IP address: 213.217.0.5

Host rating:

2.0

out of 12 votes

Last update: 2020-01-24

Host details

Unknown
Russia
Unknown
Unknown
See comments

Reported breaches

  • Port scan
Report breach

Whois record

The publicly-available Whois record found at whois.ripe.net server.

% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
%       To receive output for a database update, use the "-B" flag.

% Information related to '213.217.0.0 - 213.217.1.255'

% Abuse contact for '213.217.0.0 - 213.217.1.255' is '[email protected]'

inetnum:        213.217.0.0 - 213.217.1.255
netname:        RU-HOSTWAY-20191218
country:        RU
org:            ORG-HL233-RIPE
admin-c:        HA4371-RIPE
tech-c:         HA4371-RIPE
status:         ASSIGNED PA
mnt-by:         IP-RIPE
created:        2019-12-18T14:50:03Z
last-modified:  2020-05-14T10:09:22Z
source:         RIPE

% Information related to '213.217.0.0/23AS50340'

route:          213.217.0.0/23
origin:         AS50340
mnt-by:         IP-RIPE
created:        2019-12-19T22:01:20Z
last-modified:  2019-12-19T22:01:20Z
source:         RIPE

% This query was served by the RIPE Database Query Service version 1.97.1 (WAGYU)


User comments

12 security incident(s) reported by users

BHD Honeypot
Port scan
2020-01-24

In the last 24h, the attacker (213.217.0.5) attempted to scan 529 ports.
The following ports have been scanned: 8835/tcp, 7584/tcp, 3352/tcp (Scalable SQL), 7274/tcp (OMA Roaming Location SEC), 7455/tcp, 7633/tcp (PMDF Management), 9944/tcp, 4033/tcp (SANavigator Peer Port), 6655/tcp (PC SOFT - Software factory UI/manager), 7729/tcp, 6667/tcp, 9018/tcp, 9940/tcp, 6001/tcp, 7468/tcp, 8088/tcp (Radan HTTP), 7744/tcp (RAQMON PDU), 7125/tcp, 7483/tcp, 8032/tcp (ProEd), 6011/tcp, 8873/tcp (dxspider linking protocol), 7676/tcp (iMQ Broker Rendezvous), 7678/tcp, 7008/tcp (server-to-server updater), 7532/tcp, 7277/tcp (OMA Internal Location Secure Protocol), 6671/tcp (P4P Portal Service), 5516/tcp, 4052/tcp (VoiceConnect Interact), 6636/tcp, 7350/tcp, 8072/tcp, 7289/tcp, 9090/tcp (WebSM), 8862/tcp, 5013/tcp (FileMaker, Inc. - Proprietary transport), 6610/tcp, 3395/tcp (Dyna License Manager (Elam)), 9982/tcp, 7265/tcp, 6079/tcp, 7427/tcp (OpenView DM Event Agent Manager), 8871/tcp, 3421/tcp (Bull Apprise portmapper), 7288/tcp, 7661/tcp, 6629/tcp, 7207/tcp, 8851/tcp, 7046/tcp, 7513/tcp, 5008/tcp (Synapsis EDGE), 4002/tcp (pxc-spvr-ft), 9904/tcp, 7313/tcp, 8813/tcp, 3444/tcp (Denali Server), 5509/tcp, 4041/tcp (Rocketeer-Houston), 7705/tcp, 7408/tcp, 8098/tcp, 9060/tcp, 6627/tcp (Allied Electronics NeXGen), 7687/tcp, 3431/tcp (Active License Server Port), 7363/tcp, 8809/tcp, 7795/tcp, 4038/tcp (Fazzt Point-To-Point), 7775/tcp, 9040/tcp, 7552/tcp, 9903/tcp, 7533/tcp, 7659/tcp, 9986/tcp, 8845/tcp, 7577/tcp, 7103/tcp, 9062/tcp, 6649/tcp, 7757/tcp, 7033/tcp, 7411/tcp, 7778/tcp (Interwise), 6694/tcp, 4039/tcp (Fazzt Administration), 5522/tcp, 6686/tcp, 7469/tcp, 8048/tcp, 9038/tcp, 7695/tcp, 4405/tcp (ASIGRA Televaulting Message Level Restore service), 7077/tcp, 7610/tcp, 7793/tcp, 8082/tcp (Utilistor (Client)), 8023/tcp, 7047/tcp, 7719/tcp, 7366/tcp, 7430/tcp (OpenView DM xmpv7 api pipe), 7786/tcp (MINIVEND), 7340/tcp, 8897/tcp, 7465/tcp, 4030/tcp (Accell/JSP Daemon Port), 7099/tcp (lazy-ptop), 7061/tcp, 6660/tcp, 7603/tcp, 7522/tcp, 7623/tcp, 6093/tcp, 7574/tcp, 7365/tcp (LifeKeeper Communications), 7514/tcp, 9995/tcp (Palace-4), 8810/tcp, 7315/tcp, 4088/tcp (Noah Printing Service Protocol), 5524/tcp, 9923/tcp, 4049/tcp (Wide Area File Services), 6066/tcp (EWCTSP), 7521/tcp, 7086/tcp, 7791/tcp, 7131/tcp, 7245/tcp, 7630/tcp (HA Web Konsole), 7480/tcp, 6073/tcp (DirectPlay8), 4001/tcp (NewOak), 7481/tcp, 4059/tcp (DLMS/COSEM), 7285/tcp, 7507/tcp, 7278/tcp (OMA Dynamic Content Delivery over CBS), 4013/tcp (ACL Manager), 7101/tcp (Embedded Light Control Network), 7402/tcp (RTPS Data-Distribution Meta-Traffic), 8849/tcp, 9942/tcp, 7189/tcp, 6020/tcp, 7436/tcp, 7653/tcp, 7444/tcp, 7304/tcp, 3447/tcp (DirectNet IM System), 8027/tcp, 6677/tcp, 6090/tcp, 7494/tcp, 9017/tcp, 7639/tcp, 7783/tcp, 5017/tcp, 3348/tcp (Pangolin Laser), 7732/tcp, 6604/tcp, 8031/tcp, 7624/tcp (Instrument Neutral Distributed Interface), 7160/tcp, 3405/tcp (Nokia Announcement ch 1), 4044/tcp (Location Tracking Protocol), 4012/tcp (PDA Gate), 7515/tcp, 9914/tcp, 8060/tcp, 7763/tcp, 3436/tcp (GuardControl Exchange Protocol), 7188/tcp, 7172/tcp, 7312/tcp, 8856/tcp, 7654/tcp, 3372/tcp (TIP 2), 7689/tcp (Collaber Network Service), 9905/tcp, 4406/tcp (ASIGRA Televaulting DS-Sleeper Service), 5016/tcp, 7023/tcp (Comtech T2 NMCS), 7251/tcp, 7324/tcp, 7314/tcp, 9957/tcp, 9065/tcp, 6625/tcp (DataScaler control), 7599/tcp, 7426/tcp (OpenView DM Postmaster Manager), 6620/tcp (Kerberos V5 FTP Data), 3448/tcp (Discovery and Net Config), 5504/tcp (fcp-cics-gw1), 8834/tcp, 8826/tcp, 7212/tcp, 7596/tcp, 8837/tcp, 7431/tcp (OpenView DM ovc/xmpv3 api pipe), 6634/tcp, 9936/tcp, 4085/tcp (EZNews Newsroom Message Service), 6696/tcp, 4409/tcp (Net-Cabinet comunication), 7111/tcp, 7227/tcp (Registry A & M Protocol), 5511/tcp, 6069/tcp (TRIP), 3414/tcp (BroadCloud WIP Port), 4054/tcp (CosmoCall Universe Communications Port 2), 6097/tcp, 9083/tcp (EMC PowerPath Mgmt Service), 7648/tcp (bonjour-cuseeme), 7036/tcp, 8071/tcp, 7260/tcp, 7048/tcp, 8861/tcp, 7311/tcp, 6654/tcp, 9953/tcp (9953), 7779/tcp (VSTAT), 7405/tcp, 9012/tcp, 6612/tcp, 10007/tcp (MVS Capacity), 7556/tcp, 9025/tcp (Secure Web Access - 3), 4404/tcp (ASIGRA Televaulting DS-System Monitoring/Management), 7389/tcp, 8838/tcp, 8079/tcp, 8080/tcp (HTTP Alternate (see port 80)), 7135/tcp, 7504/tcp, 4095/tcp (xtgui information service), 9082/tcp, 7005/tcp (volume managment server), 6692/tcp, 7179/tcp, 7261/tcp, 4025/tcp (Partition Image Port), 7382/tcp, 9983/tcp, 9054/tcp, 7153/tcp, 7390/tcp, 6632/tcp (eGenix mxODBC Connect), 6071/tcp (SSDTP), 7613/tcp, 3335/tcp (Direct TV Software Updates), 8034/tcp (.vantronix Management), 6084/tcp (Peer to Peer Infrastructure Protocol), 9014/tcp, 7484/tcp, 8824/tcp, 6683/tcp, 4093/tcp (Pvx Plus CS Host), 4053/tcp (CosmoCall Universe Communications Port 1), 6684/tcp, 7014/tcp (Microtalon Communications), 3438/tcp (Spiralcraft Admin), 9051/tcp (Fusion-io Central Manager Service), 7301/tcp, 7328/tcp, 7442/tcp, 4003/tcp (pxc-splr-ft), 7393/tcp (nFoldMan Remote Publish), 7415/tcp, 5021/tcp (zenginkyo-2), 7776/tcp, 7361/tcp, 7198/tcp, 7348/tcp, 7419/tcp, 6014/tcp, 7780/tcp, 7021/tcp (DP Serve Admin), 7364/tcp, 7429/tcp (OpenView DM rqt communication), 7038/tcp, 9027/tcp, 6074/tcp (Microsoft Max), 7664/tcp, 7051/tcp, 7341/tcp, 8002/tcp (Teradata ORDBMS), 7454/tcp, 7157/tcp, 7536/tcp, 7558/tcp, 4061/tcp (Ice Location Service (TCP)), 7506/tcp, 7572/tcp, 9015/tcp, 7166/tcp (Aruba eDiscovery Server), 6645/tcp, 7693/tcp, 7523/tcp, 9010/tcp (Secure Data Replicator Protocol), 4402/tcp (ASIGRA Televaulting DS-Client Service), 6690/tcp, 7302/tcp, 8899/tcp (ospf-lite), 6626/tcp (WAGO Service and Update), 9920/tcp, 6081/tcp, 9971/tcp, 6679/tcp, 7710/tcp, 8847/tcp, 9041/tcp, 7447/tcp, 7587/tcp, 3449/tcp (HotU Chat), 8036/tcp, 6004/tcp, 7544/tcp (FlowAnalyzer DisplayServer), 9064/tcp, 7007/tcp (basic overseer process), 7343/tcp, 8889/tcp (Desktop Data TCP 1), 7609/tcp, 8030/tcp, 7758/tcp, 7174/tcp (Clutild), 7585/tcp, 4040/tcp (Yo.net main service), 7064/tcp, 7305/tcp, 3418/tcp (Remote nmap), 9068/tcp, 7642/tcp, 6015/tcp, 4009/tcp (Chimera HWM), 7253/tcp, 7049/tcp, 8865/tcp, 4087/tcp (APplus Service), 7796/tcp, 7417/tcp, 6646/tcp, 6607/tcp, 7562/tcp, 7395/tcp (winqedit), 7137/tcp, 7072/tcp, 3333/tcp (DEC Notes), 8033/tcp (MindPrint), 6659/tcp, 5519/tcp, 9077/tcp, 5520/tcp, 3440/tcp (Net Steward Mgmt Console), 7001/tcp (callbacks to cache managers), 7476/tcp, 6614/tcp, 7185/tcp, 6699/tcp, 8822/tcp, 3402/tcp (FXa Engine Network Port), 7242/tcp, 6651/tcp, 7381/tcp, 8046/tcp, 8007/tcp, 8877/tcp, 7326/tcp, 9069/tcp, 8864/tcp, 7228/tcp, 8035/tcp, 8850/tcp, 9961/tcp, 7434/tcp, 7068/tcp, 7538/tcp, 7416/tcp, 7458/tcp, 9994/tcp (OnLive-3), 7731/tcp, 6664/tcp, 7182/tcp, 7520/tcp, 6099/tcp (RAXA Management), 4073/tcp (iRAPP Server Protocol), 7055/tcp, 9929/tcp, 6067/tcp, 7495/tcp, 8097/tcp (SAC Port Id), 7797/tcp (Propel Connector port), 7499/tcp, 7248/tcp, 8047/tcp, 7109/tcp, 7221/tcp, 7756/tcp, 7071/tcp (IWGADTS Aircraft Housekeeping Message), 8004/tcp, 7226/tcp, 6688/tcp (CleverView for TCP/IP Message Service), 8059/tcp (Senomix Timesheets Client [1 year assignment]), 9003/tcp, 8863/tcp, 7560/tcp (Sniffer Command Protocol), 9029/tcp, 9002/tcp (DynamID authentication), 7034/tcp, 7105/tcp, 7509/tcp (ACPLT - process automation service), 7611/tcp, 7457/tcp, 7432/tcp, 7559/tcp, 3375/tcp (VSNM Agent), 6658/tcp, 8099/tcp, 7428/tcp (OpenView DM Log Agent Manager), 7713/tcp, 9992/tcp (OnLive-1), 7330/tcp, 6608/tcp, 7650/tcp, 8061/tcp, 7378/tcp, 8836/tcp, 7380/tcp, 8022/tcp (oa-system), 7010/tcp (onlinet uninterruptable power supplies), 7040/tcp, 7418/tcp, 7006/tcp (error interpretation service), 9042/tcp, 8017/tcp, 7098/tcp, 7075/tcp, 8051/tcp, 4050/tcp (Wide Area File Services), 5007/tcp (wsm server ssl), 7239/tcp, 7467/tcp.
      
