IP address: 81.22.45.92

Host rating:

2.0

out of 29 votes

Last update: 2019-06-18

Host details

Unknown
Unknown
Unknown
Unknown
See comments

Reported breaches

  • Port scan
Report breach

Whois record

The publicly-available Whois record found at whois.ripe.net server.

% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
%       To receive output for a database update, use the "-B" flag.

% Information related to '81.22.45.0 - 81.22.45.255'

% Abuse contact for '81.22.45.0 - 81.22.45.255' is '[email protected]'

inetnum:        81.22.45.0 - 81.22.45.255
netname:        RU-INFOTECH-20181015
country:        RU
org:            ORG-ITL54-RIPE
admin-c:        LD5832-RIPE
tech-c:         LD5832-RIPE
status:         ASSIGNED PA
mnt-by:         IP-RIPE
mnt-routes:     ru-informtech-1-mnt
mnt-routes:     MNT-SELECTEL
created:        2018-10-15T14:52:53Z
last-modified:  2019-04-08T18:52:43Z
source:         RIPE

% Information related to '81.22.45.0/24AS49505'

route:          81.22.45.0/24
descr:          Selectel Customer
origin:         AS49505
mnt-by:         MNT-SELECTEL
created:        2018-11-23T13:48:16Z
last-modified:  2018-11-23T13:48:16Z
source:         RIPE

% This query was served by the RIPE Database Query Service version 1.94 (ANGUS)


User comments

29 security incident(s) reported by users

BHD Honeypot
Port scan
2019-06-18

In the last 24h, the attacker (81.22.45.92) attempted to scan 62 ports.
The following ports have been scanned: 8005/tcp (MXI Generation II for z/OS), 6689/tcp (Tofino Security Appliance), 9990/tcp (OSM Applet Server), 65006/tcp, 2300/tcp (CVMMON), 60013/tcp, 2394/tcp (MS OLAP 2), 9524/tcp, 1386/tcp (CheckSum License Manager), 3377/tcp (Cogsys Network License Manager), 9833/tcp, 23391/tcp, 2293/tcp (Network Platform Debug Manager), 65019/tcp, 7070/tcp (ARCP), 2025/tcp (ellpack), 9391/tcp, 3000/tcp (RemoteWare Client), 9503/tcp, 5398/tcp (Elektron Administration), 30013/tcp, 50007/tcp, 3385/tcp (qnxnetman), 777/tcp (Multiling HTTP), 65013/tcp, 3384/tcp (Cluster Management Services), 5001/tcp (commplex-link), 33389/tcp, 25006/tcp (icl-twobase7), 3309/tcp (TNS ADV), 20013/tcp (Samsung Interdevice Interaction), 4550/tcp (Perman I Interbase Server), 33893/tcp, 4003/tcp (pxc-splr-ft), 3391/tcp (SAVANT), 444/tcp (Simple Network Paging Protocol), 40001/tcp, 20016/tcp, 9015/tcp, 20009/tcp, 8016/tcp, 2388/tcp (MYNAH AutoStart), 8390/tcp, 9395/tcp, 50013/tcp, 65004/tcp, 3020/tcp (CIFS), 1007/tcp, 2004/tcp (mailbox), 5388/tcp, 12345/tcp (Italk Chat System), 1111/tcp (LM Social Server), 1389/tcp (Document Manager), 65020/tcp, 13397/tcp, 1015/tcp, 6005/tcp, 40002/tcp, 2006/tcp (invokator), 2010/tcp (search).
      
BHD Honeypot
Port scan
2019-06-17

In the last 24h, the attacker (81.22.45.92) attempted to scan 288 ports.
The following ports have been scanned: 30017/tcp, 50016/tcp, 1006/tcp, 25004/tcp (icl-twobase5), 3019/tcp (Resource Manager), 3005/tcp (Genius License Manager), 23392/tcp, 2397/tcp (NCL), 6001/tcp, 65014/tcp, 4399/tcp, 23397/tcp, 2005/tcp (berknet), 4385/tcp, 4397/tcp, 25009/tcp (icl-twobase10), 555/tcp (dsf), 20018/tcp, 1000/tcp (cadlock2), 5100/tcp (Socalia service mux), 2222/tcp (EtherNet/IP I/O), 64004/tcp, 64006/tcp, 65005/tcp, 9403/tcp, 30004/tcp, 60007/tcp, 29999/tcp, 4006/tcp (pxc-spvr), 60010/tcp, 1003/tcp, 3395/tcp (Dyna License Manager (Elam)), 30001/tcp (Pago Services 1), 1012/tcp, 9006/tcp, 3389/tcp (MS WBT Server), 6009/tcp, 40011/tcp, 9993/tcp (OnLive-2), 5390/tcp, 6385/tcp, 60006/tcp, 8385/tcp, 2290/tcp (Sonus Logging Services), 6397/tcp, 4392/tcp (American Printware RXServer Protocol), 2001/tcp (dc), 50006/tcp, 9988/tcp (Software Essentials Secure HTTP server), 5392/tcp, 60017/tcp, 2030/tcp (device2), 30002/tcp (Pago Services 2), 30000/tcp, 33885/tcp, 14999/tcp, 6006/tcp, 453/tcp (CreativeServer), 64016/tcp, 9001/tcp (ETL Service Manager), 3383/tcp (Enterprise Software Products License Manager), 5020/tcp (zenginkyo-1), 454/tcp (ContentServer), 1400/tcp (Cadkey Tablet Daemon), 20001/tcp (MicroSAN), 1018/tcp, 7070/tcp (ARCP), 64000/tcp, 2023/tcp (xinuexpansion3), 9521/tcp, 3387/tcp (Back Room Net), 20005/tcp (OpenWebNet protocol for electric network), 1004/tcp, 1399/tcp (Cadkey License Manager), 1190/tcp (CommLinx GPS / AVL System), 9386/tcp, 62000/tcp, 1397/tcp (Audio Active Mail), 1185/tcp (Catchpole port), 6000/tcp (-6063/udp   X Window System), 65008/tcp, 7889/tcp, 4001/tcp (NewOak), 4401/tcp (ASIGRA Televaulting DS-System Service), 4013/tcp (ACL Manager), 50003/tcp, 5009/tcp (Microsoft Windows Filesystem), 60000/tcp, 1016/tcp, 3018/tcp (Service Registry), 3302/tcp (MCS Fastmail), 40016/tcp, 9518/tcp, 30012/tcp, 23396/tcp, 33888/tcp, 5404/tcp (HPOMS-DPS-LSTN), 8389/tcp, 7019/tcp, 3376/tcp (CD Broker), 10013/tcp, 3373/tcp (Lavenir License Manager), 13391/tcp, 2387/tcp (VSAM Redirector), 23395/tcp, 5011/tcp (TelepathAttack), 2024/tcp (xinuexpansion4), 50004/tcp, 40012/tcp, 40015/tcp, 4016/tcp (Talarian Mcast), 40019/tcp, 9508/tcp, 25002/tcp (icl-twobase3), 4546/tcp (SF License Manager (Sentinel)), 65003/tcp, 5386/tcp, 5006/tcp (wsm server), 5050/tcp (multimedia conference control tool), 2017/tcp (cypress-stat), 65011/tcp, 33390/tcp, 20007/tcp, 7015/tcp (Talon Webserver), 40003/tcp, 9398/tcp, 9385/tcp, 3401/tcp (filecast), 33895/tcp, 5005/tcp (RTP control protocol [RFC 3551][RFC 4571]), 20004/tcp, 33890/tcp, 33898/tcp, 449/tcp (AS Server Mapper), 20015/tcp, 5403/tcp (HPOMS-CI-LSTN), 3392/tcp (EFI License Management), 30014/tcp, 2390/tcp (RSMTP), 8009/tcp, 23385/tcp, 20012/tcp, 25012/tcp, 2016/tcp (bootserver), 7005/tcp (volume managment server), 2401/tcp (cvspserver), 50009/tcp, 10012/tcp, 7390/tcp, 7400/tcp (RTPS Discovery), 9014/tcp, 5989/tcp (WBEM CIM-XML (HTTPS)), 6386/tcp, 3009/tcp (PXC-NTFY), 3016/tcp (Notify Server), 23393/tcp, 65017/tcp, 7393/tcp (nFoldMan Remote Publish), 2399/tcp (FileMaker, Inc. - Data Access Layer), 50020/tcp, 6399/tcp, 1393/tcp (Network Log Server), 1010/tcp (surf), 9013/tcp, 7002/tcp (users & groups database), 23389/tcp, 2286/tcp (NAS-Metering), 8015/tcp, 23398/tcp, 2299/tcp (PC Telecommute), 60014/tcp, 2015/tcp (cypress), 40018/tcp, 3308/tcp (TNS Server), 4396/tcp (Fly Object Space), 25008/tcp (icl-twobase9), 8397/tcp, 2007/tcp (dectalk), 2323/tcp (3d-nfsd), 455/tcp (CreativePartnr), 4017/tcp (Talarian Mcast), 9519/tcp, 39999/tcp, 4398/tcp, 40005/tcp, 40020/tcp, 60009/tcp, 7017/tcp, 5014/tcp, 25005/tcp (icl-twobase6), 50014/tcp, 3003/tcp (CGMS), 63389/tcp, 1005/tcp, 20011/tcp, 25001/tcp (icl-twobase2), 2291/tcp (EPSON Advanced Printer Share Protocol), 2014/tcp (troff), 3304/tcp (OP Session Server), 8399/tcp, 8889/tcp (Desktop Data TCP 1), 9389/tcp (Active Directory Web Services), 7012/tcp (Talon Engine), 4500/tcp (IPsec NAT-Traversal), 60018/tcp, 450/tcp (Computer Supported Telecomunication Applications), 3006/tcp (Instant Internet Admin), 1013/tcp, 25019/tcp, 3381/tcp (Geneous), 10016/tcp, 30011/tcp, 64001/tcp, 13392/tcp, 9997/tcp (Palace-6), 40000/tcp (SafetyNET p), 16699/tcp, 4410/tcp (RIB iTWO Application Server), 4009/tcp (Chimera HWM), 2008/tcp (conf), 7777/tcp (cbt), 123/tcp (Network Time Protocol), 8386/tcp, 9515/tcp, 4019/tcp (Talarian Mcast), 30009/tcp, 33891/tcp, 6388/tcp, 1019/tcp, 6389/tcp (clariion-evr01), 25014/tcp, 1390/tcp (Storage Controller), 5385/tcp, 2391/tcp (3COM Net Management), 2392/tcp (Tactical Auth), 9393/tcp, 30018/tcp, 13395/tcp, 33334/tcp, 44444/tcp, 40014/tcp, 2018/tcp (terminaldb), 2294/tcp (Konshus License Manager (FLEX)), 64011/tcp, 13399/tcp, 9513/tcp, 3014/tcp (Broker Service), 9504/tcp, 9994/tcp (OnLive-3), 65018/tcp, 40009/tcp, 3015/tcp (NATI DSTP), 2398/tcp (Orbiter), 64018/tcp, 3301/tcp, 2026/tcp (scrabble), 25011/tcp, 333/tcp (Texar Security Port), 2402/tcp (TaskMaster 2000 Server), 3380/tcp (SNS Channels), 2003/tcp (Brutus Server), 3007/tcp (Lotus Mail Tracking Agent Protocol), 9003/tcp, 33889/tcp, 9002/tcp (DynamID authentication), 3399/tcp (CSMS), 9991/tcp (OSM Event Server), 3004/tcp (Csoft Agent), 50010/tcp, 9505/tcp, 65012/tcp, 9507/tcp, 13398/tcp, 30010/tcp, 4005/tcp (pxc-pin), 10002/tcp (EMC-Documentum Content Server Product), 25003/tcp (icl-twobase4), 4549/tcp (Aegate PMR Service), 33894/tcp, 2021/tcp (servexec), 10006/tcp, 5007/tcp (wsm server ssl), 1009/tcp.
      
