IP address: 89.248.170.114

Host rating:

2.0

out of 16 votes

Last update: 2021-03-01

Host details

Unknown
Netherlands
Unknown
AS29073 Quasi Networks LTD.
See comments

Reported breaches

  • Port scan
Report breach

Whois record

The publicly-available Whois record found at whois.ripe.net server.

% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
%       To receive output for a database update, use the "-B" flag.

% Information related to '89.248.170.0 - 89.248.170.255'

% Abuse contact for '89.248.170.0 - 89.248.170.255' is '[email protected]'

inetnum:        89.248.170.0 - 89.248.170.255
netname:        NET-2-170
descr:          IPV NETBLOCK
country:        NL
geoloc:         52.370216 4.895168
org:            ORG-IVI1-RIPE
admin-c:        IVI24-RIPE
tech-c:         IVI24-RIPE
status:         ASSIGNED PA
mnt-by:         IPV
mnt-lower:      IPV
mnt-routes:     IPV
created:        2019-02-03T20:55:07Z
last-modified:  2019-02-03T20:55:07Z
source:         RIPE

% Information related to '89.248.170.0/24AS202425'

route:          89.248.170.0/24
origin:         AS202425
remarks:        +-----------------------------------------------
remarks:        | For abuse e-mail [email protected]
remarks:        | We do not always reply to abuse.
remarks:        | But we do take care your report is dealt with!
remarks:        +-----------------------------------------------
mnt-by:         IPV
created:        2019-02-08T15:45:48Z
last-modified:  2019-02-08T15:45:48Z
source:         RIPE

% This query was served by the RIPE Database Query Service version 1.99 (WAGYU)


User comments

16 security incident(s) reported by users

BHD Honeypot
Port scan
2021-03-01

In the last 24h, the attacker (89.248.170.114) attempted to scan 42 ports.
The following ports have been scanned: 3390/tcp (Distributed Service Coordinator), 3389/tcp (MS WBT Server), 33390/tcp, 33389/tcp, 3393/tcp (D2K Tapestry Client to Server), 3392/tcp (EFI License Management), 3391/tcp (SAVANT), 3388/tcp (CB Server).
      
BHD Honeypot
Port scan
2021-02-28

Port scan from IP: 89.248.170.114 detected by psad.
BHD Honeypot
Port scan
2021-02-23

In the last 24h, the attacker (89.248.170.114) attempted to scan 199 ports.
The following ports have been scanned: 21912/tcp, 21157/tcp, 22804/tcp, 22958/tcp, 24062/tcp, 28782/tcp, 23226/tcp, 23817/tcp, 26771/tcp, 26119/tcp, 29883/tcp, 22806/tcp, 21724/tcp, 23745/tcp, 21138/tcp, 24503/tcp, 27417/tcp, 22690/tcp, 22606/tcp, 21607/tcp, 20361/tcp, 24026/tcp, 23237/tcp, 28176/tcp, 28314/tcp, 25013/tcp, 21720/tcp, 28892/tcp, 29405/tcp, 20835/tcp, 21324/tcp, 25829/tcp, 20602/tcp, 27472/tcp, 20191/tcp, 29093/tcp, 29789/tcp, 22163/tcp, 28567/tcp, 21534/tcp, 24618/tcp, 29531/tcp, 22571/tcp, 24050/tcp, 21569/tcp, 20369/tcp, 20908/tcp, 21627/tcp, 22075/tcp, 25935/tcp, 26338/tcp, 23668/tcp, 20668/tcp, 20459/tcp, 23920/tcp, 21744/tcp, 29050/tcp, 23352/tcp, 28221/tcp, 29310/tcp, 29906/tcp, 29871/tcp, 24270/tcp, 27953/tcp, 21907/tcp, 27534/tcp, 26363/tcp, 26025/tcp, 23584/tcp, 20482/tcp, 20680/tcp, 26049/tcp, 28479/tcp, 21561/tcp, 29175/tcp, 29661/tcp, 21580/tcp, 29816/tcp, 28857/tcp, 20990/tcp, 22174/tcp, 20272/tcp, 22143/tcp, 23103/tcp, 20567/tcp, 20220/tcp, 23849/tcp, 20174/tcp, 27074/tcp, 23708/tcp, 20237/tcp, 26957/tcp, 20497/tcp, 21278/tcp, 20007/tcp, 22338/tcp, 22320/tcp, 28933/tcp, 21453/tcp, 29306/tcp, 22108/tcp, 28328/tcp, 29556/tcp, 21709/tcp, 23258/tcp, 24455/tcp, 21456/tcp, 25063/tcp, 27600/tcp, 20486/tcp, 21691/tcp, 24711/tcp, 24048/tcp, 29463/tcp, 20626/tcp, 23365/tcp, 20978/tcp, 28426/tcp, 24027/tcp, 20873/tcp, 28625/tcp, 26748/tcp, 22478/tcp, 25760/tcp, 29600/tcp, 23573/tcp, 29275/tcp, 21464/tcp, 21487/tcp, 21723/tcp, 27918/tcp, 29983/tcp, 24013/tcp, 24316/tcp, 27984/tcp, 22166/tcp, 28689/tcp, 26110/tcp, 21697/tcp, 21033/tcp, 27487/tcp, 24562/tcp, 27946/tcp, 24348/tcp, 20889/tcp, 21266/tcp, 22539/tcp, 27517/tcp, 27697/tcp, 23202/tcp, 23289/tcp, 24771/tcp, 25991/tcp, 22430/tcp, 29248/tcp, 22574/tcp, 22981/tcp, 27111/tcp, 24046/tcp, 26212/tcp, 22023/tcp, 21237/tcp, 23980/tcp, 29562/tcp, 21274/tcp, 20039/tcp, 29112/tcp, 26677/tcp, 24352/tcp, 23421/tcp, 29486/tcp, 29700/tcp, 28363/tcp, 23254/tcp, 27778/tcp, 20034/tcp (NetBurner ID Port), 24210/tcp, 20168/tcp, 22434/tcp, 24104/tcp, 23615/tcp, 20773/tcp, 29665/tcp, 22711/tcp, 26433/tcp, 24643/tcp, 28659/tcp, 25819/tcp, 23013/tcp, 27274/tcp, 26457/tcp, 21281/tcp, 25781/tcp, 22550/tcp, 21662/tcp, 24536/tcp, 23284/tcp, 26839/tcp.
      
BHD Honeypot
Port scan
2021-02-22

Port scan from IP: 89.248.170.114 detected by psad.
BHD Honeypot
Port scan
2021-02-22

In the last 24h, the attacker (89.248.170.114) attempted to scan 57 ports.
The following ports have been scanned: 23319/tcp, 28170/tcp, 21898/tcp, 22792/tcp, 28525/tcp, 26270/tcp, 21106/tcp, 28115/tcp, 28584/tcp, 22222/tcp, 29487/tcp, 27515/tcp, 25213/tcp, 21756/tcp, 27969/tcp, 25445/tcp, 25679/tcp, 23943/tcp, 23443/tcp, 29673/tcp, 21953/tcp, 24870/tcp, 28758/tcp, 26561/tcp, 23063/tcp, 29985/tcp, 20109/tcp, 29543/tcp, 27252/tcp, 23701/tcp, 23608/tcp, 20133/tcp, 20862/tcp, 24070/tcp, 24462/tcp, 23604/tcp, 20720/tcp, 28419/tcp, 20657/tcp, 23638/tcp, 20843/tcp, 20796/tcp, 29533/tcp, 20187/tcp, 21712/tcp, 21942/tcp, 29160/tcp, 26235/tcp, 25615/tcp, 21185/tcp, 23315/tcp, 23561/tcp, 26608/tcp, 29271/tcp, 26515/tcp, 21956/tcp.
      
BHD Honeypot
Port scan
2021-02-21

In the last 24h, the attacker (89.248.170.114) attempted to scan 347 ports.
The following ports have been scanned: 21686/tcp, 29792/tcp, 29698/tcp, 20521/tcp, 21648/tcp, 24672/tcp, 28276/tcp, 20311/tcp, 25219/tcp, 21810/tcp, 23682/tcp, 20925/tcp, 21120/tcp, 24486/tcp, 20510/tcp, 20045/tcp, 20113/tcp, 29366/tcp, 26665/tcp, 23266/tcp, 26769/tcp, 24873/tcp, 20950/tcp, 25961/tcp, 29424/tcp, 27413/tcp, 28162/tcp, 29506/tcp, 21927/tcp, 21661/tcp, 28438/tcp, 21494/tcp, 21547/tcp, 22170/tcp, 26129/tcp, 26988/tcp, 29860/tcp, 24521/tcp, 20801/tcp, 20090/tcp, 25523/tcp, 26762/tcp, 21904/tcp, 23787/tcp, 23916/tcp, 24208/tcp, 24769/tcp, 20204/tcp, 23938/tcp, 22036/tcp, 28651/tcp, 21566/tcp, 22778/tcp, 21349/tcp, 21917/tcp, 20067/tcp, 29965/tcp, 29188/tcp, 21323/tcp, 24258/tcp, 25717/tcp, 25957/tcp, 22092/tcp, 22254/tcp, 20789/tcp, 21428/tcp, 20247/tcp, 20833/tcp, 22925/tcp, 22742/tcp, 20223/tcp, 28661/tcp, 24654/tcp, 20526/tcp, 23985/tcp, 21972/tcp, 25849/tcp, 23309/tcp, 25931/tcp, 26278/tcp, 22510/tcp, 24918/tcp, 27470/tcp, 26711/tcp, 29185/tcp, 25850/tcp, 29546/tcp, 21957/tcp, 20676/tcp, 24464/tcp, 28448/tcp, 24816/tcp, 26583/tcp, 22194/tcp, 27416/tcp, 29313/tcp, 22556/tcp, 21493/tcp, 23835/tcp, 29363/tcp, 28999/tcp, 26942/tcp, 29332/tcp, 26746/tcp, 25870/tcp, 28430/tcp, 23336/tcp, 22187/tcp, 29814/tcp, 20783/tcp, 24229/tcp, 26834/tcp, 23554/tcp, 27193/tcp, 21322/tcp, 20568/tcp, 21039/tcp, 28964/tcp, 23965/tcp, 20594/tcp, 22251/tcp, 26072/tcp, 23870/tcp, 29581/tcp, 28649/tcp, 29930/tcp, 20243/tcp, 26381/tcp, 21703/tcp, 22488/tcp, 20635/tcp, 21683/tcp, 23278/tcp, 23670/tcp, 26286/tcp, 26466/tcp, 27306/tcp, 29092/tcp, 24757/tcp, 29663/tcp, 28395/tcp, 20557/tcp, 29920/tcp, 29770/tcp, 28357/tcp, 20806/tcp, 22709/tcp, 21419/tcp, 29802/tcp, 23359/tcp, 22603/tcp, 24183/tcp, 20848/tcp, 23868/tcp, 25596/tcp, 22414/tcp, 22171/tcp, 29261/tcp, 26031/tcp, 20606/tcp, 29421/tcp, 25391/tcp, 28381/tcp, 20258/tcp, 25414/tcp, 29707/tcp, 26866/tcp, 24151/tcp, 28836/tcp, 29177/tcp, 20608/tcp, 25236/tcp, 26351/tcp, 22847/tcp, 22313/tcp, 25651/tcp, 29784/tcp, 20839/tcp, 20577/tcp, 23368/tcp, 22820/tcp, 20393/tcp, 26501/tcp, 22160/tcp, 23230/tcp, 23753/tcp, 26514/tcp, 20581/tcp, 24491/tcp, 24008/tcp, 23065/tcp, 23426/tcp, 21217/tcp, 28500/tcp, 25130/tcp, 29293/tcp, 21647/tcp, 20681/tcp, 24358/tcp, 23509/tcp, 20507/tcp, 22135/tcp, 29103/tcp, 27188/tcp, 22802/tcp, 26404/tcp, 27314/tcp, 29049/tcp, 20320/tcp, 21423/tcp, 24780/tcp, 23158/tcp, 20132/tcp, 21978/tcp, 29732/tcp, 20981/tcp, 21964/tcp, 28160/tcp, 29780/tcp, 26293/tcp, 21530/tcp, 26385/tcp, 25998/tcp, 21415/tcp, 29456/tcp, 24058/tcp, 29826/tcp, 22336/tcp, 23524/tcp, 23128/tcp, 22322/tcp, 20553/tcp, 23555/tcp, 21015/tcp, 28605/tcp, 21392/tcp, 29768/tcp, 21672/tcp, 29558/tcp, 23919/tcp, 29710/tcp, 20181/tcp, 21486/tcp, 28998/tcp, 23507/tcp, 29751/tcp, 26362/tcp, 22216/tcp, 21358/tcp, 26857/tcp, 22376/tcp, 25728/tcp, 26938/tcp, 20790/tcp, 22659/tcp, 20206/tcp, 28529/tcp, 22123/tcp, 28932/tcp, 28323/tcp, 23115/tcp, 26101/tcp, 21287/tcp, 26606/tcp, 20818/tcp, 23082/tcp, 25189/tcp, 21512/tcp, 26421/tcp, 26003/tcp, 28153/tcp, 25992/tcp, 28742/tcp, 25035/tcp, 20856/tcp, 24327/tcp, 22798/tcp, 22136/tcp, 23707/tcp, 29825/tcp, 24606/tcp, 28667/tcp, 24045/tcp, 20484/tcp, 21272/tcp, 26578/tcp, 21741/tcp, 23182/tcp, 20480/tcp (emWave Message Service), 20290/tcp, 24093/tcp, 21902/tcp, 27769/tcp, 23710/tcp, 20876/tcp, 26008/tcp, 25724/tcp, 29967/tcp, 26459/tcp, 25120/tcp, 25993/tcp, 24420/tcp, 26117/tcp, 27000/tcp (-27009 FLEX LM (1-10)), 24427/tcp, 29435/tcp, 21442/tcp, 27070/tcp, 22102/tcp, 20295/tcp, 22767/tcp, 22845/tcp, 20604/tcp, 28960/tcp, 27827/tcp, 20724/tcp, 26398/tcp, 22162/tcp, 27105/tcp, 24207/tcp, 28265/tcp, 20591/tcp, 24814/tcp, 20817/tcp, 22115/tcp, 23326/tcp, 26686/tcp, 22124/tcp, 21579/tcp, 24802/tcp, 21868/tcp, 26245/tcp, 23044/tcp, 21190/tcp, 22360/tcp, 24823/tcp, 22507/tcp, 22588/tcp, 29990/tcp, 29569/tcp, 29640/tcp, 26470/tcp, 21506/tcp, 20344/tcp, 22380/tcp, 24571/tcp, 25845/tcp.
      
