IP address: 93.174.95.41

Host rating:

2.0

out of 36 votes

Last update: 2020-01-28

Host details

Unknown
Netherlands
Unknown
AS29073 Quasi Networks LTD.
See comments

Reported breaches

  • Port scan
Report breach

Whois record

The publicly-available Whois record found at whois.ripe.net server.

% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
%       To receive output for a database update, use the "-B" flag.

% Information related to '93.174.95.0 - 93.174.95.255'

% Abuse contact for '93.174.95.0 - 93.174.95.255' is '[email protected]'

inetnum:        93.174.95.0 - 93.174.95.255
netname:        NET-3-95
descr:          IPV NETBLOCK
country:        NL
geoloc:         52.370216 4.895168
org:            ORG-IVI1-RIPE
admin-c:        IVI24-RIPE
tech-c:         IVI24-RIPE
status:         ASSIGNED PA
mnt-by:         IPV
mnt-lower:      IPV
mnt-routes:     IPV
created:        2016-01-23T22:25:01Z
last-modified:  2019-02-04T13:13:26Z
source:         RIPE

% Information related to '93.174.95.0/24AS202425'

route:          93.174.95.0/24
origin:         AS202425
remarks:        +-----------------------------------------------
remarks:        | For abuse e-mail [email protected]
remarks:        | We do not always reply to abuse.
remarks:        | But we do take care your report is dealt with!
remarks:        +-----------------------------------------------
mnt-by:         IPV
created:        2019-02-08T16:07:47Z
last-modified:  2019-02-08T16:07:47Z
source:         RIPE

% This query was served by the RIPE Database Query Service version 1.94.1 (WAGYU)


User comments

36 security incident(s) reported by users

BHD Honeypot
Port scan
2020-01-28

In the last 24h, the attacker (93.174.95.41) attempted to scan 499 ports.
The following ports have been scanned: 42000/tcp, 93/tcp (Device Control Protocol), 910/tcp (Kerberized Internet Negotiation of Keys (KINK)), 635/tcp (RLZ DBase), 9018/tcp, 44041/tcp, 6216/tcp, 72/tcp (Remote Job Service), 240/tcp, 3453/tcp (PSC Update Port), 50400/tcp, 555/tcp (dsf), 14647/tcp, 45758/tcp, 1991/tcp (cisco STUN Priority 2 port), 48586/tcp, 9110/tcp, 8855/tcp, 3396/tcp (Printer Agent), 350/tcp (MATIP Type A), 63132/tcp, 9329/tcp, 56869/tcp, 50200/tcp, 13381/tcp, 13579/tcp, 325/tcp, 960/tcp, 3395/tcp (Dyna License Manager (Elam)), 1012/tcp, 9006/tcp, 7788/tcp, 1890/tcp (wilkenListener), 4090/tcp (OMA BCAST Service Guide), 63391/tcp, 4447/tcp (N1-RMGMT), 46869/tcp, 1789/tcp (hello), 2678/tcp (Gadget Gate 2 Way), 1431/tcp (Reverse Gossip Transport), 63392/tcp, 4662/tcp (OrbitNet Message Service), 2652/tcp (InterPathPanel), 8087/tcp (Simplify Media SPP Protocol), 22222/tcp, 8906/tcp, 69/tcp (Trivial File Transfer), 68/tcp (Bootstrap Protocol Client), 6567/tcp (eSilo Storage Protocol), 9239/tcp, 92/tcp (Network Printing Protocol), 5040/tcp, 3213/tcp (NEON 24X7 Mission Control), 2083/tcp (Secure Radius Service), 22021/tcp, 315/tcp (DPSI), 28485/tcp, 2011/tcp (raid), 61819/tcp, 8885/tcp, 94/tcp (Tivoli Object Dispatcher), 7775/tcp, 44243/tcp, 42424/tcp, 7659/tcp, 79/tcp (Finger), 8845/tcp, 580/tcp (SNTP HEARTBEAT), 2302/tcp (Bindery Support), 43637/tcp, 235/tcp, 47172/tcp, 8808/tcp, 5010/tcp (TelepathStart), 83/tcp (MIT ML Device), 63/tcp (whois++), 6884/tcp, 1995/tcp (cisco perf port), 4455/tcp (PR Chat User), 7047/tcp, 8933/tcp, 14344/tcp, 8902/tcp, 41819/tcp, 4030/tcp (Accell/JSP Daemon Port), 8860/tcp, 28081/tcp, 63388/tcp, 49697/tcp, 46364/tcp, 385/tcp (IBM Application), 43839/tcp, 40300/tcp, 62626/tcp, 27879/tcp, 5015/tcp (FileMaker, Inc. - Web publishing), 13390/tcp, 48788/tcp, 460/tcp (skronk), 9977/tcp, 3075/tcp (Orbix 2000 Locator), 520/tcp (extended file name server), 3103/tcp (Autocue SMI Protocol), 1651/tcp (shiva_confsrvr), 30200/tcp, 410/tcp (DECLadebug Remote Debug Protocol), 50700/tcp, 65535/tcp, 3045/tcp (ResponseNet), 57980/tcp, 8008/tcp (HTTP Alternate), 6786/tcp (Sun Java Web Console JMX), 321/tcp (PIP), 5895/tcp, 8172/tcp, 8220/tcp, 58283/tcp, 2080/tcp (Autodesk NLM (FLEXlm)), 64849/tcp, 54647/tcp, 76/tcp (Distributed External Object Store), 46768/tcp, 28586/tcp, 28788/tcp, 46566/tcp, 64950/tcp, 606/tcp (Cray Unified Resource Manager), 1037/tcp (AMS), 56789/tcp, 4060/tcp (DSMETER Inter-Agent Transfer Channel), 935/tcp, 4075/tcp (ISC Alarm Message Service), 6771/tcp (PolyServe https), 4901/tcp (FileLocator Remote Search Agent), 43233/tcp, 8884/tcp, 2912/tcp (Epicon), 8389/tcp, 8100/tcp (Xprint Server), 1029/tcp (Solid Mux Server), 40800/tcp, 9080/tcp (Groove GLRPC), 57/tcp (any private terminal access), 45152/tcp, 264/tcp (BGMP), 46000/tcp, 4321/tcp (Remote Who Is), 6436/tcp, 11110/tcp, 13940/tcp, 390/tcp (UIS), 54/tcp (XNS Clearinghouse), 33914/tcp, 19899/tcp, 7391/tcp (mind-file system server), 8800/tcp (Sun Web Server Admin Service), 3385/tcp (qnxnetman), 8001/tcp (VCOM Tunnel), 32526/tcp, 7987/tcp, 4904/tcp, 29/tcp (MSG ICP), 4894/tcp (LysKOM Protocol A), 3384/tcp (Cluster Management Services), 47879/tcp, 4890/tcp, 4324/tcp (Balour Game Server), 49899/tcp, 51819/tcp, 47778/tcp, 12324/tcp, 5005/tcp (RTP control protocol [RFC 3551][RFC 4571]), 53391/tcp, 3040/tcp (Tomato Springs), 8222/tcp, 1027/tcp, 2200/tcp (ICI), 9016/tcp, 6895/tcp, 540/tcp (uucpd), 3035/tcp (FJSV gssagt), 2892/tcp (SNIFFERDATA), 63233/tcp, 5785/tcp (3PAR Inform Remote Copy), 5000/tcp (commplex-main), 46970/tcp, 2349/tcp (Diagnostics Port), 5905/tcp, 43132/tcp, 8568/tcp, 4563/tcp, 4433/tcp, 8009/tcp, 7897/tcp, 10029/tcp, 4226/tcp, 7127/tcp, 13738/tcp, 47273/tcp, 120/tcp (CFDPTKT), 50300/tcp, 7567/tcp, 258/tcp, 53/tcp (Domain Name Server), 3913/tcp (ListCREATOR Port), 32728/tcp, 45657/tcp, 59/tcp (any private file service), 8867/tcp, 8456/tcp, 300/tcp, 3983/tcp (ESRI Image Service), 259/tcp (Efficient Short Remote Operations), 62425/tcp, 3030/tcp (Arepa Cas), 73/tcp (Remote Job Service), 21314/tcp, 44888/tcp, 44111/tcp, 13032/tcp, 43380/tcp, 47071/tcp, 64142/tcp, 6014/tcp, 13000/tcp, 9949/tcp, 4900/tcp (HyperFileSQL Client/Server Database Engine), 81/tcp, 4080/tcp (Lorica inside facing), 1901/tcp (Fujitsu ICL Terminal Emulator Program A), 10078/tcp, 8002/tcp (Teradata ORDBMS), 3036/tcp (Hagel DUMP), 1026/tcp (Calendar Access Protocol), 63636/tcp, 5030/tcp (SurfPass), 32/tcp, 5677/tcp (Quest Central DB2 Launchr), 44000/tcp, 47474/tcp, 43388/tcp, 8840/tcp, 5566/tcp (Westec Connect), 6050/tcp, 8904/tcp, 55888/tcp, 7133/tcp, 5065/tcp (Channel Access 2), 3567/tcp (Object Access Protocol), 5666/tcp, 42627/tcp, 2562/tcp (Delibo), 8898/tcp, 114/tcp, 3400/tcp (CSMS2), 39/tcp (Resource Location Protocol), 36/tcp, 49596/tcp, 25/tcp (Simple Mail Transfer), 50800/tcp, 1541/tcp (rds2), 1345/tcp (VPJP), 6788/tcp (SMC-HTTP), 195/tcp (DNSIX Network Level Module Audit), 62829/tcp, 3785/tcp (BFD Echo Protocol), 6566/tcp (SANE Control Port), 6883/tcp, 49192/tcp, 8881/tcp, 8390/tcp, 2090/tcp (Load Report Protocol), 1321/tcp (PIP), 27071/tcp, 44222/tcp, 63389/tcp, 615/tcp (Internet Configuration Manager), 2190/tcp (TiVoConnect Beacon), 58585/tcp, 475/tcp (tcpnethaspsrv), 1992/tcp (IPsendmsg), 11222/tcp, 2004/tcp (mailbox), 27576/tcp, 9389/tcp (Active Directory Web Services), 250/tcp, 495/tcp (intecourier), 46667/tcp, 2243/tcp (Magicom Protocol), 4564/tcp, 5117/tcp (GradeCam Image Processing), 1013/tcp, 485/tcp (Air Soft Power Burst), 6668/tcp, 3381/tcp (Geneous), 16/tcp, 13392/tcp, 2967/tcp (SSC-AGENT), 26/tcp, 1233/tcp (Universal App Server), 9459/tcp, 7907/tcp, 481/tcp (Ph service), 87/tcp (any private terminal link), 63380/tcp, 43389/tcp, 260/tcp (Openport), 14000/tcp (SCOTTY High-Speed Filetransfer), 1111/tcp (LM Social Server), 102/tcp (ISO-TSAP Class 0), 531/tcp (chat), 4444/tcp (NV Video default), 46061/tcp, 625/tcp (DEC DLM), 9954/tcp, 123/tcp (Network Time Protocol), 49999/tcp, 9909/tcp (domaintime), 2328/tcp (Netrix SFTM), 505/tcp (mailbox-lm), 91/tcp (MIT Dover Spooler), 9901/tcp, 9915/tcp, 224/tcp (masqdialer), 13637/tcp, 48182/tcp, 9456/tcp, 1235/tcp (mosaicsyssvc1), 19/tcp (Character Generator), 9912/tcp, 55777/tcp, 45051/tcp, 8859/tcp, 7766/tcp, 4674/tcp (AppIQ Agent Management), 8870/tcp, 61112/tcp, 45960/tcp, 42223/tcp, 3893/tcp (CGI StarAPI Server), 27/tcp (NSW User System FE), 98/tcp (TAC News), 155/tcp (NETSC), 6699/tcp, 9567/tcp, 5025/tcp (SCPI-RAW), 5901/tcp, 8000/tcp (iRDMI), 2992/tcp (Avenyo Server), 41011/tcp, 2872/tcp (RADIX), 44444/tcp, 56263/tcp, 14243/tcp, 42324/tcp, 8864/tcp, 8890/tcp (Desktop Data TCP 2), 29091/tcp, 8850/tcp, 5085/tcp (EPCglobal Encrypted LLRP), 280/tcp (http-mgmt), 37/tcp (Time), 29899/tcp, 340/tcp, 57575/tcp, 3873/tcp (fagordnc), 256/tcp (RAP), 3015/tcp (NATI DSTP), 56162/tcp, 12829/tcp, 365/tcp (DTK), 375/tcp (Hassle), 44777/tcp, 11920/tcp, 1015/tcp, 4764/tcp, 5679/tcp (Direct Cable Connect Manager), 333/tcp (Texar Security Port), 412/tcp (Trap Convention Port), 67/tcp (Bootstrap Protocol Server), 64/tcp (Communications Integrator (CI)), 54950/tcp, 44999/tcp, 7724/tcp (Novell Snap-in Deep Freeze Control), 54545/tcp, 27778/tcp, 5080/tcp (OnScreen Data Collection Service), 49798/tcp, 160/tcp (SGMP-TRAPS), 31617/tcp, 2270/tcp (starSchool), 7457/tcp, 44555/tcp, 8814/tcp, 8918/tcp, 50900/tcp, 28687/tcp, 38/tcp (Route Access Protocol), 500/tcp (isakmp), 607/tcp (nqs), 12000/tcp (IBM Enterprise Extender SNA XID Exchange), 9992/tcp (OnLive-1), 5765/tcp, 7707/tcp (EM7 Dynamic Updates), 9191/tcp (Sun AppSvr JPDA), 62324/tcp, 41516/tcp, 43434/tcp, 12425/tcp, 1891/tcp (ChildKey Notification), 13536/tcp, 9099/tcp, 11718/tcp, 4561/tcp, 7234/tcp, 7437/tcp (Faximum), 9659/tcp, 8086/tcp (Distributed SCADA Networking Rendezvous Port), 74/tcp (Remote Job Service), 7456/tcp, 4050/tcp (Wide Area File Services), 22829/tcp, 7589/tcp, 12930/tcp, 1009/tcp, 48990/tcp.
      