BHD Honeypot
Port scan
2020-01-23

In the last 24h, the attacker (213.217.0.5) attempted to scan 2474 ports.
The following ports have been scanned: 9023/tcp (Secure Web Access - 1), 7344/tcp, 8835/tcp, 7636/tcp, 7584/tcp, 7254/tcp, 7362/tcp, 8074/tcp (Gadu-Gadu), 7686/tcp, 8005/tcp (MXI Generation II for z/OS), 6689/tcp (Tofino Security Appliance), 6087/tcp (Local Download Sharing Service), 7128/tcp (intelligent data manager), 7333/tcp, 8857/tcp, 5513/tcp, 7633/tcp (PMDF Management), 9944/tcp, 7165/tcp (Document WCF Server), 7093/tcp, 7215/tcp, 7712/tcp, 4033/tcp (SANavigator Peer Port), 7178/tcp, 7210/tcp, 7169/tcp (Consequor Consulting Process Integration Bridge), 7255/tcp, 7679/tcp, 8012/tcp, 9906/tcp, 9050/tcp (Versiera Agent Listener), 10010/tcp (ooRexx rxapi services), 7729/tcp, 6667/tcp, 7753/tcp, 9076/tcp, 5518/tcp, 7270/tcp, 7700/tcp (EM7 Secure Communications), 6621/tcp (Kerberos V5 FTP Control), 10005/tcp (EMC Replication Manager Server), 9990/tcp (OSM Applet Server), 6016/tcp, 9021/tcp (Pangolin Identification), 9005/tcp, 7690/tcp, 7691/tcp, 6018/tcp, 9093/tcp, 7004/tcp (AFS/Kerberos authentication service), 8896/tcp, 9978/tcp, 8088/tcp (Radan HTTP), 7744/tcp (RAQMON PDU), 6669/tcp, 4018/tcp (Talarian Mcast), 9047/tcp, 7697/tcp (KLIO communications), 5529/tcp, 3398/tcp (Mercantile), 6075/tcp (Microsoft DPM Access Control Manager), 9009/tcp (Pichat Server), 8854/tcp, 9072/tcp, 9092/tcp (Xml-Ipc Server Reg), 8018/tcp, 9096/tcp, 8032/tcp (ProEd), 6011/tcp, 9941/tcp, 8855/tcp, 9924/tcp, 4027/tcp (bitxpress), 5517/tcp, 7676/tcp (iMQ Broker Rendezvous), 8078/tcp, 7678/tcp, 7787/tcp (Popup Reminders Receive), 7008/tcp (server-to-server updater), 9900/tcp (IUA), 8853/tcp, 9907/tcp, 3396/tcp (Printer Agent), 7692/tcp, 9000/tcp (CSlistener), 7782/tcp, 7701/tcp, 7532/tcp, 6671/tcp (P4P Portal Service), 5516/tcp, 8825/tcp, 4052/tcp (VoiceConnect Interact), 7081/tcp, 3358/tcp (Mp Sys Rmsvr), 7370/tcp, 7696/tcp, 4098/tcp (drmsfsd), 3359/tcp (WG NetForce), 8021/tcp (Intuit Entitlement Client), 6642/tcp, 6630/tcp, 7734/tcp (Smith Protocol over IP), 6687/tcp (CleverView for cTrace Message Service), 7197/tcp, 7295/tcp, 7553/tcp, 6065/tcp (WinPharaoh), 7088/tcp, 6601/tcp (Microsoft Threat Management Gateway SSTP), 9089/tcp (IBM Informix SQL Interface - Encrypted), 7350/tcp, 7433/tcp, 7057/tcp, 7173/tcp (zSecure Server), 7139/tcp, 7092/tcp, 3323/tcp, 7100/tcp (X Font Service), 5013/tcp (FileMaker, Inc. - Proprietary transport), 7658/tcp, 4400/tcp (ASIGRA Services), 4006/tcp (pxc-spvr), 7764/tcp, 10011/tcp, 7540/tcp, 6610/tcp, 7316/tcp, 3321/tcp (VNSSTR), 3390/tcp (Distributed Service Coordinator), 7728/tcp, 3324/tcp, 7608/tcp, 7146/tcp, 9982/tcp, 9006/tcp, 9022/tcp (PrivateArk Remote Agent), 8815/tcp, 7788/tcp, 3364/tcp (Creative Server), 9927/tcp, 4090/tcp (OMA BCAST Service Guide), 4051/tcp (Cisco Peer to Peer Distribution Protocol), 6009/tcp, 7200/tcp (FODMS FLIP), 7339/tcp, 6079/tcp, 7438/tcp, 9019/tcp, 7204/tcp, 7685/tcp, 7762/tcp, 10028/tcp, 3409/tcp (NetworkLens Event Port), 8011/tcp, 8044/tcp (FireScope Management Interface), 8801/tcp, 7614/tcp, 10023/tcp, 8041/tcp, 7288/tcp, 9993/tcp (OnLive-2), 7666/tcp, 9943/tcp, 3317/tcp (VSAI PORT), 7462/tcp, 8851/tcp, 8014/tcp, 4046/tcp (Accounting Protocol), 7032/tcp, 7401/tcp (RTPS Data-Distribution User-Traffic), 7534/tcp, 6086/tcp (PDTP P2P), 7513/tcp, 8087/tcp (Simplify Media SPP Protocol), 3356/tcp (UPNOTIFYPS), 4002/tcp (pxc-spvr-ft), 4068/tcp (IP Fleet Broadcast), 6691/tcp, 9904/tcp, 7470/tcp, 3345/tcp (Influence), 7519/tcp, 7781/tcp (accu-lmgr), 8049/tcp, 8813/tcp, 7598/tcp, 7531/tcp, 7056/tcp, 7054/tcp, 9975/tcp, 7530/tcp, 3444/tcp (Denali Server), 7535/tcp, 10024/tcp, 7478/tcp, 3377/tcp (Cogsys Network License Manager), 5514/tcp, 7003/tcp (volume location database), 8064/tcp, 8802/tcp, 4041/tcp (Rocketeer-Houston), 7705/tcp, 7408/tcp, 7039/tcp, 9011/tcp, 6698/tcp, 9060/tcp, 7647/tcp, 5525/tcp, 3344/tcp (BNT Manager), 7203/tcp, 3431/tcp (Active License Server Port), 3403/tcp, 10021/tcp, 7159/tcp, 7629/tcp (OpenXDAS Wire Protocol), 4008/tcp (NetCheque accounting), 7595/tcp, 8809/tcp, 6640/tcp, 7030/tcp (ObjectPlanet probe), 7795/tcp, 8885/tcp, 7074/tcp, 7775/tcp, 9040/tcp, 7552/tcp, 7549/tcp (Network Layer Signaling Transport Layer), 7190/tcp, 7281/tcp (ITACTIONSERVER 2), 7320/tcp, 7674/tcp (iMQ SSL tunnel), 7336/tcp, 7605/tcp, 7352/tcp, 8842/tcp, 7533/tcp, 7659/tcp, 4067/tcp (Information Distribution Protocol), 7167/tcp (CA SRM Agent), 7292/tcp, 9986/tcp, 7579/tcp, 8852/tcp, 4014/tcp (TAICLOCK), 7708/tcp (scientia.net), 7612/tcp, 8818/tcp, 3343/tcp (MS Cluster Net), 9001/tcp (ETL Service Manager), 7577/tcp, 7346/tcp, 7103/tcp, 8053/tcp (Senomix Timesheets Client [1 year assignment]), 3407/tcp (LDAP admin server port), 8093/tcp, 8846/tcp, 9059/tcp, 7757/tcp, 7033/tcp, 6619/tcp (ODETTE-FTP over TLS/SSL), 6600/tcp (Microsoft Hyper-V Live Migration), 7778/tcp (Interwise), 9024/tcp (Secure Web Access - 2), 6694/tcp, 9037/tcp, 5020/tcp (zenginkyo-1), 4039/tcp (Fazzt Administration), 5522/tcp, 7319/tcp, 7126/tcp, 7576/tcp, 7469/tcp, 7571/tcp, 7397/tcp (Hexarc Command Language), 5010/tcp (TelepathStart), 7474/tcp, 7575/tcp, 8048/tcp, 9038/tcp, 7773/tcp, 7610/tcp, 7414/tcp, 3363/tcp (NATI Vi Server), 7673/tcp (iMQ STOMP Server over SSL), 9967/tcp, 10009/tcp (Systemwalker Desktop Patrol), 7372/tcp, 7184/tcp, 8023/tcp, 8063/tcp, 3426/tcp (Arkivio Storage Protocol), 7115/tcp, 7719/tcp, 7091/tcp, 4094/tcp (sysrq daemon), 7366/tcp, 7430/tcp (OpenView DM xmpv7 api pipe), 5512/tcp, 7786/tcp (MINIVEND), 8068/tcp, 6666/tcp, 7340/tcp, 7420/tcp, 7440/tcp, 7606/tcp, 8090/tcp, 7466/tcp, 7646/tcp, 7090/tcp, 7465/tcp, 7518/tcp, 7219/tcp, 4030/tcp (Accell/JSP Daemon Port), 8820/tcp, 7099/tcp (lazy-ptop), 7061/tcp, 3404/tcp, 8860/tcp, 6660/tcp, 7163/tcp (CA Connection Broker), 9945/tcp, 9020/tcp (TAMBORA), 7070/tcp (ARCP), 6072/tcp (DIAGNOSE-PROC), 7603/tcp, 9095/tcp, 7768/tcp, 7117/tcp, 7525/tcp, 7151/tcp, 7332/tcp, 8878/tcp, 7522/tcp, 7623/tcp, 4035/tcp (WAP Push OTA-HTTP port), 6093/tcp, 7574/tcp, 9098/tcp, 7505/tcp, 7723/tcp, 3330/tcp (MCS Calypso ICF), 7424/tcp, 7282/tcp (eventACTION/ussACTION (MZCA) server), 7680/tcp (Pando Media Public Distribution), 8831/tcp, 9965/tcp, 7464/tcp, 9056/tcp, 3412/tcp (xmlBlaster), 7655/tcp, 10003/tcp (EMC-Documentum Content Server Product), 7087/tcp, 7365/tcp (LifeKeeper Communications), 7545/tcp (FlowAnalyzer UtilityServer), 7121/tcp (Virtual Prototypes License Manager), 7514/tcp, 3369/tcp, 9995/tcp (Palace-4), 9973/tcp, 8866/tcp, 6680/tcp, 9081/tcp, 7375/tcp, 7675/tcp (iMQ Tunnel), 7043/tcp, 6068/tcp (GSMP), 7702/tcp, 5015/tcp (FileMaker, Inc. - Web publishing), 8810/tcp, 9935/tcp, 4079/tcp (SANtools Diagnostic Server), 7132/tcp, 10008/tcp (Octopus Multiplexer), 7569/tcp (Dell EqualLogic Host Group Management), 7741/tcp (ScriptView Network), 6089/tcp, 7315/tcp, 3424/tcp (xTrade over TLS/SSL), 6674/tcp, 7727/tcp (Trident Systems Data), 7632/tcp, 9923/tcp, 7521/tcp, 7273/tcp (OMA Roaming Location), 7086/tcp, 7241/tcp, 8839/tcp, 6091/tcp, 7791/tcp, 7373/tcp, 3339/tcp (OMF data l), 7749/tcp, 7009/tcp (remote cache manager service), 3315/tcp (CDID), 6000/tcp (-6063/udp   X Window System), 9074/tcp, 3446/tcp (3Com FAX RPC port), 7131/tcp, 7310/tcp, 7245/tcp, 3379/tcp (SOCORFS), 7683/tcp, 7630/tcp (HA Web Konsole), 8008/tcp (HTTP Alternate), 8821/tcp, 6003/tcp, 3314/tcp (Unify Object Host), 7480/tcp, 4001/tcp (NewOak), 7222/tcp, 4059/tcp (DLMS/COSEM), 5505/tcp (Checkout Database), 7285/tcp, 7278/tcp (OMA Dynamic Content Delivery over CBS), 7236/tcp, 9073/tcp, 3406/tcp (Nokia Announcement ch 2), 4013/tcp (ACL Manager), 7175/tcp, 4074/tcp (Cequint City ID UI trigger), 7011/tcp (Talon Discovery Port), 7422/tcp, 7568/tcp, 7150/tcp, 4045/tcp (Network Paging Protocol), 7628/tcp (Primary Agent Work Notification), 6681/tcp, 7450/tcp, 6020/tcp, 6635/tcp, 3429/tcp (GCSP user port), 3428/tcp (2Wire CSS), 9934/tcp, 7436/tcp, 5009/tcp (Microsoft Windows