IP address: 92.119.160.141

Host rating:

2.0

out of 65 votes

Last update: 2019-11-12

Host details

Unknown
Russia
Unknown
Unknown
See comments

Reported breaches

  • Port scan
Report breach

Whois record

The publicly-available Whois record found at whois.ripe.net server.

% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
%       To receive output for a database update, use the "-B" flag.

% Information related to '92.119.160.0 - 92.119.160.255'

% Abuse contact for '92.119.160.0 - 92.119.160.255' is '[email protected]'

inetnum:        92.119.160.0 - 92.119.160.255
netname:        RU-INFOTECH-20190313
country:        RU
org:            ORG-ITL54-RIPE
admin-c:        LD5832-RIPE
tech-c:         LD5832-RIPE
status:         ASSIGNED PA
mnt-by:         IP-RIPE
mnt-routes:     MNT-SELECTEL
created:        2019-03-13T10:32:36Z
last-modified:  2019-04-08T18:56:11Z
source:         RIPE

% Information related to '92.119.160.0/24AS49505'

route:          92.119.160.0/24
descr:          Selectel Customer
origin:         AS49505
mnt-by:         MNT-SELECTEL
created:        2019-03-13T14:26:56Z
last-modified:  2019-03-13T14:26:56Z
source:         RIPE

% This query was served by the RIPE Database Query Service version 1.96 (ANGUS)


User comments

65 security incident(s) reported by users

BHD Honeypot
Port scan
2019-11-12

In the last 24h, the attacker (92.119.160.141) attempted to scan 57 ports.
The following ports have been scanned: 3398/tcp (Mercantile), 3396/tcp (Printer Agent), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 13389/tcp, 3401/tcp (filecast), 33389/tcp, 3393/tcp (D2K Tapestry Client to Server), 3392/tcp (EFI License Management), 3394/tcp (D2K Tapestry Server to Server), 3391/tcp (SAVANT), 3400/tcp (CSMS2), 63389/tcp, 43389/tcp, 3397/tcp (Cloanto License Manager), 53389/tcp, 3399/tcp (CSMS).
      
BHD Honeypot
Port scan
2019-11-12

Port scan from IP: 92.119.160.141 detected by psad.
BHD Honeypot
Port scan
2019-10-19

In the last 24h, the attacker (92.119.160.141) attempted to scan 77 ports.
The following ports have been scanned: 3398/tcp (Mercantile), 3396/tcp (Printer Agent), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 60006/tcp, 13389/tcp, 1995/tcp (cisco perf port), 13390/tcp, 222/tcp (Berkeley rshd with SPX auth), 60000/tcp, 3401/tcp (filecast), 33389/tcp, 3393/tcp (D2K Tapestry Client to Server), 8003/tcp (Mulberry Connect Reporting Service), 3392/tcp (EFI License Management), 62126/tcp, 3394/tcp (D2K Tapestry Server to Server), 3391/tcp (SAVANT), 23389/tcp, 3400/tcp (CSMS2), 22645/tcp, 63389/tcp, 9389/tcp (Active Directory Web Services), 43389/tcp, 8010/tcp, 6389/tcp (clariion-evr01), 1023/tcp, 333/tcp (Texar Security Port), 7501/tcp (HP OpenView Bus Daemon), 3397/tcp (Cloanto License Manager), 53389/tcp, 3399/tcp (CSMS), 7010/tcp (onlinet uninterruptable power supplies).
      
BHD Honeypot
Port scan
2019-10-18

In the last 24h, the attacker (92.119.160.141) attempted to scan 304 ports.
The following ports have been scanned: 55389/tcp, 1993/tcp (cisco SNMP TCP port), 19833/tcp, 1954/tcp (ABR-API (diskbridge)), 56588/tcp, 10005/tcp (EMC Replication Manager Server), 6001/tcp, 9990/tcp (OSM Applet Server), 18828/tcp, 1999/tcp (cisco identification port), 33395/tcp, 3305/tcp (ODETTE-FTP), 8088/tcp (Radan HTTP), 2005/tcp (berknet), 39130/tcp, 555/tcp (dsf), 1991/tcp (cisco STUN Priority 2 port), 2012/tcp (ttyinfo), 33396/tcp, 62667/tcp, 33896/tcp, 30101/tcp, 8021/tcp (Intuit Entitlement Client), 9876/tcp (Session Director), 30004/tcp, 60007/tcp, 21815/tcp, 20008/tcp, 9090/tcp (WebSM), 526/tcp (newdate), 13579/tcp, 65001/tcp, 42014/tcp, 20600/tcp, 1012/tcp, 9006/tcp, 30801/tcp, 20345/tcp, 33900/tcp, 59999/tcp, 8011/tcp, 5999/tcp (CVSup), 3303/tcp (OP Session Client), 34890/tcp, 29637/tcp, 3208/tcp (PFU PR Callback), 4002/tcp (pxc-spvr-ft), 56767/tcp, 60006/tcp, 53694/tcp, 2013/tcp (raid-am), 56224/tcp, 2001/tcp (dc), 30071/tcp, 9833/tcp, 30000/tcp, 2011/tcp (raid), 1186/tcp (MySQL Cluster Manager), 11112/tcp (DICOM), 15000/tcp (Hypack Data Aquisition), 17896/tcp, 7077/tcp, 10009/tcp (Systemwalker Desktop Patrol), 7272/tcp (WatchMe Monitoring 7272), 8933/tcp, 1071/tcp (BSQUARE-VOIP), 5872/tcp, 6778/tcp, 20001/tcp (MicroSAN), 22446/tcp, 16556/tcp, 9898/tcp (MonkeyCom), 5200/tcp (TARGUS GetData), 10008/tcp (Octopus Multiplexer), 36501/tcp, 1988/tcp (cisco RSRB Priority 2 port), 3103/tcp (Autocue SMI Protocol), 33103/tcp, 9375/tcp, 999/tcp (puprouter), 1998/tcp (cisco X.25 service (XOT)), 7889/tcp, 5505/tcp (Checkout Database), 30330/tcp, 1982/tcp (Evidentiary Timestamp), 60000/tcp, 9989/tcp, 3000/tcp (RemoteWare Client), 30986/tcp, 16303/tcp, 3302/tcp (MCS Fastmail), 1231/tcp (menandmice-lpm), 1020/tcp, 8050/tcp, 2009/tcp (news), 8389/tcp, 1976/tcp (TCO Reg Agent), 11000/tcp (IRISA), 843/tcp, 8089/tcp, 4000/tcp (Terabase), 28700/tcp, 9960/tcp, 1472/tcp (csdm), 9996/tcp (Palace-5), 1060/tcp (POLESTAR), 9091/tcp (xmltec-xmlmail), 10001/tcp (SCP Configuration), 33/tcp (Display Support Protocol), 8001/tcp (VCOM Tunnel), 777/tcp (Multiling HTTP), 8006/tcp, 18184/tcp (OPSEC LEA), 4310/tcp (Mir-RT exchange service), 2806/tcp (cspuni), 17738/tcp, 3310/tcp (Dyna Access), 2017/tcp (cypress-stat), 33390/tcp, 10389/tcp, 888/tcp (CD Database Protocol), 33895/tcp, 4200/tcp (-4299  VRML Multi User Systems), 33389/tcp, 33000/tcp, 33898/tcp, 10007/tcp (MVS Capacity), 7389/tcp, 1959/tcp (SIMP Channel), 20439/tcp, 33392/tcp, 3001/tcp, 23747/tcp, 15450/tcp, 3351/tcp (Btrieve port), 2016/tcp (bootserver), 3276/tcp (Maxim ASICs), 36769/tcp, 44/tcp (MPM FLAGS Protocol), 9008/tcp (Open Grid Services Server), 33397/tcp, 33150/tcp, 10012/tcp, 7772/tcp, 21217/tcp, 18833/tcp, 33789/tcp, 21231/tcp, 8283/tcp, 33090/tcp, 2828/tcp (ITM License Manager), 6060/tcp, 50020/tcp, 7776/tcp, 3353/tcp (FATPIPE), 10100/tcp (VERITAS ITAP DDTP), 1950/tcp (ISMA Easdaq Test), 1010/tcp (surf), 8002/tcp (Teradata ORDBMS), 7002/tcp (users & groups database), 15385/tcp, 16888/tcp, 10051/tcp (Zabbix Trapper), 1953/tcp (Rapid Base), 14278/tcp, 3413/tcp (SpecView Networking), 444/tcp (Simple Network Paging Protocol), 5557/tcp (Sandlab FARENET), 2015/tcp (cypress), 2770/tcp (Veronica), 55555/tcp, 5566/tcp (Westec Connect), 22422/tcp, 3047/tcp (Fast Security HL Server), 3400/tcp (CSMS2), 55668/tcp, 33386/tcp, 4020/tcp (TRAP Port), 33089/tcp, 1008/tcp, 5630/tcp (PreciseCommunication), 3003/tcp (CGMS), 3362/tcp (DJ ILM), 1005/tcp, 8200/tcp (TRIVNET), 42114/tcp, 1992/tcp (IPsendmsg), 5551/tcp, 11798/tcp, 8030/tcp, 1007/tcp, 2004/tcp (mailbox), 9389/tcp (Active Directory Web Services), 26622/tcp, 10/tcp, 1013/tcp, 963/tcp, 15351/tcp, 43389/tcp, 4389/tcp (Xandros Community Management Service), 33892/tcp, 8010/tcp, 1111/tcp (LM Social Server), 4009/tcp (Chimera HWM), 2008/tcp (conf), 7789/tcp (Office Tools Pro Receive), 60100/tcp, 7777/tcp (cbt), 30005/tcp, 33897/tcp, 2626/tcp (gbjd816), 33891/tcp, 1023/tcp, 1011/tcp, 50019/tcp, 10102/tcp (eZproxy), 9004/tcp, 9832/tcp, 3366/tcp (Creative Partner), 33391/tcp, 44444/tcp, 5632/tcp (pcANYWHEREstat), 2018/tcp (terminaldb), 1989/tcp (MHSnet system), 5389/tcp, 25482/tcp, 19006/tcp, 10000/tcp (Network Data Management Protocol), 2020/tcp (xinupageserver), 3365/tcp (Content Server), 3342/tcp (WebTIE), 3999/tcp (Norman distributes scanning service), 15201/tcp, 15945/tcp, 3301/tcp, 1951/tcp (bcs-lmserver), 13572/tcp, 33899/tcp, 1987/tcp (cisco RSRB Priority 1 port), 5559/tcp, 8004/tcp, 33333/tcp (Digital Gaslight Service), 16065/tcp, 33393/tcp, 1528/tcp, 33889/tcp, 21986/tcp, 53389/tcp, 9002/tcp (DynamID authentication), 55/tcp (ISI Graphics Language), 1952/tcp (mpnjsc), 4862/tcp, 19666/tcp, 9999/tcp (distinct), 13398/tcp, 39527/tcp, 3500/tcp (RTMP Port), 3319/tcp (SDT License Manager), 4005/tcp (pxc-pin), 33894/tcp, 55678/tcp, 33602/tcp, 20089/tcp, 3322/tcp (-3325  Active Networks).
      