BHD Honeypot
Port scan
2020-01-27

In the last 24h, the attacker (93.174.95.41) attempted to scan 538 ports.
The following ports have been scanned: 7901/tcp (TNOS Service Protocol), 42000/tcp, 8074/tcp (Gadu-Gadu), 43031/tcp, 635/tcp (RLZ DBase), 9018/tcp, 652/tcp (HELLO_PORT), 39596/tcp, 2901/tcp (ALLSTORCNS), 9489/tcp, 33395/tcp, 72/tcp (Remote Job Service), 9978/tcp, 530/tcp (rpc), 215/tcp (Insignia Solutions), 3453/tcp (PSC Update Port), 34142/tcp, 3123/tcp (EDI Translation Protocol), 1451/tcp (IBM Information Management), 735/tcp, 2260/tcp (APC 2260), 2222/tcp (EtherNet/IP I/O), 8500/tcp (Flight Message Transfer Protocol), 3396/tcp (Printer Agent), 9000/tcp (CSlistener), 61011/tcp, 6456/tcp, 46162/tcp, 45556/tcp, 13334/tcp, 9089/tcp (IBM Informix SQL Interface - Encrypted), 4345/tcp (Macro 4 Network AS), 795/tcp, 9090/tcp (WebSM), 26768/tcp, 325/tcp, 9679/tcp, 24344/tcp, 4123/tcp (Zensys Z-Wave Control Protocol), 51314/tcp, 7899/tcp, 30001/tcp (Pago Services 1), 1012/tcp, 8815/tcp, 800/tcp (mdbs_daemon), 61016/tcp, 9696/tcp, 400/tcp (Oracle Secure Backup), 60001/tcp, 2105/tcp (MiniPay), 59999/tcp, 46869/tcp, 111/tcp (SUN Remote Procedure Call), 2678/tcp (Gadget Gate 2 Way), 1031/tcp (BBN IAD), 9993/tcp (OnLive-2), 63392/tcp, 42829/tcp, 1871/tcp (Cano Central 0), 7898/tcp, 25859/tcp, 9239/tcp, 9011/tcp, 3455/tcp (RSVP Port), 9060/tcp, 92/tcp (Network Printing Protocol), 2789/tcp (Media Agent), 8458/tcp, 33536/tcp, 780/tcp (wpgs), 48081/tcp, 2221/tcp (Rockwell CSP1), 3050/tcp (gds_db), 40500/tcp, 50100/tcp, 44243/tcp, 42424/tcp, 8348/tcp, 1761/tcp (cft-0), 3457/tcp (VAT default control), 44748/tcp, 3383/tcp (Enterprise Software Products License Manager), 43637/tcp, 7778/tcp (Interwise), 352/tcp (bhoedap4 (added 5/21/97)), 90/tcp (DNSIX Securit Attribute Token Map), 5010/tcp (TelepathStart), 44647/tcp, 4455/tcp (PR Chat User), 10009/tcp (Systemwalker Desktop Patrol), 31013/tcp, 37071/tcp, 8933/tcp, 8090/tcp, 41819/tcp, 4030/tcp (Accell/JSP Daemon Port), 8820/tcp, 1028/tcp, 41718/tcp, 64000/tcp, 63388/tcp, 35556/tcp, 46364/tcp, 1341/tcp (QuBES), 3387/tcp (Back Room Net), 7723/tcp, 8765/tcp (Ultraseek HTTP), 7891/tcp, 59394/tcp, 43839/tcp, 40300/tcp, 5345/tcp, 9995/tcp (Palace-4), 62626/tcp, 5015/tcp (FileMaker, Inc. - Web publishing), 62000/tcp, 10008/tcp (Octopus Multiplexer), 3075/tcp (Orbix 2000 Locator), 6999/tcp (IATP-normalPri), 45253/tcp, 520/tcp (extended file name server), 8839/tcp, 1651/tcp (shiva_confsrvr), 4562/tcp, 36667/tcp, 3544/tcp (Teredo Port), 261/tcp (IIOP Name Service over TLS/SSL), 8008/tcp (HTTP Alternate), 270/tcp, 40600/tcp, 321/tcp (PIP), 63435/tcp, 9234/tcp, 8220/tcp, 4045/tcp (Network Paging Protocol), 9919/tcp, 8900/tcp (JMB-CDS 1), 1034/tcp (ActiveSync Notifications), 44440/tcp, 64849/tcp, 2211/tcp (EMWIN), 1016/tcp, 76/tcp (Distributed External Object Store), 64950/tcp, 3000/tcp (RemoteWare Client), 3065/tcp (slinterbase), 8567/tcp (Object Access Protocol Administration), 2272/tcp (Meeting Maker Scheduling), 44546/tcp, 49494/tcp, 42526/tcp, 4075/tcp (ISC Alarm Message Service), 7799/tcp (Alternate BSDP Service), 870/tcp, 44142/tcp, 33888/tcp, 8884/tcp, 2912/tcp (Epicon), 50001/tcp, 7312/tcp, 10013/tcp, 5510/tcp, 8989/tcp (Sun Web Server SSL Admin Service), 62122/tcp, 3452/tcp (SABP-Signalling Protocol), 502/tcp (asa-appl-proto), 46000/tcp, 29798/tcp, 4321/tcp (Remote Who Is), 65/tcp (TACACS-Database Service), 1080/tcp (Socks), 3080/tcp (stm_pproc), 390/tcp (UIS), 42930/tcp, 33914/tcp, 42021/tcp, 8830/tcp, 8886/tcp, 8800/tcp (Sun Web Server Admin Service), 8001/tcp (VCOM Tunnel), 13/tcp (Daytime (RFC 867)), 22000/tcp (SNAPenetIO), 42024/tcp, 4070/tcp (Trivial IP Encryption (TrIPE)), 4446/tcp (N1-FWP), 210/tcp (ANSI Z39.50), 70/tcp (Gopher), 7987/tcp, 4904/tcp, 63390/tcp, 48/tcp (Digital Audit Daemon), 33909/tcp, 33918/tcp, 36162/tcp, 4324/tcp (Balour Game Server), 8905/tcp, 62021/tcp, 10101/tcp (eZmeeting), 2250/tcp (remote-collab), 1122/tcp (availant-mgr), 6114/tcp (WRspice IPC Service), 28000/tcp (NX License Manager), 43390/tcp, 8861/tcp, 2040/tcp (lam), 8128/tcp (PayCash Online Protocol), 305/tcp, 2251/tcp (Distributed Framework Port), 9016/tcp, 33940/tcp, 7779/tcp (VSTAT), 26364/tcp, 3035/tcp (FJSV gssagt), 3055/tcp (Policy Server), 3392/tcp (EFI License Management), 6888/tcp (MUSE), 64646/tcp, 44666/tcp, 4104/tcp (Braille protocol), 7080/tcp (EmpowerID Communication), 8080/tcp (HTTP Alternate (see port 80)), 43132/tcp, 20/tcp (File Transfer [Default Data]), 78/tcp (vettcp), 9910/tcp, 43/tcp (Who Is), 8789/tcp, 7897/tcp, 40700/tcp, 55758/tcp, 2233/tcp (INFOCRYPT), 1604/tcp (icabrowser), 4750/tcp (Simple Service Auto Discovery), 4224/tcp, 63738/tcp, 2016/tcp (bootserver), 120/tcp (CFDPTKT), 30100/tcp, 258/tcp, 3394/tcp (D2K Tapestry Server to Server), 23637/tcp, 7005/tcp (volume managment server), 33382/tcp, 3913/tcp (ListCREATOR Port), 64041/tcp, 3451/tcp (ASAM Services), 45657/tcp, 905/tcp, 59/tcp (any private file service), 8867/tcp, 2145/tcp (Live Vault Remote Diagnostic Console Support), 7999/tcp (iRDMI2), 3070/tcp (MGXSWITCH), 45000/tcp, 9549/tcp, 46/tcp (MPM [default send]), 9014/tcp, 1232/tcp, 8823/tcp, 17/tcp (Quote of the Day), 2890/tcp (CSPCLMULTI), 185/tcp (Remote-KIS), 550/tcp (new-who), 44111/tcp, 33884/tcp, 47071/tcp, 64142/tcp, 490/tcp (micom-pfs), 2672/tcp (nhserver), 202/tcp (AppleTalk Name Binding), 37172/tcp, 4080/tcp (Lorica inside facing), 1201/tcp (Nucleus Sand Database Server), 4569/tcp (Inter-Asterisk eXchange), 9013/tcp, 8002/tcp (Teradata ORDBMS), 3036/tcp (Hagel DUMP), 42/tcp (Host Name Server), 1026/tcp (Calendar Access Protocol), 63636/tcp, 5677/tcp (Quest Central DB2 Launchr), 44000/tcp, 43388/tcp, 71/tcp (Remote Job Service), 52/tcp (XNS Time Protocol), 36566/tcp, 45859/tcp, 8904/tcp, 40001/tcp, 411/tcp (Remote MT Protocol), 4672/tcp (remote file access server), 2086/tcp (GNUnet), 5035/tcp, 42627/tcp, 3400/tcp (CSMS2), 8887/tcp, 3034/tcp (Osmosis / Helix (R) AEEA Port), 39/tcp (Resource Location Protocol), 8899/tcp (ospf-lite), 34/tcp, 35/tcp (any private printer server), 3785/tcp (BFD Echo Protocol), 425/tcp (ICAD), 6876/tcp, 8881/tcp, 1239/tcp (NMSD), 3085/tcp (PCIHReq), 38788/tcp, 36768/tcp, 2190/tcp (TiVoConnect Beacon), 44849/tcp, 7917/tcp, 8345/tcp, 64546/tcp, 465/tcp (URL Rendesvous Directory for SSM), 420/tcp (SMPTE), 2234/tcp (DirectPlay), 8889/tcp (Desktop Data TCP 1), 33335/tcp, 41000/tcp, 790/tcp, 7657/tcp, 9389/tcp (Active Directory Web Services), 4568/tcp (BMC Reporting), 61718/tcp, 2243/tcp (Magicom Protocol), 450/tcp (Computer Supported Telecomunication Applications), 1013/tcp, 4678/tcp (boundary traversal), 61/tcp (NI MAIL), 510/tcp (FirstClass Protocol), 1234/tcp (Infoseek Search Agent), 4654/tcp, 9459/tcp, 40000/tcp (SafetyNET p), 50000/tcp, 481/tcp (Ph service), 63380/tcp, 600/tcp (Sun IPC server), 8010/tcp, 260/tcp (Openport), 3090/tcp (Senforce Session Services), 4444/tcp (NV Video default), 33921/tcp, 46061/tcp, 9879/tcp, 30500/tcp, 2328/tcp (Netrix SFTM), 3459/tcp (TIP Integral), 33917/tcp, 24546/tcp, 3763/tcp (XO Wave Control Port), 3333/tcp (DEC Notes), 9456/tcp, 1235/tcp (mosaicsyssvc1), 64748/tcp, 9912/tcp, 65000/tcp, 37475/tcp (science + computing's Venus Administration Port), 7766/tcp, 4674/tcp (AppIQ Agent Management), 45454/tcp, 45960/tcp, 216/tcp (Computer Associates Int'l License Server), 10004/tcp (EMC Replication Manager Client), 98/tcp (TAC News), 712/tcp (TBRPF), 50123/tcp, 2343/tcp (nati logos), 61314/tcp, 44950/tcp, 9567/tcp, 41011/tcp, 2872/tcp (RADIX), 44444/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 21617/tcp, 42324/tcp, 46263/tcp, 8999/tcp (Brodos Crypto Trade Protocol), 37/tcp (Time), 830/tcp (NETCONF over SSH), 58990/tcp, 43391/tcp, 9994/tcp (OnLive-3), 8768/tcp, 29899/tcp, 340/tcp, 47576/tcp, 27980/tcp, 256/tcp (RAP), 3015/tcp (NATI DSTP), 63031/tcp, 245/tcp (LINK), 44777/tcp, 9123/tcp, 7831/tcp, 333/tcp (Texar Security Port), 46464/tcp, 64/tcp (Communications Integrator (CI)), 8868/tcp, 9349/tcp, 720/tcp, 990/tcp (ftp protocol, control, over TLS/SSL), 85/tcp (MIT ML Device), 3380/tcp (SNS Channels), 882/tcp, 3397/tcp (Cloanto License Manager), 45/tcp (Message Processing Module [recv]), 18/tcp (Message Send Protocol), 9500/tcp (ismserver), 2170/tcp (EyeTV Server Port), 44555/tcp, 61920/tcp, 8814/tcp, 5123/tcp, 8918/tcp, 30/tcp, 23388/tcp, 415/tcp (BNet), 2102/tcp (Zephyr server), 7713/tcp, 9992/tcp (OnLive-1), 8908/tcp, 9100/tcp (Printer PDL Data Stream), 9191/tcp (Sun AppSvr JPDA), 33387/tcp, 37576/tcp, 1238/tcp (hacl-qs), 41617/tcp, 43434/tcp, 2945/tcp (H248 Binary), 9099/tcp, 605/tcp (SOAP over BEEP), 8882/tcp, 41213/tcp, 2809/tcp (CORBA LOC), 7437/tcp (Faximum), 9659/tcp, 74/tcp (Remote Job Service), 45354/tcp, 9950/tcp (APC 9950), 1009/tcp, 33637/tcp, 31/tcp (MSG Authentication), 2348/tcp (Information to query for game status), 39293/tcp, 1214/tcp (KAZAA), 12223/tcp, 3322/tcp (-3325  Active Networks), 2247/tcp (Antidote Deployment Manager Service).
      
