IP address: 193.27.229.92

Host rating:

2.0

out of 36 votes

Last update: 2020-11-04

Host details

Unknown
Unknown
Unknown
Unknown
See comments

Reported breaches

  • Port scan
Report breach

User comments

36 security incident(s) reported by users

BHD Honeypot
Port scan
2020-11-04

In the last 24h, the attacker (193.27.229.92) attempted to scan 275 ports.
The following ports have been scanned: 11989/tcp, 7097/tcp, 7093/tcp, 27989/tcp, 1515/tcp (ifor-protocol), 5102/tcp (Oracle OMS non-secure), 14489/tcp, 289/tcp, 65056/tcp, 31089/tcp, 33388/tcp, 1000/tcp (cadlock2), 24589/tcp, 28189/tcp, 37189/tcp, 39689/tcp, 33589/tcp, 1889/tcp (Unify Web Adapter Service), 3323/tcp, 4989/tcp (Parallel for GAUSS (tm)), 13089/tcp, 21989/tcp, 6289/tcp, 241/tcp, 60001/tcp, 2105/tcp (MiniPay), 59999/tcp, 5889/tcp, 33189/tcp, 30089/tcp, 23689/tcp, 13889/tcp, 27489/tcp, 2013/tcp (raid-am), 13289/tcp, 1124/tcp (HP VMM Control), 14289/tcp, 39289/tcp, 13489/tcp, 29789/tcp, 39389/tcp, 31989/tcp, 2189/tcp, 22489/tcp, 16189/tcp, 24050/tcp, 2489/tcp (TSILB), 11389/tcp, 11089/tcp, 7091/tcp, 28089/tcp, 38902/tcp, 27389/tcp, 7099/tcp (lazy-ptop), 31789/tcp, 5104/tcp, 5101/tcp (Talarian_TCP), 20000/tcp (DNP), 13390/tcp, 38489/tcp, 33289/tcp, 6589/tcp, 24989/tcp, 3315/tcp (CDID), 25789/tcp, 36789/tcp, 23654/tcp, 1978/tcp (UniSQL), 3314/tcp (Unify Object Host), 28989/tcp, 12189/tcp, 389/tcp (Lightweight Directory Access Protocol), 44771/tcp, 35789/tcp, 14889/tcp, 1589/tcp (VQP), 2211/tcp (EMWIN), 25589/tcp, 35989/tcp, 16289/tcp, 189/tcp (Queued File Transport), 35889/tcp, 7102/tcp, 3502/tcp (Avocent Install Discovery), 13384/tcp, 4022/tcp (DNOX), 15089/tcp, 2009/tcp (news), 24060/tcp, 50001/tcp, 1002/tcp, 14189/tcp, 39789/tcp, 39489/tcp, 31289/tcp, 1630/tcp (Oracle Net8 Cman), 36489/tcp, 11589/tcp, 36689/tcp, 1689/tcp (firefox), 22589/tcp, 36989/tcp, 38289/tcp, 39589/tcp, 22189/tcp, 3222/tcp (Gateway Load Balancing Pr), 27045/tcp, 12089/tcp, 13589/tcp, 12789/tcp, 29861/tcp, 34189/tcp, 5001/tcp (commplex-link), 32889/tcp, 32489/tcp, 1122/tcp (availant-mgr), 30889/tcp, 2289/tcp (Lookup dict server), 33389/tcp, 29889/tcp, 15889/tcp, 34589/tcp, 6390/tcp (MetaEdit+ WebService API), 1200/tcp (SCOL), 16089/tcp, 10089/tcp, 11889/tcp, 22389/tcp, 34989/tcp, 14089/tcp, 11489/tcp (ASG Cypress Secure Only), 36969/tcp, 22789/tcp, 28289/tcp, 3650/tcp (PRISMIQ VOD plug-in), 4789/tcp, 14147/tcp, 1089/tcp (FF Annunciation), 5989/tcp (WBEM CIM-XML (HTTPS)), 23589/tcp, 28489/tcp, 10989/tcp, 3306/tcp (MySQL), 38189/tcp, 24089/tcp, 2399/tcp (FileMaker, Inc. - Data Access Layer), 15689/tcp, 40789/tcp, 5089/tcp, 1189/tcp (Unet Connection), 31589/tcp, 1026/tcp (Calendar Access Protocol), 15389/tcp, 1144/tcp (Fusion Script), 3491/tcp (SWR Port), 25089/tcp, 6101/tcp (SynchroNet-rtc), 44000/tcp, 11189/tcp, 24889/tcp, 27189/tcp, 37589/tcp, 24389/tcp, 33489/tcp, 32000/tcp, 27089/tcp, 33089/tcp, 24789/tcp, 39089/tcp, 37289/tcp, 34800/tcp, 2689/tcp (FastLynx), 28689/tcp, 2150/tcp (DYNAMIC3D), 35489/tcp, 3501/tcp (iSoft-P2P), 11689/tcp, 23089/tcp, 40289/tcp, 12345/tcp (Italk Chat System), 6489/tcp (Service Registry Default Admin Domain), 5900/tcp (Remote Framebuffer), 32589/tcp, 3889/tcp (D and V Tester Control Port), 13392/tcp, 3360/tcp (KV Server), 50000/tcp, 23289/tcp, 21789/tcp, 25189/tcp, 37989/tcp, 4444/tcp (NV Video default), 26689/tcp, 37789/tcp, 12289/tcp, 5103/tcp (Actifio C2C), 3899/tcp (ITV Port), 1025/tcp (network blackjack), 1389/tcp (Document Manager), 14989/tcp, 24189/tcp, 10289/tcp, 1011/tcp, 26989/tcp, 23789/tcp, 34889/tcp, 1300/tcp (H323 Host Call Secure), 21689/tcp, 3839/tcp (AMX Resource Management Suite), 3860/tcp (Server/Application State Protocol (SASP)), 14389/tcp, 3891/tcp (Oracle RTC-PM port), 24489/tcp, 30689/tcp, 2018/tcp (terminaldb), 26089/tcp, 12489/tcp, 1989/tcp (MHSnet system), 38889/tcp, 38899/tcp, 31889/tcp, 31753/tcp, 39889/tcp, 6379/tcp, 10000/tcp (Network Data Management Protocol), 7096/tcp, 2020/tcp (xinupageserver), 3365/tcp (Content Server), 3342/tcp (WebTIE), 15589/tcp, 3999/tcp (Norman distributes scanning service), 11789/tcp, 27689/tcp, 28889/tcp, 39189/tcp, 3989/tcp (BindView-Query Engine), 1987/tcp (cisco RSRB Priority 1 port), 26389/tcp, 33609/tcp, 5105/tcp, 14589/tcp, 3189/tcp (Pinnacle Sys InfEx Port), 10889/tcp, 53389/tcp, 22889/tcp, 5112/tcp (PeerMe Msg Cmd Service), 30589/tcp, 21589/tcp, 4899/tcp (RAdmin Port), 32789/tcp, 5113/tcp, 2089/tcp (Security Encapsulation Protocol - SEP), 5109/tcp, 10189/tcp, 32689/tcp, 37889/tcp, 3289/tcp (ENPC), 30489/tcp, 11289/tcp, 27289/tcp, 35689/tcp, 37389/tcp, 2000/tcp (Cisco SCCP), 36589/tcp, 30289/tcp, 1457/tcp (Valisys License Manager), 35589/tcp, 23889/tcp, 5007/tcp (wsm server ssl), 1212/tcp (lupa).
      
