IP address: 45.134.179.57

Host rating:

2.0

out of 86 votes

Last update: 2020-03-26

Host details

Unknown
Unknown
Unknown
Unknown
See comments

Reported breaches

  • Port scan
Report breach

User comments

86 security incident(s) reported by users

BHD Honeypot
Port scan
2020-03-26

In the last 24h, the attacker (45.134.179.57) attempted to scan 135 ports.
The following ports have been scanned: 20092/tcp, 93/tcp (Device Control Protocol), 28893/tcp, 23392/tcp, 9990/tcp (OSM Applet Server), 14489/tcp, 11292/tcp, 21191/tcp, 25593/tcp, 4492/tcp, 20091/tcp, 12292/tcp, 30094/tcp, 20093/tcp, 29999/tcp, 24493/tcp, 22290/tcp, 28892/tcp, 19992/tcp, 22293/tcp, 11190/tcp, 6691/tcp, 11293/tcp, 2290/tcp (Sonus Logging Services), 92/tcp (Network Printing Protocol), 13389/tcp, 4494/tcp, 94/tcp (Tivoli Object Dispatcher), 23391/tcp, 2293/tcp (Network Platform Debug Manager), 29989/tcp, 6694/tcp, 19991/tcp, 12293/tcp, 7793/tcp, 15592/tcp, 5589/tcp, 18892/tcp, 13390/tcp, 20094/tcp, 29997/tcp, 5590/tcp, 7791/tcp, 22294/tcp, 15590/tcp, 16694/tcp, 19989/tcp, 13394/tcp, 8891/tcp (Desktop Data TCP 3: NESS application), 9989/tcp, 25589/tcp, 6693/tcp, 1194/tcp (OpenVPN), 18890/tcp, 17789/tcp, 4491/tcp, 14491/tcp, 1192/tcp (caids sensors channel), 19990/tcp, 13391/tcp, 25594/tcp, 16691/tcp, 25592/tcp, 29994/tcp, 18893/tcp, 30092/tcp, 22289/tcp, 16692/tcp, 11193/tcp, 14493/tcp, 28890/tcp, 2289/tcp (Lookup dict server), 16693/tcp, 27791/tcp, 11291/tcp, 29993/tcp, 8894/tcp (Desktop Data TCP 6: COAL application), 89/tcp (SU/MIT Telnet Gateway), 24491/tcp, 6692/tcp, 17792/tcp, 29991/tcp, 19993/tcp, 28891/tcp, 29996/tcp, 23393/tcp, 5594/tcp, 18894/tcp, 1189/tcp (Unet Connection), 21194/tcp, 25591/tcp, 23389/tcp, 21189/tcp, 5591/tcp, 7792/tcp, 6690/tcp, 11294/tcp, 27792/tcp, 22291/tcp, 15594/tcp, 2291/tcp (EPSON Advanced Printer Share Protocol), 8889/tcp (Desktop Data TCP 1), 17793/tcp, 13392/tcp, 8893/tcp (Desktop Data TCP 5: NewsEDGE/Web application), 26689/tcp, 91/tcp (MIT Dover Spooler), 13393/tcp, 4489/tcp, 30091/tcp, 5593/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 24489/tcp, 14492/tcp, 2294/tcp (Konshus License Manager (FLEX)), 27793/tcp, 11194/tcp, 9994/tcp (OnLive-3), 7794/tcp (Q3ADE Cluster Service), 15589/tcp, 28889/tcp, 29995/tcp, 28894/tcp, 17794/tcp, 9991/tcp (OSM Event Server), 29998/tcp, 19994/tcp, 4490/tcp, 9992/tcp (OnLive-1), 21190/tcp, 15593/tcp, 29990/tcp, 22292/tcp, 20089/tcp, 30093/tcp.
      
BHD Honeypot
Port scan
2020-03-25

In the last 24h, the attacker (45.134.179.57) attempted to scan 123 ports.
The following ports have been scanned: 11989/tcp, 55005/tcp, 7700/tcp (EM7 Secure Communications), 8088/tcp (Radan HTTP), 9009/tcp (Pichat Server), 2222/tcp (EtherNet/IP I/O), 9900/tcp (IUA), 20202/tcp (IPD Tunneling Port), 3303/tcp (OP Session Client), 60006/tcp, 10689/tcp, 55000/tcp, 13289/tcp, 13389/tcp, 44400/tcp, 13890/tcp, 14289/tcp, 13489/tcp, 6600/tcp (Microsoft Hyper-V Live Migration), 5555/tcp (Personal Agent), 8808/tcp, 6660/tcp, 7070/tcp (ARCP), 55550/tcp, 10789/tcp, 22022/tcp, 50005/tcp, 44040/tcp, 14789/tcp, 8008/tcp (HTTP Alternate), 5505/tcp (Checkout Database), 12189/tcp, 3033/tcp (PDB), 10489/tcp, 11000/tcp (IRISA), 50505/tcp, 60066/tcp, 12889/tcp, 15289/tcp, 11589/tcp, 11110/tcp, 20022/tcp, 10001/tcp (SCP Configuration), 22002/tcp (Opto Host Port 2), 22000/tcp (SNAPenetIO), 5050/tcp (multimedia conference control tool), 1110/tcp (Start web admin server), 6606/tcp, 10101/tcp (eZmeeting), 10389/tcp, 20222/tcp (iPulse-ICS), 5005/tcp (RTP control protocol [RFC 3551][RFC 4571]), 33000/tcp, 1101/tcp (PT2-DISCOVER), 2200/tcp (ICI), 10111/tcp, 4404/tcp (ASIGRA Televaulting DS-System Monitoring/Management), 11889/tcp, 15890/tcp, 5055/tcp (UNOT), 11010/tcp, 14689/tcp, 11011/tcp, 55500/tcp, 44044/tcp, 11890/tcp, 33330/tcp, 3030/tcp (Arepa Cas), 40004/tcp, 1001/tcp, 6060/tcp, 1010/tcp (surf), 1100/tcp (MCTP), 3300/tcp, 15389/tcp, 44000/tcp, 30003/tcp, 11189/tcp, 33003/tcp, 4004/tcp (pxc-roid), 15189/tcp, 3003/tcp (CGMS), 7770/tcp, 2022/tcp (down), 11689/tcp, 12890/tcp, 4040/tcp (Yo.net main service), 50055/tcp, 12989/tcp, 20002/tcp (Commtact HTTP), 1111/tcp (LM Social Server), 4444/tcp (NV Video default), 12289/tcp, 9909/tcp (domaintime), 10289/tcp, 1011/tcp, 11100/tcp, 55055/tcp, 14389/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 12489/tcp, 40404/tcp, 2020/tcp (xinupageserver), 11789/tcp, 30303/tcp, 33333/tcp (Digital Gaslight Service), 14589/tcp, 10889/tcp, 13789/tcp, 22200/tcp, 2220/tcp (NetIQ End2End), 9999/tcp (distinct), 10189/tcp, 8880/tcp (CDDBP), 50555/tcp, 30333/tcp, 7707/tcp (EM7 Dynamic Updates), 11289/tcp, 9099/tcp, 14890/tcp.
      
BHD Honeypot
Port scan
2020-03-24

In the last 24h, the attacker (45.134.179.57) attempted to scan 190 ports.
The following ports have been scanned: 55389/tcp, 44389/tcp, 44789/tcp, 55489/tcp, 45989/tcp, 58689/tcp, 49189/tcp, 64689/tcp, 64890/tcp, 45489/tcp, 51589/tcp, 45689/tcp, 57489/tcp, 35389/tcp, 43489/tcp, 47989/tcp, 49890/tcp, 55689/tcp, 64289/tcp, 50089/tcp, 44589/tcp, 63889/tcp, 53589/tcp, 34890/tcp, 52489/tcp, 52889/tcp, 44689/tcp, 45589/tcp, 60489/tcp, 57689/tcp, 58789/tcp, 51789/tcp, 53989/tcp, 42589/tcp, 61589/tcp, 60689/tcp, 61489/tcp, 60189/tcp, 47189/tcp, 37689/tcp, 54589/tcp, 59889/tcp, 47789/tcp, 54389/tcp, 63589/tcp, 56289/tcp, 63189/tcp, 50389/tcp, 49889/tcp, 44890/tcp, 48489/tcp, 33289/tcp, 61689/tcp, 62689/tcp, 46389/tcp, 59289/tcp, 57589/tcp, 44289/tcp, 41289/tcp, 42889/tcp, 50989/tcp, 46989/tcp, 55890/tcp, 60089/tcp, 35189/tcp, 35989/tcp, 43189/tcp (NDM-AGENT-PORT), 56789/tcp, 59789/tcp, 53889/tcp, 45889/tcp, 43989/tcp, 58589/tcp, 54189/tcp, 41389/tcp, 59589/tcp, 53289/tcp, 39789/tcp, 54689/tcp, 36689/tcp, 62589/tcp, 54489/tcp, 53890/tcp, 58289/tcp, 63890/tcp, 39589/tcp, 32389/tcp, 48989/tcp, 57789/tcp, 50489/tcp, 32489/tcp, 47689/tcp, 63789/tcp, 60289/tcp, 56889/tcp, 57889/tcp, 54289/tcp, 48689/tcp, 59989/tcp, 53489/tcp, 49289/tcp, 49489/tcp, 53189/tcp, 42689/tcp, 45389/tcp, 43289/tcp, 49789/tcp, 62890/tcp, 36389/tcp, 52289/tcp, 58189/tcp, 61889/tcp, 47389/tcp, 57890/tcp, 62489/tcp, 59189/tcp, 46289/tcp, 44189/tcp, 49689/tcp, 56389/tcp, 33989/tcp, 51389/tcp, 51989/tcp, 37289/tcp, 42489/tcp, 56989/tcp, 64889/tcp, 62889/tcp, 57289/tcp, 60589/tcp, 62389/tcp, 59689/tcp, 5948/tcp, 49589/tcp, 62989/tcp, 56890/tcp, 62289/tcp, 51889/tcp, 60889/tcp, 40289/tcp, 52189/tcp, 48789/tcp, 32589/tcp, 62189/tcp, 61989/tcp, 48889/tcp, 64489/tcp, 32189/tcp, 44889/tcp, 43389/tcp, 55189/tcp, 48589/tcp, 55889/tcp, 61189/tcp, 53789/tcp, 58889/tcp, 34889/tcp, 60389/tcp, 49989/tcp, 55289/tcp, 45789/tcp, 54989/tcp, 56689/tcp, 43789/tcp, 43689/tcp, 40089/tcp, 50689/tcp, 51890/tcp, 52890/tcp, 52989/tcp, 58989/tcp, 53389/tcp, 60789/tcp, 51289/tcp, 43889/tcp, 42989/tcp, 51189/tcp, 32689/tcp, 63289/tcp, 34789/tcp, 56589/tcp, 41589/tcp, 47889/tcp, 53689/tcp, 35589/tcp, 58890/tcp, 43890/tcp, 47289/tcp, 51689/tcp, 47589/tcp.
      
