IP address: 80.82.64.229

Host rating:

2.0

out of 35 votes

Last update: 2020-08-04

Host details

Unknown
Netherlands
Unknown
AS29073 Quasi Networks LTD.
See comments

Reported breaches

  • CMS attack
  • Port scan
Report breach

Whois record

The publicly-available Whois record found at whois.ripe.net server.

% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
%       To receive output for a database update, use the "-B" flag.

% Information related to '80.82.64.0 - 80.82.64.255'

% Abuse contact for '80.82.64.0 - 80.82.64.255' is '[email protected]'

inetnum:        80.82.64.0 - 80.82.64.255
netname:        NET-1-64
descr:          IPV NETBLOCK
country:        NL
geoloc:         52.370216 4.895168
org:            ORG-IVI1-RIPE
admin-c:        IVI24-RIPE
tech-c:         IVI24-RIPE
status:         ASSIGNED PA
mnt-by:         IPV
mnt-lower:      IPV
mnt-routes:     IPV
created:        2010-09-19T16:51:12Z
last-modified:  2019-02-01T18:24:55Z
source:         RIPE

% Information related to '80.82.64.0/24AS202425'

route:          80.82.64.0/24
origin:         AS202425
remarks:        +-----------------------------------------------
remarks:        | For abuse e-mail [email protected]
remarks:        | We do not always reply to abuse.
remarks:        | But we do take care your report is dealt with!
remarks:        +-----------------------------------------------
mnt-by:         IPV
created:        2019-01-24T15:07:49Z
last-modified:  2019-02-01T12:32:15Z
source:         RIPE

% This query was served by the RIPE Database Query Service version 1.97.1 (WAGYU)


User comments

35 security incident(s) reported by users

Anonymous
CMS attack
2020-08-04

An attempt of exploiting cms application vulnerability at /wp-login.php.
BHD Honeypot
Port scan
2020-02-16

In the last 24h, the attacker (80.82.64.229) attempted to scan 52 ports.
The following ports have been scanned: 3398/tcp (Mercantile), 3396/tcp (Printer Agent), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 13389/tcp, 3383/tcp (Enterprise Software Products License Manager), 3387/tcp (Back Room Net), 3385/tcp (qnxnetman), 3384/tcp (Cluster Management Services), 33389/tcp, 3393/tcp (D2K Tapestry Client to Server), 3392/tcp (EFI License Management), 3394/tcp (D2K Tapestry Server to Server), 3391/tcp (SAVANT), 33089/tcp, 12345/tcp (Italk Chat System), 33891/tcp, 3333/tcp (DEC Notes), 33899/tcp, 3399/tcp (CSMS), 3388/tcp (CB Server).
      
BHD Honeypot
Port scan
2020-02-14

In the last 24h, the attacker (80.82.64.229) attempted to scan 32 ports.
The following ports have been scanned: 3398/tcp (Mercantile), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 3383/tcp (Enterprise Software Products License Manager), 3387/tcp (Back Room Net), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 3384/tcp (Cluster Management Services), 3393/tcp (D2K Tapestry Client to Server), 3392/tcp (EFI License Management), 3394/tcp (D2K Tapestry Server to Server), 3391/tcp (SAVANT), 3381/tcp (Geneous), 3380/tcp (SNS Channels), 3397/tcp (Cloanto License Manager), 3399/tcp (CSMS), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 3388/tcp (CB Server).
      
BHD Honeypot
Port scan
2020-02-13

Port scan from IP: 80.82.64.229 detected by psad.
BHD Honeypot
Port scan
2020-02-06

In the last 24h, the attacker (80.82.64.229) attempted to scan 20 ports.
The following ports have been scanned: 3368/tcp, 3398/tcp (Mercantile), 3390/tcp (Distributed Service Coordinator), 3377/tcp (Cogsys Network License Manager), 3383/tcp (Enterprise Software Products License Manager), 3363/tcp (NATI Vi Server), 3387/tcp (Back Room Net), 3379/tcp (SOCORFS), 3373/tcp (Lavenir License Manager), 3393/tcp (D2K Tapestry Client to Server), 3392/tcp (EFI License Management), 3351/tcp (Btrieve port), 3394/tcp (D2K Tapestry Server to Server), 3371/tcp, 3354/tcp (SUITJD), 3374/tcp (Cluster Disc), 3370/tcp, 3366/tcp (Creative Partner), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 3388/tcp (CB Server).
      