BHD Honeypot
Port scan
2020-11-03

In the last 24h, the attacker (193.27.229.92) attempted to scan 32 ports.
The following ports have been scanned: 3398/tcp (Mercantile), 7788/tcp, 8808/tcp, 5357/tcp (Web Services for Devices), 7009/tcp (remote cache manager service), 3000/tcp (RemoteWare Client), 8050/tcp, 8389/tcp, 4169/tcp (Automation Drive Interface Transport), 100/tcp ([unauthorized use]), 3392/tcp (EFI License Management), 3309/tcp (TNS ADV), 22389/tcp, 8040/tcp (Ampify Messaging Protocol), 23589/tcp, 1001/tcp, 6145/tcp (StatSci License Manager - 2), 8889/tcp (Desktop Data TCP 1), 8070/tcp, 7044/tcp, 6699/tcp, 9137/tcp, 33839/tcp, 9003/tcp, 5112/tcp (PeerMe Msg Cmd Service), 8039/tcp, 8880/tcp (CDDBP), 5007/tcp (wsm server ssl).
      
BHD Honeypot
Port scan
2020-11-01

In the last 24h, the attacker (193.27.229.92) attempted to scan 115 ports.
The following ports have been scanned: 9138/tcp, 8088/tcp (Radan HTTP), 3398/tcp (Mercantile), 8078/tcp, 3396/tcp (Printer Agent), 8193/tcp, 49208/tcp, 9090/tcp (WebSM), 7100/tcp (X Font Service), 7788/tcp, 8808/tcp, 5357/tcp (Web Services for Devices), 1988/tcp (cisco RSRB Priority 2 port), 7009/tcp (remote cache manager service), 8008/tcp (HTTP Alternate), 30088/tcp, 7101/tcp (Embedded Light Control Network), 3000/tcp (RemoteWare Client), 61389/tcp, 8060/tcp, 8050/tcp, 8389/tcp, 8089/tcp, 6012/tcp, 4169/tcp (Automation Drive Interface Transport), 100/tcp ([unauthorized use]), 3222/tcp (Gateway Load Balancing Pr), 8167/tcp, 7111/tcp, 5001/tcp (commplex-link), 6122/tcp (Backup Express Web Server), 3392/tcp (EFI License Management), 3309/tcp (TNS ADV), 22389/tcp, 7005/tcp (volume managment server), 14147/tcp, 6078/tcp, 23589/tcp, 1001/tcp, 6145/tcp (StatSci License Manager - 2), 9889/tcp (Port for Cable network related data proxy or repeater), 3391/tcp (SAVANT), 9966/tcp (OKI Data Network Setting Protocol), 5051/tcp (ITA Agent), 8892/tcp (Desktop Data TCP 4: FARM product), 8889/tcp (Desktop Data TCP 1), 8020/tcp (Intuit Entitlement Service and Discovery), 8070/tcp, 7044/tcp, 6699/tcp, 3366/tcp (Creative Partner), 8000/tcp (iRDMI), 8888/tcp (NewsEDGE server TCP (TCP 1)), 9137/tcp, 39889/tcp, 33839/tcp, 3342/tcp (WebTIE), 9003/tcp, 5112/tcp (PeerMe Msg Cmd Service), 3399/tcp (CSMS), 8039/tcp, 24689/tcp, 8880/tcp (CDDBP), 5612/tcp, 5007/tcp (wsm server ssl), 1212/tcp (lupa).
      
