2018-12-14 08:24	abuse	Email SpamBrute-Force		AbuseIPDB	PROTO=TCP . SPT=48960 . DPT=443 . SRC=xx.xx.7.214 . DST=198.49.23.144 . (listed on Alienvault Dec 14 07:10) (714)
2018-12-12 05:30	abuse	Email SpamBrute-Force		AbuseIPDB	PROTO=TCP . SPT=57055 . DPT=80 . SRC=xx.xx.4.90 . DST=198.49.23.144 . (listed on Blocklist de Dec 11 18:33) (663)
2018-12-07 07:12	attacks	Phishing		AbuseIPDB
2018-11-26 02:03	attacks	Port ScanHacking		AbuseIPDB	MultiHost/MultiPort Probe, Scan, Hack -
2018-11-24 04:56	attacks	Port ScanHacking		AbuseIPDB	MultiHost/MultiPort Probe, Scan, Hack -
2018-11-05 17:29	attacks	DDoS Attack		AbuseIPDB
2018-10-17 10:07	abuse	Email Spam		AbuseIPDB	Spammer hosted here
2018-10-11 06:09	abuse	Email Spam		AbuseIPDB	Spammer hosted here
2018-10-02 18:47	attacks	DDoS AttackPhishingOpen ProxyWeb Spam		AbuseIPDB	Once again, it goes back to craigslist https://ibb.co/b0F7UK www.brandgusa.com 198.49.23.145 198.49.23.144 Server D VT: https://www.virustotal.com/#/i
2018-06-09 17:59	attacks	Fraud OrdersDDoS AttackHackingBad Web Bot		AbuseIPDB
2018-05-30 06:54	attacks	PhishingBrute-Force		AbuseIPDB	TCP Port: 443 s5h-net _ _ _ 199
2018-05-30 02:45	attacks	Hacking		AbuseIPDB
2018-05-11 11:38	attacks	Fraud OrdersFTP Brute-ForceHackingBrute-Force		AbuseIPDB
2018-03-14 16:43	attacks	Fraud OrdersDDoS AttackFTP Brute-ForcePing of Death		AbuseIPDB
2018-03-09 22:44	attacks	Fraud OrdersDDoS AttackWeb SpamEmail Spam		AbuseIPDB	[DoS Attack: ACK Scan] from source: 198.49.23.144, port 80, Saturday, March 10, 2018 00:02:18
2018-03-08 12:03	abuse	Email Spam		AbuseIPDB
2017-12-03 17:48	attacks			AbuseIPDB	[email protected]
2017-12-02 18:46	attacks	Port ScanBrute-ForceWeb App Attack		AbuseIPDB	Sep1813:47:01server2kernel:[15300234.257095]Firewall:\UDP_INBlocked\IN=venet0OUT=MAC=SRC=198.49.23.144DST=5.9.198.197LEN=118TOS=0x00PREC=0x00TTL=250
2019-03-29 18:18	malware	Malware	bambenek_c2	Bambenek Consulting
2019-03-29 18:18	malware	Malware	bambenek_suppobox	Bambenek Consulting
2019-03-29 18:23	malware	Malware	cta_cryptowall	Cyber Threat Alliance
2019-03-29 18:35	malware	Malware	hphosts_emd	hpHosts
2019-03-29 18:35	malware	Malware	hphosts_exp	hpHosts
2019-03-29 18:35	reputation		hphosts_fsa
2019-03-29 18:35	reputation		hphosts_mmt
2019-03-29 18:35	reputation		hphosts_pha
2019-03-29 18:36	reputation		hphosts_psh
2019-03-29 18:42	malware	Malware	ransomware_feed
2019-05-28 23:34	organizations		hphosts_ats
2019-09-06 00:30	organizations		coinbl_hosts_browser
2019-09-10 19:36	organizations		coinbl_hosts_optional
2020-07-31 15:59	organizations		coinbl_hosts
2019-03-29 18:53	attacks	Fraud VoIP	voipbl	VoIPBL.org
2019-07-14 05:49	attacks	Fraud VoIP	voipbl	VoIPBL.org

only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse

IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)

anonymizer

Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.

attacks

bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.

malware

Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

NetRange: 198.49.23.0 - 198.49.23.255
CIDR: 198.49.23.0/24
NetName: SQUARESPACE
NetHandle: NET-198-49-23-0-1
Parent: NET198 (NET-198-0-0-0-0)
NetType: Direct Assignment
OriginAS: AS53831
Organization: Squarespace, Inc. (SQUAR-30)
RegDate: 2013-08-14
Updated: 2013-08-14
Ref: https://rdap.arin.net/registry/ip/ 198.49.23.0

OrgName: Squarespace, Inc.
OrgId: SQUAR-30
Address: 225 Varick St
City: New York
StateProv: NY
PostalCode: 10014
Country: US
RegDate: 2012-04-26
Updated: 2017-01-04
Comment: https://squarespace.com
Ref: https://rdap.arin.net/registry/entity/SQUAR-30

OrgNOCHandle: SYSTE409-ARIN
OrgNOCName: Systems
OrgNOCPhone: +1-347-758-4644
OrgNOCEmail: systems-net@squarespace.com
OrgNOCRef: https://rdap.arin.net/registry/entity/SYSTE409-ARIN

OrgAbuseHandle: ABUSE5803-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-347-758-4644
OrgAbuseEmail: abuse-network@squarespace.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE5803-ARIN

OrgTechHandle: SYSTE409-ARIN
OrgTechName: Systems
OrgTechPhone: +1-347-758-4644
OrgTechEmail: systems-net@squarespace.com
OrgTechRef: https://rdap.arin.net/registry/entity/SYSTE409-ARIN

most specific ip range is highlighted

Updated : 2020-08-28