BHD Honeypot
Port scan
2020-03-23

In the last 24h, the attacker (45.134.179.57) attempted to scan 115 ports.
The following ports have been scanned: 27589/tcp, 29189/tcp, 40589/tcp, 29890/tcp, 24589/tcp, 40889/tcp, 37189/tcp, 25890/tcp, 26890/tcp, 32890/tcp, 30189/tcp, 33189/tcp, 30089/tcp, 27489/tcp, 30789/tcp, 36189/tcp, 25489/tcp, 26789/tcp, 25889/tcp, 41989/tcp, 39289/tcp, 29789/tcp, 36889/tcp, 39389/tcp, 31989/tcp, 22489/tcp, 27389/tcp, 31789/tcp, 30989/tcp, 23890/tcp, 26289/tcp, 25789/tcp, 28989/tcp, 30389/tcp, 35789/tcp, 25589/tcp, 41689/tcp, 29589/tcp, 31389/tcp, 33689/tcp, 42389/tcp, 31289/tcp, 36989/tcp, 38289/tcp, 32989/tcp, 23989/tcp, 22289/tcp, 35289/tcp, 28890/tcp, 23189/tcp, 34589/tcp, 39989/tcp, 22389/tcp, 22789/tcp, 26589/tcp, 28289/tcp, 25689/tcp, 21389/tcp, 33789/tcp, 23589/tcp, 40389/tcp, 22989/tcp, 29689/tcp, 23389/tcp, 41889/tcp, 22689/tcp, 21189/tcp, 27189/tcp, 37589/tcp, 24389/tcp, 38890/tcp, 38589/tcp, 34689/tcp, 28689/tcp, 20889/tcp, 21890/tcp, 25989/tcp, 23289/tcp, 21789/tcp, 25189/tcp, 37989/tcp, 26689/tcp, 37789/tcp, 35890/tcp, 24189/tcp, 26989/tcp, 28389/tcp, 27889/tcp, 29289/tcp, 21489/tcp, 24489/tcp, 30689/tcp, 42289/tcp, 24890/tcp, 31889/tcp, 39889/tcp, 42189/tcp, 27689/tcp, 28889/tcp, 21889/tcp, 39189/tcp, 26389/tcp, 26489/tcp (EXOnet), 26889/tcp, 30589/tcp, 21589/tcp, 22890/tcp, 24689/tcp, 32789/tcp, 40189/tcp, 27890/tcp, 27289/tcp, 35689/tcp, 31189/tcp, 28589/tcp.
      
BHD Honeypot
Port scan
2020-03-22

In the last 24h, the attacker (45.134.179.57) attempted to scan 187 ports.
The following ports have been scanned: 26900/tcp, 14400/tcp, 8943/tcp, 29800/tcp, 17400/tcp, 11600/tcp (Tempest Protocol Port), 17797/tcp, 12800/tcp, 11800/tcp, 11500/tcp, 21500/tcp, 23000/tcp (Inova LightLink Server Type 1), 29100/tcp, 27300/tcp, 28948/tcp, 29999/tcp, 19100/tcp, 20400/tcp, 20600/tcp, 22400/tcp, 11195/tcp, 14499/tcp, 15800/tcp, 8906/tcp, 20500/tcp, 20200/tcp, 23800/tcp, 19700/tcp, 14700/tcp, 30000/tcp, 22500/tcp, 8953/tcp, 15000/tcp (Hypack Data Aquisition), 15100/tcp, 28918/tcp, 28100/tcp, 15700/tcp, 28200/tcp, 23100/tcp, 30095/tcp, 10800/tcp (Gestor de Acaparamiento para Pocket PCs), 28912/tcp, 25100/tcp, 26400/tcp, 29200/tcp, 11199/tcp, 17900/tcp, 16800/tcp, 15597/tcp, 28925/tcp, 8944/tcp, 12200/tcp, 28898/tcp, 24100/tcp, 10300/tcp, 13300/tcp, 15600/tcp, 14100/tcp, 12700/tcp, 26500/tcp, 95/tcp (SUPDUP), 8900/tcp (JMB-CDS 1), 13100/tcp, 24000/tcp (med-ltp), 18900/tcp, 19200/tcp, 27800/tcp, 18200/tcp, 13900/tcp, 28929/tcp, 11000/tcp (IRISA), 21900/tcp, 10600/tcp, 17800/tcp, 11200/tcp, 23700/tcp, 14800/tcp, 17600/tcp, 29300/tcp, 21600/tcp, 18896/tcp, 14600/tcp, 16000/tcp (Administration Server Access), 16900/tcp (Newbay Mobile Client Update Service), 20300/tcp, 13800/tcp, 13700/tcp, 10200/tcp (Trigence AE Soap Service), 6696/tcp, 24200/tcp, 28000/tcp (NX License Manager), 12300/tcp (LinoGrid Engine), 8919/tcp, 1199/tcp (DMIDI), 10700/tcp, 23200/tcp, 25500/tcp, 17000/tcp, 29000/tcp, 8940/tcp, 19500/tcp, 17200/tcp, 27600/tcp, 12600/tcp, 14495/tcp, 22300/tcp, 28500/tcp, 27200/tcp, 28400/tcp, 28908/tcp, 11400/tcp, 27100/tcp, 26300/tcp, 10100/tcp (VERITAS ITAP DDTP), 13000/tcp, 12900/tcp, 29600/tcp, 28600/tcp, 25400/tcp, 15200/tcp, 8913/tcp (Dragonfly System Service), 8904/tcp, 24900/tcp, 11297/tcp, 21100/tcp, 22800/tcp (Telerate Information Platform LAN), 26800/tcp, 10500/tcp, 14300/tcp, 18913/tcp, 8954/tcp (Cumulus Admin Port), 21000/tcp (IRTrans Control), 25800/tcp, 8889/tcp (Desktop Data TCP 1), 25900/tcp (TASP Network Comm), 26600/tcp, 17700/tcp, 15300/tcp, 29400/tcp, 13600/tcp, 16700/tcp, 14000/tcp (SCOTTY High-Speed Filetransfer), 15500/tcp, 8920/tcp, 20800/tcp, 28800/tcp, 28935/tcp, 16400/tcp, 28943/tcp, 23300/tcp, 28915/tcp, 16500/tcp, 19800/tcp, 11100/tcp, 17100/tcp, 12296/tcp, 4495/tcp, 18938/tcp, 16300/tcp, 27900/tcp, 30097/tcp, 12500/tcp, 22100/tcp, 13500/tcp, 25000/tcp (icl-twobase1), 8923/tcp, 17300/tcp, 27000/tcp (-27009 FLEX LM (1-10)), 20100/tcp, 24800/tcp, 29700/tcp, 24300/tcp, 14500/tcp, 18000/tcp (Beckman Instruments, Inc.), 4499/tcp, 26000/tcp (quake), 22200/tcp, 8947/tcp, 18600/tcp, 12000/tcp (IBM Enterprise Extender SNA XID Exchange), 8937/tcp (Transaction Warehouse Data Service), 8903/tcp, 21300/tcp, 18300/tcp, 14200/tcp, 24600/tcp.
      
BHD Honeypot
Port scan
2020-03-22

Port scan from IP: 45.134.179.57 detected by psad.
BHD Honeypot
Port scan
2020-03-21