BHD Honeypot
Port scan
2020-01-26

In the last 24h, the attacker (93.174.95.41) attempted to scan 615 ports.
The following ports have been scanned: 7901/tcp (TNOS Service Protocol), 8074/tcp (Gadu-Gadu), 5672/tcp (AMQP), 1006/tcp, 1237/tcp (tsdos390), 10032/tcp, 700/tcp (Extensible Provisioning Protocol), 43031/tcp, 910/tcp (Kerberized Internet Negotiation of Keys (KINK)), 3005/tcp (Genius License Manager), 23392/tcp, 1022/tcp (RFC3692-style Experiment 2 (*)    [RFC4727]), 9018/tcp, 44041/tcp, 10005/tcp (EMC Replication Manager Server), 9990/tcp (OSM Applet Server), 2901/tcp (ALLSTORCNS), 2370/tcp (L3-HBMon), 5215/tcp, 8088/tcp (Radan HTTP), 347/tcp (Fatmen Server), 1032/tcp (BBN IAD), 3453/tcp (PSC Update Port), 3398/tcp (Mercantile), 1451/tcp (IBM Information Management), 35000/tcp, 405/tcp (ncld), 23000/tcp (Inova LightLink Server Type 1), 33903/tcp, 35051/tcp, 190/tcp (Gateway Access Control Protocol), 33388/tcp, 1000/tcp (cadlock2), 11444/tcp, 23940/tcp, 2222/tcp (EtherNet/IP I/O), 2224/tcp (Easy Flexible Internet/Multiplayer Games), 9000/tcp (CSlistener), 60500/tcp, 63334/tcp, 9329/tcp, 33905/tcp, 10054/tcp, 680/tcp (entrust-aaas), 29999/tcp, 4345/tcp (Macro 4 Network AS), 9090/tcp (WebSM), 7100/tcp (X Font Service), 26566/tcp, 30300/tcp, 3390/tcp (Distributed Service Coordinator), 1003/tcp, 9006/tcp, 820/tcp, 36465/tcp, 111/tcp (SUN Remote Procedure Call), 1031/tcp (BBN IAD), 2082/tcp (Infowave Mobility Server), 3673/tcp (Openview Media Vault GUI), 8851/tcp, 38000/tcp, 1431/tcp (Reverse Gossip Transport), 2652/tcp (InterPathPanel), 970/tcp, 11190/tcp, 8906/tcp, 34748/tcp, 6567/tcp (eSilo Storage Protocol), 7898/tcp, 7894/tcp, 9011/tcp, 30600/tcp, 909/tcp, 380/tcp (TIA/EIA/IS-99 modem server), 3344/tcp (BNT Manager), 10021/tcp, 780/tcp (wpgs), 9833/tcp, 34243/tcp, 2221/tcp (Rockwell CSP1), 2011/tcp (raid), 1024/tcp (Reserved), 33885/tcp, 620/tcp (SCO WebServer Manager), 31011/tcp, 42424/tcp, 19920/tcp, 1761/tcp (cft-0), 23391/tcp, 64243/tcp, 580/tcp (SNTP HEARTBEAT), 61415/tcp, 2302/tcp (Bindery Support), 25051/tcp, 31920/tcp, 395/tcp (NetScout Control Protocol), 96/tcp (DIXIE Protocol Specification), 30900/tcp, 7773/tcp, 83/tcp (MIT ML Device), 1995/tcp (cisco perf port), 991/tcp (Netnews Administration System), 31013/tcp, 7047/tcp, 37071/tcp, 11777/tcp, 8933/tcp, 8902/tcp, 8090/tcp, 2782/tcp (everydayrc), 41819/tcp, 8820/tcp, 8860/tcp, 7070/tcp (ARCP), 64000/tcp, 63388/tcp, 24950/tcp, 33383/tcp, 35556/tcp, 1341/tcp (QuBES), 4035/tcp (WAP Push OTA-HTTP port), 1004/tcp, 8765/tcp (Ultraseek HTTP), 385/tcp (IBM Application), 404/tcp (nced), 10003/tcp (EMC-Documentum Content Server Product), 8907/tcp, 37879/tcp, 29495/tcp, 10055/tcp (Quantapoint FLEXlm Licensing Service), 754/tcp (send), 1567/tcp (jlicelmd), 31112/tcp, 3075/tcp (Orbix 2000 Locator), 34647/tcp, 520/tcp (extended file name server), 222/tcp (Berkeley rshd with SPX auth), 1651/tcp (shiva_confsrvr), 33381/tcp, 303/tcp, 30200/tcp, 33887/tcp, 2225/tcp (Resource Connection Initiation Protocol), 11555/tcp, 3060/tcp (interserver), 10333/tcp, 751/tcp (pump), 5505/tcp (Checkout Database), 63435/tcp, 1090/tcp (FF Fieldbus Message Specification), 30389/tcp, 8869/tcp, 900/tcp (OMG Initial Refs), 165/tcp (Xerox), 63940/tcp, 7089/tcp, 8900/tcp (JMB-CDS 1), 1034/tcp (ActiveSync Notifications), 22220/tcp, 24000/tcp (med-ltp), 8891/tcp (Desktop Data TCP 3: NESS application), 180/tcp (Intergraph), 9017/tcp, 28586/tcp, 64950/tcp, 3000/tcp (RemoteWare Client), 33910/tcp, 3065/tcp (slinterbase), 4747/tcp, 606/tcp (Cray Unified Resource Manager), 1037/tcp (AMS), 835/tcp, 23390/tcp, 22999/tcp, 1231/tcp (menandmice-lpm), 935/tcp, 1020/tcp, 7799/tcp (Alternate BSDP Service), 44142/tcp, 6771/tcp (PolyServe https), 6969/tcp (acmsoda), 33908/tcp, 2542/tcp (uDraw(Graph)), 10015/tcp, 10020/tcp, 1021/tcp (RFC3692-style Experiment 1 (*)    [RFC4727]), 43233/tcp, 11111/tcp (Viral Computing Environment (VCE)), 6787/tcp (Sun Web Console Admin), 8884/tcp, 6902/tcp, 2912/tcp (Epicon), 11001/tcp (Metasys), 11000/tcp (IRISA), 1002/tcp, 33394/tcp, 1029/tcp (Solid Mux Server), 9946/tcp, 6117/tcp (Daylite Touch Sync), 9080/tcp (Groove GLRPC), 33132/tcp, 980/tcp, 38081/tcp, 32829/tcp, 264/tcp (BGMP), 8291/tcp, 10017/tcp, 38182/tcp, 502/tcp (asa-appl-proto), 4321/tcp (Remote Who Is), 895/tcp, 11110/tcp, 2095/tcp (NBX SER), 2042/tcp (isis), 36869/tcp, 38990/tcp, 23334/tcp, 36000/tcp, 903/tcp (self documenting Telnet Panic Door), 11333/tcp, 3386/tcp (GPRS Data), 23456/tcp (Aequus Service), 3385/tcp (qnxnetman), 8001/tcp (VCOM Tunnel), 210/tcp (ANSI Z39.50), 9007/tcp, 23839/tcp, 48/tcp (Digital Audit Daemon), 4085/tcp (EZNews Newsroom Message Service), 337/tcp, 36162/tcp, 1236/tcp (bvcontrol), 5511/tcp, 62021/tcp, 6123/tcp (Backup Express), 7306/tcp, 7171/tcp (Discovery and Retention Mgt Production), 1311/tcp (RxMon), 1122/tcp (availant-mgr), 22444/tcp, 1313/tcp (BMC_PATROLDB), 645/tcp (PSSC), 2456/tcp (altav-remmgt), 710/tcp (Entrust Administration Service Handler), 2040/tcp (lam), 33320/tcp, 7217/tcp, 10047/tcp, 1027/tcp, 10056/tcp, 860/tcp (iSCSI), 33898/tcp, 360/tcp (scoi2odialog), 540/tcp (uucpd), 10111/tcp, 3055/tcp (Policy Server), 64646/tcp, 920/tcp, 33392/tcp, 4104/tcp (Braille protocol), 56768/tcp, 43/tcp (Who Is), 29000/tcp, 10034/tcp, 10029/tcp, 40700/tcp, 7127/tcp, 8940/tcp, 2233/tcp (INFOCRYPT), 2100/tcp (Amiga Network Filesystem), 4224/tcp, 28990/tcp, 5325/tcp, 2016/tcp (bootserver), 26970/tcp, 3394/tcp (D2K Tapestry Server to Server), 8894/tcp (Desktop Data TCP 6: COAL application), 23637/tcp, 32728/tcp, 2427/tcp (Media Gateway Control Protocol Gateway), 8867/tcp, 9043/tcp, 930/tcp, 7999/tcp (iRDMI2), 10042/tcp, 2315/tcp (Precise Sft.), 7025/tcp (Vormetric Service II), 33397/tcp, 5673/tcp (JACL Message Server), 148/tcp (Jargon), 300/tcp, 8823/tcp, 7896/tcp, 2762/tcp (DICOM TLS), 2432/tcp (codasrv), 7892/tcp, 2890/tcp (CSPCLMULTI), 33336/tcp, 33330/tcp, 62425/tcp, 901/tcp (SMPNAMERES), 8300/tcp (Transport Management Interface), 44888/tcp, 8678/tcp, 808/tcp, 1248/tcp (hermes), 7776/tcp, 23031/tcp, 7780/tcp, 37172/tcp, 9949/tcp, 1010/tcp (surf), 3391/tcp (SAVANT), 4569/tcp (Inter-Asterisk eXchange), 9013/tcp, 1036/tcp (Nebula Secure Segment Transfer Protocol), 33111/tcp, 23389/tcp, 3036/tcp (Hagel DUMP), 5030/tcp (SurfPass), 30003/tcp, 2594/tcp (Data Base Server), 52/tcp (XNS Time Protocol), 22666/tcp, 5566/tcp (Westec Connect), 105/tcp (Mailbox Name Nameserver), 5666/tcp, 5035/tcp, 8898/tcp, 9015/tcp, 904/tcp, 1167/tcp (Cisco IP SLAs Control Protocol), 8887/tcp, 2007/tcp (dectalk), 3034/tcp (Osmosis / Helix (R) AEEA Port), 8901/tcp (JMB-CDS 2), 4004/tcp (pxc-roid), 1033/tcp (local netinfo port), 8899/tcp (ospf-lite), 6788/tcp (SMC-HTTP), 34/tcp, 6883/tcp, 6876/tcp, 10500/tcp, 10555/tcp, 11617/tcp, 28384/tcp, 38788/tcp, 1008/tcp, 1321/tcp (PIP), 27071/tcp, 2070/tcp (AH and ESP Encapsulated in UDP packet), 44222/tcp, 1005/tcp, 2190/tcp (TiVoConnect Beacon), 33398/tcp, 420/tcp (SMPTE), 37980/tcp, 2014/tcp (troff), 815/tcp, 8889/tcp (Desktop Data TCP 1), 33907/tcp, 4124/tcp (Rohill TetraNode Ip Gateway v2), 11222/tcp, 38283/tcp, 790/tcp, 1007/tcp, 29596/tcp, 7657/tcp, 4564/tcp, 450/tcp (Computer Supported Telecomunication Applications), 35960/tcp, 810/tcp (FCP), 61/tcp (NI MAIL), 23536/tcp, 925/tcp, 2967/tcp (SSC-AGENT), 6234/tcp, 554/tcp (Real Time Streaming Protocol (RTSP)), 1234/tcp (Infoseek Search Agent), 26/tcp, 996/tcp (vsinet), 33892/tcp, 10027/tcp, 1111/tcp (LM Social Server), 7777/tcp (cbt), 33399/tcp, 33897/tcp, 3090/tcp (Senforce Session Services), 7123/tcp, 625/tcp (DEC DLM), 865/tcp, 7020/tcp (DP Serve), 1019/tcp, 2129/tcp (cs-live.com), 3459/tcp (TIP Integral), 224/tcp (masqdialer), 205/tcp (AppleTalk Unused), 24546/tcp, 39798/tcp, 1235/tcp (mosaicsyssvc1), 7769/tcp, 1023/tcp, 22777/tcp, 8859/tcp, 1011/tcp, 216/tcp (Computer Associates Int'l License Server), 22627/tcp, 33915/tcp, 3893/tcp (CGI StarAPI Server), 2242/tcp (Folio Remote Server), 37273/tcp, 27/tcp (NSW User System FE), 7001/tcp (callbacks to cache managers), 113/tcp (Authentication Service), 6882/tcp, 1017/tcp, 33391/tcp, 36970/tcp, 56000/tcp, 33924/tcp, 2452/tcp (SnifferClient), 8890/tcp (Desktop Data TCP 2), 2096/tcp (NBX DIR), 35859/tcp, 29091/tcp, 220/tcp (Interactive Mail Access Protocol v3), 280/tcp (http-mgmt), 37/tcp (Time), 830/tcp (NETCONF over SSH), 945/tcp, 43391/tcp, 752/tcp (qrh), 4565/tcp, 256/tcp (RAP), 3015/tcp (NATI DSTP), 10000/tcp (Network Data Management Protocol), 33666/tcp, 365/tcp (DTK), 63031/tcp, 5456/tcp (APC 5456), 245/tcp (LINK), 34849/tcp, 40900/tcp, 7895/tcp, 1015/tcp, 33899/tcp, 22728/tcp, 33350/tcp, 2710/tcp (SSO Service), 34546/tcp, 19293/tcp, 9349/tcp, 2085/tcp (ADA Control), 33333/tcp (Digital Gaslight Service), 720/tcp, 39697/tcp, 27778/tcp, 33901/tcp, 3397/tcp (Cloanto License Manager), 1085/tcp (Web Objects), 39495/tcp, 26000/tcp (quake), 18/tcp (Message Send Protocol), 31617/tcp, 7457/tcp, 10077/tcp, 9991/tcp (OSM Event Server), 30/tcp, 10038/tcp, 6051/tcp, 415/tcp (BNet), 8880/tcp (CDDBP), 9769/tcp, 3382/tcp (Fujitsu Network Enhanced Antitheft function), 33807/tcp, 750/tcp (rfile), 9100/tcp (Printer PDL Data Stream), 9191/tcp (Sun AppSvr JPDA), 8189/tcp, 1238/tcp (hacl-qs), 41516/tcp, 33380/tcp, 24041/tcp, 3388/tcp (CB Server), 11888/tcp, 2945/tcp (H248 Binary), 560/tcp (rmonitord), 7010/tcp (onlinet uninterruptable power supplies), 11718/tcp, 8882/tcp, 10002/tcp (EMC-Documentum Content Server Product), 2809/tcp (CORBA LOC), 9659/tcp, 7237/tcp, 29697/tcp, 8086/tcp (Distributed SCADA Networking Rendezvous Port), 175/tcp (VMNET), 30700/tcp, 911/tcp (xact-backup), 35657/tcp, 1009/tcp, 39899/tcp, 1214/tcp (KAZAA).
      
BHD Honeypot
Port scan
2020-01-25

In the last 24h, the attacker (93.174.95.41) attempted to scan 529 ports.
The following ports have been scanned: 23738/tcp, 34950/tcp, 51718/tcp, 42000/tcp, 1006/tcp, 103/tcp (Genesis Point-to-Point Trans Net), 22324/tcp, 32425/tcp, 700/tcp (Extensible Provisioning Protocol), 910/tcp (Kerberized Internet Negotiation of Keys (KINK)), 62223/tcp, 635/tcp (RLZ DBase), 1022/tcp (RFC3692-style Experiment 2 (*)    [RFC4727]), 652/tcp (HELLO_PORT), 8088/tcp (Radan HTTP), 24445/tcp, 53132/tcp, 60/tcp, 75/tcp (any private dial out service), 33903/tcp, 35051/tcp, 32122/tcp, 8855/tcp, 1000/tcp (cadlock2), 23940/tcp, 7678/tcp, 7787/tcp (Popup Reminders Receive), 8825/tcp, 13334/tcp, 660/tcp (MacOS Server Admin), 16869/tcp, 29999/tcp, 795/tcp, 2341/tcp (XIO Status), 26768/tcp, 7100/tcp (X Font Service), 13579/tcp, 31718/tcp, 7899/tcp, 1003/tcp, 30001/tcp (Pago Services 1), 1012/tcp, 8815/tcp, 800/tcp (mdbs_daemon), 7788/tcp, 61016/tcp, 19394/tcp, 60001/tcp, 1031/tcp (BBN IAD), 54142/tcp, 8851/tcp, 17374/tcp, 725/tcp, 6986/tcp, 63392/tcp, 4662/tcp (OrbitNet Message Service), 60006/tcp, 34748/tcp, 7781/tcp (accu-lmgr), 61213/tcp, 2083/tcp (Secure Radius Service), 780/tcp (wpgs), 30000/tcp, 61819/tcp, 1024/tcp (Reserved), 7775/tcp, 33929/tcp, 31011/tcp, 985/tcp, 8845/tcp, 23391/tcp, 35758/tcp, 690/tcp (Velazquez Application Transfer Protocol), 61415/tcp, 2302/tcp (Bindery Support), 8123/tcp, 31920/tcp, 24647/tcp, 235/tcp, 144/tcp (Universal Management Architecture), 33300/tcp, 850/tcp, 8808/tcp, 10081/tcp (FAM Archive Server), 5010/tcp (TelepathStart), 7773/tcp, 82/tcp (XFER Utility), 56/tcp (XNS Authentication), 11777/tcp, 8090/tcp, 20001/tcp (MicroSAN), 17677/tcp, 31819/tcp, 1028/tcp, 430/tcp (UTMPSD), 7070/tcp (ARCP), 64000/tcp, 24950/tcp, 32627/tcp, 18788/tcp, 1004/tcp, 33911/tcp, 49/tcp (Login Host Protocol (TACACS)), 7891/tcp, 385/tcp (IBM Application), 404/tcp (nced), 34445/tcp, 10003/tcp (EMC-Documentum Content Server Product), 5345/tcp, 20000/tcp (DNP), 650/tcp (OBEX), 29495/tcp, 460/tcp (skronk), 62000/tcp, 2075/tcp (Newlix ServerWare Engine), 22425/tcp, 48283/tcp, 999/tcp (puprouter), 30200/tcp, 659/tcp, 57980/tcp, 261/tcp (IIOP Name Service over TLS/SSL), 22526/tcp, 270/tcp, 7889/tcp, 753/tcp (rrh), 33803/tcp, 10044/tcp, 52223/tcp, 63435/tcp, 1090/tcp (FF Fieldbus Message Specification), 30389/tcp, 165/tcp (Xerox), 26667/tcp, 8443/tcp (PCsync HTTPS), 64849/tcp, 7547/tcp (DSL Forum CWMP), 60000/tcp, 1016/tcp, 28586/tcp, 28788/tcp, 33910/tcp, 2272/tcp (Meeting Maker Scheduling), 835/tcp, 56789/tcp, 23390/tcp, 4060/tcp (DSMETER Inter-Agent Transfer Channel), 23380/tcp, 22999/tcp, 685/tcp (MDC Port Mapper), 1231/tcp (menandmice-lpm), 61000/tcp, 1020/tcp, 7799/tcp (Alternate BSDP Service), 8767/tcp, 2542/tcp (uDraw(Graph)), 35253/tcp, 55253/tcp, 6787/tcp (Sun Web Console Admin), 33031/tcp, 1029/tcp (Solid Mux Server), 10035/tcp, 32829/tcp, 62122/tcp, 38182/tcp, 33100/tcp, 46000/tcp, 29798/tcp, 127/tcp (Locus PC-Interface Conn Server), 33738/tcp, 21516/tcp, 58485/tcp, 19596/tcp, 1080/tcp (Socks), 23334/tcp, 33914/tcp, 100/tcp ([unauthorized use]), 23456/tcp (Aequus Service), 4446/tcp (N1-FWP), 18384/tcp, 52627/tcp, 675/tcp (DCTP), 7987/tcp, 63390/tcp, 31415/tcp, 29/tcp (MSG ICP), 24748/tcp, 53390/tcp, 48/tcp (Digital Audit Daemon), 47/tcp (NI FTP), 940/tcp, 6898/tcp, 36162/tcp, 36061/tcp, 4324/tcp (Balour Game Server), 16364/tcp, 33883/tcp, 33390/tcp, 2250/tcp (remote-collab), 33895/tcp, 645/tcp (PSSC), 2060/tcp (Telenium Daemon IF), 53391/tcp, 10047/tcp, 1027/tcp, 860/tcp (iSCSI), 9979/tcp, 8658/tcp, 360/tcp (scoi2odialog), 84/tcp (Common Trace Facility), 26364/tcp, 920/tcp, 63233/tcp, 7389/tcp, 44666/tcp, 7080/tcp (EmpowerID Communication), 22333/tcp, 25657/tcp, 805/tcp, 7897/tcp, 2100/tcp (Amiga Network Filesystem), 28990/tcp, 63738/tcp, 5325/tcp, 26970/tcp, 30100/tcp, 258/tcp, 8894/tcp (Desktop Data TCP 6: COAL application), 23637/tcp, 53/tcp (Domain Name Server), 64041/tcp, 905/tcp, 8867/tcp, 33804/tcp, 33397/tcp, 46/tcp (MPM [default send]), 8234/tcp, 370/tcp (codaauth2), 3983/tcp (ESRI Image Service), 7896/tcp, 7892/tcp, 1188/tcp (HP Web Admin), 33330/tcp, 901/tcp (SMPNAMERES), 840/tcp, 2087/tcp (ELI - Event Logging Integration), 10444/tcp, 21314/tcp, 770/tcp (cadlock), 1001/tcp, 23435/tcp, 64142/tcp, 202/tcp (AppleTalk Name Binding), 19697/tcp, 1010/tcp (surf), 15859/tcp, 6900/tcp, 7002/tcp (users & groups database), 23389/tcp, 1026/tcp (Calendar Access Protocol), 63636/tcp, 10999/tcp, 32/tcp, 21920/tcp, 2015/tcp (cypress), 30003/tcp, 36566/tcp, 8840/tcp, 5065/tcp (Channel Access 2), 411/tcp (Remote MT Protocol), 2086/tcp (GNUnet), 7771/tcp, 666/tcp (doom Id Software), 904/tcp, 39/tcp (Resource Location Protocol), 21012/tcp, 33386/tcp, 24849/tcp, 7767/tcp, 32000/tcp, 55111/tcp, 1345/tcp (VPJP), 35/tcp (any private printer server), 825/tcp, 425/tcp (ICAD), 49192/tcp, 10555/tcp, 59293/tcp, 8881/tcp, 25354/tcp, 28384/tcp, 1008/tcp, 7660/tcp, 21000/tcp (IRTrans Control), 7774/tcp, 41/tcp (Graphics), 63389/tcp, 1005/tcp, 8200/tcp (TRIVNET), 7917/tcp, 420/tcp (SMPTE), 1992/tcp (IPsendmsg), 7007/tcp (basic overseer process), 37980/tcp, 815/tcp, 145/tcp (UAAC Protocol), 33335/tcp, 52728/tcp, 11222/tcp, 41000/tcp, 790/tcp, 29596/tcp, 27576/tcp, 61718/tcp, 495/tcp (intecourier), 34041/tcp, 1013/tcp, 4040/tcp (Yo.net main service), 4678/tcp (boundary traversal), 810/tcp (FCP), 10016/tcp, 61/tcp (NI MAIL), 23536/tcp, 9997/tcp (Palace-6), 510/tcp (FirstClass Protocol), 554/tcp (Real Time Streaming Protocol (RTSP)), 26/tcp, 1233/tcp (Universal App Server), 7907/tcp, 20002/tcp (Commtact HTTP), 18889/tcp, 7789/tcp (Office Tools Pro Receive), 7777/tcp (cbt), 7796/tcp, 123/tcp (Network Time Protocol), 49999/tcp, 865/tcp, 8548/tcp, 30500/tcp, 51/tcp (IMP Logical Address Maintenance), 20800/tcp, 33891/tcp, 2129/tcp (cs-live.com), 6897/tcp, 1025/tcp (network blackjack), 33917/tcp, 24546/tcp, 7000/tcp (file server itself), 39798/tcp, 48182/tcp, 1023/tcp, 33922/tcp, 65000/tcp, 45051/tcp, 1011/tcp, 740/tcp, 45454/tcp, 845/tcp, 22627/tcp, 27/tcp (NSW User System FE), 712/tcp (TBRPF), 25960/tcp, 1017/tcp, 8000/tcp (iRDMI), 43738/tcp, 35152/tcp, 33886/tcp, 36970/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 21617/tcp, 2096/tcp (NBX DIR), 290/tcp, 975/tcp, 46263/tcp, 25000/tcp (icl-twobase1), 37/tcp (Time), 945/tcp, 29899/tcp, 752/tcp (qrh), 10000/tcp (Network Data Management Protocol), 2020/tcp (xinupageserver), 375/tcp (Hassle), 22930/tcp, 11920/tcp, 880/tcp, 7895/tcp, 1015/tcp, 7797/tcp (Propel Connector port), 25758/tcp, 9123/tcp, 7831/tcp, 412/tcp (Trap Convention Port), 67/tcp (Bootstrap Protocol Server), 730/tcp (IBM NetView DM/6000 send/tcp), 54950/tcp, 19293/tcp, 33333/tcp (Digital Gaslight Service), 33901/tcp, 882/tcp, 10025/tcp, 16263/tcp, 1085/tcp (Web Objects), 440/tcp (sgcp), 63839/tcp, 2170/tcp (EyeTV Server Port), 19000/tcp (iGrid Server), 8814/tcp, 60200/tcp, 5123/tcp, 57374/tcp, 38/tcp (Route Access Protocol), 30/tcp, 125/tcp (Locus PC-Interface Net Map Ser), 33807/tcp, 33919/tcp, 62324/tcp, 33387/tcp, 1238/tcp (hacl-qs), 41516/tcp, 24041/tcp, 11888/tcp, 2244/tcp (NMS Server), 10666/tcp, 7437/tcp (Faximum), 29697/tcp, 35455/tcp, 33777/tcp, 1009/tcp, 31/tcp (MSG Authentication), 39899/tcp, 8333/tcp, 48990/tcp, 39293/tcp, 55960/tcp, 480/tcp (iafdbase).
      