Filesystem), 7089/tcp, 8019/tcp (QB DB Dynamic Port), 9919/tcp, 7444/tcp, 8013/tcp, 7304/tcp, 9918/tcp, 8891/tcp (Desktop Data TCP 3: NESS application), 9067/tcp, 8027/tcp, 6062/tcp, 7555/tcp, 6677/tcp, 6090/tcp, 5521/tcp, 9989/tcp, 7639/tcp, 8055/tcp (Senomix Timesheets Server [1 year assignment]), 7783/tcp, 6693/tcp, 7355/tcp, 5017/tcp, 3348/tcp (Pangolin Laser), 6615/tcp, 7732/tcp, 4076/tcp (Seraph DCS), 6604/tcp, 3349/tcp (Chevin Services), 7590/tcp, 7755/tcp, 4060/tcp (DSMETER Inter-Agent Transfer Channel), 7511/tcp (pafec-lm), 8031/tcp, 7069/tcp, 7624/tcp (Instrument Neutral Distributed Interface), 9094/tcp, 3302/tcp (MCS Fastmail), 7102/tcp, 7206/tcp, 9984/tcp, 7160/tcp, 3405/tcp (Nokia Announcement ch 1), 4044/tcp (Location Tracking Protocol), 7735/tcp, 7799/tcp (Alternate BSDP Service), 3332/tcp (MCS Mail Server), 9057/tcp, 7604/tcp, 4022/tcp (DNOX), 10015/tcp, 10020/tcp, 7763/tcp, 7394/tcp (File system export of backup images), 8050/tcp, 4047/tcp (Context Transfer Protocol), 8884/tcp, 7172/tcp, 7019/tcp, 3376/tcp (CD Broker), 7312/tcp, 10013/tcp, 4021/tcp (Nexus Portal), 4408/tcp (SLS Technology Control Centre), 9946/tcp, 5510/tcp, 3373/tcp (Lavenir License Manager), 9947/tcp, 9080/tcp (Groove GLRPC), 7360/tcp, 8089/tcp, 4077/tcp, 8856/tcp, 9908/tcp, 7654/tcp, 7246/tcp, 3347/tcp (Phoenix RPC), 7176/tcp, 5011/tcp (TelepathAttack), 4000/tcp (Terabase), 9058/tcp, 5526/tcp, 7106/tcp, 10017/tcp, 3372/tcp (TIP 2), 4028/tcp (DTServer Port), 7154/tcp, 7524/tcp, 7031/tcp, 9962/tcp, 9960/tcp, 9921/tcp, 6685/tcp, 9996/tcp (Palace-5), 4406/tcp (ASIGRA Televaulting DS-Sleeper Service), 7557/tcp, 8083/tcp (Utilistor (Server)), 7023/tcp (Comtech T2 NMCS), 7251/tcp, 6083/tcp, 7761/tcp, 7247/tcp, 7342/tcp, 7314/tcp, 7118/tcp, 9065/tcp, 6625/tcp (DataScaler control), 7599/tcp, 4016/tcp (Talarian Mcast), 7742/tcp (Mugginsoft Script Server Service), 7426/tcp (OpenView DM Postmaster Manager), 6620/tcp (Kerberos V5 FTP Data), 9026/tcp (Secure Web Access - 4), 7322/tcp, 6622/tcp (Multicast FTP), 8883/tcp (Secure MQTT), 7421/tcp (Matisse Port Monitor), 8805/tcp, 9091/tcp (xmltec-xmlmail), 3448/tcp (Discovery and Net Config), 8830/tcp, 7706/tcp, 7238/tcp, 10001/tcp (SCP Configuration), 8804/tcp (truecm), 7435/tcp, 7212/tcp, 7391/tcp (mind-file system server), 7736/tcp, 7368/tcp, 7224/tcp, 9963/tcp, 8800/tcp (Sun Web Server Admin Service), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 8001/tcp (VCOM Tunnel), 5508/tcp, 7596/tcp, 8837/tcp, 7625/tcp, 7600/tcp, 7271/tcp, 7078/tcp, 7158/tcp, 6613/tcp, 4072/tcp (Zieto Socket Communications), 7500/tcp (Silhouette User), 4070/tcp (Trivial IP Encryption (TrIPE)), 7711/tcp, 9007/tcp, 7431/tcp (OpenView DM ovc/xmpv3 api pipe), 6617/tcp, 6634/tcp, 3311/tcp (MCNS Tel Ret), 3433/tcp (Altaworks Service Management Platform), 5502/tcp (fcp-srvr-inst1), 9085/tcp (IBM Remote System Console), 9985/tcp, 8076/tcp, 3384/tcp (Cluster Management Services), 4085/tcp (EZNews Newsroom Message Service), 6696/tcp, 7503/tcp, 7392/tcp (mrss-rendezvous server), 5006/tcp (wsm server), 9987/tcp (DSM/SCM Target Interface), 8025/tcp (CA Audit Distribution Agent), 7130/tcp, 3310/tcp (Dyna Access), 8829/tcp, 4029/tcp (IP Q signaling protocol), 4409/tcp (Net-Cabinet comunication), 7620/tcp, 7537/tcp, 7111/tcp, 8067/tcp, 7147/tcp, 6606/tcp, 10014/tcp, 6662/tcp, 6069/tcp (TRIP), 7186/tcp, 7306/tcp, 3414/tcp (BroadCloud WIP Port), 7015/tcp (Talon Webserver), 7566/tcp (VSI Omega), 4054/tcp (CosmoCall Universe Communications Port 2), 7171/tcp (Discovery and Retention Mgt Production), 7704/tcp, 9913/tcp, 4407/tcp (Network Access Control Agent), 3328/tcp (Eaglepoint License Manager), 7446/tcp, 6605/tcp, 7036/tcp, 7785/tcp, 3401/tcp (filecast), 10030/tcp, 7403/tcp, 8071/tcp, 7035/tcp, 7260/tcp, 7119/tcp, 9917/tcp, 7048/tcp, 8861/tcp, 7404/tcp, 7217/tcp, 8052/tcp (Senomix Timesheets Server), 6654/tcp, 9979/tcp, 7475/tcp, 7073/tcp, 3337/tcp (Direct TV Data Catalog), 9016/tcp, 3393/tcp (D2K Tapestry Client to Server), 6633/tcp, 8096/tcp, 7779/tcp (VSTAT), 7551/tcp, 7405/tcp, 7602/tcp, 7013/tcp (Microtalon Discovery), 7082/tcp, 8003/tcp (Mulberry Connect Reporting Service), 9055/tcp, 7406/tcp, 4058/tcp (Kingfisher protocol), 9928/tcp, 3392/tcp (EFI License Management), 8081/tcp (Sun Proxy Admin Service), 7299/tcp, 8817/tcp, 4404/tcp (ASIGRA Televaulting DS-System Monitoring/Management), 7389/tcp, 7631/tcp (TESLA System Messaging), 5000/tcp (commplex-main), 7356/tcp, 3309/tcp (TNS ADV), 9930/tcp, 7164/tcp (File System Repository Agent), 7080/tcp (EmpowerID Communication), 8079/tcp, 3432/tcp (Secure Device Protocol), 6670/tcp (Vocaltec Global Online Directory), 7052/tcp, 7338/tcp, 9910/tcp, 5503/tcp (fcp-srvr-inst2), 3425/tcp (AGPS Access Port), 7765/tcp, 9079/tcp, 8040/tcp (Ampify Messaging Protocol), 7745/tcp, 7439/tcp, 8042/tcp (FireScope Agent), 7065/tcp, 3427/tcp (WebSphere SNMP), 4403/tcp (ASIGRA Televaulting DS-Client Monitoring/Management), 8009/tcp, 7409/tcp, 9952/tcp (APC 9952), 7135/tcp, 7504/tcp, 7127/tcp, 4095/tcp (xtgui information service), 6602/tcp (Windows WSS Communication Framework), 8037/tcp, 8858/tcp, 3411/tcp (BioLink Authenteon server), 10026/tcp, 7790/tcp, 8073/tcp, 7323/tcp, 3327/tcp (BBARS), 7388/tcp, 3378/tcp (WSICOPY), 4043/tcp (Neighbour Identity Resolution), 7582/tcp, 7485/tcp, 6673/tcp (vision_elmd), 7670/tcp, 7539/tcp, 3351/tcp (Btrieve port), 7508/tcp, 7449/tcp, 3445/tcp (Media Object Network), 7459/tcp, 9082/tcp, 9922/tcp, 3394/tcp (D2K Tapestry Server to Server), 7565/tcp, 8894/tcp (Desktop Data TCP 6: COAL application), 8872/tcp, 9052/tcp, 7751/tcp, 6692/tcp, 7371/tcp, 7382/tcp, 3316/tcp (AICC/CMI), 9008/tcp (Open Grid Services Server), 7076/tcp, 9030/tcp, 9043/tcp, 9983/tcp, 7134/tcp, 6697/tcp, 6648/tcp, 9054/tcp, 7564/tcp, 9974/tcp, 7677/tcp (Sun App Server - HTTPS), 10012/tcp, 9031/tcp, 7250/tcp, 7772/tcp, 7737/tcp, 6071/tcp (SSDTP), 7613/tcp, 7400/tcp (RTPS Discovery), 4057/tcp (Servigistics WFM server), 7484/tcp, 7050/tcp, 6638/tcp, 7024/tcp (Vormetric service), 7347/tcp, 7156/tcp, 6683/tcp, 7667/tcp, 3422/tcp (Remote USB System Port), 4053/tcp (CosmoCall Universe Communications Port 1), 8038/tcp, 7155/tcp, 7331/tcp, 6684/tcp, 4084/tcp, 6096/tcp, 7383/tcp, 7014/tcp (Microtalon Communications), 7412/tcp, 6078/tcp, 3371/tcp, 7177/tcp, 6061/tcp, 8066/tcp, 3306/tcp (MySQL), 7141/tcp, 7116/tcp, 3346/tcp (Trnsprnt Proxy), 7321/tcp, 7442/tcp, 7740/tcp, 4003/tcp (pxc-splr-ft), 8848/tcp, 7615/tcp, 7393/tcp (nFoldMan Remote Publish), 7482/tcp, 4024/tcp (TNP1 User Port), 7267/tcp, 7199/tcp, 7415/tcp, 7776/tcp, 7198/tcp, 6098/tcp, 9902/tcp, 7348/tcp, 6014/tcp, 9932/tcp, 3353/tcp (FATPIPE), 7645/tcp, 6080/tcp, 6063/tcp, 7021/tcp (DP Serve Admin), 9949/tcp, 7709/tcp, 7364/tcp, 7662/tcp, 7429/tcp (OpenView DM rqt communication), 3391/tcp (SAVANT), 8874/tcp, 9071/tcp, 9027/tcp, 7275/tcp (OMA UserPlane Location), 7716/tcp, 7143/tcp, 4080/tcp (Lorica inside facing), 6623/tcp (Kerberos V5 Telnet), 7682/tcp, 6074/tcp (Microsoft Max), 7664/tcp, 7471/tcp, 9013/tcp, 7688/tcp, 8002/tcp (Teradata ORDBMS), 6002/tcp, 7454/tcp, 7002/tcp (users & groups database), 7627/tcp (SOAP Service Port), 6656/tcp (Emergency Message Control Service), 6672/tcp (vision_server), 7085/tcp, 6609/tcp, 3413/tcp (SpecView Networking), 7472/tcp, 7490/tcp, 9968/tcp, 9046/tcp, 7264/tcp, 6013/tcp, 7527/tcp, 7377/tcp, 3308/tcp (TNS Server), 7558/tcp, 7473/tcp (Rise: The Vieneo Province), 8840/tcp, 9045/tcp, 7541/tcp, 8092/tcp, 4061/tcp (Ice Location Service (TCP)), 8819/tcp, 3313/tcp (Unify Object Broker), 9063/tcp, 7133/tcp, 7792/tcp, 9035/tcp, 7042/tcp, 6017/tcp, 7506/tcp, 6665/tcp (-6669/udp  IRCU), 7252/tcp, 7351/tcp, 7771/tcp, 8898/tcp, 9015/tcp, 7297/tcp, 3400/tcp (CSMS2), 3340/tcp (OMF data m), 6676/tcp, 3331/tcp (MCS Messaging), 8887/tcp, 7293/tcp, 7570/tcp (Aries Kfinder), 6645/tcp, 7693/tcp, 7510/tcp (HP OpenView Application Server), 10019/tcp, 4004/tcp (pxc-roid), 7621/tcp, 7607/tcp, 9958/tcp, 7798/tcp (Propel Encoder