IP address: 180.214.238.124

Host rating:

2.0

out of 26 votes

Last update: 2021-01-16

Host details

Unknown
Vietnam
Unknown
Unknown
See comments

Reported breaches

  • Port scan
Report breach

Whois record

The publicly-available Whois record found at whois.apnic.net server.

% [whois.apnic.net]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

% Information related to '180.214.236.0 - 180.214.239.255'

% Abuse contact for '180.214.236.0 - 180.214.239.255' is '[email protected]'

inetnum:        180.214.236.0 - 180.214.239.255
netname:        VIETSERVER-VN
descr:          VietServer Services technology company limited
descr:          Xa Khuc, Chu Phan ward, Me Linh district, Ha Noi City
country:        VN
admin-c:        NNA52-AP
tech-c:         NDM3-AP
status:         ALLOCATED PORTABLE
mnt-by:         MAINT-VN-VNNIC
mnt-irt:        IRT-VNNIC-AP
mnt-lower:      MAINT-VN-VNNIC
mnt-routes:     MAINT-VN-VNNIC
last-modified:  2020-09-14T11:29:40Z
source:         APNIC

irt:            IRT-VNNIC-AP
address:        Ha Noi, VietNam
phone:          +84-24-35564944
fax-no:         +84-24-37821462
e-mail:         [email protected]
abuse-mailbox:  [email protected]
admin-c:        NTTT1-AP
tech-c:         NTTT1-AP
auth:           # Filtered
mnt-by:         MAINT-VN-VNNIC
last-modified:  2017-11-08T09:40:06Z
source:         APNIC

person:         Nguyen Duc Manh
address:        VietServer Services technology company limited
address:        VIETSERVER-VN
country:        VN
phone:          +84-1698129166
e-mail:         [email protected]
nic-hdl:        NDM3-AP
mnt-by:         MAINT-VN-VNNIC
last-modified:  2018-03-08T05:02:52Z
source:         APNIC

person:         Nguyen Ngoc An
address:        Xa Khuc, Chu Phan ward, Me Linh district, Ha Noi City
country:        VN
phone:          +84987444400
e-mail:         [email protected]
nic-hdl:        NNA52-AP
mnt-by:         MAINT-VN-VNNIC
last-modified:  2020-09-14T11:27:20Z
source:         APNIC

% Information related to '180.214.236.0/22AS135905'

route:          180.214.236.0/22
descr:          VietServer Services technology company limited
descr:          VietServer Services technology company limited
notify:         [email protected]
origin:         AS135905
mnt-by:         MAINT-VN-VNNIC
last-modified:  2020-01-20T03:50:55Z
source:         APNIC

% This query was served by the APNIC Whois Service version 1.88.15-SNAPSHOT (WHOIS-US3)


User comments

26 security incident(s) reported by users

BHD Honeypot
Port scan
2021-01-16

In the last 24h, the attacker (180.214.238.124) attempted to scan 31 ports.
The following ports have been scanned: 1223/tcp (TrulyGlobal Protocol), 1296/tcp (dproxy), 1266/tcp (DELLPWRAPPKS), 1297/tcp (sdproxy), 1265/tcp (DSSIAPI), 1249/tcp (Mesa Vista Co), 1236/tcp (bvcontrol), 1241/tcp (nessus), 1205/tcp (Accord-MGC), 1286/tcp (netuitive), 1264/tcp (PRAT), 1262/tcp (QNTS-ORB), 1275/tcp (ivcollector), 1247/tcp (VisionPyramid), 1258/tcp (Open Network Library), 1233/tcp (Universal App Server), 1221/tcp (SweetWARE Apps), 1245/tcp (isbconference2), 1291/tcp (SEAGULLLMS), 1274/tcp (t1distproc), 1270/tcp (Microsoft Operations Manager), 1227/tcp (DNS2Go), 1290/tcp (WinJaServer), 1260/tcp (ibm-ssd), 1256/tcp (de-server), 1218/tcp (AeroFlight-ADs), 1224/tcp (VPNz), 1281/tcp (healthd), 1228/tcp (FLORENCE), 1214/tcp (KAZAA).
      
BHD Honeypot
Port scan
2021-01-15

In the last 24h, the attacker (180.214.238.124) attempted to scan 20 ports.
The following ports have been scanned: 1154/tcp (Community Service), 1118/tcp (SACRED), 1190/tcp (CommLinx GPS / AVL System), 1145/tcp (X9 iCue Show Control), 1194/tcp (OpenVPN), 1138/tcp (encrypted admin requests), 1110/tcp (Start web admin server), 1101/tcp (PT2-DISCOVER), 1129/tcp (SAPHostControl over SOAP/HTTPS), 1173/tcp (D-Cinema Request-Response), 1147/tcp (CAPIoverLAN), 1165/tcp (QSM GUI Service), 1137/tcp (TRIM Workgroup Service), 1175/tcp (Dossier Server), 1148/tcp (Elfiq Replication Service), 1171/tcp (AT+C FmiApplicationServer), 1123/tcp (Murray), 1115/tcp (ARDUS Transfer), 1193/tcp (Five Across Server), 1107/tcp (ISOIPSIGPORT-2).
      