BHD Honeypot
Port scan
2019-06-16

In the last 24h, the attacker (81.22.45.92) attempted to scan 50 ports.
The following ports have been scanned: 64010/tcp, 13385/tcp, 8402/tcp (abarsd), 33896/tcp, 3396/tcp (Printer Agent), 3778/tcp (Cutler-Hammer IT Port), 50015/tcp, 25018/tcp, 9392/tcp, 4008/tcp (NetCheque accounting), 2011/tcp (raid), 9986/tcp, 8393/tcp, 9401/tcp (Samsung Twain for Network Client), 1388/tcp (Objective Solutions DataBase Cache), 2385/tcp (SD-DATA), 5589/tcp, 33911/tcp, 17222/tcp, 50005/tcp, 5017/tcp, 8387/tcp, 3405/tcp (Nokia Announcement ch 1), 65007/tcp, 1002/tcp, 451/tcp (Cray Network Semaphore server), 3386/tcp (GPRS Data), 9985/tcp, 3310/tcp (Dyna Access), 65016/tcp, 8388/tcp, 8003/tcp (Mulberry Connect Reporting Service), 3378/tcp (WSICOPY), 1001/tcp, 25017/tcp, 30003/tcp, 9404/tcp, 4402/tcp (ASIGRA Televaulting DS-Client Service), 1008/tcp, 6996/tcp, 9399/tcp, 3370/tcp, 6008/tcp, 8405/tcp (SuperVault Backup), 5397/tcp (StressTester(tm) Injector), 4388/tcp, 5389/tcp, 10000/tcp (Network Data Management Protocol), 7385/tcp, 64017/tcp.
      
BHD Honeypot
Port scan
2019-06-15

Port scan from IP: 81.22.45.92 detected by psad.
BHD Honeypot
Port scan
2019-06-11