In the last 24h, the attacker (45.134.179.57) attempted to scan 206 ports.
The following ports have been scanned: 28904/tcp, 11295/tcp, 28953/tcp, 18903/tcp, 15599/tcp, 18895/tcp, 18939/tcp, 12298/tcp, 8930/tcp, 27798/tcp, 1195/tcp (RSF-1 clustering), 27796/tcp, 28911/tcp, 28950/tcp, 18909/tcp, 4498/tcp, 18919/tcp, 28945/tcp, 97/tcp (Swift Remote Virtural File Protocol), 8936/tcp, 7289/tcp, 4497/tcp, 24495/tcp, 18945/tcp, 5597/tcp (inin secure messaging), 8917/tcp, 1789/tcp (hello), 28928/tcp, 20095/tcp, 24499/tcp, 18933/tcp, 8950/tcp, 24497/tcp, 8935/tcp, 18920/tcp, 15596/tcp, 18951/tcp, 21199/tcp, 18922/tcp, 6698/tcp, 17799/tcp, 28910/tcp, 8910/tcp (manyone-http), 7795/tcp, 28924/tcp, 28936/tcp, 96/tcp (DIXIE Protocol Specification), 18921/tcp, 18931/tcp, 8915/tcp, 19999/tcp (Distributed Network Protocol - Secure), 18936/tcp, 28895/tcp, 8902/tcp, 28954/tcp, 8897/tcp, 4496/tcp, 11198/tcp, 18907/tcp, 16695/tcp, 26699/tcp, 8948/tcp, 21196/tcp, 8907/tcp, 9995/tcp (Palace-4), 8931/tcp, 29997/tcp, 21195/tcp, 8921/tcp, 8941/tcp, 18949/tcp, 18911/tcp, 1198/tcp (cajo reference discovery), 9998/tcp (Distinct32), 11298/tcp, 18953/tcp, 14498/tcp, 18905/tcp, 28937/tcp, 28926/tcp, 8891/tcp (Desktop Data TCP 3: NESS application), 18900/tcp, 18916/tcp, 18932/tcp, 7799/tcp (Alternate BSDP Service), 23396/tcp, 2298/tcp (D2K DataMover 2), 18927/tcp, 28941/tcp, 26695/tcp, 23395/tcp, 25598/tcp, 28919/tcp, 28906/tcp, 18902/tcp, 28947/tcp, 9689/tcp, 8922/tcp, 100/tcp ([unauthorized use]), 11197/tcp, 25596/tcp, 18924/tcp, 1197/tcp (Carrius Remote Access), 8905/tcp, 28917/tcp, 22297/tcp, 28920/tcp, 8951/tcp, 11299/tcp, 18948/tcp, 8946/tcp, 26697/tcp, 20096/tcp, 8894/tcp (Desktop Data TCP 6: COAL application), 18935/tcp, 8934/tcp, 28921/tcp, 8911/tcp (manyone-xml), 28949/tcp, 29996/tcp, 28944/tcp, 28901/tcp, 28909/tcp, 18930/tcp, 28899/tcp, 28930/tcp, 1189/tcp (Unet Connection), 18904/tcp, 8942/tcp, 18950/tcp, 22296/tcp, 18897/tcp, 8925/tcp, 5596/tcp, 18899/tcp, 8898/tcp, 18923/tcp, 2297/tcp (D2K DataMover 1), 26698/tcp, 8901/tcp (JMB-CDS 2), 28931/tcp, 7798/tcp (Propel Encoder port), 28916/tcp, 5595/tcp, 28897/tcp, 17796/tcp, 8949/tcp, 8916/tcp, 28923/tcp, 28922/tcp, 8926/tcp, 18944/tcp, 16698/tcp, 28942/tcp, 30096/tcp, 28902/tcp, 8928/tcp, 18942/tcp, 11196/tcp, 28946/tcp, 18898/tcp, 21197/tcp, 19998/tcp (IEC 60870-5-104 process control - secure), 8914/tcp, 18926/tcp, 22299/tcp, 23399/tcp, 18929/tcp, 8945/tcp, 98/tcp (TAC News), 8938/tcp, 6699/tcp, 28927/tcp, 26696/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 8952/tcp, 18943/tcp, 8890/tcp (Desktop Data TCP 2), 18937/tcp, 13399/tcp, 19997/tcp, 22298/tcp, 13396/tcp, 28903/tcp, 28914/tcp, 7797/tcp (Propel Connector port), 8924/tcp, 29995/tcp, 28939/tcp, 16696/tcp, 18912/tcp, 19996/tcp, 8895/tcp, 17795/tcp, 27795/tcp, 18952/tcp, 8918/tcp, 2089/tcp (Security Encapsulation Protocol - SEP), 8908/tcp, 20098/tcp, 20099/tcp, 25597/tcp, 18906/tcp, 25595/tcp.
      
BHD Honeypot
Port scan
2020-03-20

In the last 24h, the attacker (45.134.179.57) attempted to scan 125 ports.
The following ports have been scanned: 6689/tcp (Tofino Security Appliance), 9944/tcp, 6655/tcp (PC SOFT - Software factory UI/manager), 2589/tcp (quartus tcl), 3589/tcp (isomair), 7700/tcp (EM7 Secure Communications), 9489/tcp, 7744/tcp (RAQMON PDU), 8855/tcp, 3489/tcp (DTP/DIA), 9900/tcp (IUA), 4689/tcp (Altova DatabaseCentral), 1889/tcp (Unify Web Adapter Service), 4889/tcp, 4400/tcp (ASIGRA Services), 7788/tcp, 6289/tcp, 4422/tcp, 3377/tcp (Cogsys Network License Manager), 9988/tcp (Software Essentials Secure HTTP server), 9289/tcp, 2789/tcp (Media Agent), 9189/tcp, 2255/tcp (VRTP - ViRtue Transfer Protocol), 5599/tcp (Enterprise Security Remote Install), 5522/tcp, 4455/tcp (PR Chat User), 11089/tcp, 5589/tcp, 4289/tcp, 8844/tcp, 9977/tcp, 7889/tcp, 1177/tcp (DKMessenger Protocol), 2389/tcp (OpenView Session Mgr), 7189/tcp, 2345/tcp (dbm), 6677/tcp, 2211/tcp (EMWIN), 4466/tcp, 2277/tcp (Bt device control proxy), 7799/tcp (Alternate BSDP Service), 8389/tcp, 9890/tcp, 1166/tcp (QSM RemoteExec), 7689/tcp (Collaber Network Service), 6889/tcp, 1689/tcp (firefox), 8800/tcp (Sun Web Server Admin Service), 6890/tcp, 7711/tcp, 1122/tcp (availant-mgr), 2289/tcp (Lookup dict server), 1199/tcp (DMIDI), 6633/tcp, 7389/tcp, 8789/tcp, 2233/tcp (INFOCRYPT), 9922/tcp, 2989/tcp (ZARKOV Intelligent Agent Communication), 2288/tcp (NETML), 4789/tcp, 5989/tcp (WBEM CIM-XML (HTTPS)), 1188/tcp (HP Web Admin), 5544/tcp, 3300/tcp, 1489/tcp (dmdocbroker), 1144/tcp (Fusion Script), 6644/tcp, 9966/tcp (OKI Data Network Setting Protocol), 8899/tcp (ospf-lite), 3355/tcp (Ordinox Dbase), 7722/tcp, 2689/tcp (FastLynx), 6789/tcp (SMC-HTTPS), 8889/tcp (Desktop Data TCP 1), 9589/tcp, 9389/tcp (Active Directory Web Services), 1289/tcp (JWalkServer), 3889/tcp (D and V Tester Control Port), 1234/tcp (Infoseek Search Agent), 9789/tcp, 3089/tcp (ParaTek Agent Linking), 7789/tcp (Office Tools Pro Receive), 9911/tcp (SYPECom Transport Protocol), 6389/tcp (clariion-evr01), 4489/tcp, 6611/tcp, 7766/tcp, 8689/tcp, 8489/tcp, 6699/tcp, 8811/tcp, 3366/tcp (Creative Partner), 7733/tcp, 5577/tcp, 8877/tcp, 8890/tcp (Desktop Data TCP 2), 7489/tcp, 1989/tcp (MHSnet system), 9933/tcp, 4411/tcp, 3789/tcp (RemoteDeploy Administration Port [July 2003]), 8589/tcp, 5500/tcp (fcp-addr-srvr1), 2889/tcp (RSOM), 6688/tcp (CleverView for TCP/IP Message Service), 3189/tcp (Pinnacle Sys InfEx Port), 3399/tcp (CSMS), 1155/tcp (Network File Access), 3289/tcp (ENPC), 4477/tcp, 8189/tcp, 3388/tcp (CB Server), 2244/tcp (NMS Server), 5533/tcp, 9955/tcp, 8833/tcp, 3322/tcp (-3325  Active Networks).
      