BHD Honeypot
Port scan
2019-10-17

In the last 24h, the attacker (92.119.160.141) attempted to scan 271 ports.
The following ports have been scanned: 2266/tcp (M-Files Server), 55389/tcp, 36577/tcp, 19833/tcp, 3589/tcp (isomair), 3305/tcp (ODETTE-FTP), 5188/tcp, 6669/tcp, 50099/tcp, 43786/tcp, 2012/tcp (ttyinfo), 1000/tcp (cadlock2), 2222/tcp (EtherNet/IP I/O), 53393/tcp, 3396/tcp (Printer Agent), 20008/tcp, 13579/tcp, 4400/tcp (ASIGRA Services), 4006/tcp (pxc-spvr), 42014/tcp, 3321/tcp (VNSSTR), 1003/tcp, 20600/tcp, 9006/tcp, 7788/tcp, 33900/tcp, 59999/tcp, 1667/tcp (netview-aix-7), 50015/tcp, 3303/tcp (OP Session Client), 33189/tcp, 6838/tcp, 34890/tcp, 1956/tcp (Vertel VMF DS), 53694/tcp, 8935/tcp, 13389/tcp, 3344/tcp (BNT Manager), 22053/tcp, 2011/tcp (raid), 52389/tcp, 4545/tcp (WorldScores), 34577/tcp, 3343/tcp (MS Cluster Net), 9001/tcp (ETL Service Manager), 23007/tcp, 3383/tcp (Enterprise Software Products License Manager), 1994/tcp (cisco serial tunnel port), 7778/tcp (Interwise), 5555/tcp (Personal Agent), 15000/tcp (Hypack Data Aquisition), 4405/tcp (ASIGRA Televaulting Message Level Restore service), 6666/tcp, 6778/tcp, 22446/tcp, 5003/tcp (FileMaker, Inc. - Proprietary transport), 1118/tcp (SACRED), 4488/tcp (Apple Wide Area Connectivity Service ICE Bootstrap), 3387/tcp (Back Room Net), 9898/tcp (MonkeyCom), 5589/tcp, 54389/tcp, 8866/tcp, 13390/tcp, 11965/tcp, 4469/tcp, 44890/tcp, 36501/tcp, 3103/tcp (Autocue SMI Protocol), 45600/tcp, 110/tcp (Post Office Protocol - Version 3), 20037/tcp, 6003/tcp, 4001/tcp (NewOak), 5505/tcp (Checkout Database), 8521/tcp, 50003/tcp, 20020/tcp, 22319/tcp, 23390/tcp, 99/tcp (Metagram Relay), 3302/tcp (MCS Fastmail), 1990/tcp (cisco STUN Priority 1 port), 4012/tcp (PDA Gate), 26524/tcp, 50001/tcp, 50505/tcp, 8989/tcp (Sun Web Server SSL Admin Service), 28700/tcp, 50002/tcp, 53394/tcp, 1060/tcp (POLESTAR), 1971/tcp (NetOp School), 5016/tcp, 4576/tcp, 5556/tcp (Freeciv gameplay), 5769/tcp (x509solutions Internal CA), 1080/tcp (Socks), 33101/tcp, 3080/tcp (stm_pproc), 55588/tcp, 55655/tcp, 42462/tcp, 4546/tcp (SF License Manager (Sentinel)), 12389/tcp, 3311/tcp (MCNS Tel Ret), 51000/tcp, 4310/tcp (Mir-RT exchange service), 53390/tcp, 17738/tcp, 5050/tcp (multimedia conference control tool), 5001/tcp (commplex-link), 1122/tcp (availant-mgr), 33895/tcp, 10088/tcp, 4330/tcp, 5005/tcp (RTP control protocol [RFC 3551][RFC 4571]), 4200/tcp (-4299  VRML Multi User Systems), 43390/tcp, 33890/tcp, 53391/tcp, 9296/tcp, 33898/tcp, 5000/tcp (commplex-main), 20439/tcp, 2137/tcp (CONNECT), 3001/tcp, 1957/tcp (unix-status), 3276/tcp (Maxim ASICs), 36769/tcp, 9008/tcp (Open Grid Services Server), 18833/tcp, 1188/tcp (HP Web Admin), 4445/tcp (UPNOTIFYP), 4101/tcp (Braille protocol), 9527/tcp, 8283/tcp, 33893/tcp, 2888/tcp (SPCSDLOBBY), 4003/tcp (pxc-splr-ft), 2828/tcp (ITM License Manager), 50020/tcp, 6834/tcp, 1970/tcp (NetOp Remote Control), 3300/tcp, 16888/tcp, 23389/tcp, 10051/tcp (Zabbix Trapper), 14278/tcp, 5557/tcp (Sandlab FARENET), 2015/tcp (cypress), 55555/tcp, 5566/tcp (Westec Connect), 3313/tcp (Unify Object Broker), 55668/tcp, 4004/tcp (pxc-roid), 5455/tcp (APC 5455), 3338/tcp (OMF data b), 1969/tcp (LIPSinc 1), 5588/tcp, 1008/tcp, 4120/tcp, 5630/tcp (PreciseCommunication), 4242/tcp, 3003/tcp (CGMS), 1005/tcp, 42114/tcp, 18888/tcp (APCNECMP), 2014/tcp (troff), 2022/tcp (down), 2004/tcp (mailbox), 5002/tcp (radio free ethernet), 22281/tcp, 12345/tcp (Italk Chat System), 3381/tcp (Geneous), 1234/tcp (Infoseek Search Agent), 4194/tcp, 40000/tcp (SafetyNET p), 50000/tcp, 43389/tcp, 4125/tcp (Opsview Envoy), 33897/tcp, 2626/tcp (gbjd816), 4444/tcp (NV Video default), 33891/tcp, 53388/tcp, 6389/tcp (clariion-evr01), 22777/tcp, 1011/tcp, 3334/tcp (Direct TV Webcasting), 57035/tcp, 66/tcp (Oracle SQL*NET), 11/tcp (Active Users), 9004/tcp, 50380/tcp, 9832/tcp, 5004/tcp (RTP media data [RFC 3551][RFC 4571]), 6699/tcp, 15001/tcp, 23440/tcp, 4590/tcp (RID over HTTP/TLS), 44444/tcp, 2048/tcp (dls-monitor), 4430/tcp (REAL SQL Server), 4565/tcp, 33839/tcp, 2020/tcp (xinupageserver), 15201/tcp, 13572/tcp, 33899/tcp, 333/tcp (Texar Security Port), 5500/tcp (fcp-addr-srvr1), 5559/tcp, 5012/tcp (NetOnTap Service), 9003/tcp, 8425/tcp, 50010/tcp, 4862/tcp, 4243/tcp, 3382/tcp (Fujitsu Network Enhanced Antitheft function), 5612/tcp, 13398/tcp, 39527/tcp, 8189/tcp, 54321/tcp, 2019/tcp (whosockami), 2021/tcp (servexec), 33602/tcp, 44443/tcp, 35589/tcp, 20089/tcp, 1107/tcp (ISOIPSIGPORT-2).
      
BHD Honeypot
Port scan
2019-10-16

In the last 24h, the attacker (92.119.160.141) attempted to scan 207 ports.
The following ports have been scanned: 6689/tcp (Tofino Security Appliance), 1993/tcp (cisco SNMP TCP port), 1954/tcp (ABR-API (diskbridge)), 6001/tcp, 8088/tcp (Radan HTTP), 2005/tcp (berknet), 26367/tcp, 555/tcp (dsf), 31089/tcp, 6011/tcp, 50099/tcp, 1000/tcp (cadlock2), 9900/tcp (IUA), 9000/tcp (CSlistener), 20151/tcp, 30101/tcp, 8181/tcp, 1958/tcp (CA Administration Daemon), 3323/tcp, 4006/tcp (pxc-spvr), 3390/tcp (Distributed Service Coordinator), 1003/tcp, 60001/tcp, 3409/tcp (NetworkLens Event Port), 1979/tcp (UniSQL Java), 50015/tcp, 29637/tcp, 3208/tcp (PFU PR Callback), 8990/tcp (webmail HTTP service), 2001/tcp (dc), 3403/tcp, 1186/tcp (MySQL Cluster Manager), 9986/tcp, 3343/tcp (MS Cluster Net), 9001/tcp (ETL Service Manager), 8933/tcp, 3404/tcp, 16556/tcp, 1118/tcp (SACRED), 23605/tcp, 1004/tcp, 3369/tcp, 8866/tcp, 60004/tcp, 1985/tcp (Hot Standby Router Protocol), 11965/tcp, 999/tcp (puprouter), 6580/tcp (Parsec Masterserver), 45600/tcp, 3379/tcp (SOCORFS), 1978/tcp (UniSQL), 6003/tcp, 3406/tcp (Nokia Announcement ch 2), 20020/tcp, 65463/tcp, 22319/tcp, 3405/tcp (Nokia Announcement ch 1), 3535/tcp (MS-LA), 6969/tcp (acmsoda), 8060/tcp, 10020/tcp, 11111/tcp (Viral Computing Environment (VCE)), 11000/tcp (IRISA), 4000/tcp (Terabase), 8989/tcp (Sun Web Server SSL Admin Service), 27910/tcp, 4576/tcp, 5556/tcp (Freeciv gameplay), 27993/tcp, 60002/tcp, 12264/tcp, 3386/tcp (GPRS Data), 33/tcp (Display Support Protocol), 3385/tcp (qnxnetman), 777/tcp (Multiling HTTP), 3456/tcp (VAT default data), 3384/tcp (Cluster Management Services), 2017/tcp (cypress-stat), 1122/tcp (availant-mgr), 888/tcp (CD Database Protocol), 3401/tcp (filecast), 10088/tcp, 33000/tcp, 55212/tcp, 1959/tcp (SIMP Channel), 62126/tcp, 22389/tcp, 1957/tcp (unix-status), 3411/tcp (BioLink Authenteon server), 44/tcp (MPM FLAGS Protocol), 10012/tcp, 22300/tcp, 1188/tcp (HP Web Admin), 1962/tcp (BIAP-MP), 26001/tcp, 1001/tcp, 6060/tcp, 10018/tcp, 3353/tcp (FATPIPE), 3391/tcp (SAVANT), 81/tcp, 3300/tcp, 6002/tcp, 23389/tcp, 23398/tcp, 2770/tcp (Veronica), 60003/tcp, 3047/tcp (Fast Security HL Server), 1968/tcp (LIPSinc), 666/tcp (doom Id Software), 3400/tcp (CSMS2), 3340/tcp (OMF data m), 1972/tcp (Cache), 4020/tcp (TRAP Port), 9966/tcp (OKI Data Network Setting Protocol), 3355/tcp (Ordinox Dbase), 5455/tcp (APC 5455), 1974/tcp (DRP), 10555/tcp, 1980/tcp (PearlDoc XACT), 3350/tcp (FINDVIATV), 6789/tcp (SMC-HTTPS), 1961/tcp (BTS APPSERVER), 22645/tcp, 3362/tcp (DJ ILM), 8200/tcp (TRIVNET), 55001/tcp, 18888/tcp (APCNECMP), 1151/tcp (Unizensus Login Server), 3325/tcp, 26622/tcp, 22281/tcp, 53000/tcp, 3360/tcp (KV Server), 1111/tcp (LM Social Server), 60100/tcp, 8091/tcp (Jam Link Framework), 7072/tcp, 7000/tcp (file server itself), 21200/tcp, 4489/tcp, 1984/tcp (BB), 3334/tcp (Direct TV Webcasting), 50019/tcp, 7001/tcp (callbacks to cache managers), 3839/tcp (AMX Resource Management Suite), 3402/tcp (FXa Engine Network Port), 33079/tcp, 3341/tcp (OMF data h), 23440/tcp, 5632/tcp (pcANYWHEREstat), 3365/tcp (Content Server), 3342/tcp (WebTIE), 1973/tcp (Data Link Switching Remote Access Protocol), 3999/tcp (Norman distributes scanning service), 15945/tcp, 25888/tcp, 5500/tcp (fcp-addr-srvr1), 4011/tcp (Alternate Service Boot), 2003/tcp (Brutus Server), 4122/tcp (Fiber Patrol Alarm Service), 9002/tcp (DynamID authentication), 3399/tcp (CSMS), 2210/tcp (NOAAPORT Broadcast Network), 9991/tcp (OSM Event Server), 55/tcp (ISI Graphics Language), 1952/tcp (mpnjsc), 10114/tcp (NetIQ Qcheck), 8085/tcp, 2010/tcp (search), 2000/tcp (Cisco SCCP), 1955/tcp (ABR-Secure Data (diskbridge)), 4050/tcp (Wide Area File Services), 3322/tcp (-3325  Active Networks).
      
BHD Honeypot
Port scan
2019-10-15

Port scan from IP: 92.119.160.141 detected by psad.
BHD Honeypot
Port scan
2019-10-07

In the last 24h, the attacker (92.119.160.141) attempted to scan 46 ports.
The following ports have been scanned: 7004/tcp (AFS/Kerberos authentication service), 65006/tcp, 5891/tcp, 18689/tcp, 5013/tcp (FileMaker, Inc. - Proprietary transport), 3727/tcp (Ericsson Mobile Data Unit), 53101/tcp, 45645/tcp, 6869/tcp, 2580/tcp (Tributary), 6666/tcp, 6208/tcp, 1978/tcp (UniSQL), 3406/tcp (Nokia Announcement ch 2), 56392/tcp, 76/tcp (Distributed External Object Store), 7654/tcp, 4988/tcp (SMAR Ethernet Port 2), 7742/tcp (Mugginsoft Script Server Service), 65013/tcp, 64223/tcp, 49998/tcp, 1200/tcp (SCOL), 43457/tcp, 12004/tcp (IBM Enterprise Extender SNA COS Low Priority), 8245/tcp, 33405/tcp, 9531/tcp, 4526/tcp, 6551/tcp (Software Update Manager), 8901/tcp (JMB-CDS 2), 7327/tcp, 62458/tcp, 7058/tcp, 53388/tcp, 65501/tcp, 55123/tcp, 7883/tcp, 6150/tcp, 2608/tcp (Wag Service), 4064/tcp (Ice Firewall Traversal Service (SSL)), 3250/tcp (HMS hicp port), 43434/tcp, 2000/tcp (Cisco SCCP).
      