In the last 24h, the attacker (81.22.45.92) attempted to scan 738 ports.
The following ports have been scanned: 5387/tcp, 30017/tcp, 8005/tcp (MXI Generation II for z/OS), 6689/tcp (Tofino Security Appliance), 25004/tcp (icl-twobase5), 8012/tcp, 25010/tcp, 9523/tcp, 6001/tcp, 64010/tcp, 9005/tcp, 7004/tcp (AFS/Kerberos authentication service), 30008/tcp, 4018/tcp (Talarian Mcast), 4385/tcp, 4394/tcp, 3398/tcp (Mercantile), 25009/tcp (icl-twobase10), 6395/tcp, 555/tcp (dsf), 9009/tcp (Pichat Server), 8402/tcp (abarsd), 2012/tcp (ttyinfo), 13387/tcp, 5402/tcp (OmniCast MFTP), 5100/tcp (Socalia service mux), 33896/tcp, 64004/tcp, 7008/tcp (server-to-server updater), 9000/tcp (CSlistener), 64006/tcp, 65005/tcp, 2300/tcp (CVMMON), 60013/tcp, 60007/tcp, 29999/tcp, 20008/tcp, 9090/tcp (WebSM), 5013/tcp (FileMaker, Inc. - Proprietary transport), 4400/tcp (ASIGRA Services), 3778/tcp (Cutler-Hammer IT Port), 10011/tcp, 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 30001/tcp (Pago Services 1), 3389/tcp (MS WBT Server), 6009/tcp, 40011/tcp, 9696/tcp, 9019/tcp, 33900/tcp, 60001/tcp, 59999/tcp, 9514/tcp, 50015/tcp, 64012/tcp, 3303/tcp (OP Session Client), 5390/tcp, 9520/tcp, 25018/tcp, 60019/tcp, 9392/tcp, 5008/tcp (Synapsis EDGE), 9524/tcp, 8385/tcp, 2013/tcp (raid-am), 1398/tcp (Video Active Mail), 6567/tcp (eSilo Storage Protocol), 4392/tcp (American Printware RXServer Protocol), 3377/tcp (Cogsys Network License Manager), 65009/tcp, 2001/tcp (dc), 7003/tcp (volume location database), 9988/tcp (Software Essentials Secure HTTP server), 5392/tcp, 6392/tcp, 60017/tcp, 64008/tcp, 2030/tcp (device2), 3403/tcp, 2002/tcp (globe), 9833/tcp, 1186/tcp (MySQL Cluster Manager), 33885/tcp, 4545/tcp (WorldScores), 9986/tcp, 6006/tcp, 23391/tcp, 64016/tcp, 9001/tcp (ETL Service Manager), 2293/tcp (Network Platform Debug Manager), 8391/tcp, 3383/tcp (Enterprise Software Products License Manager), 5555/tcp (Personal Agent), 9402/tcp (Samsung PC2FAX for Network Server), 5020/tcp (zenginkyo-1), 7397/tcp (Hexarc Command Language), 5010/tcp (TelepathStart), 4405/tcp (ASIGRA Televaulting Message Level Restore service), 20006/tcp, 10009/tcp (Systemwalker Desktop Patrol), 9401/tcp (Samsung Twain for Network Client), 454/tcp (ContentServer), 19999/tcp (Distributed Network Protocol - Secure), 8933/tcp, 65019/tcp, 20001/tcp (MicroSAN), 1018/tcp, 3404/tcp, 7070/tcp (ARCP), 64000/tcp, 2023/tcp (xinuexpansion3), 9521/tcp, 3387/tcp (Back Room Net), 2385/tcp (SD-DATA), 5589/tcp, 1399/tcp (Cadkey License Manager), 1387/tcp (Computer Aided Design Software Inc LM), 10003/tcp (EMC-Documentum Content Server Product), 9995/tcp (Palace-4), 6396/tcp, 9386/tcp, 17222/tcp, 20000/tcp (DNP), 13390/tcp, 50005/tcp, 62000/tcp, 10008/tcp (Octopus Multiplexer), 9977/tcp, 9509/tcp, 1397/tcp (Audio Active Mail), 2025/tcp (ellpack), 999/tcp (puprouter), 7009/tcp (remote cache manager service), 6000/tcp (-6063/udp   X Window System), 3379/tcp (SOCORFS), 8008/tcp (HTTP Alternate), 7889/tcp, 6003/tcp, 9998/tcp (Distinct32), 4001/tcp (NewOak), 64020/tcp, 4401/tcp (ASIGRA Televaulting DS-System Service), 4013/tcp (ACL Manager), 6565/tcp, 7011/tcp (Talon Discovery Port), 50003/tcp, 20020/tcp, 13394/tcp, 5009/tcp (Microsoft Windows Filesystem), 8019/tcp (QB DB Dynamic Port), 8013/tcp, 60000/tcp, 9017/tcp, 9391/tcp, 5017/tcp, 3018/tcp (Service Registry), 9503/tcp, 5398/tcp (Elektron Administration), 1391/tcp (Storage Access Server), 3405/tcp (Nokia Announcement ch 1), 9518/tcp, 6969/tcp (acmsoda), 4391/tcp (American Printware IMServer Protocol), 10015/tcp, 10020/tcp, 30013/tcp, 7394/tcp (File system export of backup images), 11111/tcp (Viral Computing Environment (VCE)), 5404/tcp (HPOMS-DPS-LSTN), 7019/tcp, 10013/tcp, 65007/tcp, 50007/tcp, 3373/tcp (Lavenir License Manager), 13391/tcp, 2285/tcp (LNVMAILMON), 2387/tcp (VSAM Redirector), 4393/tcp (American Printware RXSpooler Protocol), 23395/tcp, 5011/tcp (TelepathAttack), 4000/tcp (Terabase), 10017/tcp, 3372/tcp (TIP 2), 5016/tcp, 40015/tcp, 60011/tcp, 40019/tcp, 30007/tcp, 10001/tcp (SCP Configuration), 7391/tcp (mind-file system server), 9508/tcp, 25002/tcp (icl-twobase3), 3385/tcp (qnxnetman), 8001/tcp (VCOM Tunnel), 50017/tcp, 777/tcp (Multiling HTTP), 5394/tcp, 8006/tcp, 4546/tcp (SF License Manager (Sentinel)), 2028/tcp (submitserver), 9985/tcp, 5386/tcp, 7392/tcp (mrss-rendezvous server), 5006/tcp (wsm server), 9987/tcp (DSM/SCM Target Interface), 5050/tcp (multimedia conference control tool), 65011/tcp, 8388/tcp, 8394/tcp, 10014/tcp, 33390/tcp, 9388/tcp (D2D Data Transfer Service), 20007/tcp, 9398/tcp, 50011/tcp, 888/tcp (CD Database Protocol), 9385/tcp, 65015/tcp, 5005/tcp (RTP control protocol [RFC 3551][RFC 4571]), 2289/tcp (Lookup dict server), 20004/tcp, 7387/tcp, 33890/tcp, 9016/tcp, 3393/tcp (D2K Tapestry Client to Server), 33898/tcp, 6390/tcp (MetaEdit+ WebService API), 9012/tcp, 7013/tcp (Microtalon Discovery), 8003/tcp (Mulberry Connect Reporting Service), 25016/tcp, 5403/tcp (HPOMS-CI-LSTN), 25006/tcp (icl-twobase7), 4404/tcp (ASIGRA Televaulting DS-System Monitoring/Management), 7389/tcp, 5000/tcp (commplex-main), 6400/tcp (Business Objects CMS contact port), 7396/tcp, 3309/tcp (TNS ADV), 20013/tcp (Samsung Interdevice Interaction), 5399/tcp (SecurityChase), 3001/tcp, 3689/tcp (Digital Audio Access Protocol), 4403/tcp (ASIGRA Televaulting DS-Client Monitoring/Management), 2390/tcp (RSMTP), 8009/tcp, 23385/tcp, 7388/tcp, 20012/tcp, 3378/tcp (WSICOPY), 25012/tcp, 9506/tcp, 2016/tcp (bootserver), 2401/tcp (cvspserver), 50009/tcp, 4550/tcp (Perman I Interbase Server), 9008/tcp (Open Grid Services Server), 5396/tcp, 7400/tcp (RTPS Discovery), 9014/tcp, 40017/tcp, 5989/tcp (WBEM CIM-XML (HTTPS)), 1188/tcp (HP Web Admin), 6386/tcp, 7014/tcp (Microtalon Communications), 3030/tcp (Arepa Cas), 3009/tcp (PXC-NTFY), 3016/tcp (Notify Server), 3306/tcp (MySQL), 23393/tcp, 33893/tcp, 4003/tcp (pxc-splr-ft), 7393/tcp (nFoldMan Remote Publish), 6398/tcp, 6060/tcp, 3010/tcp (Telerate Workstation), 3391/tcp (SAVANT), 4999/tcp (HyperFileSQL Client/Server Database Engine Manager), 8002/tcp (Teradata ORDBMS), 6002/tcp, 7002/tcp (users & groups database), 13131/tcp, 23389/tcp, 8015/tcp, 3888/tcp (Ciphire Services), 444/tcp (Simple Network Paging Protocol), 2405/tcp (TRC Netpoll), 2015/tcp (cypress), 40018/tcp, 30003/tcp, 4396/tcp (Fly Object Space), 64014/tcp, 60003/tcp, 4547/tcp (Lanner License Manager), 9404/tcp, 20016/tcp, 25008/tcp (icl-twobase9), 2297/tcp (D2K DataMover 1), 2323/tcp (3d-nfsd), 5400/tcp (Excerpt Search), 455/tcp (CreativePartnr), 4017/tcp (Talarian Mcast), 4020/tcp (TRAP Port), 8016/tcp, 9519/tcp, 4398/tcp, 40005/tcp, 60009/tcp, 2388/tcp (MYNAH AutoStart), 5014/tcp, 9395/tcp, 50013/tcp, 60005/tcp, 50014/tcp, 6004/tcp, 6996/tcp, 9510/tcp, 1005/tcp, 2291/tcp (EPSON Advanced Printer Share Protocol), 9502/tcp, 2014/tcp (troff), 3304/tcp (OP Session Server), 8399/tcp, 8889/tcp (Desktop Data TCP 1), 2022/tcp (down), 6010/tcp, 6391/tcp, 30019/tcp, 1007/tcp, 2004/tcp (mailbox), 5002/tcp (radio free ethernet), 9389/tcp (Active Directory Web Services), 7012/tcp (Talon Engine), 5388/tcp, 7018/tcp, 4500/tcp (IPsec NAT-Traversal), 12345/tcp (Italk Chat System), 3006/tcp (Instant Internet Admin), 1013/tcp, 4040/tcp (Yo.net main service), 3381/tcp (Geneous), 30011/tcp, 9997/tcp (Palace-6), 40006/tcp, 452/tcp (Cray SFS config server), 23394/tcp, 40000/tcp (SafetyNET p), 50000/tcp, 43389/tcp, 8020/tcp (Intuit Entitlement Service and Discovery), 8010/tcp, 4410/tcp (RIB iTWO Application Server), 1111/tcp (LM Social Server), 4009/tcp (Chimera HWM), 5391/tcp, 2008/tcp (conf), 7777/tcp (cbt), 30005/tcp, 9399/tcp, 2404/tcp (IEC 60870-5-104 process control over IP), 8386/tcp, 9515/tcp, 4019/tcp (Talarian Mcast), 30009/tcp, 4015/tcp (Talarian Mcast), 6388/tcp, 7020/tcp (DP Serve), 7395/tcp (winqedit), 6007/tcp, 7000/tcp (file server itself), 3333/tcp (DEC Notes), 6389/tcp (clariion-evr01), 2287/tcp (DNA), 25014/tcp, 13393/tcp, 4489/tcp, 5385/tcp, 1011/tcp, 23399/tcp, 40013/tcp, 50019/tcp, 10004/tcp (EMC Replication Manager Client), 2392/tcp (Tactical Auth), 9004/tcp, 7398/tcp, 5004/tcp (RTP media data [RFC 3551][RFC 4571]), 6008/tcp, 7016/tcp, 8398/tcp, 1017/tcp, 13395/tcp, 33886/tcp, 8007/tcp, 44444/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 40014/tcp, 6868/tcp (Acctopus Command Channel), 5397/tcp (StressTester(tm) Injector), 2018/tcp (terminaldb), 4388/tcp, 64011/tcp, 9513/tcp, 7386/tcp, 3014/tcp (Broker Service), 25000/tcp (icl-twobase1), 446/tcp (DDM-Remote Relational Database Access), 9994/tcp (OnLive-3), 65018/tcp, 40009/tcp, 5389/tcp, 3015/tcp (NATI DSTP), 2398/tcp (Orbiter), 5393/tcp, 64018/tcp, 20014/tcp (OpenDeploy Listener), 13397/tcp, 3301/tcp, 2026/tcp (scrabble), 30016/tcp, 33899/tcp, 333/tcp (Texar Security Port), 6393/tcp, 2402/tcp (TaskMaster 2000 Server), 4011/tcp (Alternate Service Boot), 8004/tcp, 20010/tcp, 33333/tcp (Digital Gaslight Service), 3380/tcp (SNS Channels), 3007/tcp (Lotus Mail Tracking Agent Protocol), 7385/tcp, 3397/tcp (Cloanto License Manager), 53389/tcp, 9002/tcp (DynamID authentication), 9387/tcp (D2D Configuration Service), 3399/tcp (CSMS), 6005/tcp, 9991/tcp (OSM Event Server), 3004/tcp (Csoft Agent), 5019/tcp, 7399/tcp, 9999/tcp (distinct), 3375/tcp (VSNM Agent), 23388/tcp, 40002/tcp, 2006/tcp (invokator), 9507/tcp, 3382/tcp (Fujitsu Network Enhanced Antitheft function), 13398/tcp, 4007/tcp (pxc-splr), 3388/tcp (CB Server), 35689/tcp, 33331/tcp (DiamondCentral Interface), 4005/tcp (pxc-pin), 7010/tcp (onlinet uninterruptable power supplies), 2010/tcp (search), 2000/tcp (Cisco SCCP), 40007/tcp, 4549/tcp (Aegate PMR Service), 8017/tcp, 33894/tcp, 30015/tcp, 64002/tcp, 5007/tcp (wsm server ssl).
      
