IP address: 185.153.197.237

Host rating:

2.0

out of 12 votes

Last update: 2019-11-14

Host details

Unknown
Republic of Moldova
Unknown
AS49877 RM Engineering LLC
See comments

Reported breaches

  • Port scan
Report breach

Whois record

The publicly-available Whois record found at whois.ripe.net server.

% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
%       To receive output for a database update, use the "-B" flag.

% Information related to '185.153.196.0 - 185.153.199.255'

% Abuse contact for '185.153.196.0 - 185.153.199.255' is '[email protected]'

inetnum:        185.153.196.0 - 185.153.199.255
netname:        RU-RMENGINEERING-20160524
country:        MD
org:            ORG-REL7-RIPE
admin-c:        AZ6389-RIPE
tech-c:         AZ6389-RIPE
status:         ALLOCATED PA
mnt-by:         RIPE-NCC-HM-MNT
mnt-by:         ru-rmengineering-1-mnt
created:        2016-05-24T14:56:25Z
last-modified:  2016-11-21T15:59:09Z
source:         RIPE

% Information related to '185.153.196.0/22AS49877'

route:          185.153.196.0/22
descr:          RM Engineering LLC
origin:         AS49877
mnt-by:         ru-rmengineering-1-mnt
created:        2016-08-15T16:03:35Z
last-modified:  2016-08-15T16:03:35Z
source:         RIPE

% This query was served by the RIPE Database Query Service version 1.96 (WAGYU)


User comments

12 security incident(s) reported by users

BHD Honeypot
Port scan
2019-11-14

In the last 24h, the attacker (185.153.197.237) attempted to scan 1394 ports.
The following ports have been scanned: 49853/tcp, 6185/tcp, 30017/tcp, 12158/tcp, 2153/tcp (Control Protocol), 93/tcp (Device Control Protocol), 8005/tcp (MXI Generation II for z/OS), 4010/tcp (Samsung Unidex), 59002/tcp, 50859/tcp, 63996/tcp, 47267/tcp, 103/tcp (Genesis Point-to-Point Trans Net), 61005/tcp, 29682/tcp, 52678/tcp, 65522/tcp, 38787/tcp, 2525/tcp (MS V-Worlds), 32134/tcp, 5881/tcp, 3005/tcp (Genius License Manager), 11009/tcp, 55552/tcp, 56087/tcp, 6667/tcp, 7753/tcp, 12006/tcp (DBISAM Database Server - Admin), 55252/tcp, 5518/tcp, 24688/tcp, 5998/tcp, 7270/tcp, 54835/tcp, 1206/tcp (Anthony Data), 20017/tcp, 27586/tcp, 6596/tcp, 10859/tcp, 59059/tcp, 45942/tcp, 2703/tcp (SMS CHAT), 30030/tcp, 1999/tcp (cisco identification port), 15156/tcp, 1515/tcp (ifor-protocol), 18428/tcp, 5126/tcp, 5495/tcp, 45790/tcp, 3305/tcp (ODETTE-FTP), 8088/tcp (Radan HTTP), 27958/tcp, 1195/tcp (RSF-1 clustering), 28849/tcp, 46097/tcp, 1168/tcp (VChat Conference Service), 4018/tcp (Talarian Mcast), 1329/tcp (netdb-export), 9292/tcp (ArmTech Daemon), 1032/tcp (BBN IAD), 40643/tcp, 5977/tcp, 34297/tcp, 31948/tcp (Embedded Device Configuration Protocol TX), 23000/tcp (Inova LightLink Server Type 1), 5344/tcp (xkoto DRCP), 33904/tcp, 6893/tcp, 62882/tcp, 1117/tcp (ARDUS Multicast Transfer), 22182/tcp, 6011/tcp, 33388/tcp, 5329/tcp, 53245/tcp, 6286/tcp, 43550/tcp, 1000/tcp (cadlock2), 200/tcp (IBM System Resource Controller), 33396/tcp, 2222/tcp (EtherNet/IP I/O), 5517/tcp, 5490/tcp, 2224/tcp (Easy Flexible Internet/Multiplayer Games), 33896/tcp, 18732/tcp, 39733/tcp, 8170/tcp, 5778/tcp, 48701/tcp, 9000/tcp (CSlistener), 5516/tcp, 19156/tcp, 20656/tcp, 6028/tcp, 6233/tcp, 65151/tcp, 1610/tcp (taurus-wh), 5563/tcp, 62222/tcp, 33589/tcp, 5273/tcp, 6250/tcp, 33905/tcp, 58799/tcp, 1889/tcp (Unify Web Adapter Service), 30004/tcp, 5430/tcp (RADEC CORP), 680/tcp (entrust-aaas), 5482/tcp, 6601/tcp (Microsoft Threat Management Gateway SSTP), 3410/tcp (NetworkLens SSL Event), 63399/tcp, 13644/tcp, 25193/tcp, 53177/tcp, 40008/tcp, 5642/tcp, 3323/tcp, 5915/tcp, 5969/tcp (mppolicy-mgr), 10060/tcp, 7100/tcp (X Font Service), 13579/tcp, 2479/tcp (SecurSight Event Logging Server (SSL)), 52306/tcp, 2342/tcp (Seagate Manage Exec), 60010/tcp, 31425/tcp, 27609/tcp, 3321/tcp (VNSSTR), 3390/tcp (Distributed Service Coordinator), 44985/tcp, 30035/tcp, 30001/tcp (Pago Services 1), 5491/tcp, 27959/tcp, 2682/tcp, 5860/tcp, 9006/tcp, 43948/tcp, 1044/tcp (Dev Consortium Utility), 32890/tcp, 17468/tcp, 17469/tcp, 5854/tcp, 6113/tcp (Daylite Server), 6167/tcp, 33900/tcp, 60001/tcp, 47183/tcp, 45882/tcp, 6512/tcp, 6545/tcp, 5678/tcp (Remote Replication Agent Connection), 8011/tcp, 45807/tcp, 6891/tcp, 1031/tcp (BBN IAD), 43205/tcp, 19142/tcp, 6171/tcp, 51088/tcp, 9993/tcp (OnLive-2), 5237/tcp (m-net discovery), 3303/tcp (OP Session Client), 1920/tcp (IBM Tivoli Directory Service - FERRET), 49852/tcp, 18360/tcp, 7207/tcp, 5390/tcp, 5602/tcp (A1-MSC), 61409/tcp, 51098/tcp, 5695/tcp, 19270/tcp, 5305/tcp (HA Cluster Test), 54030/tcp, 5650/tcp, 19936/tcp, 26744/tcp, 30031/tcp, 5363/tcp (Windows Network Projection), 1157/tcp (Oracle iASControl), 32653/tcp, 6598/tcp, 40010/tcp, 18933/tcp, 29098/tcp, 5320/tcp (Webservices-based Zn interface of BSF), 53903/tcp, 69/tcp (Trivial File Transfer), 5896/tcp, 41318/tcp, 58001/tcp, 11524/tcp, 16899/tcp, 60394/tcp, 65366/tcp, 11002/tcp, 1127/tcp (KWDB Remote Communication), 55000/tcp, 21163/tcp, 53333/tcp, 5509/tcp, 3377/tcp (Cogsys Network License Manager), 5514/tcp, 33110/tcp, 2001/tcp (dc), 5902/tcp, 41317/tcp, 5878/tcp, 44449/tcp, 92/tcp (Network Printing Protocol), 5968/tcp (mppolicy-v5), 5150/tcp (Ascend Tunnel Management Protocol), 39730/tcp, 5525/tcp, 13389/tcp, 32901/tcp, 1879/tcp (NettGain NMS), 43709/tcp, 20539/tcp, 64769/tcp, 12020/tcp, 18159/tcp, 5196/tcp, 9833/tcp, 5910/tcp (Context Management), 22228/tcp, 6026/tcp, 13977/tcp, 58032/tcp, 4008/tcp (NetCheque accounting), 6848/tcp, 20869/tcp, 24690/tcp, 5359/tcp (Microsoft Alerter), 7795/tcp, 64636/tcp, 94/tcp (Tivoli Object Dispatcher), 1186/tcp (MySQL Cluster Manager), 7074/tcp, 1024/tcp (Reserved), 1906/tcp (TPortMapperReq), 44441/tcp, 48877/tcp, 5265/tcp (3Com Network Jack Port 2), 62183/tcp, 6006/tcp, 5416/tcp (SNS Gateway), 20121/tcp, 3343/tcp (MS Cluster Net), 6267/tcp (GridLAB-D User Interface), 5599/tcp (Enterprise Security Remote Install), 1479/tcp (dberegister), 53609/tcp, 2360/tcp (NexstorIndLtd), 17380/tcp, 3383/tcp (Enterprise Software Products License Manager), 3407/tcp (LDAP admin server port), 5761/tcp, 18730/tcp, 7411/tcp, 1994/tcp (cisco serial tunnel port), 5555/tcp (Personal Agent), 34928/tcp, 19876/tcp, 5522/tcp, 90/tcp (DNSIX Securit Attribute Token Map), 7397/tcp (Hexarc Command Language), 5010/tcp (TelepathStart), 17896/tcp, 5018/tcp, 10079/tcp, 5663/tcp, 45470/tcp, 25700/tcp, 11113/tcp, 4455/tcp (PR Chat User), 3363/tcp (NATI Vi Server), 7372/tcp, 1102/tcp (ADOBE SERVER 1), 5605/tcp (A4-SDUNode), 19999/tcp (Distributed Network Protocol - Secure), 5584/tcp (BeInSync-Web), 7115/tcp, 82/tcp (XFER Utility), 30794/tcp, 1058/tcp (nim), 52679/tcp, 56/tcp (XNS Authentication), 7272/tcp (WatchMe Monitoring 7272), 6666/tcp, 1045/tcp (Fingerprint Image Transfer Protocol), 5872/tcp, 6778/tcp, 53328/tcp, 7440/tcp, 54262/tcp, 59487/tcp, 8090/tcp, 20001/tcp (MicroSAN), 5546/tcp, 33902/tcp, 5373/tcp, 52706/tcp, 18874/tcp, 35734/tcp, 7099/tcp (lazy-ptop), 1040/tcp (Netarx Netcare), 5003/tcp (FileMaker, Inc. - Proprietary transport), 58373/tcp, 52472/tcp, 55550/tcp, 45026/tcp, 1049/tcp (Tobit David Postman VPMN), 47932/tcp, 43681/tcp, 63388/tcp, 60395/tcp, 2729/tcp (TCIM Control), 44270/tcp, 10789/tcp, 32455/tcp, 50857/tcp, 32768/tcp (Filenet TMS), 2572/tcp (IBP), 15887/tcp, 20668/tcp, 11119/tcp, 5655/tcp, 2922/tcp (CESD Contents Delivery Data Transfer), 33033/tcp, 21362/tcp, 33882/tcp, 54389/tcp, 58226/tcp, 40021/tcp, 50389/tcp, 27914/tcp, 33822/tcp, 30793/tcp, 25623/tcp, 5200/tcp (TARGUS GetData), 5803/tcp, 5792/tcp, 5601/tcp (Enterprise Security Agent), 10893/tcp, 2866/tcp (iwlistener), 7375/tcp, 5159/tcp, 28851/tcp, 5015/tcp (FileMaker, Inc. - Web publishing), 13390/tcp, 5587/tcp, 50005/tcp, 6438/tcp, 27705/tcp, 33833/tcp, 56437/tcp, 3424/tcp (xTrade over TLS/SSL), 5254/tcp, 6231/tcp, 5407/tcp (Foresyte-Clear), 6042/tcp, 5732/tcp, 1050/tcp (CORBA Management Agent), 24747/tcp, 55566/tcp, 31274/tcp, 43604/tcp, 28727/tcp, 57076/tcp, 104/tcp (ACR-NEMA Digital Imag. & Comm. 300), 5492/tcp, 46389/tcp, 65535/tcp, 7009/tcp (remote cache manager service), 6000/tcp (-6063/udp   X Window System), 5438/tcp, 3288/tcp (COPS), 46625/tcp, 7871/tcp, 16973/tcp, 5970/tcp, 47931/tcp, 52438/tcp, 64254/tcp, 6226/tcp, 8380/tcp (Cruise UPDATE), 33337/tcp, 30602/tcp, 8008/tcp (HTTP Alternate), 6949/tcp, 45792/tcp, 12944/tcp, 3314/tcp (Unify Object Host), 2573/tcp (Trust Establish), 50527/tcp, 6073/tcp (DirectPlay8), 5924/tcp, 9998/tcp (Distinct32), 5241/tcp, 4001/tcp (NewOak), 5505/tcp (Checkout Database), 1982/tcp (Evidentiary Timestamp), 3097/tcp, 389/tcp (Lightweight Directory Access Protocol), 20524/tcp, 13976/tcp, 64046/tcp, 47748/tcp, 7925/tcp, 10124/tcp, 30389/tcp, 6753/tcp, 24862/tcp, 6269/tcp (Grid Authentication Alt), 5843/tcp, 25462/tcp, 9207/tcp (WAP vCal Secure), 8125/tcp, 2389/tcp (OpenView Session Mgr), 5604/tcp (A3-SDUNode), 3429/tcp (GCSP user port), 1632/tcp (PAMMRATC), 5627/tcp (Node Initiated Network Association Forma), 5376/tcp, 32654/tcp, 1034/tcp (ActiveSync Notifications), 6543/tcp (lds_distrib), 34929/tcp, 6062/tcp, 43949/tcp, 2345/tcp (dbm), 60000/tcp, 61085/tcp, 5521/tcp, 55444/tcp, 5489/tcp, 23786/tcp, 27645/tcp, 52702/tcp, 40276/tcp, 58663/tcp, 42244/tcp, 58888/tcp, 5983/tcp, 5661/tcp, 5478/tcp, 55559/tcp, 3000/tcp (RemoteWare Client), 45876/tcp, 34005/tcp, 8043/tcp (FireScope Server), 1037/tcp (AMS), 23390/tcp, 5656/tcp, 33881/tcp, 5367/tcp, 35992/tcp, 7069/tcp, 8304/tcp, 5398/tcp (Elektron Administration), 5845/tcp, 56781/tcp, 53593/tcp, 43101/tcp, 5481/tcp, 58227/tcp, 3405/tcp (Nokia Announcement ch 1), 1020/tcp, 64374/tcp, 22975/tcp, 3332/tcp (MCS Mail Server), 13975/tcp, 31389/tcp, 61962/tcp, 1368/tcp (ScreenCast), 42222/tcp, 33689/tcp, 4012/tcp (PDA Gate), 3535/tcp (MS-LA), 35736/tcp, 13333/tcp, 33908/tcp, 22223/tcp, 2461/tcp (qadmifoper), 34444/tcp, 6432/tcp (PgBouncer), 4491/tcp, 60886/tcp, 58225/tcp, 64463/tcp, 8389/tcp, 6278/tcp, 50001/tcp, 5850/tcp, 8100/tcp (Xprint Server), 4096/tcp (BRE (Bridge Relay Element)), 8089/tcp, 38399/tcp, 28009/tcp, 33203/tcp, 3347/tcp (Phoenix RPC), 41299/tcp, 18158/tcp, 14620/tcp, 8989/tcp (Sun Web Server SSL Admin Service), 223/tcp (Certificate Distribution Center), 9145/tcp, 5526/tcp, 1039/tcp (Streamlined Blackhole), 37092/tcp, 8171/tcp, 16691/tcp, 5617/tcp, 4567/tcp (TRAM), 38786/tcp, 55431/tcp, 15715/tcp, 41126/tcp, 40835/tcp, 10061/tcp, 33258/tcp, 32008/tcp, 22224/tcp, 7982/tcp (Spotlight on SQL Server Desktop Agent), 1105/tcp (FTRANHC), 1971/tcp (NetOp School), 27747/tcp, 52643/tcp, 40012/tcp, 1133/tcp (Data Flow Network), 8083/tcp (Utilistor (Server)), 6083/tcp, 11110/tcp, 1158/tcp (dbControl OMS), 1030/tcp (BBN IAD), 22201/tcp, 38888/tcp, 6889/tcp, 18876/tcp, 6264/tcp, 1119/tcp (Battle.net Chat/Game Protocol), 14359/tcp, 9147/tcp, 5231/tcp, 43682/tcp, 5823/tcp, 55588/tcp, 24302/tcp, 57809/tcp, 44271/tcp, 60011/tcp, 48743/tcp, 6044/tcp, 31423/tcp, 9430/tcp, 5696/tcp, 5797/tcp, 4458/tcp (Matrix Configuration Protocol), 10338/tcp, 51025/tcp, 42713/tcp, 1351/tcp (Digital Tool Works (MIT)), 5352/tcp (DNS Long-Lived Queries), 8180/tcp, 30007/tcp, 20220/tcp, 40277/tcp, 5187/tcp, 5997/tcp, 54556/tcp, 5504/tcp (fcp-cics-gw1), 61960/tcp, 43831/tcp, 6022/tcp, 100/tcp ([unauthorized use]), 12260/tcp, 31054/tcp, 15888/tcp, 39253/tcp, 2654/tcp (Corel VNC Admin), 62266/tcp, 3490/tcp (Colubris Management Port), 3385/tcp (qnxnetman), 5508/tcp, 41111/tcp (Foursticks QoS Protocol), 35652/tcp, 64047/tcp, 32631/tcp, 194/tcp (Internet Relay Chat Protocol), 5424/tcp (Beyond Remote), 5292/tcp, 6146/tcp (Lone Wolf Systems License Manager), 44046/tcp, 8006/tcp, 5341/tcp, 59483/tcp, 52598/tcp, 22962/tcp, 13700/tcp, 6890/tcp, 5684/tcp, 1640/tcp (cert-responder), 44434/tcp, 5961/tcp, 8179/tcp, 3456/tcp (VAT default data), 21699/tcp, 52597/tcp, 63390/tcp, 3311/tcp (MCNS Tel Ret), 23732/tcp, 2056/tcp (OmniSky Port), 18184/tcp (OPSEC LEA), 3229/tcp (Global CD Port), 51000/tcp, 53390/tcp, 47933/tcp, 29940/tcp, 25699/tcp, 47/tcp (NI FTP), 5145/tcp (RMONITOR SECURE), 5386/tcp, 31232/tcp, 5050/tcp (multimedia conference control tool), 3310/tcp (Dyna Access), 5739/tcp, 