BHD Honeypot
Port scan
2021-02-20

In the last 24h, the attacker (89.248.170.114) attempted to scan 391 ports.
The following ports have been scanned: 23045/tcp, 21892/tcp, 29598/tcp, 22565/tcp, 23268/tcp, 25873/tcp, 21684/tcp, 25271/tcp, 22669/tcp, 24745/tcp, 26241/tcp, 29337/tcp, 21692/tcp, 28557/tcp, 21638/tcp, 23260/tcp, 20147/tcp, 23193/tcp, 25917/tcp, 22323/tcp, 23860/tcp, 24770/tcp, 28486/tcp, 29081/tcp, 20496/tcp, 28541/tcp, 20656/tcp, 20589/tcp, 28513/tcp, 25805/tcp, 20093/tcp, 22741/tcp, 21265/tcp, 29076/tcp, 21021/tcp, 28664/tcp, 22809/tcp, 23496/tcp, 23318/tcp, 20534/tcp, 29964/tcp, 29476/tcp, 21822/tcp, 28051/tcp, 26420/tcp, 29158/tcp, 25153/tcp, 27592/tcp, 24803/tcp, 25617/tcp, 27970/tcp, 21659/tcp, 22404/tcp, 25975/tcp, 27287/tcp, 27752/tcp, 29980/tcp, 27866/tcp, 26940/tcp, 29745/tcp, 23255/tcp, 28685/tcp, 24584/tcp, 27275/tcp, 28877/tcp, 27324/tcp, 26393/tcp, 23092/tcp, 25223/tcp, 24712/tcp, 24409/tcp, 26907/tcp, 28429/tcp, 28102/tcp, 26164/tcp, 25209/tcp, 29223/tcp, 27630/tcp, 25759/tcp, 27851/tcp, 23160/tcp, 29095/tcp, 28883/tcp, 26160/tcp, 22708/tcp, 23624/tcp, 28912/tcp, 27934/tcp, 21137/tcp, 27112/tcp, 29204/tcp, 24967/tcp, 20582/tcp, 23656/tcp, 25328/tcp, 26451/tcp, 21196/tcp, 21298/tcp, 25409/tcp, 26835/tcp, 26533/tcp, 23229/tcp, 29349/tcp, 25474/tcp, 25908/tcp, 28925/tcp, 29302/tcp, 27161/tcp, 25463/tcp, 23406/tcp, 26908/tcp, 25302/tcp, 29089/tcp, 28773/tcp, 26963/tcp, 27694/tcp, 25638/tcp, 27163/tcp, 20787/tcp, 29008/tcp, 29266/tcp, 23842/tcp, 27382/tcp, 22999/tcp, 22766/tcp, 25372/tcp, 21335/tcp, 20107/tcp, 22649/tcp, 20251/tcp, 25512/tcp, 26758/tcp, 20264/tcp, 21055/tcp, 25055/tcp, 27738/tcp, 28261/tcp, 25477/tcp, 26695/tcp, 27527/tcp, 23395/tcp, 23865/tcp, 27333/tcp, 28906/tcp, 27336/tcp, 27607/tcp, 28172/tcp, 21172/tcp, 24281/tcp, 23612/tcp, 28609/tcp, 26439/tcp, 23088/tcp, 23150/tcp, 25605/tcp, 20353/tcp, 21168/tcp, 26311/tcp, 28816/tcp, 22673/tcp, 24619/tcp, 24421/tcp, 20376/tcp, 25479/tcp, 29924/tcp, 26339/tcp, 28075/tcp, 26884/tcp, 25698/tcp, 23197/tcp, 22297/tcp, 24186/tcp, 23897/tcp, 21183/tcp, 29311/tcp, 27211/tcp, 28544/tcp, 28583/tcp, 25015/tcp, 28517/tcp, 26669/tcp, 23803/tcp, 22401/tcp, 20015/tcp, 25186/tcp, 27894/tcp, 25526/tcp, 20303/tcp, 25500/tcp, 23694/tcp, 20446/tcp, 20939/tcp, 20019/tcp, 28792/tcp, 25073/tcp, 25165/tcp, 27033/tcp, 22682/tcp, 28120/tcp, 22789/tcp, 26207/tcp, 20713/tcp, 27359/tcp, 29328/tcp, 22810/tcp, 23559/tcp, 27362/tcp, 29875/tcp, 28778/tcp, 25689/tcp, 22902/tcp, 26704/tcp, 22626/tcp, 26895/tcp, 26867/tcp, 25696/tcp, 25461/tcp, 28709/tcp, 28156/tcp, 23330/tcp, 29209/tcp, 29720/tcp, 22378/tcp, 25974/tcp, 26539/tcp, 25609/tcp, 28847/tcp, 27776/tcp, 27103/tcp, 26902/tcp, 26637/tcp, 26094/tcp, 25591/tcp, 25568/tcp, 23062/tcp, 22657/tcp, 26271/tcp, 26137/tcp, 20229/tcp, 25325/tcp, 22721/tcp, 26719/tcp, 21156/tcp, 25279/tcp, 23178/tcp, 28761/tcp, 21216/tcp, 28594/tcp, 23419/tcp, 22836/tcp, 21359/tcp, 20547/tcp, 20084/tcp, 21288/tcp, 20799/tcp, 20741/tcp, 23288/tcp, 24386/tcp (Intel RCI), 26928/tcp, 20130/tcp, 24560/tcp, 26010/tcp, 26722/tcp, 21193/tcp, 29374/tcp, 21475/tcp, 27173/tcp, 28084/tcp, 29628/tcp, 28280/tcp, 27154/tcp, 20422/tcp, 28571/tcp, 28762/tcp, 21125/tcp, 20784/tcp, 26684/tcp, 28854/tcp, 27469/tcp, 22692/tcp, 23478/tcp, 21952/tcp, 20186/tcp, 27394/tcp, 22087/tcp, 24828/tcp, 24498/tcp, 26995/tcp, 25639/tcp, 22615/tcp, 23477/tcp, 29072/tcp, 23431/tcp, 28703/tcp, 27030/tcp, 28098/tcp, 20725/tcp, 28443/tcp, 20831/tcp, 21727/tcp, 27228/tcp, 27708/tcp, 22185/tcp, 25211/tcp, 25108/tcp, 22824/tcp, 27176/tcp, 25712/tcp, 29247/tcp, 24732/tcp, 28121/tcp, 24927/tcp, 20997/tcp, 28303/tcp, 28308/tcp, 28389/tcp, 26569/tcp, 26184/tcp, 27869/tcp, 20636/tcp, 20916/tcp, 21091/tcp, 27736/tcp, 28702/tcp, 26237/tcp, 27301/tcp, 20970/tcp, 28680/tcp, 24999/tcp, 25875/tcp, 25952/tcp, 20221/tcp, 28365/tcp, 28501/tcp, 27219/tcp, 20217/tcp, 29163/tcp, 28190/tcp, 25255/tcp, 26373/tcp, 26739/tcp, 25048/tcp, 20310/tcp, 21346/tcp, 20632/tcp, 22929/tcp, 29680/tcp, 25640/tcp, 26015/tcp, 25556/tcp, 26553/tcp, 22771/tcp, 22797/tcp, 29309/tcp, 20415/tcp, 27444/tcp, 22716/tcp, 25677/tcp, 20702/tcp, 22961/tcp, 25514/tcp, 24665/tcp, 28575/tcp, 20119/tcp, 28548/tcp, 27021/tcp, 25339/tcp, 25665/tcp, 25766/tcp, 24766/tcp, 20888/tcp, 25782/tcp, 24689/tcp, 22452/tcp, 25486/tcp, 26162/tcp, 26395/tcp, 23504/tcp, 29080/tcp, 21558/tcp, 28751/tcp, 26255/tcp, 20368/tcp, 25942/tcp, 25078/tcp, 28676/tcp, 27118/tcp, 25218/tcp, 24526/tcp, 25370/tcp, 27473/tcp.
      