port), 7672/tcp (iMQ STOMP Server), 8028/tcp, 4034/tcp (Ubiquinox Daemon), 7641/tcp, 4020/tcp (TRAP Port), 4402/tcp (ASIGRA Televaulting DS-Client Service), 7720/tcp (MedImage Portal), 6650/tcp, 8016/tcp, 7302/tcp, 9966/tcp (OKI Data Network Setting Protocol), 7583/tcp, 7325/tcp, 6626/tcp (WAGO Service and Update), 7550/tcp, 9920/tcp, 4055/tcp (CosmoCall Universe Communications Port 3), 7357/tcp, 7063/tcp, 6081/tcp, 7258/tcp, 7722/tcp, 6641/tcp, 7329/tcp, 7759/tcp, 7445/tcp, 3326/tcp (SFTU), 8881/tcp, 7721/tcp, 7180/tcp, 9041/tcp, 7327/tcp, 7384/tcp, 7017/tcp, 3439/tcp (HRI Interface Port), 3338/tcp (OMF data b), 7447/tcp, 7587/tcp, 7461/tcp, 3350/tcp (FINDVIATV), 3354/tcp (SUITJD), 8026/tcp (CA Audit Distribution Server), 8036/tcp, 7660/tcp, 7308/tcp, 7774/tcp, 6624/tcp (DataScaler database), 3362/tcp (DJ ILM), 7544/tcp (FlowAnalyzer DisplayServer), 8828/tcp, 7216/tcp, 7453/tcp, 3374/tcp (Cluster Disc), 7573/tcp, 7770/tcp, 7748/tcp, 7218/tcp, 8892/tcp (Desktop Data TCP 4: FARM product), 7223/tcp, 7668/tcp, 7095/tcp, 7343/tcp, 3304/tcp (OP Session Server), 8889/tcp (Desktop Data TCP 1), 9034/tcp, 9972/tcp, 7563/tcp, 9956/tcp, 7698/tcp, 7334/tcp, 7225/tcp, 9926/tcp, 7488/tcp, 3336/tcp (Direct TV Tickers), 3325/tcp, 7657/tcp, 5002/tcp (radio free ethernet), 6628/tcp (AFE Stock Channel M/C), 7012/tcp (Talon Engine), 9039/tcp, 7170/tcp (Adaptive Name/Service Resolution), 7058/tcp, 9959/tcp, 7318/tcp, 6643/tcp, 8084/tcp, 9044/tcp, 7145/tcp, 7062/tcp, 4078/tcp (Coordinated Security Service Protocol), 4040/tcp (Yo.net main service), 7243/tcp, 7597/tcp, 7407/tcp, 8812/tcp, 8057/tcp (Senomix Timesheets Client [1 year assignment]), 3360/tcp (KV Server), 9997/tcp (Palace-6), 7208/tcp, 7305/tcp, 7249/tcp, 4091/tcp (EminentWare Installer), 4099/tcp (DPCP), 7230/tcp, 7634/tcp, 3418/tcp (Remote nmap), 7543/tcp (atul server), 9068/tcp, 7593/tcp, 8020/tcp (Intuit Entitlement Service and Discovery), 8010/tcp, 4032/tcp (VERITAS Authorization Service), 4410/tcp (RIB iTWO Application Server), 7642/tcp, 7617/tcp, 9078/tcp, 10027/tcp, 8893/tcp (Desktop Data TCP 5: NewsEDGE/Web application), 4009/tcp (Chimera HWM), 7784/tcp, 4071/tcp (Automatically Incremental Backup), 7789/tcp (Office Tools Pro Receive), 7202/tcp, 7777/tcp (cbt), 8070/tcp, 9084/tcp (IBM AURORA Performance Visualizer), 7684/tcp, 6070/tcp (Messageasap), 8865/tcp, 4087/tcp (APplus Service), 7123/tcp, 7738/tcp (HP Enterprise Discovery Agent), 3357/tcp (Adtech Test IP), 9911/tcp (SYPECom Transport Protocol), 9937/tcp, 7796/tcp, 7417/tcp, 9954/tcp, 7194/tcp, 7029/tcp, 3367/tcp (-3371  Satellite Video Data Link), 9909/tcp (domaintime), 6646/tcp, 6607/tcp, 7592/tcp, 7232/tcp, 4019/tcp (Talarian Mcast), 7562/tcp, 7516/tcp, 4015/tcp (Talarian Mcast), 7395/tcp (winqedit), 8029/tcp, 9070/tcp, 9915/tcp, 7256/tcp, 7137/tcp, 6007/tcp, 7072/tcp, 7000/tcp (file server itself), 6639/tcp, 7529/tcp, 7209/tcp, 8033/tcp (MindPrint), 9033/tcp, 6682/tcp, 7492/tcp, 6019/tcp, 7750/tcp, 7114/tcp, 4089/tcp (OpenCORE Remote Control Service), 7122/tcp, 6611/tcp, 3307/tcp (OP Session Proxy), 8859/tcp, 7766/tcp, 6088/tcp, 6659/tcp, 7638/tcp, 9077/tcp, 7307/tcp, 8870/tcp, 3370/tcp, 8803/tcp, 7353/tcp, 3334/tcp (Direct TV Webcasting), 5520/tcp, 3440/tcp (Net Steward Mgmt Console), 7601/tcp, 7618/tcp, 10004/tcp (EMC Replication Manager Client), 8816/tcp, 7067/tcp, 7026/tcp, 7441/tcp, 9004/tcp, 7476/tcp, 7398/tcp, 5004/tcp (RTP media data [RFC 3551][RFC 4571]), 7290/tcp, 7016/tcp, 7694/tcp, 6614/tcp, 7354/tcp, 7185/tcp, 7616/tcp, 6695/tcp, 8822/tcp, 8807/tcp, 7162/tcp (CA Storage Manager), 3402/tcp (FXa Engine Network Port), 8811/tcp, 3366/tcp (Creative Partner), 7242/tcp, 3341/tcp (OMF data h), 7381/tcp, 7733/tcp, 8000/tcp (iRDMI), 3443/tcp (OpenView Network Node Manager WEB Server), 3442/tcp (OC Connect Server), 8046/tcp, 8007/tcp, 7108/tcp, 6092/tcp, 7477/tcp, 7345/tcp, 8877/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 7588/tcp (Sun License Manager), 8024/tcp, 3430/tcp (Scott Studios Dispatch), 7041/tcp, 7349/tcp, 8864/tcp, 7228/tcp, 7149/tcp, 3312/tcp (Application Management Server), 8890/tcp (Desktop Data TCP 2), 7754/tcp, 7195/tcp, 8850/tcp, 9961/tcp, 7037/tcp, 8062/tcp, 7434/tcp, 7068/tcp, 7489/tcp, 8077/tcp, 3435/tcp (Pacom Security User Port), 9087/tcp (Classic Data Server), 7538/tcp, 7358/tcp, 7386/tcp, 7671/tcp, 7458/tcp, 8827/tcp, 10022/tcp, 4092/tcp (EminentWare DGS), 7191/tcp, 9994/tcp (OnLive-3), 7028/tcp, 7731/tcp, 6652/tcp, 9969/tcp, 7619/tcp, 9933/tcp, 7182/tcp, 7520/tcp, 4073/tcp (iRAPP Server Protocol), 4082/tcp (Lorica outside facing), 7586/tcp, 10000/tcp (Network Data Management Protocol), 7096/tcp, 3365/tcp (Content Server), 3342/tcp (WebTIE), 7794/tcp (Q3ADE Cluster Service), 7718/tcp, 6067/tcp, 7495/tcp, 5022/tcp (mice server), 9964/tcp, 3301/tcp, 7665/tcp, 7259/tcp, 4048/tcp, 8097/tcp (SAC Port Id), 9066/tcp, 7797/tcp (Propel Connector port), 4042/tcp (LDXP), 7714/tcp, 3437/tcp (Autocue Directory Service), 7451/tcp, 9925/tcp, 4083/tcp (Lorica outside facing (SSL)), 7379/tcp, 9948/tcp, 7045/tcp, 5500/tcp (fcp-addr-srvr1), 7649/tcp, 7221/tcp, 3361/tcp (KV Agent), 4064/tcp (Ice Firewall Traversal Service (SSL)), 7498/tcp, 4011/tcp (Alternate Service Boot), 8868/tcp, 7724/tcp (Novell Snap-in Deep Freeze Control), 7548/tcp (Threat Information Distribution Protocol), 7493/tcp, 7651/tcp, 6663/tcp, 8806/tcp, 4037/tcp (RaveHD network control), 7725/tcp (Nitrogen Service), 5012/tcp (NetOnTap Service), 7410/tcp (Ionix Network Monitor), 9048/tcp, 3380/tcp (SNS Channels), 7226/tcp, 3420/tcp (iFCP User Port), 7747/tcp (Put/Run/Get Protocol), 7699/tcp, 7501/tcp (HP OpenView Bus Daemon), 8059/tcp (Senomix Timesheets Client [1 year assignment]), 9003/tcp, 7656/tcp, 8841/tcp, 9980/tcp, 3417/tcp (ConServR file translation), 8863/tcp, 3441/tcp (OC Connect Client), 8879/tcp, 7161/tcp (CA BSM Comm), 3397/tcp (Cloanto License Manager), 10025/tcp, 7581/tcp, 7425/tcp, 7591/tcp, 5528/tcp, 7626/tcp (SImple Middlebox COnfiguration (SIMCO) Server), 7269/tcp, 9002/tcp (DynamID authentication), 7104/tcp, 6076/tcp, 7509/tcp (ACPLT - process automation service), 8895/tcp, 7479/tcp, 7611/tcp, 7457/tcp, 4031/tcp (UUCP over SSL), 3399/tcp (CSMS), 4066/tcp (Performance Measurement and Analysis), 7432/tcp, 8065/tcp, 8814/tcp, 6661/tcp, 7559/tcp, 7317/tcp, 6005/tcp, 4097/tcp (Patrol View), 7554/tcp, 9991/tcp (OSM Event Server), 7460/tcp, 5019/tcp, 8039/tcp, 7399/tcp, 9999/tcp (distinct), 7726/tcp (FreezeX Console Service), 7181/tcp, 7681/tcp, 7213/tcp, 7637/tcp, 3375/tcp (VSNM Agent), 6658/tcp, 9028/tcp, 8880/tcp (CDDBP), 8099/tcp, 7428/tcp (OpenView DM Log Agent Manager), 7374/tcp, 4081/tcp (Lorica inside facing (SSL)), 7113/tcp, 4065/tcp (Avanti Common Data), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 9931/tcp, 4026/tcp (Graphical Debug Server), 7703/tcp, 7330/tcp, 4007/tcp (pxc-splr), 7027/tcp, 3419/tcp (Isogon SoftAudit), 7707/tcp (EM7 Dynamic Updates), 6608/tcp, 7286/tcp, 8061/tcp, 7594/tcp, 7669/tcp, 3319/tcp (SDT License Manager), 6678/tcp, 7496/tcp, 7303/tcp, 8836/tcp, 3388/tcp (CB Server), 7193/tcp, 7380/tcp, 7752/tcp, 8022/tcp (oa-system), 7152/tcp, 9061/tcp, 5501/tcp (fcp-addr-srvr2), 9976/tcp, 8085/tcp, 4005/tcp (pxc-pin), 7010/tcp (onlinet uninterruptable power supplies), 9099/tcp, 7418/tcp, 7486/tcp, 7234/tcp, 10002/tcp (EMC-Documentum Content Server Product), 4063/tcp (Ice Firewall Traversal Service (TCP)), 7237/tcp, 3416/tcp (AirMobile IS Command Port), 9042/tcp, 7746/tcp, 7487/tcp, 7098/tcp, 7542/tcp (Saratoga Transfer Protocol), 7578/tcp, 8086/tcp (Distributed SCADA Networking Rendezvous Port), 7229/tcp, 3415/tcp (BCI Name Service), 7448/tcp, 5507/tcp, 8051/tcp, 7235/tcp, 4056/tcp (Location Message Service), 7640/tcp, 5523/tcp, 8094/tcp, 7456/tcp, 9939/tcp, 10006/tcp, 4050/tcp (Wide Area File Services), 7589/tcp, 9950/tcp (APC 9950), 7120/tcp, 7644/tcp, 8833/tcp, 7276/tcp (OMA Internal Location Protocol), 7284/tcp, 3322/tcp (-3325  Active Networks), 7423/tcp.
      