BHD Honeypot
Port scan
2020-03-19

In the last 24h, the attacker (45.134.179.57) attempted to scan 223 ports.
The following ports have been scanned: 42000/tcp, 45005/tcp, 8005/tcp (MXI Generation II for z/OS), 45003/tcp, 59002/tcp, 49001/tcp, 48000/tcp (Nimbus Controller), 3005/tcp (Genius License Manager), 19003/tcp, 55005/tcp, 10005/tcp (EMC Replication Manager Server), 6001/tcp, 9005/tcp, 2005/tcp (berknet), 38003/tcp, 22004/tcp (Opto Host Port 4), 23000/tcp (Inova LightLink Server Type 1), 42001/tcp, 1000/tcp (cadlock2), 9000/tcp (CSlistener), 34000/tcp, 30004/tcp, 35005/tcp, 13004/tcp, 14002/tcp, 18005/tcp, 46003/tcp, 32005/tcp, 4002/tcp (pxc-spvr-ft), 56005/tcp, 26004/tcp, 44001/tcp, 55000/tcp, 59003/tcp, 7003/tcp (volume location database), 16001/tcp (Administration Server Connector), 30002/tcp (Pago Services 2), 30000/tcp, 9001/tcp (ETL Service Manager), 21005/tcp, 35002/tcp, 15000/tcp (Hypack Data Aquisition), 46002/tcp, 34004/tcp, 15002/tcp, 54004/tcp, 44003/tcp, 47001/tcp (Windows Remote Management Service), 20001/tcp (MicroSAN), 57004/tcp, 5003/tcp (FileMaker, Inc. - Proprietary transport), 56003/tcp, 57003/tcp, 1004/tcp, 31004/tcp, 23005/tcp (Inova LightLink Server Type 6), 20000/tcp (DNP), 39000/tcp, 51005/tcp, 48002/tcp (Nimbus Hub), 58003/tcp, 6000/tcp (-6063/udp   X Window System), 28001/tcp (PQ Service), 6003/tcp, 47002/tcp, 42004/tcp, 13002/tcp, 12003/tcp (IBM Enterprise Extender SNA COS Medium Priority), 50003/tcp, 57005/tcp, 39001/tcp, 24000/tcp (med-ltp), 42003/tcp, 16005/tcp, 13003/tcp, 3000/tcp (RemoteWare Client), 34005/tcp, 46001/tcp, 45001/tcp, 54003/tcp, 55002/tcp, 56004/tcp, 11001/tcp (Metasys), 11000/tcp (IRISA), 18004/tcp, 27001/tcp, 50002/tcp, 46000/tcp, 50004/tcp, 41002/tcp, 56002/tcp, 16000/tcp (Administration Server Access), 22002/tcp (Opto Host Port 2), 54000/tcp, 14001/tcp (SUA), 25002/tcp (icl-twobase3), 8001/tcp (VCOM Tunnel), 5001/tcp (commplex-link), 40003/tcp, 28000/tcp (NX License Manager), 36001/tcp (AllPeers Network), 33000/tcp, 43002/tcp, 39003/tcp, 43001/tcp, 59000/tcp, 35001/tcp, 23004/tcp (Inova LightLink Server Type 5), 3001/tcp, 17000/tcp, 51002/tcp, 27002/tcp, 27004/tcp, 12004/tcp (IBM Enterprise Extender SNA COS Low Priority), 29003/tcp, 7005/tcp (volume managment server), 29004/tcp, 45000/tcp, 57001/tcp, 17001/tcp, 54005/tcp, 38001/tcp, 58000/tcp, 16002/tcp (GoodSync Mediation Service), 24005/tcp (med-ci), 40004/tcp, 20003/tcp (Commtact HTTPS), 4003/tcp (pxc-splr-ft), 28003/tcp, 36002/tcp, 1001/tcp, 43004/tcp, 53004/tcp, 43003/tcp, 53001/tcp, 8002/tcp (Teradata ORDBMS), 7002/tcp (users & groups database), 54001/tcp, 16003/tcp, 36005/tcp, 24002/tcp (med-fsp-tx), 33003/tcp, 40001/tcp, 31000/tcp, 33005/tcp, 4004/tcp (pxc-roid), 32000/tcp, 26002/tcp, 40005/tcp, 25005/tcp (icl-twobase6), 21000/tcp (IRTrans Control), 6004/tcp, 3003/tcp (CGMS), 1005/tcp, 55001/tcp, 2004/tcp (mailbox), 42005/tcp, 39005/tcp, 5002/tcp (radio free ethernet), 40000/tcp (SafetyNET p), 59001/tcp, 30005/tcp, 34002/tcp, 11003/tcp, 35003/tcp, 52002/tcp, 27005/tcp, 12001/tcp (IBM Enterprise Extender SNA COS Network Priority), 7000/tcp (file server itself), 47005/tcp, 29002/tcp, 37000/tcp, 17005/tcp, 53003/tcp, 52001/tcp, 7001/tcp (callbacks to cache managers), 5004/tcp (RTP media data [RFC 3551][RFC 4571]), 49002/tcp, 19005/tcp, 24001/tcp (med-fsp-rx), 24003/tcp (med-supp), 52005/tcp, 8000/tcp (iRDMI), 12005/tcp (DBISAM Database Server - Regular), 56000/tcp, 37005/tcp, 38002/tcp, 27000/tcp (-27009 FLEX LM (1-10)), 49005/tcp, 42002/tcp, 10000/tcp (Network Data Management Protocol), 11004/tcp, 41003/tcp, 32002/tcp, 51004/tcp, 31001/tcp, 19001/tcp, 2003/tcp (Brutus Server), 33001/tcp, 9003/tcp, 32001/tcp, 18000/tcp (Beckman Instruments, Inc.), 9002/tcp (DynamID authentication), 19000/tcp (iGrid Server), 12000/tcp (IBM Enterprise Extender SNA XID Exchange), 23003/tcp (Inova LightLink Server Type 4), 21003/tcp, 21002/tcp, 48004/tcp, 4005/tcp (pxc-pin), 37002/tcp, 2000/tcp (Cisco SCCP), 10002/tcp (EMC-Documentum Content Server Product), 25003/tcp (icl-twobase4), 41004/tcp, 35004/tcp.
      
BHD Honeypot
Port scan
2020-03-18

In the last 24h, the attacker (45.134.179.57) attempted to scan 72 ports.
The following ports have been scanned: 25004/tcp (icl-twobase5), 7004/tcp (AFS/Kerberos authentication service), 8088/tcp (Radan HTTP), 11005/tcp, 28005/tcp, 35000/tcp, 9090/tcp (WebSM), 51001/tcp, 1003/tcp, 30001/tcp (Pago Services 1), 18003/tcp, 17004/tcp, 31003/tcp, 58001/tcp, 2002/tcp (globe), 16004/tcp, 6006/tcp, 5555/tcp (Personal Agent), 7077/tcp, 6666/tcp, 20005/tcp (OpenWebNet protocol for electric network), 50005/tcp, 21004/tcp, 6066/tcp (EWCTSP), 8008/tcp (HTTP Alternate), 28004/tcp, 4044/tcp (Location Tracking Protocol), 50001/tcp, 43005/tcp, 29001/tcp, 15004/tcp, 39002/tcp, 17003/tcp, 6606/tcp, 13001/tcp, 52000/tcp, 5005/tcp (RTP control protocol [RFC 3551][RFC 4571]), 24004/tcp (med-ovw), 2200/tcp (ICI), 8003/tcp (Mulberry Connect Reporting Service), 8080/tcp (HTTP Alternate (see port 80)), 27003/tcp, 28002/tcp, 26001/tcp, 49000/tcp, 1010/tcp (surf), 3300/tcp, 57002/tcp, 2202/tcp (Int. Multimedia Teleconferencing Cosortium), 38004/tcp, 34001/tcp, 41000/tcp, 47003/tcp, 31005/tcp, 4040/tcp (Yo.net main service), 14004/tcp, 20002/tcp (Commtact HTTP), 14000/tcp (SCOTTY High-Speed Filetransfer), 4444/tcp (NV Video default), 13005/tcp, 3333/tcp (DEC Notes), 21001/tcp, 47004/tcp, 41001/tcp, 2020/tcp (xinupageserver), 8004/tcp, 40002/tcp, 3002/tcp (RemoteWare Server), 33004/tcp.
      
BHD Honeypot
Port scan
2020-03-17

In the last 24h, the attacker (45.134.179.57) attempted to scan 149 ports.
The following ports have been scanned: 41300/tcp, 42000/tcp, 53800/tcp, 48000/tcp (Nimbus Controller), 2525/tcp (MS V-Worlds), 1515/tcp (ifor-protocol), 9292/tcp (ArmTech Daemon), 50400/tcp, 52400/tcp, 2222/tcp (EtherNet/IP I/O), 54800/tcp, 56200/tcp, 7676/tcp (iMQ Broker Rendezvous), 55700/tcp, 4646/tcp, 47300/tcp, 50200/tcp, 53400/tcp, 51700/tcp, 1414/tcp (IBM MQSeries), 46200/tcp, 45700/tcp, 55400/tcp, 9696/tcp, 5353/tcp (Multicast DNS), 43200/tcp, 4848/tcp (App Server - Admin HTTP), 55000/tcp, 50500/tcp, 44400/tcp, 46500/tcp, 55600/tcp, 45500/tcp, 50100/tcp, 59500/tcp, 49700/tcp, 4545/tcp (WorldScores), 56600/tcp, 41200/tcp, 7575/tcp, 54200/tcp, 7272/tcp (WatchMe Monitoring 7272), 6666/tcp, 7070/tcp (ARCP), 40300/tcp, 56500/tcp, 7373/tcp, 45600/tcp, 59400/tcp, 43300/tcp, 51800/tcp, 6565/tcp, 48200/tcp, 5151/tcp (ESRI SDE Instance), 46600/tcp, 4747/tcp, 3636/tcp (SerVistaITSM), 5656/tcp, 51100/tcp, 56400/tcp, 3535/tcp (MS-LA), 46000/tcp, 44700/tcp, 1818/tcp (Enhanced Trivial File Transfer Protocol), 47500/tcp, 6767/tcp (BMC PERFORM AGENT), 3434/tcp (OpenCM Server), 9595/tcp (Ping Discovery Service), 6464/tcp, 5050/tcp (multimedia conference control tool), 53600/tcp, 48400/tcp, 59700/tcp, 4141/tcp (Workflow Server), 1313/tcp (BMC_PATROLDB), 8080/tcp (HTTP Alternate (see port 80)), 1717/tcp (fj-hdnet), 58900/tcp, 49400/tcp, 55100/tcp, 40700/tcp, 46100/tcp, 1919/tcp (IBM Tivoli Directory Service - DCH), 51500/tcp, 8585/tcp, 55500/tcp, 57700/tcp, 57600/tcp, 3030/tcp (Arepa Cas), 41500/tcp, 47600/tcp, 6262/tcp, 40100/tcp, 48500/tcp, 2828/tcp (ITM License Manager), 49000/tcp, 1010/tcp (surf), 9494/tcp, 56900/tcp, 5959/tcp, 47800/tcp, 5757/tcp (OpenMail X.500 Directory Server), 3232/tcp (MDT port), 48300/tcp, 2323/tcp (3d-nfsd), 50800/tcp, 47000/tcp (Message Bus), 47100/tcp, 44600/tcp, 2424/tcp (KOFAX-SVR), 47400/tcp, 41000/tcp, 43700/tcp, 45300/tcp, 45100/tcp, 46400/tcp, 42200/tcp, 42500/tcp, 56300/tcp, 9393/tcp, 48600/tcp, 57300/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 3838/tcp (Scito Object Server), 8282/tcp, 55800/tcp, 6363/tcp, 3737/tcp (XPanel Daemon), 2020/tcp (xinupageserver), 57500/tcp, 45400/tcp, 40900/tcp, 43900/tcp, 40400/tcp, 48100/tcp, 6161/tcp (PATROL Internet Srv Mgr), 52600/tcp, 58600/tcp, 8383/tcp (M2m Services), 43000/tcp, 49500/tcp, 9191/tcp (Sun AppSvr JPDA), 44300/tcp, 45200/tcp, 5252/tcp (Movaz SSC).
      