BHD Honeypot
Port scan
2020-10-31

Port scan from IP: 193.27.229.92 detected by psad.
BHD Honeypot
Port scan
2020-10-28

In the last 24h, the attacker (193.27.229.92) attempted to scan 15 ports.
The following ports have been scanned: 52701/tcp, 49901/tcp, 55801/tcp, 48201/tcp, 54501/tcp, 50501/tcp, 56701/tcp, 50401/tcp, 54001/tcp, 50601/tcp, 51501/tcp, 49201/tcp, 48501/tcp, 52401/tcp.
      
BHD Honeypot
Port scan
2020-10-27

In the last 24h, the attacker (193.27.229.92) attempted to scan 15 ports.
The following ports have been scanned: 56201/tcp, 55401/tcp, 50801/tcp, 54201/tcp, 48901/tcp, 50701/tcp, 50501/tcp, 54901/tcp, 53001/tcp, 52301/tcp, 52001/tcp, 54401/tcp, 54301/tcp, 51201/tcp.
      
BHD Honeypot
Port scan
2020-10-24

In the last 24h, the attacker (193.27.229.92) attempted to scan 6 ports.
The following ports have been scanned: 6689/tcp (Tofino Security Appliance), 9090/tcp (WebSM), 33/tcp (Display Support Protocol), 3472/tcp (JAUGS N-G Remotec 1), 7777/tcp (cbt).
      
BHD Honeypot
Port scan
2020-10-23

In the last 24h, the attacker (193.27.229.92) attempted to scan 63 ports.
The following ports have been scanned: 17888/tcp, 1515/tcp (ifor-protocol), 2222/tcp (EtherNet/IP I/O), 13888/tcp, 111/tcp (SUN Remote Procedure Call), 22222/tcp, 3377/tcp (Cogsys Network License Manager), 13389/tcp, 3344/tcp (BNT Manager), 30000/tcp, 12888/tcp, 19999/tcp (Distributed Network Protocol - Secure), 12333/tcp, 19888/tcp, 20000/tcp (DNP), 13390/tcp, 33289/tcp, 1988/tcp (cisco RSRB Priority 2 port), 222/tcp (Berkeley rshd with SPX auth), 30389/tcp, 3000/tcp (RemoteWare Client), 31389/tcp, 33689/tcp, 1818/tcp (Enhanced Trivial File Transfer Protocol), 10001/tcp (SCP Configuration), 15888/tcp, 3222/tcp (Gateway Load Balancing Pr), 10087/tcp, 33389/tcp, 1101/tcp (PT2-DISCOVER), 3309/tcp (TNS ADV), 2233/tcp (INFOCRYPT), 3378/tcp (WSICOPY), 28888/tcp, 10211/tcp, 11011/tcp, 1001/tcp, 2828/tcp (ITM License Manager), 1010/tcp (surf), 1100/tcp (MCTP), 23389/tcp, 33489/tcp, 3355/tcp (Ordinox Dbase), 33089/tcp, 18888/tcp (APCNECMP), 12345/tcp (Italk Chat System), 13392/tcp, 3360/tcp (KV Server), 1111/tcp (LM Social Server), 3333/tcp (DEC Notes), 1011/tcp, 14888/tcp, 3366/tcp (Creative Partner), 10000/tcp (Network Data Management Protocol), 333/tcp (Texar Security Port), 3289/tcp (ENPC), 10888/tcp, 11888/tcp, 2000/tcp (Cisco SCCP), 10002/tcp (EMC-Documentum Content Server Product), 1212/tcp (lupa).
      
BHD Honeypot
Port scan
2020-10-23

Port scan from IP: 193.27.229.92 detected by psad.
BHD Honeypot
Port scan
2020-10-06