BHD Honeypot
Port scan
2021-02-19

In the last 24h, the attacker (89.248.170.114) attempted to scan 820 ports.
The following ports have been scanned: 18695/tcp, 29612/tcp, 15566/tcp, 56866/tcp, 28297/tcp, 49464/tcp, 64322/tcp, 57325/tcp, 48180/tcp, 27700/tcp, 20776/tcp, 22776/tcp, 26743/tcp, 22147/tcp, 20294/tcp, 21648/tcp, 27589/tcp, 18972/tcp, 38927/tcp, 23143/tcp, 41414/tcp, 22149/tcp, 56397/tcp, 23640/tcp, 15755/tcp, 59093/tcp, 16375/tcp, 15527/tcp, 46377/tcp, 22393/tcp, 22518/tcp, 20365/tcp, 25230/tcp, 37117/tcp, 63899/tcp, 17452/tcp, 46430/tcp, 19626/tcp, 54956/tcp, 63712/tcp, 45779/tcp, 12068/tcp, 25009/tcp (icl-twobase10), 53478/tcp, 27642/tcp, 29538/tcp, 17508/tcp, 17936/tcp, 17732/tcp, 63671/tcp, 35447/tcp, 20877/tcp, 46995/tcp, 20018/tcp, 47902/tcp, 48942/tcp, 22231/tcp, 21679/tcp, 29971/tcp, 38353/tcp, 42616/tcp, 28028/tcp, 29579/tcp, 21052/tcp, 39321/tcp, 20151/tcp, 29468/tcp, 46744/tcp, 63174/tcp, 53951/tcp, 42100/tcp, 39239/tcp, 59546/tcp, 45584/tcp, 64858/tcp, 55410/tcp, 34391/tcp, 13381/tcp, 26428/tcp, 64029/tcp, 53997/tcp, 19100/tcp, 53695/tcp, 47429/tcp, 37987/tcp, 58392/tcp, 28587/tcp, 29565/tcp, 21951/tcp, 47412/tcp, 54243/tcp, 25964/tcp, 20345/tcp, 22790/tcp, 59616/tcp, 37909/tcp, 21164/tcp, 47757/tcp, 26581/tcp, 35971/tcp, 46068/tcp, 20531/tcp, 54274/tcp, 38315/tcp, 38150/tcp, 20881/tcp, 27246/tcp, 25649/tcp, 39584/tcp, 46937/tcp, 23458/tcp, 22661/tcp, 64487/tcp, 25156/tcp, 41681/tcp, 29766/tcp, 14755/tcp, 53157/tcp, 22114/tcp, 23878/tcp, 27706/tcp, 15151/tcp, 23097/tcp, 47317/tcp, 28757/tcp, 53111/tcp, 62970/tcp, 17736/tcp, 23114/tcp, 27712/tcp, 21102/tcp, 28466/tcp, 23111/tcp, 38799/tcp, 29270/tcp, 28128/tcp, 10386/tcp, 47528/tcp, 54168/tcp, 17430/tcp, 14047/tcp, 25071/tcp, 14999/tcp, 20054/tcp, 28622/tcp, 25067/tcp, 39851/tcp, 54758/tcp, 28350/tcp, 28074/tcp, 28429/tcp, 46069/tcp, 35468/tcp, 17380/tcp, 23473/tcp, 47538/tcp, 11598/tcp, 29775/tcp, 52905/tcp, 58144/tcp, 22226/tcp, 21257/tcp, 48792/tcp, 28967/tcp, 21578/tcp, 25759/tcp, 18031/tcp, 25616/tcp, 46984/tcp, 65214/tcp, 15635/tcp, 60474/tcp, 25535/tcp, 13175/tcp, 23838/tcp, 53652/tcp, 25203/tcp, 36578/tcp, 55058/tcp, 47629/tcp, 28273/tcp, 20050/tcp, 24839/tcp, 34451/tcp, 23100/tcp, 21702/tcp, 55122/tcp, 20644/tcp, 28396/tcp, 25935/tcp, 14548/tcp, 26113/tcp, 24642/tcp, 25300/tcp, 29394/tcp, 43211/tcp, 26243/tcp, 10789/tcp, 29200/tcp, 22658/tcp, 42215/tcp, 58272/tcp, 22402/tcp, 59229/tcp, 43231/tcp, 28755/tcp, 46019/tcp, 23225/tcp, 25756/tcp, 25744/tcp, 35211/tcp, 32379/tcp, 64639/tcp, 37488/tcp, 54136/tcp, 59101/tcp, 21356/tcp, 50101/tcp, 37368/tcp, 22785/tcp, 11490/tcp, 47112/tcp, 15240/tcp, 43715/tcp, 41695/tcp, 26102/tcp, 28475/tcp, 29902/tcp, 22494/tcp, 29631/tcp, 33967/tcp, 23513/tcp, 31806/tcp, 22693/tcp, 35576/tcp, 56752/tcp, 54613/tcp, 45206/tcp, 39717/tcp, 11395/tcp, 37716/tcp, 26499/tcp, 14459/tcp, 10121/tcp, 17608/tcp, 63443/tcp, 19801/tcp, 42466/tcp, 28539/tcp, 64066/tcp, 21563/tcp, 20551/tcp, 15136/tcp, 11679/tcp, 24859/tcp, 26707/tcp, 47382/tcp, 25416/tcp, 54194/tcp, 43414/tcp, 24719/tcp, 37297/tcp, 25438/tcp, 10235/tcp, 22207/tcp, 20380/tcp, 22884/tcp, 45946/tcp, 34538/tcp, 28378/tcp, 23446/tcp, 33916/tcp, 52823/tcp, 34657/tcp, 54105/tcp, 53395/tcp, 25127/tcp, 46916/tcp, 23371/tcp, 26197/tcp, 10683/tcp, 44857/tcp, 26860/tcp, 29589/tcp, 64500/tcp, 20411/tcp, 43993/tcp, 47243/tcp, 23518/tcp, 22079/tcp, 28848/tcp, 23882/tcp, 17992/tcp, 16629/tcp, 15761/tcp, 28599/tcp, 38634/tcp, 54919/tcp, 42160/tcp, 57411/tcp, 28929/tcp, 21765/tcp, 27667/tcp, 27248/tcp, 19011/tcp, 15744/tcp, 13460/tcp, 28785/tcp, 13570/tcp, 47896/tcp, 43005/tcp, 58186/tcp, 57311/tcp, 32554/tcp, 21590/tcp (VoFR Gateway), 20473/tcp, 20959/tcp, 23700/tcp, 62651/tcp, 34963/tcp (PROFInet RT Multicast), 45039/tcp, 26057/tcp, 24718/tcp, 23201/tcp, 46037/tcp, 22143/tcp, 19012/tcp, 20097/tcp, 46733/tcp, 14819/tcp, 17196/tcp, 20842/tcp, 25441/tcp, 26358/tcp, 55813/tcp, 13471/tcp, 28376/tcp, 44477/tcp, 35793/tcp, 52094/tcp, 55019/tcp, 38883/tcp, 54767/tcp, 29346/tcp, 63801/tcp, 20321/tcp, 55417/tcp, 25710/tcp, 28715/tcp, 54984/tcp, 17124/tcp, 54728/tcp, 55634/tcp, 39011/tcp, 48240/tcp, 18947/tcp, 22962/tcp, 53424/tcp, 58698/tcp, 22414/tcp, 34323/tcp, 24976/tcp, 20493/tcp, 23574/tcp, 29339/tcp, 63721/tcp, 55568/tcp, 53128/tcp, 49350/tcp, 53532/tcp, 21022/tcp, 25636/tcp, 23220/tcp, 22544/tcp, 37822/tcp, 20504/tcp, 22370/tcp, 22638/tcp, 22491/tcp, 21496/tcp, 27725/tcp, 26252/tcp, 47313/tcp, 33883/tcp, 17519/tcp, 43292/tcp, 14196/tcp, 63024/tcp, 10516/tcp, 55429/tcp, 20660/tcp, 27311/tcp, 27864/tcp, 20520/tcp, 53428/tcp, 17341/tcp, 28890/tcp, 29659/tcp, 64895/tcp, 47936/tcp, 24894/tcp, 14488/tcp, 27259/tcp, 14168/tcp, 22309/tcp, 58567/tcp, 64372/tcp, 47231/tcp, 24753/tcp, 20577/tcp, 47053/tcp, 55773/tcp, 20038/tcp, 53300/tcp, 26288/tcp, 53434/tcp, 31845/tcp, 29556/tcp, 21807/tcp, 28714/tcp, 42121/tcp, 34974/tcp, 24697/tcp, 48994/tcp, 34578/tcp, 25330/tcp, 56119/tcp, 28990/tcp, 44012/tcp, 41859/tcp, 54499/tcp, 25824/tcp, 53651/tcp, 58815/tcp, 29540/tcp, 29642/tcp, 22631/tcp, 36685/tcp, 29933/tcp, 49478/tcp, 26521/tcp, 28237/tcp, 45865/tcp, 15883/tcp, 26814/tcp, 20601/tcp, 26602/tcp, 20683/tcp, 45473/tcp, 35241/tcp, 64324/tcp, 35151/tcp, 22486/tcp, 45791/tcp, 22111/tcp, 31305/tcp, 16184/tcp, 25898/tcp, 23032/tcp, 17643/tcp, 44989/tcp, 48113/tcp, 26106/tcp, 18527/tcp, 28482/tcp, 13431/tcp, 26033/tcp, 29666/tcp, 37818/tcp, 20271/tcp, 19901/tcp, 21581/tcp, 23104/tcp, 44057/tcp, 28214/tcp, 63284/tcp, 25393/tcp, 26406/tcp, 26383/tcp, 20694/tcp, 34362/tcp, 46124/tcp, 54741/tcp, 10750/tcp, 24661/tcp, 43523/tcp, 53474/tcp, 32376/tcp, 24145/tcp, 23921/tcp, 28321/tcp, 27490/tcp, 26300/tcp, 48775/tcp, 27151/tcp, 27479/tcp, 19278/tcp, 26628/tcp, 27257/tcp, 30566/tcp, 20214/tcp, 26065/tcp, 62920/tcp, 57452/tcp, 61876/tcp, 25323/tcp, 54001/tcp, 33247/tcp, 53039/tcp, 28737/tcp, 11930/tcp, 27756/tcp, 26873/tcp, 21721/tcp, 15839/tcp, 42662/tcp, 29451/tcp, 26121/tcp, 49009/tcp, 51944/tcp, 19620/tcp, 25978/tcp, 23373/tcp, 26634/tcp, 22296/tcp, 39004/tcp, 20248/tcp, 18511/tcp, 25418/tcp, 25358/tcp, 19624/tcp, 56176/tcp, 54691/tcp, 21554/tcp (MineScape Design File Server), 46872/tcp, 53185/tcp, 46709/tcp, 20822/tcp, 27083/tcp, 25008/tcp (icl-twobase9), 16017/tcp, 26071/tcp, 15338/tcp, 53435/tcp, 22759/tcp, 33386/tcp, 12458/tcp, 30682/tcp, 53563/tcp, 21723/tcp, 36457/tcp, 25558/tcp, 56129/tcp, 28592/tcp, 38137/tcp, 19713/tcp, 22786/tcp, 20307/tcp, 25056/tcp, 48457/tcp, 24789/tcp, 54268/tcp, 27896/tcp, 19417/tcp, 20741/tcp, 24909/tcp, 25440/tcp, 44644/tcp, 48190/tcp, 20834/tcp, 24176/tcp, 21417/tcp, 65479/tcp, 45818/tcp, 64947/tcp, 21110/tcp, 21962/tcp, 52555/tcp, 16041/tcp, 17775/tcp, 24188/tcp, 25001/tcp (icl-twobase2), 23411/tcp, 25604/tcp, 26893/tcp, 22696/tcp, 51765/tcp, 22379/tcp, 59497/tcp, 29479/tcp, 54064/tcp, 53079/tcp, 28424/tcp, 47290/tcp, 28790/tcp, 28813/tcp, 20249/tcp, 54307/tcp, 47983/tcp, 29263/tcp, 64945/tcp, 20962/tcp, 22864/tcp, 27702/tcp, 20426/tcp, 12492/tcp, 28902/tcp, 12591/tcp, 22927/tcp, 37666/tcp, 20333/tcp, 44413/tcp, 27141/tcp, 10325/tcp, 38533/tcp, 27091/tcp, 52523/tcp, 45702/tcp, 38901/tcp, 51867/tcp, 42012/tcp, 26613/tcp, 15750/tcp, 20318/tcp, 20403/tcp, 46433/tcp, 40777/tcp, 48525/tcp, 26742/tcp, 37131/tcp, 53129/tcp, 42719/tcp, 20276/tcp, 21789/tcp, 12335/tcp, 10644/tcp, 20002/tcp (Commtact HTTP), 62095/tcp, 52200/tcp, 38099/tcp, 18220/tcp, 47272/tcp, 23221/tcp, 26204/tcp, 28339/tcp, 28446/tcp, 12992/tcp, 28094/tcp, 52466/tcp, 13332/tcp, 49265/tcp, 27350/tcp, 43548/tcp, 64294/tcp, 20077/tcp, 26003/tcp, 65034/tcp, 28800/tcp, 13866/tcp, 28476/tcp, 53830/tcp, 31216/tcp, 21200/tcp, 20183/tcp, 54708/tcp, 16039/tcp, 15162/tcp, 21160/tcp, 48358/tcp, 26777/tcp, 45969/tcp, 26905/tcp, 17415/tcp, 11846/tcp, 52210/tcp, 63851/tcp, 14705/tcp, 28797/tcp, 21865/tcp, 56436/tcp, 26579/tcp, 16139/tcp, 59961/tcp, 46859/tcp, 34094/tcp, 43612/tcp, 27420/tcp, 14539/tcp, 18083/tcp, 55061/tcp, 16317/tcp, 28644/tcp, 19212/tcp, 29592/tcp, 22184/tcp, 16406/tcp, 30467/tcp, 27537/tcp, 38620/tcp, 55123/tcp, 15392/tcp, 54016/tcp, 20555/tcp, 15683/tcp, 56827/tcp, 34540/tcp, 31623/tcp, 16712/tcp, 54435/tcp, 28190/tcp, 48597/tcp, 21950/tcp, 25869/tcp, 26920/tcp, 36188/tcp, 37349/tcp, 46453/tcp, 32311/tcp, 56720/tcp, 45384/tcp, 27980/tcp, 19006/tcp, 13220/tcp, 22681/tcp, 16106/tcp, 20904/tcp, 23862/tcp, 33868/tcp, 60663/tcp, 11634/tcp, 28657/tcp, 20128/tcp, 29961/tcp, 42916/tcp, 28874/tcp, 41336/tcp, 14704/tcp, 22934/tcp, 43253/tcp, 41834/tcp, 43147/tcp, 22591/tcp, 55251/tcp, 56346/tcp, 29995/tcp, 13965/tcp, 26230/tcp, 21136/tcp, 28353/tcp, 15516/tcp, 47557/tcp (Databeam Corporation), 25896/tcp, 65111/tcp, 12608/tcp, 25847/tcp, 60247/tcp, 28894/tcp, 25244/tcp, 14667/tcp, 28327/tcp, 63849/tcp, 36633/tcp, 25346/tcp, 28629/tcp, 47501/tcp, 38176/tcp, 27795/tcp, 54933/tcp, 39143/tcp, 26756/tcp, 20773/tcp, 54244/tcp, 55201/tcp, 65431/tcp, 54528/tcp, 34835/tcp, 45802/tcp, 11412/tcp, 36587/tcp, 45156/tcp, 22029/tcp, 20203/tcp, 24817/tcp, 61353/tcp, 64730/tcp, 13584/tcp, 63226/tcp, 20540/tcp, 12157/tcp, 37514/tcp, 46699/tcp, 26469/tcp, 34846/tcp, 42510/tcp (CA eTrust RPC), 33690/tcp, 20159/tcp, 20392/tcp, 26312/tcp, 25544/tcp, 21830/tcp, 29379/tcp, 16590/tcp, 22616/tcp, 28820/tcp, 60545/tcp, 22375/tcp, 29697/tcp, 54880/tcp, 36446/tcp, 25046/tcp, 38438/tcp, 23539/tcp, 13638/tcp, 20691/tcp, 43667/tcp, 26850/tcp, 40552/tcp.
      
BHD Honeypot
Port scan
2021-02-18

In the last 24h, the attacker (89.248.170.114) attempted to scan 549 ports.
The following ports have been scanned: 19534/tcp, 41300/tcp, 12158/tcp, 19239/tcp, 24926/tcp, 56624/tcp, 13075/tcp, 19979/tcp, 51637/tcp, 59891/tcp, 12197/tcp, 44185/tcp, 22926/tcp, 36036/tcp, 51748/tcp, 61756/tcp, 32871/tcp, 49071/tcp, 13954/tcp, 14489/tcp, 39200/tcp, 41884/tcp, 41147/tcp, 55173/tcp, 12972/tcp, 38306/tcp, 47162/tcp, 35259/tcp, 31934/tcp, 51157/tcp, 22922/tcp, 61965/tcp, 63480/tcp, 15711/tcp, 45904/tcp, 16979/tcp, 46766/tcp, 14983/tcp, 43139/tcp, 25805/tcp, 61144/tcp, 25687/tcp, 54713/tcp, 15990/tcp, 37733/tcp, 53787/tcp, 53187/tcp, 16373/tcp, 32999/tcp, 22097/tcp, 50336/tcp, 37598/tcp, 37603/tcp, 15379/tcp, 41948/tcp, 41058/tcp, 14043/tcp, 55378/tcp, 42254/tcp, 19303/tcp, 47083/tcp, 41578/tcp, 25364/tcp, 59930/tcp, 34273/tcp, 31087/tcp, 34035/tcp, 17374/tcp, 25331/tcp, 38265/tcp, 64513/tcp, 45741/tcp, 15488/tcp, 22054/tcp, 15800/tcp, 12246/tcp, 44377/tcp, 22542/tcp, 54763/tcp, 39194/tcp, 11935/tcp, 15466/tcp, 38339/tcp, 15477/tcp, 25857/tcp, 16061/tcp, 34134/tcp, 38328/tcp, 57649/tcp, 52160/tcp, 61795/tcp, 38577/tcp, 18566/tcp, 11921/tcp, 28054/tcp, 12291/tcp, 58973/tcp, 10839/tcp, 44850/tcp, 17651/tcp, 16751/tcp, 47844/tcp, 20054/tcp, 48930/tcp, 46043/tcp, 18789/tcp, 45334/tcp, 41275/tcp, 14271/tcp, 34084/tcp, 39723/tcp, 64231/tcp, 23451/tcp, 36459/tcp, 45284/tcp, 14641/tcp, 14513/tcp, 13915/tcp, 53083/tcp, 22317/tcp, 20908/tcp, 37920/tcp, 22364/tcp, 37260/tcp, 16613/tcp, 13125/tcp, 33433/tcp, 53339/tcp, 48931/tcp, 16011/tcp, 19264/tcp, 58450/tcp, 44107/tcp, 64844/tcp, 28826/tcp, 46403/tcp, 37644/tcp, 48407/tcp, 41656/tcp, 46806/tcp, 53523/tcp, 42477/tcp, 34095/tcp, 41779/tcp, 54677/tcp, 20805/tcp, 62295/tcp, 13798/tcp, 11226/tcp, 45295/tcp, 43197/tcp, 35923/tcp, 55503/tcp, 54008/tcp, 25943/tcp, 24218/tcp, 26437/tcp, 60030/tcp, 35834/tcp, 21613/tcp, 13958/tcp, 59635/tcp, 52684/tcp, 45993/tcp, 14474/tcp, 63940/tcp, 47685/tcp, 25275/tcp, 40564/tcp, 33750/tcp, 38022/tcp, 46736/tcp, 12297/tcp, 32272/tcp, 54995/tcp, 20588/tcp, 37983/tcp, 38132/tcp, 20107/tcp, 41364/tcp, 29527/tcp, 46839/tcp, 33483/tcp, 54902/tcp, 46531/tcp, 33394/tcp, 39367/tcp, 12146/tcp, 16056/tcp, 43317/tcp, 20894/tcp, 45090/tcp, 38833/tcp, 37342/tcp, 37998/tcp, 19312/tcp, 15863/tcp, 15023/tcp, 15175/tcp, 33127/tcp, 36815/tcp, 20567/tcp, 38082/tcp, 19698/tcp, 37181/tcp, 15811/tcp, 43534/tcp, 45519/tcp, 43809/tcp, 52766/tcp, 34044/tcp, 45996/tcp, 38049/tcp, 46906/tcp, 24896/tcp, 16346/tcp, 54596/tcp, 12997/tcp, 23855/tcp, 14676/tcp, 54461/tcp, 20378/tcp, 12502/tcp, 44313/tcp, 20004/tcp, 23189/tcp, 44858/tcp, 21609/tcp, 36598/tcp, 36060/tcp, 14194/tcp, 60909/tcp, 55656/tcp, 63354/tcp, 44936/tcp, 46225/tcp, 37119/tcp, 54143/tcp, 39317/tcp, 16089/tcp, 52901/tcp, 22939/tcp, 34825/tcp, 63415/tcp, 25509/tcp, 49187/tcp, 50847/tcp, 11373/tcp, 38545/tcp, 14281/tcp, 42644/tcp, 18378/tcp, 45336/tcp, 15862/tcp, 10967/tcp, 11801/tcp, 16156/tcp, 41795/tcp (Crestron Terminal Port), 25225/tcp, 26354/tcp, 41544/tcp, 22631/tcp, 46895/tcp, 18611/tcp, 48339/tcp, 35222/tcp, 55340/tcp, 54538/tcp, 45318/tcp, 48219/tcp, 17654/tcp, 16584/tcp, 44591/tcp, 64424/tcp, 17024/tcp, 42241/tcp, 21880/tcp, 37820/tcp, 31751/tcp, 53837/tcp, 22976/tcp, 16840/tcp, 36775/tcp, 58204/tcp, 17882/tcp, 14133/tcp, 35042/tcp, 13926/tcp, 47131/tcp, 38573/tcp, 16257/tcp, 53740/tcp, 62744/tcp, 43142/tcp, 37575/tcp, 18042/tcp, 18472/tcp, 25478/tcp, 52933/tcp, 12819/tcp, 37192/tcp, 42413/tcp, 56118/tcp, 63085/tcp, 38189/tcp, 42463/tcp, 60069/tcp, 38467/tcp, 22015/tcp, 24446/tcp, 14844/tcp, 12897/tcp, 18313/tcp, 12858/tcp, 37882/tcp, 12592/tcp, 45291/tcp, 23812/tcp, 18236/tcp, 15783/tcp, 51432/tcp, 18809/tcp, 43971/tcp, 30998/tcp, 22620/tcp, 38310/tcp, 44071/tcp, 52959/tcp, 56535/tcp, 14246/tcp, 25152/tcp, 23545/tcp, 11331/tcp, 37486/tcp, 48041/tcp, 38616/tcp, 32062/tcp, 53118/tcp, 38061/tcp, 26071/tcp, 24049/tcp, 54627/tcp, 44577/tcp, 47923/tcp, 24905/tcp, 35270/tcp, 36192/tcp, 53570/tcp, 37347/tcp, 55111/tcp, 55862/tcp, 52994/tcp, 11904/tcp, 64589/tcp, 26396/tcp, 38215/tcp, 47991/tcp, 37258/tcp, 47797/tcp, 56296/tcp, 64767/tcp, 17074/tcp, 47350/tcp, 27766/tcp, 21748/tcp, 37041/tcp, 15722/tcp, 53684/tcp, 65340/tcp, 38862/tcp, 37220/tcp, 21125/tcp, 35400/tcp, 37464/tcp, 51815/tcp, 25143/tcp, 55150/tcp, 43865/tcp, 60919/tcp, 60158/tcp, 56037/tcp, 34440/tcp, 61126/tcp, 15666/tcp, 37564/tcp, 27887/tcp, 59112/tcp, 14559/tcp, 43320/tcp, 53606/tcp, 42694/tcp, 23951/tcp, 42636/tcp, 65036/tcp, 52573/tcp, 19351/tcp, 45763/tcp, 61186/tcp, 10878/tcp, 22399/tcp, 15438/tcp, 25092/tcp, 18494/tcp, 11356/tcp, 14029/tcp, 37805/tcp, 61934/tcp, 38723/tcp, 23793/tcp, 51335/tcp, 63302/tcp, 14104/tcp, 18250/tcp, 51894/tcp, 17649/tcp, 40905/tcp, 55553/tcp, 36980/tcp, 11379/tcp, 41286/tcp, 43609/tcp, 25825/tcp, 11929/tcp, 22627/tcp, 21342/tcp, 17821/tcp, 27709/tcp, 55328/tcp, 37894/tcp, 14360/tcp, 42841/tcp, 51676/tcp, 24129/tcp, 54040/tcp, 45367/tcp, 37427/tcp, 19150/tcp, 12019/tcp, 62078/tcp, 46260/tcp, 38705/tcp, 41770/tcp, 55556/tcp, 58026/tcp, 12196/tcp, 13200/tcp, 45868/tcp, 24324/tcp, 52288/tcp, 47596/tcp, 22186/tcp, 13581/tcp, 55940/tcp, 36418/tcp, 11896/tcp, 53823/tcp, 43400/tcp, 21570/tcp, 43533/tcp, 36926/tcp, 33462/tcp, 55186/tcp, 23908/tcp, 23239/tcp, 55770/tcp, 44488/tcp, 43356/tcp, 38734/tcp, 42101/tcp, 25985/tcp, 47874/tcp, 33839/tcp, 37516/tcp, 59585/tcp, 39812/tcp, 55375/tcp, 15201/tcp, 16970/tcp, 13865/tcp, 21442/tcp, 39066/tcp, 39189/tcp, 29161/tcp, 49226/tcp, 35743/tcp, 36800/tcp, 35704/tcp, 25629/tcp, 14005/tcp, 33661/tcp, 25695/tcp, 52032/tcp, 54585/tcp, 64502/tcp, 20591/tcp, 14997/tcp, 15110/tcp, 63493/tcp, 27748/tcp, 30961/tcp, 13580/tcp, 43267/tcp, 60297/tcp, 58578/tcp, 53389/tcp, 24494/tcp, 13164/tcp, 15047/tcp, 34757/tcp, 21264/tcp, 14806/tcp, 22655/tcp, 54983/tcp, 46477/tcp, 55108/tcp, 55072/tcp, 54791/tcp, 35665/tcp, 12730/tcp, 36724/tcp, 47696/tcp, 16228/tcp, 63608/tcp, 21965/tcp, 64908/tcp, 12860/tcp, 11852/tcp, 42747/tcp, 28659/tcp, 14780/tcp, 24435/tcp, 18797/tcp, 41350/tcp, 48308/tcp, 38443/tcp, 52321/tcp, 18467/tcp, 54090/tcp, 17047/tcp, 28371/tcp, 46833/tcp, 34341/tcp, 54844/tcp, 41158/tcp, 36164/tcp, 48485/tcp, 56168/tcp, 13342/tcp, 40998/tcp.
      