BHD Honeypot
Port scan
2020-01-22

Port scan from IP: 213.217.0.5 detected by psad.
BHD Honeypot
Port scan
2020-01-16

In the last 24h, the attacker (213.217.0.5) attempted to scan 55 ports.
The following ports have been scanned: 3368/tcp, 6636/tcp, 10028/tcp, 7003/tcp (volume location database), 4041/tcp (Rocketeer-Houston), 10021/tcp, 6694/tcp, 6047/tcp, 3320/tcp (Office Link 2000), 6660/tcp, 8844/tcp, 4001/tcp (NewOak), 5554/tcp (SGI ESP HTTP), 9914/tcp, 9905/tcp, 9962/tcp, 9921/tcp, 8826/tcp, 8800/tcp (Sun Web Server Admin Service), 4412/tcp, 6696/tcp, 6605/tcp, 9012/tcp, 4058/tcp (Kingfisher protocol), 6602/tcp (Windows WSS Communication Framework), 3316/tcp (AICC/CMI), 9054/tcp, 6014/tcp, 9071/tcp, 9968/tcp, 4004/tcp (pxc-roid), 9958/tcp, 3354/tcp (SUITJD), 3362/tcp (DJ ILM), 3374/tcp (Cluster Disc), 8889/tcp (Desktop Data TCP 1), 3325/tcp, 7012/tcp (Talon Engine), 5028/tcp (Quiqum Virtual Relais), 10016/tcp, 9068/tcp, 5044/tcp (LXI Event Service), 6019/tcp, 3334/tcp (Direct TV Webcasting), 9961/tcp, 3365/tcp (Content Server), 5041/tcp, 8097/tcp (SAC Port Id), 5019/tcp, 9061/tcp, 9976/tcp, 6657/tcp, 8051/tcp, 4050/tcp (Wide Area File Services), 3322/tcp (-3325  Active Networks).
      
BHD Honeypot
Port scan
2020-01-15

In the last 24h, the attacker (213.217.0.5) attempted to scan 86 ports.
The following ports have been scanned: 8005/tcp (MXI Generation II for z/OS), 8857/tcp, 6075/tcp (Microsoft DPM Access Control Manager), 9009/tcp (Pichat Server), 9941/tcp, 9924/tcp, 8873/tcp (dxspider linking protocol), 9900/tcp (IUA), 9000/tcp (CSlistener), 8072/tcp, 10011/tcp, 9022/tcp (PrivateArk Remote Agent), 8049/tcp, 9988/tcp (Software Essentials Secure HTTP server), 8098/tcp, 8885/tcp, 9086/tcp (Vesa Net2Display), 8846/tcp, 8897/tcp, 8820/tcp, 9095/tcp, 8866/tcp, 6089/tcp, 8839/tcp, 4074/tcp (Cequint City ID UI trigger), 8869/tcp, 6635/tcp, 7799/tcp (Alternate BSDP Service), 9057/tcp, 6043/tcp, 4077/tcp, 9996/tcp (Palace-5), 4440/tcp, 9007/tcp, 5502/tcp (fcp-srvr-inst1), 5050/tcp (multimedia conference control tool), 8829/tcp, 9913/tcp, 3328/tcp (Eaglepoint License Manager), 8861/tcp, 8838/tcp, 9910/tcp, 9938/tcp, 3378/tcp (WSICOPY), 8894/tcp (Desktop Data TCP 6: COAL application), 6647/tcp, 4025/tcp (Partition Image Port), 6638/tcp, 6078/tcp, 8848/tcp, 3313/tcp (Unify Object Broker), 3331/tcp (MCS Messaging), 4425/tcp (NetROCKEY6 SMART Plus Service), 6644/tcp, 9032/tcp, 3326/tcp (SFTU), 9064/tcp, 9956/tcp, 5550/tcp, 9044/tcp, 8812/tcp, 8057/tcp (Senomix Timesheets Client [1 year assignment]), 9915/tcp, 6007/tcp, 9033/tcp, 9912/tcp, 6611/tcp, 8870/tcp, 9004/tcp, 3402/tcp (FXa Engine Network Port), 8864/tcp, 8850/tcp, 8062/tcp, 8827/tcp, 9969/tcp, 4082/tcp (Lorica outside facing), 8806/tcp, 9003/tcp, 8879/tcp, 8895/tcp, 8814/tcp, 9028/tcp, 5533/tcp, 9916/tcp, 8833/tcp.
      
BHD Honeypot
Port scan
2020-01-14

In the last 24h, the attacker (213.217.0.5) attempted to scan 66 ports.
The following ports have been scanned: 8074/tcp (Gadu-Gadu), 4010/tcp (Samsung Unidex), 9018/tcp, 9005/tcp, 3398/tcp (Mercantile), 4431/tcp (adWISE Pipe), 6028/tcp, 6601/tcp (Microsoft Threat Management Gateway SSTP), 5545/tcp, 3395/tcp (Dyna License Manager (Elam)), 9927/tcp, 8871/tcp, 8011/tcp, 8801/tcp, 8014/tcp, 6086/tcp (PDTP P2P), 4422/tcp, 6026/tcp, 6034/tcp, 9049/tcp, 8068/tcp, 8090/tcp, 4030/tcp (Accell/JSP Daemon Port), 9020/tcp (TAMBORA), 8008/tcp (HTTP Alternate), 7011/tcp (Talon Discovery Port), 9947/tcp, 10017/tcp, 9026/tcp (Secure Web Access - 4), 8886/tcp, 4428/tcp (OMV-Investigation Server-Client), 9985/tcp, 8052/tcp (Senomix Timesheets Server), 9016/tcp, 8096/tcp, 10007/tcp (MVS Capacity), 8081/tcp (Sun Proxy Admin Service), 9922/tcp, 8872/tcp, 7025/tcp (Vormetric Service II), 9014/tcp, 8038/tcp, 5046/tcp, 9063/tcp, 5035/tcp, 3340/tcp (OMF data m), 9971/tcp, 7017/tcp, 8084/tcp, 7789/tcp (Office Tools Pro Receive), 8865/tcp, 8859/tcp, 10004/tcp (EMC Replication Manager Client), 8816/tcp, 8822/tcp, 8807/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 9994/tcp (OnLive-3), 4430/tcp (REAL SQL Server), 4439/tcp, 5536/tcp, 6076/tcp, 8836/tcp, 5532/tcp, 6023/tcp.
      
BHD Honeypot
Port scan
2020-01-13

Port scan from IP: 213.217.0.5 detected by psad.
BHD Honeypot
Port scan
2020-01-03