In the last 24h, the attacker (193.27.229.92) attempted to scan 284 ports.
The following ports have been scanned: 32089/tcp, 11989/tcp, 7097/tcp, 7093/tcp, 27989/tcp, 2589/tcp (quartus tcl), 27589/tcp, 29189/tcp, 40589/tcp, 3589/tcp (isomair), 1515/tcp (ifor-protocol), 14489/tcp, 289/tcp, 65056/tcp, 33388/tcp, 1000/tcp (cadlock2), 3489/tcp (DTP/DIA), 35389/tcp, 32289/tcp, 49208/tcp, 1889/tcp (Unify Web Adapter Service), 4889/tcp, 7092/tcp, 3323/tcp, 7100/tcp (X Font Service), 4400/tcp (ASIGRA Services), 4989/tcp (Parallel for GAUSS (tm)), 13089/tcp, 6289/tcp, 27789/tcp, 241/tcp, 2105/tcp (MiniPay), 5678/tcp (Remote Replication Agent Connection), 49852/tcp, 33189/tcp, 30089/tcp, 38789/tcp, 31489/tcp, 24289/tcp, 2013/tcp (raid-am), 10689/tcp, 13289/tcp, 34489/tcp, 26789/tcp, 14289/tcp, 25889/tcp, 39289/tcp, 13489/tcp, 29789/tcp, 36889/tcp, 39389/tcp, 5106/tcp, 6600/tcp (Microsoft Hyper-V Live Migration), 22489/tcp, 16189/tcp, 24050/tcp, 19999/tcp (Distributed Network Protocol - Secure), 11089/tcp, 7091/tcp, 28089/tcp, 38902/tcp, 34389/tcp, 26189/tcp, 31789/tcp, 5589/tcp, 30989/tcp, 37489/tcp, 5101/tcp (Talarian_TCP), 1985/tcp (Hot Standby Router Protocol), 20000/tcp (DNP), 13390/tcp, 38489/tcp, 33289/tcp, 6589/tcp, 1988/tcp (cisco RSRB Priority 2 port), 24989/tcp, 26289/tcp, 3315/tcp (CDID), 6000/tcp (-6063/udp   X Window System), 25789/tcp, 36789/tcp, 14789/tcp, 23654/tcp, 30088/tcp, 28989/tcp, 58052/tcp, 12689/tcp, 7101/tcp (Embedded Light Control Network), 14889/tcp, 60000/tcp, 35989/tcp, 58888/tcp, 2101/tcp (rtcm-sc104), 5656/tcp, 7102/tcp, 10489/tcp, 23489/tcp, 13384/tcp, 4022/tcp (DNOX), 11447/tcp, 4000/tcp (Terabase), 39789/tcp, 39489/tcp, 31289/tcp, 2484/tcp (Oracle TTC SSL), 12889/tcp, 11589/tcp, 22589/tcp, 36989/tcp, 38689/tcp, 10001/tcp (SCP Configuration), 3222/tcp (Gateway Load Balancing Pr), 5111/tcp (TAEP AS service), 13589/tcp, 23989/tcp, 32389/tcp, 22289/tcp, 34189/tcp, 5001/tcp (commplex-link), 32489/tcp, 1122/tcp (availant-mgr), 10087/tcp, 33389/tcp, 29889/tcp, 23189/tcp, 15889/tcp, 6390/tcp (MetaEdit+ WebService API), 10007/tcp (MVS Capacity), 39989/tcp, 61010/tcp, 5000/tcp (commplex-main), 16089/tcp, 3001/tcp, 3689/tcp (Digital Audio Access Protocol), 22389/tcp, 34989/tcp, 14089/tcp, 11489/tcp (ASG Cypress Secure Only), 36969/tcp, 44025/tcp, 14689/tcp, 25289/tcp, 2989/tcp (ZARKOV Intelligent Agent Communication), 25689/tcp, 14147/tcp, 11011/tcp, 13989/tcp, 31689/tcp, 13189/tcp, 3030/tcp (Arepa Cas), 23589/tcp, 28489/tcp, 3306/tcp (MySQL), 38189/tcp, 24089/tcp, 1001/tcp, 2399/tcp (FileMaker, Inc. - Data Access Layer), 15689/tcp, 40789/tcp, 5089/tcp, 25389/tcp, 5107/tcp, 22089/tcp, 29689/tcp, 3300/tcp, 31589/tcp, 3888/tcp (Ciphire Services), 15389/tcp, 1144/tcp (Fusion Script), 3491/tcp (SWR Port), 25089/tcp, 44000/tcp, 15789/tcp, 27189/tcp, 37589/tcp, 3313/tcp (Unify Object Broker), 24389/tcp, 33489/tcp, 38999/tcp, 27089/tcp, 5051/tcp (ITA Agent), 33089/tcp, 39999/tcp, 29489/tcp, 38589/tcp, 15189/tcp, 24789/tcp, 39089/tcp, 37289/tcp, 2689/tcp (FastLynx), 28689/tcp, 35489/tcp, 62458/tcp, 15489/tcp, 34289/tcp, 23089/tcp, 40289/tcp, 12345/tcp (Italk Chat System), 1289/tcp (JWalkServer), 32589/tcp, 3889/tcp (D and V Tester Control Port), 6537/tcp, 5108/tcp, 3360/tcp (KV Server), 1234/tcp (Infoseek Search Agent), 25989/tcp, 23289/tcp, 21789/tcp, 7094/tcp, 12989/tcp, 29389/tcp, 25189/tcp, 37989/tcp, 4444/tcp (NV Video default), 37789/tcp, 1389/tcp (Document Manager), 14989/tcp, 15989/tcp, 10589/tcp, 3333/tcp (DEC Notes), 6389/tcp (clariion-evr01), 65000/tcp, 24189/tcp, 23789/tcp, 34889/tcp, 1300/tcp (H323 Host Call Secure), 3860/tcp (Server/Application State Protocol (SASP)), 27889/tcp, 5689/tcp (QM video network management protocol), 3891/tcp (Oracle RTC-PM port), 29289/tcp, 24489/tcp, 30689/tcp, 2018/tcp (terminaldb), 26089/tcp, 38899/tcp, 31889/tcp, 39889/tcp, 6379/tcp, 33569/tcp, 10000/tcp (Network Data Management Protocol), 3365/tcp (Content Server), 38389/tcp, 15589/tcp, 11789/tcp, 27689/tcp, 28889/tcp, 39189/tcp, 40089/tcp, 3989/tcp (BindView-Query Engine), 1987/tcp (cisco RSRB Priority 1 port), 26389/tcp, 33333/tcp (Digital Gaslight Service), 33609/tcp, 3874/tcp (SixXS Configuration), 5105/tcp, 14589/tcp, 22558/tcp, 10889/tcp, 5112/tcp (PeerMe Msg Cmd Service), 26889/tcp, 21589/tcp, 4589/tcp, 10189/tcp, 2006/tcp (invokator), 37889/tcp, 3289/tcp (ENPC), 30489/tcp, 40189/tcp, 35689/tcp, 37389/tcp, 55881/tcp, 2000/tcp (Cisco SCCP), 36589/tcp, 30289/tcp, 2019/tcp (whosockami), 28789/tcp, 35589/tcp, 1212/tcp (lupa), 3322/tcp (-3325  Active Networks), 28589/tcp.
      