BHD Honeypot
Port scan
2020-03-17

Port scan from IP: 45.134.179.57 detected by psad.
BHD Honeypot
Port scan
2020-03-16

In the last 24h, the attacker (45.134.179.57) attempted to scan 152 ports.
The following ports have been scanned: 54900/tcp, 27700/tcp, 31800/tcp, 39200/tcp, 32100/tcp, 21500/tcp, 31100/tcp, 58100/tcp, 29100/tcp, 34000/tcp, 27300/tcp, 42100/tcp, 44900/tcp, 23400/tcp (Novar Data), 20400/tcp, 30300/tcp, 20600/tcp, 37300/tcp, 22400/tcp, 53900/tcp, 59900/tcp, 25600/tcp, 59800/tcp, 35700/tcp, 34500/tcp, 56800/tcp, 20500/tcp, 35600/tcp, 30600/tcp, 30000/tcp, 22500/tcp, 58300/tcp, 40500/tcp, 57100/tcp, 38900/tcp, 46900/tcp, 25700/tcp, 39700/tcp, 28200/tcp, 23100/tcp, 31900/tcp, 48900/tcp, 25100/tcp, 26400/tcp, 29200/tcp, 54300/tcp, 42300/tcp, 21800/tcp (TVNC Pro Multiplexing), 37900/tcp, 24100/tcp, 32400/tcp, 26500/tcp, 32200/tcp, 24000/tcp (med-ltp), 24700/tcp, 49100/tcp, 33800/tcp, 34600/tcp, 41400/tcp, 31600/tcp, 42700/tcp, 32300/tcp, 49800/tcp, 45800/tcp, 57400/tcp, 40800/tcp, 58500/tcp, 28700/tcp, 43600/tcp, 42900/tcp, 29300/tcp, 21600/tcp, 36700/tcp, 54000/tcp, 36600/tcp, 28300/tcp, 51000/tcp, 20700/tcp, 52000/tcp, 48700/tcp, 33000/tcp, 44800/tcp, 59000/tcp, 31400/tcp, 29000/tcp, 30100/tcp, 27600/tcp, 47900/tcp, 58400/tcp, 22300/tcp, 28500/tcp, 53100/tcp, 28400/tcp, 30800/tcp, 53500/tcp, 55300/tcp, 29600/tcp, 30400/tcp, 37500/tcp, 44000/tcp, 27500/tcp, 57000/tcp, 24900/tcp, 39800/tcp, 57800/tcp, 44100/tcp, 46800/tcp, 32000/tcp, 33700/tcp, 57900/tcp, 33500/tcp, 51400/tcp, 41900/tcp, 32900/tcp, 53000/tcp, 39500/tcp, 54700/tcp, 50000/tcp, 25200/tcp, 29500/tcp, 21700/tcp, 29900/tcp, 20800/tcp, 38500/tcp, 21200/tcp, 37000/tcp, 35100/tcp, 52900/tcp, 34300/tcp, 59100/tcp, 35900/tcp, 56000/tcp, 33400/tcp, 47700/tcp, 38100/tcp, 24800/tcp, 40200/tcp, 32800/tcp, 39600/tcp, 26100/tcp, 24300/tcp, 55900/tcp, 52800/tcp, 54500/tcp, 51600/tcp, 50900/tcp, 43800/tcp, 42600/tcp, 39900/tcp, 43500/tcp.
      
BHD Honeypot
Port scan
2020-03-15

In the last 24h, the attacker (45.134.179.57) attempted to scan 143 ports.
The following ports have been scanned: 18400/tcp, 36200/tcp, 26900/tcp, 14400/tcp, 29800/tcp, 17400/tcp, 12800/tcp, 11800/tcp, 11500/tcp, 24400/tcp, 33600/tcp, 22600/tcp, 35000/tcp, 23000/tcp (Inova LightLink Server Type 1), 5100/tcp (Socalia service mux), 3700/tcp (LRS NetPage), 9900/tcp (IUA), 37700/tcp, 19300/tcp, 15800/tcp, 6300/tcp (BMC GRX), 2700/tcp (tqdata), 20200/tcp, 23800/tcp, 19700/tcp, 9300/tcp (Virtual Racing Service), 14700/tcp, 27400/tcp, 28100/tcp, 15700/tcp, 1400/tcp (Cadkey Tablet Daemon), 10800/tcp (Gestor de Acaparamiento para Pocket PCs), 25300/tcp, 20000/tcp (DNP), 38200/tcp, 39000/tcp, 30200/tcp, 6000/tcp (-6063/udp   X Window System), 36300/tcp, 23500/tcp, 8600/tcp (Surveillance Data), 24500/tcp, 13100/tcp, 18900/tcp, 3000/tcp (RemoteWare Client), 27800/tcp, 18200/tcp, 34900/tcp, 8100/tcp (Xprint Server), 4000/tcp (Terabase), 33100/tcp, 37100/tcp, 4700/tcp (NetXMS Agent), 6700/tcp, 20300/tcp, 7600/tcp, 33200/tcp, 3200/tcp (Press-sense Tick Port), 10200/tcp (Trigence AE Soap Service), 24200/tcp, 34700/tcp, 4200/tcp (-4299  VRML Multi User Systems), 3600/tcp (text relay-answer), 10700/tcp, 38800/tcp, 18500/tcp, 5000/tcp (commplex-main), 28900/tcp, 17000/tcp, 16100/tcp, 2100/tcp (Amiga Network Filesystem), 4800/tcp (Icona Instant Messenging System), 17200/tcp, 36100/tcp, 2400/tcp (OpEquus Server), 32600/tcp, 8300/tcp (Transport Management Interface), 32700/tcp, 27100/tcp, 26300/tcp, 1100/tcp (MCTP), 4100/tcp (IGo Incognito Data Port), 25400/tcp, 19400/tcp, 5600/tcp (Enterprise Security Manager), 31000/tcp, 10400/tcp, 21100/tcp, 22800/tcp (Telerate Information Platform LAN), 7300/tcp (-7359   The Swiss Exchange), 34800/tcp, 19600/tcp, 25800/tcp, 23600/tcp, 20900/tcp, 26200/tcp, 25900/tcp (TASP Network Comm), 38700/tcp, 37800/tcp, 19900/tcp, 17700/tcp, 15300/tcp, 40000/tcp (SafetyNET p), 16700/tcp, 9200/tcp (WAP connectionless session service), 28800/tcp, 23300/tcp, 31700/tcp, 15400/tcp, 18100/tcp, 35800/tcp, 31500/tcp, 27900/tcp, 1600/tcp (issd), 12500/tcp, 22100/tcp, 13500/tcp, 25000/tcp (icl-twobase1), 37600/tcp, 27000/tcp (-27009 FLEX LM (1-10)), 35300/tcp, 10000/tcp (Network Data Management Protocol), 34200/tcp, 7900/tcp (Multicast Event), 20100/tcp, 29700/tcp, 9400/tcp (Samsung Twain for Network Server), 14500/tcp, 26000/tcp (quake), 9500/tcp (ismserver), 22200/tcp, 18700/tcp, 22700/tcp, 36900/tcp, 1700/tcp (mps-raft), 13400/tcp, 9100/tcp (Printer PDL Data Stream), 37200/tcp, 2000/tcp (Cisco SCCP), 5300/tcp (HA cluster heartbeat), 30700/tcp, 21300/tcp.
      