In the last 24h, the attacker (213.217.0.5) attempted to scan 1264 ports.
The following ports have been scanned: 9023/tcp (Secure Web Access - 1), 9097/tcp, 8074/tcp (Gadu-Gadu), 3352/tcp (Scalable SQL), 8005/tcp (MXI Generation II for z/OS), 4010/tcp (Samsung Unidex), 6087/tcp (Local Download Sharing Service), 5513/tcp, 8012/tcp, 9906/tcp, 10010/tcp (ooRexx rxapi services), 9076/tcp, 9018/tcp, 5518/tcp, 6621/tcp (Kerberos V5 FTP Control), 10005/tcp (EMC Replication Manager Server), 6001/tcp, 9990/tcp (OSM Applet Server), 6016/tcp, 9021/tcp (Pangolin Identification), 9005/tcp, 9093/tcp, 7004/tcp (AFS/Kerberos authentication service), 3305/tcp (ODETTE-FTP), 8896/tcp, 9978/tcp, 8088/tcp (Radan HTTP), 4018/tcp (Talarian Mcast), 3368/tcp, 3398/tcp (Mercantile), 6075/tcp (Microsoft DPM Access Control Manager), 9009/tcp (Pichat Server), 9072/tcp, 9092/tcp (Xml-Ipc Server Reg), 8018/tcp, 9096/tcp, 6011/tcp, 4027/tcp (bitxpress), 8873/tcp (dxspider linking protocol), 5517/tcp, 8078/tcp, 7787/tcp (Popup Reminders Receive), 7008/tcp (server-to-server updater), 9900/tcp (IUA), 9907/tcp, 3396/tcp (Printer Agent), 9000/tcp (CSlistener), 7782/tcp, 5516/tcp, 8825/tcp, 4098/tcp (drmsfsd), 3359/tcp (WG NetForce), 8021/tcp (Intuit Entitlement Client), 6065/tcp (WinPharaoh), 6601/tcp (Microsoft Threat Management Gateway SSTP), 9089/tcp (IBM Informix SQL Interface - Encrypted), 8072/tcp, 3323/tcp, 9090/tcp (WebSM), 4006/tcp (pxc-spvr), 10011/tcp, 6610/tcp, 3321/tcp (VNSSTR), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 9982/tcp, 9006/tcp, 8815/tcp, 7788/tcp, 3364/tcp (Creative Server), 4090/tcp (OMA BCAST Service Guide), 6603/tcp, 6079/tcp, 9019/tcp, 8871/tcp, 10028/tcp, 3409/tcp (NetworkLens Event Port), 8011/tcp, 8801/tcp, 10023/tcp, 9993/tcp (OnLive-2), 3303/tcp (OP Session Client), 3317/tcp (VSAI PORT), 8014/tcp, 4036/tcp (WAP Push OTA-HTTP secure), 6086/tcp (PDTP P2P), 8087/tcp (Simplify Media SPP Protocol), 3356/tcp (UPNOTIFYPS), 4002/tcp (pxc-spvr-ft), 9904/tcp, 3345/tcp (Influence), 7781/tcp (accu-lmgr), 8813/tcp, 9975/tcp, 10024/tcp, 5509/tcp, 5514/tcp, 7003/tcp (volume location database), 8802/tcp, 9988/tcp (Software Essentials Secure HTTP server), 9011/tcp, 8098/tcp, 5525/tcp, 3344/tcp (BNT Manager), 10021/tcp, 3318/tcp (Swith to Swith Routing Information Protocol), 4008/tcp (NetCheque accounting), 8809/tcp, 7795/tcp, 9088/tcp (IBM Informix SQL Interface), 8885/tcp, 7775/tcp, 9903/tcp, 9086/tcp (Vesa Net2Display), 9986/tcp, 4014/tcp (TAICLOCK), 8818/tcp, 3343/tcp (MS Cluster Net), 9001/tcp (ETL Service Manager), 8093/tcp, 6619/tcp (ODETTE-FTP over TLS/SSL), 6600/tcp (Microsoft Hyper-V Live Migration), 7778/tcp (Interwise), 9024/tcp (Secure Web Access - 2), 5020/tcp (zenginkyo-1), 4039/tcp (Fazzt Administration), 8808/tcp, 5010/tcp (TelepathStart), 7773/tcp, 5018/tcp, 4405/tcp (ASIGRA Televaulting Message Level Restore service), 7793/tcp, 3363/tcp (NATI Vi Server), 8082/tcp (Utilistor (Client)), 10009/tcp (Systemwalker Desktop Patrol), 8023/tcp, 5512/tcp, 7786/tcp (MINIVEND), 3320/tcp (Office Link 2000), 8090/tcp, 8897/tcp, 4030/tcp (Accell/JSP Daemon Port), 8820/tcp, 5003/tcp (FileMaker, Inc. - Proprietary transport), 9020/tcp (TAMBORA), 6072/tcp (DIAGNOSE-PROC), 9095/tcp, 8878/tcp, 3387/tcp (Back Room Net), 4035/tcp (WAP Push OTA-HTTP port), 8095/tcp, 6093/tcp, 9098/tcp, 3330/tcp (MCS Calypso ICF), 3412/tcp (xmlBlaster), 10003/tcp (EMC-Documentum Content Server Product), 9995/tcp (Palace-4), 9973/tcp, 9081/tcp, 6068/tcp (GSMP), 5015/tcp (FileMaker, Inc. - Web publishing), 8810/tcp, 10008/tcp (Octopus Multiplexer), 6089/tcp, 9977/tcp, 4088/tcp (Noah Printing Service Protocol), 5524/tcp, 6066/tcp (EWCTSP), 6091/tcp, 7791/tcp, 3339/tcp (OMF data l), 7009/tcp (remote cache manager service), 3315/tcp (CDID), 9074/tcp, 8008/tcp (HTTP Alternate), 8821/tcp, 6003/tcp, 3314/tcp (Unify Object Host), 6616/tcp, 6073/tcp (DirectPlay8), 9998/tcp (Distinct32), 4001/tcp (NewOak), 5505/tcp (Checkout Database), 4401/tcp (ASIGRA Televaulting DS-System Service), 9073/tcp, 7011/tcp (Talon Discovery Port), 5009/tcp (Microsoft Windows Filesystem), 8019/tcp (QB DB Dynamic Port), 9919/tcp, 8013/tcp, 9918/tcp, 8891/tcp (Desktop Data TCP 3: NESS application), 8027/tcp, 6062/tcp, 8075/tcp, 6090/tcp, 5521/tcp, 9017/tcp, 9989/tcp, 7783/tcp, 5017/tcp, 3348/tcp (Pangolin Laser), 6615/tcp, 6604/tcp, 3349/tcp (Chevin Services), 9094/tcp, 3302/tcp (MCS Fastmail), 9984/tcp, 7799/tcp (Alternate BSDP Service), 3332/tcp (MCS Mail Server), 4012/tcp (PDA Gate), 9914/tcp, 4022/tcp (DNOX), 10015/tcp, 10020/tcp, 8884/tcp, 7019/tcp, 3376/tcp (CD Broker), 10013/tcp, 4021/tcp (Nexus Portal), 4408/tcp (SLS Technology Control Centre), 5510/tcp, 4096/tcp (BRE (Bridge Relay Element)), 3373/tcp (Lavenir License Manager), 9080/tcp (Groove GLRPC), 8089/tcp, 9908/tcp, 3347/tcp (Phoenix RPC), 5011/tcp (TelepathAttack), 5526/tcp, 10017/tcp, 3372/tcp (TIP 2), 4028/tcp (DTServer Port), 6085/tcp (konspire2b p2p network), 9905/tcp, 9921/tcp, 9996/tcp (Palace-5), 5016/tcp, 8083/tcp (Utilistor (Server)), 6083/tcp, 8876/tcp, 6012/tcp, 6625/tcp (DataScaler control), 4016/tcp (Talarian Mcast), 6064/tcp (NDL-AHP-SVC), 6620/tcp (Kerberos V5 FTP Data), 9026/tcp (Secure Web Access - 4), 6622/tcp (Multicast FTP), 8883/tcp (Secure MQTT), 8805/tcp, 9091/tcp (xmltec-xmlmail), 8830/tcp, 10001/tcp (SCP Configuration), 8804/tcp (truecm), 8826/tcp, 8886/tcp, 8800/tcp (Sun Web Server Admin Service), 3386/tcp (GPRS Data), 8001/tcp (VCOM Tunnel), 6613/tcp, 8006/tcp, 9007/tcp, 6617/tcp, 3311/tcp (MCNS Tel Ret), 5502/tcp (fcp-srvr-inst1), 9085/tcp (IBM Remote System Console), 9985/tcp, 8076/tcp, 4085/tcp (EZNews Newsroom Message Service), 5006/tcp (wsm server), 9987/tcp (DSM/SCM Target Interface), 8025/tcp (CA Audit Distribution Agent), 3310/tcp (Dyna Access), 8829/tcp, 4029/tcp (IP Q signaling protocol), 4409/tcp (Net-Cabinet comunication), 3329/tcp (HP Device Disc), 6095/tcp, 5511/tcp, 6606/tcp, 10014/tcp, 6069/tcp (TRIP), 3414/tcp (BroadCloud WIP Port), 7015/tcp (Talon Webserver), 6097/tcp, 9083/tcp (EMC PowerPath Mgmt Service), 9913/tcp, 4407/tcp (Network Access Control Agent), 3328/tcp (Eaglepoint License Manager), 6605/tcp, 7785/tcp, 3401/tcp (filecast), 10030/tcp, 8071/tcp, 9917/tcp, 9979/tcp, 3337/tcp (Direct TV Data Catalog), 9016/tcp, 8096/tcp, 7779/tcp (VSTAT), 9012/tcp, 7013/tcp (Microtalon Discovery), 6612/tcp, 8003/tcp (Mulberry Connect Reporting Service), 10007/tcp (MVS Capacity), 8081/tcp (Sun Proxy Admin Service), 9970/tcp, 9025/tcp (Secure Web Access - 3), 8817/tcp, 4404/tcp (ASIGRA Televaulting DS-System Monitoring/Management), 3309/tcp (TNS ADV), 8079/tcp, 8080/tcp (HTTP Alternate (see port 80)), 9910/tcp, 5503/tcp (fcp-srvr-inst2), 9079/tcp, 8009/tcp, 10029/tcp, 4095/tcp (xtgui information service), 6602/tcp (Windows WSS Communication Framework), 3411/tcp (BioLink Authenteon server), 10026/tcp, 7790/tcp, 8073/tcp, 3327/tcp (BBARS), 9082/tcp, 9922/tcp, 3394/tcp (D2K Tapestry Server to Server), 8894/tcp (Desktop Data TCP 6: COAL application), 7005/tcp (volume managment server), 8872/tcp, 4025/tcp (Partition Image Port), 3316/tcp (AICC/CMI), 9008/tcp (Open Grid Services Server), 9030/tcp, 9983/tcp, 9974/tcp, 10012/tcp, 7772/tcp, 6071/tcp (SSDTP), 3335/tcp (Direct TV Software Updates), 6084/tcp (Peer to Peer Infrastructure Protocol), 9014/tcp, 8824/tcp, 8823/tcp, 4093/tcp (Pvx Plus CS Host), 6082/tcp, 4084/tcp, 6096/tcp, 7014/tcp (Microtalon Communications), 6078/tcp, 3371/tcp, 6061/tcp, 3306/tcp (MySQL), 3346/tcp (Trnsprnt Proxy), 6060/tcp, 7776/tcp, 10018/tcp, 9902/tcp, 6014/tcp, 7780/tcp, 6080/tcp, 6063/tcp, 8874/tcp, 9071/tcp, 9027/tcp, 4080/tcp (Lorica inside facing), 3300/tcp, 6623/tcp (Kerberos V5 Telnet), 6074/tcp (Microsoft Max), 9013/tcp, 8002/tcp (Teradata ORDBMS), 6002/tcp, 7002/tcp (users & groups database), 8015/tcp, 6609/tcp, 6013/tcp, 3308/tcp (TNS Server), 8092/tcp, 8819/tcp, 3313/tcp (Unify Object Broker), 7792/tcp, 6017/tcp, 7771/tcp, 8898/tcp, 9015/tcp, 3400/tcp (CSMS2), 8887/tcp, 10019/tcp, 4004/tcp (pxc-roid), 7798/tcp (Propel Encoder port), 8028/tcp, 4034/tcp (Ubiquinox Daemon), 4017/tcp (Talarian Mcast), 9010/tcp (Secure Data Replicator Protocol), 4020/tcp (TRAP Port), 8016/tcp, 8899/tcp (ospf-lite), 3355/tcp (Ordinox Dbase), 6626/tcp (WAGO Service and Update), 9920/tcp, 6081/tcp, 9971/tcp, 3326/tcp (SFTU), 8881/tcp, 7017/tcp, 5014/tcp, 3350/tcp (FINDVIATV), 3354/tcp (SUITJD), 8026/tcp (CA Audit Distribution Server), 7774/tcp, 6004/tcp, 6624/tcp (DataScaler database), 3362/tcp (DJ ILM), 8828/tcp, 3374/tcp (Cluster Disc), 7770/tcp, 8892/tcp (Desktop Data TCP 4: FARM product), 7007/tcp (basic overseer process), 8889/tcp (Desktop Data TCP 1), 6010/tcp, 9972/tcp, 8030/tcp, 3336/tcp (Direct TV Tickers), 3325/tcp, 7012/tcp (Talon Engine), 7018/tcp, 8084/tcp, 4040/tcp (Yo.net main service), 3381/tcp (Geneous), 5515/tcp, 10016/tcp, 8812/tcp, 6618/tcp, 3360/tcp (KV Server), 9997/tcp (Palace-6), 4091/tcp (EminentWare Installer), 3418/tcp (Remote nmap), 8020/tcp (Intuit Entitlement Service and Discovery), 8010/tcp, 4032/tcp (VERITAS Authorization Service), 4410/tcp (RIB iTWO Application Server), 9078/tcp, 10027/tcp, 8893/tcp (Desktop Data TCP 5: NewsEDGE/Web application), 6015/tcp, 4009/tcp (Chimera HWM), 7784/tcp, 7789/tcp (Office Tools Pro Receive), 7777/tcp (cbt), 8070/tcp, 9084/tcp (IBM AURORA Performance Visualizer), 6070/tcp (Messageasap), 4087/tcp (APplus Service), 3357/tcp (Adtech Test IP), 9911/tcp (SYPECom Transport Protocol), 7796/tcp, 9909/tcp (domaintime), 6607/tcp, 9901/tcp, 4015/tcp (Talarian Mcast), 7020/tcp (DP Serve), 8091/tcp (Jam Link Framework), 8029/tcp, 9070/tcp, 9915/tcp, 6007/tcp, 7000/tcp (file server itself), 3333/tcp (DEC Notes), 6019/tcp, 9912/tcp, 8875/tcp, 4089/tcp (OpenCORE Remote Control Service), 6611/tcp, 6088/tcp, 9077/tcp, 8870/tcp, 3370/tcp, 8803/tcp, 3334/tcp (Direct TV Webcasting), 5520/tcp, 10004/tcp (EMC Replication Manager Client), 8816/tcp, 7001/tcp (callbacks to cache managers), 9004/tcp, 6008/tcp, 7016/tcp, 6614/tcp, 8822/tcp, 8807/tcp, 3402/tcp (FXa Engine Network Port), 8811/tcp, 3366/tcp (Creative Partner), 3341/tcp (OMF data h), 8000/tcp (iRDMI), 8007/tcp, 6092/tcp, 8877/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 8024/tcp, 9075/tcp, 3312/tcp (Application Management Server), 8890/tcp (Desktop Data TCP 2), 8077/tcp, 9087/tcp (Classic Data Server), 8827/tcp, 10022/tcp, 4092/tcp (EminentWare DGS), 9994/tcp (OnLive-3), 6099/tcp (RAXA Management), 4082/tcp (Lorica outside facing), 6077/tcp, 3365/tcp (Content Server), 3342/tcp (WebTIE), 7794/tcp (Q3ADE Cluster Service), 6067/tcp, 5022/tcp (mice server), 3301/tcp, 8097/tcp (SAC Port Id), 7797/tcp (Propel Connector port), 5500/tcp (fcp-addr-srvr1), 3361/tcp (KV Agent), 4011/tcp (Alternate Service Boot), 8004/tcp, 8806/tcp, 4037/tcp (RaveHD network control), 5012/tcp (NetOnTap Service), 3380/tcp (SNS Channels), 9003/tcp, 9980/tcp, 3417/tcp (ConServR file translation), 8879/tcp, 3397/tcp (Cloanto License Manager), 10025/tcp, 5528/tcp, 9029/tcp, 5530/tcp, 9002/tcp (DynamID authentication), 6076/tcp, 8895/tcp, 4031/tcp (UUCP over SSL), 3399/tcp (CSMS), 8814/tcp, 9991/tcp (OSM Event Server), 9999/tcp (distinct), 3375/tcp (VSNM Agent), 9028/tcp, 8880/tcp (CDDBP), 5506/tcp (Amcom Mobile Connect), 8099/tcp, 4081/tcp (Lorica inside facing (SSL)), 6094/tcp, 9992/tcp (OnLive-1), 4026/tcp (Graphical Debug Server), 4023/tcp (ESNM Zoning Port), 4007/tcp (pxc-splr), 3419/tcp (Isogon SoftAudit), 6608/tcp, 3319/tcp (SDT License Manager), 3388/tcp (CB Server), 8022/tcp (oa-system), 5501/tcp (fcp-addr-srvr2), 9976/tcp, 8085/tcp, 4005/tcp (pxc-pin), 7010/tcp (onlinet uninterruptable power supplies), 9099/tcp, 7006/tcp (error interpretation service), 8882/tcp, 10002/tcp (EMC-Documentum Content Server Product), 3416/tcp (AirMobile IS Command Port), 8017/tcp, 8086/tcp (Distributed SCADA Networking Rendezvous Port), 3415/tcp (BCI Name Service), 5507/tcp, 9981/tcp, 5523/tcp, 8094/tcp, 9916/tcp, 10006/tcp, 3322/tcp (-3325  Active Networks).
      