BHD Honeypot
Port scan
2020-01-24

In the last 24h, the attacker (93.174.95.41) attempted to scan 189 ports.
The following ports have been scanned: 51718/tcp, 55589/tcp, 530/tcp (rpc), 52829/tcp, 405/tcp (ncld), 23000/tcp (Inova LightLink Server Type 1), 45758/tcp, 190/tcp (Gateway Access Control Protocol), 735/tcp, 8825/tcp, 45556/tcp, 56869/tcp, 54748/tcp, 47677/tcp, 53031/tcp, 4123/tcp (Zensys Z-Wave Control Protocol), 1012/tcp, 63391/tcp, 19394/tcp, 33900/tcp, 54142/tcp, 52525/tcp, 63392/tcp, 970/tcp, 69/tcp (Trivial File Transfer), 55000/tcp, 13389/tcp, 44243/tcp, 985/tcp, 53233/tcp, 8845/tcp, 25051/tcp, 18283/tcp, 30900/tcp, 15000/tcp (Hypack Data Aquisition), 62930/tcp, 63/tcp (whois++), 33902/tcp, 41718/tcp, 18788/tcp, 46364/tcp, 29495/tcp, 460/tcp (skronk), 62000/tcp, 31112/tcp, 2025/tcp (ellpack), 222/tcp (Berkeley rshd with SPX auth), 410/tcp (DECLadebug Remote Debug Protocol), 26465/tcp, 4045/tcp (Network Paging Protocol), 30389/tcp, 8869/tcp, 900/tcp (OMG Initial Refs), 610/tcp (npmp-local), 63940/tcp, 22220/tcp, 24000/tcp (med-ltp), 180/tcp (Intergraph), 60000/tcp, 54647/tcp, 64950/tcp, 606/tcp (Cray Unified Resource Manager), 14546/tcp, 935/tcp, 8767/tcp, 32930/tcp, 33908/tcp, 55253/tcp, 1021/tcp (RFC3692-style Experiment 1 (*)    [RFC4727]), 8884/tcp, 50001/tcp, 13435/tcp, 53535/tcp, 895/tcp, 57071/tcp, 64344/tcp, 1030/tcp (BBN IAD), 210/tcp (ANSI Z39.50), 52627/tcp, 55354/tcp, 16364/tcp, 1236/tcp (bvcontrol), 53391/tcp, 18485/tcp, 7779/tcp (VSTAT), 5070/tcp (VersaTrans Server Agent Service), 360/tcp (scoi2odialog), 26061/tcp, 540/tcp (uucpd), 11999/tcp, 920/tcp, 6881/tcp, 43/tcp (Who Is), 17000/tcp, 55222/tcp, 4226/tcp, 4750/tcp (Simple Service Auto Discovery), 28990/tcp, 63738/tcp, 64041/tcp, 4025/tcp (Partition Image Port), 45000/tcp, 803/tcp, 46/tcp (MPM [default send]), 54041/tcp, 1232/tcp, 17/tcp (Quote of the Day), 901/tcp (SMPNAMERES), 840/tcp, 2087/tcp (ELI - Event Logging Integration), 44888/tcp, 6060/tcp, 490/tcp (micom-pfs), 7780/tcp, 1036/tcp (Nebula Secure Segment Transfer Protocol), 10080/tcp (Amanda), 1026/tcp (Calendar Access Protocol), 444/tcp (Simple Network Paging Protocol), 45859/tcp, 31516/tcp, 53334/tcp, 24849/tcp, 6788/tcp (SMC-HTTP), 35/tcp (any private printer server), 25354/tcp, 28384/tcp, 33806/tcp, 44222/tcp, 15253/tcp, 55666/tcp, 15556/tcp, 705/tcp (AgentX), 481/tcp (Ph service), 22888/tcp, 17879/tcp, 51/tcp (IMP Logical Address Maintenance), 53388/tcp, 2121/tcp (SCIENTIA-SSDB), 64748/tcp, 33384/tcp, 65000/tcp, 1456/tcp (DCA), 22627/tcp, 59899/tcp, 56970/tcp, 1017/tcp, 7345/tcp, 10777/tcp, 25000/tcp (icl-twobase1), 14/tcp, 945/tcp, 6379/tcp, 57575/tcp, 48687/tcp, 56162/tcp, 7895/tcp, 720/tcp, 26000/tcp (quake), 49798/tcp, 160/tcp (SGMP-TRAPS), 32021/tcp, 7457/tcp, 61920/tcp, 58384/tcp, 57374/tcp, 257/tcp (Secure Electronic Transaction), 26869/tcp, 750/tcp (rfile), 7707/tcp (EM7 Dynamic Updates), 62324/tcp, 55333/tcp, 175/tcp (VMNET), 911/tcp (xact-backup), 45354/tcp, 31/tcp (MSG Authentication), 170/tcp (Network PostScript).
      
BHD Honeypot
Port scan
2020-01-23

Port scan from IP: 93.174.95.41 detected by psad.
BHD Honeypot
Port scan
2020-01-23

In the last 24h, the attacker (93.174.95.41) attempted to scan 587 ports.
The following ports have been scanned: 23738/tcp, 51718/tcp, 57879/tcp, 1993/tcp (cisco SNMP TCP port), 23392/tcp, 9018/tcp, 652/tcp (HELLO_PORT), 9990/tcp (OSM Applet Server), 39596/tcp, 6216/tcp, 33395/tcp, 2370/tcp (L3-HBMon), 37778/tcp, 240/tcp, 347/tcp (Fatmen Server), 7744/tcp (RAQMON PDU), 6669/tcp, 50600/tcp, 6886/tcp, 215/tcp (Insignia Solutions), 405/tcp (ncld), 23000/tcp (Inova LightLink Server Type 1), 6893/tcp, 190/tcp (Gateway Access Control Protocol), 48586/tcp, 735/tcp, 9110/tcp, 1000/tcp (cadlock2), 200/tcp (IBM System Resource Controller), 63132/tcp, 6456/tcp, 63334/tcp, 680/tcp (entrust-aaas), 9089/tcp (IBM Informix SQL Interface - Encrypted), 4345/tcp (Macro 4 Network AS), 38485/tcp, 2341/tcp (XIO Status), 7100/tcp (X Font Service), 53031/tcp, 9679/tcp, 960/tcp, 6781/tcp, 51314/tcp, 140/tcp (EMFIS Data Service), 20600/tcp, 820/tcp, 4090/tcp (OMA BCAST Service Guide), 41920/tcp, 56364/tcp, 400/tcp (Oracle Secure Backup), 60001/tcp, 2105/tcp (MiniPay), 46869/tcp, 1789/tcp (hello), 6891/tcp, 10023/tcp, 58788/tcp, 265/tcp (X-Bone CTL), 2082/tcp (Infowave Mobility Server), 52122/tcp, 38000/tcp, 725/tcp, 970/tcp, 34748/tcp, 69/tcp (Trivial File Transfer), 42728/tcp, 20500/tcp, 68/tcp (Bootstrap Protocol Client), 16566/tcp, 6567/tcp (eSilo Storage Protocol), 33435/tcp, 981/tcp, 909/tcp, 380/tcp (TIA/EIA/IS-99 modem server), 2045/tcp (cdfunc), 745/tcp, 2221/tcp (Rockwell CSP1), 94/tcp (Tivoli Object Dispatcher), 620/tcp (SCO WebServer Manager), 40500/tcp, 44243/tcp, 7659/tcp, 53233/tcp, 6006/tcp, 23391/tcp, 44748/tcp, 64243/tcp, 690/tcp (Velazquez Application Transfer Protocol), 235/tcp, 42122/tcp, 6600/tcp (Microsoft Hyper-V Live Migration), 850/tcp, 7778/tcp (Interwise), 47172/tcp, 6119/tcp, 62930/tcp, 7773/tcp, 6884/tcp, 1995/tcp (cisco perf port), 47980/tcp, 82/tcp (XFER Utility), 37071/tcp, 1035/tcp (MX-XR RPC), 56/tcp (XNS Authentication), 6666/tcp, 8902/tcp, 41819/tcp, 17677/tcp, 101/tcp (NIC Host Name Server), 7070/tcp (ARCP), 24950/tcp, 49697/tcp, 4035/tcp (WAP Push OTA-HTTP port), 7723/tcp, 1004/tcp, 49/tcp (Login Host Protocol (TACACS)), 5104/tcp, 59394/tcp, 43839/tcp, 40300/tcp, 34445/tcp, 10003/tcp (EMC-Documentum Content Server Product), 27879/tcp, 650/tcp (OBEX), 48788/tcp, 50005/tcp, 2075/tcp (Newlix ServerWare Engine), 6999/tcp (IATP-normalPri), 50700/tcp, 25455/tcp, 1526/tcp (Prospero Data Access Prot non-priv), 110/tcp (Post Office Protocol - Version 3), 6326/tcp, 261/tcp (IIOP Name Service over TLS/SSL), 7889/tcp, 753/tcp (rrh), 6786/tcp (Sun Java Web Console JMX), 751/tcp (pump), 915/tcp, 40600/tcp, 321/tcp (PIP), 389/tcp (Lightweight Directory Access Protocol), 1090/tcp (FF Fieldbus Message Specification), 7189/tcp, 62/tcp (ACA Services), 7089/tcp, 24000/tcp (med-ltp), 44440/tcp, 180/tcp (Intergraph), 7547/tcp (DSL Forum CWMP), 33802/tcp, 6677/tcp, 2211/tcp (EMWIN), 9017/tcp, 46768/tcp, 28788/tcp, 6546/tcp, 3000/tcp (RemoteWare Client), 2272/tcp (Meeting Maker Scheduling), 33881/tcp, 685/tcp (MDC Port Mapper), 935/tcp, 7799/tcp (Alternate BSDP Service), 86/tcp (Micro Focus Cobol), 44142/tcp, 6771/tcp (PolyServe https), 9129/tcp, 6969/tcp (acmsoda), 2542/tcp (uDraw(Graph)), 10015/tcp, 6787/tcp (Sun Web Console Admin), 950/tcp, 50001/tcp, 7312/tcp, 1002/tcp, 56667/tcp, 6117/tcp (Daylite Touch Sync), 40800/tcp, 9080/tcp (Groove GLRPC), 33132/tcp, 38081/tcp, 57/tcp (any private terminal access), 4000/tcp (Terabase), 45152/tcp, 62122/tcp, 46000/tcp, 18990/tcp, 670/tcp (VACDSM-SWS), 6436/tcp, 6118/tcp, 19596/tcp, 65/tcp (TACACS-Database Service), 38990/tcp, 760/tcp (ns), 390/tcp (UIS), 9345/tcp, 10001/tcp (SCP Configuration), 2344/tcp (fcmsys), 100/tcp ([unauthorized use]), 20300/tcp, 5176/tcp, 7391/tcp (mind-file system server), 8886/tcp, 903/tcp (self documenting Telnet Panic Door), 1645/tcp (SightLine), 42024/tcp, 7500/tcp (Silhouette User), 52627/tcp, 9439/tcp, 24748/tcp, 940/tcp, 6898/tcp, 36061/tcp, 5511/tcp, 10014/tcp, 51819/tcp, 52000/tcp, 7306/tcp, 7171/tcp (Discovery and Retention Mgt Production), 47778/tcp, 6129/tcp, 1561/tcp (facilityview), 52425/tcp, 2456/tcp (altav-remmgt), 8861/tcp, 18485/tcp, 1027/tcp, 9016/tcp, 33940/tcp, 7779/tcp (VSTAT), 10007/tcp (MVS Capacity), 52930/tcp, 920/tcp, 7389/tcp, 44666/tcp, 6782/tcp, 46970/tcp, 7080/tcp (EmpowerID Communication), 55051/tcp, 43132/tcp, 78/tcp (vettcp), 56768/tcp, 7745/tcp, 40700/tcp, 1604/tcp (icabrowser), 5325/tcp, 6896/tcp, 50300/tcp, 7567/tcp, 37677/tcp, 7005/tcp (volume managment server), 285/tcp, 64041/tcp, 2427/tcp (Media Gateway Control Protocol Gateway), 59/tcp (any private file service), 9043/tcp, 2145/tcp (Live Vault Remote Diagnostic Console Support), 930/tcp, 2315/tcp (Precise Sft.), 7025/tcp (Vormetric Service II), 148/tcp (Jargon), 10012/tcp, 22111/tcp, 46/tcp (MPM [default send]), 695/tcp (IEEE-MMS-SSL), 2762/tcp (DICOM TLS), 59798/tcp, 259/tcp (Efficient Short Remote Operations), 7892/tcp, 33336/tcp, 56566/tcp, 6901/tcp (Novell Jetstream messaging protocol), 9219/tcp, 40004/tcp, 44888/tcp, 40100/tcp, 56465/tcp, 44111/tcp, 1001/tcp, 23435/tcp, 33884/tcp, 7776/tcp, 23031/tcp, 7780/tcp, 202/tcp (AppleTalk Name Binding), 19697/tcp, 59595/tcp, 48384/tcp, 4080/tcp (Lorica inside facing), 18687/tcp, 9013/tcp, 49293/tcp, 23389/tcp, 715/tcp (IRIS-LWZ), 21920/tcp, 44000/tcp, 71/tcp (Remote Job Service), 36566/tcp, 22666/tcp, 310/tcp (bhmds), 6121/tcp (SPDY for a faster web), 40001/tcp, 105/tcp (Mailbox Name Nameserver), 411/tcp (Remote MT Protocol), 5666/tcp, 2562/tcp (Delibo), 904/tcp, 2546/tcp (vytalvaultbrtp), 33809/tcp, 49596/tcp, 24849/tcp, 1541/tcp (rds2), 55111/tcp, 6788/tcp (SMC-HTTP), 195/tcp (DNSIX Network Level Module Audit), 34/tcp, 40/tcp, 39999/tcp, 6566/tcp (SANE Control Port), 6883/tcp, 825/tcp, 425/tcp (ICAD), 6876/tcp, 47000/tcp (Message Bus), 25354/tcp, 7327/tcp, 28384/tcp, 50/tcp (Remote Mail Checking Protocol), 2090/tcp (Load Report Protocol), 36768/tcp, 21000/tcp (IRTrans Control), 7774/tcp, 63389/tcp, 44849/tcp, 420/tcp (SMPTE), 965/tcp, 7007/tcp (basic overseer process), 57778/tcp, 815/tcp, 158/tcp (PCMail Server), 145/tcp (UAAC Protocol), 38283/tcp, 41000/tcp, 7657/tcp, 250/tcp, 150/tcp (SQL-NET), 46667/tcp, 10/tcp, 5045/tcp (Open Settlement Protocol), 485/tcp (Air Soft Power Burst), 36263/tcp, 61/tcp (NI MAIL), 925/tcp, 48889/tcp, 9997/tcp (Palace-6), 1233/tcp (Universal App Server), 996/tcp (vsinet), 9459/tcp, 40000/tcp (SafetyNET p), 481/tcp (Ph service), 43389/tcp, 22888/tcp, 18889/tcp, 7777/tcp (cbt), 33897/tcp, 7123/tcp, 4444/tcp (NV Video default), 33444/tcp, 7796/tcp, 123/tcp (Network Time Protocol), 51/tcp (IMP Logical Address Maintenance), 91/tcp (MIT Dover Spooler), 7020/tcp (DP Serve), 6897/tcp, 205/tcp (AppleTalk Unused), 7000/tcp (file server itself), 53388/tcp, 7769/tcp, 55777/tcp, 65000/tcp, 37475/tcp (science + computing's Venus Administration Port), 7766/tcp, 7307/tcp, 61112/tcp, 1456/tcp (DCA), 216/tcp (Computer Associates Int'l License Server), 42223/tcp, 98/tcp (TAC News), 7001/tcp (callbacks to cache managers), 155/tcp (NETSC), 113/tcp (Authentication Service), 33923/tcp, 6699/tcp, 61314/tcp, 9567/tcp, 43738/tcp, 33913/tcp, 41011/tcp, 2872/tcp (RADIX), 7345/tcp, 44444/tcp, 56263/tcp, 8877/tcp, 56000/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 42324/tcp, 8890/tcp (Desktop Data TCP 2), 975/tcp, 29091/tcp, 33234/tcp, 37/tcp (Time), 830/tcp (NETCONF over SSH), 945/tcp, 6379/tcp, 47576/tcp, 256/tcp (RAP), 27000/tcp (-27009 FLEX LM (1-10)), 48687/tcp, 375/tcp (Hassle), 40900/tcp, 44777/tcp, 6257/tcp, 7797/tcp (Propel Connector port), 40200/tcp, 6784/tcp, 333/tcp (Texar Security Port), 902/tcp (self documenting Telnet Door), 412/tcp (Trap Convention Port), 67/tcp (Bootstrap Protocol Server), 64/tcp (Communications Integrator (CI)), 44999/tcp, 7724/tcp (Novell Snap-in Deep Freeze Control), 7071/tcp (IWGADTS Aircraft Housekeeping Message), 39697/tcp, 49394/tcp, 45/tcp (Message Processing Module [recv]), 440/tcp (sgcp), 40400/tcp, 49798/tcp, 160/tcp (SGMP-TRAPS), 63839/tcp, 7457/tcp, 44555/tcp, 61920/tcp, 58384/tcp, 6116/tcp (XicTools License Manager Service), 23388/tcp, 607/tcp (nqs), 125/tcp (Locus PC-Interface Net Map Ser), 7713/tcp, 22555/tcp (Vocaltec Web Conference), 9100/tcp (Printer PDL Data Stream), 9191/tcp (Sun AppSvr JPDA), 1238/tcp (hacl-qs), 55333/tcp, 41617/tcp, 6678/tcp, 41516/tcp, 2180/tcp (Millicent Vendor Gateway Server), 57475/tcp, 7010/tcp (onlinet uninterruptable power supplies), 51617/tcp, 7006/tcp (error interpretation service), 41213/tcp, 7234/tcp, 7437/tcp (Faximum), 175/tcp (VMNET), 35455/tcp, 74/tcp (Remote Job Service), 7589/tcp, 33808/tcp, 6885/tcp, 39293/tcp.
      