BHD Honeypot
Port scan
2019-06-10

In the last 24h, the attacker (81.22.45.92) attempted to scan 1248 ports.
The following ports have been scanned: 5387/tcp, 5395/tcp, 30017/tcp, 9396/tcp (fjinvmgr), 1187/tcp (Alias Service), 50016/tcp, 4010/tcp (Samsung Unidex), 1006/tcp, 25004/tcp (icl-twobase5), 3019/tcp (Resource Manager), 2393/tcp (MS OLAP 1), 3005/tcp (Genius License Manager), 8012/tcp, 25010/tcp, 10010/tcp (ooRexx rxapi services), 23392/tcp, 2296/tcp (Theta License Manager (Rainbow)), 9018/tcp, 9517/tcp, 2397/tcp (NCL), 10005/tcp (EMC Replication Manager Server), 6001/tcp, 20017/tcp, 64010/tcp, 65014/tcp, 13385/tcp, 4399/tcp, 23397/tcp, 2395/tcp (LAN900 Remote), 3305/tcp (ODETTE-FTP), 2005/tcp (berknet), 4018/tcp (Talarian Mcast), 4385/tcp, 3398/tcp (Mercantile), 4397/tcp, 25009/tcp (icl-twobase10), 6395/tcp, 20018/tcp, 50012/tcp, 8018/tcp, 8402/tcp (abarsd), 2012/tcp (ttyinfo), 1000/tcp (cadlock2), 65006/tcp, 13387/tcp, 5100/tcp (Socalia service mux), 2222/tcp (EtherNet/IP I/O), 33896/tcp, 64004/tcp, 3396/tcp (Printer Agent), 64019/tcp, 9000/tcp (CSlistener), 9511/tcp, 65005/tcp, 9403/tcp, 64007/tcp, 30004/tcp, 60013/tcp, 60007/tcp, 40008/tcp, 5405/tcp (NetSupport), 20008/tcp, 23400/tcp (Novar Data), 5013/tcp (FileMaker, Inc. - Proprietary transport), 65001/tcp, 4400/tcp (ASIGRA Services), 4006/tcp (pxc-spvr), 3778/tcp (Cutler-Hammer IT Port), 60010/tcp, 25013/tcp, 1003/tcp, 3395/tcp (Dyna License Manager (Elam)), 30001/tcp (Pago Services 1), 1012/tcp, 9006/tcp, 9696/tcp, 9019/tcp, 33900/tcp, 60001/tcp, 59999/tcp, 8011/tcp, 25020/tcp, 9993/tcp (OnLive-2), 64012/tcp, 3303/tcp (OP Session Client), 3012/tcp (Trusted Web Client), 5390/tcp, 9520/tcp, 8014/tcp, 4386/tcp, 25018/tcp, 6385/tcp, 60019/tcp, 2394/tcp (MS OLAP 2), 3017/tcp (Event Listener), 5008/tcp (Synapsis EDGE), 25007/tcp (icl-twobase8), 4002/tcp (pxc-spvr-ft), 60006/tcp, 1386/tcp (CheckSum License Manager), 2013/tcp (raid-am), 64005/tcp, 1398/tcp (Video Active Mail), 6567/tcp (eSilo Storage Protocol), 6397/tcp, 4392/tcp (American Printware RXServer Protocol), 3377/tcp (Cogsys Network License Manager), 65009/tcp, 2001/tcp (dc), 7003/tcp (volume location database), 50006/tcp, 9988/tcp (Software Essentials Secure HTTP server), 65002/tcp, 13389/tcp, 5392/tcp, 6392/tcp, 64008/tcp, 8400/tcp (cvd), 2030/tcp (device2), 3403/tcp, 2002/tcp (globe), 447/tcp (DDM-Distributed File Management), 9833/tcp, 30002/tcp (Pago Services 2), 2011/tcp (raid), 1186/tcp (MySQL Cluster Manager), 33885/tcp, 14999/tcp, 4014/tcp (TAICLOCK), 453/tcp (CreativeServer), 23391/tcp, 2403/tcp (TaskMaster 2000 Web), 64016/tcp, 2293/tcp (Network Platform Debug Manager), 13388/tcp, 9516/tcp, 5555/tcp (Personal Agent), 5020/tcp (zenginkyo-1), 5010/tcp (TelepathStart), 5018/tcp, 4405/tcp (ASIGRA Televaulting Message Level Restore service), 8393/tcp, 20006/tcp, 10009/tcp (Systemwalker Desktop Patrol), 9401/tcp (Samsung Twain for Network Client), 454/tcp (ContentServer), 19999/tcp (Distributed Network Protocol - Secure), 6666/tcp, 65019/tcp, 1400/tcp (Cadkey Tablet Daemon), 1388/tcp (Objective Solutions DataBase Cache), 8396/tcp, 1018/tcp, 4395/tcp (OmniVision communication for Virtual environments), 3404/tcp, 5003/tcp (FileMaker, Inc. - Proprietary transport), 9020/tcp (TAMBORA), 7070/tcp (ARCP), 2023/tcp (xinuexpansion3), 9521/tcp, 3387/tcp (Back Room Net), 20005/tcp (OpenWebNet protocol for electric network), 1004/tcp, 33911/tcp, 1399/tcp (Cadkey License Manager), 1190/tcp (CommLinx GPS / AVL System), 3013/tcp (Gilat Sky Surfer), 1387/tcp (Computer Aided Design Software Inc LM), 10003/tcp (EMC-Documentum Content Server Product), 9995/tcp (Palace-4), 6396/tcp, 17222/tcp, 60004/tcp, 20000/tcp (DNP), 5015/tcp (FileMaker, Inc. - Web publishing), 62000/tcp, 10008/tcp (Octopus Multiplexer), 9509/tcp, 8404/tcp (SuperVault Cloud), 1397/tcp (Audio Active Mail), 3008/tcp (Midnight Technologies), 999/tcp (puprouter), 1185/tcp (Catchpole port), 7009/tcp (remote cache manager service), 33887/tcp, 6000/tcp (-6063/udp   X Window System), 65008/tcp, 3379/tcp (SOCORFS), 8008/tcp (HTTP Alternate), 6003/tcp, 4001/tcp (NewOak), 64020/tcp, 4401/tcp (ASIGRA Televaulting DS-System Service), 4013/tcp (ACL Manager), 1395/tcp (PC Workstation Manager software), 6565/tcp, 7011/tcp (Talon Discovery Port), 50003/tcp, 20020/tcp, 2389/tcp (OpenView Session Mgr), 5009/tcp (Microsoft Windows Filesystem), 8019/tcp (QB DB Dynamic Port), 8013/tcp, 8443/tcp (PCsync HTTPS), 60000/tcp, 9989/tcp, 1016/tcp, 9391/tcp, 5017/tcp, 3000/tcp (RemoteWare Client), 3018/tcp (Service Registry), 23390/tcp, 9503/tcp, 2027/tcp (shadowserver), 3302/tcp (MCS Fastmail), 5398/tcp (Elektron Administration), 8387/tcp, 1391/tcp (Storage Access Server), 3405/tcp (Nokia Announcement ch 1), 1020/tcp, 40016/tcp, 30012/tcp, 4012/tcp (PDA Gate), 6969/tcp (acmsoda), 4391/tcp (American Printware IMServer Protocol), 23396/tcp, 10015/tcp, 30013/tcp, 7394/tcp (File system export of backup images), 11111/tcp (Viral Computing Environment (VCE)), 2009/tcp (news), 5404/tcp (HPOMS-DPS-LSTN), 8389/tcp, 3376/tcp (CD Broker), 50001/tcp, 65007/tcp, 1002/tcp, 50007/tcp, 13391/tcp, 2285/tcp (LNVMAILMON), 2387/tcp (VSAM Redirector), 4393/tcp (American Printware RXSpooler Protocol), 23395/tcp, 5011/tcp (TelepathAttack), 4000/tcp (Terabase), 50002/tcp, 10017/tcp, 3372/tcp (TIP 2), 2024/tcp (xinuexpansion4), 50004/tcp, 40012/tcp, 40015/tcp, 4016/tcp (Talarian Mcast), 40019/tcp, 451/tcp (Cray Network Semaphore server), 30007/tcp, 10001/tcp (SCP Configuration), 60002/tcp, 7391/tcp (mind-file system server), 6394/tcp, 25002/tcp (icl-twobase3), 3490/tcp (Colubris Management Port), 3386/tcp (GPRS Data), 8001/tcp (VCOM Tunnel), 5394/tcp, 65013/tcp, 8006/tcp, 4546/tcp (SF License Manager (Sentinel)), 65003/tcp, 2028/tcp (submitserver), 9985/tcp, 3384/tcp (Cluster Management Services), 7392/tcp (mrss-rendezvous server), 5006/tcp (wsm server), 9987/tcp (DSM/SCM Target Interface), 5050/tcp (multimedia conference control tool), 3310/tcp (Dyna Access), 2017/tcp (cypress-stat), 65016/tcp, 65011/tcp, 8388/tcp, 8394/tcp, 10014/tcp, 5001/tcp (commplex-link), 7015/tcp (Talon Webserver), 40003/tcp, 50011/tcp, 888/tcp (CD Database Protocol), 9385/tcp, 50018/tcp, 65015/tcp, 3401/tcp (filecast), 33895/tcp, 5005/tcp (RTP control protocol [RFC 3551][RFC 4571]), 2289/tcp (Lookup dict server), 20004/tcp, 33389/tcp, 33890/tcp, 9016/tcp, 3393/tcp (D2K Tapestry Client to Server), 33898/tcp, 9012/tcp, 449/tcp (AS Server Mapper), 7013/tcp (Microtalon Discovery), 8003/tcp (Mulberry Connect Reporting Service), 20015/tcp, 10007/tcp (MVS