5782/tcp (3PAR Management Service), 4456/tcp (PR Chat Server), 11955/tcp, 51572/tcp, 16175/tcp, 2017/tcp (cypress-stat), 14286/tcp, 41378/tcp, 5991/tcp (NUXSL), 22227/tcp, 13302/tcp, 1088/tcp (CPL Scrambler Alarm Log), 1110/tcp (Start web admin server), 5774/tcp, 54755/tcp, 4788/tcp, 45525/tcp, 1236/tcp (bvcontrol), 6212/tcp, 33883/tcp, 33390/tcp, 5445/tcp, 33410/tcp, 10101/tcp (eZmeeting), 56555/tcp, 33123/tcp (Aurora (Balaena Ltd)), 14621/tcp, 33992/tcp, 21882/tcp, 21111/tcp, 6097/tcp, 6199/tcp, 40003/tcp, 1122/tcp (availant-mgr), 56815/tcp, 5776/tcp, 45027/tcp, 45567/tcp, 45523/tcp, 59485/tcp, 56198/tcp, 33555/tcp, 3401/tcp (filecast), 7403/tcp, 4486/tcp (Integrated Client Message Service), 47689/tcp, 20004/tcp, 6027/tcp, 4200/tcp (-4299  VRML Multi User Systems), 5713/tcp (proshare conf audio), 53594/tcp, 5580/tcp (T-Mobile SMS Protocol Message 0), 43390/tcp, 37505/tcp, 5449/tcp, 22821/tcp, 33890/tcp, 5804/tcp, 51998/tcp, 60039/tcp, 30601/tcp, 32136/tcp, 8052/tcp (Senomix Timesheets Server), 5166/tcp (WinPCS Service Connection), 3337/tcp (Direct TV Data Catalog), 1205/tcp (Accord-MGC), 5317/tcp, 1156/tcp (iasControl OMS), 1611/tcp (Inter Library Loan), 33898/tcp, 6223/tcp, 8096/tcp, 2174/tcp (MS Firewall Intra Array), 5149/tcp, 31968/tcp, 27012/tcp, 7013/tcp (Microtalon Discovery), 6612/tcp, 5984/tcp (CouchDB), 8003/tcp (Mulberry Connect Reporting Service), 9055/tcp, 20015/tcp, 10007/tcp (MVS Capacity), 5966/tcp, 5880/tcp, 7244/tcp, 5315/tcp (HA Cluster UDP Polling), 27013/tcp, 25701/tcp, 4423/tcp, 5462/tcp (TTL Publisher), 30680/tcp, 11953/tcp, 8081/tcp (Sun Proxy Admin Service), 61010/tcp, 9970/tcp, 5465/tcp (NETOPS-BROKER), 36666/tcp, 6631/tcp, 5099/tcp (SentLM Srv2Srv), 28900/tcp, 33392/tcp, 22939/tcp, 10089/tcp, 7874/tcp, 33480/tcp, 2449/tcp (RATL), 7080/tcp (EmpowerID Communication), 5905/tcp, 31583/tcp, 36937/tcp, 10163/tcp, 57444/tcp, 12588/tcp, 4433/tcp, 5552/tcp, 20019/tcp, 7065/tcp, 19272/tcp, 8009/tcp, 27628/tcp, 5786/tcp, 42245/tcp, 6238/tcp, 6602/tcp (Windows WSS Communication Framework), 40644/tcp, 12/tcp, 17183/tcp, 55430/tcp, 38785/tcp, 51515/tcp, 3378/tcp (WSICOPY), 6599/tcp, 57313/tcp, 29939/tcp, 2462/tcp (qadmifevent), 21390/tcp, 5755/tcp (OpenMail Desk Gateway server), 40834/tcp, 12004/tcp (IBM Enterprise Extender SNA COS Low Priority), 25958/tcp, 2016/tcp (bootserver), 5194/tcp (CipherPoint Config Service), 46351/tcp, 53/tcp (Domain Name Server), 5461/tcp (SILKMETER), 5122/tcp, 47431/tcp, 5930/tcp, 5204/tcp, 5793/tcp (XtreamX Supervised Peer message), 2288/tcp (NETML), 44446/tcp, 6556/tcp, 16972/tcp, 32457/tcp, 5467/tcp, 7153/tcp, 22976/tcp, 9186/tcp, 6071/tcp (SSDTP), 46/tcp (MPM [default send]), 21389/tcp, 5811/tcp, 109/tcp (Post Office Protocol - Version 2), 6962/tcp (jmevt2), 1055/tcp (ANSYS - License Manager), 60915/tcp, 33789/tcp, 33560/tcp, 49070/tcp, 32888/tcp, 44044/tcp, 54512/tcp, 5799/tcp, 13189/tcp, 5365/tcp, 27745/tcp, 7266/tcp, 3099/tcp (CHIPSY Machine Daemon), 33330/tcp, 5256/tcp, 7014/tcp (Microtalon Communications), 1962/tcp (BIAP-MP), 10207/tcp, 3371/tcp, 52361/tcp, 6262/tcp, 38911/tcp, 55211/tcp, 40004/tcp, 27010/tcp, 40100/tcp, 44111/tcp, 33884/tcp, 6060/tcp, 47364/tcp, 47930/tcp, 48311/tcp, 29587/tcp, 5669/tcp, 6040/tcp, 6098/tcp, 51089/tcp, 1070/tcp (GMRUpdateSERV), 5594/tcp, 31424/tcp, 25389/tcp, 6080/tcp, 6145/tcp (StatSci License Manager - 2), 5963/tcp (Indy Application Server), 58924/tcp, 3391/tcp (SAVANT), 5544/tcp, 2203/tcp (b2 Runtime Protocol), 5654/tcp, 6842/tcp (Netmo HTTP), 3300/tcp, 1489/tcp (dmdocbroker), 6074/tcp (Microsoft Max), 30032/tcp, 33819/tcp, 3238/tcp (appareNet Analysis Server), 5464/tcp (Quail Networks Object Broker), 8002/tcp (Teradata ORDBMS), 2680/tcp (pxc-sapxom), 8135/tcp, 7002/tcp (users & groups database), 36180/tcp, 33111/tcp, 4100/tcp (IGo Incognito Data Port), 5609/tcp, 29703/tcp, 16176/tcp, 5366/tcp, 8015/tcp, 1082/tcp (AMT-ESD-PROT), 3082/tcp (TL1-RAW), 15389/tcp, 21388/tcp, 53399/tcp, 16253/tcp, 55554/tcp, 32/tcp, 5645/tcp, 1047/tcp (Sun's NEO Object Request Broker), 27449/tcp, 27629/tcp, 5557/tcp (Sandlab FARENET), 5677/tcp (Quest Central DB2 Launchr), 2015/tcp (cypress), 50958/tcp, 5558/tcp, 30003/tcp, 40024/tcp, 5959/tcp, 30041/tcp, 5958/tcp, 4459/tcp, 5566/tcp (Westec Connect), 61505/tcp, 5591/tcp, 5736/tcp, 5485/tcp, 4573/tcp, 7042/tcp, 30040/tcp, 29051/tcp, 5600/tcp (Enterprise Security Manager), 12587/tcp, 666/tcp (doom Id Software), 3331/tcp (MCS Messaging), 33809/tcp, 20009/tcp, 33906/tcp, 6644/tcp, 39/tcp (Resource Location Protocol), 39734/tcp, 6236/tcp, 65500/tcp, 5771/tcp (NetAgent), 21782/tcp, 1033/tcp (local netinfo port), 2730/tcp (NEC RaidPlus), 45471/tcp, 2363/tcp (Media Central NFSD), 4017/tcp (Talarian Mcast), 9010/tcp (Secure Data Replicator Protocol), 34262/tcp, 33257/tcp, 20546/tcp, 34020/tcp, 8016/tcp, 2728/tcp (SQDR), 8899/tcp (ospf-lite), 14715/tcp, 33089/tcp, 35/tcp (any private printer server), 33362/tcp, 6037/tcp, 39999/tcp, 49573/tcp, 5455/tcp (APC 5455), 5992/tcp (Consul InSight Security), 5870/tcp, 33559/tcp, 12010/tcp (ElevateDB Server), 33989/tcp, 61970/tcp, 13382/tcp, 6587/tcp, 45678/tcp (EBA PRISE), 5335/tcp, 8881/tcp, 1239/tcp (NMSD), 33880/tcp, 5496/tcp, 40933/tcp, 6211/tcp, 1509/tcp (Robcad, Ltd. License Manager), 2150/tcp (DYNAMIC3D), 3350/tcp (FINDVIATV), 5588/tcp, 60685/tcp, 3354/tcp (SUITJD), 5206/tcp, 15553/tcp, 24301/tcp, 6308/tcp, 17074/tcp, 6004/tcp, 31233/tcp, 4242/tcp, 3101/tcp (HP PolicyXpert PIB Server), 6996/tcp, 3003/tcp (CGMS), 2612/tcp (Qpasa Agent), 2424/tcp (KOFAX-SVR), 25388/tcp, 24204/tcp, 8200/tcp (TRIVNET), 25398/tcp, 28956/tcp, 6437/tcp, 5674/tcp (HyperSCSI Port), 5658/tcp, 53684/tcp, 10341/tcp, 53608/tcp, 8102/tcp, 2058/tcp (NewWaveSearchables RMI), 13190/tcp, 5814/tcp (Support Automation), 58791/tcp, 42065/tcp, 5551/tcp, 64917/tcp, 64462/tcp, 35650/tcp, 33335/tcp, 5820/tcp, 33818/tcp, 8591/tcp, 5476/tcp, 5818/tcp, 19271/tcp, 3336/tcp (Direct TV Tickers), 3325/tcp, 5002/tcp (radio free ethernet), 1639/tcp (cert-initiator), 7018/tcp, 32900/tcp, 17048/tcp, 10/tcp, 2062/tcp (ICG SWP Port), 33933/tcp, 53025/tcp, 5480/tcp, 3006/tcp (Instant Internet Admin), 32842/tcp, 7818/tcp, 4040/tcp (Yo.net main service), 5900/tcp (Remote Framebuffer), 29650/tcp, 1616/tcp (NetBill Product Server), 2239/tcp (Image Query), 1620/tcp (faxportwinport), 5515/tcp, 22123/tcp, 6168/tcp, 1116/tcp (ARDUS Control), 16/tcp, 3889/tcp (D and V Tester Control Port), 30011/tcp, 8103/tcp, 3102/tcp (SoftlinK Slave Mon Port), 15742/tcp, 5440/tcp, 17777/tcp (SolarWinds Orion), 41329/tcp, 7064/tcp, 6266/tcp, 64094/tcp, 1083/tcp (Anasoft License Manager), 5641/tcp, 30037/tcp, 5847/tcp, 26/tcp, 6707/tcp, 41715/tcp, 50000/tcp, 4487/tcp (Protocol for Remote Execution over TCP), 9068/tcp, 13349/tcp, 8554/tcp (RTSP Alternate (see port 554)), 668/tcp (MeComm), 8020/tcp (Intuit Entitlement Service and Discovery), 44741/tcp, 24683/tcp, 5553/tcp (SGI Eventmond Port), 11250/tcp, 33892/tcp, 20002/tcp (Commtact HTTP), 36899/tcp, 16384/tcp (Connected Corp), 1111/tcp (LM Social Server), 4009/tcp (Chimera HWM), 53134/tcp, 5391/tcp, 27011/tcp, 513/tcp (remote login a la telnet;), 2008/tcp (conf), 3614/tcp (Invensys Sigma Port), 8126/tcp, 42246/tcp, 53021/tcp, 33897/tcp, 13794/tcp, 53701/tcp, 2301/tcp (Compaq HTTP), 52680/tcp, 26689/tcp, 59486/tcp, 53427/tcp, 4240/tcp, 30336/tcp, 6200/tcp (LM-X License Manager by X-Formation), 5328/tcp, 31395/tcp, 6797/tcp, 5842/tcp, 48879/tcp, 30009/tcp, 1019/tcp, 7395/tcp (winqedit), 5253/tcp (Kohler Power Device Protocol), 41816/tcp, 6961/tcp (JMACT3), 30050/tcp, 3459/tcp (TIP Integral), 13005/tcp, 25555/tcp, 5483/tcp, 7000/tcp (file server itself), 56374/tcp, 2099/tcp (H.225.0 Annex G), 53388/tcp, 60012/tcp, 7205/tcp, 7209/tcp, 3333/tcp (DEC Notes), 6220/tcp, 48321/tcp, 5303/tcp (HA cluster probing), 4489/tcp, 1984/tcp (BB), 16666/tcp, 15305/tcp, 30528/tcp, 6088/tcp, 61225/tcp, 48888/tcp, 23399/tcp, 48744/tcp, 43704/tcp, 34772/tcp, 45524/tcp, 5520/tcp, 4535/tcp (Event Heap Server), 25970/tcp, 40013/tcp, 57035/tcp, 63994/tcp, 18714/tcp, 27014/tcp, 6588/tcp, 56373/tcp, 10102/tcp (eZproxy), 51111/tcp, 43395/tcp, 14076/tcp, 2436/tcp (TOP/X), 58401/tcp, 32655/tcp, 5158/tcp, 4484/tcp (hpssmgmt service), 52362/tcp, 33923/tcp, 2343/tcp (nati logos), 3839/tcp (AMX Resource Management Suite), 5279/tcp, 3402/tcp (FXa Engine Network Port), 4574/tcp, 3116/tcp (MCTET Gateway), 30018/tcp, 5453/tcp (SureBox), 34773/tcp, 6431/tcp, 14444/tcp, 5901/tcp, 8000/tcp (iRDMI), 6963/tcp (swismgr1), 24863/tcp, 44941/tcp, 5689/tcp (QM video network management protocol), 6741/tcp, 33391/tcp, 53352/tcp, 5239/tcp, 43333/tcp, 8007/tcp, 5144/tcp, 5979/tcp, 33334/tcp, 8877/tcp, 56000/tcp, 33991/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 6213/tcp, 2613/tcp (SMNTUBootstrap), 43683/tcp, 10086/tcp, 23333/tcp (Emulex HBAnyware Remote Management), 5579/tcp (FleetDisplay Tracking Service), 33332/tcp, 5535/tcp, 2048/tcp (dls-monitor), 8864/tcp, 5397/tcp (StressTester(tm) Injector), 19715/tcp, 47777/tcp, 39815/tcp, 52473/tcp, 2645/tcp (Novell IPX CMD), 5955/tcp, 44445/tcp, 40999/tcp, 5676/tcp (RA Administration), 5418/tcp (MCNTP), 1989/tcp (MHSnet system), 8632/tcp, 6553/tcp, 17878/tcp, 58796/tcp, 5864/tcp, 32135/tcp, 61002/tcp, 34983/tcp, 5685/tcp, 1255/tcp (de-cache-query), 6554/tcp, 1078/tcp (Avocent Proxy Protocol), 59639/tcp, 4792/tcp, 23894/tcp, 5809/tcp, 54444/tcp, 28344/tcp, 5280/tcp (Bidirectional-streams Over Synchronous HTTP (BOSH)), 5775/tcp, 7140/tcp, 3550/tcp (Secure SMPP), 5681/tcp (Net-coneX Control Protocol), 26117/tcp, 5537/tcp, 50877/tcp, 46626/tcp, 6041/tcp, 42002/tcp, 33778/tcp, 11004/tcp, 38389/tcp, 5671/tcp (amqp protocol over TLS/SSL), 2634/tcp (PK Electronics), 25711/tcp, 51027/tcp, 57810/tcp, 5692/tcp, 33994/tcp, 23764/tcp, 30021/tcp, 8590/tcp, 8097/tcp (SAC Port Id), 58328/tcp, 20658/tcp, 29281/tcp, 20125/tcp, 1642/tcp (isis-am), 58119/tcp, 333/tcp (Texar Security Port), 5413/tcp (WWIOTALK), 63002/tcp, 5338/tcp, 32624/tcp, 33350/tcp, 7878/tcp, 5486/tcp, 56666/tcp, 65155/tcp, 22229/tcp, 57671/tcp, 13701/tcp, 6207/tcp, 52890/tcp, 3361/tcp (KV Agent), 2837/tcp (Repliweb), 4011/tcp (Alternate Service Boot), 39938/tcp, 7071/tcp (IWGADTS Aircraft Housekeeping Message), 32500/tcp, 8004/tcp, 5633/tcp (BE Operations Request Listener), 33333/tcp (Digital Gaslight Service), 44448/tcp, 5012/tcp (NetOnTap Service), 85/tcp (MIT ML Device), 31126/tcp, 23766/tcp, 22961/tcp, 2003/tcp (Brutus Server), 30006/tcp, 6244/tcp (JEOL Network Services Data Transport Protocol 4), 5105/tcp, 64045/tcp, 40435/tcp, 8863/tcp, 1584/tcp (tn-tl-fd2), 55999/tcp, 54557/tcp, 13309/tcp, 53389/tcp, 22536/tcp, 55945/tcp, 1094/tcp (ROOTD), 36605/tcp, 5848/tcp, 5530/tcp, 1079/tcp (ASPROVATalk), 5212/tcp, 6903/tcp, 5690/tcp, 3117/tcp (MCTET Jserv), 5336/tcp, 11316/tcp, 20351/tcp, 10162/tcp (SNMP-Trap-TLS), 7890/tcp, 31788/tcp, 64637/tcp, 22225/tcp, 5123/tcp, 5468/tcp, 8117/tcp, 7399/tcp, 9999/tcp (distinct), 13999/tcp, 10123/tcp, 2149/tcp (ACPTSYS), 32259/tcp, 23388/tcp, 40002/tcp, 5284/tcp, 53350/tcp, 12726/tcp, 12000/tcp (IBM Enterprise Extender SNA XID Exchange), 43950/tcp, 7374/tcp, 65524/tcp, 11115/tcp, 65012/tcp, 23785/tcp, 3240/tcp (Trio Motion Control Port), 44740/tcp, 5612/tcp, 59094/tcp, 29588/tcp, 57488/tcp, 5380/tcp, 9191/tcp (Sun AppSvr JPDA), 38933/tcp, 8166/tcp, 59547/tcp, 3500/tcp (RTMP Port), 35196/tcp, 11852/tcp, 9559/tcp, 54321/tcp, 1238/tcp (hacl-qs), 14714/tcp, 33004/tcp, 50858/tcp, 14075/tcp, 33331/tcp (DiamondCentral Interface), 51319/tcp, 30010/tcp, 20362/tcp, 53024/tcp, 4005/tcp (pxc-pin), 54837/tcp, 25037/tcp, 2010/tcp (search), 24/tcp (any private mail system), 5382/tcp, 22263/tcp, 12539/tcp, 40007/tcp, 64638/tcp, 1048/tcp (Sun's NEO Object Request Broker), 25971/tcp, 1113/tcp (Licklider Transmission Protocol), 2019/tcp (whosockami), 2478/tcp (SecurSight Authentication Server (SSL)), 23351/tcp, 8094/tcp, 55501/tcp, 64252/tcp, 18773/tcp, 5586/tcp, 8382/tcp, 5697/tcp, 2718/tcp (PN REQUESTER 2), 10006/tcp, 44443/tcp, 35589/tcp, 19318/tcp, 6210/tcp, 56197/tcp, 5644/tcp, 3322/tcp (-3325  Active Networks), 56438/tcp.
      