BHD Honeypot
Port scan
2020-01-22

In the last 24h, the attacker (93.174.95.41) attempted to scan 581 ports.
The following ports have been scanned: 51718/tcp, 22324/tcp, 230/tcp, 700/tcp (Extensible Provisioning Protocol), 1993/tcp (cisco SNMP TCP port), 2035/tcp (imsldoc), 62223/tcp, 10010/tcp (ooRexx rxapi services), 55657/tcp, 9990/tcp (OSM Applet Server), 15354/tcp, 38586/tcp, 72/tcp (Remote Job Service), 37778/tcp, 24445/tcp, 530/tcp (rpc), 3678/tcp (DataGuardianLT), 50600/tcp, 56565/tcp, 4664/tcp (Rimage Messaging Server), 6886/tcp, 215/tcp (Insignia Solutions), 6785/tcp (DGPF Individual Exchange), 35051/tcp, 9009/tcp (Pichat Server), 6893/tcp, 45758/tcp, 1991/tcp (cisco STUN Priority 2 port), 48586/tcp, 2012/tcp (ttyinfo), 200/tcp (IBM System Resource Controller), 33396/tcp, 2260/tcp (APC 2260), 6456/tcp, 63334/tcp, 38687/tcp, 54748/tcp, 9089/tcp (IBM Informix SQL Interface - Encrypted), 660/tcp (MacOS Server Admin), 50200/tcp, 47677/tcp, 38485/tcp, 7289/tcp, 9090/tcp (WebSM), 2341/tcp (XIO Status), 7100/tcp (X Font Service), 51920/tcp, 51011/tcp, 24344/tcp, 2342/tcp (Seagate Manage Exec), 6781/tcp, 140/tcp (EMFIS Data Service), 20600/tcp, 54243/tcp, 2593/tcp (MNS Mail Notice Service), 800/tcp (mdbs_daemon), 7788/tcp, 1890/tcp (wilkenListener), 4090/tcp (OMA BCAST Service Guide), 63391/tcp, 6113/tcp (Daylite Server), 400/tcp (Oracle Secure Backup), 2303/tcp (Proxy Gateway), 59999/tcp, 10023/tcp, 1031/tcp (BBN IAD), 38000/tcp, 1431/tcp (Reverse Gossip Transport), 6986/tcp, 63392/tcp, 22222/tcp, 7781/tcp (accu-lmgr), 20500/tcp, 68/tcp (Bootstrap Protocol Client), 55000/tcp, 9011/tcp, 3455/tcp (RSVP Port), 9060/tcp, 92/tcp (Network Printing Protocol), 54849/tcp, 52021/tcp, 50500/tcp, 2030/tcp (device2), 2002/tcp (globe), 22021/tcp, 9833/tcp, 34243/tcp, 315/tcp (DPSI), 6126/tcp, 94/tcp (Tivoli Object Dispatcher), 7775/tcp, 620/tcp (SCO WebServer Manager), 50100/tcp, 1761/tcp (cft-0), 8845/tcp, 9001/tcp (ETL Service Manager), 44748/tcp, 64243/tcp, 690/tcp (Velazquez Application Transfer Protocol), 25051/tcp, 24647/tcp, 23/tcp (Telnet), 6600/tcp (Microsoft Hyper-V Live Migration), 5985/tcp (WBEM WS-Management HTTP), 47172/tcp, 5020/tcp (zenginkyo-1), 352/tcp (bhoedap4 (added 5/21/97)), 6119/tcp, 62930/tcp, 90/tcp (DNSIX Securit Attribute Token Map), 5010/tcp (TelepathStart), 1995/tcp (cisco perf port), 44647/tcp, 19999/tcp (Distributed Network Protocol - Secure), 7047/tcp, 37071/tcp, 6666/tcp, 14344/tcp, 31819/tcp, 17576/tcp, 7070/tcp (ARCP), 44333/tcp, 55550/tcp, 49697/tcp, 18788/tcp, 7723/tcp, 385/tcp (IBM Application), 40300/tcp, 10003/tcp (EMC-Documentum Content Server Product), 6502/tcp (BoKS Servm), 56061/tcp, 53380/tcp, 20000/tcp (DNP), 62626/tcp, 27879/tcp, 48788/tcp, 50005/tcp, 2050/tcp (Avaya EMB Config Port), 2075/tcp (Newlix ServerWare Engine), 39000/tcp, 1567/tcp (jlicelmd), 4562/tcp, 36667/tcp, 33887/tcp, 2225/tcp (Resource Connection Initiation Protocol), 110/tcp (Post Office Protocol - Version 3), 57980/tcp, 6326/tcp, 22526/tcp, 55859/tcp, 33803/tcp, 9998/tcp (Distinct32), 52223/tcp, 63435/tcp, 4045/tcp (Network Paging Protocol), 875/tcp, 6894/tcp, 7189/tcp, 95/tcp (SUPDUP), 1034/tcp (ActiveSync Notifications), 44440/tcp, 180/tcp (Intergraph), 2080/tcp (Autodesk NLM (FLEXlm)), 7547/tcp (DSL Forum CWMP), 33802/tcp, 6677/tcp, 55444/tcp, 54647/tcp, 76/tcp (Distributed External Object Store), 6546/tcp, 4747/tcp, 2272/tcp (Meeting Maker Scheduling), 1037/tcp (AMS), 2369/tcp, 23390/tcp, 49494/tcp, 6771/tcp (PolyServe https), 35253/tcp, 6787/tcp (Sun Web Console Admin), 950/tcp, 6902/tcp, 7312/tcp, 10013/tcp, 56667/tcp, 6117/tcp (Daylite Touch Sync), 53535/tcp, 38081/tcp, 6345/tcp, 10017/tcp, 670/tcp (VACDSM-SWS), 21516/tcp, 6436/tcp, 57071/tcp, 1030/tcp (BBN IAD), 2095/tcp (NBX SER), 57172/tcp, 6889/tcp, 65/tcp (TACACS-Database Service), 1080/tcp (Socks), 100/tcp ([unauthorized use]), 51112/tcp, 20300/tcp, 19899/tcp, 23456/tcp (Aequus Service), 777/tcp (Multiling HTTP), 6887/tcp, 22000/tcp (SNAPenetIO), 7500/tcp (Silhouette User), 6890/tcp, 13839/tcp, 9007/tcp, 2056/tcp (OmniSky Port), 20700/tcp, 47374/tcp, 6898/tcp, 49899/tcp, 8905/tcp, 33883/tcp, 5511/tcp, 10014/tcp, 7306/tcp, 7171/tcp (Discovery and Retention Mgt Production), 6129/tcp, 33555/tcp, 1313/tcp (BMC_PATROLDB), 645/tcp (PSSC), 6112/tcp (Desk-Top Sub-Process Control Daemon), 52425/tcp, 2456/tcp (altav-remmgt), 7217/tcp, 2200/tcp (ICI), 6895/tcp, 84/tcp (Common Trace Facility), 10007/tcp (MVS Capacity), 6888/tcp (MUSE), 64646/tcp, 63233/tcp, 44666/tcp, 6782/tcp, 5905/tcp, 6881/tcp, 55222/tcp, 40700/tcp, 55758/tcp, 2100/tcp (Amiga Network Filesystem), 15758/tcp, 120/tcp (CFDPTKT), 6896/tcp, 23637/tcp, 3913/tcp (ListCREATOR Port), 89/tcp (SU/MIT Telnet Gateway), 4025/tcp (Partition Image Port), 2145/tcp (Live Vault Remote Diagnostic Console Support), 6697/tcp, 55152/tcp, 33804/tcp, 2347/tcp (Game Announcement and Location), 148/tcp (Jargon), 45000/tcp, 9549/tcp, 803/tcp, 3872/tcp (OEM Agent), 54041/tcp, 1232/tcp, 135/tcp (DCE endpoint resolution), 370/tcp (codaauth2), 109/tcp (Post Office Protocol - Version 2), 7347/tcp, 1188/tcp (HP Web Admin), 6899/tcp, 62425/tcp, 6901/tcp (Novell Jetstream messaging protocol), 9219/tcp, 2132/tcp (SoleraTec End Point Map), 21314/tcp, 2106/tcp (MZAP), 56465/tcp, 48484/tcp, 1248/tcp (hermes), 7776/tcp, 202/tcp (AppleTalk Name Binding), 19697/tcp, 37172/tcp, 59595/tcp, 4900/tcp (HyperFileSQL Client/Server Database Engine), 48384/tcp, 17778/tcp, 1201/tcp (Nucleus Sand Database Server), 1901/tcp (Fujitsu ICL Terminal Emulator Program A), 6900/tcp, 53392/tcp, 2041/tcp (interbase), 1036/tcp (Nebula Secure Segment Transfer Protocol), 10080/tcp (Amanda), 630/tcp (RDA), 49091/tcp, 43388/tcp, 4214/tcp, 6121/tcp (SPDY for a faster web), 55888/tcp, 7133/tcp, 105/tcp (Mailbox Name Nameserver), 4672/tcp (remote file access server), 7771/tcp, 666/tcp (doom Id Software), 114/tcp, 21415/tcp, 7570/tcp (Aries Kfinder), 21012/tcp, 33386/tcp, 25/tcp (Simple Mail Transfer), 1541/tcp (rds2), 55111/tcp, 39999/tcp, 6883/tcp, 21819/tcp, 425/tcp (ICAD), 49192/tcp, 6876/tcp, 6522/tcp, 47000/tcp (Message Bus), 8881/tcp, 7327/tcp, 33806/tcp, 2253/tcp (DTV Channel Request), 21000/tcp (IRTrans Control), 7774/tcp, 44222/tcp, 2190/tcp (TiVoConnect Beacon), 465/tcp (URL Rendesvous Directory for SSM), 1992/tcp (IPsendmsg), 2234/tcp (DirectPlay), 7007/tcp (basic overseer process), 2014/tcp (troff), 158/tcp (PCMail Server), 6346/tcp (gnutella-svc), 55666/tcp, 2004/tcp (mailbox), 150/tcp (SQL-NET), 46667/tcp, 4564/tcp, 6668/tcp, 15556/tcp, 48889/tcp, 6234/tcp, 1233/tcp (Universal App Server), 9789/tcp, 50000/tcp, 63380/tcp, 43389/tcp, 18889/tcp, 1111/tcp (LM Social Server), 7789/tcp (Office Tools Pro Receive), 102/tcp (ISO-TSAP Class 0), 59192/tcp, 10033/tcp, 7123/tcp, 33444/tcp, 46061/tcp, 49999/tcp, 865/tcp, 2328/tcp (Netrix SFTM), 3899/tcp (ITV Port), 9901/tcp, 7020/tcp (DP Serve), 2129/tcp (cs-live.com), 10099/tcp, 58182/tcp, 6897/tcp, 1025/tcp (network blackjack), 205/tcp (AppleTalk Unused), 7769/tcp, 1023/tcp, 3563/tcp (Watcom Debug), 33922/tcp, 2065/tcp (Data Link Switch Read Port Number), 1456/tcp (DCA), 28/tcp, 10004/tcp (EMC Replication Manager Client), 155/tcp (NETSC), 113/tcp (Authentication Service), 50123/tcp, 33923/tcp, 2343/tcp (nati logos), 6882/tcp, 59697/tcp, 5901/tcp, 56970/tcp, 56263/tcp, 56000/tcp, 21617/tcp, 2452/tcp (SnifferClient), 2096/tcp (NBX DIR), 51213/tcp, 46263/tcp, 220/tcp (Interactive Mail Access Protocol v3), 14/tcp, 945/tcp, 9994/tcp (OnLive-3), 33400/tcp, 6379/tcp, 47576/tcp, 57575/tcp, 33839/tcp, 6892/tcp, 10000/tcp (Network Data Management Protocol), 21718/tcp, 22930/tcp, 880/tcp, 6257/tcp, 5679/tcp (Direct Cable Connect Manager), 9123/tcp, 902/tcp (self documenting Telnet Door), 22728/tcp, 9678/tcp, 7724/tcp (Novell Snap-in Deep Freeze Control), 17980/tcp, 33393/tcp, 882/tcp, 55999/tcp, 16263/tcp, 1085/tcp (Web Objects), 39495/tcp, 53389/tcp, 18/tcp (Message Send Protocol), 7457/tcp, 57374/tcp, 50900/tcp, 30/tcp, 500/tcp (isakmp), 8880/tcp (CDDBP), 125/tcp (Locus PC-Interface Net Map Ser), 2102/tcp (Zephyr server), 10888/tcp, 22555/tcp (Vocaltec Web Conference), 7707/tcp (EM7 Dynamic Updates), 55333/tcp, 6678/tcp, 33380/tcp, 24041/tcp, 43434/tcp, 57475/tcp, 2244/tcp (NMS Server), 7010/tcp (onlinet uninterruptable power supplies), 9099/tcp, 605/tcp (SOAP over BEEP), 24/tcp (any private mail system), 51617/tcp, 7006/tcp (error interpretation service), 8501/tcp, 10002/tcp (EMC-Documentum Content Server Product), 2809/tcp (CORBA LOC), 7437/tcp (Faximum), 7237/tcp, 33894/tcp, 295/tcp, 911/tcp (xact-backup), 35657/tcp, 33777/tcp, 9916/tcp, 45354/tcp, 22829/tcp, 48990/tcp, 6885/tcp, 1214/tcp (KAZAA), 170/tcp (Network PostScript), 6906/tcp.
      