BHD Honeypot
Port scan
2021-01-14

In the last 24h, the attacker (180.214.238.124) attempted to scan 42 ports.
The following ports have been scanned: 1052/tcp (Dynamic DNS Tools), 1117/tcp (ARDUS Multicast Transfer), 1012/tcp, 1031/tcp (BBN IAD), 1124/tcp (HP VMM Control), 1024/tcp (Reserved), 1093/tcp (PROOFD), 1045/tcp (Fingerprint Image Transfer Protocol), 1018/tcp, 1028/tcp, 1096/tcp (Common Name Resolution Protocol), 1050/tcp (CORBA Management Agent), 1037/tcp (AMS), 1091/tcp (FF System Management), 1020/tcp, 1029/tcp (Solid Mux Server), 1069/tcp (COGNEX-INSIGHT), 1030/tcp (BBN IAD), 1088/tcp (CPL Scrambler Alarm Log), 1068/tcp (Installation Bootstrap Proto. Cli.), 1200/tcp (SCOL), 1076/tcp (DAB STI-C), 1089/tcp (FF Annunciation), 1073/tcp (Bridge Control), 1180/tcp (Millicent Client Proxy), 1026/tcp (Calendar Access Protocol), 1167/tcp (Cisco IP SLAs Control Protocol), 1033/tcp (local netinfo port), 1062/tcp (Veracity), 1008/tcp, 1083/tcp (Anasoft License Manager), 1054/tcp (BRVREAD), 1025/tcp (network blackjack), 1056/tcp (VFO), 1078/tcp (Avocent Proxy Protocol), 1041/tcp (AK2 Product), 1095/tcp (NICELink), 1094/tcp (ROOTD), 1065/tcp (SYSCOMLAN), 1009/tcp.
      
BHD Honeypot
Port scan
2021-01-13

In the last 24h, the attacker (180.214.238.124) attempted to scan 10 ports.
The following ports have been scanned: 1042/tcp (Subnet Roaming), 1099/tcp (RMI Registry), 1003/tcp, 1043/tcp (BOINC Client Control), 1071/tcp (BSQUARE-VOIP), 1039/tcp (Streamlined Blackhole), 1047/tcp (Sun's NEO Object Request Broker), 1084/tcp (Anasoft License Manager), 1011/tcp, 1048/tcp (Sun's NEO Object Request Broker).
      
BHD Honeypot
Port scan
2021-01-13

Port scan from IP: 180.214.238.124 detected by psad.
BHD Honeypot
Port scan
2021-01-01

In the last 24h, the attacker (180.214.238.124) attempted to scan 5 ports.
The following ports have been scanned: 33896/tcp, 33895/tcp, 33890/tcp, 33891/tcp, 33894/tcp.
      
BHD Honeypot
Port scan
2020-12-31

In the last 24h, the attacker (180.214.238.124) attempted to scan 32 ports.
The following ports have been scanned: 3398/tcp (Mercantile), 2222/tcp (EtherNet/IP I/O), 33896/tcp, 3396/tcp (Printer Agent), 3390/tcp (Distributed Service Coordinator), 30000/tcp, 5555/tcp (Personal Agent), 6666/tcp, 20000/tcp (DNP), 999/tcp (puprouter), 6000/tcp (-6063/udp   X Window System), 900/tcp (OMG Initial Refs), 11111/tcp (Viral Computing Environment (VCE)), 4000/tcp (Terabase), 33895/tcp, 3394/tcp (D2K Tapestry Server to Server), 3391/tcp (SAVANT), 40000/tcp (SafetyNET p), 50000/tcp, 600/tcp (Sun IPC server), 33892/tcp, 1111/tcp (LM Social Server), 33897/tcp, 3333/tcp (DEC Notes), 44444/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 33333/tcp (Digital Gaslight Service), 9999/tcp (distinct), 2000/tcp (Cisco SCCP).
      
BHD Honeypot
Port scan
2020-12-31

Port scan from IP: 180.214.238.124 detected by psad.
BHD Honeypot
Port scan
2020-12-20

In the last 24h, the attacker (180.214.238.124) attempted to scan 5 ports.
The following ports have been scanned: 3386/tcp (GPRS Data), 3384/tcp (Cluster Management Services), 3374/tcp (Cluster Disc), 3381/tcp (Geneous), 3382/tcp (Fujitsu Network Enhanced Antitheft function).
      