BHD Honeypot
Port scan
2021-02-17

Port scan from IP: 89.248.170.114 detected by psad.
BHD Honeypot
Port scan
2021-02-17

In the last 24h, the attacker (89.248.170.114) attempted to scan 969 ports.
The following ports have been scanned: 131/tcp (cisco TNATIVE), 206/tcp (AppleTalk Zone Information), 327/tcp, 399/tcp (ISO Transport Class 2 Non-Control over TCP), 178/tcp (NextStep Window Server), 93/tcp (Device Control Protocol), 44028/tcp, 55389/tcp, 103/tcp (Genesis Point-to-Point Trans Net), 230/tcp, 357/tcp (bhevent), 251/tcp, 43594/tcp, 11624/tcp, 19954/tcp, 17504/tcp, 12325/tcp, 62201/tcp, 387/tcp (Appletalk Update-Based Routing Pro.), 30080/tcp, 124/tcp (ANSA REX Trader), 24688/tcp, 372/tcp (ListProcessor), 320/tcp (PTP General), 176/tcp (GENRAD-MUX), 364/tcp (Aurora CMGR), 72/tcp (Remote Job Service), 240/tcp, 214/tcp (VM PWSCS), 347/tcp (Fatmen Server), 477/tcp (ss7ns), 52243/tcp, 60/tcp, 215/tcp (Insignia Solutions), 36202/tcp, 293/tcp, 46304/tcp, 186/tcp (KIS Protocol), 75/tcp (any private dial out service), 289/tcp, 405/tcp (ncld), 311/tcp (AppleShare IP WebAdmin), 254/tcp, 26053/tcp, 22271/tcp, 17684/tcp, 190/tcp (Gateway Access Control Protocol), 53825/tcp, 27055/tcp, 407/tcp (Timbuktu), 326/tcp, 191/tcp (Prospero Directory Service), 11762/tcp, 233/tcp, 47300/tcp, 350/tcp (MATIP Type A), 43306/tcp, 42057/tcp, 26532/tcp, 23887/tcp, 413/tcp (Storage Management Services Protocol), 393/tcp (Meta5), 332/tcp, 10450/tcp, 97/tcp (Swift Remote Virtural File Protocol), 38506/tcp, 19205/tcp, 36531/tcp, 296/tcp, 252/tcp, 18277/tcp, 325/tcp, 22453/tcp, 8/tcp, 21837/tcp, 278/tcp, 140/tcp (EMFIS Data Service), 121/tcp (Encore Expedited Remote Pro.Call), 432/tcp (IASD), 28290/tcp, 416/tcp (Silverplatter), 58706/tcp, 177/tcp (X Display Manager Control Protocol), 302/tcp, 196/tcp (DNSIX Session Mgt Module Audit Redir), 40816/tcp, 44640/tcp, 241/tcp, 238/tcp, 400/tcp (Oracle Secure Backup), 117/tcp (UUCP Path Service), 111/tcp (SUN Remote Procedure Call), 11406/tcp, 19142/tcp, 265/tcp (X-Bone CTL), 24750/tcp, 55041/tcp, 20602/tcp, 34916/tcp, 27489/tcp, 317/tcp (Zannet), 23602/tcp, 469/tcp (Radio Control Protocol), 136/tcp (PROFILE Naming System), 69/tcp (Trivial File Transfer), 41983/tcp, 36943/tcp, 429/tcp (OCS_AMU), 356/tcp (Cloanto Net 1), 22314/tcp, 41473/tcp, 226/tcp, 48759/tcp, 68/tcp (Bootstrap Protocol Client), 17139/tcp, 36429/tcp, 20200/tcp, 374/tcp (Legent Corporation), 51547/tcp, 47785/tcp, 44334/tcp, 486/tcp (avian), 309/tcp (EntrustTime), 92/tcp (Network Printing Protocol), 377/tcp (NEC Corporation), 1/tcp (TCP Port Service Multiplexer), 380/tcp (TIA/EIA/IS-99 modem server), 199/tcp (SMUX), 447/tcp (DDM-Distributed File Management), 58789/tcp, 977/tcp, 288/tcp, 315/tcp (DPSI), 242/tcp (Direct), 53784/tcp, 94/tcp (Tivoli Object Dispatcher), 466/tcp (digital-vrc), 814/tcp, 435/tcp (MobilIP-MN), 806/tcp, 388/tcp (Unidata LDM), 16630/tcp, 41039/tcp, 32767/tcp (FileNet BPM WS-ReliableMessaging Client), 985/tcp, 383/tcp (hp performance data alarm manager), 79/tcp (Finger), 453/tcp (CreativeServer), 253/tcp, 282/tcp (Cable Port A/X), 31571/tcp, 395/tcp (NetScout Control Protocol), 96/tcp (DIXIE Protocol Specification), 235/tcp, 138/tcp (NETBIOS Datagram Service), 414/tcp (InfoSeek), 23/tcp (Telnet), 144/tcp (Universal Management Architecture), 459/tcp (ampr-rcmd), 850/tcp, 442/tcp (cvc_hostd), 352/tcp (bhoedap4 (added 5/21/97)), 130/tcp (cisco FNATIVE), 11863/tcp, 33266/tcp, 90/tcp (DNSIX Securit Attribute Token Map), 183/tcp (OCBinder), 83/tcp (MIT ML Device), 45919/tcp, 63/tcp (whois++), 468/tcp (proturis), 37028/tcp, 45470/tcp, 20301/tcp, 60715/tcp, 291/tcp, 454/tcp (ContentServer), 45257/tcp, 457/tcp (scohelp), 401/tcp (Uninterruptible Power Supply), 492/tcp (Transport Independent Convergence for FNA), 52410/tcp, 143/tcp (Internet Message Access Protocol), 147/tcp (ISO-IP), 153/tcp (SGMP), 17576/tcp, 101/tcp (NIC Host Name Server), 430/tcp (UTMPSD), 212/tcp (ATEXSSTR), 51887/tcp, 171/tcp (Network Innovations Multiplex), 16620/tcp, 18310/tcp, 37042/tcp, 334/tcp, 45341/tcp, 433/tcp (NNSP), 18027/tcp, 461/tcp (DataRampSrv), 47418/tcp, 157/tcp (KNET/VM Command/Message Protocol), 49/tcp (Login Host Protocol (TACACS)), 232/tcp, 385/tcp (IBM Application), 294/tcp, 404/tcp (nced), 19867/tcp, 22581/tcp, 60657/tcp, 57259/tcp, 394/tcp (EMBL Nucleic Data Transfer), 63189/tcp, 52054/tcp, 23759/tcp, 16419/tcp, 43345/tcp, 344/tcp (Prospero Data Access Protocol), 441/tcp (decvms-sysmgt), 460/tcp (skronk), 431/tcp (UTMPCD), 754/tcp (send), 36776/tcp, 381/tcp (hp performance data collector), 163/tcp (CMIP/TCP Manager), 268/tcp (Tobit David Replica), 31354/tcp, 222/tcp (Berkeley rshd with SPX auth), 77/tcp (any private RJE service), 104/tcp (ACR-NEMA Digital Imag. & Comm. 300), 15978/tcp, 303/tcp, 410/tcp (DECLadebug Remote Debug Protocol), 45648/tcp, 428/tcp (OCS_CMU), 10439/tcp, 110/tcp (Post Office Protocol - Version 3), 464/tcp (kpasswd), 261/tcp (IIOP Name Service over TLS/SSL), 49147/tcp, 482/tcp (bgs-nsi), 270/tcp, 126/tcp (NXEdit), 21079/tcp, 22221/tcp, 321/tcp (PIP), 389/tcp (Lightweight Directory Access Protocol), 31265/tcp, 217/tcp (dBASE Unix), 17760/tcp, 57027/tcp, 36583/tcp, 165/tcp (Xerox), 31024/tcp, 62/tcp (ACA Services), 60273/tcp, 162/tcp (SNMPTRAP), 95/tcp (SUPDUP), 31137/tcp, 23154/tcp, 62666/tcp, 30860/tcp, 180/tcp (Intergraph), 106/tcp (3COM-TSMUX), 301/tcp, 60982/tcp, 263/tcp (HDAP), 496/tcp (PIM-RP-DISC), 43370/tcp, 409/tcp (Prospero Resource Manager Node Man.), 76/tcp (Distributed External Object Store), 43711/tcp, 16769/tcp, 14871/tcp, 16981/tcp, 189/tcp (Queued File Transport), 248/tcp (bhfhs), 20819/tcp, 35884/tcp, 18404/tcp, 5/tcp (Remote Job Entry), 23296/tcp, 463/tcp (alpes), 184/tcp (OCServer), 99/tcp (Metagram Relay), 421/tcp (Ariel 2), 119/tcp (Network News Transfer Protocol), 17309/tcp, 16438/tcp, 20538/tcp, 149/tcp (AED 512 Emulation Service), 17832/tcp, 55825/tcp, 179/tcp (Border Gateway Protocol), 197/tcp (Directory Location Service), 314/tcp (Opalis Robot), 13111/tcp, 86/tcp (Micro Focus Cobol), 19762/tcp, 498/tcp (siam), 63915/tcp, 376/tcp (Amiga Envoy Network Inquiry Proto), 16774/tcp, 43979/tcp, 16540/tcp, 339/tcp, 17039/tcp, 61559/tcp, 38399/tcp, 57/tcp (any private terminal access), 369/tcp (rpc2portmap), 24686/tcp, 223/tcp (Certificate Distribution Center), 18554/tcp, 264/tcp (BGMP), 137/tcp (NETBIOS Name Service), 422/tcp (Ariel 3), 318/tcp (PKIX TimeStamp), 107/tcp (Remote Telnet Service), 227/tcp, 642/tcp (ESRO-EMSDP V1.3), 18414/tcp, 169/tcp (SEND), 646/tcp (LDP), 127/tcp (Locus PC-Interface Conn Server), 363/tcp (RSVP Tunnel), 211/tcp (Texas Instruments 914C/G Terminal), 52427/tcp, 65/tcp (TACACS-Database Service), 42861/tcp, 497/tcp (dantz), 23150/tcp, 18060/tcp, 51937/tcp, 24036/tcp, 4/tcp, 489/tcp (nest-protocol), 390/tcp (UIS), 54/tcp (XNS Clearinghouse), 451/tcp (Cray Network Semaphore server), 17615/tcp, 27016/tcp, 181/tcp (Unify), 100/tcp ([unauthorized use]), 386/tcp (ASA Message Router Object Def.), 36993/tcp, 146/tcp (ISO-IP0), 384/tcp (A Remote Network Server System), 51291/tcp, 33/tcp (Display Support Protocol), 22321/tcp, 362/tcp (SRS Send), 24257/tcp, 194/tcp (Internet Relay Chat Protocol), 13/tcp (Daytime (RFC 867)), 134/tcp (INGRES-NET Service), 483/tcp (ulpnet), 51878/tcp, 35133/tcp, 24185/tcp, 338/tcp, 210/tcp (ANSI Z39.50), 16753/tcp, 70/tcp (Gopher), 246/tcp (Display Systems Protocol), 368/tcp (QbikGDP), 378/tcp (NEC Corporation), 29/tcp (MSG ICP), 36238/tcp, 247/tcp (SUBNTBCST_TFTP), 48/tcp (Digital Audit Daemon), 47/tcp (NI FTP), 973/tcp, 488/tcp (gss-http), 337/tcp, 166/tcp (Sirius Systems), 21435/tcp, 9/tcp (Discard), 342/tcp, 366/tcp (ODMR), 239/tcp, 284/tcp (corerjd), 38089/tcp, 30870/tcp, 46620/tcp, 112/tcp (McIDAS Data Transmission Protocol), 26571/tcp, 192/tcp (OSU Network Monitoring System), 45598/tcp, 58611/tcp, 36758/tcp, 34336/tcp, 341/tcp, 287/tcp (K-BLOCK), 48585/tcp, 115/tcp (Simple File Transfer Protocol), 305/tcp, 266/tcp (SCSI on ST), 343/tcp, 60626/tcp, 55820/tcp, 22132/tcp, 360/tcp (scoi2odialog), 449/tcp (AS Server Mapper), 84/tcp (Common Trace Facility), 434/tcp (MobileIP-Agent), 25526/tcp, 23629/tcp, 59731/tcp, 50122/tcp, 33284/tcp, 348/tcp (Cabletron Management Protocol), 396/tcp (Novell Netware over IP), 60443/tcp, 20/tcp (File Transfer [Default Data]), 34998/tcp, 78/tcp (vettcp), 43/tcp (Who Is), 18099/tcp, 3/tcp (Compression Process), 13531/tcp, 17437/tcp, 328/tcp, 346/tcp (Zebra server), 484/tcp (Integra Software Management Environment), 187/tcp (Application Communication Interface), 159/tcp (NSS-Routing), 35679/tcp, 19953/tcp, 12/tcp, 63278/tcp, 811/tcp, 17701/tcp, 17714/tcp, 154/tcp (NETSC), 34056/tcp, 474/tcp (tn-tl-w1), 23122/tcp, 49503/tcp, 120/tcp (CFDPTKT), 41256/tcp, 58/tcp (XNS Mail), 32578/tcp, 258/tcp, 269/tcp (MANET Protocols), 23058/tcp, 53/tcp (Domain Name Server), 89/tcp (SU/MIT Telnet Gateway), 40994/tcp, 285/tcp, 437/tcp (comscm), 231/tcp, 32262/tcp, 37972/tcp, 41811/tcp, 44/tcp (MPM FLAGS Protocol), 59/tcp (any private file service), 30237/tcp, 22848/tcp, 244/tcp (inbusiness), 403/tcp (decap), 148/tcp (Jargon), 272/tcp, 161/tcp (SNMP), 46/tcp (MPM [default send]), 300/tcp, 491/tcp (go-login), 135/tcp (DCE endpoint resolution), 370/tcp (codaauth2), 109/tcp (Post Office Protocol - Version 2), 17/tcp (Quote of the Day), 18833/tcp, 259/tcp (Efficient Short Remote Operations), 237/tcp, 185/tcp (Remote-KIS), 31877/tcp, 426/tcp (smartsdp), 382/tcp (hp performance data managed node), 57600/tcp, 15494/tcp, 60048/tcp, 55033/tcp, 30176/tcp, 73/tcp (Remote Job Service), 277/tcp, 34790/tcp, 17776/tcp, 249/tcp, 770/tcp (cadlock), 55022/tcp, 12018/tcp, 43811/tcp, 44284/tcp, 324/tcp, 336/tcp, 60223/tcp, 41133/tcp, 64274/tcp, 490/tcp (micom-pfs), 54474/tcp, 202/tcp (AppleTalk Name Binding), 391/tcp (SynOptics SNMP Relay Port), 37477/tcp, 15/tcp, 60807/tcp, 35886/tcp, 51192/tcp, 81/tcp, 17632/tcp, 267/tcp (Tobit David Service Layer), 156/tcp (SQL Service), 7/tcp (Echo), 43544/tcp, 174/tcp (MAILQ), 42/tcp (Host Name Server), 470/tcp (scx-proxy), 35847/tcp, 444/tcp (Simple Network Paging Protocol), 32/tcp, 37054/tcp, 44939/tcp, 116/tcp (ANSA REX Notify), 32070/tcp, 71/tcp (Remote Job Service), 57777/tcp, 52/tcp (XNS Time Protocol), 271/tcp, 33501/tcp, 213/tcp (IPX), 17682/tcp, 41962/tcp, 419/tcp (Ariel 1), 48169/tcp, 310/tcp (bhmds), 105/tcp (Mailbox Name Nameserver), 411/tcp (Remote MT Protocol), 20670/tcp (Track), 30909/tcp, 164/tcp (CMIP/TCP Agent), 476/tcp (tn-tl-fd1), 114/tcp, 39/tcp (Resource Location Protocol), 36/tcp, 168/tcp (RSVD), 23419/tcp, 59995/tcp, 25/tcp (Simple Mail Transfer), 44277/tcp, 913/tcp (APEX endpoint-relay service), 455/tcp (CreativePartnr), 129/tcp (Password Generator Protocol), 37420/tcp, 36068/tcp, 195/tcp (DNSIX Network Level Module Audit), 34/tcp, 427/tcp (Server Location), 40/tcp, 35/tcp (any private printer server), 467/tcp (mylex-mapd), 358/tcp (Shrinkwrap), 425/tcp (ICAD), 397/tcp (Multi Protocol Trans. Net.), 228/tcp, 345/tcp (Perf Analysis Workbench), 458/tcp (apple quick time), 23492/tcp, 355/tcp (DATEX-ASN), 306/tcp, 20912/tcp, 998/tcp (busboy), 48752/tcp, 299/tcp, 50/tcp (Remote Mail Checking Protocol), 35997/tcp, 21392/tcp, 276/tcp, 34558/tcp, 41/tcp (Graphics), 392/tcp (SynOptics Port Broker Port), 141/tcp (EMFIS Control Service), 475/tcp (tcpnethaspsrv), 418/tcp (Hyper-G), 61055/tcp, 465/tcp (URL Rendesvous Directory for SSM), 420/tcp (SMPTE), 965/tcp, 16863/tcp, 438/tcp (dsfgw), 424/tcp (IBM Operations Planning and Control Track), 36552/tcp, 158/tcp (PCMail Server), 145/tcp (UAAC Protocol), 21036/tcp, 20784/tcp, 250/tcp, 2/tcp (Management Utility), 150/tcp (SQL-NET), 63100/tcp, 495/tcp (intecourier), 10/tcp, 406/tcp (Interactive Mail Support Protocol), 349/tcp (mftp), 132/tcp (cisco SYSMAINT), 204/tcp (AppleTalk Echo), 450/tcp (Computer Supported Telecomunication Applications), 38144/tcp, 201/tcp (AppleTalk Routing Maintenance), 485/tcp (Air Soft Power Burst), 225/tcp, 36509/tcp, 45578/tcp, 292/tcp, 16/tcp, 61/tcp (NI MAIL), 322/tcp (RTSPS), 462/tcp (DataRampSrvSec), 966/tcp, 22232/tcp, 26/tcp, 452/tcp (Cray SFS config server), 996/tcp (vsinet), 36496/tcp, 319/tcp (PTP Event), 481/tcp (Ph service), 87/tcp (any private terminal link), 44741/tcp, 62424/tcp, 16195/tcp, 260/tcp (Openport), 23414/tcp, 102/tcp (ISO-TSAP Class 0), 88/tcp (Kerberos), 50161/tcp, 329/tcp, 123/tcp (Network Time Protocol), 23968/tcp, 331/tcp, 51/tcp (IMP Logical Address Maintenance), 91/tcp (MIT Dover Spooler), 274/tcp, 379/tcp (TIA/EIA/IS-99 modem client), 38500/tcp, 44384/tcp, 118/tcp (SQL Services), 224/tcp (masqdialer), 205/tcp (AppleTalk Unused), 10589/tcp, 281/tcp (Personal Link), 15405/tcp, 19/tcp (Character Generator), 335/tcp, 41562/tcp, 297/tcp, 219/tcp (Unisys ARPs), 59724/tcp, 56632/tcp, 151/tcp (HEMS), 37965/tcp, 20505/tcp, 216/tcp (Computer Associates Int'l License Server), 54154/tcp, 53645/tcp, 66/tcp (Oracle SQL*NET), 28/tcp, 60184/tcp, 60084/tcp, 23056/tcp, 681/tcp (entrust-aams), 27/tcp (NSW User System FE), 98/tcp (TAC News), 48437/tcp, 50273/tcp, 11/tcp (Active Users), 155/tcp (NETSC), 36557/tcp, 113/tcp (Authentication Service), 417/tcp (Onmux), 21353/tcp, 712/tcp (TBRPF), 479/tcp (iafserver), 529/tcp (IRC-SERV), 28759/tcp, 448/tcp (DDM-Remote DB Access Using Secure Sockets), 218/tcp (Netix Message Posting Protocol), 353/tcp (NDSAUTH), 209/tcp (The Quick Mail Transfer Protocol), 142/tcp (Britton-Lee IDM), 472/tcp (ljk-login), 55289/tcp, 133/tcp (Statistics Service), 24524/tcp, 108/tcp (SNA Gateway Access Server), 398/tcp (Kryptolan), 42674/tcp, 31611/tcp, 62996/tcp, 255/tcp, 16887/tcp, 993/tcp (imap4 protocol over TLS/SSL), 290/tcp, 423/tcp (IBM Operations Planning and Control Start), 18454/tcp, 402/tcp (Genie Protocol), 35434/tcp, 323/tcp, 32761/tcp, 220/tcp (Interactive Mail Access Protocol v3), 173/tcp (Xyplex), 48624/tcp, 273/tcp, 14/tcp, 280/tcp (http-mgmt), 446/tcp (DDM-Remote Relational Database Access), 37/tcp (Time), 55703/tcp, 19843/tcp, 57916/tcp, 243/tcp (Survey Measurement), 45658/tcp, 60571/tcp, 44210/tcp, 34490/tcp, 340/tcp, 29916/tcp, 313/tcp (Magenta Logic), 44017/tcp, 256/tcp (RAP), 23862/tcp, 25909/tcp, 365/tcp (DTK), 279/tcp, 298/tcp, 375/tcp (Hassle), 245/tcp (LINK), 29258/tcp, 439/tcp (dasp      Thomas Obermair), 316/tcp (decAuth), 188/tcp (Plus Five's MUMPS), 208/tcp (AppleTalk Unused), 44551/tcp, 10845/tcp, 333/tcp (Texar Security Port), 494/tcp (POV-Ray), 58617/tcp, 182/tcp (Unisys Audit SITP), 487/tcp (saft Simple Asynchronous File Transfer), 412/tcp (Trap Convention Port), 67/tcp (Bootstrap Protocol Server), 15896/tcp, 42546/tcp, 64/tcp (Communications Integrator (CI)), 330/tcp, 831/tcp (NETCONF over BEEP), 24855/tcp, 720/tcp, 59836/tcp, 85/tcp (MIT ML Device), 193/tcp (Spider Remote Monitoring Protocol), 203/tcp (AppleTalk Unused), 917/tcp, 234/tcp, 12978/tcp, 361/tcp (Semantix), 445/tcp (Microsoft-DS), 43138/tcp, 45/tcp (Message Processing Module [recv]), 440/tcp (sgcp), 18/tcp (Message Send Protocol), 198/tcp (Directory Location Service Monitor), 160/tcp (SGMP-TRAPS), 23558/tcp, 37299/tcp, 41829/tcp, 139/tcp (NETBIOS Session Service), 44555/tcp, 796/tcp, 58661/tcp, 37883/tcp, 50495/tcp, 55/tcp (ISI Graphics Language), 43000/tcp, 6/tcp, 499/tcp (ISO ILL Protocol), 38/tcp (Route Access Protocol), 207/tcp (AppleTalk Unused), 436/tcp (DNA-CML), 30/tcp, 415/tcp (BNet), 500/tcp (isakmp), 257/tcp (Secure Electronic Transaction), 59967/tcp, 408/tcp (Prospero Resource Manager Sys. Man.), 125/tcp (Locus PC-Interface Net Map Ser), 37577/tcp, 11812/tcp, 21474/tcp, 10194/tcp, 43188/tcp (REACHOUT), 20794/tcp, 308/tcp (Novastor Backup), 61330/tcp, 37694/tcp, 236/tcp, 40398/tcp, 34953/tcp, 221/tcp (Berkeley rlogind with SPX auth), 51750/tcp, 19618/tcp, 493/tcp (Transport Independent Convergence for FNA), 37437/tcp, 44501/tcp, 122/tcp (SMAKYNET), 24/tcp (any private mail system), 229/tcp, 44072/tcp, 24624/tcp, 478/tcp (spsc), 45174/tcp, 456/tcp (macon-tcp), 172/tcp (Network Innovations CL/1), 128/tcp (GSS X License Verification), 25069/tcp, 16792/tcp, 152/tcp (Background File Transfer Program), 35612/tcp, 304/tcp, 307/tcp, 49597/tcp, 175/tcp (VMNET), 286/tcp (FXP Communication), 74/tcp (Remote Job Service), 295/tcp, 312/tcp (VSLMP), 36697/tcp, 373/tcp (Legent Corporation), 354/tcp (bh611), 262/tcp (Arcisdms), 37320/tcp, 275/tcp, 283/tcp (rescap), 473/tcp (hybrid-pop), 167/tcp (NAMP), 367/tcp (MortgageWare), 31/tcp (MSG Authentication), 359/tcp (Network Security Risk Management Protocol), 30603/tcp, 170/tcp (Network PostScript), 19359/tcp, 36227/tcp, 480/tcp (iafdbase).
      