BHD Honeypot
Port scan
2020-02-02

In the last 24h, the attacker (80.82.64.229) attempted to scan 5 ports.
The following ports have been scanned: 2525/tcp (MS V-Worlds), 2017/tcp (cypress-stat), 2016/tcp (bootserver), 5500/tcp (fcp-addr-srvr1), 2019/tcp (whosockami).
      
BHD Honeypot
Port scan
2020-02-02

Port scan from IP: 80.82.64.229 detected by psad.
BHD Honeypot
Port scan
2020-01-27

In the last 24h, the attacker (80.82.64.229) attempted to scan 67 ports.
The following ports have been scanned: 3398/tcp (Mercantile), 3396/tcp (Printer Agent), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 3383/tcp (Enterprise Software Products License Manager), 3387/tcp (Back Room Net), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 3384/tcp (Cluster Management Services), 3393/tcp (D2K Tapestry Client to Server), 3392/tcp (EFI License Management), 3394/tcp (D2K Tapestry Server to Server), 3391/tcp (SAVANT), 3400/tcp (CSMS2), 3397/tcp (Cloanto License Manager), 3399/tcp (CSMS), 3388/tcp (CB Server).
      
BHD Honeypot
Port scan
2020-01-25

In the last 24h, the attacker (80.82.64.229) attempted to scan 15 ports.
The following ports have been scanned: 3398/tcp (Mercantile), 3396/tcp (Printer Agent), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3383/tcp (Enterprise Software Products License Manager), 3387/tcp (Back Room Net), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 3384/tcp (Cluster Management Services), 3393/tcp (D2K Tapestry Client to Server), 3394/tcp (D2K Tapestry Server to Server), 3391/tcp (SAVANT), 3397/tcp (Cloanto License Manager), 3399/tcp (CSMS), 3388/tcp (CB Server).
      
BHD Honeypot
Port scan
2020-01-23

In the last 24h, the attacker (80.82.64.229) attempted to scan 209 ports.
The following ports have been scanned: 2525/tcp (MS V-Worlds), 1515/tcp (ifor-protocol), 9292/tcp (ArmTech Daemon), 2222/tcp (EtherNet/IP I/O), 7676/tcp (iMQ Broker Rendezvous), 4646/tcp, 8181/tcp, 9090/tcp (WebSM), 1414/tcp (IBM MQSeries), 9696/tcp, 22222/tcp, 5555/tcp (Personal Agent), 7474/tcp, 7575/tcp, 7272/tcp (WatchMe Monitoring 7272), 6666/tcp, 7070/tcp (ARCP), 9898/tcp (MonkeyCom), 7373/tcp, 6565/tcp, 5151/tcp (ESRI SDE Instance), 4747/tcp, 3636/tcp (SerVistaITSM), 5656/tcp, 3535/tcp (MS-LA), 6969/tcp (acmsoda), 11111/tcp (Viral Computing Environment (VCE)), 8989/tcp (Sun Web Server SSL Admin Service), 1818/tcp (Enhanced Trivial File Transfer Protocol), 6767/tcp (BMC PERFORM AGENT), 3434/tcp (OpenCM Server), 9595/tcp (Ping Discovery Service), 6464/tcp, 7171/tcp (Discovery and Retention Mgt Production), 4141/tcp (Workflow Server), 1313/tcp (BMC_PATROLDB), 3131/tcp (Net Book Mark), 8787/tcp (Message Server), 8080/tcp (HTTP Alternate (see port 80)), 1717/tcp (fj-hdnet), 8686/tcp (Sun App Server - JMX/RMI), 1919/tcp (IBM Tivoli Directory Service - DCH), 8585/tcp, 3030/tcp (Arepa Cas), 6262/tcp, 2828/tcp (ITM License Manager), 1010/tcp (surf), 9494/tcp, 9797/tcp, 55555/tcp, 5757/tcp (OpenMail X.500 Directory Server), 3232/tcp (MDT port), 2323/tcp (3d-nfsd), 2424/tcp (KOFAX-SVR), 7979/tcp (Micromuse-ncps), 4040/tcp (Yo.net main service), 1616/tcp (NetBill Product Server), 1111/tcp (LM Social Server), 7777/tcp (cbt), 2626/tcp (gbjd816), 4444/tcp (NV Video default), 3333/tcp (DEC Notes), 2121/tcp (SCIENTIA-SSDB), 9393/tcp, 8484/tcp, 44444/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 3838/tcp (Scito Object Server), 6868/tcp (Acctopus Command Channel), 8282/tcp, 6363/tcp, 3737/tcp (XPanel Daemon), 2020/tcp (xinupageserver), 2929/tcp (AMX-WEBADMIN), 7878/tcp, 33333/tcp (Digital Gaslight Service), 6161/tcp (PATROL Internet Srv Mgr), 8383/tcp (M2m Services), 9999/tcp (distinct), 9191/tcp (Sun AppSvr JPDA), 1212/tcp (lupa), 2727/tcp (Media Gateway Control Protocol Call Agent).
      