BHD Honeypot
Port scan
2020-01-02

In the last 24h, the attacker (213.217.0.5) attempted to scan 696 ports.
The following ports have been scanned: 9023/tcp (Secure Web Access - 1), 9097/tcp, 3352/tcp (Scalable SQL), 4010/tcp (Samsung Unidex), 6087/tcp (Local Download Sharing Service), 5513/tcp, 4033/tcp (SANavigator Peer Port), 10010/tcp (ooRexx rxapi services), 5518/tcp, 6621/tcp (Kerberos V5 FTP Control), 6001/tcp, 9990/tcp (OSM Applet Server), 9005/tcp, 6018/tcp, 9093/tcp, 4018/tcp (Talarian Mcast), 3368/tcp, 5529/tcp, 6075/tcp (Microsoft DPM Access Control Manager), 9009/tcp (Pichat Server), 6011/tcp, 4027/tcp (bitxpress), 5517/tcp, 7787/tcp (Popup Reminders Receive), 7008/tcp (server-to-server updater), 9900/tcp (IUA), 5516/tcp, 8825/tcp, 3358/tcp (Mp Sys Rmsvr), 4098/tcp (drmsfsd), 3359/tcp (WG NetForce), 6065/tcp (WinPharaoh), 6601/tcp (Microsoft Threat Management Gateway SSTP), 9089/tcp (IBM Informix SQL Interface - Encrypted), 3410/tcp (NetworkLens SSL Event), 5013/tcp (FileMaker, Inc. - Proprietary transport), 4400/tcp (ASIGRA Services), 4006/tcp (pxc-spvr), 10011/tcp, 3321/tcp (VNSSTR), 3390/tcp (Distributed Service Coordinator), 3324/tcp, 9022/tcp (PrivateArk Remote Agent), 4090/tcp (OMA BCAST Service Guide), 6009/tcp, 6603/tcp, 8871/tcp, 10028/tcp, 3409/tcp (NetworkLens Event Port), 8011/tcp, 10023/tcp, 9993/tcp (OnLive-2), 4086/tcp, 4036/tcp (WAP Push OTA-HTTP secure), 3356/tcp (UPNOTIFYPS), 5008/tcp (Synapsis EDGE), 4002/tcp (pxc-spvr-ft), 9904/tcp, 3345/tcp (Influence), 7781/tcp (accu-lmgr), 10024/tcp, 5509/tcp, 3377/tcp (Cogsys Network License Manager), 5514/tcp, 7003/tcp (volume location database), 9988/tcp (Software Essentials Secure HTTP server), 5525/tcp, 3403/tcp, 10021/tcp, 3318/tcp (Swith to Swith Routing Information Protocol), 4008/tcp (NetCheque accounting), 8885/tcp, 4038/tcp (Fazzt Point-To-Point), 7775/tcp, 9903/tcp, 9986/tcp, 4014/tcp (TAICLOCK), 6006/tcp, 3343/tcp (MS Cluster Net), 3383/tcp (Enterprise Software Products License Manager), 3407/tcp (LDAP admin server port), 8093/tcp, 6619/tcp (ODETTE-FTP over TLS/SSL), 6600/tcp (Microsoft Hyper-V Live Migration), 5020/tcp (zenginkyo-1), 4039/tcp (Fazzt Administration), 5522/tcp, 5018/tcp, 4405/tcp (ASIGRA Televaulting Message Level Restore service), 3363/tcp (NATI Vi Server), 4094/tcp (sysrq daemon), 5512/tcp, 3320/tcp (Office Link 2000), 8090/tcp, 8897/tcp, 4030/tcp (Accell/JSP Daemon Port), 3404/tcp, 5003/tcp (FileMaker, Inc. - Proprietary transport), 9020/tcp (TAMBORA), 6072/tcp (DIAGNOSE-PROC), 3387/tcp (Back Room Net), 4035/tcp (WAP Push OTA-HTTP port), 6093/tcp, 9098/tcp, 3330/tcp (MCS Calypso ICF), 3412/tcp (xmlBlaster), 10003/tcp (EMC-Documentum Content Server Product), 3369/tcp, 9995/tcp (Palace-4), 9081/tcp, 6068/tcp (GSMP), 5015/tcp (FileMaker, Inc. - Web publishing), 8810/tcp, 10008/tcp (Octopus Multiplexer), 9977/tcp, 4088/tcp (Noah Printing Service Protocol), 5524/tcp, 6066/tcp (EWCTSP), 6091/tcp, 7791/tcp, 3339/tcp (OMF data l), 7009/tcp (remote cache manager service), 3315/tcp (CDID), 6000/tcp (-6063/udp   X Window System), 3379/tcp (SOCORFS), 6003/tcp, 3314/tcp (Unify Object Host), 6616/tcp, 6073/tcp (DirectPlay8), 9998/tcp (Distinct32), 4001/tcp (NewOak), 5505/tcp (Checkout Database), 4401/tcp (ASIGRA Televaulting DS-System Service), 9073/tcp, 3406/tcp (Nokia Announcement ch 2), 4013/tcp (ACL Manager), 7011/tcp (Talon Discovery Port), 6020/tcp, 3408/tcp (BES Api Port), 5009/tcp (Microsoft Windows Filesystem), 9919/tcp, 8027/tcp, 6062/tcp, 5527/tcp, 5521/tcp, 9017/tcp, 9989/tcp, 5017/tcp, 3348/tcp (Pangolin Laser), 6604/tcp, 9094/tcp, 3302/tcp (MCS Fastmail), 9984/tcp, 3405/tcp (Nokia Announcement ch 1), 3332/tcp (MCS Mail Server), 4022/tcp (DNOX), 10020/tcp, 3376/tcp (CD Broker), 10013/tcp, 4021/tcp (Nexus Portal), 4408/tcp (SLS Technology Control Centre), 5510/tcp, 4096/tcp (BRE (Bridge Relay Element)), 3373/tcp (Lavenir License Manager), 3347/tcp (Phoenix RPC), 5011/tcp (TelepathAttack), 4000/tcp (Terabase), 5526/tcp, 10017/tcp, 3372/tcp (TIP 2), 4028/tcp (DTServer Port), 6085/tcp (konspire2b p2p network), 9905/tcp, 9921/tcp, 4406/tcp (ASIGRA Televaulting DS-Sleeper Service), 5016/tcp, 6083/tcp, 6012/tcp, 4016/tcp (Talarian Mcast), 6620/tcp (Kerberos V5 FTP Data), 9026/tcp (Secure Web Access - 4), 6622/tcp (Multicast FTP), 9091/tcp (xmltec-xmlmail), 10001/tcp (SCP Configuration), 8804/tcp (truecm), 5504/tcp (fcp-cics-gw1), 8800/tcp (Sun Web Server Admin Service), 3385/tcp (qnxnetman), 5508/tcp, 8006/tcp, 5502/tcp (fcp-srvr-inst1), 9985/tcp, 3384/tcp (Cluster Management Services), 4085/tcp (EZNews Newsroom Message Service), 5006/tcp (wsm server), 9987/tcp (DSM/SCM Target Interface), 3310/tcp (Dyna Access), 4029/tcp (IP Q signaling protocol), 4409/tcp (Net-Cabinet comunication), 3329/tcp (HP Device Disc), 6095/tcp, 5511/tcp, 6606/tcp, 10014/tcp, 5001/tcp (commplex-link), 3414/tcp (BroadCloud WIP Port), 6097/tcp, 4407/tcp (Network Access Control Agent), 3328/tcp (Eaglepoint License Manager), 6605/tcp, 3401/tcp (filecast), 10030/tcp, 5005/tcp (RTP control protocol [RFC 3551][RFC 4571]), 9917/tcp, 9979/tcp, 3337/tcp (Direct TV Data Catalog), 9016/tcp, 3393/tcp (D2K Tapestry Client to Server), 6612/tcp, 8003/tcp (Mulberry Connect Reporting Service), 10007/tcp (MVS Capacity), 3392/tcp (EFI License Management), 8081/tcp (Sun Proxy Admin Service), 9970/tcp, 4404/tcp (ASIGRA Televaulting DS-System Monitoring/Management), 5000/tcp (commplex-main), 8079/tcp, 5503/tcp (fcp-srvr-inst2), 4403/tcp (ASIGRA Televaulting DS-Client Monitoring/Management), 10029/tcp, 4095/tcp (xtgui information service), 3411/tcp (BioLink Authenteon server), 3327/tcp (BBARS), 3378/tcp (WSICOPY), 3351/tcp (Btrieve port), 9082/tcp, 3394/tcp (D2K Tapestry Server to Server), 8894/tcp (Desktop Data TCP 6: COAL application), 7005/tcp (volume managment server), 4025/tcp (Partition Image Port), 3316/tcp (AICC/CMI), 9008/tcp (Open Grid Services Server), 9983/tcp, 10012/tcp, 6071/tcp (SSDTP), 9014/tcp, 8824/tcp, 6082/tcp, 4084/tcp, 7014/tcp (Microtalon Communications), 6078/tcp, 3371/tcp, 6061/tcp, 3306/tcp (MySQL), 3346/tcp (Trnsprnt Proxy), 4003/tcp (pxc-splr-ft), 4024/tcp (TNP1 User Port), 6060/tcp, 5021/tcp (zenginkyo-2), 7776/tcp, 10018/tcp, 6098/tcp, 9902/tcp, 6014/tcp, 7780/tcp, 3353/tcp (FATPIPE), 6080/tcp, 6063/tcp, 3391/tcp (SAVANT), 8874/tcp, 4080/tcp (Lorica inside facing), 3300/tcp, 6074/tcp (Microsoft Max), 6002/tcp, 6609/tcp, 3413/tcp (SpecView Networking), 6013/tcp, 3308/tcp (TNS Server), 3313/tcp (Unify Object Broker), 6017/tcp, 7771/tcp, 9015/tcp, 3340/tcp (OMF data m), 3331/tcp (MCS Messaging), 10019/tcp, 4004/tcp (pxc-roid), 7798/tcp (Propel Encoder port), 4034/tcp (Ubiquinox Daemon), 4017/tcp (Talarian Mcast), 4402/tcp (ASIGRA Televaulting DS-Client Service), 3355/tcp (Ordinox Dbase), 6626/tcp (WAGO Service and Update), 6081/tcp, 9971/tcp, 3326/tcp (SFTU), 7017/tcp, 3338/tcp (OMF data b), 5014/tcp, 3350/tcp (FINDVIATV), 3354/tcp (SUITJD), 8026/tcp (CA Audit Distribution Server), 6004/tcp, 6624/tcp (DataScaler database), 3362/tcp (DJ ILM), 3374/tcp (Cluster Disc), 7770/tcp, 8892/tcp (Desktop Data TCP 4: FARM product), 3304/tcp (OP Session Server), 6010/tcp, 9972/tcp, 3336/tcp (Direct TV Tickers), 3325/tcp, 5002/tcp (radio free ethernet), 7012/tcp (Talon Engine), 7018/tcp, 4040/tcp (Yo.net main service), 3381/tcp (Geneous), 5515/tcp, 10016/tcp, 6618/tcp, 3360/tcp (KV Server), 9997/tcp (Palace-6), 4091/tcp (EminentWare Installer), 4099/tcp (DPCP), 8010/tcp, 4032/tcp (VERITAS Authorization Service), 4410/tcp (RIB iTWO Application Server), 10027/tcp, 6015/tcp, 4009/tcp (Chimera HWM), 7777/tcp (cbt), 8070/tcp, 9084/tcp (IBM AURORA Performance Visualizer), 4087/tcp (APplus Service), 9911/tcp (SYPECom Transport Protocol), 3367/tcp (-3371  Satellite Video Data Link), 6607/tcp, 4019/tcp (Talarian Mcast), 9901/tcp, 4015/tcp (Talarian Mcast), 9070/tcp, 6007/tcp, 3333/tcp (DEC Notes), 9912/tcp, 4089/tcp (OpenCORE Remote Control Service), 6611/tcp, 3307/tcp (OP Session Proxy), 6088/tcp, 5519/tcp, 3370/tcp, 3334/tcp (Direct TV Webcasting), 5520/tcp, 10004/tcp (EMC Replication Manager Client), 8816/tcp, 5004/tcp (RTP media data [RFC 3551][RFC 4571]), 6008/tcp, 6614/tcp, 3366/tcp (Creative Partner), 3341/tcp (OMF data h), 9075/tcp, 3312/tcp (Application Management Server), 8890/tcp (Desktop Data TCP 2), 9087/tcp (Classic Data Server), 10022/tcp, 4092/tcp (EminentWare DGS), 6099/tcp (RAXA Management), 4082/tcp (Lorica outside facing), 6077/tcp, 10000/tcp (Network Data Management Protocol), 3365/tcp (Content Server), 3342/tcp (WebTIE), 6067/tcp, 5022/tcp (mice server), 3301/tcp, 4083/tcp (Lorica outside facing (SSL)), 5500/tcp (fcp-addr-srvr1), 3361/tcp (KV Agent), 4011/tcp (Alternate Service Boot), 4037/tcp (RaveHD network control), 5012/tcp (NetOnTap Service), 3380/tcp (SNS Channels), 3417/tcp (ConServR file translation), 3397/tcp (Cloanto License Manager), 10025/tcp, 5530/tcp, 6076/tcp, 8895/tcp, 4031/tcp (UUCP over SSL), 3399/tcp (CSMS), 6005/tcp, 4097/tcp (Patrol View), 9991/tcp (OSM Event Server), 5019/tcp, 9999/tcp (distinct), 3375/tcp (VSNM Agent), 9028/tcp, 5506/tcp (Amcom Mobile Connect), 8099/tcp, 4081/tcp (Lorica inside facing (SSL)), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 4026/tcp (Graphical Debug Server), 4023/tcp (ESNM Zoning Port), 4007/tcp (pxc-splr), 3419/tcp (Isogon SoftAudit), 6608/tcp, 3388/tcp (CB Server), 5501/tcp (fcp-addr-srvr2), 9976/tcp, 4005/tcp (pxc-pin), 10002/tcp (EMC-Documentum Content Server Product), 3416/tcp (AirMobile IS Command Port), 8017/tcp, 3415/tcp (BCI Name Service), 5507/tcp, 9981/tcp, 10006/tcp, 5007/tcp (wsm server ssl), 3322/tcp (-3325  Active Networks).
      