BHD Honeypot
Port scan
2020-01-21

In the last 24h, the attacker (93.174.95.41) attempted to scan 520 ports.
The following ports have been scanned: 54344/tcp, 1237/tcp (tsdos390), 103/tcp (Genesis Point-to-Point Trans Net), 10222/tcp, 2035/tcp (imsldoc), 6655/tcp (PC SOFT - Software factory UI/manager), 1022/tcp (RFC3692-style Experiment 2 (*)    [RFC4727]), 652/tcp (HELLO_PORT), 10005/tcp (EMC Replication Manager Server), 39596/tcp, 15354/tcp, 37778/tcp, 3678/tcp (DataGuardianLT), 56565/tcp, 52829/tcp, 50400/tcp, 33904/tcp, 1991/tcp (cisco STUN Priority 2 port), 48586/tcp, 9110/tcp, 33396/tcp, 33896/tcp, 53738/tcp, 9876/tcp (Session Director), 38687/tcp, 660/tcp (MacOS Server Admin), 50200/tcp, 16869/tcp, 9090/tcp (WebSM), 10060/tcp, 20400/tcp, 51920/tcp, 26566/tcp, 51011/tcp, 53031/tcp, 24344/tcp, 4123/tcp (Zensys Z-Wave Control Protocol), 51314/tcp, 3390/tcp (Distributed Service Coordinator), 140/tcp (EMFIS Data Service), 54243/tcp, 9006/tcp, 4090/tcp (OMA BCAST Service Guide), 9696/tcp, 36465/tcp, 4447/tcp (N1-RMGMT), 6113/tcp (Daylite Server), 19394/tcp, 2303/tcp (Proxy Gateway), 46869/tcp, 111/tcp (SUN Remote Procedure Call), 6891/tcp, 54142/tcp, 9993/tcp (OnLive-2), 52525/tcp, 2082/tcp (Infowave Mobility Server), 52122/tcp, 3673/tcp (Openview Media Vault GUI), 17374/tcp, 725/tcp, 6986/tcp, 18586/tcp, 2944/tcp (Megaco H-248), 33912/tcp, 9239/tcp, 9060/tcp, 33339/tcp, 909/tcp, 52021/tcp, 3213/tcp (NEON 24X7 Mission Control), 50500/tcp, 10021/tcp, 22021/tcp, 780/tcp (wpgs), 707/tcp (Borland DSJ), 33885/tcp, 50100/tcp, 33929/tcp, 31011/tcp, 19920/tcp, 3457/tcp (VAT default control), 53233/tcp, 6006/tcp, 9001/tcp (ETL Service Manager), 2302/tcp (Bindery Support), 13388/tcp, 96/tcp (DIXIE Protocol Specification), 43637/tcp, 235/tcp, 1994/tcp (cisco serial tunnel port), 130/tcp (cisco FNATIVE), 62930/tcp, 991/tcp (Netnews Administration System), 10009/tcp (Systemwalker Desktop Patrol), 20001/tcp (MicroSAN), 33902/tcp, 31819/tcp, 17576/tcp, 8820/tcp, 430/tcp (UTMPSD), 8860/tcp, 44333/tcp, 63388/tcp, 33383/tcp, 35556/tcp, 590/tcp (TNS CML), 18788/tcp, 4035/tcp (WAP Push OTA-HTTP port), 33882/tcp, 404/tcp (nced), 6502/tcp (BoKS Servm), 9995/tcp (Palace-4), 53380/tcp, 37879/tcp, 13390/tcp, 9977/tcp, 39000/tcp, 45253/tcp, 2025/tcp (ellpack), 999/tcp (puprouter), 33381/tcp, 303/tcp, 410/tcp (DECLadebug Remote Debug Protocol), 50700/tcp, 27475/tcp, 659/tcp, 3544/tcp (Teredo Port), 40600/tcp, 52223/tcp, 1997/tcp (cisco Gateway Discovery Protocol), 900/tcp (OMG Initial Refs), 610/tcp (npmp-local), 63940/tcp, 7089/tcp, 9919/tcp, 106/tcp (3COM-TSMUX), 33802/tcp, 6677/tcp, 9017/tcp, 3784/tcp (BFD Control Protocol), 64950/tcp, 2369/tcp, 15960/tcp, 33881/tcp, 685/tcp (MDC Port Mapper), 4075/tcp (ISC Alarm Message Service), 870/tcp, 9129/tcp, 6969/tcp (acmsoda), 39091/tcp, 10015/tcp, 33888/tcp, 11001/tcp (Metasys), 50001/tcp, 33031/tcp, 13435/tcp, 40800/tcp, 9890/tcp, 38081/tcp, 4000/tcp (Terabase), 45152/tcp, 32829/tcp, 6345/tcp, 2055/tcp (Iliad-Odyssey Protocol), 3452/tcp (SABP-Signalling Protocol), 502/tcp (asa-appl-proto), 9960/tcp, 9996/tcp (Palace-5), 4321/tcp (Remote Who Is), 895/tcp, 6118/tcp, 64344/tcp, 2042/tcp (isis), 42930/tcp, 9345/tcp, 41112/tcp, 8830/tcp, 903/tcp (self documenting Telnet Panic Door), 1645/tcp (SightLine), 13/tcp (Daytime (RFC 867)), 6887/tcp, 62526/tcp, 32526/tcp, 4070/tcp (Trivial IP Encryption (TrIPE)), 4446/tcp (N1-FWP), 210/tcp (ANSI Z39.50), 2056/tcp (OmniSky Port), 53390/tcp, 4894/tcp (LysKOM Protocol A), 4085/tcp (EZNews Newsroom Message Service), 33918/tcp, 55354/tcp, 337/tcp, 33883/tcp, 33390/tcp, 51819/tcp, 10101/tcp (eZmeeting), 6123/tcp (Backup Express), 52000/tcp, 1122/tcp (availant-mgr), 6114/tcp (WRspice IPC Service), 888/tcp (CD Database Protocol), 52425/tcp, 43390/tcp, 33890/tcp, 2251/tcp (Distributed Framework Port), 3393/tcp (D2K Tapestry Client to Server), 33940/tcp, 53839/tcp, 52930/tcp, 3035/tcp (FJSV gssagt), 640/tcp (entrust-sps), 64646/tcp, 22333/tcp, 43/tcp (Who Is), 17000/tcp, 55222/tcp, 4226/tcp, 4750/tcp (Simple Service Auto Discovery), 2100/tcp (Amiga Network Filesystem), 15758/tcp, 63738/tcp, 37677/tcp, 33382/tcp, 3913/tcp (ListCREATOR Port), 32728/tcp, 51015/tcp, 45657/tcp, 905/tcp, 9043/tcp, 5673/tcp (JACL Message Server), 10012/tcp, 9549/tcp, 9014/tcp, 1232/tcp, 109/tcp (Post Office Protocol - Version 2), 695/tcp (IEEE-MMS-SSL), 17/tcp (Quote of the Day), 259/tcp (Efficient Short Remote Operations), 1188/tcp (HP Web Admin), 33336/tcp, 6899/tcp, 901/tcp (SMPNAMERES), 2132/tcp (SoleraTec End Point Map), 40004/tcp, 40100/tcp, 33893/tcp, 39192/tcp, 6060/tcp, 43380/tcp, 64142/tcp, 6014/tcp, 4234/tcp, 15/tcp, 48384/tcp, 17778/tcp, 4080/tcp (Lorica inside facing), 18687/tcp, 1901/tcp (Fujitsu ICL Terminal Emulator Program A), 6900/tcp, 9013/tcp, 53392/tcp, 49293/tcp, 1026/tcp (Calendar Access Protocol), 470/tcp (scx-proxy), 63636/tcp, 52324/tcp, 5677/tcp (Quest Central DB2 Launchr), 44000/tcp, 2594/tcp (Data Base Server), 8840/tcp, 22666/tcp, 6121/tcp (SPDY for a faster web), 40001/tcp, 2567/tcp (Cisco Line Protocol), 1167/tcp (Cisco IP SLAs Control Protocol), 33906/tcp, 39/tcp (Resource Location Protocol), 4004/tcp (pxc-roid), 6236/tcp, 9958/tcp, 33386/tcp, 49596/tcp, 1033/tcp (local netinfo port), 50800/tcp, 195/tcp (DNSIX Network Level Module Audit), 62829/tcp, 3785/tcp (BFD Echo Protocol), 39999/tcp, 6566/tcp (SANE Control Port), 4055/tcp (CosmoCall Universe Communications Port 3), 21819/tcp, 47000/tcp (Message Bus), 38788/tcp, 2070/tcp (AH and ESP Encapsulated in UDP packet), 33398/tcp, 8345/tcp, 64546/tcp, 420/tcp (SMPTE), 4984/tcp (WebYast), 8889/tcp (Desktop Data TCP 1), 158/tcp (PCMail Server), 145/tcp (UAAC Protocol), 33335/tcp, 250/tcp, 150/tcp (SQL-NET), 10/tcp, 2243/tcp (Magicom Protocol), 485/tcp (Air Soft Power Burst), 6668/tcp, 4678/tcp (boundary traversal), 5515/tcp, 810/tcp (FCP), 16/tcp, 10016/tcp, 925/tcp, 13392/tcp, 9997/tcp (Palace-6), 6234/tcp, 1234/tcp (Infoseek Search Agent), 4654/tcp, 14004/tcp, 9789/tcp, 63380/tcp, 600/tcp (Sun IPC server), 17879/tcp, 2008/tcp (conf), 33897/tcp, 46061/tcp, 625/tcp (DEC DLM), 9954/tcp, 49999/tcp, 865/tcp, 3899/tcp (ITV Port), 3459/tcp (TIP Integral), 6897/tcp, 9915/tcp, 33917/tcp, 9569/tcp, 205/tcp (AppleTalk Unused), 3763/tcp (XO Wave Control Port), 7000/tcp (file server itself), 39798/tcp, 48182/tcp, 9456/tcp, 2121/tcp (SCIENTIA-SSDB), 64748/tcp, 33384/tcp, 33922/tcp, 65000/tcp, 45051/tcp, 740/tcp, 45454/tcp, 845/tcp, 216/tcp (Computer Associates Int'l License Server), 17273/tcp, 10004/tcp (EMC Replication Manager Client), 37273/tcp, 14445/tcp, 2343/tcp (nati logos), 44950/tcp, 3543/tcp (qftest Lookup Port), 35152/tcp, 56000/tcp, 14243/tcp, 35859/tcp, 975/tcp, 51213/tcp, 33234/tcp, 46263/tcp, 38889/tcp, 220/tcp (Interactive Mail Access Protocol v3), 8999/tcp (Brodos Crypto Trade Protocol), 9994/tcp (OnLive-3), 3873/tcp (fagordnc), 6892/tcp, 48687/tcp, 33666/tcp, 16970/tcp, 34849/tcp, 40900/tcp, 44777/tcp, 25556/tcp, 7797/tcp (Propel Connector port), 40200/tcp, 6784/tcp, 46464/tcp, 9678/tcp, 730/tcp (IBM NetView DM/6000 send/tcp), 64/tcp (Communications Integrator (CI)), 53940/tcp, 330/tcp, 44999/tcp, 2085/tcp (ADA Control), 990/tcp (ftp protocol, control, over TLS/SSL), 39697/tcp, 17980/tcp, 33901/tcp, 882/tcp, 18000/tcp (Beckman Instruments, Inc.), 49394/tcp, 16263/tcp, 16768/tcp, 53389/tcp, 43940/tcp, 440/tcp (sgcp), 40400/tcp, 49798/tcp, 9500/tcp (ismserver), 31617/tcp, 2270/tcp (starSchool), 63839/tcp, 3399/tcp (CSMS), 9991/tcp (OSM Event Server), 50900/tcp, 9999/tcp (distinct), 6051/tcp, 607/tcp (nqs), 8880/tcp (CDDBP), 125/tcp (Locus PC-Interface Net Map Ser), 33807/tcp, 9992/tcp (OnLive-1), 5765/tcp, 22555/tcp (Vocaltec Web Conference), 9100/tcp (Printer PDL Data Stream), 37576/tcp, 41617/tcp, 33380/tcp, 33925/tcp, 57273/tcp, 13536/tcp, 9099/tcp, 8882/tcp, 2000/tcp (Cisco SCCP), 3890/tcp (Niche Data Server Connect), 33894/tcp, 5234/tcp (EEnet communications), 35657/tcp, 33777/tcp, 4050/tcp (Wide Area File Services), 9950/tcp (APC 9950), 33808/tcp, 39899/tcp, 48990/tcp, 480/tcp (iafdbase).
      