BHD Honeypot
Port scan
2020-03-14

In the last 24h, the attacker (45.134.179.57) attempted to scan 207 ports.
The following ports have been scanned: 11600/tcp (Tempest Protocol Port), 12800/tcp, 11800/tcp, 11500/tcp, 6500/tcp (BoKS Master), 5100/tcp (Socalia service mux), 8500/tcp (Flight Message Transfer Protocol), 9000/tcp (CSlistener), 9700/tcp (Board M.I.T. Service), 2300/tcp (CVMMON), 19100/tcp, 7100/tcp (X Font Service), 6800/tcp, 7200/tcp (FODMS FLIP), 19300/tcp, 15800/tcp, 6300/tcp (BMC GRX), 2700/tcp (tqdata), 19700/tcp, 8400/tcp (cvd), 4600/tcp (Piranha1), 14700/tcp, 12100/tcp, 7800/tcp (Apple Software Restore), 18800/tcp, 6600/tcp (Microsoft Hyper-V Live Migration), 15000/tcp (Hypack Data Aquisition), 15100/tcp, 15700/tcp, 3100/tcp (OpCon/xps), 5200/tcp (TARGUS GetData), 17900/tcp, 20000/tcp (DNP), 16800/tcp, 12200/tcp, 5800/tcp, 3800/tcp (Print Services Interface), 10300/tcp, 6000/tcp (-6063/udp   X Window System), 13300/tcp, 15600/tcp, 12700/tcp, 8900/tcp (JMB-CDS 1), 18900/tcp, 19200/tcp, 3000/tcp (RemoteWare Client), 13900/tcp, 11000/tcp (IRISA), 8100/tcp (Xprint Server), 10600/tcp, 4000/tcp (Terabase), 17800/tcp, 11200/tcp, 14800/tcp, 6700/tcp, 6100/tcp (SynchroNet-db), 14600/tcp, 2600/tcp (HPSTGMGR), 16900/tcp (Newbay Mobile Client Update Service), 8800/tcp (Sun Web Server Admin Service), 7600/tcp, 13800/tcp, 7500/tcp (Silhouette User), 13700/tcp, 3200/tcp (Press-sense Tick Port), 10200/tcp (Trigence AE Soap Service), 12300/tcp (LinoGrid Engine), 1500/tcp (VLSI License Manager), 4200/tcp (-4299  VRML Multi User Systems), 16600/tcp, 2200/tcp (ICI), 18500/tcp, 5000/tcp (commplex-main), 1200/tcp (SCOL), 6400/tcp (Business Objects CMS contact port), 17000/tcp, 16100/tcp, 3900/tcp (Unidata UDT OS), 19500/tcp, 4800/tcp (Icona Instant Messenging System), 12600/tcp, 9600/tcp (MICROMUSE-NCPW), 8300/tcp (Transport Management Interface), 11400/tcp, 10100/tcp (VERITAS ITAP DDTP), 4900/tcp (HyperFileSQL Client/Server Database Engine), 12900/tcp, 1100/tcp (MCTP), 11300/tcp, 3300/tcp, 6900/tcp, 4100/tcp (IGo Incognito Data Port), 19400/tcp, 15200/tcp, 5600/tcp (Enterprise Security Manager), 3400/tcp (CSMS2), 10400/tcp, 5400/tcp (Excerpt Search), 1800/tcp (ANSYS-License manager), 11700/tcp, 17500/tcp (Dropbox LanSync Protocol), 10500/tcp, 14300/tcp, 19600/tcp, 8200/tcp (TRIVNET), 12400/tcp, 11900/tcp, 4500/tcp (IPsec NAT-Traversal), 19900/tcp, 5900/tcp (Remote Framebuffer), 17700/tcp, 15300/tcp, 13600/tcp, 2500/tcp (Resource Tracking system server), 16700/tcp, 9200/tcp (WAP connectionless session service), 14000/tcp (SCOTTY High-Speed Filetransfer), 15500/tcp, 6200/tcp (LM-X License Manager by X-Formation), 14900/tcp, 7000/tcp (file server itself), 16400/tcp, 16500/tcp, 2900/tcp (QUICKSUITE), 15400/tcp, 19800/tcp, 18100/tcp, 1300/tcp (H323 Host Call Secure), 11100/tcp, 5700/tcp, 17100/tcp, 8000/tcp (iRDMI), 2800/tcp (ACC RAID), 16300/tcp, 13200/tcp, 12500/tcp, 13500/tcp, 17300/tcp, 7900/tcp (Multicast Event), 5500/tcp (fcp-addr-srvr1), 14500/tcp, 9800/tcp (WebDav Source Port), 1900/tcp (SSDP), 9500/tcp (ismserver), 19000/tcp (iGrid Server), 1700/tcp (mps-raft), 13400/tcp, 9100/tcp (Printer PDL Data Stream), 3500/tcp (RTMP Port), 2000/tcp (Cisco SCCP), 15900/tcp, 16200/tcp, 18300/tcp, 14200/tcp.
      
BHD Honeypot
Port scan
2020-03-13

In the last 24h, the attacker (45.134.179.57) attempted to scan 217 ports.
The following ports have been scanned: 14400/tcp, 3718/tcp (OPUS Server Port), 3920/tcp (Exasoft IP Port), 1621/tcp (softdataphone), 320/tcp (PTP General), 4018/tcp (Talarian Mcast), 4117/tcp (Hillr Connection Manager), 1117/tcp (ARDUS Multicast Transfer), 8018/tcp, 1520/tcp (atm zip office), 3700/tcp (LRS NetPage), 2117/tcp (MENTACLIENT), 1821/tcp (donnyworld), 8021/tcp (Intuit Entitlement Client), 6820/tcp, 6719/tcp, 1720/tcp (h323hostcall), 4521/tcp, 4400/tcp (ASIGRA Services), 121/tcp (Encore Expedited Remote Pro.Call), 2319/tcp (InfoLibria), 4119/tcp (Assuria Log Manager), 117/tcp (UUCP Path Service), 3421/tcp (Bull Apprise portmapper), 4322/tcp (TRIM Event Service), 1517/tcp (Virtual Places Audio control), 2417/tcp (Composit Server), 7817/tcp, 317/tcp (Zannet), 3017/tcp (Event Listener), 7519/tcp, 4618/tcp, 4318/tcp, 3318/tcp (Swith to Swith Routing Information Protocol), 5721/tcp (Desktop Passthru Service), 4317/tcp, 7320/tcp, 4420/tcp, 5522/tcp, 7319/tcp, 1617/tcp (Nimrod Inter-Agent Communication), 5018/tcp, 5119/tcp, 2321/tcp (RDLAP), 7420/tcp, 3820/tcp (Siemens AuD SCP), 1400/tcp (Cadkey Tablet Daemon), 7819/tcp, 2317/tcp (Attachmate G32), 1018/tcp, 7219/tcp, 7922/tcp, 822/tcp, 1420/tcp (Timbuktu Service 4 Port), 5620/tcp, 2722/tcp (Proactive Server), 519/tcp (unixtime), 6920/tcp, 1618/tcp (skytelnet), 7521/tcp, 520/tcp (extended file name server), 222/tcp (Berkeley rshd with SPX auth), 922/tcp, 4721/tcp, 2917/tcp (Elvin Client), 1522/tcp (Ricardo North America License Manager), 722/tcp, 8600/tcp (Surveillance Data), 15600/tcp, 4319/tcp, 2921/tcp (CESD Contents Delivery Management), 5521/tcp, 1419/tcp (Timbuktu Service 3 Port), 5017/tcp, 18200/tcp, 1318/tcp (krb5gatekeeper), 5720/tcp (MS-Licensing), 119/tcp (Network News Transfer Protocol), 7820/tcp, 4921/tcp, 1021/tcp (RFC3692-style Experiment 1 (*)    [RFC4727]), 7019/tcp, 3821/tcp (ATSC PMCP Standard), 5221/tcp (3eTI Extensible Management Protocol for OAMP), 5617/tcp, 422/tcp (Ariel 3), 4321/tcp (Remote Who Is), 1818/tcp (Enhanced Trivial File Transfer Protocol), 7118/tcp, 6620/tcp (Kerberos V5 FTP Data), 7322/tcp, 16000/tcp (Administration Server Access), 4918/tcp, 3521/tcp (Telequip Labs MC3SS), 3222/tcp (Gateway Load Balancing Pr), 817/tcp, 3818/tcp (Crinis Heartbeat), 6617/tcp, 2820/tcp (UniVision), 3919/tcp (HyperIP), 1619/tcp (xs-openstorage), 919/tcp, 2219/tcp (NetIQ NCAP Protocol), 1122/tcp (availant-mgr), 6919/tcp, 6721/tcp, 5819/tcp, 7919/tcp, 5317/tcp, 920/tcp, 819/tcp, 1717/tcp (fj-hdnet), 522/tcp (ULP), 2100/tcp (Amiga Network Filesystem), 4421/tcp, 120/tcp (CFDPTKT), 3218/tcp (EMC SmartPackets), 3022/tcp (CSREGAGENT), 7821/tcp, 7400/tcp (RTPS Discovery), 4917/tcp, 2522/tcp (WinDb), 3422/tcp (Remote USB System Port), 2819/tcp (FC Fault Notification), 6818/tcp, 5021/tcp (zenginkyo-2), 7419/tcp, 13000/tcp, 4419/tcp, 1521/tcp (nCube License Manager), 4418/tcp, 6918/tcp, 15200/tcp, 8700/tcp, 419/tcp (Ariel 1), 6722/tcp, 2821/tcp (VERITAS Authentication Service), 7921/tcp, 1800/tcp (ANSYS-License manager), 518/tcp (ntalk), 17500/tcp (Dropbox LanSync Protocol), 618/tcp (DEI-ICDA), 5419/tcp (DJ-ICE), 1317/tcp (vrts-ipcserver), 7722/tcp, 7017/tcp, 2320/tcp (Siebel NS), 4320/tcp (FDT Remote Categorization Protocol), 5718/tcp (DPM Communication Server), 418/tcp (Hyper-G), 1719/tcp (h323gatestat), 420/tcp (SMPTE), 5218/tcp, 1120/tcp (Battle.net File Transfer Protocol), 5818/tcp, 7822/tcp, 7018/tcp, 4500/tcp (IPsec NAT-Traversal), 2218/tcp (Bounzza IRC Proxy), 1817/tcp (RKB-OSCS), 3217/tcp (Unified IP & Telecom Environment), 322/tcp (RTSPS), 2217/tcp (GoToDevice Device Management), 6720/tcp, 4118/tcp (Netadmin Systems NETscript service), 8020/tcp (Intuit Entitlement Service and Discovery), 6917/tcp, 4919/tcp, 14900/tcp, 1019/tcp, 6717/tcp, 3822/tcp (Compute Pool Discovery), 5519/tcp, 5520/tcp, 7618/tcp, 2318/tcp (Cadence Control), 5217/tcp, 417/tcp (Onmux), 5700/tcp, 1017/tcp, 5222/tcp (XMPP Client Connection), 2822/tcp (ka0wuc), 2419/tcp (Attachmate S2S), 220/tcp (Interactive Mail Access Protocol v3), 3518/tcp (Artifact Message Server), 7619/tcp, 3720/tcp (UF Astro. Instr. Services), 2818/tcp (rmlnk), 5821/tcp, 6819/tcp, 818/tcp, 2721/tcp (Smart Diagnose), 7221/tcp, 5118/tcp, 2920/tcp (roboEDA), 3420/tcp (iFCP User Port), 6817/tcp (PenTBox Secure IM Protocol), 917/tcp, 3417/tcp (ConServR file translation), 18000/tcp (Beckman Instruments, Inc.), 2220/tcp (NetIQ End2End), 7317/tcp, 5019/tcp, 18600/tcp, 18700/tcp, 821/tcp, 921/tcp, 5619/tcp, 221/tcp (Berkeley rlogind with SPX auth), 122/tcp (SMAKYNET), 3721/tcp (Xsync), 8017/tcp, 1721/tcp (caicci), 2718/tcp (PN REQUESTER 2), 6718/tcp, 3921/tcp (Herodotus Net).
      