BHD Honeypot
Port scan
2020-10-05

In the last 24h, the attacker (193.27.229.92) attempted to scan 149 ports.
The following ports have been scanned: 1433/tcp (Microsoft-SQL-Server), 38989/tcp, 31089/tcp, 2012/tcp (ttyinfo), 24589/tcp, 5100/tcp (Socalia service mux), 28189/tcp, 37189/tcp, 4689/tcp (Altova DatabaseCentral), 39689/tcp, 33589/tcp, 32985/tcp, 60001/tcp, 5889/tcp, 37089/tcp, 13889/tcp, 27489/tcp, 1114/tcp (Mini SQL), 25489/tcp, 13389/tcp, 1124/tcp (HP VMM Control), 5114/tcp (Enterprise Vault Services), 2789/tcp (Media Agent), 29989/tcp, 2189/tcp, 11389/tcp, 7090/tcp, 27389/tcp, 7099/tcp (lazy-ptop), 10789/tcp, 5104/tcp, 11022/tcp, 1978/tcp (UniSQL), 55883/tcp, 3314/tcp (Unify Object Host), 12189/tcp, 389/tcp (Lightweight Directory Access Protocol), 29089/tcp, 35789/tcp, 1589/tcp (VQP), 2211/tcp (EMWIN), 25589/tcp, 16289/tcp, 29589/tcp, 3502/tcp (Avocent Install Discovery), 10015/tcp, 15089/tcp, 50001/tcp, 14189/tcp, 1630/tcp (Oracle Net8 Cman), 36489/tcp, 15289/tcp, 36689/tcp, 1818/tcp (Enhanced Trivial File Transfer Protocol), 1689/tcp (firefox), 38289/tcp, 22189/tcp, 12089/tcp, 32989/tcp, 2017/tcp (cypress-stat), 10389/tcp, 32889/tcp, 38089/tcp, 30889/tcp, 2289/tcp (Lookup dict server), 1101/tcp (PT2-DISCOVER), 1200/tcp (SCOL), 40689/tcp, 3309/tcp (TNS ADV), 10089/tcp, 40489/tcp, 11889/tcp, 2390/tcp (RSMTP), 22789/tcp, 26589/tcp, 3650/tcp (PRISMIQ VOD plug-in), 4789/tcp, 10211/tcp, 1089/tcp (FF Annunciation), 10989/tcp, 40389/tcp, 22989/tcp, 1189/tcp (Unet Connection), 1100/tcp (MCTP), 1489/tcp (dmdocbroker), 1026/tcp (Calendar Access Protocol), 5110/tcp, 22689/tcp, 6101/tcp (SynchroNet-rtc), 11189/tcp, 24889/tcp, 1169/tcp (TRIPWIRE), 34800/tcp, 2150/tcp (DYNAMIC3D), 3501/tcp (iSoft-P2P), 7095/tcp, 11689/tcp, 3649/tcp (Nishioka Miyuki Msg Protocol), 6489/tcp (Service Registry Default Admin Domain), 13392/tcp, 32189/tcp, 40000/tcp (SafetyNET p), 1111/tcp (LM Social Server), 3089/tcp (ParaTek Agent Linking), 3073/tcp (Very simple chatroom prot), 26689/tcp, 5103/tcp (Actifio C2C), 1025/tcp (network blackjack), 4489/tcp, 10289/tcp, 1011/tcp, 28389/tcp, 13689/tcp, 21689/tcp, 3839/tcp (AMX Resource Management Suite), 3366/tcp (Creative Partner), 14389/tcp, 12489/tcp, 1989/tcp (MHSnet system), 38889/tcp, 7096/tcp, 2020/tcp (xinupageserver), 3342/tcp (WebTIE), 3999/tcp (Norman distributes scanning service), 3789/tcp (RemoteDeploy Administration Port [July 2003]), 21889/tcp, 26489/tcp (EXOnet), 2889/tcp (RSOM), 22889/tcp, 4899/tcp (RAdmin Port), 24689/tcp, 32789/tcp, 5113/tcp, 2089/tcp (Security Encapsulation Protocol - SEP), 5109/tcp, 3002/tcp (RemoteWare Server), 32689/tcp, 3500/tcp (RTMP Port), 34789/tcp, 27289/tcp, 7098/tcp, 1457/tcp (Valisys License Manager), 23889/tcp, 5007/tcp (wsm server ssl), 31189/tcp, 27368/tcp.
      
BHD Honeypot
Port scan
2020-10-05

Port scan from IP: 193.27.229.92 detected by psad.
BHD Honeypot
Port scan
2020-09-29