BHD Honeypot
Port scan
2019-10-06

In the last 24h, the attacker (92.119.160.141) attempted to scan 309 ports.
The following ports have been scanned: 6520/tcp, 2420/tcp (DSL Remote Management), 44389/tcp, 2525/tcp (MS V-Worlds), 15156/tcp, 7004/tcp (AFS/Kerberos authentication service), 6530/tcp, 53132/tcp, 4468/tcp, 19168/tcp, 4356/tcp (QSNet Assistant), 24444/tcp, 3123/tcp (EDI Translation Protocol), 8310/tcp, 47651/tcp, 15647/tcp, 9096/tcp, 6011/tcp, 8500/tcp (Flight Message Transfer Protocol), 9900/tcp (IUA), 22003/tcp (Opto Host Port 3), 25492/tcp, 51161/tcp, 1610/tcp (taurus-wh), 50235/tcp, 40008/tcp, 7173/tcp (zSecure Server), 5642/tcp, 624/tcp (Crypto Admin), 5220/tcp, 7788/tcp, 9696/tcp, 1444/tcp (Marcam  License Management), 1979/tcp (UniSQL Java), 16102/tcp, 4424/tcp, 45623/tcp, 62004/tcp, 6799/tcp, 50500/tcp, 10105/tcp, 41873/tcp, 55701/tcp, 7074/tcp, 16234/tcp, 51010/tcp, 44902/tcp, 1501/tcp (Satellite-data Acquisition System 3), 44496/tcp, 8845/tcp, 96/tcp (DIXIE Protocol Specification), 33222/tcp, 4344/tcp (VinaInstall), 33017/tcp, 1902/tcp (Fujitsu ICL Terminal Emulator Program B), 22092/tcp, 5010/tcp (TelepathStart), 56321/tcp, 50050/tcp, 991/tcp (Netnews Administration System), 45855/tcp, 10009/tcp (Systemwalker Desktop Patrol), 2580/tcp (Tributary), 33982/tcp, 4647/tcp, 52250/tcp, 33902/tcp, 33539/tcp, 65528/tcp, 33120/tcp, 4030/tcp (Accell/JSP Daemon Port), 1028/tcp, 3404/tcp, 1823/tcp (Unisys Natural Language License Manager), 9095/tcp, 19010/tcp, 5898/tcp, 25679/tcp, 34598/tcp, 19102/tcp, 19498/tcp, 2050/tcp (Avaya EMB Config Port), 48535/tcp, 39009/tcp, 303/tcp, 7310/tcp, 33041/tcp, 30330/tcp, 52147/tcp, 3406/tcp (Nokia Announcement ch 2), 2425/tcp (Fujitsu App Manager), 8019/tcp (QB DB Dynamic Port), 10201/tcp (Remote Server Management Service), 46600/tcp, 6550/tcp (fg-sysupdate), 49235/tcp, 24659/tcp, 56789/tcp, 34574/tcp, 4150/tcp (PowerAlert Network Shutdown Agent), 3542/tcp (HA cluster monitor), 50503/tcp, 86/tcp (Micro Focus Cobol), 11501/tcp, 23396/tcp, 10015/tcp, 4109/tcp (Instantiated Zero-control Messaging), 41389/tcp, 3376/tcp (CD Broker), 3599/tcp (Quasar Accounting Server), 49389/tcp, 6298/tcp, 33096/tcp, 50501/tcp, 33824/tcp, 22040/tcp, 4072/tcp (Zieto Socket Communications), 9218/tcp, 45202/tcp, 21084/tcp, 33217/tcp, 2310/tcp (SD Client), 19099/tcp, 9741/tcp, 33890/tcp, 49010/tcp, 2251/tcp (Distributed Framework Port), 4713/tcp, 4114/tcp (JomaMQMonitor), 10111/tcp, 49998/tcp, 13330/tcp, 47524/tcp, 15135/tcp, 6564/tcp, 48389/tcp, 1200/tcp (SCOL), 1959/tcp (SIMP Channel), 667/tcp (campaign contribution disclosures - SDR Technologies), 3153/tcp (S8Cargo Client Port), 3689/tcp (Digital Audio Access Protocol), 38468/tcp, 30036/tcp, 30202/tcp, 4800/tcp (Icona Instant Messenging System), 3702/tcp (Web Service Discovery), 7459/tcp, 45884/tcp, 47006/tcp, 3451/tcp (ASAM Services), 44446/tcp, 41235/tcp, 21858/tcp, 300/tcp, 44044/tcp, 39994/tcp, 54303/tcp, 4920/tcp, 56657/tcp, 44489/tcp, 9835/tcp, 4024/tcp (TNP1 User Port), 8939/tcp, 7801/tcp (Secure Server Protocol - client), 1950/tcp (ISMA Easdaq Test), 41398/tcp, 9071/tcp, 81/tcp, 11300/tcp, 3300/tcp, 33247/tcp, 54023/tcp, 39598/tcp, 25190/tcp, 44301/tcp, 60003/tcp, 25152/tcp, 2468/tcp (qip_msgd), 50069/tcp, 1972/tcp (Cache), 55111/tcp, 33106/tcp, 34/tcp, 56389/tcp, 40020/tcp, 9750/tcp (Board M.I.T. Synchronous Collaboration), 37310/tcp, 7327/tcp, 2424/tcp (KOFAX-SVR), 63389/tcp, 50027/tcp, 18804/tcp, 19789/tcp, 43385/tcp, 62458/tcp, 3179/tcp (H2GF W.2m Handover prot.), 24010/tcp, 4460/tcp, 49252/tcp, 4387/tcp, 9053/tcp, 43320/tcp, 45599/tcp, 4802/tcp (Icona License System Server), 41114/tcp, 64119/tcp, 43389/tcp, 10551/tcp, 8020/tcp (Intuit Entitlement Service and Discovery), 4389/tcp (Xandros Community Management Service), 33892/tcp, 8893/tcp (Desktop Data TCP 5: NewsEDGE/Web application), 40102/tcp, 7777/tcp (cbt), 10033/tcp, 60101/tcp, 2207/tcp (HP Status and Services), 49999/tcp, 33504/tcp, 45100/tcp, 30009/tcp, 33891/tcp, 25491/tcp, 18228/tcp, 3563/tcp (Watcom Debug), 4489/tcp, 40013/tcp, 65501/tcp, 2391/tcp (3COM Net Management), 14532/tcp, 1801/tcp (Microsoft Message Que), 4443/tcp (Pharos), 4414/tcp, 43333/tcp, 44444/tcp, 6868/tcp (Acctopus Command Channel), 24687/tcp, 4112/tcp (Apple VPN Server Reporting Protocol), 10219/tcp, 587/tcp (Submission), 43789/tcp, 19202/tcp, 3777/tcp (Jibe EdgeBurst), 33569/tcp, 43651/tcp, 6150/tcp, 1015/tcp, 33325/tcp, 10845/tcp, 1888/tcp (NC Config Port), 33245/tcp, 6153/tcp, 4037/tcp (RaveHD network control), 33333/tcp (Digital Gaslight Service), 25677/tcp, 36211/tcp, 9883/tcp, 53389/tcp, 49333/tcp, 3272/tcp (Fujitsu User Manager), 51186/tcp, 1123/tcp (Murray), 40002/tcp, 7337/tcp, 43491/tcp, 48232/tcp, 556/tcp (rfs server), 3388/tcp (CB Server), 10206/tcp, 9061/tcp, 30209/tcp, 65505/tcp, 3721/tcp (Xsync), 24624/tcp, 10002/tcp (EMC-Documentum Content Server Product), 4871/tcp (Wired), 14952/tcp, 2229/tcp (DataLens Service), 40073/tcp, 48001/tcp (Nimbus Spooler), 63395/tcp, 47589/tcp.
      
BHD Honeypot
Port scan
2019-10-05

In the last 24h, the attacker (92.119.160.141) attempted to scan 271 ports.
The following ports have been scanned: 11301/tcp, 55389/tcp, 48000/tcp (Nimbus Controller), 6655/tcp (PC SOFT - Software factory UI/manager), 8779/tcp, 7700/tcp (EM7 Secure Communications), 9990/tcp (OSM Applet Server), 33205/tcp, 9005/tcp, 33395/tcp, 4399/tcp, 57138/tcp, 3651/tcp (XRPC Registry), 49221/tcp, 33942/tcp, 33342/tcp, 52990/tcp, 15647/tcp, 4117/tcp (Hillr Connection Manager), 13387/tcp, 11444/tcp, 44915/tcp, 33396/tcp, 9900/tcp (IUA), 34000/tcp, 9876/tcp (Session Director), 13381/tcp, 12015/tcp, 3395/tcp (Dyna License Manager (Elam)), 33402/tcp, 10390/tcp, 9696/tcp, 33242/tcp, 10601/tcp, 10023/tcp, 1979/tcp (UniSQL Java), 3303/tcp (OP Session Client), 33667/tcp, 16102/tcp, 4002/tcp (pxc-spvr-ft), 53101/tcp, 30315/tcp, 2013/tcp (raid-am), 3444/tcp (Denali Server), 50999/tcp, 36203/tcp, 20200/tcp, 20150/tcp, 8802/tcp, 13389/tcp, 41089/tcp, 3431/tcp (Active License Server Port), 4494/tcp, 5914/tcp, 55801/tcp, 35120/tcp, 4014/tcp (TAICLOCK), 44496/tcp, 33301/tcp, 4336/tcp, 15100/tcp, 2555/tcp (Compaq WCP), 45855/tcp, 3426/tcp (Arkivio Storage Protocol), 4950/tcp (Sybase Server Monitor), 33025/tcp, 39390/tcp, 16901/tcp, 4647/tcp, 20001/tcp (MicroSAN), 12050/tcp, 33902/tcp, 3404/tcp, 3387/tcp (Back Room Net), 5898/tcp, 21354/tcp, 3750/tcp (CBOS/IP ncapsalation port), 63000/tcp, 33105/tcp, 10300/tcp, 10331/tcp, 33887/tcp, 40029/tcp, 58083/tcp, 1978/tcp (UniSQL), 7889/tcp, 4001/tcp (NewOak), 8891/tcp (Desktop Data TCP 3: NESS application), 33802/tcp, 42003/tcp, 5398/tcp (Elektron Administration), 60104/tcp, 34100/tcp, 10393/tcp, 13391/tcp, 33966/tcp, 51338/tcp, 50073/tcp, 4000/tcp (Terabase), 4988/tcp (SMAR Ethernet Port 2), 49777/tcp, 33026/tcp, 4155/tcp (Bazaar version control system), 8083/tcp (Utilistor (Server)), 1030/tcp (BBN IAD), 53890/tcp, 8886/tcp, 18476/tcp, 8006/tcp, 4520/tcp, 5111/tcp (TAEP AS service), 3200/tcp (Press-sense Tick Port), 31415/tcp, 4029/tcp (IP Q signaling protocol), 38967/tcp, 13001/tcp, 34523/tcp, 33000/tcp, 33320/tcp, 49010/tcp, 37388/tcp, 62005/tcp, 6633/tcp, 5070/tcp (VersaTrans Server Agent Service), 34021/tcp, 33152/tcp, 12014/tcp, 11934/tcp, 9930/tcp, 4116/tcp (smartcard-TLS), 4225/tcp, 31572/tcp, 38468/tcp, 33063/tcp, 57726/tcp, 3775/tcp (ISPM Manager Port), 4128/tcp (NuFW decision delegation protocol), 3702/tcp (Web Service Discovery), 3394/tcp (D2K Tapestry Server to Server), 6692/tcp, 11234/tcp, 50009/tcp, 33799/tcp, 9983/tcp, 10501/tcp, 33955/tcp, 11011/tcp, 54320/tcp, 259/tcp (Efficient Short Remote Operations), 2627/tcp (Moshe Beeri), 32888/tcp, 3130/tcp (ICPv2), 53100/tcp, 3306/tcp (MySQL), 56657/tcp, 43490/tcp, 33893/tcp, 4024/tcp (TNP1 User Port), 33090/tcp, 11400/tcp, 59901/tcp, 8002/tcp (Teradata ORDBMS), 33247/tcp, 15389/tcp, 50078/tcp, 15995/tcp, 6050/tcp, 50397/tcp, 40001/tcp, 3884/tcp (SofTrack Metering), 55754/tcp, 7506/tcp, 33027/tcp, 31130/tcp, 9755/tcp, 38242/tcp, 8571/tcp, 9966/tcp (OKI Data Network Setting Protocol), 8899/tcp (ospf-lite), 34/tcp, 825/tcp, 9752/tcp, 33880/tcp, 30053/tcp, 50013/tcp, 54214/tcp, 33305/tcp, 19831/tcp, 33398/tcp, 3506/tcp (APC 3506), 11018/tcp, 22001/tcp (OptoControl), 4211/tcp, 43355/tcp, 33500/tcp, 3304/tcp (OP Session Server), 44910/tcp, 11222/tcp, 36201/tcp, 50031/tcp, 495/tcp (intecourier), 8084/tcp, 3889/tcp (D and V Tester Control Port), 10118/tcp, 41114/tcp, 12049/tcp, 9789/tcp, 40000/tcp (SafetyNET p), 43389/tcp, 8893/tcp (Desktop Data TCP 5: NewsEDGE/Web application), 7784/tcp, 30005/tcp, 34572/tcp, 20800/tcp, 9901/tcp, 33340/tcp, 21001/tcp, 4535/tcp (Event Heap Server), 34390/tcp, 33196/tcp, 33385/tcp, 33351/tcp, 38388/tcp, 18389/tcp, 14390/tcp, 9504/tcp, 587/tcp (Submission), 5432/tcp (PostgreSQL Database), 9933/tcp, 49152/tcp, 51234/tcp, 33722/tcp, 9591/tcp, 3512/tcp (Aztec Distribution Port), 25854/tcp, 33899/tcp, 20010/tcp, 50030/tcp, 36211/tcp, 203/tcp (AppleTalk Unused), 3417/tcp (ConServR file translation), 62773/tcp, 49123/tcp, 10123/tcp, 9159/tcp, 40002/tcp, 50555/tcp, 27215/tcp, 38933/tcp, 49506/tcp, 3825/tcp (Antera FlowFusion Process Simulation), 65505/tcp, 10002/tcp (EMC-Documentum Content Server Product), 14952/tcp, 12893/tcp, 12027/tcp, 9955/tcp, 14200/tcp.
      