BHD Honeypot
Port scan
2019-11-13

In the last 24h, the attacker (185.153.197.237) attempted to scan 1141 ports.
The following ports have been scanned: 5395/tcp, 5290/tcp, 21881/tcp, 1187/tcp (Alias Service), 3352/tcp (Scalable SQL), 7274/tcp (OMA Roaming Location SEC), 5672/tcp (AMQP), 2314/tcp (CR WebSystems), 5798/tcp, 6182/tcp, 5513/tcp, 6187/tcp, 15306/tcp, 3575/tcp (Coalsere CCM Port), 4033/tcp (SANavigator Peer Port), 44045/tcp, 40442/tcp, 6655/tcp (PC SOFT - Software factory UI/manager), 3589/tcp (isomair), 7729/tcp, 55589/tcp, 5703/tcp, 5368/tcp, 6001/tcp, 3282/tcp (Datusorb), 60600/tcp, 6016/tcp, 2985/tcp (HPIDSAGENT), 1109/tcp, 6500/tcp (BoKS Master), 5102/tcp (Oracle OMS non-secure), 2884/tcp (Flash Msg), 6018/tcp, 10793/tcp, 30008/tcp, 3678/tcp (DataGuardianLT), 5188/tcp, 53702/tcp, 44269/tcp, 24444/tcp, 5529/tcp, 5828/tcp, 3398/tcp (Mercantile), 6039/tcp, 6075/tcp (Microsoft DPM Access Control Manager), 58323/tcp, 51026/tcp, 6237/tcp, 75/tcp (any private dial out service), 5993/tcp, 1052/tcp (Dynamic DNS Tools), 8381/tcp, 42001/tcp, 65478/tcp, 6977/tcp, 5195/tcp, 65429/tcp, 5879/tcp, 2012/tcp (ttyinfo), 5100/tcp (Socalia service mux), 5891/tcp, 43059/tcp, 3489/tcp (DTP/DIA), 61987/tcp, 2254/tcp (Seismic P.O.C. Port), 5912/tcp (Flight Information Services), 10340/tcp, 6277/tcp, 3396/tcp (Printer Agent), 52222/tcp, 5858/tcp, 52163/tcp, 1108/tcp (ratio-adp), 5233/tcp, 5567/tcp (Multicast Object Access Protocol), 1637/tcp (ISP shared local data control), 5282/tcp (Marimba Transmitter Port), 2300/tcp (CVMMON), 40111/tcp, 8181/tcp, 5474/tcp, 5981/tcp, 51138/tcp, 57077/tcp, 5405/tcp (NetSupport), 15555/tcp (Cisco Stateful NAT), 5539/tcp, 9090/tcp (WebSM), 9746/tcp, 49755/tcp, 1099/tcp (RMI Registry), 5597/tcp (inin secure messaging), 6849/tcp, 5545/tcp, 18407/tcp, 5976/tcp, 1414/tcp (IBM MQSeries), 19262/tcp, 56780/tcp, 7899/tcp, 3395/tcp (Dyna License Manager (Elam)), 51835/tcp, 3324/tcp, 5911/tcp (Controller Pilot Data Link Communication), 1890/tcp (wilkenListener), 19079/tcp, 50277/tcp, 3389/tcp (MS WBT Server), 42970/tcp, 6289/tcp, 6009/tcp, 7124/tcp, 1051/tcp (Optima VNET), 25428/tcp, 111/tcp (SUN Remote Procedure Call), 5770/tcp (x509solutions Secure Data), 1310/tcp (Husky), 6290/tcp, 25903/tcp (NIProbe), 5549/tcp, 1605/tcp (Salutation Manager (Salutation Protocol)), 33189/tcp, 61867/tcp, 5576/tcp, 5326/tcp, 7817/tcp, 6029/tcp, 5822/tcp, 5745/tcp (fcopy-server), 8087/tcp (Simplify Media SPP Protocol), 5469/tcp, 5321/tcp (Webservices-based Zn interface of BSF over SSL), 22222/tcp, 34500/tcp, 4002/tcp (pxc-spvr-ft), 5223/tcp (HP Virtual Machine Group Management), 6166/tcp, 3345/tcp (Influence), 50107/tcp, 5670/tcp, 4782/tcp, 4422/tcp, 48967/tcp, 62675/tcp, 6825/tcp, 7003/tcp (volume location database), 8064/tcp, 9988/tcp (Software Essentials Secure HTTP server), 7408/tcp, 7039/tcp, 2870/tcp (daishi), 1114/tcp (Mini SQL), 2695/tcp (VSPREAD), 5795/tcp, 5613/tcp, 5952/tcp, 65002/tcp, 33339/tcp, 5638/tcp, 5392/tcp, 5659/tcp, 3344/tcp (BNT Manager), 5362/tcp (Microsoft Windows Server WSD2 Service), 3403/tcp, 9146/tcp, 58789/tcp, 6036/tcp, 5996/tcp, 2011/tcp (raid), 64095/tcp, 1024/tcp (Reserved), 28111/tcp, 11112/tcp (DICOM), 2574/tcp (Blockade BPSP), 5857/tcp, 1043/tcp (BOINC Client Control), 11117/tcp, 62155/tcp, 4545/tcp (WorldScores), 31311/tcp, 79/tcp (Finger), 63344/tcp, 6292/tcp, 5744/tcp (Watchdoc Server), 2463/tcp (LSI RAID Management), 9001/tcp (ETL Service Manager), 5840/tcp, 1046/tcp (WebFilter Remote Monitor), 13388/tcp, 10791/tcp, 2274/tcp (PCTTunneller), 8093/tcp, 5790/tcp, 1178/tcp (SGI Storage Manager), 6034/tcp, 22226/tcp, 56936/tcp, 41459/tcp, 6600/tcp (Microsoft Hyper-V Live Migration), 5358/tcp (WS for Devices Secured), 5985/tcp (WBEM WS-Management HTTP), 27630/tcp, 6186/tcp, 31113/tcp, 2451/tcp (netchat), 31025/tcp, 3711/tcp (EBD Server 2), 26666/tcp, 5565/tcp, 5540/tcp, 64253/tcp, 1995/tcp (cisco perf port), 5876/tcp, 6291/tcp, 7610/tcp, 12390/tcp, 60481/tcp, 3426/tcp (Arkivio Storage Protocol), 8054/tcp (Senomix Timesheets Server [1 year assignment]), 1035/tcp (MX-XR RPC), 5512/tcp, 6705/tcp, 5357/tcp (Web Services for Devices), 5152/tcp (ESRI SDE Instance Discovery), 6047/tcp, 3320/tcp (Office Link 2000), 41028/tcp, 30033/tcp, 53595/tcp, 3100/tcp (OpCon/xps), 1018/tcp, 4030/tcp (Accell/JSP Daemon Port), 32614/tcp, 101/tcp (NIC Host Name Server), 2215/tcp (IPCore.co.za GPRS), 7070/tcp (ARCP), 6072/tcp (DIAGNOSE-PROC), 45386/tcp, 4488/tcp (Apple Wide Area Connectivity Service ICE Bootstrap), 5371/tcp, 3387/tcp (Back Room Net), 5414/tcp (StatusD), 4035/tcp (WAP Push OTA-HTTP port), 6911/tcp, 5898/tcp, 5589/tcp, 20005/tcp (OpenWebNet protocol for electric network), 44447/tcp, 6229/tcp, 5104/tcp, 5323/tcp, 4483/tcp, 10790/tcp, 1145/tcp (X9 iCue Show Control), 5493/tcp, 5101/tcp (Talarian_TCP), 1907/tcp (IntraSTAR), 5758/tcp, 27015/tcp, 52471/tcp, 5812/tcp, 60004/tcp, 5972/tcp, 5620/tcp, 9747/tcp (L5NAS Parallel Channel), 2868/tcp (NPEP Messaging), 721/tcp, 6089/tcp, 43603/tcp, 5800/tcp, 5407/tcp (Foresyte-Clear), 5686/tcp, 1053/tcp (Remote Assistant (RA)), 5067/tcp (Authentx Service), 24747/tcp, 5524/tcp, 6589/tcp, 3008/tcp (Midnight Technologies), 5590/tcp, 28727/tcp, 5844/tcp, 222/tcp (Berkeley rshd with SPX auth), 22960/tcp, 77/tcp (any private RJE service), 62548/tcp, 12209/tcp, 25463/tcp, 5560/tcp, 7373/tcp, 5451/tcp, 5916/tcp, 3339/tcp (OMF data l), 2917/tcp (Elvin Client), 3029/tcp (LiebDevMgmt_A), 3151/tcp (NetMike Assessor), 33887/tcp, 3315/tcp (CDID), 58206/tcp, 2731/tcp (Fyre Messanger), 110/tcp (Post Office Protocol - Version 3), 3379/tcp (SOCORFS), 3604/tcp (BMC JMX Port), 8592/tcp, 6003/tcp, 5463/tcp (TTL Price Proxy), 6430/tcp, 1522/tcp (Ricardo North America License Manager), 6180/tcp, 5245/tcp (DownTools Control Protocol), 50527/tcp, 5333/tcp, 13002/tcp, 22221/tcp, 47017/tcp, 13300/tcp, 3406/tcp (Nokia Announcement ch 2), 5853/tcp, 4013/tcp (ACL Manager), 6284/tcp, 6565/tcp, 5657/tcp, 12222/tcp, 5895/tcp, 6270/tcp, 6544/tcp (LDS Dump Service), 3098/tcp (Universal Message Manager), 1134/tcp (MicroAPL APLX), 45025/tcp, 6894/tcp, 5342/tcp, 1177/tcp (DKMessenger Protocol), 5607/tcp, 6020/tcp, 1121/tcp (Datalode RMPP), 62/tcp (ACA Services), 3428/tcp (2Wire CSS), 7436/tcp, 7089/tcp, 5917/tcp, 8013/tcp, 22220/tcp, 9067/tcp, 5527/tcp, 5683/tcp, 4588/tcp, 6221/tcp, 5017/tcp, 6978/tcp, 30835/tcp, 3348/tcp (Pangolin Laser), 6546/tcp, 5701/tcp, 5561/tcp, 5415/tcp (NS Server), 5161/tcp (SNMP over SSH Transport Model), 6550/tcp (fg-sysupdate), 5794/tcp, 3349/tcp (Chevin Services), 56789/tcp, 20189/tcp, 18712/tcp, 99/tcp (Metagram Relay), 3302/tcp (MCS Fastmail), 8304/tcp, 33993/tcp, 5946/tcp, 61000/tcp, 5554/tcp (SGI ESP HTTP), 2941/tcp (SM-PAS-4), 7799/tcp (Alternate BSDP Service), 3021/tcp (AGRI Server), 15044/tcp, 30012/tcp, 5170/tcp, 62156/tcp, 35736/tcp, 6969/tcp (acmsoda), 26118/tcp, 44442/tcp, 22656/tcp, 33888/tcp, 10020/tcp, 30013/tcp, 1250/tcp (swldy-sias), 5439/tcp, 11111/tcp (Viral Computing Environment (VCE)), 5142/tcp, 6902/tcp, 58568/tcp, 1098/tcp (RMI Activation), 6043/tcp, 5093/tcp (Sentinel LM), 3376/tcp (CD Broker), 5291/tcp, 1976/tcp (TCO Reg Agent), 5922/tcp, 11000/tcp (IRISA), 5510/tcp, 6704/tcp, 12146/tcp, 5324/tcp, 5379/tcp, 58118/tcp, 1125/tcp (HP VMM Agent), 5360/tcp (Protocol for Windows SideShow), 38399/tcp, 61888/tcp, 37092/tcp, 2476/tcp (ACE Server Propagation), 2632/tcp (IRdg Post), 3372/tcp (TIP 2), 6085/tcp (konspire2b p2p network), 5488/tcp, 55557/tcp, 63483/tcp, 9996/tcp (Palace-5), 54093/tcp, 5883/tcp, 29330/tcp, 41815/tcp, 6708/tcp, 5556/tcp (Freeciv gameplay), 5769/tcp (x509solutions Internal CA), 16898/tcp, 1818/tcp (Enhanced Trivial File Transfer Protocol), 6012/tcp, 51937/tcp, 44271/tcp, 4016/tcp (Talarian Mcast), 5374/tcp, 8883/tcp (Secure MQTT), 40886/tcp, 5381/tcp, 60002/tcp, 56556/tcp, 5176/tcp, 13666/tcp, 8800/tcp (Sun Web Server Admin Service), 32844/tcp, 30042/tcp, 62266/tcp, 3386/tcp (GPRS Data), 8001/tcp (VCOM Tunnel), 5508/tcp, 7842/tcp, 1072/tcp (CARDAX), 50017/tcp, 777/tcp (Multiling HTTP), 5394/tcp, 5296/tcp, 65013/tcp, 731/tcp (IBM NetView DM/6000 receive/tcp), 19569/tcp, 28631/tcp, 59483/tcp, 5995/tcp, 49618/tcp, 44434/tcp, 5961/tcp, 5454/tcp (APC 5454), 12389/tcp, 1811/tcp (Scientia-SDB), 5502/tcp (fcp-srvr-inst1), 5274/tcp, 6239/tcp, 3384/tcp (Cluster Management Services), 4485/tcp (Assyst Data Repository Service), 33909/tcp, 8025/tcp (CA Audit Distribution Agent), 5275/tcp, 7111/tcp, 65011/tcp, 4338/tcp, 1965/tcp (Tivoli NPM), 3329/tcp (HP Device Disc), 6597/tcp, 5511/tcp, 5157/tcp (Mediat Remote Object Exchange), 24864/tcp, 6268/tcp (Grid Authentication), 5781/tcp (3PAR Event Reporting Service), 1311/tcp (RxMon), 4141/tcp (Workflow Server), 3328/tcp (Eaglepoint License Manager), 20541/tcp, 55551/tcp, 2361/tcp (TL1), 1561/tcp (facilityview), 33895/tcp, 11118/tcp, 5665/tcp, 3028/tcp (LiebDevMgmt_DM), 1181/tcp (3Com Net Management), 5005/tcp (RTP control protocol [RFC 3551][RFC 4571]), 6112/tcp (Desk-Top Sub-Process Control Daemon), 10280/tcp, 5731/tcp, 3125/tcp (A13-AN Interface), 8101/tcp (Logical Domains Migration), 1146/tcp (audit transfer), 1101/tcp (PT2-DISCOVER), 54092/tcp, 5299/tcp (NLG Data Service), 6654/tcp, 33743/tcp, 43001/tcp, 5531/tcp, 3600/tcp (text relay-answer), 5370/tcp, 6633/tcp, 12553/tcp, 2732/tcp (G5M), 7405/tcp, 11114/tcp, 5410/tcp (Salient User Manager), 5903/tcp, 10098/tcp, 6612/tcp, 20015/tcp, 5988/tcp (WBEM CIM-XML (HTTP)), 5260/tcp, 1631/tcp (Visit view), 3392/tcp (EFI License Management), 5098/tcp, 25006/tcp (icl-twobase7), 53425/tcp, 46247/tcp, 7389/tcp, 5000/tcp (commplex-main), 45555/tcp, 6951/tcp (OTLP), 61410/tcp, 8080/tcp (HTTP Alternate (see port 80)), 33999/tcp, 50195/tcp, 5240/tcp, 3001/tcp, 37610/tcp, 3605/tcp (ComCam IO Port), 3425/tcp (AGPS Access Port), 3689/tcp (Digital Audio Access Protocol), 5707/tcp, 7439/tcp, 5479/tcp, 58322/tcp, 5962/tcp, 65475/tcp, 6240/tcp, 5682/tcp, 30036/tcp, 2152/tcp (GTP-User Plane (3GPP)), 10350/tcp, 12922/tcp, 5236/tcp (padl2sim), 52799/tcp, 11010/tcp, 5120/tcp, 2646/tcp (AND License Manager), 5153/tcp (ToruX Game Server), 5610/tcp, 25969/tcp, 5741/tcp (IDA Discover Port 1), 5325/tcp, 3351/tcp (Btrieve port), 1582/tcp (MSIMS), 63605/tcp, 58/tcp (XNS Mail), 3394/tcp (D2K Tapestry Server to Server), 5680/tcp (Auriga Router Service), 5190/tcp (America-Online), 6575/tcp, 89/tcp (SU/MIT Telnet Gateway), 9791/tcp, 2409/tcp (SNS Protocol), 55512/tcp, 2885/tcp (TopFlow), 12388/tcp, 35744/tcp, 6496/tcp, 4550/tcp (Perman I Interbase Server), 28888/tcp, 9008/tcp (Open Grid Services Server), 5971/tcp, 5466/tcp, 33997/tcp, 21880/tcp, 40113/tcp, 6147/tcp (Montage License Manager), 5608/tcp, 5673/tcp (JACL Message Server), 5369/tcp, 6084/tcp (Peer to Peer Infrastructure Protocol), 8234/tcp, 29052/tcp, 50276/tcp, 17460/tcp, 6498/tcp, 4586/tcp, 1188/tcp (HP Web Admin), 5986/tcp (WBEM WS-Management HTTP over TLS/SSL), 33336/tcp, 8720/tcp, 6082/tcp, 1967/tcp (SNS Quote), 30999/tcp (OpenView Service Desk Client), 55455/tcp, 3030/tcp (Arepa Cas), 6178/tcp, 10207/tcp, 50876/tcp, 6901/tcp (Novell Jetstream messaging protocol), 52361/tcp, 5538/tcp, 2550/tcp (ADS), 17023/tcp, 60396/tcp, 3306/tcp (MySQL), 51939/tcp, 53351/tcp, 26001/tcp, 5585/tcp (BeInSync-sync), 57442/tcp, 18772/tcp, 33893/tcp, 56088/tcp, 4003/tcp (pxc-splr-ft), 7393/tcp (nFoldMan Remote Publish), 13887/tcp, 64444/tcp, 5849/tcp, 8702/tcp, 46624/tcp, 51573/tcp, 10018/tcp, 5542/tcp, 39400/tcp, 1981/tcp (p2pQ), 6098/tcp, 6014/tcp, 202/tcp (AppleTalk Name Binding), 61408/tcp, 3353/tcp (FATPIPE), 6288/tcp, 49215/tcp, 13000/tcp, 64859/tcp, 5862/tcp, 33256/tcp, 1100/tcp (MCTP), 56243/tcp, 11116/tcp, 5543/tcp, 5767/tcp (OpenMail Suer Agent Layer (Secure)), 4080/tcp (Lorica inside facing), 5302/tcp (HA cluster configuration), 6900/tcp, 10078/tcp, 1036/tcp (Nebula Secure Segment Transfer Protocol), 6002/tcp, 9431/tcp, 10080/tcp (Amanda), 23389/tcp, 37506/tcp, 47934/tcp, 5189/tcp, 5232/tcp, 1026/tcp (Calendar Access Protocol), 15389/tcp, 1144/tcp (Fusion Script), 444/tcp (Simple Network Paging Protocol), 17463/tcp, 5322/tcp, 1170/tcp (AT+C License Manager), 6101/tcp (SynchroNet-rtc), 7264/tcp, 7377/tcp, 15841/tcp, 3308/tcp (TNS Server), 59846/tcp, 57777/tcp, 55555/tcp, 5762/tcp, 5313/tcp (Real-time & Reliable Data), 5958/tcp, 5709/tcp, 52703/tcp, 8092/tcp, 40001/tcp, 4337/tcp, 2202/tcp (Int. Multimedia Teleconferencing Cosortium), 6017/tcp, 5596/tcp, 6665/tcp (-6669/udp  IRCU), 5705/tcp, 5583/tcp (T-Mobile SMS Protocol Message 2), 5757/tcp (OpenMail X.500 Directory Server), 5938/tcp, 5666/tcp, 5763/tcp, 6025/tcp, 19937/tcp, 5920/tcp, 5038/tcp, 3340/tcp (OMF data m), 1081/tcp, 12586/tcp, 57292/tcp, 2173/tcp (MS Firewall Replication), 1972/tcp (Cache), 10019/tcp, 36/tcp, 45880/tcp, 5242/tcp, 4034/tcp (Ubiquinox Daemon), 40101/tcp, 6690/tcp, 5255/tcp, 5051/tcp (ITA Agent), 7300/tcp (-7359   The Swiss Exchange), 28309/tcp, 4055/tcp (CosmoCall Universe Communications Port 3), 33990/tcp, 5874/tcp, 12010/tcp (ElevateDB Server), 6513/tcp (NETCONF over TLS), 5595/tcp, 41331/tcp, 9971/tcp, 47182/tcp, 6059/tcp, 1478/tcp (ms-sna-base), 5375/tcp, 5990/tcp (WBEM Export HTTPS), 50213/tcp, 8881/tcp, 8390/tcp, 57712/tcp, 5331/tcp, 5574/tcp (SAS IO Forwarding), 1969/tcp (LIPSinc 1), 20171/tcp, 4450/tcp (Camp), 50/tcp (Remote Mail Checking Protocol), 18989/tcp, 6789/tcp (SMC-HTTPS), 5788/tcp, 5304/tcp (HA Cluster Commands), 25117/tcp, 4233/tcp, 29768/tcp, 5949/tcp, 65004/tcp, 21697/tcp, 3501/tcp (iSoft-P2P), 63594/tcp, 3362/tcp (DJ ILM), 63389/tcp, 3374/tcp (Cluster Disc), 58585/tcp, 5718/tcp (DPM Communication Server), 20657/tcp, 5824/tcp, 2716/tcp (Inova IP Disco), 18888/tcp (APCNECMP), 5125/tcp, 22977/tcp, 60838/tcp, 3304/tcp (OP Session Server), 1524/tcp (ingres), 8889/tcp (Desktop Data TCP 1), 6175/tcp, 2022/tcp (down), 2681/tcp (mpnjsomb), 8164/tcp, 5975/tcp, 6010/tcp, 6703/tcp (e-Design web), 58327/tcp, 62289/tcp, 9389/tcp (Active Directory Web Services), 5487/tcp, 5550/tcp, 7012/tcp (Talon Engine), 5388/tcp, 8339/tcp, 5856/tcp, 5668/tcp, 6035/tcp, 7979/tcp (Micromuse-ncps), 5494/tcp, 1289/tcp (JWalkServer), 5653/tcp, 1013/tcp, 5224/tcp (HP Virtual Machine Console Operations), 29650/tcp, 6586/tcp, 5339/tcp, 3381/tcp (Geneous), 7407/tcp, 3889/tcp (D and V Tester Control Port), 40676/tcp, 6287/tcp, 6752/tcp, 61989/tcp, 3360/tcp (KV Server), 6950/tcp, 10096/tcp, 6234/tcp, 1234/tcp (Infoseek Search Agent), 6197/tcp, 5867/tcp, 31111/tcp, 43389/tcp, 5569/tcp, 6038/tcp, 4389/tcp (Xandros Community Management Service), 5139/tcp, 8010/tcp, 17025/tcp, 6015/tcp, 61111/tcp, 43399/tcp, 5789/tcp, 7789/tcp (Office Tools Pro Receive), 102/tcp (ISO-TSAP Class 0), 7777/tcp (cbt), 30005/tcp, 5660/tcp, 8136/tcp, 5582/tcp (T-Mobile SMS Protocol Message 3), 5805/tcp, 2207/tcp (HP Status and Services), 1176/tcp (Indigo Home Server), 88/tcp (Kerberos), 9911/tcp (SYPECom Transport Protocol), 5448/tcp, 4444/tcp (NV Video default), 27777/tcp, 6170/tcp, 5262/tcp, 11003/tcp, 49999/tcp, 3367/tcp (-3371  Satellite Video Data Link), 63333/tcp, 5746/tcp (fcopys-server), 5103/tcp (Actifio C2C), 46248/tcp, 25273/tcp, 13350/tcp, 91/tcp (MIT Dover Spooler), 5401/tcp (Excerpt Search Secure), 32082/tcp, 30034/tcp, 4015/tcp (Talarian Mcast), 7020/tcp (DP Serve), 57443/tcp, 12001/tcp (IBM Enterprise Extender SNA COS Network Priority), 27915/tcp, 5355/tcp (LLMNR), 1025/tcp (network blackjack), 1462/tcp (World License Manager), 205/tcp (AppleTalk Unused), 6007/tcp, 25712/tcp, 5640/tcp, 1235/tcp (mosaicsyssvc1), 2316/tcp (SENT License Manager), 12311/tcp, 6230/tcp, 6019/tcp, 2121/tcp (SCIENTIA-SSDB), 15158/tcp, 16666/tcp, 3307/tcp (OP Session Proxy), 4536/tcp (Event Heap Server SSL), 55553/tcp, 5519/tcp, 2742/tcp (TSB2), 12210/tcp, 3334/tcp (Direct TV Webcasting), 6242/tcp (JEOL Network Services Data Transport Protocol 2), 1056/tcp (VFO), 31787/tcp, 13301/tcp, 34019/tcp, 11066/tcp, 66/tcp (Oracle SQL*NET), 16784/tcp, 14360/tcp, 13311/tcp, 7001/tcp (callbacks to cache managers), 5593/tcp, 5742/tcp (IDA Discover Port 2), 5868/tcp, 6008/tcp, 7016/tcp, 33996/tcp, 44010/tcp, 33998/tcp, 5768/tcp (OpenMail CMTS Server), 5568/tcp (Session Data Transport Multicast), 12208/tcp, 5851/tcp, 5904/tcp, 4443/tcp (Pharos), 42059/tcp, 52066/tcp, 7376/tcp, 3366/tcp (Creative Partner), 5675/tcp (V5UA application port), 1908/tcp (Dawn), 4193/tcp (PxPlus remote file srvr), 6431/tcp, 3341/tcp (OMF data h), 5562/tcp, 5581/tcp (T-Mobile SMS Protocol Message 1), 5577/tcp, 18774/tcp, 33886/tcp, 5222/tcp (XMPP Client Connection), 55556/tcp, 12005/tcp (DBISAM Database Server - Regular), 45789/tcp, 44311/tcp, 9069/tcp, 53426/tcp, 5846/tcp, 5477/tcp, 3312/tcp (Application Management Server), 8890/tcp (Desktop Data TCP 2), 9184/tcp, 5646/tcp, 7195/tcp, 6021/tcp, 7981/tcp (Spotlight on SQL Server Desktop Collect), 1600/tcp (issd), 5780/tcp (Visual Tag System RPC), 13399/tcp, 38889/tcp, 48033/tcp, 3014/tcp (Broker Service), 5643/tcp, 21422/tcp, 3932/tcp (Dynamic Site System), 20932/tcp, 36672/tcp, 5171/tcp, 5432/tcp (PostgreSQL Database), 2138/tcp (UNBIND-CLUSTER), 6099/tcp (RAXA Management), 59128/tcp, 6892/tcp, 7953/tcp, 2020/tcp (xinupageserver), 5909/tcp, 3999/tcp (Norman distributes scanning service), 10339/tcp, 5456/tcp (APC 5456), 25711/tcp, 5393/tcp, 1218/tcp (AeroFlight-ADs), 3301/tcp, 5536/tcp, 15999/tcp (ProGrammar Enterprise), 1975/tcp (TCO Flash Agent), 55558/tcp, 1015/tcp, 6257/tcp, 58328/tcp, 2657/tcp (SNS Dispatcher), 1126/tcp (HP VMM Agent), 33899/tcp, 6511/tcp, 19714/tcp, 27746/tcp, 5950/tcp, 19319/tcp, 27960/tcp, 5691/tcp, 5361/tcp (Secure Protocol for Windows SideShow), 5459/tcp, 4241/tcp, 1888/tcp (NC Config Port), 62677/tcp, 61004/tcp, 5810/tcp, 5919/tcp, 20010/tcp, 44448/tcp, 5960/tcp, 63604/tcp, 14972/tcp, 23766/tcp, 7410/tcp (Ionix Network Monitor), 1352/tcp (Lotus Note), 3380/tcp (SNS Channels), 14847/tcp, 2359/tcp (FlukeServer), 5773/tcp, 33889/tcp, 1353/tcp (Relief Consulting), 3397/tcp (Cloanto License Manager), 4499/tcp, 5143/tcp, 5871/tcp, 45385/tcp, 5499/tcp, 45/tcp (Message Processing Module [recv]), 6031/tcp, 22738/tcp, 5530/tcp, 5135/tcp (ERP-Scale), 52800/tcp, 6161/tcp (PATROL Internet Srv Mgr), 2220/tcp (NetIQ End2End), 44342/tcp, 5928/tcp, 5124/tcp, 35555/tcp, 3399/tcp (CSMS), 6661/tcp, 6005/tcp, 6245/tcp, 5172/tcp, 2210/tcp (NOAAPORT Broadcast Network), 4680/tcp (MGE UPS Management), 5348/tcp, 3004/tcp (Csoft Agent), 42066/tcp, 35330/tcp, 3499/tcp (SccIP Media), 58873/tcp, 6265/tcp, 24689/tcp, 13999/tcp, 5807/tcp, 2149/tcp (ACPTSYS), 3375/tcp (VSNM Agent), 1361/tcp (LinX), 5921/tcp, 20231/tcp, 53350/tcp, 5506/tcp (Amcom Mobile Connect), 8099/tcp, 3002/tcp (RemoteWare Server), 4490/tcp, 3382/tcp (Fujitsu Network Enhanced Antitheft function), 3289/tcp (ENPC), 42081/tcp, 44341/tcp, 39527/tcp, 5964/tcp, 5765/tcp, 1346/tcp (Alta Analytics License Manager), 5974/tcp, 5205/tcp, 493/tcp (Transport Independent Convergence for FNA), 3388/tcp (CB Server), 48826/tcp, 5261/tcp, 17075/tcp, 8022/tcp (oa-system), 5501/tcp (fcp-addr-srvr2), 8085/tcp, 1115/tcp (ARDUS Transfer), 63319/tcp, 7040/tcp, 5471/tcp, 5931/tcp, 43058/tcp, 15716/tcp, 5408/tcp (Foresyte-Sec), 4063/tcp (Ice Firewall Traversal Service (TCP)), 3416/tcp (AirMobile IS Command Port), 8192/tcp (SpyTech Phone Service), 5662/tcp, 33894/tcp, 4534/tcp, 3415/tcp (BCI Name Service), 1955/tcp (ABR-Secure Data (diskbridge)), 5978/tcp, 5507/tcp, 8051/tcp, 4056/tcp (Location Message Service), 5234/tcp (EEnet communications), 2240/tcp (RECIPe), 1960/tcp (Merit DAC NASmanager), 5533/tcp, 57487/tcp, 28112/tcp, 2918/tcp (Kasten Chase Pad), 49754/tcp, 18875/tcp, 45347/tcp, 1112/tcp (Intelligent Communication Protocol), 7993/tcp, 5252/tcp (Movaz SSC), 5334/tcp, 6023/tcp, 1107/tcp (ISOIPSIGPORT-2).
      