BHD Honeypot
Port scan
2020-01-23

Port scan from IP: 80.82.64.229 detected by psad.
BHD Honeypot
Port scan
2020-01-19

In the last 24h, the attacker (80.82.64.229) attempted to scan 76 ports.
The following ports have been scanned: 3398/tcp (Mercantile), 3396/tcp (Printer Agent), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 3383/tcp (Enterprise Software Products License Manager), 3387/tcp (Back Room Net), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 3384/tcp (Cluster Management Services), 3393/tcp (D2K Tapestry Client to Server), 3392/tcp (EFI License Management), 3394/tcp (D2K Tapestry Server to Server), 3391/tcp (SAVANT), 3400/tcp (CSMS2), 3397/tcp (Cloanto License Manager), 3399/tcp (CSMS), 3388/tcp (CB Server).
      
BHD Honeypot
Port scan
2020-01-18

In the last 24h, the attacker (80.82.64.229) attempted to scan 42 ports.
The following ports have been scanned: 3398/tcp (Mercantile), 33896/tcp, 3396/tcp (Printer Agent), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 13389/tcp, 3383/tcp (Enterprise Software Products License Manager), 3387/tcp (Back Room Net), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 3384/tcp (Cluster Management Services), 33890/tcp, 3393/tcp (D2K Tapestry Client to Server), 33898/tcp, 3392/tcp (EFI License Management), 3394/tcp (D2K Tapestry Server to Server), 33893/tcp, 3391/tcp (SAVANT), 3400/tcp (CSMS2), 43389/tcp, 33892/tcp, 33891/tcp, 33899/tcp, 53389/tcp, 3399/tcp (CSMS), 3388/tcp (CB Server), 33894/tcp.
      
BHD Honeypot
Port scan
2020-01-17

In the last 24h, the attacker (80.82.64.229) attempted to scan 197 ports.
The following ports have been scanned: 6689/tcp (Tofino Security Appliance), 3398/tcp (Mercantile), 3396/tcp (Printer Agent), 3410/tcp (NetworkLens SSL Event), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 3409/tcp (NetworkLens Event Port), 3377/tcp (Cogsys Network License Manager), 13389/tcp, 3344/tcp (BNT Manager), 3403/tcp, 9833/tcp, 3383/tcp (Enterprise Software Products License Manager), 3407/tcp (LDAP admin server port), 5555/tcp (Personal Agent), 4189/tcp (Path Computation Element Communication Protocol), 6666/tcp, 3404/tcp, 3387/tcp (Back Room Net), 5589/tcp, 4289/tcp, 6000/tcp (-6063/udp   X Window System), 3379/tcp (SOCORFS), 3406/tcp (Nokia Announcement ch 2), 2389/tcp (OpenView Session Mgr), 3408/tcp (BES Api Port), 5489/tcp, 3000/tcp (RemoteWare Client), 3405/tcp (Nokia Announcement ch 1), 6969/tcp (acmsoda), 3376/tcp (CD Broker), 3373/tcp (Lavenir License Manager), 4000/tcp (Terabase), 3372/tcp (TIP 2), 3434/tcp (OpenCM Server), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 2212/tcp (LeeCO POS Server Service), 3384/tcp (Cluster Management Services), 3401/tcp (filecast), 2289/tcp (Lookup dict server), 3393/tcp (D2K Tapestry Client to Server), 3392/tcp (EFI License Management), 7389/tcp, 5000/tcp (commplex-main), 3378/tcp (WSICOPY), 3394/tcp (D2K Tapestry Server to Server), 3316/tcp (AICC/CMI), 3371/tcp, 33893/tcp, 3391/tcp (SAVANT), 1189/tcp (Unet Connection), 5289/tcp, 23389/tcp, 5189/tcp, 6101/tcp (SynchroNet-rtc), 3400/tcp (CSMS2), 8899/tcp (ospf-lite), 33089/tcp, 3374/tcp (Cluster Disc), 8889/tcp (Desktop Data TCP 1), 3381/tcp (Geneous), 3360/tcp (KV Server), 4389/tcp (Xandros Community Management Service), 3089/tcp (ParaTek Agent Linking), 7789/tcp (Office Tools Pro Receive), 7777/tcp (cbt), 3090/tcp (Senforce Session Services), 4444/tcp (NV Video default), 1389/tcp (Document Manager), 7000/tcp (file server itself), 3333/tcp (DEC Notes), 6389/tcp (clariion-evr01), 4489/tcp, 3370/tcp, 3402/tcp (FXa Engine Network Port), 8890/tcp (Desktop Data TCP 2), 5389/tcp, 33333/tcp (Digital Gaslight Service), 3380/tcp (SNS Channels), 33901/tcp, 3189/tcp (Pinnacle Sys InfEx Port), 3397/tcp (Cloanto License Manager), 3399/tcp (CSMS), 3375/tcp (VSNM Agent), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 3289/tcp (ENPC), 3388/tcp (CB Server).
      