BHD Honeypot
Port scan
2019-12-31

In the last 24h, the attacker (213.217.0.5) attempted to scan 85 ports.
The following ports have been scanned: 4010/tcp (Samsung Unidex), 5513/tcp, 10010/tcp (ooRexx rxapi services), 9021/tcp (Pangolin Identification), 9072/tcp, 9092/tcp (Xml-Ipc Server Reg), 4027/tcp (bitxpress), 8078/tcp, 7008/tcp (server-to-server updater), 9900/tcp (IUA), 8072/tcp, 9982/tcp, 3409/tcp (NetworkLens Event Port), 8011/tcp, 9904/tcp, 9988/tcp (Software Essentials Secure HTTP server), 10021/tcp, 4008/tcp (NetCheque accounting), 9024/tcp (Secure Web Access - 2), 4094/tcp (sysrq daemon), 5003/tcp (FileMaker, Inc. - Proprietary transport), 6072/tcp (DIAGNOSE-PROC), 8095/tcp, 10008/tcp (Octopus Multiplexer), 9977/tcp, 5524/tcp, 7009/tcp (remote cache manager service), 8821/tcp, 3314/tcp (Unify Object Host), 6073/tcp (DirectPlay8), 3408/tcp (BES Api Port), 6090/tcp, 3302/tcp (MCS Fastmail), 8884/tcp, 5011/tcp (TelepathAttack), 9996/tcp (Palace-5), 9007/tcp, 3311/tcp (MCNS Tel Ret), 5502/tcp (fcp-srvr-inst1), 9985/tcp, 5006/tcp (wsm server), 5511/tcp, 6097/tcp, 9913/tcp, 7785/tcp, 10030/tcp, 9016/tcp, 9970/tcp, 9079/tcp, 3335/tcp (Direct TV Software Updates), 8823/tcp, 3371/tcp, 6098/tcp, 9071/tcp, 7792/tcp, 3400/tcp (CSMS2), 10019/tcp, 4034/tcp (Ubiquinox Daemon), 9971/tcp, 3326/tcp (SFTU), 3362/tcp (DJ ILM), 3336/tcp (Direct TV Tickers), 3325/tcp, 5002/tcp (radio free ethernet), 7018/tcp, 8812/tcp, 3360/tcp (KV Server), 10027/tcp, 5520/tcp, 5004/tcp (RTP media data [RFC 3551][RFC 4571]), 6614/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 8890/tcp (Desktop Data TCP 2), 3342/tcp (WebTIE), 6067/tcp, 3417/tcp (ConServR file translation), 4031/tcp (UUCP over SSL), 9992/tcp (OnLive-1), 4023/tcp (ESNM Zoning Port), 3319/tcp (SDT License Manager), 3388/tcp (CB Server), 8022/tcp (oa-system), 9099/tcp, 10002/tcp (EMC-Documentum Content Server Product).
      
BHD Honeypot
Port scan
2019-12-30

In the last 24h, the attacker (213.217.0.5) attempted to scan 86 ports.
The following ports have been scanned: 3352/tcp (Scalable SQL), 6087/tcp (Local Download Sharing Service), 6001/tcp, 3368/tcp, 3398/tcp (Mercantile), 3396/tcp (Printer Agent), 9000/tcp (CSlistener), 4400/tcp (ASIGRA Services), 10011/tcp, 3324/tcp, 9022/tcp (PrivateArk Remote Agent), 10028/tcp, 9011/tcp, 8098/tcp, 8808/tcp, 4405/tcp (ASIGRA Televaulting Message Level Restore service), 8082/tcp (Utilistor (Client)), 9020/tcp (TAMBORA), 8878/tcp, 9081/tcp, 8008/tcp (HTTP Alternate), 6616/tcp, 7011/tcp (Talon Discovery Port), 9919/tcp, 5017/tcp, 3348/tcp (Pangolin Laser), 9908/tcp, 9905/tcp, 6620/tcp (Kerberos V5 FTP Data), 8826/tcp, 8886/tcp, 3329/tcp (HP Device Disc), 6095/tcp, 6606/tcp, 5001/tcp (commplex-link), 3328/tcp (Eaglepoint License Manager), 9917/tcp, 7779/tcp (VSTAT), 6612/tcp, 3309/tcp (TNS ADV), 4403/tcp (ASIGRA Televaulting DS-Client Monitoring/Management), 8894/tcp (Desktop Data TCP 6: COAL application), 6071/tcp (SSDTP), 6084/tcp (Peer to Peer Infrastructure Protocol), 4093/tcp (Pvx Plus CS Host), 6096/tcp, 7014/tcp (Microtalon Communications), 6078/tcp, 3346/tcp (Trnsprnt Proxy), 10018/tcp, 7780/tcp, 3313/tcp (Unify Object Broker), 8898/tcp, 6626/tcp (WAGO Service and Update), 3374/tcp (Cluster Disc), 7770/tcp, 9972/tcp, 6618/tcp, 4410/tcp (RIB iTWO Application Server), 8893/tcp (Desktop Data TCP 5: NewsEDGE/Web application), 6015/tcp, 6070/tcp (Messageasap), 9912/tcp, 3307/tcp (OP Session Proxy), 9077/tcp, 3334/tcp (Direct TV Webcasting), 10004/tcp (EMC Replication Manager Client), 3366/tcp (Creative Partner), 8007/tcp, 6092/tcp, 3312/tcp (Application Management Server), 9087/tcp (Classic Data Server), 9994/tcp (OnLive-3), 10000/tcp (Network Data Management Protocol), 3301/tcp, 7797/tcp (Propel Connector port), 5500/tcp (fcp-addr-srvr1), 4037/tcp (RaveHD network control), 9003/tcp, 9980/tcp, 10025/tcp, 5506/tcp (Amcom Mobile Connect), 8099/tcp, 9916/tcp, 10006/tcp.
      
BHD Honeypot
Port scan
2019-12-29

Port scan from IP: 213.217.0.5 detected by psad.

Blacklist

Near real-time, easy to use data feed containing IPs reported on our website.

Bronze

$3

Updated daily

Learn More

Silver

$15

Updated every hour

Learn More

Gold

$30

Updated every 10 minutes

Learn More

Remarks

Black hat directory contains this IP address, because Internet users reported it as an address making unsolicited, nagging requests. We make every effort to ensure that the information contained in the Black hat directory are correct and up to date. The database is developed and updated by Internet users and moderators.

If you have any reliable information regarding malicious activity originating from this IP address, please share it with others and fill in the 'Report breach' form. It is prohibited from adding personally identifiable information.

Below breach categories are used in the database:

  • Denial of service attack - this attack is accomplished by flooding the target with massive amount of requests in order to overload the targeted system
  • Brute force attack - this category encompasses attempts to login to machine by trying many passwords and usernames
  • Backdoor attack - this category represents bypassing authentication by hidden programs or services to obtain remote access to a computer or trojan activity
  • Port scan - represents attackers identifying running services on the targeted machine by probing a server for open ports
  • Malicious bot - this category encompasses all bots performing unsolicited requests or ignoring robots.txt file
  • Anonymous proxy - public proxies like Tor, I2P relays or anonymous VPNs are often used by attacker to hide his identity
  • Web attack - attempts to exploit web application security flaws
  • CMS attack - attempts to exploit CMS vulnerability
  • App vulnerability attack - attempts to exploit other applications vulnerability
  • Web spam - encompasses all kind of HTTP spamming
  • Email spam - encompasses all kind of E-mail spamming
  • Dodgy activity - this category encompasses superfluous, dodgy requests

Report breach!

Rate host 213.217.0.5