BHD Honeypot
Port scan
2021-02-16

In the last 24h, the attacker (89.248.170.114) attempted to scan 929 ports.
The following ports have been scanned: 131/tcp (cisco TNATIVE), 570/tcp (demon), 206/tcp (AppleTalk Zone Information), 327/tcp, 399/tcp (ISO Transport Class 2 Non-Control over TCP), 178/tcp (NextStep Window Server), 93/tcp (Device Control Protocol), 995/tcp (pop3 protocol over TLS/SSL (was spop3)), 103/tcp (Genesis Point-to-Point Trans Net), 967/tcp, 230/tcp, 700/tcp (Extensible Provisioning Protocol), 910/tcp (Kerberized Internet Negotiation of Keys (KINK)), 357/tcp (bhevent), 644/tcp (dwr), 251/tcp, 619/tcp (Compaq EVM), 757/tcp, 626/tcp (ASIA), 635/tcp (RLZ DBase), 387/tcp (Appletalk Update-Based Routing Pro.), 943/tcp, 124/tcp (ANSA REX Trader), 986/tcp, 652/tcp (HELLO_PORT), 372/tcp (ListProcessor), 718/tcp, 320/tcp (PTP General), 802/tcp, 794/tcp, 176/tcp (GENRAD-MUX), 364/tcp (Aurora CMGR), 72/tcp (Remote Job Service), 240/tcp, 214/tcp (VM PWSCS), 530/tcp (rpc), 347/tcp (Fatmen Server), 477/tcp (ss7ns), 60/tcp, 215/tcp (Insignia Solutions), 772/tcp (cycleserv2), 293/tcp, 186/tcp (KIS Protocol), 512/tcp (remote process execution;), 75/tcp (any private dial out service), 289/tcp, 555/tcp (dsf), 405/tcp (ncld), 311/tcp (AppleShare IP WebAdmin), 254/tcp, 190/tcp (Gateway Access Control Protocol), 834/tcp, 735/tcp, 717/tcp, 1000/tcp (cadlock2), 407/tcp (Timbuktu), 758/tcp (nlogin), 200/tcp (IBM System Resource Controller), 907/tcp, 636/tcp (ldap protocol over TLS/SSL (was sldap)), 326/tcp, 191/tcp (Prospero Directory Service), 233/tcp, 350/tcp (MATIP Type A), 662/tcp (PFTP), 974/tcp, 738/tcp, 684/tcp (CORBA IIOP SSL), 647/tcp (DHCP Failover), 761/tcp (rxe), 413/tcp (Storage Management Services Protocol), 393/tcp (Meta5), 332/tcp, 714/tcp (IRIS over XPCS), 680/tcp (entrust-aaas), 595/tcp (CAB Protocol), 565/tcp (whoami), 708/tcp, 874/tcp, 660/tcp (MacOS Server Admin), 97/tcp (Swift Remote Virtural File Protocol), 795/tcp, 296/tcp, 624/tcp (Crypto Admin), 252/tcp, 526/tcp (newdate), 611/tcp (npmp-gui), 325/tcp, 960/tcp, 8/tcp, 278/tcp, 140/tcp (EMFIS Data Service), 711/tcp (Cisco TDP), 629/tcp (3Com AMP3), 800/tcp (mdbs_daemon), 121/tcp (Encore Expedited Remote Pro.Call), 820/tcp, 432/tcp (IASD), 416/tcp (Silverplatter), 682/tcp (XFR), 302/tcp, 679/tcp (MRM), 196/tcp (DNSIX Session Mgt Module Audit Redir), 833/tcp (NETCONF for SOAP over BEEP), 241/tcp, 676/tcp (VPPS Via), 238/tcp, 400/tcp (Oracle Secure Backup), 117/tcp (UUCP Path Service), 111/tcp (SUN Remote Procedure Call), 602/tcp (XML-RPC over BEEP), 982/tcp, 265/tcp (X-Bone CTL), 934/tcp, 725/tcp, 623/tcp (DMTF out-of-band web services management protocol), 970/tcp, 317/tcp (Zannet), 533/tcp (for emergency broadcasts), 469/tcp (Radio Control Protocol), 136/tcp (PROFILE Naming System), 69/tcp (Trivial File Transfer), 989/tcp (ftp protocol, data, over TLS/SSL), 742/tcp (Network based Rev. Cont. Sys.), 429/tcp (OCS_AMU), 589/tcp (EyeLink), 356/tcp (Cloanto Net 1), 226/tcp, 68/tcp (Bootstrap Protocol Client), 374/tcp (Legent Corporation), 692/tcp (Hyperwave-ISP), 486/tcp (avian), 309/tcp (EntrustTime), 92/tcp (Network Printing Protocol), 909/tcp, 377/tcp (NEC Corporation), 1/tcp (TCP Port Service Multiplexer), 380/tcp (TIA/EIA/IS-99 modem server), 199/tcp (SMUX), 447/tcp (DDM-Distributed File Management), 780/tcp (wpgs), 745/tcp, 288/tcp, 729/tcp (IBM NetView DM/6000 Server/Client), 707/tcp (Borland DSJ), 315/tcp (DPSI), 871/tcp, 242/tcp (Direct), 787/tcp, 744/tcp (Flexible License Manager), 931/tcp, 94/tcp (Tivoli Object Dispatcher), 466/tcp (digital-vrc), 620/tcp (SCO WebServer Manager), 435/tcp (MobilIP-MN), 388/tcp (Unidata LDM), 383/tcp (hp performance data alarm manager), 79/tcp (Finger), 453/tcp (CreativeServer), 856/tcp, 908/tcp, 253/tcp, 621/tcp (ESCP), 282/tcp (Cable Port A/X), 395/tcp (NetScout Control Protocol), 96/tcp (DIXIE Protocol Specification), 235/tcp, 138/tcp (NETBIOS Datagram Service), 414/tcp (InfoSeek), 878/tcp, 638/tcp (mcns-sec), 766/tcp, 144/tcp (Universal Management Architecture), 459/tcp (ampr-rcmd), 551/tcp (cybercash), 442/tcp (cvc_hostd), 628/tcp (QMQP), 352/tcp (bhoedap4 (added 5/21/97)), 517/tcp (like tenex link, but across), 130/tcp (cisco FNATIVE), 90/tcp (DNSIX Securit Attribute Token Map), 183/tcp (OCBinder), 83/tcp (MIT ML Device), 63/tcp (whois++), 468/tcp (proturis), 573/tcp (banyan-vip), 562/tcp (chcmd), 584/tcp (Key Server), 524/tcp (NCP), 291/tcp, 454/tcp (ContentServer), 82/tcp (XFER Utility), 56/tcp (XNS Authentication), 457/tcp (scohelp), 401/tcp (Uninterruptible Power Supply), 492/tcp (Transport Independent Convergence for FNA), 143/tcp (Internet Message Access Protocol), 147/tcp (ISO-IP), 153/tcp (SGMP), 101/tcp (NIC Host Name Server), 430/tcp (UTMPSD), 212/tcp (ATEXSSTR), 861/tcp (OWAMP-Control), 762/tcp (quotad), 171/tcp (Network Innovations Multiplex), 789/tcp, 590/tcp (TNS CML), 334/tcp, 433/tcp (NNSP), 461/tcp (DataRampSrv), 948/tcp, 822/tcp, 157/tcp (KNET/VM Command/Message Protocol), 49/tcp (Login Host Protocol (TACACS)), 232/tcp, 385/tcp (IBM Application), 294/tcp, 404/tcp (nced), 394/tcp (EMBL Nucleic Data Transfer), 847/tcp (dhcp-failover 2), 344/tcp (Prospero Data Access Protocol), 650/tcp (OBEX), 441/tcp (decvms-sysmgt), 887/tcp (ICL coNETion server info), 519/tcp (unixtime), 460/tcp (skronk), 637/tcp (lanserver), 978/tcp, 979/tcp, 721/tcp, 657/tcp (RMC), 381/tcp (hp performance data collector), 832/tcp (NETCONF for SOAP over HTTPS), 163/tcp (CMIP/TCP Manager), 873/tcp (rsync), 268/tcp (Tobit David Replica), 520/tcp (extended file name server), 222/tcp (Berkeley rshd with SPX auth), 922/tcp, 77/tcp (any private RJE service), 104/tcp (ACR-NEMA Digital Imag. & Comm. 300), 999/tcp (puprouter), 303/tcp, 410/tcp (DECLadebug Remote Debug Protocol), 932/tcp, 671/tcp (VACDSM-APP), 428/tcp (OCS_CMU), 110/tcp (Post Office Protocol - Version 3), 464/tcp (kpasswd), 261/tcp (IIOP Name Service over TLS/SSL), 482/tcp (bgs-nsi), 270/tcp, 879/tcp, 126/tcp (NXEdit), 807/tcp, 753/tcp (rrh), 804/tcp, 798/tcp, 837/tcp, 751/tcp (pump), 915/tcp, 799/tcp, 321/tcp (PIP), 389/tcp (Lightweight Directory Access Protocol), 722/tcp, 885/tcp, 809/tcp, 844/tcp, 217/tcp (dBASE Unix), 591/tcp (FileMaker, Inc. - HTTP Alternate (see Port 80)), 576/tcp (ipcd), 875/tcp, 956/tcp, 900/tcp (OMG Initial Refs), 678/tcp (GNU Generation Foundation NCP), 165/tcp (Xerox), 610/tcp (npmp-local), 62/tcp (ACA Services), 162/tcp (SNMPTRAP), 95/tcp (SUPDUP), 592/tcp (Eudora Set), 561/tcp (monitor), 994/tcp (irc protocol over TLS/SSL), 571/tcp (udemon), 759/tcp (con), 180/tcp (Intergraph), 106/tcp (3COM-TSMUX), 301/tcp, 859/tcp, 496/tcp (PIM-RP-DISC), 947/tcp, 876/tcp, 409/tcp (Prospero Resource Manager Node Man.), 76/tcp (Distributed External Object Store), 767/tcp (phone), 578/tcp (ipdd), 606/tcp (Cray Unified Resource Manager), 189/tcp (Queued File Transport), 248/tcp (bhfhs), 5/tcp (Remote Job Entry), 835/tcp, 371/tcp (Clearcase), 463/tcp (alpes), 184/tcp (OCServer), 99/tcp (Metagram Relay), 421/tcp (Ariel 2), 933/tcp, 685/tcp (MDC Port Mapper), 119/tcp (Network News Transfer Protocol), 791/tcp, 149/tcp (AED 512 Emulation Service), 935/tcp, 567/tcp (banyan-rpc), 179/tcp (Border Gateway Protocol), 598/tcp (SCO Web Server Manager 3), 648/tcp (Registry Registrar Protocol (RRP)), 197/tcp (Directory Location Service), 314/tcp (Opalis Robot), 870/tcp, 86/tcp (Micro Focus Cobol), 498/tcp (siam), 542/tcp (commerce), 376/tcp (Amiga Envoy Network Inquiry Proto), 601/tcp (Reliable Syslog Service), 950/tcp, 339/tcp, 843/tcp, 980/tcp, 855/tcp, 57/tcp (any private terminal access), 369/tcp (rpc2portmap), 677/tcp (Virtual Presence Protocol), 223/tcp (Certificate Distribution Center), 264/tcp (BGMP), 137/tcp (NETBIOS Name Service), 658/tcp (TenFold), 863/tcp, 422/tcp (Ariel 3), 318/tcp (PKIX TimeStamp), 502/tcp (asa-appl-proto), 867/tcp, 107/tcp (Remote Telnet Service), 227/tcp, 651/tcp (IEEE MMS), 169/tcp (SEND), 670/tcp (VACDSM-SWS), 127/tcp (Locus PC-Interface Conn Server), 363/tcp (RSVP Tunnel), 543/tcp (klogin), 211/tcp (Texas Instruments 914C/G Terminal), 895/tcp, 889/tcp, 955/tcp, 65/tcp (TACACS-Database Service), 534/tcp (windream Admin), 838/tcp, 549/tcp (IDFP), 612/tcp (HMMP Indication), 497/tcp (dantz), 760/tcp (ns), 4/tcp, 489/tcp (nest-protocol), 390/tcp (UIS), 54/tcp (XNS Clearinghouse), 451/tcp (Cray Network Semaphore server), 937/tcp, 842/tcp, 181/tcp (Unify), 507/tcp (crs), 100/tcp ([unauthorized use]), 696/tcp (RUSHD), 386/tcp (ASA Message Router Object Def.), 523/tcp (IBM-DB2), 564/tcp (plan 9 file service), 146/tcp (ISO-IP0), 384/tcp (A Remote Network Server System), 903/tcp (self documenting Telnet Panic Door), 33/tcp (Display Support Protocol), 362/tcp (SRS Send), 194/tcp (Internet Relay Chat Protocol), 777/tcp (Multiling HTTP), 817/tcp, 134/tcp (INGRES-NET Service), 483/tcp (ulpnet), 953/tcp, 731/tcp (IBM NetView DM/6000 receive/tcp), 338/tcp, 210/tcp (ANSI Z39.50), 70/tcp (Gopher), 246/tcp (Display Systems Protocol), 675/tcp (DCTP), 779/tcp, 368/tcp (QbikGDP), 378/tcp (NEC Corporation), 29/tcp (MSG ICP), 886/tcp (ICL coNETion locate server), 247/tcp (SUBNTBCST_TFTP), 48/tcp (Digital Audit Daemon), 47/tcp (NI FTP), 639/tcp (MSDP), 515/tcp (spooler), 488/tcp (gss-http), 872/tcp, 337/tcp, 919/tcp, 166/tcp (Sirius Systems), 547/tcp (DHCPv6 Server), 9/tcp (Discard), 342/tcp, 366/tcp (ODMR), 239/tcp, 284/tcp (corerjd), 112/tcp (McIDAS Data Transmission Protocol), 888/tcp (CD Database Protocol), 739/tcp, 192/tcp (OSU Network Monitoring System), 706/tcp (SILC), 697/tcp (UUIDGEN), 341/tcp, 506/tcp (ohimsrv), 287/tcp (K-BLOCK), 553/tcp (pirp), 115/tcp (Simple File Transfer Protocol), 305/tcp, 266/tcp (SCSI on ST), 343/tcp, 633/tcp (Service Status update (Sterling Software)), 841/tcp, 683/tcp (CORBA IIOP), 654/tcp (AODV), 449/tcp (AS Server Mapper), 84/tcp (Common Trace Facility), 792/tcp, 528/tcp (Customer IXChange), 540/tcp (uucpd), 939/tcp, 944/tcp, 640/tcp (entrust-sps), 434/tcp (MobileIP-Agent), 927/tcp, 920/tcp, 588/tcp (CAL), 348/tcp (Cabletron Management Protocol), 396/tcp (Novell Netware over IP), 667/tcp (campaign contribution disclosures - SDR Technologies), 819/tcp, 20/tcp (File Transfer [Default Data]), 521/tcp (ripng), 997/tcp (maitrd), 78/tcp (vettcp), 581/tcp (Bundle Discovery Protocol), 43/tcp (Who Is), 3/tcp (Compression Process), 522/tcp (ULP), 328/tcp, 862/tcp (Two-way Active Measurement Protocol (TWAMP) Control), 346/tcp (Zebra server), 484/tcp (Integra Software Management Environment), 187/tcp (Application Communication Interface), 805/tcp, 159/tcp (NSS-Routing), 575/tcp (VEMMI), 538/tcp (gdomap), 756/tcp, 942/tcp, 12/tcp, 154/tcp (NETSC), 474/tcp (tn-tl-w1), 120/tcp (CFDPTKT), 641/tcp (repcmd), 508/tcp (xvttp), 784/tcp, 928/tcp, 58/tcp (XNS Mail), 968/tcp, 826/tcp, 258/tcp, 269/tcp (MANET Protocols), 959/tcp, 53/tcp (Domain Name Server), 89/tcp (SU/MIT Telnet Gateway), 585/tcp, 285/tcp, 952/tcp, 437/tcp (comscm), 231/tcp, 583/tcp (Philips Video-Conferencing), 905/tcp, 536/tcp (opalis-rdv), 44/tcp (MPM FLAGS Protocol), 59/tcp (any private file service), 665/tcp (Sun DR), 608/tcp (Sender-Initiated/Unsolicited File Transfer), 930/tcp, 244/tcp (inbusiness), 403/tcp (decap), 617/tcp (SCO Desktop Administration Server), 148/tcp (Jargon), 503/tcp (Intrinsa), 272/tcp, 803/tcp, 161/tcp (SNMP), 46/tcp (MPM [default send]), 300/tcp, 491/tcp (go-login), 135/tcp (DCE endpoint resolution), 370/tcp (codaauth2), 923/tcp, 109/tcp (Post Office Protocol - Version 2), 695/tcp (IEEE-MMS-SSL), 17/tcp (Quote of the Day), 259/tcp (Efficient Short Remote Operations), 237/tcp, 185/tcp (Remote-KIS), 723/tcp, 426/tcp (smartsdp), 382/tcp (hp performance data managed node), 854/tcp, 918/tcp, 901/tcp (SMPNAMERES), 827/tcp, 604/tcp (TUNNEL), 840/tcp, 938/tcp, 793/tcp, 504/tcp (citadel), 741/tcp (netGW), 73/tcp (Remote Job Service), 550/tcp (new-who), 277/tcp, 808/tcp, 249/tcp, 663/tcp (PureNoise), 324/tcp, 490/tcp (micom-pfs), 698/tcp (OLSR), 202/tcp (AppleTalk Name Binding), 391/tcp (SynOptics SNMP Relay Port), 941/tcp, 15/tcp, 509/tcp (snare), 724/tcp, 81/tcp, 267/tcp (Tobit David Service Layer), 858/tcp, 949/tcp, 156/tcp (SQL Service), 765/tcp (webster), 7/tcp (Echo), 572/tcp (sonar), 743/tcp, 174/tcp (MAILQ), 558/tcp (SDNSKMP), 715/tcp (IRIS-LWZ), 630/tcp (RDA), 42/tcp (Host Name Server), 961/tcp, 470/tcp (scx-proxy), 444/tcp (Simple Network Paging Protocol), 32/tcp, 936/tcp, 778/tcp, 906/tcp, 785/tcp, 116/tcp (ANSA REX Notify), 71/tcp (Remote Job Service), 52/tcp (XNS Time Protocol), 673/tcp (CIMPLEX), 271/tcp, 848/tcp (GDOI), 616/tcp (SCO System Administration Server), 213/tcp (IPX), 774/tcp (rpasswd), 419/tcp (Ariel 1), 310/tcp (bhmds), 783/tcp, 105/tcp (Mailbox Name Nameserver), 411/tcp (Remote MT Protocol), 972/tcp, 881/tcp, 666/tcp (doom Id Software), 476/tcp (tn-tl-fd1), 904/tcp, 582/tcp (SCC Security), 39/tcp (Resource Location Protocol), 36/tcp, 168/tcp (RSVD), 25/tcp (Simple Mail Transfer), 455/tcp (CreativePartnr), 129/tcp (Password Generator Protocol), 597/tcp (PTC Name Service), 195/tcp (DNSIX Network Level Module Audit), 34/tcp, 427/tcp (Server Location), 618/tcp (DEI-ICDA), 40/tcp, 846/tcp, 35/tcp (any private printer server), 467/tcp (mylex-mapd), 890/tcp, 358/tcp (Shrinkwrap), 691/tcp (MS Exchange Routing), 701/tcp (Link Management Protocol (LMP)), 825/tcp, 425/tcp (ICAD), 397/tcp (Multi Protocol Trans. Net.), 713/tcp (IRIS over XPC), 709/tcp (Entrust Key Management Service Handler), 228/tcp, 345/tcp (Perf Analysis Workbench), 458/tcp (apple quick time), 632/tcp (bmpp), 355/tcp (DATEX-ASN), 306/tcp, 746/tcp, 693/tcp (almanid Connection Endpoint), 299/tcp, 50/tcp (Remote Mail Checking Protocol), 781/tcp, 884/tcp, 276/tcp, 964/tcp, 41/tcp (Graphics), 392/tcp (SynOptics Port Broker Port), 615/tcp (Internet Configuration Manager), 141/tcp (EMFIS Control Service), 475/tcp (tcpnethaspsrv), 418/tcp (Hyper-G), 465/tcp (URL Rendesvous Directory for SSM), 420/tcp (SMPTE), 958/tcp, 815/tcp, 829/tcp (PKIX-3 CA/RA), 438/tcp (dsfgw), 686/tcp (Hardware Control Protocol Wismar), 424/tcp (IBM Operations Planning and Control Track), 158/tcp (PCMail Server), 145/tcp (UAAC Protocol), 983/tcp, 545/tcp (appleqtcsrvr), 790/tcp, 896/tcp, 250/tcp, 2/tcp (Management Utility), 150/tcp (SQL-NET), 559/tcp (TEEDTAP), 954/tcp, 495/tcp (intecourier), 10/tcp, 649/tcp (Cadview-3d - streaming 3d models over the internet), 406/tcp (Interactive Mail Support Protocol), 349/tcp (mftp), 132/tcp (cisco SYSMAINT), 204/tcp (AppleTalk Echo), 450/tcp (Computer Supported Telecomunication Applications), 672/tcp (VPPS-QUA), 516/tcp (videotex), 894/tcp, 201/tcp (AppleTalk Routing Maintenance), 747/tcp (Fujitsu Device Control), 485/tcp (Air Soft Power Burst), 225/tcp, 699/tcp (Access Network), 661/tcp (HAP), 292/tcp, 810/tcp (FCP), 16/tcp, 853/tcp, 925/tcp, 322/tcp (RTSPS), 963/tcp, 771/tcp (rtip), 462/tcp (DataRampSrvSec), 510/tcp (FirstClass Protocol), 554/tcp (Real Time Streaming Protocol (RTSP)), 26/tcp, 849/tcp, 452/tcp (Cray SFS config server), 319/tcp (PTP Event), 566/tcp (streettalk), 481/tcp (Ph service), 839/tcp, 87/tcp (any private terminal link), 899/tcp, 733/tcp, 569/tcp (microsoft rome), 600/tcp (Sun IPC server), 668/tcp (MeComm), 987/tcp, 260/tcp (Openport), 351/tcp (bhoetty (added 5/21/97)), 916/tcp, 513/tcp (remote login a la telnet;), 102/tcp (ISO-TSAP Class 0), 531/tcp (chat), 535/tcp (iiop), 563/tcp (nntp protocol over TLS/SSL (was snntp)), 971/tcp, 88/tcp (Kerberos), 625/tcp (DEC DLM), 329/tcp, 123/tcp (Network Time Protocol), 865/tcp, 505/tcp (mailbox-lm), 331/tcp, 91/tcp (MIT Dover Spooler), 274/tcp, 379/tcp (TIA/EIA/IS-99 modem client), 118/tcp (SQL Services), 537/tcp (Networked Media Streaming Protocol), 224/tcp (masqdialer), 577/tcp (vnas), 574/tcp (FTP Software Agent System), 205/tcp (AppleTalk Unused), 552/tcp (DeviceShare), 281/tcp (Personal Link), 19/tcp (Character Generator), 335/tcp, 297/tcp, 946/tcp, 219/tcp (Unisys ARPs), 664/tcp (DMTF out-of-band secure web services management protocol), 593/tcp (HTTP RPC Ep Map), 740/tcp, 613/tcp (HMMP Operation), 151/tcp (HEMS), 893/tcp, 568/tcp (microsoft shuttle), 845/tcp, 216/tcp (Computer Associates Int'l License Server), 557/tcp (openvms-sysipc), 66/tcp (Oracle SQL*NET), 28/tcp, 27/tcp (NSW User System FE), 98/tcp (TAC News), 719/tcp, 11/tcp (Active Users), 155/tcp (NETSC), 113/tcp (Authentication Service), 776/tcp (wpages), 417/tcp (Onmux), 479/tcp (iafserver), 992/tcp (telnet protocol over TLS/SSL), 448/tcp (DDM-Remote DB Access Using Secure Sockets), 674/tcp (ACAP), 218/tcp (Netix Message Posting Protocol), 353/tcp (NDSAUTH), 209/tcp (The Quick Mail Transfer Protocol), 142/tcp (Britton-Lee IDM), 472/tcp (ljk-login), 868/tcp, 133/tcp (Statistics Service), 108/tcp (SNA Gateway Access Server), 527/tcp (Stock IXChange), 398/tcp (Kryptolan), 898/tcp, 290/tcp, 734/tcp, 975/tcp, 0/tcp, 546/tcp (DHCPv6 Client), 539/tcp (Apertus Technologies Load Determination), 423/tcp (IBM Operations Planning and Control Start), 402/tcp (Genie Protocol), 643/tcp (SANity), 823/tcp, 323/tcp, 220/tcp (Interactive Mail Access Protocol v3), 173/tcp (Xyplex), 273/tcp, 587/tcp (Submission), 14/tcp, 280/tcp (http-mgmt), 446/tcp (DDM-Remote Relational Database Access), 37/tcp (Time), 599/tcp (Aeolon Core Protocol), 830/tcp (NETCONF over SSH), 945/tcp, 694/tcp (ha-cluster), 836/tcp, 988/tcp, 969/tcp, 864/tcp, 951/tcp, 243/tcp (Survey Measurement), 752/tcp (qrh), 594/tcp (TPIP), 824/tcp, 340/tcp, 313/tcp (Magenta Logic), 256/tcp (RAP), 541/tcp (uucp-rlogin), 687/tcp (asipregistry), 924/tcp, 656/tcp (SPMP), 365/tcp (DTK), 702/tcp (IRIS over BEEP), 279/tcp, 298/tcp, 375/tcp (Hassle), 245/tcp (LINK), 439/tcp (dasp      Thomas Obermair), 316/tcp (decAuth), 880/tcp, 188/tcp (Plus Five's MUMPS), 208/tcp (AppleTalk Unused), 801/tcp (device), 333/tcp (Texar Security Port), 494/tcp (POV-Ray), 902/tcp (self documenting Telnet Door), 182/tcp (Unisys Audit SITP), 818/tcp, 487/tcp (saft Simple Asynchronous File Transfer), 412/tcp (Trap Convention Port), 67/tcp (Bootstrap Protocol Server), 768/tcp, 730/tcp (IBM NetView DM/6000 send/tcp), 64/tcp (Communications Integrator (CI)), 532/tcp (readnews), 330/tcp, 990/tcp (ftp protocol, control, over TLS/SSL), 85/tcp (MIT ML Device), 797/tcp, 193/tcp (Spider Remote Monitoring Protocol), 688/tcp (ApplianceWare managment protocol), 603/tcp (IDXP), 984/tcp, 203/tcp (AppleTalk Unused), 786/tcp, 773/tcp (submit), 234/tcp, 882/tcp, 514/tcp (cmd), 912/tcp (APEX relay-relay service), 361/tcp (Semantix), 634/tcp (ginad), 445/tcp (Microsoft-DS), 586/tcp (Password Change), 45/tcp (Message Processing Module [recv]), 877/tcp, 579/tcp (decbsrv), 440/tcp (sgcp), 18/tcp (Message Send Protocol), 198/tcp (Directory Location Service Monitor), 160/tcp (SGMP-TRAPS), 596/tcp (SMSD), 139/tcp (NETBIOS Session Service), 548/tcp (AFP over TCP), 622/tcp (Collaborator), 55/tcp (ISI Graphics Language), 6/tcp, 788/tcp, 499/tcp (ISO ILL Protocol), 38/tcp (Route Access Protocol), 207/tcp (AppleTalk Unused), 436/tcp (DNA-CML), 30/tcp, 415/tcp (BNet), 500/tcp (isakmp), 257/tcp (Secure Electronic Transaction), 607/tcp (nqs), 821/tcp, 828/tcp (itm-mcell-s), 501/tcp (STMF), 883/tcp, 782/tcp, 408/tcp (Prospero Resource Manager Sys. Man.), 962/tcp, 614/tcp (SSLshell), 125/tcp (Locus PC-Interface Net Map Ser), 921/tcp, 764/tcp (omserv), 736/tcp, 750/tcp (rfile), 308/tcp (Novastor Backup), 236/tcp, 221/tcp (Berkeley rlogind with SPX auth), 556/tcp (rfs server), 755/tcp, 631/tcp (IPP (Internet Printing Protocol)), 493/tcp (Transport Independent Convergence for FNA), 763/tcp (cycleserv), 816/tcp, 560/tcp (rmonitord), 653/tcp (RepCmd), 926/tcp, 122/tcp (SMAKYNET), 769/tcp (vid), 957/tcp, 605/tcp (SOAP over BEEP), 24/tcp (any private mail system), 229/tcp, 511/tcp (PassGo), 456/tcp (macon-tcp), 172/tcp (Network Innovations CL/1), 128/tcp (GSS X License Verification), 726/tcp, 307/tcp, 175/tcp (VMNET), 286/tcp (FXP Communication), 897/tcp, 74/tcp (Remote Job Service), 295/tcp, 312/tcp (VSLMP), 911/tcp (xact-backup), 373/tcp (Legent Corporation), 354/tcp (bh611), 976/tcp, 262/tcp (Arcisdms), 866/tcp, 275/tcp, 689/tcp (NMAP), 471/tcp (Mondex), 283/tcp (rescap), 473/tcp (hybrid-pop), 167/tcp (NAMP), 367/tcp (MortgageWare), 31/tcp (MSG Authentication), 359/tcp (Network Security Risk Management Protocol), 170/tcp (Network PostScript), 869/tcp.
      