BHD Honeypot
Port scan
2020-01-16

In the last 24h, the attacker (80.82.64.229) attempted to scan 62 ports.
The following ports have been scanned: 3396/tcp (Printer Agent), 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 3344/tcp (BNT Manager), 3434/tcp (OpenCM Server), 2212/tcp (LeeCO POS Server Service), 2289/tcp (Lookup dict server), 3393/tcp (D2K Tapestry Client to Server), 3316/tcp (AICC/CMI), 6101/tcp (SynchroNet-rtc), 3400/tcp (CSMS2), 3360/tcp (KV Server), 4389/tcp (Xandros Community Management Service), 33892/tcp, 3333/tcp (DEC Notes), 33899/tcp, 33901/tcp, 53389/tcp, 3399/tcp (CSMS), 3388/tcp (CB Server).
      
BHD Honeypot
Port scan
2020-01-15

Port scan from IP: 80.82.64.229 detected by psad.
BHD Honeypot
Port scan
2020-01-13

In the last 24h, the attacker (80.82.64.229) attempted to scan 5 ports.
The following ports have been scanned: 8389/tcp, 7389/tcp, 9389/tcp (Active Directory Web Services), 1389/tcp (Document Manager), 6389/tcp (clariion-evr01).
      
BHD Honeypot
Port scan
2020-01-12

In the last 24h, the attacker (80.82.64.229) attempted to scan 68 ports.
The following ports have been scanned: 3398/tcp (Mercantile), 33896/tcp, 3396/tcp (Printer Agent), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 13389/tcp, 3383/tcp (Enterprise Software Products License Manager), 3387/tcp (Back Room Net), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 3384/tcp (Cluster Management Services), 33895/tcp, 33389/tcp, 33890/tcp, 3393/tcp (D2K Tapestry Client to Server), 33898/tcp, 3392/tcp (EFI License Management), 3394/tcp (D2K Tapestry Server to Server), 33893/tcp, 3391/tcp (SAVANT), 23389/tcp, 3381/tcp (Geneous), 43389/tcp, 33892/tcp, 33897/tcp, 33891/tcp, 33899/tcp, 3380/tcp (SNS Channels), 3397/tcp (Cloanto License Manager), 53389/tcp, 3399/tcp (CSMS), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 3388/tcp (CB Server), 33894/tcp.
      
BHD Honeypot
Port scan
2020-01-11

In the last 24h, the attacker (80.82.64.229) attempted to scan 41 ports.
The following ports have been scanned: 3398/tcp (Mercantile), 3396/tcp (Printer Agent), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 3383/tcp (Enterprise Software Products License Manager), 3387/tcp (Back Room Net), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 3384/tcp (Cluster Management Services), 3393/tcp (D2K Tapestry Client to Server), 3392/tcp (EFI License Management), 3394/tcp (D2K Tapestry Server to Server), 3391/tcp (SAVANT), 3397/tcp (Cloanto License Manager), 3399/tcp (CSMS), 3388/tcp (CB Server).
      