BHD Honeypot
Port scan
2020-03-12

In the last 24h, the attacker (45.134.179.57) attempted to scan 189 ports.
The following ports have been scanned: 3118/tcp (PKAgent), 5318/tcp, 2420/tcp (DSL Remote Management), 3019/tcp (Resource Manager), 7215/tcp, 619/tcp (Compaq EVM), 2815/tcp (LBC Measurement), 1822/tcp (es-elmd), 1319/tcp (AMX-ICSP), 718/tcp, 7622/tcp, 4617/tcp, 5517/tcp, 5516/tcp, 4720/tcp, 5220/tcp, 3321/tcp (VNSSTR), 1012/tcp, 820/tcp, 7614/tcp, 1920/tcp (IBM Tivoli Directory Service - FERRET), 3317/tcp (VSAI PORT), 2617/tcp (Clinical Context Managers), 4422/tcp, 3918/tcp (PacketCableMultimediaCOPS), 5613/tcp, 620/tcp (SCO WebServer Manager), 2512/tcp (Citrix IMA), 4922/tcp, 621/tcp (ESCP), 4714/tcp, 3819/tcp (EPL Sequ Layer Protocol), 3622/tcp (FF LAN Redundancy Port), 7115/tcp, 7719/tcp, 3120/tcp (D2000 Webserver Port), 3320/tcp (Office Link 2000), 2113/tcp (HSL StoRM), 7518/tcp, 7117/tcp, 4222/tcp, 3619/tcp (AAIR-Network 2), 3719/tcp (iTel Server Port), 2922/tcp (CESD Contents Delivery Data Transfer), 7514/tcp, 2416/tcp (RMT Server), 2517/tcp (H.323 Annex E call signaling transport), 721/tcp, 2715/tcp (HPSTGMGR2), 2120/tcp (Quick Eagle Networks CP), 3621/tcp (EPSON Network Screen Port), 4615/tcp, 2519/tcp (globmsgsvc), 3517/tcp (IEEE 802.11 WLANs WG IAPP), 3618/tcp (AAIR-Network 1), 2118/tcp (MENTASERVER), 321/tcp (PIP), 4013/tcp (ACL Manager), 7422/tcp, 1121/tcp (Datalode RMPP), 3113/tcp (CS-Authenticate Svr Port), 3122/tcp (MTI VTR Emulator port), 5417/tcp (SNS Agent), 5918/tcp, 7515/tcp, 3121/tcp, 5922/tcp, 6821/tcp, 318/tcp (PKIX TimeStamp), 1421/tcp (Gandalf License Manager), 1213/tcp (MPC LIFENET), 5422/tcp (Salient MUX), 7421/tcp (Matisse Port Monitor), 2618/tcp (Priority E-Com), 7212/tcp, 2622/tcp (MetricaDBC), 6613/tcp, 3519/tcp (Netvion Messenger Port), 4520/tcp, 3916/tcp (WysDM Controller), 2017/tcp (cypress-stat), 4518/tcp, 2415/tcp (Codima Remote Transaction Protocol), 2621/tcp (Miles Apart Jukebox Server), 5713/tcp (proshare conf audio), 4817/tcp, 5315/tcp (HA Cluster UDP Polling), 521/tcp (ripng), 5219/tcp, 3915/tcp (Auto-Graphics Cataloging), 2418/tcp (cas), 5120/tcp, 6916/tcp, 2016/tcp (bootserver), 5717/tcp (proshare conf notify), 5122/tcp, 2514/tcp (Facsys NTP), 1919/tcp (IBM Tivoli Directory Service - DCH), 3220/tcp (XML NM over SSL), 617/tcp (SCO Desktop Administration Server), 1320/tcp (AMX-AXBNET), 4717/tcp, 3617/tcp (ATI SHARP Logic Engine), 4121/tcp (e-Builder Application Communication), 4217/tcp, 918/tcp, 7116/tcp, 4920/tcp, 6814/tcp, 3917/tcp (AFT multiplex port), 1418/tcp (Timbuktu Service 2 Port), 2521/tcp (Adaptec Manager), 3413/tcp (SpecView Networking), 5322/tcp, 1322/tcp (Novation), 7912/tcp, 1518/tcp (Virtual Places Video data), 3313/tcp (Unify Object Broker), 1417/tcp (Timbuktu Service 1 Port), 3115/tcp (MCTET Master), 5920/tcp, 4312/tcp (Parascale Membership Manager), 3221/tcp (XML NM over TCP), 7621/tcp, 913/tcp (APEX endpoint-relay service), 4017/tcp (Talarian Mcast), 7720/tcp (MedImage Portal), 2916/tcp (Elvin Server), 1014/tcp, 713/tcp (IRIS over XPC), 7721/tcp, 1921/tcp (NoAdmin), 3713/tcp (TFTP over TLS), 7917/tcp, 3020/tcp (CIFS), 7218/tcp, 2716/tcp (Inova IP Disco), 2014/tcp (troff), 3712/tcp (Sentinel Enterprise), 3620/tcp (EPSON Projector Control Port), 2115/tcp (Key Distribution Manager), 4614/tcp, 5117/tcp (GradeCam Image Processing), 5213/tcp, 2714/tcp (Raven Trinity Data Mover), 2421/tcp (G-Talk), 2620/tcp (LPSRecommender), 6618/tcp, 7517/tcp, 5712/tcp, 4716/tcp, 7022/tcp (CT Discovery Protocol), 7617/tcp, 7918/tcp, 4019/tcp (Talarian Mcast), 7122/tcp, 3812/tcp (netO WOL Server), 4613/tcp, 2018/tcp (terminaldb), 3312/tcp (Application Management Server), 4112/tcp (Apple VPN Server Reporting Protocol), 2414/tcp (Beeyond), 3014/tcp (Broker Service), 2619/tcp (bruce), 2020/tcp (xinupageserver), 2119/tcp (GSIGATEKEEPER), 316/tcp (decAuth), 5716/tcp (proshare conf request), 5919/tcp, 720/tcp, 912/tcp (APEX relay-relay service), 4122/tcp (Fiber Patrol Alarm Service), 4821/tcp, 3117/tcp (MCTET Jserv), 4220/tcp, 5714/tcp (proshare conf video), 5921/tcp, 2422/tcp (CRMSBITS), 3319/tcp (SDT License Manager), 8022/tcp (oa-system), 4818/tcp, 312/tcp (VSLMP), 2918/tcp (Kasten Chase Pad), 3922/tcp (Soronti Update Port), 7120/tcp.
      
BHD Honeypot
Port scan
2020-03-12

Port scan from IP: 45.134.179.57 detected by psad.
BHD Honeypot
Port scan
2020-03-11