BHD Honeypot
Port scan
2019-11-12

In the last 24h, the attacker (185.153.197.237) attempted to scan 2666 ports.
The following ports have been scanned: 49853/tcp, 5395/tcp, 6185/tcp, 30017/tcp, 12158/tcp, 7254/tcp, 21881/tcp, 58860/tcp, 1187/tcp (Alias Service), 2153/tcp (Control Protocol), 3352/tcp (Scalable SQL), 93/tcp (Device Control Protocol), 7274/tcp (OMA Roaming Location SEC), 5672/tcp (AMQP), 8005/tcp (MXI Generation II for z/OS), 4010/tcp (Samsung Unidex), 2314/tcp (CR WebSystems), 59002/tcp, 5798/tcp, 6689/tcp (Tofino Security Appliance), 6182/tcp, 50859/tcp, 63996/tcp, 47267/tcp, 103/tcp (Genesis Point-to-Point Trans Net), 61005/tcp, 5513/tcp, 29682/tcp, 6187/tcp, 52678/tcp, 44389/tcp, 19737/tcp, 15306/tcp, 65522/tcp, 3575/tcp (Coalsere CCM Port), 38787/tcp, 2525/tcp (MS V-Worlds), 4033/tcp (SANavigator Peer Port), 32134/tcp, 5881/tcp, 3005/tcp (Genius License Manager), 11009/tcp, 32899/tcp, 44045/tcp, 40442/tcp, 6655/tcp (PC SOFT - Software factory UI/manager), 8012/tcp, 55552/tcp, 29753/tcp, 3589/tcp (isomair), 7729/tcp, 55589/tcp, 56087/tcp, 6667/tcp, 20311/tcp, 7753/tcp, 12006/tcp (DBISAM Database Server - Admin), 5703/tcp, 55252/tcp, 5368/tcp, 12724/tcp, 5518/tcp, 24688/tcp, 49753/tcp, 5998/tcp, 7270/tcp, 54835/tcp, 29137/tcp, 1206/tcp (Anthony Data), 6001/tcp, 20017/tcp, 27586/tcp, 5852/tcp, 6596/tcp, 10859/tcp, 59059/tcp, 45942/tcp, 3282/tcp (Datusorb), 2703/tcp (SMS CHAT), 60600/tcp, 6016/tcp, 30030/tcp, 1999/tcp (cisco identification port), 2985/tcp (HPIDSAGENT), 15156/tcp, 1515/tcp (ifor-protocol), 33395/tcp, 1109/tcp, 18428/tcp, 18713/tcp, 6500/tcp (BoKS Master), 5102/tcp (Oracle OMS non-secure), 5126/tcp, 2884/tcp (Flash Msg), 42064/tcp, 5495/tcp, 45790/tcp, 6018/tcp, 10793/tcp, 3305/tcp (ODETTE-FTP), 5951/tcp, 8088/tcp (Radan HTTP), 27958/tcp, 1195/tcp (RSF-1 clustering), 3678/tcp (DataGuardianLT), 5188/tcp, 53702/tcp, 28849/tcp, 46097/tcp, 1168/tcp (VChat Conference Service), 4018/tcp (Talarian Mcast), 1329/tcp (netdb-export), 44269/tcp, 9292/tcp (ArmTech Daemon), 24444/tcp, 1032/tcp (BBN IAD), 40643/tcp, 5529/tcp, 5828/tcp, 5977/tcp, 3398/tcp (Mercantile), 23148/tcp, 34297/tcp, 6039/tcp, 6075/tcp (Microsoft DPM Access Control Manager), 23731/tcp, 31948/tcp (Embedded Device Configuration Protocol TX), 51026/tcp, 6237/tcp, 75/tcp (any private dial out service), 5993/tcp, 1052/tcp (Dynamic DNS Tools), 8381/tcp, 23000/tcp (Inova LightLink Server Type 1), 42001/tcp, 33903/tcp, 5344/tcp (xkoto DRCP), 65478/tcp, 9009/tcp (Pichat Server), 6977/tcp, 33904/tcp, 40112/tcp, 6893/tcp, 20979/tcp, 62882/tcp, 5195/tcp, 1117/tcp (ARDUS Multicast Transfer), 22182/tcp, 65429/tcp, 5879/tcp, 6011/tcp, 33388/tcp, 5329/tcp, 1057/tcp (STARTRON), 2012/tcp (ttyinfo), 53245/tcp, 6286/tcp, 43550/tcp, 1000/tcp (cadlock2), 200/tcp (IBM System Resource Controller), 5100/tcp (Socalia service mux), 5891/tcp, 33396/tcp, 43059/tcp, 2222/tcp (EtherNet/IP I/O), 34958/tcp, 5517/tcp, 3489/tcp (DTP/DIA), 61987/tcp, 2254/tcp (Seismic P.O.C. Port), 5201/tcp (TARGUS GetData 1), 5912/tcp (Flight Information Services), 5490/tcp, 2224/tcp (Easy Flexible Internet/Multiplayer Games), 33896/tcp, 10340/tcp, 18732/tcp, 39733/tcp, 5364/tcp, 8170/tcp, 5778/tcp, 6277/tcp, 3396/tcp (Printer Agent), 48701/tcp, 52222/tcp, 5858/tcp, 9000/tcp (CSlistener), 5516/tcp, 5614/tcp, 52163/tcp, 1108/tcp (ratio-adp), 5233/tcp, 19156/tcp, 20656/tcp, 6028/tcp, 6233/tcp, 65151/tcp, 1610/tcp (taurus-wh), 5567/tcp (Multicast Object Access Protocol), 5563/tcp, 1637/tcp (ISP shared local data control), 5282/tcp (Marimba Transmitter Port), 2300/tcp (CVMMON), 40111/tcp, 22535/tcp, 44343/tcp, 62222/tcp, 33589/tcp, 5273/tcp, 8181/tcp, 6250/tcp, 5474/tcp, 33905/tcp, 58799/tcp, 1889/tcp (Unify Web Adapter Service), 20123/tcp, 30004/tcp, 5430/tcp (RADEC CORP), 680/tcp (entrust-aaas), 5482/tcp, 6601/tcp (Microsoft Threat Management Gateway SSTP), 3410/tcp (NetworkLens SSL Event), 63399/tcp, 97/tcp (Swift Remote Virtural File Protocol), 13644/tcp, 25193/tcp, 29999/tcp, 53177/tcp, 1179/tcp (Backup To Neighbor), 40008/tcp, 5981/tcp, 51138/tcp, 57077/tcp, 5642/tcp, 5405/tcp (NetSupport), 15555/tcp (Cisco Stateful NAT), 5539/tcp, 3323/tcp, 9090/tcp (WebSM), 5915/tcp, 9746/tcp, 5969/tcp (mppolicy-mgr), 49755/tcp, 10060/tcp, 7100/tcp (X Font Service), 13579/tcp, 2479/tcp (SecurSight Event Logging Server (SSL)), 1099/tcp (RMI Registry), 52306/tcp, 4400/tcp (ASIGRA Services), 5597/tcp (inin secure messaging), 6849/tcp, 5545/tcp, 18407/tcp, 2342/tcp (Seagate Manage Exec), 5976/tcp, 1414/tcp (IBM MQSeries), 60010/tcp, 31425/tcp, 27609/tcp, 19262/tcp, 56780/tcp, 3321/tcp (VNSSTR), 3390/tcp (Distributed Service Coordinator), 44985/tcp, 1003/tcp, 3395/tcp (Dyna License Manager (Elam)), 30035/tcp, 3324/tcp, 30001/tcp (Pago Services 1), 5491/tcp, 5911/tcp (Controller Pilot Data Link Communication), 27959/tcp, 2682/tcp, 5860/tcp, 9006/tcp, 43100/tcp, 17559/tcp, 41761/tcp, 7788/tcp, 43948/tcp, 1890/tcp (wilkenListener), 1044/tcp (Dev Consortium Utility), 32890/tcp, 19079/tcp, 50277/tcp, 3389/tcp (MS WBT Server), 42970/tcp, 6289/tcp, 17468/tcp, 6009/tcp, 40011/tcp, 7124/tcp, 40675/tcp, 17469/tcp, 5854/tcp, 6113/tcp (Daylite Server), 6167/tcp, 7438/tcp, 1051/tcp (Optima VNET), 33900/tcp, 60001/tcp, 25428/tcp, 47183/tcp, 59999/tcp, 45882/tcp, 6545/tcp, 111/tcp (SUN Remote Procedure Call), 5859/tcp (WHEREHOO), 5678/tcp (Remote Replication Agent Connection), 8011/tcp, 1310/tcp (Husky), 45807/tcp, 6891/tcp, 5353/tcp (Multicast DNS), 6290/tcp, 1031/tcp (BBN IAD), 43205/tcp, 19142/tcp, 6171/tcp, 16897/tcp, 25903/tcp (NIProbe), 51088/tcp, 9993/tcp (OnLive-2), 5549/tcp, 5237/tcp (m-net discovery), 5999/tcp (CVSup), 1605/tcp (Salutation Manager (Salutation Protocol)), 3303/tcp (OP Session Client), 1920/tcp (IBM Tivoli Directory Service - FERRET), 49852/tcp, 33189/tcp, 18360/tcp, 7207/tcp, 61867/tcp, 12540/tcp, 5390/tcp, 5576/tcp, 5602/tcp (A1-MSC), 29329/tcp, 61409/tcp, 51098/tcp, 5326/tcp, 5695/tcp, 19270/tcp, 5305/tcp (HA Cluster Test), 54030/tcp, 5650/tcp, 7817/tcp, 19936/tcp, 26744/tcp, 5216/tcp, 30031/tcp, 6029/tcp, 5363/tcp (Windows Network Projection), 1157/tcp (Oracle iASControl), 32653/tcp, 5822/tcp, 5745/tcp (fcopy-server), 8087/tcp (Simplify Media SPP Protocol), 6598/tcp, 40010/tcp, 5469/tcp, 5321/tcp (Webservices-based Zn interface of BSF over SSL), 3356/tcp (UPNOTIFYPS), 22222/tcp, 18933/tcp, 29651/tcp, 34500/tcp, 4002/tcp (pxc-spvr-ft), 29098/tcp, 5223/tcp (HP Virtual Machine Group Management), 5320/tcp (Webservices-based Zn interface of BSF), 6166/tcp, 53903/tcp, 3345/tcp (Influence), 69/tcp (Trivial File Transfer), 43206/tcp, 50107/tcp, 5670/tcp, 4782/tcp, 52067/tcp, 5896/tcp, 41318/tcp, 4422/tcp, 48967/tcp, 58001/tcp, 11524/tcp, 16899/tcp, 60394/tcp, 65366/tcp, 3444/tcp (Denali Server), 11002/tcp, 1127/tcp (KWDB Remote Communication), 55000/tcp, 48659/tcp, 23787/tcp, 21163/tcp, 53333/tcp, 5509/tcp, 62675/tcp, 3377/tcp (Cogsys Network License Manager), 5514/tcp, 33110/tcp, 2001/tcp (dc), 6825/tcp, 7003/tcp (volume location database), 5902/tcp, 8064/tcp, 41317/tcp, 7408/tcp, 7039/tcp, 2870/tcp (daishi), 1114/tcp (Mini SQL), 2695/tcp (VSPREAD), 5795/tcp, 5613/tcp, 5952/tcp, 5878/tcp, 44449/tcp, 92/tcp (Network Printing Protocol), 5968/tcp (mppolicy-v5), 65002/tcp, 33339/tcp, 5150/tcp (Ascend Tunnel Management Protocol), 39730/tcp, 5525/tcp, 13389/tcp, 5638/tcp, 5392/tcp, 32901/tcp, 5659/tcp, 1879/tcp (NettGain NMS), 43709/tcp, 20539/tcp, 3344/tcp (BNT Manager), 5362/tcp (Microsoft Windows Server WSD2 Service), 64769/tcp, 12020/tcp, 18159/tcp, 3403/tcp, 5196/tcp, 9146/tcp, 9833/tcp, 5910/tcp (Context Management), 58789/tcp, 22228/tcp, 6026/tcp, 59484/tcp, 13977/tcp, 58032/tcp, 4008/tcp (NetCheque accounting), 6036/tcp, 6848/tcp, 30002/tcp (Pago Services 2), 2221/tcp (Rockwell CSP1), 20869/tcp, 24690/tcp, 5996/tcp, 5359/tcp (Microsoft Alerter), 7795/tcp, 58117/tcp, 2011/tcp (raid), 64095/tcp, 64636/tcp, 94/tcp (Tivoli Object Dispatcher), 1186/tcp (MySQL Cluster Manager), 7074/tcp, 33885/tcp, 28111/tcp, 11112/tcp (DICOM), 2574/tcp (Blockade BPSP), 5857/tcp, 42424/tcp, 1043/tcp (BOINC Client Control), 1906/tcp (TPortMapperReq), 44441/tcp, 11117/tcp, 62155/tcp, 4545/tcp (WorldScores), 48877/tcp, 5265/tcp (3Com Network Jack Port 2), 24128/tcp, 31311/tcp, 79/tcp (Finger), 63344/tcp, 6292/tcp, 62183/tcp, 5744/tcp (Watchdoc Server), 4014/tcp (TAICLOCK), 6006/tcp, 1093/tcp (PROOFD), 5416/tcp (SNS Gateway), 2463/tcp (LSI RAID Management), 20121/tcp, 3343/tcp (MS Cluster Net), 9001/tcp (ETL Service Manager), 6267/tcp (GridLAB-D User Interface), 33995/tcp, 5840/tcp, 5599/tcp (Enterprise Security Remote Install), 1046/tcp (WebFilter Remote Monitor), 1479/tcp (dberegister), 53609/tcp, 37777/tcp, 34599/tcp, 6030/tcp, 2360/tcp (NexstorIndLtd), 17380/tcp, 13388/tcp, 10791/tcp, 2274/tcp (PCTTunneller), 3383/tcp (Enterprise Software Products License Manager), 3407/tcp (LDAP admin server port), 96/tcp (DIXIE Protocol Specification), 8093/tcp, 5790/tcp, 5761/tcp, 1178/tcp (SGI Storage Manager), 6034/tcp, 22226/tcp, 56936/tcp, 41459/tcp, 18730/tcp, 6600/tcp (Microsoft Hyper-V Live Migration), 7411/tcp, 5358/tcp (WS for Devices Secured), 1994/tcp (cisco serial tunnel port), 5555/tcp (Personal Agent), 5985/tcp (WBEM WS-Management HTTP), 27630/tcp, 6186/tcp, 34928/tcp, 31113/tcp, 19876/tcp, 5522/tcp, 2451/tcp (netchat), 31025/tcp, 24861/tcp, 43394/tcp, 90/tcp (DNSIX Securit Attribute Token Map), 7397/tcp (Hexarc Command Language), 2151/tcp (DOCENT), 3711/tcp (EBD Server 2), 26666/tcp, 5010/tcp (TelepathStart), 17896/tcp, 183/tcp (OCBinder), 5018/tcp, 10079/tcp, 5565/tcp, 5663/tcp, 5540/tcp, 64253/tcp, 1995/tcp (cisco perf port), 45470/tcp, 5876/tcp, 25700/tcp, 11113/tcp, 6291/tcp, 7610/tcp, 4455/tcp (PR Chat User), 7983/tcp, 3363/tcp (NATI Vi Server), 8082/tcp (Utilistor (Client)), 7372/tcp, 9790/tcp, 1102/tcp (ADOBE SERVER 1), 5605/tcp (A4-SDUNode), 12390/tcp, 19999/tcp (Distributed Network Protocol - Secure), 8063/tcp, 60481/tcp, 5584/tcp (BeInSync-Web), 3426/tcp (Arkivio Storage Protocol), 7115/tcp, 8054/tcp (Senomix Timesheets Server [1 year assignment]), 82/tcp (XFER Utility), 30794/tcp, 1035/tcp (MX-XR RPC), 1058/tcp (nim), 52679/tcp, 56/tcp (XNS Authentication), 5512/tcp, 7272/tcp (WatchMe Monitoring 7272), 6705/tcp, 6666/tcp, 1045/tcp (Fingerprint Image Transfer Protocol), 5357/tcp (Web Services for Devices), 5152/tcp (ESRI SDE Instance Discovery), 6047/tcp, 5872/tcp, 6778/tcp, 53328/tcp, 7440/tcp, 54262/tcp, 3320/tcp (Office Link 2000), 59487/tcp, 8090/tcp, 20001/tcp (MicroSAN), 5546/tcp, 33902/tcp, 33322/tcp, 41028/tcp, 30033/tcp, 53595/tcp, 5373/tcp, 3100/tcp (OpCon/xps), 52706/tcp, 1018/tcp, 4030/tcp (Accell/JSP Daemon Port), 32614/tcp, 18874/tcp, 101/tcp (NIC Host Name Server), 35734/tcp, 7099/tcp (lazy-ptop), 1040/tcp (Netarx Netcare), 2215/tcp (IPCore.co.za GPRS), 33223/tcp, 5003/tcp (FileMaker, Inc. - Proprietary transport), 58373/tcp, 7070/tcp (ARCP), 6072/tcp (DIAGNOSE-PROC), 52472/tcp, 55550/tcp, 45026/tcp, 1049/tcp (Tobit David Postman VPMN), 47932/tcp, 43681/tcp, 63388/tcp, 45386/tcp, 60395/tcp, 2729/tcp (TCIM Control), 44270/tcp, 10789/tcp, 32455/tcp, 4488/tcp (Apple Wide Area Connectivity Service ICE Bootstrap), 50857/tcp, 32768/tcp (Filenet TMS), 5371/tcp, 53326/tcp, 2572/tcp (IBP), 15887/tcp, 3387/tcp (Back Room Net), 5414/tcp (StatusD), 4035/tcp (WAP Push OTA-HTTP port), 8095/tcp, 6911/tcp, 20668/tcp, 5898/tcp, 5589/tcp, 20005/tcp (OpenWebNet protocol for electric network), 3330/tcp (MCS Calypso ICF), 11119/tcp, 5655/tcp, 6229/tcp, 2922/tcp (CESD Contents Delivery Data Transfer), 33033/tcp, 21362/tcp, 5104/tcp, 2659/tcp (SNS Query), 5323/tcp, 4483/tcp, 29938/tcp, 33882/tcp, 54389/tcp, 10790/tcp, 1145/tcp (X9 iCue Show Control), 5493/tcp, 3013/tcp (Gilat Sky Surfer), 58226/tcp, 1907/tcp (IntraSTAR), 40021/tcp, 5758/tcp, 50389/tcp, 27914/tcp, 5345/tcp, 33822/tcp, 30793/tcp, 46246/tcp, 25623/tcp, 5200/tcp (TARGUS GetData), 27015/tcp, 3369/tcp, 13793/tcp, 52471/tcp, 5812/tcp, 5803/tcp, 5792/tcp, 5601/tcp (Enterprise Security Agent), 10103/tcp (eZrelay), 10893/tcp, 60004/tcp, 5972/tcp, 7375/tcp, 5159/tcp, 5620/tcp, 28851/tcp, 9747/tcp (L5NAS Parallel Channel), 5015/tcp (FileMaker, Inc. - Web publishing), 13390/tcp, 5587/tcp, 50005/tcp, 2868/tcp (NPEP Messaging), 6438/tcp, 27705/tcp, 33833/tcp, 721/tcp, 6089/tcp, 3424/tcp (xTrade over TLS/SSL), 43603/tcp, 5254/tcp, 5800/tcp, 51368/tcp, 6231/tcp, 6042/tcp, 31112/tcp, 5732/tcp, 5686/tcp, 1053/tcp (Remote Assistant (RA)), 5067/tcp (Authentx Service), 1050/tcp (CORBA Management Agent), 33289/tcp, 5524/tcp, 55566/tcp, 31274/tcp, 1988/tcp (cisco RSRB Priority 2 port), 43604/tcp, 3008/tcp (Midnight Technologies), 5590/tcp, 5844/tcp, 222/tcp (Berkeley rshd with SPX auth), 22960/tcp, 35840/tcp, 57076/tcp, 77/tcp (any private RJE service), 62548/tcp, 104/tcp (ACR-NEMA Digital Imag. & Comm. 300), 25463/tcp, 5492/tcp, 5560/tcp, 7373/tcp, 5451/tcp, 46389/tcp, 5916/tcp, 3339/tcp (OMF data l), 2917/tcp (Elvin Client), 3029/tcp (LiebDevMgmt_A), 3151/tcp (NetMike Assessor), 65535/tcp, 7009/tcp (remote cache manager service), 33887/tcp, 3315/tcp (CDID), 49024/tcp, 6000/tcp (-6063/udp   X Window System), 5438/tcp, 58206/tcp, 3288/tcp (COPS), 2731/tcp (Fyre Messanger), 46625/tcp, 7871/tcp, 16973/tcp, 5970/tcp, 110/tcp (Post Office Protocol - Version 3), 3379/tcp (SOCORFS), 57293/tcp, 47931/tcp, 52438/tcp, 64254/tcp, 6226/tcp, 8380/tcp (Cruise UPDATE), 3604/tcp (BMC JMX Port), 33337/tcp, 30602/tcp, 8008/tcp (HTTP Alternate), 8592/tcp, 6949/tcp, 45792/tcp, 6003/tcp, 12944/tcp, 5463/tcp (TTL Price Proxy), 6430/tcp, 1522/tcp (Ricardo North America License Manager), 6180/tcp, 3314/tcp (Unify Object Host), 5245/tcp (DownTools Control Protocol), 2573/tcp (Trust Establish), 6073/tcp (DirectPlay8), 5924/tcp, 9998/tcp (Distinct32), 5333/tcp, 5241/tcp, 13002/tcp, 4001/tcp (NewOak), 35651/tcp, 5505/tcp (Checkout Database), 22221/tcp, 1982/tcp (Evidentiary Timestamp), 3097/tcp, 47017/tcp, 389/tcp (Lightweight Directory Access Protocol), 20524/tcp, 13976/tcp, 13300/tcp, 64046/tcp, 3406/tcp (Nokia Announcement ch 2), 5853/tcp, 4013/tcp (ACL Manager), 47748/tcp, 6284/tcp, 6565/tcp, 7925/tcp, 5657/tcp, 51837/tcp, 12222/tcp, 52707/tcp, 5895/tcp, 6270/tcp, 6544/tcp (LDS Dump Service), 3098/tcp (Universal Message Manager), 10124/tcp, 1134/tcp (MicroAPL APLX), 45025/tcp, 30389/tcp, 6753/tcp, 24862/tcp, 6269/tcp (Grid Authentication Alt), 6894/tcp, 5843/tcp, 5342/tcp, 25462/tcp, 1177/tcp (DKMessenger Protocol), 9207/tcp (WAP vCal Secure), 5607/tcp, 8125/tcp, 2389/tcp (OpenView Session Mgr), 5604/tcp (A3-SDUNode), 6020/tcp, 3429/tcp (GCSP user port), 1121/tcp (Datalode RMPP), 62/tcp (ACA Services), 3428/tcp (2Wire CSS), 1632/tcp (PAMMRATC), 47929/tcp, 12538/tcp, 7436/tcp, 7089/tcp, 5664/tcp, 95/tcp (SUPDUP), 16168/tcp, 5917/tcp, 5627/tcp (Node Initiated Network Association Forma), 8013/tcp, 5376/tcp, 32654/tcp, 1034/tcp (ActiveSync Notifications), 29008/tcp, 22220/tcp, 6543/tcp (lds_distrib), 44440/tcp, 34929/tcp, 9067/tcp, 6062/tcp, 43949/tcp, 2345/tcp (dbm), 33006/tcp, 60000/tcp, 5527/tcp, 61085/tcp, 5521/tcp, 55444/tcp, 