BHD Honeypot
Port scan
2020-12-19

In the last 24h, the attacker (180.214.238.124) attempted to scan 10 ports.
The following ports have been scanned: 10023/tcp, 10050/tcp (Zabbix Agent), 10020/tcp, 10017/tcp, 10007/tcp (MVS Capacity), 10034/tcp, 10042/tcp, 10019/tcp, 10041/tcp, 10043/tcp.
      
BHD Honeypot
Port scan
2020-12-18

Port scan from IP: 180.214.238.124 detected by psad.
BHD Honeypot
Port scan
2020-12-18

In the last 24h, the attacker (180.214.238.124) attempted to scan 35 ports.
The following ports have been scanned: 33926/tcp, 33963/tcp, 33903/tcp, 33941/tcp, 33905/tcp, 33948/tcp, 33912/tcp, 33931/tcp, 33946/tcp, 33902/tcp, 33943/tcp, 33911/tcp, 33969/tcp, 33967/tcp, 33965/tcp, 33952/tcp, 33918/tcp, 33968/tcp, 33895/tcp, 33890/tcp, 33960/tcp, 33934/tcp, 33950/tcp, 33947/tcp, 33893/tcp, 33936/tcp, 33927/tcp, 33906/tcp, 33933/tcp, 33954/tcp, 33922/tcp, 33915/tcp, 33956/tcp, 33899/tcp, 33919/tcp.
      
BHD Honeypot
Port scan
2020-12-17

In the last 24h, the attacker (180.214.238.124) attempted to scan 28 ports.
The following ports have been scanned: 3398/tcp (Mercantile), 2222/tcp (EtherNet/IP I/O), 33896/tcp, 3396/tcp (Printer Agent), 9000/tcp (CSlistener), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 22222/tcp, 5555/tcp (Personal Agent), 20000/tcp (DNP), 6000/tcp (-6063/udp   X Window System), 3000/tcp (RemoteWare Client), 33895/tcp, 3393/tcp (D2K Tapestry Client to Server), 33898/tcp, 5000/tcp (commplex-main), 3391/tcp (SAVANT), 40000/tcp (SafetyNET p), 50000/tcp, 33891/tcp, 44444/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 33899/tcp, 3397/tcp (Cloanto License Manager), 2000/tcp (Cisco SCCP).
      
BHD Honeypot
Port scan
2020-12-14

In the last 24h, the attacker (180.214.238.124) attempted to scan 5 ports.
The following ports have been scanned: 3096/tcp (Active Print Server Port), 3093/tcp (Jiiva RapidMQ Center), 3085/tcp (PCIHReq), 3078/tcp (Orbix 2000 Locator SSL), 3058/tcp (videobeans).
      
BHD Honeypot
Port scan
2020-12-13

Port scan from IP: 180.214.238.124 detected by psad.
BHD Honeypot
Port scan
2020-12-06

In the last 24h, the attacker (180.214.238.124) attempted to scan 11 ports.
The following ports have been scanned: 33896/tcp, 33895/tcp, 33890/tcp, 33893/tcp, 33892/tcp, 33897/tcp, 33891/tcp.
      
BHD Honeypot
Port scan
2020-12-05

Port scan from IP: 180.214.238.124 detected by psad.
BHD Honeypot
Port scan
2020-12-01

In the last 24h, the attacker (180.214.238.124) attempted to scan 42 ports.
The following ports have been scanned: 3118/tcp (PKAgent), 3096/tcp (Active Print Server Port), 3012/tcp (Trusted Web Client), 3023/tcp (magicnotes), 3050/tcp (gds_db), 3104/tcp (Autocue Logger Protocol), 3008/tcp (Midnight Technologies), 3029/tcp (LiebDevMgmt_A), 3151/tcp (NetMike Assessor), 3098/tcp (Universal Message Manager), 3046/tcp (di-ase), 3113/tcp (CS-Authenticate Svr Port), 3169/tcp (SERVERVIEW-AS), 3174/tcp (ARMI Server), 3154/tcp (ON RMI Registry), 3112/tcp (KDE System Guard), 3125/tcp (A13-AN Interface), 3040/tcp (Tomato Springs), 3148/tcp (NetMike Game Administrator), 3053/tcp (dsom-server), 3086/tcp (JDL-DBKitchen), 3070/tcp (MGXSWITCH), 3115/tcp (MCTET Master), 3034/tcp (Osmosis / Helix (R) AEEA Port), 3157/tcp (CCC Listener Port), 3006/tcp (Instant Internet Admin), 3058/tcp (videobeans), 3071/tcp (ContinuStor Manager Port), 3138/tcp (rtnt-2 data packets), 3014/tcp (Broker Service), 3007/tcp (Lotus Mail Tracking Agent Protocol), 3135/tcp (PeerBook Port), 3150/tcp (NetMike Assessor Administrator), 3149/tcp (NetMike Game Server), 3088/tcp (eXtensible Data Transfer Protocol).
      