Capacity), 25016/tcp, 3392/tcp (EFI License Management), 25006/tcp (icl-twobase7), 30014/tcp, 5000/tcp (commplex-main), 7396/tcp, 3309/tcp (TNS ADV), 20013/tcp (Samsung Interdevice Interaction), 8080/tcp (HTTP Alternate (see port 80)), 5399/tcp (SecurityChase), 8392/tcp, 3001/tcp, 3689/tcp (Digital Audio Access Protocol), 20019/tcp, 4403/tcp (ASIGRA Televaulting DS-Client Monitoring/Management), 2390/tcp (RSMTP), 23385/tcp, 7388/tcp, 20012/tcp, 3378/tcp (WSICOPY), 9506/tcp, 2016/tcp (bootserver), 3394/tcp (D2K Tapestry Server to Server), 7005/tcp (volume managment server), 2401/tcp (cvspserver), 50009/tcp, 4550/tcp (Perman I Interbase Server), 9008/tcp (Open Grid Services Server), 2288/tcp (NETML), 7390/tcp, 7400/tcp (RTPS Discovery), 2400/tcp (OpEquus Server), 9014/tcp, 40017/tcp, 5989/tcp (WBEM CIM-XML (HTTPS)), 4548/tcp (Synchromesh), 1188/tcp (HP Web Admin), 6386/tcp, 3030/tcp (Arepa Cas), 3009/tcp (PXC-NTFY), 3371/tcp, 3016/tcp (Notify Server), 3306/tcp (MySQL), 40004/tcp, 20003/tcp (Commtact HTTPS), 23393/tcp, 65017/tcp, 33893/tcp, 4003/tcp (pxc-splr-ft), 1001/tcp, 6398/tcp, 2399/tcp (FileMaker, Inc. - Data Access Layer), 6060/tcp, 3010/tcp (Telerate Workstation), 50020/tcp, 6399/tcp, 10018/tcp, 1393/tcp (Network Log Server), 1010/tcp (surf), 3391/tcp (SAVANT), 1189/tcp (Unet Connection), 3300/tcp, 4999/tcp (HyperFileSQL Client/Server Database Engine Manager), 8002/tcp (Teradata ORDBMS), 13131/tcp, 23389/tcp, 3011/tcp (Trusted Web), 2286/tcp (NAS-Metering), 8015/tcp, 3888/tcp (Ciphire Services), 23398/tcp, 2299/tcp (PC Telecommute), 60014/tcp, 2405/tcp (TRC Netpoll), 2015/tcp (cypress), 40018/tcp, 30003/tcp, 3308/tcp (TNS Server), 55555/tcp, 4396/tcp (Fly Object Space), 64014/tcp, 60003/tcp, 4547/tcp (Lanner License Manager), 9404/tcp, 40001/tcp, 20016/tcp, 666/tcp (doom Id Software), 25008/tcp (icl-twobase9), 3400/tcp (CSMS2), 2297/tcp (D2K DataMover 1), 8395/tcp, 8397/tcp, 2007/tcp (dectalk), 10019/tcp, 2323/tcp (3d-nfsd), 4004/tcp (pxc-roid), 5400/tcp (Excerpt Search), 455/tcp (CreativePartnr), 4017/tcp (Talarian Mcast), 9010/tcp (Secure Data Replicator Protocol), 4020/tcp (TRAP Port), 4402/tcp (ASIGRA Televaulting DS-Client Service), 9390/tcp (OpenVAS Transfer Protocol), 8016/tcp, 9519/tcp, 39999/tcp, 4398/tcp, 40005/tcp, 40020/tcp, 1014/tcp, 2388/tcp (MYNAH AutoStart), 8390/tcp, 7017/tcp, 5014/tcp, 25005/tcp (icl-twobase6), 9395/tcp, 50013/tcp, 2386/tcp (Virtual Tape), 50014/tcp, 1008/tcp, 25252/tcp, 65004/tcp, 6004/tcp, 3003/tcp (CGMS), 63389/tcp, 1005/tcp, 3374/tcp (Cluster Disc), 3020/tcp (CIFS), 25001/tcp (icl-twobase2), 7007/tcp (basic overseer process), 2291/tcp (EPSON Advanced Printer Share Protocol), 2014/tcp (troff), 3304/tcp (OP Session Server), 8889/tcp (Desktop Data TCP 1), 2029/tcp (Hot Standby Router Protocol IPv6), 2022/tcp (down), 6010/tcp, 9397/tcp (MpIdcAgt), 2295/tcp (Advant License Manager), 6391/tcp, 30019/tcp, 1007/tcp, 2004/tcp (mailbox), 5002/tcp (radio free ethernet), 9389/tcp (Active Directory Web Services), 23386/tcp, 5388/tcp, 4500/tcp (IPsec NAT-Traversal), 60018/tcp, 12345/tcp (Italk Chat System), 4387/tcp, 450/tcp (Computer Supported Telecomunication Applications), 3006/tcp (Instant Internet Admin), 1013/tcp, 25019/tcp, 4040/tcp (Yo.net main service), 65010/tcp, 3381/tcp (Geneous), 10016/tcp, 64001/tcp, 13392/tcp, 9997/tcp (Palace-6), 40006/tcp, 1234/tcp (Infoseek Search Agent), 452/tcp (Cray SFS config server), 40000/tcp (SafetyNET p), 50000/tcp, 64003/tcp, 16699/tcp, 43389/tcp, 8020/tcp (Intuit Entitlement Service and Discovery), 33892/tcp, 8010/tcp, 4410/tcp (RIB iTWO Application Server), 20002/tcp (Commtact HTTP), 1111/tcp (LM Social Server), 4009/tcp (Chimera HWM), 5391/tcp, 2008/tcp (conf), 7789/tcp (Office Tools Pro Receive), 7777/tcp (cbt), 30005/tcp, 9399/tcp, 33897/tcp, 4444/tcp (NV Video default), 2404/tcp (IEC 60870-5-104 process control over IP), 123/tcp (Network Time Protocol), 49999/tcp, 60008/tcp, 9515/tcp, 30009/tcp, 4015/tcp (Talarian Mcast), 33891/tcp, 6388/tcp, 7020/tcp (DP Serve), 1019/tcp, 4390/tcp (Physical Access Control), 1389/tcp (Document Manager), 65020/tcp, 60012/tcp, 3333/tcp (DEC Notes), 2287/tcp (DNA), 25014/tcp, 65000/tcp, 13393/tcp, 4489/tcp, 1390/tcp (Storage Controller), 5385/tcp, 3307/tcp (OP Session Proxy), 9501/tcp, 1011/tcp, 23399/tcp, 3370/tcp, 1385/tcp (Atex Publishing License Manager), 40013/tcp, 50019/tcp, 10004/tcp (EMC Replication Manager Client), 2391/tcp (3COM Net Management), 1392/tcp (Print Manager), 7001/tcp (callbacks to cache managers), 2392/tcp (Tactical Auth), 7398/tcp, 5004/tcp (RTP media data [RFC 3551][RFC 4571]), 6008/tcp, 9393/tcp, 448/tcp (DDM-Remote DB Access Using Secure Sockets), 3402/tcp (FXa Engine Network Port), 30018/tcp, 8398/tcp, 1017/tcp, 8000/tcp (iRDMI), 8007/tcp, 33334/tcp, 44444/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 33332/tcp, 40014/tcp, 6868/tcp (Acctopus Command Channel), 8405/tcp (SuperVault Backup), 5397/tcp (StressTester(tm) Injector), 2018/tcp (terminaldb), 4388/tcp, 2294/tcp (Konshus License Manager (FLEX)), 64011/tcp, 13399/tcp, 9513/tcp, 7386/tcp, 3014/tcp (Broker Service), 9504/tcp, 60020/tcp, 446/tcp (DDM-Remote Relational Database Access), 64009/tcp, 9994/tcp (OnLive-3), 65018/tcp, 40009/tcp, 2020/tcp (xinupageserver), 2398/tcp (Orbiter), 5393/tcp, 30020/tcp, 20014/tcp (OpenDeploy Listener), 13397/tcp, 3301/tcp, 2026/tcp (scrabble), 1015/tcp, 25011/tcp, 30016/tcp, 33899/tcp, 333/tcp (Texar Security Port), 2292/tcp (Sonus Element Management Services), 6393/tcp, 9525/tcp, 2402/tcp (TaskMaster 2000 Server), 4011/tcp (Alternate Service Boot), 8004/tcp, 20010/tcp, 33333/tcp (Digital Gaslight Service), 5012/tcp (NetOnTap Service), 64013/tcp, 30006/tcp, 3007/tcp (Lotus Mail Tracking Agent Protocol), 9003/tcp, 33889/tcp, 3397/tcp (Cloanto License Manager), 64017/tcp, 53389/tcp, 9002/tcp (DynamID authentication), 9387/tcp (D2D Configuration Service), 3399/tcp (CSMS), 9991/tcp (OSM Event Server), 3004/tcp (Csoft Agent), 5019/tcp, 50010/tcp, 3375/tcp (VSNM Agent), 23388/tcp, 40002/tcp, 9505/tcp, 3002/tcp (RemoteWare Server), 64015/tcp, 65012/tcp, 2006/tcp (invokator), 9507/tcp, 50008/tcp, 60016/tcp, 13400/tcp, 1394/tcp (Network Log Client), 3388/tcp (CB Server), 35689/tcp, 9405/tcp, 33331/tcp (DiamondCentral Interface), 30010/tcp, 4005/tcp (pxc-pin), 2396/tcp (Wusage), 2010/tcp (search), 6387/tcp, 2000/tcp (Cisco SCCP), 25003/tcp (icl-twobase4), 40007/tcp, 4549/tcp (Aegate PMR Service), 8017/tcp, 30015/tcp, 2019/tcp (whosockami), 2021/tcp (servexec), 23387/tcp, 10006/tcp, 5007/tcp (wsm server ssl), 1009/tcp.
      