BHD Honeypot
Port scan
2020-01-10

In the last 24h, the attacker (80.82.64.229) attempted to scan 87 ports.
The following ports have been scanned: 93/tcp (Device Control Protocol), 103/tcp (Genesis Point-to-Point Trans Net), 72/tcp (Remote Job Service), 75/tcp (any private dial out service), 97/tcp (Swift Remote Virtural File Protocol), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 111/tcp (SUN Remote Procedure Call), 69/tcp (Trivial File Transfer), 68/tcp (Bootstrap Protocol Client), 92/tcp (Network Printing Protocol), 94/tcp (Tivoli Object Dispatcher), 79/tcp (Finger), 96/tcp (DIXIE Protocol Specification), 90/tcp (DNSIX Securit Attribute Token Map), 83/tcp (MIT ML Device), 63/tcp (whois++), 56/tcp (XNS Authentication), 77/tcp (any private RJE service), 104/tcp (ACR-NEMA Digital Imag. & Comm. 300), 110/tcp (Post Office Protocol - Version 3), 62/tcp (ACA Services), 8443/tcp (PCsync HTTPS), 106/tcp (3COM-TSMUX), 76/tcp (Distributed External Object Store), 5/tcp (Remote Job Entry), 99/tcp (Metagram Relay), 119/tcp (Network News Transfer Protocol), 86/tcp (Micro Focus Cobol), 57/tcp (any private terminal access), 65/tcp (TACACS-Database Service), 54/tcp (XNS Clearinghouse), 13/tcp (Daytime (RFC 867)), 48/tcp (Digital Audit Daemon), 47/tcp (NI FTP), 9/tcp (Discard), 112/tcp (McIDAS Data Transmission Protocol), 115/tcp (Simple File Transfer Protocol), 3393/tcp (D2K Tapestry Client to Server), 84/tcp (Common Trace Facility), 3392/tcp (EFI License Management), 20/tcp (File Transfer [Default Data]), 12/tcp, 120/tcp (CFDPTKT), 3394/tcp (D2K Tapestry Server to Server), 53/tcp (Domain Name Server), 89/tcp (SU/MIT Telnet Gateway), 44/tcp (MPM FLAGS Protocol), 59/tcp (any private file service), 73/tcp (Remote Job Service), 15/tcp, 3391/tcp (SAVANT), 81/tcp, 7/tcp (Echo), 116/tcp (ANSA REX Notify), 71/tcp (Remote Job Service), 105/tcp (Mailbox Name Nameserver), 114/tcp, 50/tcp (Remote Mail Checking Protocol), 16/tcp, 61/tcp (NI MAIL), 102/tcp (ISO-TSAP Class 0), 88/tcp (Kerberos), 51/tcp (IMP Logical Address Maintenance), 118/tcp (SQL Services), 66/tcp (Oracle SQL*NET), 113/tcp (Authentication Service), 108/tcp (SNA Gateway Access Server), 14/tcp, 67/tcp (Bootstrap Protocol Server), 64/tcp (Communications Integrator (CI)), 85/tcp (MIT ML Device), 45/tcp (Message Processing Module [recv]), 18/tcp (Message Send Protocol), 55/tcp (ISI Graphics Language), 74/tcp (Remote Job Service).
      

Blacklist

Near real-time, easy to use data feed containing IPs reported on our website.

Bronze

$3

Updated daily

Learn More

Silver

$15

Updated every hour

Learn More

Gold

$30

Updated every 10 minutes

Learn More

Remarks

Black hat directory contains this IP address, because Internet users reported it as an address making unsolicited, nagging requests. We make every effort to ensure that the information contained in the Black hat directory are correct and up to date. The database is developed and updated by Internet users and moderators.

If you have any reliable information regarding malicious activity originating from this IP address, please share it with others and fill in the 'Report breach' form. It is prohibited from adding personally identifiable information.

Below breach categories are used in the database:

  • Denial of service attack - this attack is accomplished by flooding the target with massive amount of requests in order to overload the targeted system
  • Brute force attack - this category encompasses attempts to login to machine by trying many passwords and usernames
  • Backdoor attack - this category represents bypassing authentication by hidden programs or services to obtain remote access to a computer or trojan activity
  • Port scan - represents attackers identifying running services on the targeted machine by probing a server for open ports
  • Malicious bot - this category encompasses all bots performing unsolicited requests or ignoring robots.txt file
  • Anonymous proxy - public proxies like Tor, I2P relays or anonymous VPNs are often used by attacker to hide his identity
  • Web attack - attempts to exploit web application security flaws
  • CMS attack - attempts to exploit CMS vulnerability
  • App vulnerability attack - attempts to exploit other applications vulnerability
  • Web spam - encompasses all kind of HTTP spamming
  • Email spam - encompasses all kind of E-mail spamming
  • Dodgy activity - this category encompasses superfluous, dodgy requests

Similar hosts

Hosts with the same ASN

Report breach!

Rate host 80.82.64.229