5489/tcp, 5683/tcp, 23786/tcp, 4588/tcp, 27645/tcp, 52702/tcp, 40276/tcp, 6221/tcp, 58663/tcp, 42244/tcp, 5017/tcp, 58888/tcp, 5983/tcp, 5661/tcp, 6978/tcp, 5478/tcp, 55559/tcp, 30835/tcp, 3348/tcp (Pangolin Laser), 5701/tcp, 3000/tcp (RemoteWare Client), 5561/tcp, 45876/tcp, 5415/tcp (NS Server), 5161/tcp (SNMP over SSH Transport Model), 3555/tcp (Vipul's Razor), 34005/tcp, 6550/tcp (fg-sysupdate), 8043/tcp (FireScope Server), 1037/tcp (AMS), 5794/tcp, 3349/tcp (Chevin Services), 56789/tcp, 23390/tcp, 20189/tcp, 5656/tcp, 18712/tcp, 33881/tcp, 5367/tcp, 29589/tcp, 35992/tcp, 7069/tcp, 99/tcp (Metagram Relay), 4315/tcp, 3302/tcp (MCS Fastmail), 5398/tcp (Elektron Administration), 5845/tcp, 33993/tcp, 5946/tcp, 61000/tcp, 56781/tcp, 53593/tcp, 43101/tcp, 5481/tcp, 58227/tcp, 3405/tcp (Nokia Announcement ch 1), 1020/tcp, 5554/tcp (SGI ESP HTTP), 64374/tcp, 2941/tcp (SM-PAS-4), 7799/tcp (Alternate BSDP Service), 3332/tcp (MCS Mail Server), 13975/tcp, 3021/tcp (AGRI Server), 15044/tcp, 31389/tcp, 30012/tcp, 61962/tcp, 5170/tcp, 62156/tcp, 1368/tcp (ScreenCast), 42222/tcp, 33689/tcp, 4012/tcp (PDA Gate), 3535/tcp (MS-LA), 6969/tcp (acmsoda), 13333/tcp, 33908/tcp, 44442/tcp, 22223/tcp, 22656/tcp, 4793/tcp, 2461/tcp (qadmifoper), 33888/tcp, 34444/tcp, 10020/tcp, 30013/tcp, 6432/tcp (PgBouncer), 4491/tcp, 1250/tcp (swldy-sias), 5439/tcp, 11111/tcp (Viral Computing Environment (VCE)), 60886/tcp, 58225/tcp, 5142/tcp, 2609/tcp (System Monitor), 64463/tcp, 5404/tcp (HPOMS-DPS-LSTN), 6902/tcp, 58568/tcp, 1098/tcp (RMI Activation), 6043/tcp, 8389/tcp, 6278/tcp, 5093/tcp (Sentinel LM), 3376/tcp (CD Broker), 5291/tcp, 1976/tcp (TCO Reg Agent), 50001/tcp, 5922/tcp, 5850/tcp, 49026/tcp, 11000/tcp (IRISA), 29282/tcp, 8100/tcp (Xprint Server), 33394/tcp, 5510/tcp, 4096/tcp (BRE (Bridge Relay Element)), 6704/tcp, 12146/tcp, 3905/tcp (Mailbox Update (MUPDATE) protocol), 5324/tcp, 5379/tcp, 58118/tcp, 1125/tcp (HP VMM Agent), 5360/tcp (Protocol for Windows SideShow), 8089/tcp, 28009/tcp, 33203/tcp, 61888/tcp, 3347/tcp (Phoenix RPC), 41299/tcp, 4000/tcp (Terabase), 18158/tcp, 14620/tcp, 223/tcp (Certificate Distribution Center), 9145/tcp, 5526/tcp, 1039/tcp (Streamlined Blackhole), 8171/tcp, 2476/tcp (ACE Server Propagation), 2632/tcp (IRdg Post), 16691/tcp, 5617/tcp, 4567/tcp (TRAM), 3372/tcp (TIP 2), 38786/tcp, 47495/tcp, 6085/tcp (konspire2b p2p network), 55431/tcp, 15715/tcp, 41126/tcp, 5488/tcp, 55557/tcp, 63483/tcp, 9996/tcp (Palace-5), 40835/tcp, 10061/tcp, 54093/tcp, 33258/tcp, 32008/tcp, 22224/tcp, 1060/tcp (POLESTAR), 5883/tcp, 7982/tcp (Spotlight on SQL Server Desktop Agent), 1105/tcp (FTRANHC), 1971/tcp (NetOp School), 27747/tcp, 52643/tcp, 40012/tcp, 1133/tcp (Data Flow Network), 8083/tcp (Utilistor (Server)), 6083/tcp, 29330/tcp, 11110/tcp, 1158/tcp (dbControl OMS), 1030/tcp (BBN IAD), 22201/tcp, 38888/tcp, 6889/tcp, 41815/tcp, 18876/tcp, 6264/tcp, 6708/tcp, 1119/tcp (Battle.net Chat/Game Protocol), 14359/tcp, 5556/tcp (Freeciv gameplay), 5769/tcp (x509solutions Internal CA), 16898/tcp, 9147/tcp, 5231/tcp, 1818/tcp (Enhanced Trivial File Transfer Protocol), 12580/tcp, 43682/tcp, 5823/tcp, 6012/tcp, 55588/tcp, 24302/tcp, 57809/tcp, 51937/tcp, 60011/tcp, 48743/tcp, 6044/tcp, 31423/tcp, 4016/tcp (Talarian Mcast), 9430/tcp, 5696/tcp, 5797/tcp, 51162/tcp, 4458/tcp (Matrix Configuration Protocol), 3037/tcp (HP SAN Mgmt), 10338/tcp, 51025/tcp, 5384/tcp, 42713/tcp, 5374/tcp, 1351/tcp (Digital Tool Works (MIT)), 40886/tcp, 5352/tcp (DNS Long-Lived Queries), 8180/tcp, 30007/tcp, 20220/tcp, 40277/tcp, 5187/tcp, 5997/tcp, 54556/tcp, 5381/tcp, 5504/tcp (fcp-cics-gw1), 61960/tcp, 43831/tcp, 6022/tcp, 60002/tcp, 100/tcp ([unauthorized use]), 56556/tcp, 5176/tcp, 12260/tcp, 6235/tcp, 13666/tcp, 31054/tcp, 15888/tcp, 39253/tcp, 8800/tcp (Sun Web Server Admin Service), 32844/tcp, 30042/tcp, 2654/tcp (Corel VNC Admin), 3490/tcp (Colubris Management Port), 3386/tcp (GPRS Data), 33/tcp (Display Support Protocol), 3385/tcp (qnxnetman), 8001/tcp (VCOM Tunnel), 41111/tcp (Foursticks QoS Protocol), 7842/tcp, 1072/tcp (CARDAX), 35652/tcp, 1563/tcp (Cadabra License Manager), 64047/tcp, 50017/tcp, 32631/tcp, 22040/tcp, 194/tcp (Internet Relay Chat Protocol), 7078/tcp, 777/tcp (Multiling HTTP), 5424/tcp (Beyond Remote), 5394/tcp, 5292/tcp, 5296/tcp, 65013/tcp, 6146/tcp (Lone Wolf Systems License Manager), 731/tcp (IBM NetView DM/6000 receive/tcp), 19569/tcp, 44046/tcp, 8006/tcp, 28631/tcp, 5341/tcp, 5995/tcp, 52598/tcp, 5111/tcp (TAEP AS service), 22962/tcp, 13700/tcp, 6890/tcp, 5684/tcp, 1636/tcp (ISP shared public data control), 49618/tcp, 1640/tcp (cert-responder), 5454/tcp (APC 5454), 8179/tcp, 3456/tcp (VAT default data), 21699/tcp, 52597/tcp, 65003/tcp, 63390/tcp, 12389/tcp, 3311/tcp (MCNS Tel Ret), 23732/tcp, 1811/tcp (Scientia-SDB), 2056/tcp (OmniSky Port), 18184/tcp (OPSEC LEA), 3229/tcp (Global CD Port), 5502/tcp (fcp-srvr-inst1), 6058/tcp, 5274/tcp, 51000/tcp, 53390/tcp, 6239/tcp, 47933/tcp, 3384/tcp (Cluster Management Services), 29940/tcp, 25699/tcp, 4485/tcp (Assyst Data Repository Service), 47/tcp (NI FTP), 5145/tcp (RMONITOR SECURE), 33909/tcp, 5386/tcp, 31232/tcp, 5050/tcp (multimedia conference control tool), 8025/tcp (CA Audit Distribution Agent), 3310/tcp (Dyna Access), 5739/tcp, 5782/tcp (3PAR Management Service), 4456/tcp (PR Chat Server), 11955/tcp, 5275/tcp, 51572/tcp, 7111/tcp, 16175/tcp, 2017/tcp (cypress-stat), 14286/tcp, 41378/tcp, 65011/tcp, 5991/tcp (NUXSL), 4338/tcp, 22227/tcp, 13302/tcp, 1088/tcp (CPL Scrambler Alarm Log), 1965/tcp (Tivoli NPM), 1110/tcp (Start web admin server), 5774/tcp, 54755/tcp, 4788/tcp, 3329/tcp (HP Device Disc), 45525/tcp, 6597/tcp, 1236/tcp (bvcontrol), 6212/tcp, 33883/tcp, 5511/tcp, 33390/tcp, 5157/tcp (Mediat Remote Object Exchange), 5445/tcp, 33410/tcp, 10101/tcp (eZmeeting), 1068/tcp (Installation Bootstrap Proto. Cli.), 24864/tcp, 56555/tcp, 33123/tcp (Aurora (Balaena Ltd)), 14621/tcp, 33992/tcp, 49015/tcp, 6268/tcp (Grid Authentication), 4054/tcp (CosmoCall Universe Communications Port 2), 5781/tcp (3PAR Event Reporting Service), 21882/tcp, 21111/tcp, 6097/tcp, 6199/tcp, 40003/tcp, 1311/tcp (RxMon), 1122/tcp (availant-mgr), 56815/tcp, 5776/tcp, 45567/tcp, 45523/tcp, 59485/tcp, 4141/tcp (Workflow Server), 112/tcp (McIDAS Data Transmission Protocol), 56198/tcp, 3328/tcp (Eaglepoint License Manager), 55551/tcp, 2361/tcp (TL1), 1561/tcp (facilityview), 33555/tcp, 33895/tcp, 7403/tcp, 11118/tcp, 4486/tcp (Integrated Client Message Service), 47689/tcp, 5665/tcp, 3028/tcp (LiebDevMgmt_DM), 1181/tcp (3Com Net Management), 5005/tcp (RTP control protocol [RFC 3551][RFC 4571]), 6112/tcp (Desk-Top Sub-Process Control Daemon), 20004/tcp, 6027/tcp, 4200/tcp (-4299  VRML Multi User Systems), 5713/tcp (proshare conf audio), 33389/tcp, 6276/tcp, 53594/tcp, 5580/tcp (T-Mobile SMS Protocol Message 0), 10280/tcp, 5731/tcp, 3125/tcp (A13-AN Interface), 43390/tcp, 37505/tcp, 5449/tcp, 22821/tcp, 33890/tcp, 8101/tcp (Logical Domains Migration), 1146/tcp (audit transfer), 5804/tcp, 51998/tcp, 60039/tcp, 1101/tcp (PT2-DISCOVER), 30601/tcp, 32136/tcp, 5299/tcp (NLG Data Service), 8052/tcp (Senomix Timesheets Server), 26472/tcp, 6654/tcp, 5166/tcp (WinPCS Service Connection), 33743/tcp, 43001/tcp, 5531/tcp, 3600/tcp (text relay-answer), 3337/tcp (Direct TV Data Catalog), 5370/tcp, 1205/tcp (Accord-MGC), 3393/tcp (D2K Tapestry Client to Server), 5317/tcp, 1156/tcp (iasControl OMS), 1611/tcp (Inter Library Loan), 33898/tcp, 6223/tcp, 6633/tcp, 12553/tcp, 8096/tcp, 28632/tcp, 37073/tcp, 7405/tcp, 11114/tcp, 1106/tcp (ISOIPSIGPORT-1), 5410/tcp (Salient User Manager), 2174/tcp (MS Firewall Intra Array), 5903/tcp, 33338/tcp, 5149/tcp, 31968/tcp, 27012/tcp, 7013/tcp (Microtalon Discovery), 5984/tcp (CouchDB), 8003/tcp (Mulberry Connect Reporting Service), 9055/tcp, 10007/tcp (MVS Capacity), 5966/tcp, 5743/tcp (Watchdoc NetPOD Protocol), 5880/tcp, 7244/tcp, 5988/tcp (WBEM CIM-XML (HTTP)), 5315/tcp (HA Cluster UDP Polling), 27013/tcp, 5260/tcp, 25701/tcp, 4423/tcp, 5462/tcp (TTL Publisher), 1631/tcp (Visit view), 30680/tcp, 11953/tcp, 33018/tcp, 3392/tcp (EFI License Management), 5098/tcp, 8081/tcp (Sun Proxy Admin Service), 43710/tcp, 5211/tcp, 53425/tcp, 61010/tcp, 9970/tcp, 5465/tcp (NETOPS-BROKER), 46247/tcp, 7389/tcp, 5000/tcp (commplex-main), 45555/tcp, 36666/tcp, 6951/tcp (OTLP), 6631/tcp, 5099/tcp (SentLM Srv2Srv), 61410/tcp, 28900/tcp, 33392/tcp, 22939/tcp, 10089/tcp, 7874/tcp, 33480/tcp, 2449/tcp (RATL), 7080/tcp (EmpowerID Communication), 54836/tcp, 5905/tcp, 8080/tcp (HTTP Alternate (see port 80)), 31583/tcp, 33999/tcp, 36937/tcp, 10163/tcp, 57444/tcp, 5240/tcp, 3001/tcp, 37610/tcp, 3605/tcp (ComCam IO Port), 3425/tcp (AGPS Access Port), 3689/tcp (Digital Audio Access Protocol), 12588/tcp, 4433/tcp, 5552/tcp, 39042/tcp, 20019/tcp, 5707/tcp, 7439/tcp, 5479/tcp, 58322/tcp, 5962/tcp, 7065/tcp, 3427/tcp (WebSphere SNMP), 65475/tcp, 19272/tcp, 8009/tcp, 37554/tcp, 27628/tcp, 5786/tcp, 6240/tcp, 42245/tcp, 5682/tcp, 6238/tcp, 30036/tcp, 2152/tcp (GTP-User Plane (3GPP)), 10350/tcp, 6602/tcp (Windows WSS Communication Framework), 12922/tcp, 40644/tcp, 5308/tcp (CFengine), 12/tcp, 17183/tcp, 55430/tcp, 38785/tcp, 5236/tcp (padl2sim), 51515/tcp, 3378/tcp (WSICOPY), 6599/tcp, 57313/tcp, 29939/tcp, 11010/tcp, 2462/tcp (qadmifevent), 5120/tcp, 2646/tcp (AND License Manager), 21390/tcp, 5153/tcp (ToruX Game Server), 5755/tcp (OpenMail Desk Gateway server), 5541/tcp, 40834/tcp, 5610/tcp, 25969/tcp, 12004/tcp (IBM Enterprise Extender SNA COS Low Priority), 5741/tcp (IDA Discover Port 1), 25958/tcp, 20934/tcp, 25703/tcp, 3351/tcp (Btrieve port), 1582/tcp (MSIMS), 2016/tcp (bootserver), 5194/tcp (CipherPoint Config Service), 63605/tcp, 58/tcp (XNS Mail), 46351/tcp, 3394/tcp (D2K Tapestry Server to Server), 5680/tcp (Auriga Router Service), 53/tcp (Domain Name Server), 19158/tcp, 5461/tcp (SILKMETER), 5122/tcp, 5190/tcp (America-Online), 6575/tcp, 89/tcp (SU/MIT Telnet Gateway), 9791/tcp, 19735/tcp, 49574/tcp, 47431/tcp, 2409/tcp (SNS Protocol), 55512/tcp, 2885/tcp (TopFlow), 5930/tcp, 12388/tcp, 35744/tcp, 19716/tcp, 5204/tcp, 6496/tcp, 4550/tcp (Perman I Interbase Server), 28888/tcp, 5793/tcp (XtreamX Supervised Peer message), 9008/tcp (Open Grid Services Server), 2288/tcp (NETML), 44446/tcp, 5466/tcp, 33997/tcp, 21880/tcp, 6556/tcp, 16972/tcp, 32457/tcp, 5467/tcp, 7153/tcp, 40113/tcp, 6147/tcp (Montage License Manager), 22976/tcp, 5608/tcp, 5673/tcp (JACL Message Server), 9186/tcp, 7250/tcp, 8585/tcp, 7390/tcp, 5369/tcp, 6071/tcp (SSDTP), 3335/tcp (Direct TV Software Updates), 46/tcp (MPM [default send]), 6084/tcp (Peer to Peer Infrastructure Protocol), 21389/tcp, 8234/tcp, 1484/tcp (Confluent License Manager), 5811/tcp, 109/tcp (Post Office Protocol - Version 2), 29052/tcp, 6962/tcp (jmevt2), 1055/tcp (ANSYS - License Manager), 60915/tcp, 33789/tcp, 50276/tcp, 33560/tcp, 5989/tcp (WBEM CIM-XML (HTTPS)), 17460/tcp, 6498/tcp, 49070/tcp, 4586/tcp, 32888/tcp, 44044/tcp, 1188/tcp (HP Web Admin), 5986/tcp (WBEM WS-Management HTTP over TLS/SSL), 33336/tcp, 54512/tcp, 5799/tcp, 13189/tcp, 5365/tcp, 8720/tcp, 27745/tcp, 7266/tcp, 3099/tcp (CHIPSY Machine Daemon), 7155/tcp, 6082/tcp, 1967/tcp (SNS Quote), 33330/tcp, 30999/tcp (OpenView Service Desk Client), 5256/tcp, 55455/tcp, 7014/tcp (Microtalon Communications), 3030/tcp (Arepa Cas), 1962/tcp (BIAP-MP), 50876/tcp, 6901/tcp (Novell Jetstream messaging protocol), 3371/tcp, 5538/tcp, 2550/tcp (ADS), 6262/tcp, 17023/tcp, 33810/tcp, 2984/tcp (HPIDSADMIN), 60396/tcp, 38911/tcp, 6222/tcp (Radmind Access Protocol), 51939/tcp, 53351/tcp, 73/tcp (Remote Job Service), 26001/tcp, 5585/tcp (BeInSync-sync), 55211/tcp, 57442/tcp, 40004/tcp, 3346/tcp (Trnsprnt Proxy), 27010/tcp, 18772/tcp, 39401/tcp, 40100/tcp, 56088/tcp, 44111/tcp, 4003/tcp (pxc-splr-ft), 1001/tcp, 7393/tcp (nFoldMan Remote Publish), 33884/tcp, 13887/tcp, 64444/tcp, 8702/tcp, 6060/tcp, 3010/tcp (Telerate Workstation), 46624/tcp, 51573/tcp, 4575/tcp, 47364/tcp, 47930/tcp, 10018/tcp, 5542/tcp, 39400/tcp, 48311/tcp, 1981/tcp (p2pQ), 29587/tcp, 5669/tcp, 6040/tcp, 51089/tcp, 1070/tcp (GMRUpdateSERV), 6014/tcp, 61408/tcp, 5594/tcp, 31424/tcp, 25389/tcp, 3353/tcp (FATPIPE), 6288/tcp, 6080/tcp, 6145/tcp (StatSci License Manager - 2), 49215/tcp, 5963/tcp (Indy Application Server), 13000/tcp, 64859/tcp, 5862/tcp, 53023/tcp, 58924/tcp, 33256/tcp, 3391/tcp (SAVANT), 1100/tcp (MCTP), 5544/tcp, 81/tcp, 56243/tcp, 11116/tcp, 2203/tcp (b2 Runtime Protocol), 5654/tcp, 6842/tcp (Netmo HTTP), 5543/tcp, 5767/tcp (OpenMail Suer Agent Layer (Secure)), 4080/tcp (Lorica inside facing), 3300/tcp, 1489/tcp (dmdocbroker), 6074/tcp (Microsoft Max), 30032/tcp, 46666/tcp, 33819/tcp, 3238/tcp (appareNet Analysis Server), 5302/tcp (HA cluster configuration), 6900/tcp, 5464/tcp (Quail Networks Object Broker), 10078/tcp, 8002/tcp (Teradata ORDBMS), 1036/tcp (Nebula Secure Segment Transfer Protocol), 2680/tcp (pxc-sapxom), 6002/tcp, 9431/tcp, 10080/tcp (Amanda), 8135/tcp, 7002/tcp (users & groups database), 36180/tcp, 33111/tcp, 4100/tcp (IGo Incognito Data Port), 23389/tcp, 37506/tcp, 47934/tcp, 5609/tcp, 9856/tcp, 5189/tcp, 29703/tcp, 16176/tcp, 5366/tcp, 5232/tcp, 1026/tcp (Calendar Access Protocol), 8015/tcp, 1082/tcp (AMT-ESD-PROT), 3082/tcp (TL1-RAW), 1144/tcp (Fusion Script), 21388/tcp, 53399/tcp, 16253/tcp, 55554/tcp, 444/tcp (Simple Network Paging Protocol), 32/tcp, 17463/tcp, 5645/tcp, 1047/tcp (Sun's NEO Object Request Broker), 5322/tcp, 27449/tcp, 1170/tcp (AT+C License Manager), 6101/tcp (SynchroNet-rtc), 27629/tcp, 5557/tcp (Sandlab FARENET), 7264/tcp, 5677/tcp (Quest Central DB2 Launchr), 6013/tcp, 2015/tcp (cypress), 7377/tcp, 15841/tcp, 50958/tcp, 5558/tcp, 43388/tcp, 30003/tcp, 3308/tcp (TNS Server), 59846/tcp, 40024/tcp, 57777/tcp, 55555/tcp, 5762/tcp, 5959/tcp, 5313/tcp (Real-time & Reliable Data), 30041/tcp, 4459/tcp, 5709/tcp, 52703/tcp, 8092/tcp, 5566/tcp (Westec Connect), 61505/tcp, 5591/tcp, 2468/tcp (qip_msgd), 5736/tcp, 5485/tcp, 4337/tcp, 4573/tcp, 7042/tcp, 2202/tcp (Int. Multimedia Teleconferencing Cosortium), 43393/tcp, 6017/tcp, 30040/tcp, 29051/tcp, 105/tcp (Mailbox Name Nameserver), 5596/tcp, 6665/tcp (-6669/udp  IRCU), 5705/tcp, 5583/tcp (T-Mobile SMS Protocol Message 2), 5757/tcp (OpenMail X.500 Directory Server), 5600/tcp (Enterprise Security Manager), 5938/tcp, 5666/tcp, 33005/tcp, 49775/tcp, 5763/tcp, 6025/tcp, 17156/tcp, 19937/tcp, 32222/tcp, 12587/tcp, 666/tcp (doom Id Software), 5423/tcp (VIRTUALUSER), 5920/tcp, 5038/tcp, 3400/tcp (CSMS2), 3340/tcp (OMF data m), 3331/tcp (MCS Messaging), 33809/tcp, 1081/tcp, 20009/tcp, 32914/tcp, 33906/tcp, 57292/tcp, 2173/tcp (MS Firewall Replication), 27673/tcp, 1972/tcp (Cache), 6644/tcp, 39/tcp (Resource Location Protocol), 10019/tcp, 36/tcp, 39734/tcp, 6236/tcp, 5400/tcp (Excerpt Search), 45880/tcp, 65500/tcp, 5771/tcp (NetAgent), 21782/tcp, 5982/tcp, 1033/tcp (local netinfo port), 4034/tcp (Ubiquinox Daemon), 2730/tcp (NEC RaidPlus), 45471/tcp, 2363/tcp (Media Central NFSD), 33489/tcp, 9010/tcp (Secure Data Replicator