BHD Honeypot
Port scan
2020-01-20

In the last 24h, the attacker (93.174.95.41) attempted to scan 469 ports.
The following ports have been scanned: 23738/tcp, 570/tcp (demon), 43031/tcp, 910/tcp (Kerberized Internet Negotiation of Keys (KINK)), 3005/tcp (Genius License Manager), 55657/tcp, 9018/tcp, 39596/tcp, 38586/tcp, 320/tcp (PTP General), 9489/tcp, 24445/tcp, 6669/tcp, 60/tcp, 555/tcp (dsf), 35000/tcp, 33903/tcp, 9009/tcp (Pichat Server), 1678/tcp (prolink), 45758/tcp, 33388/tcp, 33396/tcp, 2224/tcp (Easy Flexible Internet/Multiplayer Games), 9000/tcp (CSlistener), 350/tcp (MATIP Type A), 46162/tcp, 45556/tcp, 680/tcp (entrust-aaas), 9089/tcp (IBM Informix SQL Interface - Encrypted), 29999/tcp, 4345/tcp (Macro 4 Network AS), 38485/tcp, 3454/tcp (Apple Remote Access Protocol), 26768/tcp, 13579/tcp, 26566/tcp, 30300/tcp, 10011/tcp, 20600/tcp, 2593/tcp (MNS Mail Notice Service), 9006/tcp, 1890/tcp (wilkenListener), 9696/tcp, 56364/tcp, 19394/tcp, 2105/tcp (MiniPay), 1789/tcp (hello), 2678/tcp (Gadget Gate 2 Way), 14849/tcp, 2982/tcp (IWB-WHITEBOARD), 2082/tcp (Infowave Mobility Server), 2346/tcp (Game Connection Port), 17374/tcp, 63392/tcp, 2652/tcp (InterPathPanel), 2259/tcp (Accedian Performance Measurement), 2944/tcp (Megaco H-248), 20500/tcp, 20200/tcp, 25859/tcp, 9239/tcp, 9988/tcp (Software Essentials Secure HTTP server), 9011/tcp, 9060/tcp, 2030/tcp (device2), 3344/tcp (BNT Manager), 2045/tcp (cdfunc), 12526/tcp, 2011/tcp (raid), 61819/tcp, 6126/tcp, 8885/tcp, 3457/tcp (VAT default control), 8845/tcp, 23391/tcp, 44748/tcp, 64243/tcp, 25051/tcp, 3383/tcp (Enterprise Software Products License Manager), 24647/tcp, 43637/tcp, 18283/tcp, 42122/tcp, 23/tcp (Telnet), 33300/tcp, 850/tcp, 47172/tcp, 44647/tcp, 10009/tcp (Systemwalker Desktop Patrol), 31013/tcp, 37071/tcp, 56/tcp (XNS Authentication), 8933/tcp, 2782/tcp (everydayrc), 20001/tcp (MicroSAN), 4030/tcp (Accell/JSP Daemon Port), 101/tcp (NIC Host Name Server), 41718/tcp, 28081/tcp, 64000/tcp, 63388/tcp, 29394/tcp, 33383/tcp, 32627/tcp, 18788/tcp, 3387/tcp (Back Room Net), 4035/tcp (WAP Push OTA-HTTP port), 49/tcp (Login Host Protocol (TACACS)), 34445/tcp, 20000/tcp (DNP), 2050/tcp (Avaya EMB Config Port), 10008/tcp (Octopus Multiplexer), 31112/tcp, 45253/tcp, 27475/tcp, 65535/tcp, 55859/tcp, 751/tcp (pump), 915/tcp, 610/tcp (npmp-local), 44440/tcp, 8891/tcp (Desktop Data TCP 3: NESS application), 180/tcp (Intergraph), 64849/tcp, 2211/tcp (EMWIN), 33916/tcp, 3784/tcp (BFD Control Protocol), 28586/tcp, 46566/tcp, 3000/tcp (RemoteWare Client), 3065/tcp (slinterbase), 2369/tcp, 2053/tcp (Lot105 DSuper Updates), 4060/tcp (DSMETER Inter-Agent Transfer Channel), 3653/tcp (Tunnel Setup Protocol), 2902/tcp (NET ASPI), 22999/tcp, 49494/tcp, 4075/tcp (ISC Alarm Message Service), 32930/tcp, 6771/tcp (PolyServe https), 9129/tcp, 6969/tcp (acmsoda), 2542/tcp (uDraw(Graph)), 39091/tcp, 9946/tcp, 9080/tcp (Groove GLRPC), 33132/tcp, 8989/tcp (Sun Web Server SSL Admin Service), 32829/tcp, 38182/tcp, 33100/tcp, 9960/tcp, 18990/tcp, 9996/tcp (Palace-5), 670/tcp (VACDSM-SWS), 33738/tcp, 19596/tcp, 2042/tcp (isis), 36869/tcp, 3080/tcp (stm_pproc), 38990/tcp, 33914/tcp, 42021/tcp, 19899/tcp, 3386/tcp (GPRS Data), 62526/tcp, 4070/tcp (Trivial IP Encryption (TrIPE)), 4446/tcp (N1-FWP), 18384/tcp, 13839/tcp, 9007/tcp, 4904/tcp, 63390/tcp, 31415/tcp, 2056/tcp (OmniSky Port), 4085/tcp (EZNews Newsroom Message Service), 47879/tcp, 47374/tcp, 2017/tcp (cypress-stat), 16364/tcp, 1236/tcp (bvcontrol), 33390/tcp, 1122/tcp (availant-mgr), 12324/tcp, 28000/tcp (NX License Manager), 1561/tcp (facilityview), 33555/tcp, 3401/tcp (filecast), 645/tcp (PSSC), 33389/tcp, 2456/tcp (altav-remmgt), 9979/tcp, 2251/tcp (Distributed Framework Port), 9016/tcp, 3393/tcp (D2K Tapestry Client to Server), 9012/tcp, 26364/tcp, 640/tcp (entrust-sps), 64646/tcp, 2892/tcp (SNIFFERDATA), 33392/tcp, 2349/tcp (Diagnostics Port), 22333/tcp, 9910/tcp, 43/tcp (Who Is), 17000/tcp, 4433/tcp, 25657/tcp, 8940/tcp, 9938/tcp, 4750/tcp (Simple Service Auto Discovery), 2100/tcp (Amiga Network Filesystem), 4224/tcp, 47273/tcp, 6896/tcp, 26970/tcp, 33382/tcp, 2427/tcp (Media Gateway Control Protocol Gateway), 3451/tcp (ASAM Services), 4025/tcp (Partition Image Port), 2315/tcp (Precise Sft.), 9549/tcp, 22111/tcp, 3872/tcp (OEM Agent), 9014/tcp, 370/tcp (codaauth2), 8823/tcp, 17/tcp (Quote of the Day), 185/tcp (Remote-KIS), 3030/tcp (Arepa Cas), 56566/tcp, 2132/tcp (SoleraTec End Point Map), 550/tcp (new-who), 21314/tcp, 40100/tcp, 2106/tcp (MZAP), 44111/tcp, 770/tcp (cadlock), 3010/tcp (Telerate Workstation), 64142/tcp, 2672/tcp (nhserver), 4234/tcp, 15/tcp, 9949/tcp, 3391/tcp (SAVANT), 15859/tcp, 4080/tcp (Lorica inside facing), 1716/tcp (xmsg), 1901/tcp (Fujitsu ICL Terminal Emulator Program A), 53392/tcp, 33111/tcp, 470/tcp (scx-proxy), 444/tcp (Simple Network Paging Protocol), 32/tcp, 55555/tcp, 8840/tcp, 22666/tcp, 6121/tcp (SPDY for a faster web), 31516/tcp, 4672/tcp (remote file access server), 3567/tcp (Object Access Protocol), 9015/tcp, 2546/tcp (vytalvaultbrtp), 8887/tcp, 2007/tcp (dectalk), 33906/tcp, 21012/tcp, 24849/tcp, 9951/tcp (APC 9951), 64445/tcp, 50800/tcp, 3785/tcp (BFD Echo Protocol), 825/tcp, 47000/tcp (Message Bus), 1239/tcp (NMSD), 3085/tcp (PCIHReq), 38788/tcp, 2090/tcp (Load Report Protocol), 2253/tcp (DTV Channel Request), 27071/tcp, 12627/tcp, 3003/tcp (CGMS), 615/tcp (Internet Configuration Manager), 2190/tcp (TiVoConnect Beacon), 58585/tcp, 33398/tcp, 475/tcp (tcpnethaspsrv), 1992/tcp (IPsendmsg), 2234/tcp (DirectPlay), 37980/tcp, 829/tcp (PKIX-3 CA/RA), 8889/tcp (Desktop Data TCP 1), 13233/tcp, 4124/tcp (Rohill TetraNode Ip Gateway v2), 6346/tcp (gnutella-svc), 52728/tcp, 41000/tcp, 27576/tcp, 9389/tcp (Active Directory Web Services), 4568/tcp (BMC Reporting), 46667/tcp, 10/tcp, 4040/tcp (Yo.net main service), 16/tcp, 554/tcp (Real Time Streaming Protocol (RTSP)), 705/tcp (AgentX), 40000/tcp (SafetyNET p), 33892/tcp, 22888/tcp, 17879/tcp, 18889/tcp, 3090/tcp (Senforce Session Services), 505/tcp (mailbox-lm), 20800/tcp, 2129/tcp (cs-live.com), 33917/tcp, 9569/tcp, 3763/tcp (XO Wave Control Port), 3333/tcp (DEC Notes), 19/tcp (Character Generator), 2121/tcp (SCIENTIA-SSDB), 3563/tcp (Watcom Debug), 64748/tcp, 33384/tcp, 65000/tcp, 22777/tcp, 3903/tcp (CharsetMGR), 1456/tcp (DCA), 45960/tcp, 22627/tcp, 3893/tcp (CGI StarAPI Server), 28/tcp, 19798/tcp, 27/tcp (NSW User System FE), 2343/tcp (nati logos), 43738/tcp, 33886/tcp, 2872/tcp (RADIX), 56000/tcp, 33924/tcp, 830/tcp (NETCONF over SSH), 43391/tcp, 9969/tcp, 33400/tcp, 47576/tcp, 27980/tcp, 3873/tcp (fagordnc), 10000/tcp (Network Data Management Protocol), 5456/tcp (APC 5456), 21718/tcp, 40200/tcp, 25758/tcp, 33899/tcp, 9123/tcp, 33350/tcp, 9349/tcp, 33333/tcp (Digital Gaslight Service), 39697/tcp, 27778/tcp, 3380/tcp (SNS Channels), 33393/tcp, 33901/tcp, 33889/tcp, 39495/tcp, 53389/tcp, 26000/tcp (quake), 18/tcp (Message Send Protocol), 40400/tcp, 32021/tcp, 63839/tcp, 19000/tcp (iGrid Server), 57374/tcp, 8918/tcp, 50900/tcp, 28687/tcp, 38/tcp (Route Access Protocol), 30/tcp, 6116/tcp (XicTools License Manager Service), 12000/tcp (IBM Enterprise Extender SNA XID Exchange), 26869/tcp, 9769/tcp, 2102/tcp (Zephyr server), 8908/tcp, 33919/tcp, 41516/tcp, 24041/tcp, 3388/tcp (CB Server), 2180/tcp (Millicent Vendor Gateway Server), 11888/tcp, 2945/tcp (H248 Binary), 24/tcp (any private mail system), 8882/tcp, 2000/tcp (Cisco SCCP), 10002/tcp (EMC-Documentum Content Server Product), 30700/tcp, 9916/tcp, 45354/tcp, 22829/tcp, 12930/tcp, 39899/tcp, 2348/tcp (Information to query for game status), 55960/tcp, 3322/tcp (-3325  Active Networks), 2247/tcp (Antidote Deployment Manager Service).
      