In the last 24h, the attacker (193.27.229.92) attempted to scan 242 ports.
The following ports have been scanned: 6689/tcp (Tofino Security Appliance), 33896/tcp, 35389/tcp, 33589/tcp, 9090/tcp (WebSM), 33849/tcp, 33829/tcp, 3421/tcp (Bull Apprise portmapper), 33189/tcp, 3317/tcp (VSAI PORT), 13389/tcp, 39389/tcp, 33879/tcp, 34389/tcp, 33859/tcp, 5589/tcp, 3369/tcp, 33833/tcp, 33289/tcp, 30389/tcp, 60000/tcp, 3000/tcp (RemoteWare Client), 31389/tcp, 33689/tcp, 33/tcp (Display Support Protocol), 3311/tcp (MCNS Tel Ret), 32389/tcp, 33869/tcp, 33389/tcp, 33898/tcp, 3392/tcp (EFI License Management), 33789/tcp, 36389/tcp, 33893/tcp, 3391/tcp (SAVANT), 33819/tcp, 23389/tcp, 33809/tcp, 33489/tcp, 33089/tcp, 33989/tcp, 63389/tcp, 3381/tcp (Geneous), 40000/tcp (SafetyNET p), 43389/tcp, 33892/tcp, 3472/tcp (JAUGS N-G Remotec 1), 7777/tcp (cbt), 33897/tcp, 33891/tcp, 3333/tcp (DEC Notes), 3341/tcp (OMF data h), 3312/tcp (Application Management Server), 2020/tcp (xinupageserver), 38389/tcp, 33899/tcp, 33889/tcp, 53389/tcp, 3399/tcp (CSMS), 2006/tcp (invokator), 3500/tcp (RTMP Port), 37389/tcp, 33894/tcp, 3461/tcp (EDM Stager).
      
BHD Honeypot
Port scan
2020-09-29

Port scan from IP: 193.27.229.92 detected by psad.
BHD Honeypot
Port scan
2020-09-02

In the last 24h, the attacker (193.27.229.92) attempted to scan 963 ports.
The following ports have been scanned: 11989/tcp, 6689/tcp (Tofino Security Appliance), 17888/tcp, 38989/tcp, 1515/tcp (ifor-protocol), 8088/tcp (Radan HTTP), 14489/tcp, 8228/tcp, 555/tcp (dsf), 8855/tcp, 1000/tcp (cadlock2), 2222/tcp (EtherNet/IP I/O), 33896/tcp, 3396/tcp (Printer Agent), 5858/tcp, 35389/tcp, 33589/tcp, 8181/tcp, 8668/tcp, 40888/tcp, 9090/tcp (WebSM), 7788/tcp, 33849/tcp, 13888/tcp, 241/tcp, 60001/tcp, 59999/tcp, 111/tcp (SUN Remote Procedure Call), 33829/tcp, 1789/tcp (hello), 33189/tcp, 22222/tcp, 41888/tcp, 4848/tcp (App Server - Admin HTTP), 43888/tcp, 60006/tcp, 46888/tcp, 3377/tcp (Cogsys Network License Manager), 9988/tcp (Software Essentials Secure HTTP server), 13389/tcp, 3344/tcp (BNT Manager), 47888/tcp, 30000/tcp, 39389/tcp, 12888/tcp, 6600/tcp (Microsoft Hyper-V Live Migration), 8448/tcp, 5555/tcp (Personal Agent), 8808/tcp, 2489/tcp (TSILB), 11389/tcp, 8082/tcp (Utilistor (Client)), 19999/tcp (Distributed Network Protocol - Secure), 33982/tcp, 6666/tcp, 33879/tcp, 8090/tcp, 34389/tcp, 12333/tcp, 37689/tcp, 42888/tcp, 6660/tcp, 7117/tcp, 64000/tcp, 33859/tcp, 4488/tcp (Apple Wide Area Connectivity Service ICE Bootstrap), 9898/tcp (MonkeyCom), 5589/tcp, 19888/tcp, 63000/tcp, 8866/tcp, 20000/tcp (DNP), 13390/tcp, 62000/tcp, 33833/tcp, 8844/tcp, 33289/tcp, 1988/tcp (cisco RSRB Priority 2 port), 222/tcp (Berkeley rshd with SPX auth), 999/tcp (puprouter), 6000/tcp (-6063/udp   X Window System), 14789/tcp, 8008/tcp (HTTP Alternate), 55883/tcp, 30389/tcp, 8013/tcp, 60000/tcp, 58888/tcp, 3000/tcp (RemoteWare Client), 61000/tcp, 3502/tcp (Avocent Install Discovery), 31389/tcp, 33689/tcp, 8060/tcp, 5439/tcp, 11111/tcp (Viral Computing Environment (VCE)), 8050/tcp, 8389/tcp, 50001/tcp, 8100/tcp (Xprint Server), 8089/tcp, 4000/tcp (Terabase), 8989/tcp (Sun Web Server SSL Admin Service), 15289/tcp, 38888/tcp, 1818/tcp (Enhanced Trivial File Transfer Protocol), 10001/tcp (SCP Configuration), 3434/tcp (OpenCM Server), 15888/tcp, 22189/tcp, 8800/tcp (Sun Web Server Admin Service), 3222/tcp (Gateway Load Balancing Pr), 777/tcp (Multiling HTTP), 12389/tcp, 50888/tcp, 32389/tcp, 53390/tcp, 5001/tcp (commplex-link), 10389/tcp, 32489/tcp, 33869/tcp, 888/tcp (CD Database Protocol), 10087/tcp, 33895/tcp, 33389/tcp, 33890/tcp, 1101/tcp (PT2-DISCOVER), 33898/tcp, 8998/tcp, 8081/tcp (Sun Proxy Admin Service), 61010/tcp, 5000/tcp (commplex-main), 8787/tcp (Message Server), 3309/tcp (TNS ADV), 8080/tcp (HTTP Alternate (see port 80)), 8040/tcp (Ampify Messaging Protocol), 14089/tcp, 2233/tcp (INFOCRYPT), 14689/tcp, 25289/tcp, 8686/tcp (Sun App Server - JMX/RMI), 28888/tcp, 10211/tcp, 8585/tcp, 51888/tcp, 11011/tcp, 33789/tcp, 13989/tcp, 31689/tcp, 13189/tcp, 8778/tcp, 36389/tcp, 44888/tcp, 33893/tcp, 1001/tcp, 2828/tcp (ITM License Manager), 40789/tcp, 1010/tcp (surf), 22089/tcp, 3391/tcp (SAVANT), 1189/tcp (Unet Connection), 1100/tcp (MCTP), 33819/tcp, 16888/tcp, 23389/tcp, 5110/tcp, 444/tcp (Simple Network Paging Protocol), 55555/tcp, 666/tcp (doom Id Software), 33809/tcp, 33489/tcp, 9966/tcp (OKI Data Network Setting Protocol), 8899/tcp (ospf-lite), 3355/tcp (Ordinox Dbase), 33089/tcp, 33989/tcp, 5588/tcp, 3501/tcp (iSoft-P2P), 6996/tcp, 3003/tcp (CGMS), 63389/tcp, 18888/tcp (APCNECMP), 5551/tcp, 8889/tcp (Desktop Data TCP 1), 8338/tcp, 8030/tcp, 12345/tcp (Italk Chat System), 8084/tcp, 13392/tcp, 3360/tcp (KV Server), 1234/tcp (Infoseek Search Agent), 40000/tcp (SafetyNET p), 43389/tcp, 8020/tcp (Intuit Entitlement Service and Discovery), 33892/tcp, 8010/tcp, 1111/tcp (LM Social Server), 7789/tcp (Office Tools Pro Receive), 7777/tcp (cbt), 8070/tcp, 33897/tcp, 4444/tcp (NV Video default), 26689/tcp, 8118/tcp (Privoxy HTTP proxy), 45888/tcp, 33891/tcp, 3333/tcp (DEC Notes), 65000/tcp, 4489/tcp, 39888/tcp, 1011/tcp, 48888/tcp, 14888/tcp, 13689/tcp, 1300/tcp (H323 Host Call Secure), 6699/tcp, 8822/tcp, 8811/tcp, 3366/tcp (Creative Partner), 8484/tcp, 8000/tcp (iRDMI), 44444/tcp, 8877/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 3838/tcp (Scito Object Server), 6868/tcp (Acctopus Command Channel), 8282/tcp, 8999/tcp (Brodos Crypto Trade Protocol), 33839/tcp, 10000/tcp (Network Data Management Protocol), 38389/tcp, 21889/tcp, 33899/tcp, 1987/tcp (cisco RSRB Priority 1 port), 333/tcp (Texar Security Port), 7878/tcp, 49888/tcp, 33333/tcp (Digital Gaslight Service), 3380/tcp (SNS Channels), 6688/tcp (CleverView for TCP/IP Message Service), 33889/tcp, 10889/tcp, 53389/tcp, 8383/tcp (M2m Services), 9999/tcp (distinct), 8880/tcp (CDDBP), 3289/tcp (ENPC), 10888/tcp, 3500/tcp (RTMP Port), 11888/tcp, 37389/tcp, 8085/tcp, 2000/tcp (Cisco SCCP), 10002/tcp (EMC-Documentum Content Server Product), 7098/tcp, 33894/tcp, 8086/tcp (Distributed SCADA Networking Rendezvous Port), 8094/tcp, 1212/tcp (lupa), 8833/tcp.
      