Protocol), 40101/tcp, 4020/tcp (TRAP Port), 34262/tcp, 6690/tcp, 33257/tcp, 20546/tcp, 34020/tcp, 8016/tcp, 2728/tcp (SQDR), 5255/tcp, 8899/tcp (ospf-lite), 14715/tcp, 5051/tcp (ITA Agent), 7300/tcp (-7359   The Swiss Exchange), 28309/tcp, 3355/tcp (Ordinox Dbase), 33089/tcp, 35/tcp (any private printer server), 33362/tcp, 6037/tcp, 39999/tcp, 49573/tcp, 5455/tcp (APC 5455), 4055/tcp (CosmoCall Universe Communications Port 3), 5992/tcp (Consul InSight Security), 5870/tcp, 33559/tcp, 33990/tcp, 5874/tcp, 33989/tcp, 6513/tcp (NETCONF over TLS), 5595/tcp, 61970/tcp, 41331/tcp, 13382/tcp, 9971/tcp, 47182/tcp, 6587/tcp, 6059/tcp, 45678/tcp (EBA PRISE), 5335/tcp, 1478/tcp (ms-sna-base), 5375/tcp, 5990/tcp (WBEM Export HTTPS), 1342/tcp (ESBroker), 50213/tcp, 1239/tcp (NMSD), 33880/tcp, 5496/tcp, 8390/tcp, 57712/tcp, 5331/tcp, 3338/tcp (OMF data b), 40933/tcp, 6211/tcp, 5574/tcp (SAS IO Forwarding), 1969/tcp (LIPSinc 1), 20171/tcp, 4450/tcp (Camp), 50/tcp (Remote Mail Checking Protocol), 18989/tcp, 1509/tcp (Robcad, Ltd. License Manager), 2150/tcp (DYNAMIC3D), 51364/tcp, 3350/tcp (FINDVIATV), 6789/tcp (SMC-HTTPS), 5588/tcp, 60685/tcp, 5788/tcp, 3354/tcp (SUITJD), 5304/tcp (HA Cluster Commands), 5206/tcp, 15553/tcp, 25117/tcp, 24301/tcp, 4233/tcp, 29768/tcp, 6308/tcp, 2154/tcp (Standard Protocol), 17074/tcp, 5949/tcp, 65004/tcp, 6004/tcp, 21697/tcp, 31233/tcp, 3501/tcp (iSoft-P2P), 63594/tcp, 4242/tcp, 3101/tcp (HP PolicyXpert PIB Server), 6996/tcp, 2612/tcp (Qpasa Agent), 3362/tcp (DJ ILM), 2424/tcp (KOFAX-SVR), 63389/tcp, 25388/tcp, 24204/tcp, 8200/tcp (TRIVNET), 25398/tcp, 3374/tcp (Cluster Disc), 28956/tcp, 58585/tcp, 6437/tcp, 5718/tcp (DPM Communication Server), 20657/tcp, 5674/tcp (HyperSCSI Port), 5658/tcp, 5824/tcp, 1059/tcp (nimreg), 53684/tcp, 53020/tcp, 55001/tcp, 2716/tcp (Inova IP Disco), 10341/tcp, 53608/tcp, 2058/tcp (NewWaveSearchables RMI), 18888/tcp (APCNECMP), 5125/tcp, 22977/tcp, 13190/tcp, 5814/tcp (Support Automation), 58791/tcp, 60838/tcp, 42065/tcp, 5551/tcp, 64917/tcp, 2014/tcp (troff), 3304/tcp (OP Session Server), 1524/tcp (ingres), 8889/tcp (Desktop Data TCP 1), 6175/tcp, 2022/tcp (down), 2681/tcp (mpnjsomb), 33907/tcp, 5975/tcp, 64462/tcp, 35650/tcp, 33335/tcp, 5820/tcp, 6010/tcp, 33818/tcp, 8591/tcp, 5476/tcp, 6703/tcp (e-Design web), 5818/tcp, 5813/tcp (ICMPD), 58327/tcp, 19271/tcp, 62289/tcp, 3336/tcp (Direct TV Tickers), 3325/tcp, 5002/tcp (radio free ethernet), 9389/tcp (Active Directory Web Services), 5487/tcp, 1639/tcp (cert-initiator), 5550/tcp, 7012/tcp (Talon Engine), 5388/tcp, 8339/tcp, 5856/tcp, 5668/tcp, 6035/tcp, 7018/tcp, 32900/tcp, 17048/tcp, 7979/tcp (Micromuse-ncps), 10/tcp, 2062/tcp (ICG SWP Port), 5494/tcp, 33933/tcp, 53025/tcp, 1289/tcp (JWalkServer), 5480/tcp, 5653/tcp, 3006/tcp (Instant Internet Admin), 32842/tcp, 7818/tcp, 1013/tcp, 10097/tcp, 5213/tcp, 25576/tcp (Sauter Dongle), 5224/tcp (HP Virtual Machine Console Operations), 4040/tcp (Yo.net main service), 5900/tcp (Remote Framebuffer), 25192/tcp, 1616/tcp (NetBill Product Server), 6586/tcp, 5339/tcp, 3381/tcp (Geneous), 2239/tcp (Image Query), 1620/tcp (faxportwinport), 5515/tcp, 22123/tcp, 54485/tcp, 6168/tcp, 1116/tcp (ARDUS Control), 16/tcp, 7407/tcp, 30011/tcp, 8103/tcp, 40676/tcp, 6287/tcp, 3102/tcp (SoftlinK Slave Mon Port), 15742/tcp, 6752/tcp, 5440/tcp, 61989/tcp, 17777/tcp (SolarWinds Orion), 41329/tcp, 7064/tcp, 6266/tcp, 64094/tcp, 3360/tcp (KV Server), 1083/tcp (Anasoft License Manager), 5641/tcp, 30037/tcp, 6950/tcp, 54454/tcp, 10096/tcp, 6234/tcp, 5847/tcp, 1234/tcp (Infoseek Search Agent), 33202/tcp, 26/tcp, 6197/tcp, 5867/tcp, 31111/tcp, 6707/tcp, 41715/tcp, 50000/tcp, 4487/tcp (Protocol for Remote Execution over TCP), 9068/tcp, 87/tcp (any private terminal link), 13349/tcp, 8554/tcp (RTSP Alternate (see port 554)), 43389/tcp, 5806/tcp, 5569/tcp, 668/tcp (MeComm), 6038/tcp, 8020/tcp (Intuit Entitlement Service and Discovery), 4389/tcp (Xandros Community Management Service), 44741/tcp, 24683/tcp, 5553/tcp (SGI Eventmond Port), 11250/tcp, 33892/tcp, 5139/tcp, 8010/tcp, 20002/tcp (Commtact HTTP), 62881/tcp, 17025/tcp, 36899/tcp, 16384/tcp (Connected Corp), 6015/tcp, 1111/tcp (LM Social Server), 4009/tcp (Chimera HWM), 53134/tcp, 61111/tcp, 5391/tcp, 27011/tcp, 43399/tcp, 513/tcp (remote login a la telnet;), 2008/tcp (conf), 5789/tcp, 7789/tcp (Office Tools Pro Receive), 102/tcp (ISO-TSAP Class 0), 3614/tcp (Invensys Sigma Port), 8126/tcp, 42246/tcp, 7777/tcp (cbt), 33399/tcp, 30005/tcp, 5660/tcp, 8136/tcp, 53021/tcp, 5582/tcp (T-Mobile SMS Protocol Message 3), 5805/tcp, 33897/tcp, 13794/tcp, 2207/tcp (HP Status and Services), 53701/tcp, 2301/tcp (Compaq HTTP), 52680/tcp, 1176/tcp (Indigo Home Server), 88/tcp (Kerberos), 9911/tcp (SYPECom Transport Protocol), 5448/tcp, 4444/tcp (NV Video default), 27777/tcp, 6170/tcp, 26689/tcp, 59486/tcp, 5262/tcp, 53427/tcp, 11003/tcp, 49999/tcp, 4240/tcp, 3367/tcp (-3371  Satellite Video Data Link), 30336/tcp, 6200/tcp (LM-X License Manager by X-Formation), 63333/tcp, 5103/tcp (Actifio C2C), 46248/tcp, 4019/tcp (Talarian Mcast), 25273/tcp, 13350/tcp, 5328/tcp, 91/tcp (MIT Dover Spooler), 5401/tcp (Excerpt Search Secure), 31395/tcp, 6797/tcp, 32082/tcp, 30034/tcp, 5842/tcp, 48879/tcp, 30009/tcp, 4015/tcp (Talarian Mcast), 33891/tcp, 7020/tcp (DP Serve), 1019/tcp, 7395/tcp (winqedit), 57443/tcp, 5253/tcp (Kohler Power Device Protocol), 12001/tcp (IBM Enterprise Extender SNA COS Network Priority), 41816/tcp, 8091/tcp (Jam Link Framework), 6961/tcp (JMACT3), 27915/tcp, 30050/tcp, 3459/tcp (TIP Integral), 5355/tcp (LLMNR), 13005/tcp, 1025/tcp (network blackjack), 1462/tcp (World License Manager), 205/tcp (AppleTalk Unused), 6007/tcp, 25555/tcp, 5483/tcp, 7000/tcp (file server itself), 25712/tcp, 56374/tcp, 5640/tcp, 2099/tcp (H.225.0 Annex G), 53388/tcp, 60012/tcp, 7205/tcp, 7209/tcp, 3333/tcp (DEC Notes), 6220/tcp, 1235/tcp (mosaicsyssvc1), 5766/tcp (OpenMail NewMail Server), 2316/tcp (SENT License Manager), 48321/tcp, 12311/tcp, 6230/tcp, 6019/tcp, 2121/tcp (SCIENTIA-SSDB), 6045/tcp, 34981/tcp, 5303/tcp (HA cluster probing), 4489/tcp, 1984/tcp (BB), 15158/tcp, 3307/tcp (OP Session Proxy), 15305/tcp, 4536/tcp (Event Heap Server SSL), 1011/tcp, 30528/tcp, 6088/tcp, 55553/tcp, 5519/tcp, 61225/tcp, 48888/tcp, 51836/tcp, 2742/tcp (TSB2), 12210/tcp, 23399/tcp, 3370/tcp, 48744/tcp, 43704/tcp, 11085/tcp, 3334/tcp (Direct TV Webcasting), 34772/tcp, 45524/tcp, 5520/tcp, 6242/tcp (JEOL Network Services Data Transport Protocol 2), 4535/tcp (Event Heap Server), 25970/tcp, 1056/tcp (VFO), 40013/tcp, 31787/tcp, 57035/tcp, 63994/tcp, 18714/tcp, 13301/tcp, 34019/tcp, 27014/tcp, 5095/tcp, 6588/tcp, 66/tcp (Oracle SQL*NET), 56373/tcp, 10102/tcp (eZproxy), 5987/tcp (WBEM RMI), 51111/tcp, 43395/tcp, 16784/tcp, 14076/tcp, 14360/tcp, 2436/tcp (TOP/X), 58401/tcp, 32655/tcp, 5217/tcp, 7001/tcp (callbacks to cache managers), 5593/tcp, 5158/tcp, 4484/tcp (hpssmgmt service), 5742/tcp (IDA Discover Port 2), 55055/tcp, 5868/tcp, 5004/tcp (RTP media data [RFC 3551][RFC 4571]), 6008/tcp, 7016/tcp, 52362/tcp, 33923/tcp, 33996/tcp, 2343/tcp (nati logos), 44010/tcp, 38249/tcp, 33998/tcp, 5768/tcp (OpenMail CMTS Server), 3839/tcp (AMX Resource Management Suite), 5568/tcp (Session Data Transport Multicast), 5851/tcp, 5279/tcp, 5904/tcp, 4443/tcp (Pharos), 3402/tcp (FXa Engine Network Port), 4574/tcp, 12019/tcp, 3116/tcp (MCTET Gateway), 42059/tcp, 52066/tcp, 7376/tcp, 5337/tcp, 30018/tcp, 3366/tcp (Creative Partner), 5675/tcp (V5UA application port), 1908/tcp (Dawn), 4193/tcp (PxPlus remote file srvr), 34773/tcp, 3341/tcp (OMF data h), 5562/tcp, 14444/tcp, 5581/tcp (T-Mobile SMS Protocol Message 1), 5901/tcp, 5577/tcp, 8000/tcp (iRDMI), 29292/tcp, 18774/tcp, 6963/tcp (swismgr1), 24863/tcp, 44941/tcp, 5689/tcp (QM video network management protocol), 6741/tcp, 108/tcp (SNA Gateway Access Server), 33886/tcp, 1360/tcp (MIMER), 33391/tcp, 5222/tcp (XMPP Client Connection), 53352/tcp, 55556/tcp, 5239/tcp, 43333/tcp, 8007/tcp, 5144/tcp, 5979/tcp, 33334/tcp, 12005/tcp (DBISAM Database Server - Regular), 44444/tcp, 8877/tcp, 56000/tcp, 33991/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 6213/tcp, 2613/tcp (SMNTUBootstrap), 16690/tcp, 44311/tcp, 43683/tcp, 10086/tcp, 9069/tcp, 23333/tcp (Emulex HBAnyware Remote Management), 5579/tcp (FleetDisplay Tracking Service), 53426/tcp, 41217/tcp, 33332/tcp, 5846/tcp, 5535/tcp, 40014/tcp, 2048/tcp (dls-monitor), 8864/tcp, 5477/tcp, 5397/tcp (StressTester(tm) Injector), 19715/tcp, 3312/tcp (Application Management Server), 8890/tcp (Desktop Data TCP 2), 9184/tcp, 5646/tcp, 47777/tcp, 7195/tcp, 39815/tcp, 52473/tcp, 6021/tcp, 2645/tcp (Novell IPX CMD), 7981/tcp (Spotlight on SQL Server Desktop Collect), 1600/tcp (issd), 5955/tcp, 44445/tcp, 40999/tcp, 5676/tcp (RA Administration), 5418/tcp (MCNTP), 5780/tcp (Visual Tag System RPC), 8632/tcp, 13399/tcp, 6553/tcp, 4801/tcp (Icona Web Embedded Chat), 38889/tcp, 48033/tcp, 3014/tcp (Broker Service), 17878/tcp, 58796/tcp, 5643/tcp, 21422/tcp, 5864/tcp, 32135/tcp, 61002/tcp, 34983/tcp, 5685/tcp, 3932/tcp (Dynamic Site System), 1255/tcp (de-cache-query), 6554/tcp, 20932/tcp, 58480/tcp, 1078/tcp (Avocent Proxy Protocol), 9994/tcp (OnLive-3), 36672/tcp, 59639/tcp, 4792/tcp, 23894/tcp, 5809/tcp, 54444/tcp, 5389/tcp, 5171/tcp, 5432/tcp (PostgreSQL Database), 2138/tcp (UNBIND-CLUSTER), 28344/tcp, 21698/tcp, 37302/tcp, 5280/tcp (Bidirectional-streams Over Synchronous HTTP (BOSH)), 5775/tcp, 7140/tcp, 3550/tcp (Secure SMPP), 5681/tcp (Net-coneX Control Protocol), 26117/tcp, 6099/tcp (RAXA Management), 59128/tcp, 5537/tcp, 50877/tcp, 46626/tcp, 6041/tcp, 42002/tcp, 7953/tcp, 41001/tcp, 33778/tcp, 2020/tcp (xinupageserver), 11004/tcp, 38389/tcp, 3342/tcp (WebTIE), 1973/tcp (Data Link Switching Remote Access Protocol), 5909/tcp, 3999/tcp (Norman distributes scanning service), 5671/tcp (amqp protocol over TLS/SSL), 2634/tcp (PK Electronics), 33939/tcp, 5456/tcp (APC 5456), 5393/tcp, 51027/tcp, 57810/tcp, 1218/tcp (AeroFlight-ADs), 3301/tcp, 5536/tcp, 5692/tcp, 15999/tcp (ProGrammar Enterprise), 33994/tcp, 23764/tcp, 1975/tcp (TCO Flash Agent), 30021/tcp, 55558/tcp, 8590/tcp, 1015/tcp, 5679/tcp (Direct Cable Connect Manager), 8097/tcp (SAC Port Id), 20658/tcp, 29281/tcp, 20125/tcp, 2657/tcp (SNS Dispatcher), 1126/tcp (HP VMM Agent), 33899/tcp, 6511/tcp, 1642/tcp (isis-am), 58119/tcp, 19714/tcp, 27746/tcp, 333/tcp (Texar Security Port), 5950/tcp, 19319/tcp, 5413/tcp (WWIOTALK), 63002/tcp, 182/tcp (Unisys Audit SITP), 5338/tcp, 27960/tcp, 5691/tcp, 5500/tcp (fcp-addr-srvr1), 32624/tcp, 33350/tcp, 5559/tcp, 67/tcp (Bootstrap Protocol Server), 5940/tcp, 7878/tcp, 5486/tcp, 56666/tcp, 5361/tcp (Secure Protocol for Windows SideShow), 5459/tcp, 65155/tcp, 22229/tcp, 57671/tcp, 13701/tcp, 6207/tcp, 52890/tcp, 4241/tcp, 3361/tcp (KV Agent), 2837/tcp (Repliweb), 4011/tcp (Alternate Service Boot), 1888/tcp (NC Config Port), 39938/tcp, 62677/tcp, 7071/tcp (IWGADTS Aircraft Housekeeping Message), 32500/tcp, 8004/tcp, 61004/tcp, 5633/tcp (BE Operations Request Listener), 5810/tcp, 5919/tcp, 20010/tcp, 33333/tcp (Digital Gaslight Service), 5960/tcp, 63604/tcp, 54545/tcp, 5012/tcp (NetOnTap Service), 85/tcp (MIT ML Device), 14973/tcp, 31126/tcp, 14972/tcp, 7410/tcp (Ionix Network Monitor), 50695/tcp, 1352/tcp (Lotus Note), 3380/tcp (SNS Channels), 22961/tcp, 2003/tcp (Brutus Server), 30006/tcp, 6244/tcp (JEOL Network Services Data Transport Protocol 4), 5105/tcp, 14847/tcp, 2359/tcp (FlukeServer), 64045/tcp, 5773/tcp, 33901/tcp, 40435/tcp, 3417/tcp (ConServR file translation), 33889/tcp, 8863/tcp, 1584/tcp (tn-tl-fd2), 1353/tcp (Relief Consulting), 3397/tcp (Cloanto License Manager), 55999/tcp, 40935/tcp, 4499/tcp, 5143/tcp, 54557/tcp, 5871/tcp, 45385/tcp, 13309/tcp, 53389/tcp, 5499/tcp, 45/tcp (Message Processing Module [recv]), 22536/tcp, 55945/tcp, 6031/tcp, 22738/tcp, 1094/tcp (ROOTD), 36605/tcp, 5848/tcp, 1583/tcp (simbaexpress), 1079/tcp (ASPROVATalk), 5135/tcp (ERP-Scale), 9002/tcp (DynamID authentication), 5212/tcp, 6903/tcp, 52800/tcp, 6161/tcp (PATROL Internet Srv Mgr), 5690/tcp, 2220/tcp (NetIQ End2End), 44342/tcp, 5928/tcp, 5124/tcp, 3117/tcp (MCTET Jserv), 35555/tcp, 5336/tcp, 11316/tcp, 20351/tcp, 6661/tcp, 6005/tcp, 10162/tcp (SNMP-Trap-TLS), 7890/tcp, 6245/tcp, 5172/tcp, 31788/tcp, 2210/tcp (NOAAPORT Broadcast Network), 64637/tcp, 4680/tcp (MGE UPS Management), 22225/tcp, 5348/tcp, 3004/tcp (Csoft Agent), 42066/tcp, 5468/tcp, 3499/tcp (SccIP Media), 58873/tcp, 8117/tcp, 18861/tcp, 7399/tcp, 9999/tcp (distinct), 51090/tcp, 5807/tcp, 10123/tcp, 3375/tcp (VSNM Agent), 32259/tcp, 23388/tcp, 1361/tcp (LinX), 40002/tcp, 5921/tcp, 20231/tcp, 5284/tcp, 5506/tcp (Amcom Mobile Connect), 12726/tcp, 12000/tcp (IBM Enterprise Extender SNA XID Exchange), 43950/tcp, 8099/tcp, 7374/tcp, 3002/tcp (RemoteWare Server), 65524/tcp, 11115/tcp, 65012/tcp, 23785/tcp, 4490/tcp, 3240/tcp (Trio Motion Control Port), 44740/tcp, 3382/tcp (Fujitsu Network Enhanced Antitheft function), 5612/tcp, 3289/tcp (ENPC), 42081/tcp, 44341/tcp, 59094/tcp, 39527/tcp, 5957/tcp, 29588/tcp, 57488/tcp, 5964/tcp, 5765/tcp, 5380/tcp, 1346/tcp (Alta Analytics License Manager), 20540/tcp, 5974/tcp, 9191/tcp (Sun AppSvr JPDA), 38933/tcp, 5205/tcp, 8166/tcp, 59547/tcp, 3500/tcp (RTMP Port), 35196/tcp, 11852/tcp, 9559/tcp, 54321/tcp, 1238/tcp (hacl-qs), 42971/tcp, 14714/tcp, 493/tcp (Transport Independent Convergence for FNA), 33004/tcp, 50858/tcp, 3388/tcp (CB Server), 48826/tcp, 5261/tcp, 14075/tcp, 8022/tcp (oa-system), 33331/tcp (DiamondCentral Interface), 51319/tcp, 30010/tcp, 5501/tcp (fcp-addr-srvr2), 20362/tcp, 53024/tcp, 8085/tcp, 4005/tcp (pxc-pin), 1115/tcp (ARDUS Transfer), 54837/tcp, 63319/tcp, 7040/tcp, 25037/tcp, 2010/tcp (search), 5471/tcp, 24/tcp (any private mail system), 5931/tcp, 5382/tcp, 43058/tcp, 22263/tcp, 12539/tcp, 1222/tcp (SNI R&D network), 15716/tcp, 5408/tcp (Foresyte-Sec), 48968/tcp, 4063/tcp (Ice Firewall Traversal Service (TCP)), 40007/tcp, 3416/tcp (AirMobile IS Command Port), 64638/tcp, 8192/tcp (SpyTech Phone Service), 5662/tcp, 1048/tcp (Sun's NEO Object Request Broker), 33894/tcp, 4534/tcp, 25971/tcp, 1113/tcp (Licklider Transmission Protocol), 2019/tcp (whosockami), 3415/tcp (BCI Name Service), 61086/tcp, 1955/tcp (ABR-Secure Data (diskbridge)), 5978/tcp, 2478/tcp (SecurSight Authentication Server (SSL)), 5507/tcp, 8051/tcp, 4056/tcp (Location Message Service), 23351/tcp, 74/tcp (Remote Job Service), 5234/tcp (EEnet communications), 2240/tcp (RECIPe), 8094/tcp, 55501/tcp, 64252/tcp, 1960/tcp (Merit DAC NASmanager), 5533/tcp, 18773/tcp, 41125/tcp, 57487/tcp, 28112/tcp, 5586/tcp, 8382/tcp, 5697/tcp, 2718/tcp (PN REQUESTER 2), 2918/tcp (Kasten Chase Pad), 10006/tcp, 49754/tcp, 44443/tcp, 35589/tcp, 18875/tcp, 45347/tcp, 5532/tcp, 19318/tcp, 1112/tcp (Intelligent Communication Protocol), 3591/tcp (LOCANIS G-TRACK Server), 7993/tcp, 6210/tcp, 56197/tcp, 5252/tcp (Movaz SSC), 5334/tcp, 6023/tcp, 5644/tcp, 56779/tcp, 3322/tcp (-3325  Active Networks), 56438/tcp, 1107/tcp (ISOIPSIGPORT-2).
      