BHD Honeypot
Port scan
2020-11-30

In the last 24h, the attacker (180.214.238.124) attempted to scan 18 ports.
The following ports have been scanned: 3140/tcp (Arilia Multiplexor), 3163/tcp (RES-SAP), 3105/tcp (Cardbox), 3075/tcp (Orbix 2000 Locator), 3054/tcp (AMT CNF PROT), 3065/tcp (slinterbase), 3052/tcp (APC 3052), 3025/tcp (Arepa Raft), 3032/tcp (Redwood Chat), 3128/tcp (Active API Server Port), 3042/tcp (journee), 3039/tcp (Cogitate, Inc.), 3132/tcp (Microsoft Business Rule Engine Update Service), 3004/tcp (Csoft Agent).
      
BHD Honeypot
Port scan
2020-11-29

In the last 24h, the attacker (180.214.238.124) attempted to scan 41 ports.
The following ports have been scanned: 3282/tcp (Datusorb), 3358/tcp (Mp Sys Rmsvr), 3359/tcp (WG NetForce), 3321/tcp (VNSSTR), 3299/tcp (pdrncs), 3356/tcp (UPNOTIFYPS), 3345/tcp (Influence), 3377/tcp (Cogsys Network License Manager), 3383/tcp (Enterprise Software Products License Manager), 3363/tcp (NATI Vi Server), 3320/tcp (Office Link 2000), 3387/tcp (Back Room Net), 3339/tcp (OMF data l), 3288/tcp (COPS), 3376/tcp (CD Broker), 3372/tcp (TIP 2), 3311/tcp (MCNS Tel Ret), 3384/tcp (Cluster Management Services), 3294/tcp (fg-gip), 3378/tcp (WSICOPY), 3295/tcp (Dynamic IP Lookup), 3316/tcp (AICC/CMI), 3284/tcp (4Talk), 3371/tcp, 3306/tcp (MySQL), 3338/tcp (OMF data b), 3362/tcp (DJ ILM), 3374/tcp (Cluster Disc), 3298/tcp (DeskView), 3336/tcp (Direct TV Tickers), 3381/tcp (Geneous), 3287/tcp (DIRECTVDATA), 3333/tcp (DEC Notes), 3307/tcp (OP Session Proxy), 3334/tcp (Direct TV Webcasting), 3341/tcp (OMF data h), 3286/tcp (E-Net), 3301/tcp, 3285/tcp (Plato), 3375/tcp (VSNM Agent).
      

Blacklist

Near real-time, easy to use data feed containing IPs reported on our website.

Bronze

$3

Updated daily

Learn More

Silver

$15

Updated every hour

Learn More

Gold

$30

Updated every 10 minutes

Learn More

Remarks

Black hat directory contains this IP address, because Internet users reported it as an address making unsolicited, nagging requests. We make every effort to ensure that the information contained in the Black hat directory are correct and up to date. The database is developed and updated by Internet users and moderators.

If you have any reliable information regarding malicious activity originating from this IP address, please share it with others and fill in the 'Report breach' form. It is prohibited from adding personally identifiable information.

Below breach categories are used in the database:

  • Denial of service attack - this attack is accomplished by flooding the target with massive amount of requests in order to overload the targeted system
  • Brute force attack - this category encompasses attempts to login to machine by trying many passwords and usernames
  • Backdoor attack - this category represents bypassing authentication by hidden programs or services to obtain remote access to a computer or trojan activity
  • Port scan - represents attackers identifying running services on the targeted machine by probing a server for open ports
  • Malicious bot - this category encompasses all bots performing unsolicited requests or ignoring robots.txt file
  • Anonymous proxy - public proxies like Tor, I2P relays or anonymous VPNs are often used by attacker to hide his identity
  • Web attack - attempts to exploit web application security flaws
  • CMS attack - attempts to exploit CMS vulnerability
  • App vulnerability attack - attempts to exploit other applications vulnerability
  • Web spam - encompasses all kind of HTTP spamming
  • Email spam - encompasses all kind of E-mail spamming
  • Dodgy activity - this category encompasses superfluous, dodgy requests

Emerging threats

The most commonly reported IP addresses in the last 24 hours

Report breach!

Rate host 180.214.238.124