BHD Honeypot
Port scan
2019-10-04

In the last 24h, the attacker (92.119.160.141) attempted to scan 297 ports.
The following ports have been scanned: 6954/tcp, 33225/tcp, 22072/tcp, 2420/tcp (DSL Remote Management), 11009/tcp, 55310/tcp, 7700/tcp (EM7 Secure Communications), 20017/tcp, 33205/tcp, 4399/tcp, 19201/tcp, 63425/tcp, 30008/tcp, 56565/tcp, 4018/tcp (Talarian Mcast), 4356/tcp (QSNet Assistant), 3123/tcp (EDI Translation Protocol), 8310/tcp, 47651/tcp, 3975/tcp (Air Shot), 20202/tcp (IPD Tunneling Port), 52222/tcp, 13010/tcp, 33821/tcp, 38903/tcp, 1610/tcp (taurus-wh), 33145/tcp, 10450/tcp, 5430/tcp (RADEC CORP), 624/tcp (Crypto Admin), 51011/tcp, 3364/tcp (Creative Server), 55324/tcp, 10460/tcp, 1444/tcp (Marcam  License Management), 5859/tcp (WHEREHOO), 4438/tcp, 30089/tcp, 33667/tcp, 5602/tcp (A1-MSC), 23689/tcp, 9520/tcp, 4036/tcp (WAP Push OTA-HTTP secure), 5927/tcp, 7781/tcp (accu-lmgr), 6799/tcp, 2013/tcp (raid-am), 22611/tcp, 3377/tcp (Cogsys Network License Manager), 41089/tcp, 18191/tcp, 6548/tcp (APC 6548), 31456/tcp, 4545/tcp (WorldScores), 1501/tcp (Satellite-data Acquisition System 3), 23391/tcp, 9001/tcp (ETL Service Manager), 6030/tcp, 19876/tcp, 15100/tcp, 1411/tcp (AudioFile), 9201/tcp (WAP session service), 2748/tcp (fjippol-polsvr), 50050/tcp, 2555/tcp (Compaq WCP), 82/tcp (XFER Utility), 4094/tcp (sysrq daemon), 3503/tcp (MPLS LSP-echo Port), 38902/tcp, 33539/tcp, 65528/tcp, 12238/tcp, 4395/tcp (OmniVision communication for Virtual environments), 1028/tcp, 22247/tcp, 25610/tcp, 15826/tcp, 3210/tcp (Flamenco Networks Proxy), 60661/tcp, 63000/tcp, 5200/tcp (TARGUS GetData), 1985/tcp (Hot Standby Router Protocol), 48535/tcp, 5592/tcp, 10064/tcp, 270/tcp, 14466/tcp, 4001/tcp (NewOak), 4059/tcp (DLMS/COSEM), 19989/tcp, 39834/tcp, 6033/tcp, 2101/tcp (rtcm-sc104), 46600/tcp, 5063/tcp (centrify secure RPC), 24659/tcp, 51919/tcp, 5398/tcp (Elektron Administration), 3376/tcp (CD Broker), 4021/tcp (Nexus Portal), 9080/tcp (Groove GLRPC), 16336/tcp, 4000/tcp (Terabase), 8989/tcp (Sun Web Server SSL Admin Service), 55015/tcp, 3452/tcp (SABP-Signalling Protocol), 4155/tcp (Bazaar version control system), 50080/tcp, 8083/tcp (Utilistor (Server)), 1069/tcp (COGNEX-INSIGHT), 3080/tcp (stm_pproc), 4016/tcp (Talarian Mcast), 50701/tcp, 8165/tcp, 48622/tcp, 33144/tcp, 8830/tcp, 30007/tcp, 20220/tcp, 56685/tcp, 9603/tcp, 32898/tcp, 60090/tcp, 3223/tcp (DIGIVOTE (R) Vote-Server), 33200/tcp, 10556/tcp, 7711/tcp, 3456/tcp (VAT default data), 9218/tcp, 31019/tcp, 5050/tcp (multimedia conference control tool), 49992/tcp, 13001/tcp, 3493/tcp (Network UPS Tools), 34523/tcp, 33890/tcp, 32456/tcp, 37388/tcp, 44410/tcp, 45010/tcp, 33820/tcp, 3392/tcp (EFI License Management), 3131/tcp (Net Book Mark), 15135/tcp, 9645/tcp, 20013/tcp (Samsung Interdevice Interaction), 52521/tcp, 15951/tcp, 51002/tcp, 17391/tcp, 4226/tcp, 40040/tcp, 51515/tcp, 55390/tcp, 61390/tcp, 3451/tcp (ASAM Services), 58218/tcp, 44446/tcp, 21858/tcp, 33789/tcp, 51374/tcp, 9187/tcp, 50222/tcp, 63317/tcp, 44489/tcp, 4575/tcp, 8939/tcp, 1950/tcp (ISMA Easdaq Test), 81/tcp, 4999/tcp (HyperFileSQL Client/Server Database Engine Manager), 58205/tcp, 33498/tcp, 3082/tcp (TL1-RAW), 50233/tcp, 3491/tcp (SWR Port), 44301/tcp, 4396/tcp (Fly Object Space), 2051/tcp (EPNSDP), 3313/tcp (Unify Object Broker), 59452/tcp, 9755/tcp, 3400/tcp (CSMS2), 16012/tcp, 9111/tcp, 4017/tcp (Talarian Mcast), 9966/tcp (OKI Data Network Setting Protocol), 52433/tcp, 11221/tcp, 1969/tcp (LIPSinc 1), 60005/tcp, 3362/tcp (DJ ILM), 63389/tcp, 22001/tcp (OptoControl), 2234/tcp (DirectPlay), 33008/tcp, 49252/tcp, 5515/tcp, 43320/tcp, 51117/tcp, 1234/tcp (Infoseek Search Agent), 12049/tcp, 9212/tcp (Server View dbms access [January 2005]), 23813/tcp, 9642/tcp, 14000/tcp (SCOTTY High-Speed Filetransfer), 30005/tcp, 2207/tcp (HP Status and Services), 29900/tcp, 60008/tcp, 20800/tcp, 10525/tcp, 2939/tcp (SM-PAS-2), 59010/tcp, 19/tcp (Character Generator), 63393/tcp, 22334/tcp, 30316/tcp, 21001/tcp, 50321/tcp, 5519/tcp, 17005/tcp, 33196/tcp, 8212/tcp, 4484/tcp (hpssmgmt service), 17100/tcp, 35800/tcp, 44444/tcp, 50229/tcp, 3481/tcp (CleanerLive remote ctrl), 4280/tcp, 3312/tcp (Application Management Server), 4112/tcp (Apple VPN Server Reporting Protocol), 10219/tcp, 27219/tcp, 33234/tcp, 8077/tcp, 14390/tcp, 31160/tcp, 58990/tcp, 19202/tcp, 43651/tcp, 7900/tcp (Multicast Event), 33722/tcp, 32800/tcp, 10845/tcp, 55251/tcp, 44492/tcp, 1215/tcp (scanSTAT 1.0), 3361/tcp (KV Agent), 4064/tcp (Ice Firewall Traversal Service (SSL)), 6153/tcp, 4037/tcp (RaveHD network control), 64321/tcp, 60686/tcp, 43381/tcp, 63398/tcp, 41166/tcp, 5714/tcp (proshare conf video), 2089/tcp (Security Encapsulation Protocol - SEP), 2006/tcp (invokator), 13521/tcp, 1977/tcp (TCO Address Book), 9992/tcp (OnLive-1), 50106/tcp, 556/tcp (rfs server), 3388/tcp (CB Server), 1067/tcp (Installation Bootstrap Proto. Serv.), 12160/tcp, 3504/tcp (IronStorm game server), 60125/tcp, 49838/tcp, 2000/tcp (Cisco SCCP), 2229/tcp (DataLens Service), 5586/tcp, 51390/tcp, 9939/tcp, 10006/tcp, 55254/tcp, 12027/tcp, 9955/tcp.
      
BHD Honeypot
Port scan
2019-10-03

Port scan from IP: 92.119.160.141 detected by psad.
BHD Honeypot
Port scan
2019-10-03

In the last 24h, the attacker (92.119.160.141) attempted to scan 273 ports.
The following ports have been scanned: 33225/tcp, 50016/tcp, 55389/tcp, 60202/tcp, 31033/tcp, 32899/tcp, 11600/tcp (Tempest Protocol Port), 55310/tcp, 55103/tcp, 61012/tcp, 10005/tcp (EMC Replication Manager Server), 1999/tcp (cisco identification port), 15156/tcp, 33395/tcp, 63425/tcp, 33942/tcp, 52990/tcp, 28005/tcp, 4117/tcp (Hillr Connection Manager), 60667/tcp, 53531/tcp, 9110/tcp, 33446/tcp, 11444/tcp, 5100/tcp (Socalia service mux), 33396/tcp, 60653/tcp, 36366/tcp, 51161/tcp, 9876/tcp (Session Director), 57157/tcp, 25853/tcp, 32186/tcp, 3727/tcp (Ericsson Mobile Data Unit), 3324/tcp, 4543/tcp, 59999/tcp, 30089/tcp, 4086/tcp, 8412/tcp, 4002/tcp (pxc-spvr-ft), 45623/tcp, 8990/tcp (webmail HTTP service), 56224/tcp, 33190/tcp, 3444/tcp (Denali Server), 20200/tcp, 13389/tcp, 1159/tcp (Oracle OMS), 9833/tcp, 6548/tcp (APC 6548), 31456/tcp, 13489/tcp, 52389/tcp, 55801/tcp, 43563/tcp, 23391/tcp, 4448/tcp (ASC Licence Manager), 4336/tcp, 45645/tcp, 19876/tcp, 60025/tcp, 15002/tcp, 82/tcp (XFER Utility), 11964/tcp, 52999/tcp, 3320/tcp (Office Link 2000), 13603/tcp, 9533/tcp, 22247/tcp, 22138/tcp, 3210/tcp (Flamenco Networks Proxy), 3750/tcp (CBOS/IP ncapsalation port), 60661/tcp, 4289/tcp, 33105/tcp, 9995/tcp (Palace-4), 4711/tcp, 4884/tcp (HiveStor Distributed File System), 55257/tcp, 10331/tcp, 58974/tcp, 3214/tcp (JMQ Daemon Port 1), 3315/tcp (CDID), 5210/tcp, 52335/tcp, 3292/tcp (Cart O Rama), 28001/tcp (PQ Service), 9998/tcp (Distinct32), 52411/tcp, 10235/tcp, 33802/tcp, 6033/tcp, 9391/tcp, 58888/tcp, 55559/tcp, 52102/tcp, 34574/tcp, 50046/tcp, 33908/tcp, 23396/tcp, 29833/tcp, 4257/tcp, 53535/tcp, 13391/tcp, 53289/tcp, 50073/tcp, 4624/tcp, 211/tcp (Texas Instruments 914C/G Terminal), 1069/tcp (COGNEX-INSIGHT), 16945/tcp, 16389/tcp, 51112/tcp, 56685/tcp, 32898/tcp, 7500/tcp (Silhouette User), 4905/tcp, 3456/tcp (VAT default data), 49992/tcp, 54596/tcp, 10389/tcp, 4054/tcp (CosmoCall Universe Communications Port 2), 9385/tcp, 3401/tcp (filecast), 33320/tcp, 3393/tcp (D2K Tapestry Client to Server), 45010/tcp, 59320/tcp, 4114/tcp (JomaMQMonitor), 12014/tcp, 6564/tcp, 45555/tcp, 11223/tcp, 60322/tcp, 33321/tcp, 51002/tcp, 4225/tcp, 55100/tcp, 8940/tcp, 57726/tcp, 9806/tcp, 12004/tcp (IBM Enterprise Extender SNA COS Low Priority), 9922/tcp, 55390/tcp, 8542/tcp, 6692/tcp, 4550/tcp (Perman I Interbase Server), 61211/tcp, 4111/tcp (Xgrid), 41235/tcp, 4548/tcp (Synchromesh), 32888/tcp, 9187/tcp, 3099/tcp (CHIPSY Machine Daemon), 63317/tcp, 3306/tcp (MySQL), 3933/tcp (PL/B App Server User Port), 48164/tcp, 9101/tcp (Bacula Director), 41398/tcp, 4080/tcp (Lorica inside facing), 3300/tcp, 6002/tcp, 9320/tcp, 60300/tcp, 54001/tcp, 23389/tcp, 33498/tcp, 63636/tcp, 3491/tcp (SWR Port), 61057/tcp, 15995/tcp, 3114/tcp (CCM AutoDiscover), 3884/tcp (SofTrack Metering), 55754/tcp, 3601/tcp (Visinet Gui), 6665/tcp (-6669/udp  IRCU), 164/tcp (CMIP/TCP Agent), 1972/tcp (Cache), 57602/tcp, 33106/tcp, 52366/tcp, 12010/tcp (ElevateDB Server), 6876/tcp, 51389/tcp, 6211/tcp, 3003/tcp (CGMS), 50027/tcp, 3506/tcp (APC 3506), 20011/tcp, 44910/tcp, 11222/tcp, 33168/tcp, 58710/tcp, 14010/tcp, 45599/tcp, 9151/tcp, 50000/tcp, 64119/tcp, 10551/tcp, 4389/tcp (Xandros Community Management Service), 20002/tcp (Commtact HTTP), 9642/tcp, 7777/tcp (cbt), 60101/tcp, 45100/tcp, 33340/tcp, 53388/tcp, 3333/tcp (DEC Notes), 335/tcp, 13393/tcp, 10289/tcp, 54491/tcp, 17005/tcp, 23789/tcp, 16161/tcp (Solaris SEA Port), 10102/tcp (eZproxy), 51031/tcp, 55043/tcp, 5700/tcp, 20105/tcp, 4495/tcp, 43333/tcp, 53302/tcp, 8999/tcp (Brodos Crypto Trade Protocol), 56689/tcp, 31160/tcp, 61002/tcp, 63342/tcp, 9933/tcp, 4995/tcp, 9591/tcp, 5077/tcp, 33899/tcp, 33245/tcp, 50506/tcp, 4879/tcp, 62773/tcp, 3399/tcp (CSMS), 63398/tcp, 7726/tcp (FreezeX Console Service), 52843/tcp, 1123/tcp (Murray), 12000/tcp (IBM Enterprise Extender SNA XID Exchange), 2006/tcp (invokator), 13521/tcp, 4490/tcp, 3743/tcp (IP Control Systems Ltd.), 48232/tcp, 59975/tcp, 10093/tcp, 22781/tcp, 28031/tcp, 49838/tcp, 55254/tcp, 50110/tcp, 62418/tcp, 14200/tcp.
      