BHD Honeypot
Port scan
2020-09-01

Port scan from IP: 193.27.229.92 detected by psad.
BHD Honeypot
Port scan
2020-09-01

In the last 24h, the attacker (193.27.229.92) attempted to scan 127 ports.
The following ports have been scanned: 7093/tcp, 27589/tcp, 29189/tcp, 41414/tcp, 1999/tcp (cisco identification port), 1515/tcp (ifor-protocol), 56565/tcp, 2012/tcp (ttyinfo), 28189/tcp, 4689/tcp (Altova DatabaseCentral), 39689/tcp, 35389/tcp, 33589/tcp, 1889/tcp (Unify Web Adapter Service), 4889/tcp, 6289/tcp, 27789/tcp, 2105/tcp (MiniPay), 5889/tcp, 1789/tcp (hello), 30189/tcp, 52525/tcp, 33189/tcp, 30089/tcp, 38789/tcp, 589/tcp (EyeLink), 2013/tcp (raid-am), 2001/tcp (dc), 26789/tcp, 14289/tcp, 2189/tcp, 1994/tcp (cisco serial tunnel port), 2489/tcp (TSILB), 1995/tcp (cisco perf port), 4189/tcp (Path Computation Element Communication Protocol), 19999/tcp (Distributed Network Protocol - Secure), 7091/tcp, 28089/tcp, 38902/tcp, 1985/tcp (Hot Standby Router Protocol), 33289/tcp, 24989/tcp, 26289/tcp, 25789/tcp, 30088/tcp, 1982/tcp (Evidentiary Timestamp), 28989/tcp, 12189/tcp, 12689/tcp, 7101/tcp (Embedded Light Control Network), 2389/tcp (OpenView Session Mgr), 5489/tcp, 35989/tcp, 189/tcp (Queued File Transport), 5656/tcp, 10015/tcp, 2009/tcp (news), 4000/tcp (Terabase), 39489/tcp, 36489/tcp, 22589/tcp, 36989/tcp, 38289/tcp, 27045/tcp, 5111/tcp (TAEP AS service), 23989/tcp, 38089/tcp, 30889/tcp, 6390/tcp (MetaEdit+ WebService API), 5000/tcp (commplex-main), 40689/tcp, 11889/tcp, 3689/tcp (Digital Audio Access Protocol), 36969/tcp, 22789/tcp, 2989/tcp (ZARKOV Intelligent Agent Communication), 11011/tcp, 5989/tcp (WBEM CIM-XML (HTTPS)), 3030/tcp (Arepa Cas), 38189/tcp, 5107/tcp, 1189/tcp (Unet Connection), 1100/tcp (MCTP), 1489/tcp (dmdocbroker), 31589/tcp, 3888/tcp (Ciphire Services), 6101/tcp (SynchroNet-rtc), 47474/tcp, 11189/tcp, 27189/tcp, 37589/tcp, 32000/tcp, 38999/tcp, 27089/tcp, 33089/tcp, 39999/tcp, 38589/tcp, 37289/tcp, 58585/tcp, 34289/tcp, 40289/tcp, 3889/tcp (D and V Tester Control Port), 40000/tcp (SafetyNET p), 23289/tcp, 1111/tcp (LM Social Server), 1389/tcp (Document Manager), 4089/tcp (OpenCORE Remote Control Service), 5689/tcp (QM video network management protocol), 38389/tcp, 15589/tcp, 3789/tcp (RemoteDeploy Administration Port [July 2003]), 1987/tcp (cisco RSRB Priority 1 port), 46464/tcp, 5105/tcp, 53389/tcp, 5112/tcp (PeerMe Msg Cmd Service), 4899/tcp (RAdmin Port), 11289/tcp, 34789/tcp, 43434/tcp, 37389/tcp, 689/tcp (NMAP).
      