BHD Honeypot
Port scan
2019-11-11

Port scan from IP: 185.153.197.237 detected by psad.
BHD Honeypot
Port scan
2019-11-04

In the last 24h, the attacker (185.153.197.237) attempted to scan 35 ports.
The following ports have been scanned: 3368/tcp, 3398/tcp (Mercantile), 1000/tcp (cadlock2), 3359/tcp (WG NetForce), 33339/tcp, 3343/tcp (MS Cluster Net), 5010/tcp (TelepathStart), 3363/tcp (NATI Vi Server), 3320/tcp (Office Link 2000), 33882/tcp, 12222/tcp, 22220/tcp, 4491/tcp, 11000/tcp (IRISA), 33909/tcp, 55551/tcp, 3309/tcp (TNS ADV), 33884/tcp, 5566/tcp (Westec Connect), 61970/tcp, 3304/tcp (OP Session Server), 5550/tcp, 4040/tcp (Yo.net main service), 8010/tcp, 25555/tcp, 16666/tcp, 44444/tcp, 10086/tcp, 3312/tcp (Application Management Server), 8890/tcp (Desktop Data TCP 2), 13399/tcp, 4801/tcp (Icona Web Embedded Chat), 54321/tcp, 5501/tcp (fcp-addr-srvr2), 3322/tcp (-3325  Active Networks).
      