BHD Honeypot
Port scan
2019-10-02

In the last 24h, the attacker (92.119.160.141) attempted to scan 227 ports.
The following ports have been scanned: 36963/tcp, 31337/tcp, 65390/tcp, 41414/tcp, 4598/tcp (A16 (AN-AN)), 59834/tcp, 6530/tcp, 56565/tcp, 24444/tcp, 3398/tcp (Mercantile), 59389/tcp, 29015/tcp, 33904/tcp, 6011/tcp, 65006/tcp, 5100/tcp (Socalia service mux), 36366/tcp, 3396/tcp (Printer Agent), 50090/tcp, 56812/tcp, 10450/tcp, 31416/tcp (XQoS network monitor), 3410/tcp (NetworkLens SSL Event), 7173/tcp (zSecure Server), 51011/tcp, 3390/tcp (Distributed Service Coordinator), 10390/tcp, 7124/tcp, 4543/tcp, 10460/tcp, 59999/tcp, 10532/tcp, 51516/tcp, 3317/tcp (VSAI PORT), 40401/tcp, 30315/tcp, 3377/tcp (Cogsys Network License Manager), 4545/tcp (WorldScores), 8093/tcp, 55443/tcp, 4344/tcp (VinaInstall), 33017/tcp, 9201/tcp (WAP session service), 4724/tcp, 4612/tcp, 8902/tcp, 13603/tcp, 45566/tcp, 4030/tcp (Accell/JSP Daemon Port), 36367/tcp, 2932/tcp (INCP), 3387/tcp (Back Room Net), 34598/tcp, 19102/tcp, 5200/tcp (TARGUS GetData), 12126/tcp, 6089/tcp, 10300/tcp, 52949/tcp, 11733/tcp, 8921/tcp, 5592/tcp, 4059/tcp (DLMS/COSEM), 3271/tcp (CSoft Prev Port), 33840/tcp, 26437/tcp, 39834/tcp, 10201/tcp (Remote Server Management Service), 52025/tcp, 42003/tcp, 9391/tcp, 54330/tcp, 3018/tcp (Service Registry), 49235/tcp, 3542/tcp (HA cluster monitor), 13900/tcp, 4022/tcp (DNOX), 29833/tcp, 8050/tcp, 3599/tcp (Quasar Accounting Server), 4624/tcp, 4321/tcp (Remote Who Is), 50080/tcp, 1030/tcp (BBN IAD), 36689/tcp, 4709/tcp, 4016/tcp (Talarian Mcast), 50701/tcp, 33824/tcp, 46046/tcp, 52017/tcp, 5394/tcp, 210/tcp (ANSI Z39.50), 40390/tcp, 5145/tcp (RMONITOR SECURE), 21084/tcp, 33390/tcp, 4054/tcp (CosmoCall Universe Communications Port 2), 4903/tcp, 5839/tcp, 1122/tcp (availant-mgr), 3493/tcp (Network UPS Tools), 3600/tcp (text relay-answer), 1199/tcp (DMIDI), 3337/tcp (Direct TV Data Catalog), 59320/tcp, 47524/tcp, 5088/tcp, 3153/tcp (S8Cargo Client Port), 31572/tcp, 17391/tcp, 4226/tcp, 30036/tcp, 43457/tcp, 51515/tcp, 7459/tcp, 47006/tcp, 33799/tcp, 7999/tcp (iRDMI2), 12310/tcp, 23765/tcp, 6451/tcp, 33789/tcp, 4548/tcp (Synchromesh), 61226/tcp, 3371/tcp, 35217/tcp, 43490/tcp, 33009/tcp, 59901/tcp, 3391/tcp (SAVANT), 9194/tcp, 3036/tcp (Hagel DUMP), 10051/tcp (Zabbix Trapper), 5030/tcp (SurfPass), 39598/tcp, 2015/tcp (cypress), 61057/tcp, 4396/tcp (Fly Object Space), 6845/tcp, 29051/tcp, 61959/tcp, 5600/tcp (Enterprise Security Manager), 50071/tcp, 6551/tcp (Software Update Manager), 8901/tcp (JMB-CDS 2), 4017/tcp (Talarian Mcast), 12010/tcp (ElevateDB Server), 3354/tcp (SUITJD), 4242/tcp, 141/tcp (EMFIS Control Service), 19789/tcp, 18888/tcp (APCNECMP), 44109/tcp, 9972/tcp, 24010/tcp, 4387/tcp, 201/tcp (AppleTalk Routing Maintenance), 64001/tcp, 5641/tcp, 33892/tcp, 59001/tcp, 5789/tcp, 40102/tcp, 2626/tcp (gbjd816), 4015/tcp (Talarian Mcast), 7000/tcp (file server itself), 59010/tcp, 5640/tcp, 4248/tcp, 6389/tcp (clariion-evr01), 2811/tcp (GSI FTP), 9107/tcp (AstergateFax Control Service), 22334/tcp, 15158/tcp, 10289/tcp, 6088/tcp, 23789/tcp, 40013/tcp, 13102/tcp, 20105/tcp, 33385/tcp, 24687/tcp, 64206/tcp, 5643/tcp, 64126/tcp, 6853/tcp, 3508/tcp (Interaction Web), 32800/tcp, 25854/tcp, 40126/tcp, 33104/tcp, 20010/tcp, 4879/tcp, 3397/tcp (Cloanto License Manager), 19687/tcp, 40400/tcp, 54500/tcp, 41166/tcp, 64999/tcp, 10123/tcp, 59975/tcp, 9191/tcp (Sun AppSvr JPDA), 10122/tcp, 1067/tcp (Installation Bootstrap Proto. Serv.), 10206/tcp, 3504/tcp (IronStorm game server), 3721/tcp (Xsync), 24624/tcp, 4871/tcp (Wired), 3416/tcp (AirMobile IS Command Port), 7235/tcp, 55501/tcp, 5586/tcp, 48001/tcp (Nimbus Spooler), 63395/tcp, 20089/tcp.
      
BHD Honeypot
Port scan
2019-10-01

In the last 24h, the attacker (92.119.160.141) attempted to scan 305 ports.
The following ports have been scanned: 9023/tcp (Secure Web Access - 1), 9844/tcp, 48000/tcp (Nimbus Controller), 8012/tcp, 31120/tcp, 55103/tcp, 61012/tcp, 9990/tcp (OSM Applet Server), 4464/tcp, 6018/tcp, 3651/tcp (XRPC Registry), 30008/tcp, 33342/tcp, 29015/tcp, 33904/tcp, 9072/tcp, 25963/tcp, 53531/tcp, 5891/tcp, 28028/tcp, 22003/tcp (Opto Host Port 3), 34000/tcp, 5563/tcp, 31416/tcp (XQoS network monitor), 1958/tcp (CA Administration Daemon), 5430/tcp (RADEC CORP), 15935/tcp, 13381/tcp, 5013/tcp (FileMaker, Inc. - Proprietary transport), 42014/tcp, 3364/tcp (Creative Server), 33242/tcp, 5859/tcp (WHEREHOO), 5678/tcp (Remote Replication Agent Connection), 6290/tcp, 10023/tcp, 4438/tcp, 5390/tcp, 9520/tcp, 5437/tcp, 11135/tcp, 8990/tcp (webmail HTTP service), 33190/tcp, 20500/tcp, 36203/tcp, 8802/tcp, 41873/tcp, 3318/tcp (Swith to Swith Routing Information Protocol), 18191/tcp, 5623/tcp, 55701/tcp, 39389/tcp, 8932/tcp, 9001/tcp (ETL Service Manager), 4935/tcp, 33222/tcp, 55443/tcp, 90/tcp (DNSIX Securit Attribute Token Map), 62172/tcp, 60025/tcp, 1102/tcp (ADOBE SERVER 1), 39390/tcp, 7420/tcp, 38902/tcp, 20001/tcp (MicroSAN), 22446/tcp, 12238/tcp, 15390/tcp, 36367/tcp, 1338/tcp (WMC-log-svr), 19010/tcp, 25679/tcp, 23656/tcp, 4289/tcp, 7655/tcp, 4711/tcp, 55566/tcp, 7521/tcp, 5560/tcp, 1185/tcp (Catchpole port), 5210/tcp, 52335/tcp, 58083/tcp, 3292/tcp (Cart O Rama), 3097/tcp, 33840/tcp, 33133/tcp, 23500/tcp, 26437/tcp, 32543/tcp, 2425/tcp (Fujitsu App Manager), 5622/tcp, 8891/tcp (Desktop Data TCP 3: NESS application), 55559/tcp, 6555/tcp, 56789/tcp, 37332/tcp, 50046/tcp, 1020/tcp, 31389/tcp, 33888/tcp, 8050/tcp, 10393/tcp, 19990/tcp, 16689/tcp, 37412/tcp, 9080/tcp (Groove GLRPC), 3347/tcp (Phoenix RPC), 7689/tcp (Collaber Network Service), 25678/tcp, 60011/tcp, 8830/tcp, 8180/tcp, 60775/tcp, 62333/tcp, 6022/tcp, 51112/tcp, 18476/tcp, 8837/tcp, 22040/tcp, 8006/tcp, 4520/tcp, 210/tcp (ANSI Z39.50), 4905/tcp, 5454/tcp (APC 5454), 40390/tcp, 3200/tcp (Press-sense Tick Port), 31415/tcp, 22289/tcp, 4029/tcp (IP Q signaling protocol), 38967/tcp, 3666/tcp (IBM eServer PAP), 2310/tcp (SD Client), 19099/tcp, 8071/tcp, 64223/tcp, 33389/tcp, 32456/tcp, 6122/tcp (Backup Express Web Server), 3337/tcp (Direct TV Data Catalog), 62005/tcp, 6633/tcp, 5000/tcp (commplex-main), 45555/tcp, 1959/tcp (SIMP Channel), 9930/tcp, 9631/tcp (Peovica Collector), 27002/tcp, 4128/tcp (NuFW decision delegation protocol), 3394/tcp (D2K Tapestry Server to Server), 53/tcp (Domain Name Server), 65031/tcp, 22780/tcp, 8934/tcp, 4550/tcp (Perman I Interbase Server), 9531/tcp, 2627/tcp (Moshe Beeri), 64570/tcp, 3371/tcp, 6818/tcp, 33009/tcp, 5053/tcp (RLM License Server), 21588/tcp, 9071/tcp, 11300/tcp, 61770/tcp, 6002/tcp, 5558/tcp, 23424/tcp, 6845/tcp, 3313/tcp (Unify Object Broker), 2468/tcp (qip_msgd), 29051/tcp, 59452/tcp, 61959/tcp, 164/tcp (CMIP/TCP Agent), 8887/tcp, 8445/tcp, 16012/tcp, 9111/tcp, 6747/tcp, 6690/tcp, 5874/tcp, 33099/tcp, 41555/tcp, 37310/tcp, 4242/tcp, 2424/tcp (KOFAX-SVR), 33305/tcp, 19831/tcp, 33398/tcp, 3304/tcp (OP Session Server), 2505/tcp (PowerPlay Control), 8889/tcp (Desktop Data TCP 1), 5246/tcp, 7563/tcp, 36201/tcp, 50031/tcp, 33168/tcp, 33121/tcp, 14010/tcp, 4802/tcp (Icona License System Server), 9212/tcp (Server View dbms access [January 2005]), 9789/tcp, 87/tcp (any private terminal link), 5569/tcp, 4410/tcp (RIB iTWO Application Server), 4125/tcp (Opsview Envoy), 49999/tcp, 18017/tcp, 33504/tcp, 25491/tcp, 16414/tcp, 38500/tcp, 3993/tcp (BindView-Agent), 205/tcp (AppleTalk Unused), 7000/tcp (file server itself), 4248/tcp, 3307/tcp (OP Session Proxy), 18356/tcp, 3440/tcp (Net Steward Mgmt Console), 51031/tcp, 13102/tcp, 4484/tcp (hpssmgmt service), 59899/tcp, 6558/tcp (xdsxdm), 9223/tcp, 53142/tcp, 4443/tcp (Pharos), 17100/tcp, 35800/tcp, 55467/tcp, 48333/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 20501/tcp, 23333/tcp (Emulex HBAnyware Remote Management), 55123/tcp, 33234/tcp, 18389/tcp, 4801/tcp (Icona Web Embedded Chat), 9504/tcp, 8999/tcp (Brodos Crypto Trade Protocol), 58990/tcp, 5432/tcp (PostgreSQL Database), 65065/tcp, 51234/tcp, 4791/tcp, 6853/tcp, 12235/tcp, 2608/tcp (Wag Service), 1015/tcp, 17587/tcp, 50030/tcp, 58989/tcp, 4911/tcp, 4499/tcp, 53389/tcp, 54500/tcp, 43381/tcp, 8065/tcp, 6005/tcp, 5113/tcp, 9028/tcp, 3250/tcp (HMS hicp port), 5612/tcp, 12131/tcp, 3743/tcp (IP Control Systems Ltd.), 50106/tcp, 22781/tcp, 38933/tcp, 43434/tcp, 4555/tcp (RSIP Port), 30010/tcp, 32165/tcp, 5311/tcp, 8017/tcp, 12893/tcp, 9939/tcp, 10006/tcp, 30201/tcp, 50110/tcp.
      