BHD Honeypot
Port scan
2019-06-09

In the last 24h, the attacker (81.22.45.92) attempted to scan 1212 ports.
The following ports have been scanned: 5387/tcp, 5395/tcp, 30017/tcp, 9396/tcp (fjinvmgr), 1187/tcp (Alias Service), 50016/tcp, 8005/tcp (MXI Generation II for z/OS), 4010/tcp (Samsung Unidex), 6689/tcp (Tofino Security Appliance), 1006/tcp, 25004/tcp (icl-twobase5), 3019/tcp (Resource Manager), 2393/tcp (MS OLAP 1), 3005/tcp (Genius License Manager), 25010/tcp, 10010/tcp (ooRexx rxapi services), 23392/tcp, 9523/tcp, 2296/tcp (Theta License Manager (Rainbow)), 9018/tcp, 9517/tcp, 2397/tcp (NCL), 10005/tcp (EMC Replication Manager Server), 1396/tcp (DVL Active Mail), 9990/tcp (OSM Applet Server), 20017/tcp, 64010/tcp, 65014/tcp, 9005/tcp, 13385/tcp, 4399/tcp, 23397/tcp, 7004/tcp (AFS/Kerberos authentication service), 2395/tcp (LAN900 Remote), 3305/tcp (ODETTE-FTP), 2005/tcp (berknet), 30008/tcp, 4018/tcp (Talarian Mcast), 4385/tcp, 4394/tcp, 3398/tcp (Mercantile), 4397/tcp, 25009/tcp (icl-twobase10), 6395/tcp, 555/tcp (dsf), 9009/tcp (Pichat Server), 20018/tcp, 50012/tcp, 8018/tcp, 5402/tcp (OmniCast MFTP), 5100/tcp (Socalia service mux), 2222/tcp (EtherNet/IP I/O), 33896/tcp, 64004/tcp, 7008/tcp (server-to-server updater), 3396/tcp (Printer Agent), 64019/tcp, 9000/tcp (CSlistener), 64006/tcp, 9511/tcp, 65005/tcp, 2300/tcp (CVMMON), 30004/tcp, 60013/tcp, 60007/tcp, 40008/tcp, 5405/tcp (NetSupport), 20008/tcp, 23400/tcp (Novar Data), 9090/tcp (WebSM), 65001/tcp, 4006/tcp (pxc-spvr), 3778/tcp (Cutler-Hammer IT Port), 60010/tcp, 10011/tcp, 25013/tcp, 3390/tcp (Distributed Service Coordinator), 1003/tcp, 30001/tcp (Pago Services 1), 1012/tcp, 9006/tcp, 6009/tcp, 40011/tcp, 9696/tcp, 9019/tcp, 33900/tcp, 59999/tcp, 9514/tcp, 8011/tcp, 25020/tcp, 50015/tcp, 9993/tcp (OnLive-2), 64012/tcp, 3303/tcp (OP Session Client), 5390/tcp, 9520/tcp, 4386/tcp, 25018/tcp, 6385/tcp, 60019/tcp, 9392/tcp, 40010/tcp, 22222/tcp, 3017/tcp (Event Listener), 25007/tcp (icl-twobase8), 4002/tcp (pxc-spvr-ft), 60006/tcp, 9524/tcp, 8385/tcp, 1386/tcp (CheckSum License Manager), 2013/tcp (raid-am), 64005/tcp, 2290/tcp (Sonus Logging Services), 1398/tcp (Video Active Mail), 65009/tcp, 2001/tcp (dc), 7003/tcp (volume location database), 50006/tcp, 9988/tcp (Software Essentials Secure HTTP server), 9011/tcp, 65002/tcp, 13389/tcp, 6392/tcp, 60017/tcp, 64008/tcp, 8400/tcp (cvd), 2002/tcp (globe), 447/tcp (DDM-Distributed File Management), 9833/tcp, 4008/tcp (NetCheque accounting), 30002/tcp (Pago Services 2), 30000/tcp, 2011/tcp (raid), 1186/tcp (MySQL Cluster Manager), 33885/tcp, 14999/tcp, 4545/tcp (WorldScores), 9986/tcp, 4014/tcp (TAICLOCK), 6006/tcp, 453/tcp (CreativeServer), 2403/tcp (TaskMaster 2000 Web), 64016/tcp, 9001/tcp (ETL Service Manager), 8391/tcp, 13388/tcp, 3383/tcp (Enterprise Software Products License Manager), 9516/tcp, 9402/tcp (Samsung PC2FAX for Network Server), 5020/tcp (zenginkyo-1), 7397/tcp (Hexarc Command Language), 5010/tcp (TelepathStart), 5018/tcp, 4405/tcp (ASIGRA Televaulting Message Level Restore service), 8393/tcp, 20006/tcp, 9522/tcp, 10009/tcp (Systemwalker Desktop Patrol), 454/tcp (ContentServer), 19999/tcp (Distributed Network Protocol - Secure), 8933/tcp, 6666/tcp, 65019/tcp, 1400/tcp (Cadkey Tablet Daemon), 20001/tcp (MicroSAN), 1388/tcp (Objective Solutions DataBase Cache), 8396/tcp, 4395/tcp (OmniVision communication for Virtual environments), 3404/tcp, 5003/tcp (FileMaker, Inc. - Proprietary transport), 9020/tcp (TAMBORA), 7070/tcp (ARCP), 64000/tcp, 2023/tcp (xinuexpansion3), 9521/tcp, 2385/tcp (SD-DATA), 20005/tcp (OpenWebNet protocol for electric network), 33911/tcp, 1399/tcp (Cadkey License Manager), 1190/tcp (CommLinx GPS / AVL System), 3013/tcp (Gilat Sky Surfer), 1387/tcp (Computer Aided Design Software Inc LM), 10003/tcp (EMC-Documentum Content Server Product), 9995/tcp (Palace-4), 6396/tcp, 9386/tcp, 17222/tcp, 60004/tcp, 5015/tcp (FileMaker, Inc. - Web publishing), 13390/tcp, 50005/tcp, 62000/tcp, 10008/tcp (Octopus Multiplexer), 9977/tcp, 9509/tcp, 8404/tcp (SuperVault Cloud), 1397/tcp (Audio Active Mail), 2025/tcp (ellpack), 999/tcp (puprouter), 1185/tcp (Catchpole port), 6000/tcp (-6063/udp   X Window System), 65008/tcp, 7889/tcp, 6003/tcp, 9998/tcp (Distinct32), 4001/tcp (NewOak), 4401/tcp (ASIGRA Televaulting DS-System Service), 1395/tcp (PC Workstation Manager software), 6565/tcp, 7011/tcp (Talon Discovery Port), 20020/tcp, 13394/tcp, 2389/tcp (OpenView Session Mgr), 5009/tcp (Microsoft Windows Filesystem), 8019/tcp (QB DB Dynamic Port), 8013/tcp, 8443/tcp (PCsync HTTPS), 60000/tcp, 9017/tcp, 9989/tcp, 1016/tcp, 5017/tcp, 3000/tcp (RemoteWare Client), 3018/tcp (Service Registry), 23390/tcp, 2027/tcp (shadowserver), 5398/tcp (Elektron Administration), 8387/tcp, 1391/tcp (Storage Access Server), 3405/tcp (Nokia Announcement ch 1), 1020/tcp, 40016/tcp, 9518/tcp, 30012/tcp, 4012/tcp (PDA Gate), 6969/tcp (acmsoda), 4391/tcp (American Printware IMServer Protocol), 23396/tcp, 10015/tcp, 33888/tcp, 10020/tcp, 30013/tcp, 7394/tcp (File system export of backup images), 11111/tcp (Viral Computing Environment (VCE)), 2009/tcp (news), 8389/tcp, 7019/tcp, 2298/tcp (D2K DataMover 2), 3376/tcp (CD Broker), 50001/tcp, 10013/tcp, 65007/tcp, 1002/tcp, 50007/tcp, 3373/tcp (Lavenir License Manager), 13391/tcp, 2387/tcp (VSAM Redirector), 4393/tcp (American Printware RXSpooler Protocol), 5011/tcp (TelepathAttack), 4000/tcp (Terabase), 10017/tcp, 3372/tcp (TIP 2), 50004/tcp, 9996/tcp (Palace-5), 40012/tcp, 40015/tcp, 60011/tcp, 4016/tcp (Talarian Mcast), 30007/tcp, 10001/tcp (SCP Configuration), 6394/tcp, 9508/tcp, 25002/tcp (icl-twobase3), 3490/tcp (Colubris Management Port), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 8001/tcp (VCOM Tunnel), 50017/tcp, 777/tcp (Multiling HTTP), 5394/tcp, 65013/tcp, 4546/tcp (SF License Manager (Sentinel)), 9007/tcp, 65003/tcp, 9985/tcp, 3384/tcp (Cluster Management Services), 5386/tcp, 7392/tcp (mrss-rendezvous server), 5006/tcp (wsm server), 65016/tcp, 65011/tcp, 8394/tcp, 10014/tcp, 33390/tcp, 5001/tcp (commplex-link), 9388/tcp (D2D Data Transfer Service), 20007/tcp, 7015/tcp (Talon Webserver), 40003/tcp, 9398/tcp, 50011/tcp, 9385/tcp, 50018/tcp, 65015/tcp, 3401/tcp (filecast), 33895/tcp, 5005/tcp (RTP control protocol [RFC 3551][RFC 4571]), 20004/tcp, 33389/tcp, 7387/tcp, 33890/tcp, 9016/tcp, 3393/tcp (D2K Tapestry Client to Server), 25015/tcp, 6390/tcp (MetaEdit+ WebService API), 449/tcp (AS Server Mapper), 7013/tcp (Microtalon Discovery), 8003/tcp (Mulberry Connect Reporting Service), 20015/tcp, 10007/tcp (MVS Capacity), 8403/tcp (admind), 25016/tcp, 5403/tcp (HPOMS-CI-LSTN), 3392/tcp (EFI License Management), 25006/tcp (icl-twobase7), 30014/tcp, 9512/tcp, 6400/tcp (Business Objects CMS contact port), 7396/tcp, 20013/tcp (Samsung Interdevice Interaction), 8080/tcp (HTTP Alternate (see port 80)), 8392/tcp, 3001/tcp, 20019/tcp, 2390/tcp (RSMTP), 8009/tcp, 23385/tcp, 7388/tcp, 20012/tcp, 3378/tcp (WSICOPY), 25012/tcp, 9506/tcp, 3394/tcp (D2K Tapestry Server to Server), 7005/tcp (volume managment server), 2401/tcp (cvspserver), 4550/tcp (Perman I Interbase Server), 2288/tcp (NETML), 5396/tcp, 10012/tcp, 7400/tcp (RTPS Discovery), 9014/tcp, 5989/tcp (WBEM CIM-XML (HTTPS)), 4548/tcp (Synchromesh), 1188/tcp (HP Web Admin), 6386/tcp, 7014/tcp (Microtalon Communications), 3009/tcp (PXC-NTFY), 40004/tcp, 20003/tcp (Commtact HTTPS), 23393/tcp, 65017/tcp, 33893/tcp, 1001/tcp, 6398/tcp, 2399/tcp (FileMaker, Inc. - Data Access Layer), 6060/tcp, 50020/tcp, 6399/tcp, 10018/tcp, 1393/tcp (Network Log Server), 25017/tcp, 13386/tcp, 1189/tcp (Unet Connection), 3300/tcp, 9013/tcp, 8002/tcp (Teradata ORDBMS), 6002/tcp, 7002/tcp (users & groups database), 13131/tcp, 3011/tcp (Trusted Web), 2286/tcp (NAS-Metering), 8015/tcp, 23398/tcp, 444/tcp (Simple Network Paging Protocol), 60014/tcp, 2405/tcp (TRC Netpoll), 2015/tcp (cypress), 40018/tcp, 30003/tcp, 3308/tcp (TNS Server), 55555/tcp, 64014/tcp, 9404/tcp, 40001/tcp, 666/tcp (doom Id Software), 9015/tcp, 3400/tcp (CSMS2), 8395/tcp, 20009/tcp, 8397/tcp, 2007/tcp (dectalk), 10019/tcp, 4004/tcp (pxc-roid), 5400/tcp (Excerpt Search), 455/tcp (CreativePartnr), 4017/tcp (Talarian Mcast), 9010/tcp (Secure Data Replicator Protocol), 4020/tcp (TRAP Port), 4402/tcp (ASIGRA Televaulting DS-Client Service), 9390/tcp (OpenVAS Transfer Protocol), 8016/tcp, 9519/tcp, 39999/tcp, 40005/tcp, 40020/tcp, 60009/tcp, 8390/tcp, 7017/tcp, 25005/tcp (icl-twobase6), 9395/tcp, 60005/tcp, 1008/tcp, 25252/tcp, 65004/tcp, 6004/tcp, 6996/tcp, 3003/tcp (CGMS), 9510/tcp, 1005/tcp, 3374/tcp (Cluster Disc), 20011/tcp, 25001/tcp (icl-twobase2), 7007/tcp (basic overseer process), 9502/tcp, 8399/tcp, 8889/tcp (Desktop Data TCP 1), 2029/tcp (Hot Standby Router Protocol IPv6), 33335/tcp, 6010/tcp, 6391/tcp, 30019/tcp, 1007/tcp, 5002/tcp (radio free ethernet), 23386/tcp, 7012/tcp (Talon Engine), 7018/tcp, 4500/tcp (IPsec NAT-Traversal), 60018/tcp, 12345/tcp (Italk Chat System), 4387/tcp, 450/tcp (Computer Supported Telecomunication Applications), 1013/tcp, 25019/tcp, 65010/tcp, 10016/tcp, 30011/tcp, 64001/tcp, 9394/tcp, 13392/tcp, 9997/tcp (Palace-6), 40006/tcp, 1234/tcp (Infoseek Search Agent), 452/tcp (Cray SFS config server), 23394/tcp, 40000/tcp (SafetyNET p), 50000/tcp, 64003/tcp, 16699/tcp, 43389/tcp, 8020/tcp (Intuit Entitlement Service and Discovery), 4389/tcp (Xandros Community Management Service), 33892/tcp, 4410/tcp (RIB iTWO Application Server), 20002/tcp (Commtact HTTP), 5391/tcp, 2008/tcp (conf), 7789/tcp (Office Tools Pro Receive), 7777/tcp (cbt), 30005/tcp, 9399/tcp, 33897/tcp, 4444/tcp (NV Video default), 123/tcp (Network Time Protocol), 8386/tcp, 49999/tcp, 60008/tcp, 4019/tcp (Talarian Mcast), 5401/tcp (Excerpt Search Secure), 30009/tcp, 4015/tcp (Talarian Mcast), 33891/tcp, 7020/tcp (DP Serve), 1019/tcp, 7395/tcp (winqedit), 4390/tcp (Physical Access Control), 6007/tcp, 1389/tcp (Document Manager), 7000/tcp (file server itself), 60012/tcp, 3333/tcp (DEC Notes), 6389/tcp (clariion-evr01), 2287/tcp (DNA), 65000/tcp, 13393/tcp, 4489/tcp, 1390/tcp (Storage Controller), 5385/tcp, 3307/tcp (OP Session Proxy), 1011/tcp, 23399/tcp, 3370/tcp, 1385/tcp (Atex Publishing License Manager), 40013/tcp, 50019/tcp, 10004/tcp (EMC Replication Manager Client), 2391/tcp (3COM Net Management), 1392/tcp (Print Manager), 7001/tcp (callbacks to cache managers), 9004/tcp, 7016/tcp, 9393/tcp, 448/tcp (DDM-Remote DB Access Using Secure Sockets), 3402/tcp (FXa Engine Network Port), 30018/tcp, 8398/tcp, 1017/tcp, 8000/tcp (iRDMI), 13395/tcp, 33886/tcp, 8007/tcp, 33334/tcp, 44444/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 33332/tcp, 40014/tcp, 6868/tcp (Acctopus Command Channel), 8405/tcp (SuperVault Backup), 5397/tcp (StressTester(tm) Injector), 2294/tcp (Konshus License Manager (FLEX)), 64011/tcp, 13399/tcp, 9513/tcp, 25000/tcp (icl-twobase1), 9504/tcp, 60015/tcp, 446/tcp (DDM-Remote Relational Database Access), 64009/tcp, 9994/tcp (OnLive-3), 65018/tcp, 5389/tcp, 3015/tcp (NATI DSTP), 10000/tcp (Network Data Management Protocol), 2020/tcp (xinupageserver), 2398/tcp (Orbiter), 13396/tcp, 5393/tcp, 64018/tcp, 30020/tcp, 20014/tcp (OpenDeploy Listener), 13397/tcp, 2026/tcp (scrabble), 1015/tcp, 25011/tcp, 30016/tcp, 33899/tcp, 333/tcp (Texar Security Port), 2292/tcp (Sonus Element Management Services), 6393/tcp, 9400/tcp (Samsung Twain for Network Server), 9525/tcp, 4011/tcp (Alternate Service Boot), 20010/tcp, 3380/tcp (SNS Channels), 2003/tcp (Brutus Server), 64013/tcp, 30006/tcp, 3007/tcp (Lotus Mail Tracking Agent Protocol), 9003/tcp, 7385/tcp, 33889/tcp, 3397/tcp (Cloanto License Manager), 64017/tcp, 53389/tcp, 9500/tcp (ismserver), 9002/tcp (DynamID authentication), 6005/tcp, 9991/tcp (OSM Event Server), 5019/tcp, 50010/tcp, 7399/tcp, 9999/tcp (distinct), 3375/tcp (VSNM Agent), 23388/tcp, 40002/tcp, 64015/tcp, 65012/tcp, 9507/tcp, 3382/tcp (Fujitsu Network Enhanced Antitheft function), 13398/tcp, 9992/tcp (OnLive-1), 50008/tcp, 13400/tcp, 1394/tcp (Network Log Client), 3388/tcp (CB Server), 35689/tcp, 9405/tcp, 33331/tcp (DiamondCentral Interface), 30010/tcp, 7010/tcp (onlinet uninterruptable power supplies), 7006/tcp (error interpretation service), 6387/tcp, 2000/tcp (Cisco SCCP), 10002/tcp (EMC-Documentum Content Server Product), 25003/tcp (icl-twobase4), 40007/tcp, 8017/tcp, 33894/tcp, 30015/tcp, 2019/tcp (whosockami), 8401/tcp (sabarsd), 2021/tcp (servexec), 23387/tcp, 64002/tcp, 10006/tcp, 5007/tcp (wsm server ssl), 1009/tcp.
      