In the last 24h, the attacker (45.134.179.57) attempted to scan 226 ports.
The following ports have been scanned: 2314/tcp (CR WebSystems), 1713/tcp (ConferenceTalk), 7914/tcp, 5513/tcp, 7712/tcp, 1513/tcp (Fujitsu Systems Business of America, Inc), 8012/tcp, 1515/tcp (ifor-protocol), 5314/tcp (opalis-rbt-ipc), 214/tcp (VM PWSCS), 215/tcp (Insignia Solutions), 512/tcp (remote process execution;), 2012/tcp (ttyinfo), 5912/tcp (Flight Information Services), 3816/tcp (Sun Local Patch Server), 5614/tcp, 413/tcp (Storage Management Services Protocol), 6712/tcp, 5915/tcp, 5013/tcp (FileMaker, Inc. - Proprietary transport), 3612/tcp (HP Data Protector), 7316/tcp, 2312/tcp (WANScaler Communication Service), 416/tcp (Silverplatter), 4912/tcp (Technicolor LUT Access Protocol), 1715/tcp (houdini-lm), 8014/tcp, 5216/tcp, 7513/tcp, 2914/tcp (Game Lobby), 813/tcp, 2013/tcp (raid-am), 5514/tcp, 1315/tcp (E.L.S., Event Listener Service), 1114/tcp (Mini SQL), 7112/tcp, 3213/tcp (NEON 24X7 Mission Control), 4515/tcp, 315/tcp (DPSI), 3914/tcp (ListCREATOR Port 2), 814/tcp, 5914/tcp, 6912/tcp, 4014/tcp (TAICLOCK), 5416/tcp (SNS Gateway), 414/tcp (InfoSeek), 5316/tcp (HP Device Monitor Service), 5512/tcp, 4516/tcp, 1415/tcp (DBStar), 2215/tcp (IPCore.co.za GPRS), 212/tcp (ATEXSSTR), 4316/tcp, 1413/tcp (Innosys-ACL), 2813/tcp (llm-pass), 3013/tcp (Gilat Sky Surfer), 2515/tcp (Facsys Router), 3412/tcp (xmlBlaster), 3615/tcp (Start Messaging Network), 1614/tcp (NetBill Credential Server), 5812/tcp, 5015/tcp (FileMaker, Inc. - Web publishing), 7315/tcp, 4715/tcp, 3214/tcp (JMQ Daemon Port 1), 5916/tcp, 6616/tcp, 915/tcp, 1016/tcp, 3813/tcp (Rhapsody Interface Protocol), 6615/tcp, 4712/tcp, 4315/tcp, 4012/tcp (PDA Gate), 4913/tcp (LUTher Control Protocol), 1416/tcp (Novell LU6.2), 2912/tcp (Epicon), 1912/tcp (rhp-iibp), 1216/tcp (ETEBAC 5), 7915/tcp, 5016/tcp, 4814/tcp, 612/tcp (HMMP Indication), 3212/tcp (Survey Instrument), 4016/tcp (Talarian Mcast), 4512/tcp, 1914/tcp (Elm-Momentum), 6716/tcp, 3112/tcp (KDE System Guard), 2212/tcp (LeeCO POS Server Service), 2313/tcp (IAPP (Inter Access Point Protocol)), 4213/tcp, 3912/tcp (Global Maintech Stars), 515/tcp (spooler), 7015/tcp (Talon Webserver), 115/tcp (Simple File Transfer Protocol), 4713/tcp, 6612/tcp, 4114/tcp (JomaMQMonitor), 4413/tcp, 4116/tcp (smartcard-TLS), 3513/tcp (Adaptec Remote Protocol), 2516/tcp (Main Control), 4415/tcp, 2915/tcp (TK Socket), 4314/tcp, 3913/tcp (ListCREATOR Port), 2412/tcp (CDN), 3316/tcp (AICC/CMI), 5816/tcp, 7613/tcp, 7913/tcp (QuickObjects secure port), 7014/tcp (Microtalon Communications), 7412/tcp, 3016/tcp (Notify Server), 1712/tcp (resource monitoring service), 7615/tcp, 7415/tcp, 1812/tcp (RADIUS), 4815/tcp, 7812/tcp, 7716/tcp, 715/tcp (IRIS-LWZ), 8015/tcp, 2015/tcp (cypress), 4214/tcp, 5313/tcp (Real-time & Reliable Data), 213/tcp (IPX), 5412/tcp (Continuus), 5115/tcp (Symantec Autobuild Service), 114/tcp, 2615/tcp (firepower), 1816/tcp (HARP), 8016/tcp, 5616/tcp, 1612/tcp (NetBill Transaction Server), 7916/tcp, 1512/tcp (Microsoft's Windows Internet Name Service), 5014/tcp, 6715/tcp (Fibotrader Communications), 6714/tcp (Internet Backplane Protocol), 1615/tcp (NetBill Authorization Server), 7216/tcp, 615/tcp (Internet Configuration Manager), 2814/tcp (llm-csv), 5814/tcp (Support Automation), 815/tcp, 3815/tcp (LANsurveyor XML), 6813/tcp, 6816/tcp, 7012/tcp (Talon Engine), 7715/tcp, 516/tcp (videotex), 3716/tcp (WV CSP SMS CIR Channel), 2112/tcp (Idonix MetaNet), 1013/tcp, 4915/tcp (Fibics Remote Control Service), 1616/tcp (NetBill Product Server), 1116/tcp (ARDUS Control), 2513/tcp (Citrix ADMIN), 3715/tcp (Anoto Rendezvous Port), 2413/tcp (orion-rmi-reg), 916/tcp, 513/tcp (remote login a la telnet;), 7815/tcp, 7516/tcp, 2913/tcp (Booster Ware), 4015/tcp (Talarian Mcast), 1316/tcp (Exbit-ESCP), 2316/tcp (SENT License Manager), 7114/tcp, 2713/tcp (Raven Trinity Broker Service), 613/tcp (HMMP Operation), 1714/tcp (sesi-lm), 3814/tcp (netO DCS), 216/tcp (Computer Associates Int'l License Server), 1314/tcp (Photoscript Distributed Printing System), 1312/tcp (STI Envision), 113/tcp (Authentication Service), 7016/tcp, 712/tcp (TBRPF), 7616/tcp, 3515/tcp (MUST Backplane), 3116/tcp (MCTET Gateway), 4414/tcp, 1916/tcp (Persoft Persona), 1813/tcp (RADIUS Accounting), 4816/tcp, 7416/tcp, 1412/tcp (InnoSys), 2216/tcp (VTU data service), 313/tcp (Magenta Logic), 3015/tcp (NATI DSTP), 1015/tcp, 3512/tcp (Aztec Distribution Port), 7714/tcp, 6815/tcp, 4113/tcp (AIPN LS Registration), 1215/tcp (scanSTAT 1.0), 5012/tcp (NetOnTap Service), 7813/tcp, 514/tcp (cmd), 5212/tcp, 5214/tcp, 2816/tcp (LBC Watchdog), 5113/tcp, 7213/tcp, 415/tcp (BNet), 3714/tcp (DELOS Direct Messaging), 7113/tcp, 614/tcp (SSLshell), 5612/tcp, 7713/tcp, 2116/tcp (CCOWCMR), 914/tcp, 1516/tcp (Virtual Places Audio data), 6713/tcp, 816/tcp, 1115/tcp (ARDUS Transfer), 5615/tcp, 812/tcp, 1113/tcp (Licklider Transmission Protocol), 1212/tcp (lupa), 6812/tcp, 1112/tcp (Intelligent Communication Protocol).
      
BHD Honeypot
Port scan
2020-03-10

In the last 24h, the attacker (45.134.179.57) attempted to scan 161 ports.
The following ports have been scanned: 9944/tcp, 34467/tcp, 9906/tcp, 34435/tcp, 555/tcp (dsf), 2222/tcp (EtherNet/IP I/O), 9900/tcp (IUA), 34458/tcp, 34461/tcp, 9090/tcp (WebSM), 34465/tcp, 9927/tcp, 111/tcp (SUN Remote Procedure Call), 9943/tcp, 34344/tcp, 34484/tcp, 34431/tcp, 22222/tcp, 34500/tcp, 34316/tcp, 34359/tcp, 34434/tcp, 34372/tcp, 34420/tcp, 9903/tcp, 5555/tcp (Personal Agent), 6666/tcp, 34472/tcp, 34343/tcp, 34451/tcp, 9945/tcp, 7070/tcp (ARCP), 34319/tcp, 34445/tcp, 34474/tcp, 34350/tcp, 9935/tcp, 34468/tcp, 222/tcp (Berkeley rshd with SPX auth), 34439/tcp, 999/tcp (puprouter), 34403/tcp, 9918/tcp, 34334/tcp, 34485/tcp, 34443/tcp, 34347/tcp, 34408/tcp, 9914/tcp, 34444/tcp, 11111/tcp (Viral Computing Environment (VCE)), 34401/tcp, 9946/tcp, 9947/tcp, 9908/tcp, 34349/tcp, 34363/tcp, 9905/tcp, 34460/tcp, 34494/tcp, 34337/tcp, 34353/tcp, 34479/tcp, 777/tcp (Multiling HTTP), 34345/tcp, 34323/tcp, 34480/tcp, 9936/tcp, 34426/tcp, 5050/tcp (multimedia conference control tool), 34430/tcp, 34459/tcp, 34462/tcp, 34455/tcp, 9913/tcp, 888/tcp (CD Database Protocol), 34310/tcp, 34399/tcp, 9928/tcp, 9910/tcp, 34413/tcp, 34424/tcp, 34477/tcp, 34384/tcp, 34307/tcp, 34476/tcp, 34352/tcp, 34393/tcp, 34340/tcp, 3030/tcp (Arepa Cas), 34417/tcp, 34362/tcp, 9932/tcp, 9949/tcp, 1010/tcp (surf), 34483/tcp, 34328/tcp, 34356/tcp, 444/tcp (Simple Network Paging Protocol), 34320/tcp, 34478/tcp, 34322/tcp, 34395/tcp, 34470/tcp, 34357/tcp, 9920/tcp, 34488/tcp, 34368/tcp, 34306/tcp, 34325/tcp, 34437/tcp, 4040/tcp (Yo.net main service), 34496/tcp, 34303/tcp, 34421/tcp, 1111/tcp (LM Social Server), 7777/tcp (cbt), 9911/tcp (SYPECom Transport Protocol), 4444/tcp (NV Video default), 9937/tcp, 34304/tcp, 9909/tcp (domaintime), 9901/tcp, 34380/tcp, 9915/tcp, 34464/tcp, 34390/tcp, 34427/tcp, 34311/tcp, 44444/tcp, 34423/tcp, 34490/tcp, 34499/tcp, 2020/tcp (xinupageserver), 9929/tcp, 34473/tcp, 34369/tcp, 333/tcp (Texar Security Port), 34491/tcp, 9948/tcp, 34446/tcp, 34447/tcp, 33333/tcp (Digital Gaslight Service), 34376/tcp, 34409/tcp, 34463/tcp, 34415/tcp, 34407/tcp, 34302/tcp, 34425/tcp, 34498/tcp, 34341/tcp, 34492/tcp, 9916/tcp, 9939/tcp.
      

Blacklist

Near real-time, easy to use data feed containing IPs reported on our website.

Bronze

$3

Updated daily

Learn More

Silver

$15

Updated every hour

Learn More

Gold

$30

Updated every 10 minutes

Learn More

Remarks

Black hat directory contains this IP address, because Internet users reported it as an address making unsolicited, nagging requests. We make every effort to ensure that the information contained in the Black hat directory are correct and up to date. The database is developed and updated by Internet users and moderators.

If you have any reliable information regarding malicious activity originating from this IP address, please share it with others and fill in the 'Report breach' form. It is prohibited from adding personally identifiable information.

Below breach categories are used in the database:

  • Denial of service attack - this attack is accomplished by flooding the target with massive amount of requests in order to overload the targeted system
  • Brute force attack - this category encompasses attempts to login to machine by trying many passwords and usernames
  • Backdoor attack - this category represents bypassing authentication by hidden programs or services to obtain remote access to a computer or trojan activity
  • Port scan - represents attackers identifying running services on the targeted machine by probing a server for open ports
  • Malicious bot - this category encompasses all bots performing unsolicited requests or ignoring robots.txt file
  • Anonymous proxy - public proxies like Tor, I2P relays or anonymous VPNs are often used by attacker to hide his identity
  • Web attack - attempts to exploit web application security flaws
  • CMS attack - attempts to exploit CMS vulnerability
  • App vulnerability attack - attempts to exploit other applications vulnerability
  • Web spam - encompasses all kind of HTTP spamming
  • Email spam - encompasses all kind of E-mail spamming
  • Dodgy activity - this category encompasses superfluous, dodgy requests

Report breach!

Rate host 45.134.179.57