BHD Honeypot
Port scan
2019-09-30

In the last 24h, the attacker (92.119.160.141) attempted to scan 242 ports.
The following ports have been scanned: 1309/tcp (JTAG server), 32899/tcp, 31120/tcp, 65390/tcp, 41414/tcp, 4598/tcp (A16 (AN-AN)), 57138/tcp, 1195/tcp (RSF-1 clustering), 2306/tcp (TAPPI BoxNet), 49221/tcp, 9941/tcp, 8500/tcp (Flight Message Transfer Protocol), 52222/tcp, 13010/tcp, 58625/tcp, 18689/tcp, 5563/tcp, 57157/tcp, 15935/tcp, 15040/tcp, 28360/tcp, 33402/tcp, 3324/tcp, 6603/tcp, 10532/tcp, 51516/tcp, 8412/tcp, 14369/tcp, 7003/tcp (volume location database), 52389/tcp, 9836/tcp, 51010/tcp, 1709/tcp (centra), 2124/tcp (ELATELINK), 96/tcp (DIXIE Protocol Specification), 2748/tcp (fjippol-polsvr), 62172/tcp, 15002/tcp, 11089/tcp, 4612/tcp, 11964/tcp, 7786/tcp (MINIVEND), 6208/tcp, 52250/tcp, 12050/tcp, 33120/tcp, 7655/tcp, 6502/tcp (BoKS Servm), 7828/tcp, 6440/tcp, 1985/tcp (Hot Standby Router Protocol), 12126/tcp, 39009/tcp, 6089/tcp, 2025/tcp (ellpack), 34125/tcp, 33041/tcp, 10064/tcp, 3097/tcp, 52147/tcp, 5622/tcp, 7444/tcp, 52025/tcp, 23988/tcp, 52102/tcp, 34100/tcp, 16689/tcp, 33966/tcp, 51338/tcp, 16336/tcp, 55015/tcp, 8341/tcp, 3452/tcp (SABP-Signalling Protocol), 16945/tcp, 6298/tcp, 48622/tcp, 50501/tcp, 8180/tcp, 6022/tcp, 7863/tcp, 52017/tcp, 55135/tcp, 10556/tcp, 31019/tcp, 33390/tcp, 5001/tcp (commplex-link), 888/tcp (CD Database Protocol), 63112/tcp, 9741/tcp, 2140/tcp (IAS-REG), 7073/tcp, 2251/tcp (Distributed Framework Port), 6390/tcp (MetaEdit+ WebService API), 34021/tcp, 33152/tcp, 7389/tcp, 6768/tcp (BMC PERFORM MGRD), 8940/tcp, 41822/tcp, 15099/tcp, 8542/tcp, 8934/tcp, 9983/tcp, 12370/tcp, 12310/tcp, 12021/tcp, 3983/tcp (ESRI Image Service), 4526/tcp, 11028/tcp, 39994/tcp, 3099/tcp (CHIPSY Machine Daemon), 54303/tcp, 48164/tcp, 1189/tcp (Unet Connection), 6263/tcp, 4999/tcp (HyperFileSQL Client/Server Database Engine Manager), 58205/tcp, 10051/tcp (Zabbix Trapper), 50233/tcp, 41901/tcp, 2015/tcp (cypress), 23424/tcp, 25152/tcp, 50397/tcp, 8466/tcp, 5757/tcp (OpenMail X.500 Directory Server), 33027/tcp, 1968/tcp (LIPSinc), 7211/tcp, 8445/tcp, 9032/tcp, 8195/tcp (Bloomberg feed), 8571/tcp, 8899/tcp (ospf-lite), 52433/tcp, 52366/tcp, 825/tcp, 41555/tcp, 30053/tcp, 11221/tcp, 54214/tcp, 11018/tcp, 18888/tcp (APCNECMP), 1992/tcp (IPsendmsg), 8889/tcp (Desktop Data TCP 1), 44109/tcp, 3179/tcp (H2GF W.2m Handover prot.), 21167/tcp, 1120/tcp (Battle.net File Transfer Protocol), 8084/tcp, 9053/tcp, 58710/tcp, 61/tcp (NI MAIL), 64001/tcp, 64112/tcp, 10118/tcp, 7829/tcp, 30331/tcp, 23813/tcp, 5569/tcp, 4009/tcp (Chimera HWM), 7784/tcp, 10033/tcp, 12099/tcp, 18017/tcp, 20077/tcp, 10525/tcp, 38500/tcp, 205/tcp (AppleTalk Unused), 55889/tcp, 3333/tcp (DEC Notes), 2811/tcp (GSI FTP), 9107/tcp (AstergateFax Control Service), 3307/tcp (OP Session Proxy), 50321/tcp, 6088/tcp, 33032/tcp, 34390/tcp, 33059/tcp, 8212/tcp, 6558/tcp (xdsxdm), 1801/tcp (Microsoft Message Que), 9223/tcp, 3442/tcp (OC Connect Server), 23333/tcp (Emulex HBAnyware Remote Management), 3430/tcp (Scott Studios Dispatch), 3481/tcp (CleanerLive remote ctrl), 2018/tcp (terminaldb), 2257/tcp (simple text/file transfer), 4126/tcp (Data Domain Replication Service), 3015/tcp (NATI DSTP), 42002/tcp, 20456/tcp, 33192/tcp, 54537/tcp, 40126/tcp, 17587/tcp, 9883/tcp, 64321/tcp, 9003/tcp, 3189/tcp (Pinnacle Sys InfEx Port), 8985/tcp, 18/tcp (Message Send Protocol), 9500/tcp (ismserver), 49123/tcp, 5690/tcp, 64999/tcp, 9999/tcp (distinct), 7213/tcp, 9159/tcp, 12131/tcp, 60016/tcp, 61847/tcp, 38034/tcp, 10122/tcp, 12348/tcp, 7865/tcp, 30010/tcp, 3825/tcp (Antera FlowFusion Process Simulation), 5311/tcp, 25003/tcp (icl-twobase4), 60136/tcp, 20089/tcp, 9877/tcp.
      
BHD Honeypot
Port scan
2019-09-29

In the last 24h, the attacker (92.119.160.141) attempted to scan 305 ports.
The following ports have been scanned: 9023/tcp (Secure Web Access - 1), 6954/tcp, 60400/tcp, 50016/tcp, 22072/tcp, 31033/tcp, 6739/tcp, 63384/tcp, 11009/tcp, 6655/tcp (PC SOFT - Software factory UI/manager), 8012/tcp, 6216/tcp, 9005/tcp, 4464/tcp, 19201/tcp, 22518/tcp, 1195/tcp (RSF-1 clustering), 4018/tcp (Talarian Mcast), 75/tcp (any private dial out service), 28005/tcp, 63439/tcp, 9092/tcp (Xml-Ipc Server Reg), 60667/tcp, 8018/tcp, 33599/tcp, 38903/tcp, 50090/tcp, 4689/tcp (Altova DatabaseCentral), 33905/tcp, 25853/tcp, 3410/tcp (NetworkLens SSL Event), 9830/tcp, 4123/tcp (Zensys Z-Wave Control Protocol), 57011/tcp, 3390/tcp (Distributed Service Coordinator), 6603/tcp, 63889/tcp, 3303/tcp (OP Session Client), 28122/tcp, 3317/tcp (VSAI PORT), 5602/tcp (A1-MSC), 14369/tcp, 62001/tcp, 56224/tcp, 50999/tcp, 55000/tcp, 3431/tcp (Active License Server Port), 9833/tcp, 44902/tcp, 35120/tcp, 2124/tcp (ELATELINK), 4448/tcp (ASC Licence Manager), 1411/tcp (AudioFile), 10009/tcp (Systemwalker Desktop Patrol), 53891/tcp, 7786/tcp (MINIVEND), 6666/tcp, 8902/tcp, 45566/tcp, 9533/tcp, 4395/tcp (OmniVision communication for Virtual environments), 15390/tcp, 7070/tcp (ARCP), 22138/tcp, 1823/tcp (Unisys Natural Language License Manager), 9095/tcp, 1338/tcp (WMC-log-svr), 2932/tcp (INCP), 3013/tcp (Gilat Sky Surfer), 4884/tcp (HiveStor Distributed File System), 7521/tcp, 8124/tcp, 34125/tcp, 65535/tcp, 8921/tcp, 3315/tcp (CDID), 40029/tcp, 7889/tcp, 14466/tcp, 52411/tcp, 33133/tcp, 19989/tcp, 61389/tcp, 5063/tcp (centrify secure RPC), 3018/tcp (Service Registry), 4150/tcp (PowerAlert Network Shutdown Agent), 86/tcp (Micro Focus Cobol), 60104/tcp, 33908/tcp, 4022/tcp (DNOX), 4109/tcp (Instantiated Zero-control Messaging), 4257/tcp, 8100/tcp (Xprint Server), 60650/tcp, 37412/tcp, 53289/tcp, 8989/tcp (Sun Web Server SSL Admin Service), 33100/tcp, 25678/tcp, 4709/tcp, 53890/tcp, 7742/tcp (Mugginsoft Script Server Service), 33096/tcp, 60775/tcp, 62333/tcp, 8886/tcp, 7863/tcp, 5145/tcp (RMONITOR SECURE), 61991/tcp, 10389/tcp, 4903/tcp, 1122/tcp (availant-mgr), 63112/tcp, 33389/tcp, 2140/tcp (IAS-REG), 6122/tcp (Backup Express Web Server), 7073/tcp, 3600/tcp (text relay-answer), 1199/tcp (DMIDI), 14320/tcp, 44410/tcp, 5070/tcp (VersaTrans Server Agent Service), 8003/tcp (Mulberry Connect Reporting Service), 10111/tcp, 33820/tcp, 7389/tcp, 35502/tcp, 667/tcp (campaign contribution disclosures - SDR Technologies), 52521/tcp, 6768/tcp (BMC PERFORM MGRD), 63258/tcp, 33321/tcp, 3/tcp (Compression Process), 55100/tcp, 27002/tcp, 1957/tcp (unix-status), 30202/tcp, 4800/tcp (Icona Instant Messenging System), 9806/tcp, 3775/tcp (ISPM Manager Port), 53/tcp (Domain Name Server), 11234/tcp, 58218/tcp, 50009/tcp, 61211/tcp, 7999/tcp (iRDMI2), 33397/tcp, 4111/tcp (Xgrid), 1337/tcp (menandmice DNS), 12370/tcp, 11011/tcp, 300/tcp, 3983/tcp (ESRI Image Service), 6451/tcp, 11028/tcp, 61226/tcp, 51374/tcp, 8778/tcp, 53100/tcp, 50222/tcp, 6818/tcp, 32369/tcp, 4575/tcp, 9101/tcp (Bacula Director), 5053/tcp (RLM License Server), 8002/tcp (Teradata ORDBMS), 15389/tcp, 63636/tcp, 60003/tcp, 33138/tcp, 6665/tcp (-6669/udp  IRCU), 5600/tcp (Enterprise Security Manager), 666/tcp (doom Id Software), 7211/tcp, 60201/tcp, 8887/tcp, 33386/tcp, 6747/tcp, 9032/tcp, 55111/tcp, 40020/tcp, 65200/tcp, 9750/tcp (Board M.I.T. Synchronous Collaboration), 38926/tcp, 8881/tcp, 1980/tcp (PearlDoc XACT), 50013/tcp, 8026/tcp (CA Audit Distribution Server), 50241/tcp, 5155/tcp (Oracle asControl Agent), 18804/tcp, 4457/tcp (PR Register), 20011/tcp, 51384/tcp, 5246/tcp, 21167/tcp, 7563/tcp, 1120/tcp (Battle.net File Transfer Protocol), 4460/tcp, 7979/tcp (Micromuse-ncps), 32322/tcp, 33121/tcp, 5515/tcp, 61/tcp (NI MAIL), 50055/tcp, 7829/tcp, 1234/tcp (Infoseek Search Agent), 4099/tcp (DPCP), 30331/tcp, 8020/tcp (Intuit Entitlement Service and Discovery), 59001/tcp, 5789/tcp, 15262/tcp, 4125/tcp (Opsview Envoy), 33891/tcp, 3993/tcp (BindView-Agent), 1025/tcp (network blackjack), 335/tcp, 63393/tcp, 13393/tcp, 5519/tcp, 8676/tcp, 3440/tcp (Net Steward Mgmt Console), 55043/tcp, 9004/tcp, 43897/tcp, 63364/tcp, 5700/tcp, 5689/tcp (QM video network management protocol), 4495/tcp, 3442/tcp (OC Connect Server), 53302/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 20501/tcp, 3430/tcp (Scott Studios Dispatch), 8890/tcp (Desktop Data TCP 2), 27219/tcp, 64206/tcp, 43789/tcp, 3777/tcp (Jibe EdgeBurst), 4082/tcp (Lorica outside facing), 65065/tcp, 12235/tcp, 3999/tcp (Norman distributes scanning service), 2929/tcp (AMX-WEBADMIN), 7900/tcp (Multicast Event), 33325/tcp, 9123/tcp, 8589/tcp, 55251/tcp, 33104/tcp, 1215/tcp (scanSTAT 1.0), 7071/tcp (IWGADTS Aircraft Housekeeping Message), 8004/tcp, 33333/tcp (Digital Gaslight Service), 203/tcp (AppleTalk Unused), 8841/tcp, 58989/tcp, 3397/tcp (Cloanto License Manager), 60686/tcp, 7890/tcp, 9999/tcp (distinct), 5113/tcp, 4490/tcp, 60016/tcp, 56421/tcp, 63214/tcp, 7865/tcp, 4555/tcp (RSIP Port), 28031/tcp, 5501/tcp (fcp-addr-srvr2), 30209/tcp, 60125/tcp, 63055/tcp, 8017/tcp, 7235/tcp, 60136/tcp, 30201/tcp.
      