BHD Honeypot
Port scan
2021-02-15

In the last 24h, the attacker (89.248.170.114) attempted to scan 42 ports.
The following ports have been scanned: 131/tcp (cisco TNATIVE), 251/tcp, 240/tcp, 293/tcp, 669/tcp (MeRegister), 405/tcp (ncld), 311/tcp (AppleShare IP WebAdmin), 526/tcp (newdate), 3389/tcp (MS WBT Server), 400/tcp (Oracle Secure Backup), 374/tcp (Legent Corporation), 620/tcp (SCO WebServer Manager), 580/tcp (SNTP HEARTBEAT), 395/tcp (NetScout Control Protocol), 157/tcp (KNET/VM Command/Message Protocol), 303/tcp, 270/tcp, 95/tcp (SUPDUP), 137/tcp (NETBIOS Name Service), 384/tcp (A Remote Network Server System), 70/tcp (Gopher), 33390/tcp, 366/tcp (ODMR), 33389/tcp, 939/tcp, 920/tcp, 805/tcp, 585/tcp, 952/tcp, 135/tcp (DCE endpoint resolution), 249/tcp, 324/tcp, 213/tcp (IPX), 322/tcp (RTSPS), 625/tcp (DEC DLM), 527/tcp (Stock IXChange), 333/tcp (Texar Security Port), 64/tcp (Communications Integrator (CI)), 984/tcp, 198/tcp (Directory Location Service Monitor), 38/tcp (Route Access Protocol).
      