BHD Honeypot
Port scan
2020-08-31

In the last 24h, the attacker (193.27.229.92) attempted to scan 25 ports.
The following ports have been scanned: 3589/tcp (isomair), 1999/tcp (cisco identification port), 4889/tcp, 5889/tcp, 4289/tcp, 1982/tcp (Evidentiary Timestamp), 1997/tcp (cisco Gateway Discovery Protocol), 189/tcp (Queued File Transport), 2989/tcp (ZARKOV Intelligent Agent Communication), 2015/tcp (cypress), 47474/tcp, 2689/tcp (FastLynx), 2004/tcp (mailbox), 3889/tcp (D and V Tester Control Port), 3089/tcp (ParaTek Agent Linking), 2121/tcp (SCIENTIA-SSDB), 1984/tcp (BB), 5389/tcp, 3789/tcp (RemoteDeploy Administration Port [July 2003]), 2889/tcp (RSOM), 1900/tcp (SSDP), 2006/tcp (invokator), 2010/tcp (search).
      
BHD Honeypot
Port scan
2020-08-28

In the last 24h, the attacker (193.27.229.92) attempted to scan 26 ports.
The following ports have been scanned: 17888/tcp, 30000/tcp, 12333/tcp, 20000/tcp (DNP), 222/tcp (Berkeley rshd with SPX auth), 30389/tcp, 10001/tcp (SCP Configuration), 10087/tcp, 2233/tcp (INFOCRYPT), 3378/tcp (WSICOPY), 11011/tcp, 23389/tcp, 33489/tcp, 33089/tcp, 12345/tcp (Italk Chat System), 3360/tcp (KV Server), 10000/tcp (Network Data Management Protocol), 333/tcp (Texar Security Port), 33333/tcp (Digital Gaslight Service), 3289/tcp (ENPC), 10888/tcp.
      
BHD Honeypot
Port scan
2020-08-27

Port scan from IP: 193.27.229.92 detected by psad.

Blacklist

Near real-time, easy to use data feed containing IPs reported on our website.

Bronze

$3

Updated daily

Learn More

Silver

$15

Updated every hour

Learn More

Gold

$30

Updated every 10 minutes

Learn More

Remarks

Black hat directory contains this IP address, because Internet users reported it as an address making unsolicited, nagging requests. We make every effort to ensure that the information contained in the Black hat directory are correct and up to date. The database is developed and updated by Internet users and moderators.

If you have any reliable information regarding malicious activity originating from this IP address, please share it with others and fill in the 'Report breach' form. It is prohibited from adding personally identifiable information.

Below breach categories are used in the database:

  • Denial of service attack - this attack is accomplished by flooding the target with massive amount of requests in order to overload the targeted system
  • Brute force attack - this category encompasses attempts to login to machine by trying many passwords and usernames
  • Backdoor attack - this category represents bypassing authentication by hidden programs or services to obtain remote access to a computer or trojan activity
  • Port scan - represents attackers identifying running services on the targeted machine by probing a server for open ports
  • Malicious bot - this category encompasses all bots performing unsolicited requests or ignoring robots.txt file
  • Anonymous proxy - public proxies like Tor, I2P relays or anonymous VPNs are often used by attacker to hide his identity
  • Web attack - attempts to exploit web application security flaws
  • CMS attack - attempts to exploit CMS vulnerability
  • App vulnerability attack - attempts to exploit other applications vulnerability
  • Web spam - encompasses all kind of HTTP spamming
  • Email spam - encompasses all kind of E-mail spamming
  • Dodgy activity - this category encompasses superfluous, dodgy requests

Emerging threats

The most commonly reported IP addresses in the last 24 hours

Report breach!

Rate host 193.27.229.92