BHD Honeypot
Port scan
2019-09-28

Port scan from IP: 92.119.160.141 detected by psad.
BHD Honeypot
Port scan
2019-09-19

In the last 24h, the attacker (92.119.160.141) attempted to scan 452 ports.
The following ports have been scanned: 64773/tcp, 8005/tcp (MXI Generation II for z/OS), 64751/tcp, 1309/tcp (JTAG server), 51188/tcp, 37938/tcp, 30362/tcp, 43446/tcp, 42569/tcp, 62223/tcp, 44360/tcp, 57936/tcp, 42229/tcp, 55930/tcp, 6621/tcp (Kerberos V5 FTP Control), 43126/tcp, 40532/tcp, 33395/tcp, 55520/tcp, 3081/tcp (TL1-LV), 4703/tcp (Network Performance Quality Evaluation System Test Service), 38003/tcp, 57451/tcp, 49397/tcp, 61461/tcp, 39371/tcp, 54882/tcp, 3616/tcp (cd3o Control Protocol), 24163/tcp, 23180/tcp, 52914/tcp, 38233/tcp, 48719/tcp, 8500/tcp (Flight Message Transfer Protocol), 7701/tcp, 25743/tcp, 15932/tcp, 60318/tcp, 26508/tcp, 36533/tcp, 29521/tcp, 62929/tcp, 31234/tcp, 19604/tcp, 58392/tcp, 22605/tcp, 41036/tcp, 4308/tcp (CompX-LockView), 42148/tcp, 39770/tcp, 62338/tcp, 12226/tcp, 24502/tcp, 30711/tcp, 5237/tcp (m-net discovery), 1605/tcp (Salutation Manager (Salutation Protocol)), 19248/tcp, 33189/tcp, 36534/tcp, 15749/tcp, 5086/tcp (Aprigo Collection Service), 33790/tcp, 37491/tcp, 41839/tcp, 40941/tcp, 34037/tcp, 16061/tcp, 19246/tcp, 36874/tcp, 37914/tcp, 12130/tcp, 19793/tcp, 8458/tcp, 2045/tcp (cdfunc), 34348/tcp, 57354/tcp, 33585/tcp, 36574/tcp, 56173/tcp, 7605/tcp, 39851/tcp, 46043/tcp, 79/tcp (Finger), 16915/tcp, 37588/tcp, 46594/tcp, 32083/tcp, 12825/tcp, 732/tcp, 25280/tcp, 25616/tcp, 4702/tcp (NetXMS Server Synchronization), 29407/tcp, 50563/tcp, 44267/tcp, 19758/tcp, 12188/tcp, 33982/tcp, 15157/tcp, 2782/tcp (everydayrc), 49885/tcp, 57734/tcp, 48996/tcp, 57421/tcp, 1413/tcp (Innosys-ACL), 2994/tcp (VERITAS VIS2), 65324/tcp, 65523/tcp, 51029/tcp, 58809/tcp, 11471/tcp, 61539/tcp, 27414/tcp, 62273/tcp, 47120/tcp, 41650/tcp, 25623/tcp, 40050/tcp, 11931/tcp, 6438/tcp, 50975/tcp, 62451/tcp, 48373/tcp, 30282/tcp, 49224/tcp, 61094/tcp, 31086/tcp, 33209/tcp, 42004/tcp, 26392/tcp, 2577/tcp (Scriptics Lsrvr), 41937/tcp, 38952/tcp, 23997/tcp, 48832/tcp, 4429/tcp (OMV Investigation Agent-Server), 12708/tcp, 8428/tcp, 51353/tcp, 18631/tcp, 4343/tcp (UNICALL), 28656/tcp, 33598/tcp, 59092/tcp, 38460/tcp, 20787/tcp, 47260/tcp, 20488/tcp, 8013/tcp, 37845/tcp, 56481/tcp, 12814/tcp, 33916/tcp, 60796/tcp, 4466/tcp, 41151/tcp, 30279/tcp, 30777/tcp, 13003/tcp, 48574/tcp, 16820/tcp, 29166/tcp, 12327/tcp, 5834/tcp, 36671/tcp, 58976/tcp, 56878/tcp, 26524/tcp, 28052/tcp, 50480/tcp, 59178/tcp, 8712/tcp, 50814/tcp, 658/tcp (TenFold), 42682/tcp, 19384/tcp, 37954/tcp, 9921/tcp, 38197/tcp, 61675/tcp, 43048/tcp, 17855/tcp, 15927/tcp, 57570/tcp, 549/tcp (IDFP), 29855/tcp, 61302/tcp, 48326/tcp, 62333/tcp, 59155/tcp, 3222/tcp (Gateway Load Balancing Pr), 4158/tcp (STAT Command Center), 41431/tcp, 4799/tcp, 16035/tcp, 36840/tcp, 4707/tcp, 2028/tcp (submitserver), 56283/tcp, 14014/tcp, 20941/tcp, 59122/tcp, 16521/tcp, 3329/tcp (HP Device Disc), 547/tcp (DHCPv6 Server), 52918/tcp, 14776/tcp, 34802/tcp, 25476/tcp, 43422/tcp, 64706/tcp, 12513/tcp, 30687/tcp, 2707/tcp (EMCSYMAPIPORT), 15889/tcp, 50676/tcp, 53528/tcp, 1611/tcp (Inter Library Loan), 2898/tcp (APPLIANCE-CFG), 9135/tcp, 41025/tcp, 841/tcp, 449/tcp (AS Server Mapper), 49135/tcp, 17544/tcp, 60916/tcp, 37484/tcp, 2349/tcp (Diagnostics Port), 27003/tcp, 12660/tcp, 42007/tcp, 58753/tcp, 60486/tcp, 32108/tcp, 33665/tcp, 4987/tcp (SMAR Ethernet Port 1), 64822/tcp, 13671/tcp, 25345/tcp, 40036/tcp, 20782/tcp, 8245/tcp, 9565/tcp, 40399/tcp, 59159/tcp, 47310/tcp, 38282/tcp, 37447/tcp, 55116/tcp, 26016/tcp, 46982/tcp, 4472/tcp, 50837/tcp, 33336/tcp, 33408/tcp, 13874/tcp, 38904/tcp, 39857/tcp, 55734/tcp, 20854/tcp, 8283/tcp, 5498/tcp, 29215/tcp, 19437/tcp, 18930/tcp, 7415/tcp, 65159/tcp, 44646/tcp, 38179/tcp, 59450/tcp, 48807/tcp, 6842/tcp (Netmo HTTP), 50663/tcp, 17070/tcp, 3464/tcp (EDM MGR Sync), 4856/tcp, 18778/tcp, 36757/tcp, 64828/tcp, 29275/tcp, 30395/tcp, 19251/tcp, 12476/tcp, 49543/tcp, 20857/tcp, 23178/tcp, 28934/tcp, 32065/tcp, 36/tcp, 42628/tcp, 40136/tcp, 29245/tcp, 26786/tcp, 29931/tcp, 48386/tcp, 46670/tcp, 21302/tcp, 4813/tcp, 64889/tcp, 29768/tcp, 57507/tcp, 33398/tcp, 37019/tcp, 420/tcp (SMPTE), 37980/tcp, 38862/tcp, 47290/tcp, 42134/tcp, 38028/tcp, 51091/tcp, 47618/tcp, 18555/tcp, 29647/tcp, 62789/tcp, 7488/tcp, 27469/tcp, 43745/tcp, 37784/tcp, 3716/tcp (WV CSP SMS CIR Channel), 2112/tcp (Idonix MetaNet), 18271/tcp, 3177/tcp (Phonex Protocol), 41421/tcp, 38344/tcp, 26142/tcp, 8057/tcp (Senomix Timesheets Client [1 year assignment]), 28770/tcp, 57198/tcp, 42980/tcp, 10672/tcp, 26283/tcp, 47272/tcp, 53021/tcp, 33588/tcp, 35159/tcp, 9282/tcp (SofaWare transport port 2), 59401/tcp, 9335/tcp, 54322/tcp, 57201/tcp, 23827/tcp, 13432/tcp, 43244/tcp, 30455/tcp, 20997/tcp, 52635/tcp, 38686/tcp, 28048/tcp, 36168/tcp, 14850/tcp, 4517/tcp, 18505/tcp, 1392/tcp (Print Manager), 17194/tcp, 10810/tcp, 59454/tcp, 17680/tcp, 29747/tcp, 23977/tcp, 48398/tcp, 40148/tcp, 32419/tcp, 55671/tcp, 6859/tcp, 18738/tcp, 38519/tcp, 59713/tcp, 17012/tcp, 48183/tcp, 48127/tcp, 50547/tcp, 60814/tcp, 12504/tcp, 19561/tcp, 55073/tcp, 54417/tcp, 51636/tcp, 25871/tcp, 59953/tcp, 29602/tcp, 32590/tcp, 10422/tcp, 46216/tcp, 587/tcp (Submission), 48533/tcp, 54996/tcp, 37880/tcp, 243/tcp (Survey Measurement), 57747/tcp, 56720/tcp, 17727/tcp, 62917/tcp, 6067/tcp, 54661/tcp, 22970/tcp, 37587/tcp, 29435/tcp, 19320/tcp, 9964/tcp, 34473/tcp, 5692/tcp, 1402/tcp (Prospero Resource Manager), 29117/tcp, 494/tcp (POV-Ray), 8184/tcp (Remote iTach Connection), 49143/tcp, 25361/tcp, 33422/tcp, 4276/tcp, 50846/tcp, 25235/tcp, 26949/tcp, 62506/tcp, 55963/tcp, 29279/tcp, 27310/tcp, 40855/tcp, 514/tcp (cmd), 38239/tcp, 31352/tcp, 57753/tcp, 64909/tcp, 50743/tcp, 14096/tcp, 37611/tcp, 41965/tcp, 3659/tcp (Apple SASL), 1447/tcp (Applied Parallel Research LM), 43444/tcp, 16938/tcp, 40176/tcp, 30837/tcp, 18754/tcp, 49814/tcp, 33593/tcp, 37674/tcp, 8270/tcp, 59683/tcp, 16359/tcp, 15398/tcp, 12629/tcp, 29203/tcp, 62185/tcp, 41158/tcp, 45706/tcp, 8450/tcp (npmp), 11141/tcp, 30854/tcp, 33605/tcp.
      