BHD Honeypot
Port scan
2019-06-08

Port scan from IP: 81.22.45.92 detected by psad.
Anonymous
Port scan
2019-05-30

Port scan detected by psad: src: 81.22.45.92 signature match: "BACKDOOR BackConstruction 2.1 connection attempt" (sid: 152) tcp port: 5402
Anonymous
Port scan
2019-05-30

Port scan detected by psad: src: 81.22.45.92 signature match: "POLICY HP JetDirect LCD communication attempt" (sid: 510) tcp port: 9001
Anonymous
Port scan
2019-05-30

Port scan detected by psad: src: 81.22.45.92 signature match: "P2P Napster Client Data communication attempt" (sid: 564) tcp port: 5555
Anonymous
Port scan
2019-05-30

Port scan detected by psad: src: 81.22.45.92 signature match: "BACKDOOR netbus Connection Cttempt" (sid: 100028) tcp port: 12345
Anonymous
Port scan
2019-05-30

Port scan detected by psad: src: 81.22.45.92 signature match: "DOS Real Audio Server communication attempt" (sid: 100112) tcp port: 7070
Anonymous
Port scan
2019-05-30

Port scan detected by psad: src: 81.22.45.92 signature match: "DOS iParty DOS attempt" (sid: 1605) tcp port: 6004
Anonymous
Port scan
2019-05-30

Port scan detected by psad: src: 81.22.45.92 signature match: "MISC MS Terminal Server communication attempt" (sid: 100077) tcp port: 3389
Anonymous
Port scan
2019-05-30

Port scan detected by psad: src: 81.22.45.92 signature match: "POLICY HP JetDirect LCD communication attempt" (sid: 510) tcp port: 9000
Anonymous
Port scan
2019-05-30

Port scan detected by psad: src: 81.22.45.92 signature match: "P2P napster communication attempt" (sid: 100090) tcp port: 8888
Anonymous
Port scan
2019-05-30

Port scan detected by psad: src: 81.22.45.92 signature match: "BACKDOOR PhaseZero Server Active on Network" (sid: 208) tcp port: 555
Anonymous
Port scan
2019-05-30

Port scan detected by psad: src: 81.22.45.92 signature match: "BACKDOOR RUX the Tick connection attempt" (sid: 100063) tcp port: 22222
Anonymous
Port scan
2019-05-30

Port scan detected by psad: src: 81.22.45.92 signature match: "BACKDOOR BackConstruction 2.1 connection attempt" (sid: 152) tcp port: 5401

Blacklist

Near real-time, easy to use data feed containing IPs reported on our website.

Bronze

$3

Updated daily

Learn More

Silver

$15

Updated every hour

Learn More

Gold

$30

Updated every 10 minutes

Learn More

Remarks

Black hat directory contains this IP address, because Internet users reported it as an address making unsolicited, nagging requests. We make every effort to ensure that the information contained in the Black hat directory are correct and up to date. The database is developed and updated by Internet users and moderators.

If you have any reliable information regarding malicious activity originating from this IP address, please share it with others and fill in the 'Report breach' form. It is prohibited from adding personally identifiable information.

Below breach categories are used in the database:

  • Denial of service attack - this attack is accomplished by flooding the target with massive amount of requests in order to overload the targeted system
  • Brute force attack - this category encompasses attempts to login to machine by trying many passwords and usernames
  • Backdoor attack - this category represents bypassing authentication by hidden programs or services to obtain remote access to a computer or trojan activity
  • Port scan - represents attackers identifying running services on the targeted machine by probing a server for open ports
  • Malicious bot - this category encompasses all bots performing unsolicited requests or ignoring robots.txt file
  • Anonymous proxy - public proxies like Tor, I2P relays or anonymous VPNs are often used by attacker to hide his identity
  • Web attack - attempts to exploit web application security flaws
  • CMS attack - attempts to exploit CMS vulnerability
  • App vulnerability attack - attempts to exploit other applications vulnerability
  • Web spam - encompasses all kind of HTTP spamming
  • Email spam - encompasses all kind of E-mail spamming
  • Dodgy activity - this category encompasses superfluous, dodgy requests

Report breach!

Rate host 81.22.45.92