BHD Honeypot
Port scan
2019-11-03

In the last 24h, the attacker (185.153.197.237) attempted to scan 632 ports.
The following ports have been scanned: 3352/tcp (Scalable SQL), 4010/tcp (Samsung Unidex), 6689/tcp (Tofino Security Appliance), 2525/tcp (MS V-Worlds), 55552/tcp, 3589/tcp (isomair), 55589/tcp, 6001/tcp, 10793/tcp, 3305/tcp (ODETTE-FTP), 8088/tcp (Radan HTTP), 5188/tcp, 24444/tcp, 3398/tcp (Mercantile), 8381/tcp, 9009/tcp (Pichat Server), 65429/tcp, 5100/tcp (Socalia service mux), 2222/tcp (EtherNet/IP I/O), 3489/tcp (DTP/DIA), 33896/tcp, 3396/tcp (Printer Agent), 52222/tcp, 9000/tcp (CSlistener), 3359/tcp (WG NetForce), 62222/tcp, 8181/tcp, 63399/tcp, 3323/tcp, 9090/tcp (WebSM), 13579/tcp, 3321/tcp (VNSSTR), 7899/tcp, 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3324/tcp, 3389/tcp (MS WBT Server), 33900/tcp, 60001/tcp, 59999/tcp, 5678/tcp (Remote Replication Agent Connection), 8011/tcp, 1157/tcp (Oracle iASControl), 3356/tcp (UPNOTIFYPS), 22222/tcp, 18933/tcp, 4002/tcp (pxc-spvr-ft), 3345/tcp (Influence), 3444/tcp (Denali Server), 53333/tcp, 2001/tcp (dc), 7003/tcp (volume location database), 44449/tcp, 33339/tcp, 13389/tcp, 3344/tcp (BNT Manager), 3403/tcp, 3318/tcp (Swith to Swith Routing Information Protocol), 9833/tcp, 22228/tcp, 4008/tcp (NetCheque accounting), 1024/tcp (Reserved), 33885/tcp, 11112/tcp (DICOM), 44441/tcp, 11117/tcp, 3343/tcp (MS Cluster Net), 9001/tcp (ETL Service Manager), 33995/tcp, 37777/tcp, 13388/tcp, 3383/tcp (Enterprise Software Products License Manager), 5555/tcp (Personal Agent), 5010/tcp (TelepathStart), 4455/tcp (PR Chat User), 3363/tcp (NATI Vi Server), 19999/tcp (Distributed Network Protocol - Secure), 6666/tcp, 5872/tcp, 3320/tcp (Office Link 2000), 33902/tcp, 3100/tcp (OpCon/xps), 1018/tcp, 5003/tcp (FileMaker, Inc. - Proprietary transport), 55550/tcp, 63388/tcp, 4488/tcp (Apple Wide Area Connectivity Service ICE Bootstrap), 32768/tcp (Filenet TMS), 5589/tcp, 44447/tcp, 3330/tcp (MCS Calypso ICF), 11119/tcp, 33033/tcp, 33882/tcp, 50389/tcp, 3369/tcp, 13390/tcp, 50005/tcp, 33289/tcp, 5590/tcp, 3339/tcp (OMF data l), 65535/tcp, 33887/tcp, 3315/tcp (CDID), 6000/tcp (-6063/udp   X Window System), 3379/tcp (SOCORFS), 52438/tcp, 3314/tcp (Unify Object Host), 9998/tcp (Distinct32), 4001/tcp (NewOak), 12222/tcp, 44440/tcp, 60000/tcp, 58888/tcp, 55559/tcp, 3348/tcp (Pangolin Laser), 3000/tcp (RemoteWare Client), 3555/tcp (Vipul's Razor), 3349/tcp (Chevin Services), 56789/tcp, 20189/tcp, 3302/tcp (MCS Fastmail), 33993/tcp, 3405/tcp (Nokia Announcement ch 1), 3332/tcp (MCS Mail Server), 42222/tcp, 3535/tcp (MS-LA), 6969/tcp (acmsoda), 33908/tcp, 44442/tcp, 34444/tcp, 4491/tcp, 11111/tcp (Viral Computing Environment (VCE)), 8389/tcp, 3376/tcp (CD Broker), 50001/tcp, 11000/tcp (IRISA), 8100/tcp (Xprint Server), 4096/tcp (BRE (Bridge Relay Element)), 3373/tcp (Lavenir License Manager), 8089/tcp, 3347/tcp (Phoenix RPC), 8989/tcp (Sun Web Server SSL Admin Service), 4567/tcp (TRAM), 3372/tcp (TIP 2), 8121/tcp (Apollo Data Port), 889/tcp, 16898/tcp, 1818/tcp (Enhanced Trivial File Transfer Protocol), 12580/tcp, 55588/tcp, 60002/tcp, 8800/tcp (Sun Web Server Admin Service), 62266/tcp, 3490/tcp (Colubris Management Port), 41111/tcp (Foursticks QoS Protocol), 3456/tcp (VAT default data), 63390/tcp, 12389/tcp, 3311/tcp (MCNS Tel Ret), 5502/tcp (fcp-srvr-inst1), 51000/tcp, 53390/tcp, 3384/tcp (Cluster Management Services), 33909/tcp, 5050/tcp (multimedia conference control tool), 3310/tcp (Dyna Access), 2017/tcp (cypress-stat), 22227/tcp, 3329/tcp (HP Device Disc), 33883/tcp, 5001/tcp (commplex-link), 10101/tcp (eZmeeting), 33992/tcp, 21111/tcp, 1122/tcp (availant-mgr), 3328/tcp (Eaglepoint License Manager), 55551/tcp, 3401/tcp (filecast), 33895/tcp, 11118/tcp, 5005/tcp (RTP control protocol [RFC 3551][RFC 4571]), 4200/tcp (-4299  VRML Multi User Systems), 43390/tcp, 33890/tcp, 60039/tcp, 3600/tcp (text relay-answer), 3337/tcp (Direct TV Data Catalog), 3393/tcp (D2K Tapestry Client to Server), 33898/tcp, 11114/tcp, 3392/tcp (EFI License Management), 8081/tcp (Sun Proxy Admin Service), 7389/tcp, 5000/tcp (commplex-main), 3309/tcp (TNS ADV), 8080/tcp (HTTP Alternate (see port 80)), 33999/tcp, 3001/tcp, 3689/tcp (Digital Audio Access Protocol), 8009/tcp, 25703/tcp, 3351/tcp (Btrieve port), 2016/tcp (bootserver), 3394/tcp (D2K Tapestry Server to Server), 4550/tcp (Perman I Interbase Server), 28888/tcp, 3316/tcp (AICC/CMI), 9008/tcp (Open Grid Services Server), 44446/tcp, 33997/tcp, 3335/tcp (Direct TV Software Updates), 60119/tcp, 33336/tcp, 30999/tcp (OpenView Service Desk Client), 3030/tcp (Arepa Cas), 3371/tcp, 3306/tcp (MySQL), 3346/tcp (Trnsprnt Proxy), 1001/tcp, 64444/tcp, 6060/tcp, 3010/tcp (Telerate Workstation), 10018/tcp, 1981/tcp (p2pQ), 3353/tcp (FATPIPE), 13000/tcp, 3391/tcp (SAVANT), 11116/tcp, 3300/tcp, 46666/tcp, 6002/tcp, 7002/tcp (users & groups database), 4100/tcp (IGo Incognito Data Port), 23389/tcp, 21388/tcp, 53399/tcp, 55554/tcp, 2015/tcp (cypress), 3308/tcp (TNS Server), 57777/tcp, 5566/tcp (Westec Connect), 3313/tcp (Unify Object Broker), 40001/tcp, 3400/tcp (CSMS2), 3340/tcp (OMF data m), 4020/tcp (TRAP Port), 8899/tcp (ospf-lite), 5051/tcp (ITA Agent), 3355/tcp (Ordinox Dbase), 33089/tcp, 61970/tcp, 33880/tcp, 3338/tcp (OMF data b), 3350/tcp (FINDVIATV), 3354/tcp (SUITJD), 4242/tcp, 3003/tcp (CGMS), 63389/tcp, 3374/tcp (Cluster Disc), 55001/tcp, 18888/tcp (APCNECMP), 3304/tcp (OP Session Server), 8889/tcp (Desktop Data TCP 1), 33907/tcp, 33335/tcp, 2749/tcp (fjippol-cnsl), 3336/tcp (Direct TV Tickers), 3325/tcp, 5002/tcp (radio free ethernet), 9389/tcp (Active Directory Web Services), 5550/tcp, 4040/tcp (Yo.net main service), 3381/tcp (Geneous), 3889/tcp (D and V Tester Control Port), 15742/tcp, 17777/tcp (SolarWinds Orion), 3360/tcp (KV Server), 1234/tcp (Infoseek Search Agent), 43389/tcp, 4389/tcp (Xandros Community Management Service), 33892/tcp, 8010/tcp, 1111/tcp (LM Social Server), 4009/tcp (Chimera HWM), 61111/tcp, 43399/tcp, 7789/tcp (Office Tools Pro Receive), 7777/tcp (cbt), 33897/tcp, 3357/tcp (Adtech Test IP), 4444/tcp (NV Video default), 27777/tcp, 49999/tcp, 3367/tcp (-3371  Satellite Video Data Link), 63333/tcp, 25555/tcp, 53388/tcp, 3333/tcp (DEC Notes), 4489/tcp, 16666/tcp, 3307/tcp (OP Session Proxy), 55553/tcp, 61225/tcp, 48888/tcp, 23399/tcp, 3370/tcp, 3334/tcp (Direct TV Webcasting), 57035/tcp, 51111/tcp, 7001/tcp (callbacks to cache managers), 5004/tcp (RTP media data [RFC 3551][RFC 4571]), 33923/tcp, 33996/tcp, 3402/tcp (FXa Engine Network Port), 3366/tcp (Creative Partner), 3341/tcp (OMF data h), 14444/tcp, 5577/tcp, 33391/tcp, 55556/tcp, 43333/tcp, 33334/tcp, 44444/tcp, 8877/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 33332/tcp, 3481/tcp (CleanerLive remote ctrl), 2048/tcp (dls-monitor), 8864/tcp, 8890/tcp (Desktop Data TCP 2), 44445/tcp, 1989/tcp (MHSnet system), 4801/tcp (Icona Web Embedded Chat), 3590/tcp (WV CSP SMS Binding), 54444/tcp, 5389/tcp, 10000/tcp (Network Data Management Protocol), 2020/tcp (xinupageserver), 3365/tcp (Content Server), 3342/tcp (WebTIE), 3999/tcp (Norman distributes scanning service), 1218/tcp (AeroFlight-ADs), 3301/tcp, 33994/tcp, 55558/tcp, 33899/tcp, 65425/tcp, 5500/tcp (fcp-addr-srvr1), 56666/tcp, 22229/tcp, 52890/tcp, 3361/tcp (KV Agent), 4011/tcp (Alternate Service Boot), 7071/tcp (IWGADTS Aircraft Housekeeping Message), 8004/tcp, 33333/tcp (Digital Gaslight Service), 44448/tcp, 3380/tcp (SNS Channels), 30006/tcp, 1353/tcp (Relief Consulting), 3397/tcp (Cloanto License Manager), 9002/tcp (DynamID authentication), 3399/tcp (CSMS), 22225/tcp, 5123/tcp, 9999/tcp (distinct), 3375/tcp (VSNM Agent), 12000/tcp (IBM Enterprise Extender SNA XID Exchange), 3002/tcp (RemoteWare Server), 11115/tcp, 4490/tcp, 3382/tcp (Fujitsu Network Enhanced Antitheft function), 9191/tcp (Sun AppSvr JPDA), 3500/tcp (RTMP Port), 3319/tcp (SDT License Manager), 3388/tcp (CB Server), 5501/tcp (fcp-addr-srvr2), 8085/tcp, 4005/tcp (pxc-pin), 2010/tcp (search), 8192/tcp (SpyTech Phone Service), 33894/tcp, 3322/tcp (-3325  Active Networks).
      
BHD Honeypot
Port scan
2019-11-02

Port scan from IP: 185.153.197.237 detected by psad.
BHD Honeypot
Port scan
2019-10-29

In the last 24h, the attacker (185.153.197.237) attempted to scan 30 ports.
The following ports have been scanned: 3398/tcp (Mercantile), 9090/tcp (WebSM), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 33900/tcp, 3387/tcp (Back Room Net), 5510/tcp, 4000/tcp (Terabase), 33390/tcp, 33389/tcp, 33890/tcp, 3393/tcp (D2K Tapestry Client to Server), 33898/tcp, 3392/tcp (EFI License Management), 5000/tcp (commplex-main), 3391/tcp (SAVANT), 3300/tcp, 3400/tcp (CSMS2), 3355/tcp (Ordinox Dbase), 43389/tcp, 4009/tcp (Chimera HWM), 33897/tcp, 3333/tcp (DEC Notes), 4489/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 3397/tcp (Cloanto License Manager), 3399/tcp (CSMS), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 3388/tcp (CB Server), 33894/tcp.
      
BHD Honeypot
Port scan
2019-10-28

Port scan from IP: 185.153.197.237 detected by psad.
BHD Honeypot
Port scan
2019-09-22

In the last 24h, the attacker (185.153.197.237) attempted to scan 62 ports.
The following ports have been scanned: 57879/tcp, 56565/tcp, 3368/tcp, 61578/tcp, 57657/tcp, 60007/tcp, 51199/tcp, 3364/tcp (Creative Server), 60001/tcp, 52525/tcp, 60006/tcp, 55000/tcp, 3377/tcp (Cogsys Network License Manager), 64794/tcp, 55057/tcp, 3383/tcp (Enterprise Software Products License Manager), 55058/tcp, 3387/tcp (Back Room Net), 57878/tcp, 50389/tcp, 3369/tcp, 60004/tcp, 55120/tcp, 60000/tcp, 55054/tcp, 61500/tcp, 3373/tcp (Lavenir License Manager), 65132/tcp, 3372/tcp (TIP 2), 54489/tcp, 60002/tcp, 51000/tcp, 3384/tcp (Cluster Management Services), 55239/tcp, 58058/tcp, 3371/tcp, 56893/tcp, 53399/tcp, 60003/tcp, 65500/tcp, 61970/tcp, 60009/tcp, 53574/tcp, 57483/tcp, 54845/tcp, 63389/tcp, 3374/tcp (Cluster Disc), 55053/tcp, 63215/tcp, 3367/tcp (-3371  Satellite Video Data Link), 60008/tcp, 3370/tcp, 55055/tcp, 61118/tcp, 3365/tcp (Content Server), 53389/tcp, 3375/tcp (VSNM Agent), 61474/tcp, 3382/tcp (Fujitsu Network Enhanced Antitheft function), 55056/tcp, 56179/tcp.
      
BHD Honeypot
Port scan
2019-09-21

In the last 24h, the attacker (185.153.197.237) attempted to scan 6 ports.
The following ports have been scanned: 3100/tcp (OpCon/xps), 3210/tcp (Flamenco Networks Proxy), 3080/tcp (stm_pproc), 3211/tcp (Avocent Secure Management), 3185/tcp (SuSE Meta PPPD).
      
BHD Honeypot
Port scan
2019-09-21

Port scan from IP: 185.153.197.237 detected by psad.

Blacklist

Near real-time, easy to use data feed containing IPs reported on our website.

Bronze

$3

Updated daily

Learn More

Silver

$15

Updated every hour

Learn More

Gold

$30

Updated every 10 minutes

Learn More

Remarks

Black hat directory contains this IP address, because Internet users reported it as an address making unsolicited, nagging requests. We make every effort to ensure that the information contained in the Black hat directory are correct and up to date. The database is developed and updated by Internet users and moderators.

If you have any reliable information regarding malicious activity originating from this IP address, please share it with others and fill in the 'Report breach' form. It is prohibited from adding personally identifiable information.

Below breach categories are used in the database:

  • Denial of service attack - this attack is accomplished by flooding the target with massive amount of requests in order to overload the targeted system
  • Brute force attack - this category encompasses attempts to login to machine by trying many passwords and usernames
  • Backdoor attack - this category represents bypassing authentication by hidden programs or services to obtain remote access to a computer or trojan activity
  • Port scan - represents attackers identifying running services on the targeted machine by probing a server for open ports
  • Malicious bot - this category encompasses all bots performing unsolicited requests or ignoring robots.txt file
  • Anonymous proxy - public proxies like Tor, I2P relays or anonymous VPNs are often used by attacker to hide his identity
  • Web attack - attempts to exploit web application security flaws
  • CMS attack - attempts to exploit CMS vulnerability
  • App vulnerability attack - attempts to exploit other applications vulnerability
  • Web spam - encompasses all kind of HTTP spamming
  • Email spam - encompasses all kind of E-mail spamming
  • Dodgy activity - this category encompasses superfluous, dodgy requests

Similar hosts

Hosts with the same ASN

Report breach!

Rate host 185.153.197.237