BHD Honeypot
Port scan
2019-09-18

In the last 24h, the attacker (92.119.160.141) attempted to scan 642 ports.
The following ports have been scanned: 48210/tcp, 42089/tcp, 26232/tcp, 62252/tcp, 50698/tcp, 5881/tcp, 38885/tcp, 26284/tcp, 64224/tcp, 33825/tcp, 22168/tcp, 20340/tcp, 34656/tcp, 33319/tcp, 30286/tcp, 12800/tcp, 44654/tcp, 62099/tcp, 6576/tcp, 10147/tcp, 41550/tcp, 53850/tcp, 19201/tcp, 63156/tcp, 37778/tcp, 19943/tcp, 31620/tcp (lm mon), 58143/tcp, 4507/tcp, 59052/tcp, 14264/tcp, 25430/tcp, 40919/tcp, 16244/tcp, 51510/tcp, 42624/tcp, 54044/tcp, 42303/tcp, 47867/tcp, 32462/tcp, 61062/tcp, 36854/tcp, 56677/tcp, 4745/tcp (Funambol Mobile Push), 62378/tcp, 56849/tcp, 14452/tcp, 37313/tcp, 38440/tcp, 22788/tcp, 29211/tcp, 56537/tcp, 29739/tcp, 28607/tcp, 64598/tcp, 43489/tcp, 55748/tcp, 51553/tcp, 30022/tcp, 64806/tcp, 51259/tcp, 19232/tcp, 38470/tcp, 296/tcp, 65153/tcp, 20706/tcp, 56809/tcp, 4497/tcp, 25013/tcp, 58093/tcp, 51327/tcp, 56757/tcp, 4183/tcp (General Metaverse Messaging Protocol), 48060/tcp, 19079/tcp, 28115/tcp, 14180/tcp, 7265/tcp, 17469/tcp, 24529/tcp, 60035/tcp, 13004/tcp, 1310/tcp (Husky), 54142/tcp, 10492/tcp, 10858/tcp, 41938/tcp, 29329/tcp, 63615/tcp, 16713/tcp, 35190/tcp, 12507/tcp, 50403/tcp, 63707/tcp, 40510/tcp, 47864/tcp, 51646/tcp, 56427/tcp, 15694/tcp, 38071/tcp, 19128/tcp, 20570/tcp, 59736/tcp, 16572/tcp, 7647/tcp, 14447/tcp, 41971/tcp, 35096/tcp, 4583/tcp, 20786/tcp, 27253/tcp, 3780/tcp (Nuzzler Network Protocol), 42677/tcp, 55577/tcp, 49237/tcp, 21363/tcp, 37815/tcp, 2382/tcp (Microsoft OLAP), 51685/tcp, 65274/tcp, 13857/tcp, 58011/tcp, 55443/tcp, 39694/tcp, 19675/tcp, 7319/tcp, 21656/tcp, 56321/tcp, 62069/tcp, 37344/tcp, 50983/tcp, 41211/tcp, 30491/tcp, 21922/tcp, 34451/tcp, 25610/tcp, 34516/tcp, 19017/tcp, 18259/tcp, 4790/tcp, 30471/tcp, 12086/tcp, 42215/tcp, 3210/tcp (Flamenco Networks Proxy), 42441/tcp, 10463/tcp, 46682/tcp, 26451/tcp, 58834/tcp, 44995/tcp, 63121/tcp, 36781/tcp, 57041/tcp, 48346/tcp, 58950/tcp, 12167/tcp, 2868/tcp (NPEP Messaging), 1618/tcp (skytelnet), 2050/tcp (Avaya EMB Config Port), 43958/tcp, 48407/tcp, 12917/tcp, 65096/tcp, 33575/tcp, 19549/tcp, 23767/tcp, 64293/tcp, 36109/tcp, 32975/tcp, 3621/tcp (EPSON Network Screen Port), 41531/tcp, 33125/tcp, 50883/tcp, 11307/tcp, 39659/tcp, 61953/tcp, 16918/tcp, 42258/tcp, 42528/tcp, 57549/tcp, 55647/tcp, 47223/tcp, 63443/tcp, 58653/tcp, 41132/tcp, 58912/tcp, 62478/tcp, 10903/tcp, 8172/tcp, 41979/tcp, 37472/tcp, 21124/tcp, 23215/tcp, 63620/tcp, 61074/tcp, 23257/tcp, 49909/tcp, 64128/tcp, 32654/tcp, 62307/tcp, 13100/tcp, 33109/tcp, 25159/tcp, 14630/tcp, 47309/tcp, 41151/tcp, 33533/tcp, 49876/tcp, 22010/tcp, 33361/tcp, 12452/tcp, 45557/tcp, 2955/tcp (CSNOTIFY), 40982/tcp, 14634/tcp, 18932/tcp, 33767/tcp, 22346/tcp, 62036/tcp, 13535/tcp, 49460/tcp, 13546/tcp, 20649/tcp, 58074/tcp, 37113/tcp, 54601/tcp, 7843/tcp, 42386/tcp, 65257/tcp, 51990/tcp, 19146/tcp, 19864/tcp, 25528/tcp, 22799/tcp, 14224/tcp, 59466/tcp, 19464/tcp, 8050/tcp, 53622/tcp, 35385/tcp, 14944/tcp, 18688/tcp, 8100/tcp (Xprint Server), 17599/tcp, 45834/tcp, 59659/tcp, 54925/tcp, 48758/tcp, 18513/tcp, 62997/tcp, 37244/tcp, 1630/tcp (Oracle Net8 Cman), 4325/tcp (Cadcorp GeognoSIS Manager Service), 50944/tcp, 2511/tcp (Metastorm), 30549/tcp, 7946/tcp, 35511/tcp, 52643/tcp, 5016/tcp, 889/tcp, 12415/tcp, 37773/tcp, 44322/tcp (PCP server (pmcd) proxy), 35598/tcp, 29124/tcp, 1351/tcp (Digital Tool Works (MIT)), 30594/tcp, 7435/tcp, 22603/tcp, 39727/tcp, 33771/tcp, 25306/tcp, 56220/tcp, 34066/tcp, 17220/tcp, 51488/tcp, 8255/tcp, 134/tcp (INGRES-NET Service), 62681/tcp, 33372/tcp, 62310/tcp, 62022/tcp, 33481/tcp, 24421/tcp, 18538/tcp, 24976/tcp, 51508/tcp, 49673/tcp, 51629/tcp, 36356/tcp, 18298/tcp, 23820/tcp, 47879/tcp, 47666/tcp, 49061/tcp, 19254/tcp, 53709/tcp, 11850/tcp, 21289/tcp, 41953/tcp, 8529/tcp, 12502/tcp, 5665/tcp, 3264/tcp (cc:mail/lotus), 1146/tcp (audit transfer), 43305/tcp, 860/tcp (iSCSI), 10411/tcp, 19093/tcp, 33720/tcp, 51109/tcp, 41849/tcp, 33940/tcp, 16460/tcp, 31291/tcp, 25186/tcp, 18847/tcp, 2467/tcp (High Criteria), 21064/tcp, 21412/tcp, 51006/tcp, 64946/tcp, 12712/tcp, 11889/tcp, 10163/tcp, 65024/tcp, 5240/tcp, 63418/tcp, 19311/tcp, 40447/tcp, 58606/tcp, 34104/tcp, 28614/tcp, 2380/tcp, 54205/tcp, 22726/tcp, 61406/tcp, 23755/tcp, 43852/tcp, 40286/tcp, 54878/tcp, 37024/tcp, 18144/tcp, 8438/tcp, 20374/tcp, 26503/tcp, 17024/tcp, 18154/tcp, 19076/tcp, 27536/tcp, 1264/tcp (PRAT), 19642/tcp, 41175/tcp, 47877/tcp, 14778/tcp, 25646/tcp, 59381/tcp, 16504/tcp, 8234/tcp, 25473/tcp, 29294/tcp, 5094/tcp (HART-IP), 4803/tcp (Notateit Messaging), 21059/tcp, 49070/tcp, 62152/tcp, 42618/tcp, 16255/tcp, 49789/tcp, 42945/tcp, 19028/tcp, 6936/tcp (XenSource Management Service), 10444/tcp, 13120/tcp, 29478/tcp, 8696/tcp, 23393/tcp, 25149/tcp, 26406/tcp, 12018/tcp, 41593/tcp, 23042/tcp, 52670/tcp, 7934/tcp, 7801/tcp (Secure Server Protocol - client), 54893/tcp, 59901/tcp, 4746/tcp, 54267/tcp, 19327/tcp, 42502/tcp, 10134/tcp, 39556/tcp, 18448/tcp, 57745/tcp, 39627/tcp, 20720/tcp, 23398/tcp, 9105/tcp (Xadmin Control Service), 33573/tcp, 7264/tcp, 39565/tcp, 54774/tcp, 30585/tcp, 63976/tcp, 39947/tcp, 11645/tcp, 19624/tcp, 22721/tcp, 25581/tcp, 30423/tcp, 5423/tcp (VIRTUALUSER), 49929/tcp, 58570/tcp, 14616/tcp, 19364/tcp, 14191/tcp, 14540/tcp, 16402/tcp, 31108/tcp, 518/tcp (ntalk), 62282/tcp, 14298/tcp, 14486/tcp, 42075/tcp, 39373/tcp, 12643/tcp, 18585/tcp, 32916/tcp, 26002/tcp, 27792/tcp, 49563/tcp, 29535/tcp, 1974/tcp (DRP), 38053/tcp, 632/tcp (bmpp), 64891/tcp, 34370/tcp, 16197/tcp, 23917/tcp, 34117/tcp, 3085/tcp (PCIHReq), 12094/tcp, 39514/tcp, 1321/tcp (PIP), 16476/tcp, 14227/tcp, 51695/tcp, 52875/tcp, 392/tcp (SynOptics Port Broker Port), 46172/tcp, 26225/tcp, 47693/tcp, 42459/tcp, 57885/tcp, 12850/tcp, 1147/tcp (CAPIoverLAN), 62436/tcp, 62174/tcp, 56217/tcp, 35321/tcp, 23521/tcp, 29596/tcp, 30192/tcp, 1305/tcp (pe-mike), 39382/tcp, 18726/tcp, 64315/tcp, 150/tcp (SQL-NET), 3548/tcp (Interworld), 45264/tcp, 23099/tcp, 3006/tcp (Instant Internet Admin), 7818/tcp, 10318/tcp, 11728/tcp, 34172/tcp, 23892/tcp, 4623/tcp, 32163/tcp, 7305/tcp, 28282/tcp, 27652/tcp, 40453/tcp, 27357/tcp, 36403/tcp, 33457/tcp, 42541/tcp, 35245/tcp, 14804/tcp, 20002/tcp (Commtact HTTP), 54949/tcp, 65261/tcp, 2008/tcp (conf), 57387/tcp, 48084/tcp, 53966/tcp, 21027/tcp, 49054/tcp, 13332/tcp, 43016/tcp, 47545/tcp, 30756/tcp, 8045/tcp, 17335/tcp, 10732/tcp, 29104/tcp, 29201/tcp, 40038/tcp, 57201/tcp, 2278/tcp (Simple Stacked Sequences Database), 43688/tcp, 37180/tcp, 5137/tcp (MyCTS server port), 5519/tcp, 23631/tcp, 56796/tcp, 58889/tcp, 7989/tcp, 14172/tcp, 33281/tcp, 16322/tcp, 2242/tcp (Folio Remote Server), 65320/tcp, 22420/tcp, 1426/tcp (Satellite-data Acquisition System 1), 18365/tcp, 56574/tcp, 54152/tcp, 19268/tcp, 5052/tcp (ITA Manager), 37427/tcp, 2616/tcp (appswitch-emp), 41711/tcp, 41118/tcp, 5577/tcp, 16668/tcp, 10659/tcp, 50971/tcp, 42712/tcp, 20903/tcp, 1701/tcp (l2tp), 18750/tcp, 11632/tcp, 56463/tcp, 48858/tcp, 33234/tcp, 4962/tcp, 34540/tcp, 10220/tcp, 12838/tcp, 57494/tcp, 57056/tcp, 41454/tcp, 340/tcp, 27873/tcp, 29916/tcp, 42551/tcp, 4791/tcp, 20847/tcp, 48771/tcp, 51992/tcp, 12271/tcp, 25011/tcp, 17672/tcp, 37771/tcp, 62561/tcp, 15565/tcp, 16679/tcp, 19665/tcp, 46558/tcp, 48154/tcp, 29362/tcp, 13910/tcp, 54942/tcp, 18034/tcp, 10025/tcp, 47895/tcp, 23332/tcp, 49257/tcp, 42230/tcp, 13183/tcp, 55945/tcp, 37968/tcp, 18125/tcp, 54578/tcp, 42801/tcp, 5112/tcp (PeerMe Msg Cmd Service), 30388/tcp, 23697/tcp, 59842/tcp, 37501/tcp, 38165/tcp, 38798/tcp, 3272/tcp (Fujitsu User Manager), 12488/tcp, 6051/tcp, 41595/tcp, 12726/tcp, 3250/tcp (HMS hicp port), 42758/tcp, 11115/tcp, 15032/tcp, 30057/tcp, 46931/tcp, 44341/tcp, 19555/tcp, 54395/tcp, 20948/tcp, 34152/tcp, 59133/tcp, 49194/tcp, 9286/tcp, 14549/tcp, 38261/tcp, 40871/tcp, 62240/tcp, 1768/tcp (cft-7), 58523/tcp, 25819/tcp, 20392/tcp, 4561/tcp, 37356/tcp, 19632/tcp, 57757/tcp, 30295/tcp, 4063/tcp (Ice Firewall Traversal Service (TCP)), 25003/tcp (icl-twobase4), 7746/tcp, 18088/tcp, 64061/tcp, 44567/tcp, 33714/tcp, 5532/tcp, 47339/tcp, 20089/tcp, 2543/tcp (REFTEK), 54694/tcp.
      

Blacklist

Near real-time, easy to use data feed containing IPs reported on our website.

Bronze

$3

Updated daily

Learn More

Silver

$15

Updated every hour

Learn More

Gold

$30

Updated every 10 minutes

Learn More

Remarks

Black hat directory contains this IP address, because Internet users reported it as an address making unsolicited, nagging requests. We make every effort to ensure that the information contained in the Black hat directory are correct and up to date. The database is developed and updated by Internet users and moderators.

If you have any reliable information regarding malicious activity originating from this IP address, please share it with others and fill in the 'Report breach' form. It is prohibited from adding personally identifiable information.

Below breach categories are used in the database:

  • Denial of service attack - this attack is accomplished by flooding the target with massive amount of requests in order to overload the targeted system
  • Brute force attack - this category encompasses attempts to login to machine by trying many passwords and usernames
  • Backdoor attack - this category represents bypassing authentication by hidden programs or services to obtain remote access to a computer or trojan activity
  • Port scan - represents attackers identifying running services on the targeted machine by probing a server for open ports
  • Malicious bot - this category encompasses all bots performing unsolicited requests or ignoring robots.txt file
  • Anonymous proxy - public proxies like Tor, I2P relays or anonymous VPNs are often used by attacker to hide his identity
  • Web attack - attempts to exploit web application security flaws
  • CMS attack - attempts to exploit CMS vulnerability
  • App vulnerability attack - attempts to exploit other applications vulnerability
  • Web spam - encompasses all kind of HTTP spamming
  • Email spam - encompasses all kind of E-mail spamming
  • Dodgy activity - this category encompasses superfluous, dodgy requests

Report breach!

Rate host 92.119.160.141