BHD Honeypot
Port scan
2021-02-14

In the last 24h, the attacker (89.248.170.114) attempted to scan 156 ports.
The following ports have been scanned: 4010/tcp (Samsung Unidex), 20597/tcp, 3589/tcp (isomair), 6500/tcp (BoKS Master), 4876/tcp, 3398/tcp (Mercantile), 48630/tcp, 7370/tcp, 47333/tcp, 63399/tcp, 4006/tcp (pxc-spvr), 30597/tcp, 3395/tcp (Dyna License Manager (Elam)), 63391/tcp, 33900/tcp, 59999/tcp, 1667/tcp (netview-aix-7), 46603/tcp, 31377/tcp, 8400/tcp (cvd), 2002/tcp (globe), 2052/tcp (clearVisn Services Port), 23391/tcp, 14920/tcp, 2197/tcp (MNP data exchange), 15000/tcp (Hypack Data Aquisition), 5020/tcp (zenginkyo-1), 43394/tcp, 7575/tcp, 8082/tcp (Utilistor (Client)), 3909/tcp (SurfControl CPA), 3404/tcp, 5003/tcp (FileMaker, Inc. - Proprietary transport), 7117/tcp, 32768/tcp (Filenet TMS), 4863/tcp, 20000/tcp (DNP), 46688/tcp, 61031/tcp, 2025/tcp (ellpack), 2066/tcp (AVM USB Remote Architecture), 6000/tcp (-6063/udp   X Window System), 21112/tcp, 49089/tcp, 6003/tcp, 10333/tcp, 3406/tcp (Nokia Announcement ch 2), 50003/tcp, 45674/tcp, 2068/tcp (Avocent AuthSrv Protocol), 9989/tcp, 22010/tcp, 2053/tcp (Lot105 DSuper Updates), 64485/tcp, 8389/tcp, 11001/tcp (Metasys), 49402/tcp, 59830/tcp, 9897/tcp, 15004/tcp, 100/tcp ([unauthorized use]), 523/tcp (IBM-DB2), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 5111/tcp (TAEP AS service), 63390/tcp, 12389/tcp, 2028/tcp (submitserver), 53390/tcp, 3384/tcp (Cluster Management Services), 33390/tcp, 5001/tcp (commplex-link), 3328/tcp (Eaglepoint License Manager), 50018/tcp, 33389/tcp, 43390/tcp, 33890/tcp, 2200/tcp (ICI), 7389/tcp, 5503/tcp (fcp-srvr-inst2), 8113/tcp, 51500/tcp, 7050/tcp, 3422/tcp (Remote USB System Port), 3030/tcp (Arepa Cas), 38304/tcp, 3371/tcp, 7328/tcp, 33893/tcp, 6060/tcp, 50020/tcp, 5021/tcp (zenginkyo-2), 16943/tcp, 3391/tcp (SAVANT), 6002/tcp, 57002/tcp, 55555/tcp, 3313/tcp (Unify Object Broker), 49548/tcp, 4004/tcp (pxc-roid), 8899/tcp (ospf-lite), 7300/tcp (-7359   The Swiss Exchange), 3355/tcp (Ordinox Dbase), 57983/tcp, 6566/tcp (SANE Control Port), 50013/tcp, 50021/tcp, 3501/tcp (iSoft-P2P), 41/tcp (Graphics), 4242/tcp, 63389/tcp, 8200/tcp (TRIVNET), 465/tcp (URL Rendesvous Directory for SSM), 2029/tcp (Hot Standby Router Protocol IPv6), 2004/tcp (mailbox), 250/tcp, 4500/tcp (IPsec NAT-Traversal), 4040/tcp (Yo.net main service), 9997/tcp (Palace-6), 9838/tcp, 32026/tcp, 4444/tcp (NV Video default), 63333/tcp, 49246/tcp, 33891/tcp, 4390/tcp (Physical Access Control), 3370/tcp, 63199/tcp, 13395/tcp, 7326/tcp, 22335/tcp, 4858/tcp, 4245/tcp, 4073/tcp (iRAPP Server Protocol), 2997/tcp (REBOL), 3999/tcp (Norman distributes scanning service), 47047/tcp, 54545/tcp, 2003/tcp (Brutus Server), 3397/tcp (Cloanto License Manager), 2046/tcp (sdfunc), 4835/tcp, 60200/tcp, 55515/tcp, 4243/tcp, 3382/tcp (Fujitsu Network Enhanced Antitheft function), 21752/tcp, 25564/tcp, 4007/tcp (pxc-splr), 54321/tcp, 8022/tcp (oa-system), 5501/tcp (fcp-addr-srvr2), 30099/tcp, 2019/tcp (whosockami), 63395/tcp.
      
BHD Honeypot
Port scan
2021-02-13

In the last 24h, the attacker (89.248.170.114) attempted to scan 310 ports.
The following ports have been scanned: 50016/tcp, 6689/tcp (Tofino Security Appliance), 15599/tcp, 7210/tcp, 24481/tcp, 10010/tcp (ooRexx rxapi services), 9005/tcp, 6500/tcp (BoKS Master), 4876/tcp, 39104/tcp, 21992/tcp, 2012/tcp (ttyinfo), 5100/tcp (Socalia service mux), 33396/tcp, 47612/tcp, 49595/tcp, 3489/tcp (DTP/DIA), 33896/tcp, 3396/tcp (Printer Agent), 9000/tcp (CSlistener), 7370/tcp, 12743/tcp, 9876/tcp (Session Director), 17175/tcp, 49266/tcp, 9090/tcp (WebSM), 61035/tcp, 7100/tcp (X Font Service), 7658/tcp, 4400/tcp (ASIGRA Services), 4006/tcp (pxc-spvr), 30597/tcp, 49073/tcp, 54323/tcp, 7200/tcp (FODMS FLIP), 60001/tcp, 1667/tcp (netview-aix-7), 10070/tcp, 58089/tcp, 4002/tcp (pxc-spvr-ft), 46523/tcp, 2165/tcp (X-Bone API), 38328/tcp, 31377/tcp, 48348/tcp, 3377/tcp (Cogsys Network License Manager), 3403/tcp, 2002/tcp (globe), 9833/tcp, 9836/tcp, 9001/tcp (ETL Service Manager), 3383/tcp (Enterprise Software Products License Manager), 6052/tcp, 14920/tcp, 6056/tcp, 21223/tcp, 7778/tcp (Interwise), 15000/tcp (Hypack Data Aquisition), 5020/tcp (zenginkyo-1), 43394/tcp, 47393/tcp, 7575/tcp, 8393/tcp, 4455/tcp (PR Chat User), 53065/tcp, 8082/tcp (Utilistor (Client)), 8933/tcp, 6666/tcp, 8090/tcp, 20001/tcp (MicroSAN), 60922/tcp, 7070/tcp (ARCP), 7117/tcp, 3387/tcp (Back Room Net), 20005/tcp (OpenWebNet protocol for electric network), 10003/tcp (EMC-Documentum Content Server Product), 5200/tcp (TARGUS GetData), 3369/tcp, 13390/tcp, 21540/tcp, 2050/tcp (Avaya EMB Config Port), 46688/tcp, 4088/tcp (Noah Printing Service Protocol), 22425/tcp, 61031/tcp, 2025/tcp (ellpack), 4560/tcp, 2066/tcp (AVM USB Remote Architecture), 3339/tcp (OMF data l), 7739/tcp, 6000/tcp (-6063/udp   X Window System), 3379/tcp (SOCORFS), 49089/tcp, 6003/tcp, 10333/tcp, 9998/tcp (Distinct32), 5505/tcp (Checkout Database), 50003/tcp, 48915/tcp, 2068/tcp (Avocent AuthSrv Protocol), 16705/tcp, 41380/tcp, 38308/tcp, 9989/tcp, 9391/tcp, 33965/tcp, 25288/tcp, 23390/tcp, 4060/tcp (DSMETER Inter-Agent Transfer Channel), 47046/tcp, 6969/tcp (acmsoda), 48117/tcp, 11111/tcp (Viral Computing Environment (VCE)), 40060/tcp, 50001/tcp, 11000/tcp (IRISA), 8100/tcp (Xprint Server), 5011/tcp (TelepathAttack), 4000/tcp (Terabase), 64734/tcp, 61030/tcp, 4567/tcp (TRAM), 2055/tcp (Iliad-Odyssey Protocol), 49402/tcp, 6012/tcp, 16389/tcp, 10001/tcp (SCP Configuration), 9897/tcp, 15004/tcp, 43392/tcp, 100/tcp ([unauthorized use]), 47048/tcp, 9416/tcp, 3386/tcp (GPRS Data), 8001/tcp (VCOM Tunnel), 31373/tcp, 2064/tcp (ICG IP Relay Port), 8006/tcp, 7500/tcp (Silhouette User), 5111/tcp (TAEP AS service), 3311/tcp (MCNS Tel Ret), 2028/tcp (submitserver), 53390/tcp, 5006/tcp (wsm server), 5050/tcp (multimedia conference control tool), 33390/tcp, 38383/tcp, 46490/tcp, 50011/tcp, 888/tcp (CD Database Protocol), 3401/tcp (filecast), 20004/tcp, 22285/tcp, 4200/tcp (-4299  VRML Multi User Systems), 43390/tcp, 33890/tcp, 2040/tcp (lam), 49412/tcp, 3600/tcp (text relay-answer), 6390/tcp (MetaEdit+ WebService API), 3392/tcp (EFI License Management), 13713/tcp, 7389/tcp, 33392/tcp, 42007/tcp, 61033/tcp, 8009/tcp, 33063/tcp, 3351/tcp (Btrieve port), 9922/tcp, 3394/tcp (D2K Tapestry Server to Server), 3220/tcp (XML NM over SSL), 8113/tcp, 51500/tcp, 7250/tcp, 7772/tcp, 51537/tcp, 53973/tcp, 7050/tcp, 33789/tcp, 3422/tcp (Remote USB System Port), 38304/tcp, 21271/tcp, 3371/tcp, 20003/tcp (Commtact HTTPS), 7328/tcp, 33893/tcp, 1001/tcp, 6060/tcp, 24267/tcp, 16943/tcp, 4999/tcp (HyperFileSQL Client/Server Database Engine Manager), 53392/tcp, 55980/tcp, 6002/tcp, 3888/tcp (Ciphire Services), 47753/tcp, 5110/tcp, 57002/tcp, 5558/tcp, 60003/tcp, 33003/tcp, 2051/tcp (EPNSDP), 60210/tcp, 43393/tcp, 16349/tcp, 49548/tcp, 20009/tcp, 4004/tcp (pxc-roid), 9010/tcp (Secure Data Replicator Protocol), 4020/tcp (TRAP Port), 3355/tcp (Ordinox Dbase), 57983/tcp, 6059/tcp, 6789/tcp (SMC-HTTPS), 48102/tcp, 2070/tcp (AH and ESP Encapsulated in UDP packet), 4242/tcp, 2501/tcp (Resource Tracking system client), 7748/tcp, 20011/tcp, 465/tcp (URL Rendesvous Directory for SSM), 25001/tcp (icl-twobase2), 7095/tcp, 2029/tcp (Hot Standby Router Protocol IPv6), 20135/tcp, 4942/tcp (Equitrac Office), 5002/tcp (radio free ethernet), 5550/tcp, 250/tcp, 4568/tcp (BMC Reporting), 2062/tcp (ICG SWP Port), 5494/tcp, 4040/tcp (Yo.net main service), 2827/tcp (slc ctrlrloops), 13392/tcp, 9997/tcp (Palace-6), 1234/tcp (Infoseek Search Agent), 9838/tcp, 40000/tcp (SafetyNET p), 43389/tcp, 4389/tcp (Xandros Community Management Service), 33892/tcp, 8010/tcp, 32026/tcp, 20002/tcp (Commtact HTTP), 7777/tcp (cbt), 49999/tcp, 33891/tcp, 7020/tcp (DP Serve), 4390/tcp (Physical Access Control), 3333/tcp (DEC Notes), 6389/tcp (clariion-evr01), 9837/tcp, 4489/tcp, 21828/tcp, 45454/tcp, 7001/tcp (callbacks to cache managers), 9004/tcp, 9832/tcp, 7016/tcp, 3402/tcp (FXa Engine Network Port), 29292/tcp, 13395/tcp, 33391/tcp, 34567/tcp (dhanalakshmi.org EDI Service), 8007/tcp, 7326/tcp, 2048/tcp (dls-monitor), 22874/tcp, 22335/tcp, 4858/tcp, 25000/tcp (icl-twobase1), 4073/tcp (iRAPP Server Protocol), 4565/tcp, 2929/tcp (AMX-WEBADMIN), 5500/tcp (fcp-addr-srvr1), 4011/tcp (Alternate Service Boot), 60430/tcp, 3420/tcp (iFCP User Port), 2003/tcp (Brutus Server), 33901/tcp, 3397/tcp (Cloanto License Manager), 2046/tcp (sdfunc), 3399/tcp (CSMS), 50010/tcp, 30025/tcp, 6051/tcp, 21752/tcp, 22345/tcp, 4566/tcp (Kids Watch Time Control Service), 54321/tcp, 8022/tcp (oa-system), 5501/tcp (fcp-addr-srvr2), 9834/tcp, 6108/tcp (Sercomm-SCAdmin), 5300/tcp (HA cluster heartbeat), 30099/tcp, 4050/tcp (Wide Area File Services), 21279/tcp, 60585/tcp.
      
BHD Honeypot
Port scan
2021-02-12

Port scan from IP: 89.248.170.114 detected by psad.

Blacklist

Near real-time, easy to use data feed containing IPs reported on our website.

Bronze

$3

Updated daily

Learn More

Silver

$15

Updated every hour

Learn More

Gold

$30

Updated every 10 minutes

Learn More

Remarks

Black hat directory contains this IP address, because Internet users reported it as an address making unsolicited, nagging requests. We make every effort to ensure that the information contained in the Black hat directory are correct and up to date. The database is developed and updated by Internet users and moderators.

If you have any reliable information regarding malicious activity originating from this IP address, please share it with others and fill in the 'Report breach' form. It is prohibited from adding personally identifiable information.

Below breach categories are used in the database:

  • Denial of service attack - this attack is accomplished by flooding the target with massive amount of requests in order to overload the targeted system
  • Brute force attack - this category encompasses attempts to login to machine by trying many passwords and usernames
  • Backdoor attack - this category represents bypassing authentication by hidden programs or services to obtain remote access to a computer or trojan activity
  • Port scan - represents attackers identifying running services on the targeted machine by probing a server for open ports
  • Malicious bot - this category encompasses all bots performing unsolicited requests or ignoring robots.txt file
  • Anonymous proxy - public proxies like Tor, I2P relays or anonymous VPNs are often used by attacker to hide his identity
  • Web attack - attempts to exploit web application security flaws
  • CMS attack - attempts to exploit CMS vulnerability
  • App vulnerability attack - attempts to exploit other applications vulnerability
  • Web spam - encompasses all kind of HTTP spamming
  • Email spam - encompasses all kind of E-mail spamming
  • Dodgy activity - this category encompasses superfluous, dodgy requests

Similar hosts

Hosts with the same ASN

Emerging threats

The most commonly reported IP addresses in the last 24 hours

Report breach!

Rate host 89.248.170.114