BHD Honeypot
Port scan
2020-01-19

In the last 24h, the attacker (93.174.95.41) attempted to scan 563 ports.
The following ports have been scanned: 19495/tcp, 22324/tcp, 32425/tcp, 700/tcp (Extensible Provisioning Protocol), 2035/tcp (imsldoc), 23392/tcp, 635/tcp (RLZ DBase), 55657/tcp, 9018/tcp, 13380/tcp, 9990/tcp (OSM Applet Server), 9489/tcp, 2370/tcp (L3-HBMon), 2005/tcp (berknet), 6886/tcp, 52829/tcp, 75/tcp (any private dial out service), 14647/tcp, 32122/tcp, 9110/tcp, 33388/tcp, 2012/tcp (ttyinfo), 23940/tcp, 2224/tcp (Easy Flexible Internet/Multiplayer Games), 8825/tcp, 350/tcp (MATIP Type A), 63132/tcp, 9329/tcp, 45556/tcp, 9089/tcp (IBM Informix SQL Interface - Encrypted), 660/tcp (MacOS Server Admin), 29999/tcp, 47677/tcp, 38485/tcp, 9090/tcp (WebSM), 2341/tcp (XIO Status), 26768/tcp, 51920/tcp, 26566/tcp, 53031/tcp, 30300/tcp, 24344/tcp, 2342/tcp (Seagate Manage Exec), 31718/tcp, 960/tcp, 6781/tcp, 3395/tcp (Dyna License Manager (Elam)), 30001/tcp (Pago Services 1), 20600/tcp, 2593/tcp (MNS Mail Notice Service), 57677/tcp, 6113/tcp (Daylite Server), 19394/tcp, 2105/tcp (MiniPay), 6891/tcp, 14849/tcp, 2982/tcp (IWB-WHITEBOARD), 54142/tcp, 52122/tcp, 2346/tcp (Game Connection Port), 2652/tcp (InterPathPanel), 22222/tcp, 2259/tcp (Accedian Performance Measurement), 42829/tcp, 2944/tcp (Megaco H-248), 20500/tcp, 16566/tcp, 20200/tcp, 25859/tcp, 9239/tcp, 33339/tcp, 30600/tcp, 13389/tcp, 52021/tcp, 50500/tcp, 2789/tcp (Media Agent), 380/tcp (TIA/EIA/IS-99 modem server), 48081/tcp, 707/tcp (Borland DSJ), 28485/tcp, 11666/tcp, 2011/tcp (raid), 6126/tcp, 8885/tcp, 1024/tcp (Reserved), 620/tcp (SCO WebServer Manager), 435/tcp (MobilIP-MN), 31011/tcp, 19920/tcp, 79/tcp (Finger), 53233/tcp, 6006/tcp, 9001/tcp (ETL Service Manager), 44748/tcp, 580/tcp (SNTP HEARTBEAT), 2302/tcp (Bindery Support), 395/tcp (NetScout Control Protocol), 24647/tcp, 23/tcp (Telnet), 33222/tcp, 6600/tcp (Microsoft Hyper-V Live Migration), 33300/tcp, 1994/tcp (cisco serial tunnel port), 850/tcp, 5555/tcp (Personal Agent), 15000/tcp (Hypack Data Aquisition), 8808/tcp, 10081/tcp (FAM Archive Server), 6119/tcp, 15455/tcp, 7773/tcp, 17475/tcp, 6884/tcp, 1995/tcp (cisco perf port), 19999/tcp (Distributed Network Protocol - Secure), 1035/tcp (MX-XR RPC), 11777/tcp, 41819/tcp, 1028/tcp, 8860/tcp, 64000/tcp, 590/tcp (TNS CML), 18788/tcp, 3387/tcp (Back Room Net), 8765/tcp (Ultraseek HTTP), 8907/tcp, 53380/tcp, 27879/tcp, 29495/tcp, 50005/tcp, 754/tcp (send), 3075/tcp (Orbix 2000 Locator), 6999/tcp (IATP-normalPri), 2025/tcp (ellpack), 8839/tcp, 999/tcp (puprouter), 33381/tcp, 50700/tcp, 27475/tcp, 6000/tcp (-6063/udp   X Window System), 2225/tcp (Resource Connection Initiation Protocol), 25455/tcp, 659/tcp, 3060/tcp (interserver), 52223/tcp, 9234/tcp, 26465/tcp, 5895/tcp, 875/tcp, 900/tcp (OMG Initial Refs), 6894/tcp, 8900/tcp (JMB-CDS 1), 26667/tcp, 22220/tcp, 8891/tcp (Desktop Data TCP 3: NESS application), 55444/tcp, 9017/tcp, 28586/tcp, 64950/tcp, 1037/tcp (AMS), 2369/tcp, 2053/tcp (Lot105 DSuper Updates), 23390/tcp, 23380/tcp, 49494/tcp, 935/tcp, 33908/tcp, 11111/tcp (Viral Computing Environment (VCE)), 8389/tcp, 59495/tcp, 1002/tcp, 33394/tcp, 9946/tcp, 1781/tcp (answersoft-lm), 6117/tcp (Daylite Touch Sync), 13391/tcp, 6345/tcp, 62122/tcp, 3452/tcp (SABP-Signalling Protocol), 38182/tcp, 33100/tcp, 29798/tcp, 57071/tcp, 6118/tcp, 64344/tcp, 57172/tcp, 6889/tcp, 2042/tcp (isis), 13940/tcp, 23334/tcp, 54/tcp (XNS Clearinghouse), 9345/tcp, 16000/tcp (Administration Server Access), 2344/tcp (fcmsys), 8800/tcp (Sun Web Server Admin Service), 5875/tcp, 6887/tcp, 22000/tcp (SNAPenetIO), 6890/tcp, 18384/tcp, 9007/tcp, 675/tcp (DCTP), 48/tcp (Digital Audit Daemon), 3384/tcp (Cluster Management Services), 2017/tcp (cypress-stat), 16364/tcp, 8905/tcp, 33883/tcp, 6114/tcp (WRspice IPC Service), 22444/tcp, 33895/tcp, 52425/tcp, 710/tcp (Entrust Administration Service Handler), 2040/tcp (lam), 33320/tcp, 15657/tcp, 2200/tcp (ICI), 2251/tcp (Distributed Framework Port), 33898/tcp, 53839/tcp, 9012/tcp, 26364/tcp, 540/tcp (uucpd), 52930/tcp, 3035/tcp (FJSV gssagt), 6888/tcp (MUSE), 63233/tcp, 5785/tcp (3PAR Inform Remote Copy), 6782/tcp, 55051/tcp, 9910/tcp, 8568/tcp, 43/tcp (Who Is), 4433/tcp, 25657/tcp, 55758/tcp, 9938/tcp, 12/tcp, 28990/tcp, 5325/tcp, 2016/tcp (bootserver), 6896/tcp, 30100/tcp, 8894/tcp (Desktop Data TCP 6: COAL application), 33382/tcp, 9043/tcp, 3070/tcp (MGXSWITCH), 33804/tcp, 2347/tcp (Game Announcement and Location), 5673/tcp (JACL Message Server), 22111/tcp, 46/tcp (MPM [default send]), 9014/tcp, 54041/tcp, 300/tcp, 370/tcp (codaauth2), 2432/tcp (codasrv), 33336/tcp, 33330/tcp, 3030/tcp (Arepa Cas), 6901/tcp (Novell Jetstream messaging protocol), 9219/tcp, 2132/tcp (SoleraTec End Point Map), 2087/tcp (ELI - Event Logging Integration), 2106/tcp (MZAP), 8678/tcp, 808/tcp, 48484/tcp, 770/tcp (cadlock), 23435/tcp, 47071/tcp, 490/tcp (micom-pfs), 19697/tcp, 37172/tcp, 13000/tcp, 15859/tcp, 6900/tcp, 4569/tcp (Inter-Asterisk eXchange), 2041/tcp (interbase), 30400/tcp, 3036/tcp (Hagel DUMP), 49091/tcp, 785/tcp, 21920/tcp, 2015/tcp (cypress), 47474/tcp, 52/tcp (XNS Time Protocol), 4214/tcp, 8840/tcp, 31516/tcp, 53334/tcp, 2562/tcp (Delibo), 8898/tcp, 21415/tcp, 2007/tcp (dectalk), 36/tcp, 21012/tcp, 6236/tcp, 33386/tcp, 24849/tcp, 1541/tcp (rds2), 32000/tcp, 1345/tcp (VPJP), 39999/tcp, 6566/tcp (SANE Control Port), 38788/tcp, 2090/tcp (Load Report Protocol), 1321/tcp (PIP), 21000/tcp (IRTrans Control), 41/tcp (Graphics), 3003/tcp (CGMS), 1005/tcp, 44849/tcp, 64546/tcp, 465/tcp (URL Rendesvous Directory for SSM), 15253/tcp, 37980/tcp, 815/tcp, 20900/tcp, 2004/tcp (mailbox), 29596/tcp, 9389/tcp (Active Directory Web Services), 450/tcp (Computer Supported Telecomunication Applications), 1917/tcp (nOAgent), 16/tcp, 61/tcp (NI MAIL), 48889/tcp, 13392/tcp, 2967/tcp (SSC-AGENT), 6234/tcp, 26/tcp, 996/tcp (vsinet), 50000/tcp, 481/tcp (Ph service), 43389/tcp, 600/tcp (Sun IPC server), 20002/tcp (Commtact HTTP), 18889/tcp, 3090/tcp (Senforce Session Services), 7123/tcp, 625/tcp (DEC DLM), 865/tcp, 9879/tcp, 30500/tcp, 2328/tcp (Netrix SFTM), 51/tcp (IMP Logical Address Maintenance), 20800/tcp, 24546/tcp, 53388/tcp, 9456/tcp, 1023/tcp, 2121/tcp (SCIENTIA-SSDB), 740/tcp, 8870/tcp, 45960/tcp, 17273/tcp, 42223/tcp, 2242/tcp (Folio Remote Server), 19798/tcp, 7001/tcp (callbacks to cache managers), 14445/tcp, 25960/tcp, 3543/tcp (qftest Lookup Port), 5901/tcp, 33391/tcp, 7345/tcp, 56263/tcp, 14243/tcp, 21617/tcp, 8864/tcp, 2452/tcp (SnifferClient), 10777/tcp, 8890/tcp (Desktop Data TCP 2), 2096/tcp (NBX DIR), 29091/tcp, 8850/tcp, 51213/tcp, 8999/tcp (Brodos Crypto Trade Protocol), 14/tcp, 280/tcp (http-mgmt), 43391/tcp, 8768/tcp, 29899/tcp, 752/tcp (qrh), 27000/tcp (-27009 FLEX LM (1-10)), 3015/tcp (NATI DSTP), 6892/tcp, 56162/tcp, 2020/tcp (xinupageserver), 33666/tcp, 5671/tcp (amqp protocol over TLS/SSL), 63031/tcp, 16970/tcp, 14950/tcp, 21718/tcp, 22930/tcp, 28889/tcp, 1015/tcp, 5890/tcp, 6257/tcp, 5679/tcp (Direct Cable Connect Manager), 25556/tcp, 333/tcp (Texar Security Port), 46464/tcp, 2710/tcp (SSO Service), 8868/tcp, 2085/tcp (ADA Control), 33333/tcp (Digital Gaslight Service), 720/tcp, 17980/tcp, 5105/tcp, 882/tcp, 18000/tcp (Beckman Instruments, Inc.), 3397/tcp (Cloanto License Manager), 1085/tcp (Web Objects), 16768/tcp, 53389/tcp, 32021/tcp, 2270/tcp (starSchool), 2170/tcp (EyeTV Server Port), 3399/tcp (CSMS), 58384/tcp, 8918/tcp, 28687/tcp, 38/tcp (Route Access Protocol), 6116/tcp (XicTools License Manager Service), 23388/tcp, 6051/tcp, 500/tcp (isakmp), 7713/tcp, 5765/tcp, 62728/tcp, 9100/tcp (Printer PDL Data Stream), 9191/tcp (Sun AppSvr JPDA), 54321/tcp, 1238/tcp (hacl-qs), 41617/tcp, 6678/tcp, 33380/tcp, 24041/tcp, 3388/tcp (CB Server), 2180/tcp (Millicent Vendor Gateway Server), 12425/tcp, 1891/tcp (ChildKey Notification), 2945/tcp (H248 Binary), 560/tcp (rmonitord), 9099/tcp, 605/tcp (SOAP over BEEP), 24/tcp (any private mail system), 5523/tcp, 9916/tcp, 22829/tcp, 7589/tcp, 12930/tcp, 1009/tcp, 31/tcp (MSG Authentication), 39899/tcp, 6885/tcp, 2348/tcp (Information to query for game status), 12223/tcp, 480/tcp (iafdbase).
      
BHD Honeypot
Port scan
2020-01-18

Port scan from IP: 93.174.95.41 detected by psad.
BHD Honeypot
Port scan
2020-01-18

In the last 24h, the attacker (93.174.95.41) attempted to scan 460 ports.
The following ports have been scanned: 23738/tcp, 34950/tcp, 60400/tcp, 51718/tcp, 19495/tcp, 10032/tcp, 910/tcp (Kerberized Internet Negotiation of Keys (KINK)), 10065/tcp, 57879/tcp, 2035/tcp (imsldoc), 635/tcp (RLZ DBase), 1022/tcp (RFC3692-style Experiment 2 (*)    [RFC4727]), 13380/tcp, 2370/tcp (L3-HBMon), 37778/tcp, 9978/tcp, 2005/tcp (berknet), 53132/tcp, 7744/tcp (RAQMON PDU), 56565/tcp, 6785/tcp (DGPF Individual Exchange), 34142/tcp, 555/tcp (dsf), 23000/tcp (Inova LightLink Server Type 1), 6893/tcp, 2012/tcp (ttyinfo), 8855/tcp, 23940/tcp, 2260/tcp (APC 2260), 8500/tcp (Flight Message Transfer Protocol), 7678/tcp, 3396/tcp (Printer Agent), 38687/tcp, 13334/tcp, 10076/tcp, 13381/tcp, 795/tcp, 27374/tcp, 26768/tcp, 13579/tcp, 26566/tcp, 51011/tcp, 30300/tcp, 10011/tcp, 51314/tcp, 1003/tcp, 3395/tcp (Dyna License Manager (Elam)), 820/tcp, 36465/tcp, 6113/tcp (Daylite Server), 19394/tcp, 10023/tcp, 9993/tcp (OnLive-2), 2346/tcp (Game Connection Port), 970/tcp, 33912/tcp, 981/tcp, 3455/tcp (RSVP Port), 909/tcp, 2030/tcp (device2), 2083/tcp (Secure Radius Service), 33536/tcp, 2045/tcp (cdfunc), 30000/tcp, 11666/tcp, 8885/tcp, 3050/tcp (gds_db), 435/tcp (MobilIP-MN), 44243/tcp, 42424/tcp, 8348/tcp, 7659/tcp, 6006/tcp, 23391/tcp, 31920/tcp, 5555/tcp (Personal Agent), 8808/tcp, 6119/tcp, 17475/tcp, 991/tcp (Netnews Administration System), 37071/tcp, 6666/tcp, 430/tcp (UTMPSD), 7070/tcp (ARCP), 41718/tcp, 55550/tcp, 29394/tcp, 24950/tcp, 35556/tcp, 49697/tcp, 590/tcp (TNS CML), 14748/tcp, 1004/tcp, 9995/tcp (Palace-4), 20000/tcp (DNP), 37879/tcp, 29495/tcp, 2075/tcp (Newlix ServerWare Engine), 22425/tcp, 31112/tcp, 3075/tcp (Orbix 2000 Locator), 34647/tcp, 48283/tcp, 30200/tcp, 410/tcp (DECLadebug Remote Debug Protocol), 22526/tcp, 270/tcp, 55859/tcp, 915/tcp, 5505/tcp (Checkout Database), 321/tcp (PIP), 1997/tcp (cisco Gateway Discovery Protocol), 389/tcp (Lightweight Directory Access Protocol), 8220/tcp, 30389/tcp, 610/tcp (npmp-local), 62/tcp (ACA Services), 7089/tcp, 8900/tcp (JMB-CDS 1), 26667/tcp, 2080/tcp (Autodesk NLM (FLEXlm)), 7547/tcp (DSL Forum CWMP), 1016/tcp, 606/tcp (Cray Unified Resource Manager), 8567/tcp (Object Access Protocol Administration), 835/tcp, 44546/tcp, 2053/tcp (Lot105 DSuper Updates), 23380/tcp, 2902/tcp (NET ASPI), 49494/tcp, 4901/tcp (FileLocator Remote Search Agent), 55253/tcp, 1021/tcp (RFC3692-style Experiment 1 (*)    [RFC4727]), 6787/tcp (Sun Web Console Admin), 8884/tcp, 6902/tcp, 2912/tcp (Epicon), 11001/tcp (Metasys), 10013/tcp, 59495/tcp, 33031/tcp, 13391/tcp, 8089/tcp, 58081/tcp, 32829/tcp, 6345/tcp, 3452/tcp (SABP-Signalling Protocol), 21516/tcp, 6118/tcp, 58485/tcp, 1030/tcp (BBN IAD), 2095/tcp (NBX SER), 57172/tcp, 36869/tcp, 13940/tcp, 23334/tcp, 36000/tcp, 390/tcp (UIS), 54/tcp (XNS Clearinghouse), 42021/tcp, 2344/tcp (fcmsys), 8886/tcp, 903/tcp (self documenting Telnet Panic Door), 11333/tcp, 3386/tcp (GPRS Data), 5875/tcp, 3385/tcp (qnxnetman), 8001/tcp (VCOM Tunnel), 13/tcp (Daytime (RFC 867)), 32526/tcp, 7500/tcp (Silhouette User), 6890/tcp, 29/tcp (MSG ICP), 2056/tcp (OmniSky Port), 24748/tcp, 47/tcp (NI FTP), 55354/tcp, 940/tcp, 47374/tcp, 49899/tcp, 10101/tcp (eZmeeting), 6123/tcp (Backup Express), 7306/tcp, 10389/tcp, 28000/tcp (NX License Manager), 888/tcp (CD Database Protocol), 645/tcp (PSSC), 5005/tcp (RTP control protocol [RFC 3551][RFC 4571]), 6112/tcp (Desk-Top Sub-Process Control Daemon), 33320/tcp, 3040/tcp (Tomato Springs), 7217/tcp, 10047/tcp, 10056/tcp, 860/tcp (iSCSI), 9979/tcp, 305/tcp, 6895/tcp, 33898/tcp, 7779/tcp (VSTAT), 360/tcp (scoi2odialog), 2305/tcp (MT ScaleServer), 26061/tcp, 10007/tcp (MVS Capacity), 3035/tcp (FJSV gssagt), 920/tcp, 5785/tcp (3PAR Inform Remote Copy), 2349/tcp (Diagnostics Port), 7080/tcp (EmpowerID Communication), 5905/tcp, 20/tcp (File Transfer [Default Data]), 33999/tcp, 6881/tcp, 805/tcp, 29000/tcp, 10034/tcp, 8789/tcp, 10029/tcp, 9938/tcp, 47273/tcp, 28990/tcp, 50300/tcp, 26970/tcp, 37677/tcp, 58/tcp (XNS Mail), 3394/tcp (D2K Tapestry Server to Server), 7005/tcp (volume managment server), 8438/tcp, 3451/tcp (ASAM Services), 905/tcp, 2145/tcp (Live Vault Remote Diagnostic Console Support), 7999/tcp (iRDMI2), 3070/tcp (MGXSWITCH), 33801/tcp, 2347/tcp (Game Announcement and Location), 9974/tcp, 8585/tcp, 803/tcp, 7347/tcp, 2762/tcp (DICOM TLS), 59798/tcp, 2432/tcp (codasrv), 840/tcp, 2087/tcp (ELI - Event Logging Integration), 48484/tcp, 770/tcp (cadlock), 1001/tcp, 2672/tcp (nhserver), 23031/tcp, 6014/tcp, 7780/tcp, 37172/tcp, 1010/tcp (surf), 4900/tcp (HyperFileSQL Client/Server Database Engine), 3391/tcp (SAVANT), 53392/tcp, 2041/tcp (interbase), 7002/tcp (users & groups database), 23389/tcp, 630/tcp (RDA), 42/tcp (Host Name Server), 49091/tcp, 785/tcp, 2015/tcp (cypress), 36566/tcp, 6050/tcp, 411/tcp (Remote MT Protocol), 5938/tcp, 10039/tcp, 7771/tcp, 2562/tcp (Delibo), 904/tcp, 21415/tcp, 2567/tcp (Cisco Line Protocol), 8887/tcp, 7570/tcp (Aries Kfinder), 24849/tcp, 425/tcp (ICAD), 59293/tcp, 8881/tcp, 25354/tcp, 8390/tcp, 50/tcp (Remote Mail Checking Protocol), 3085/tcp (PCIHReq), 2253/tcp (DTV Channel Request), 36768/tcp, 27071/tcp, 7660/tcp, 2070/tcp (AH and ESP Encapsulated in UDP packet), 12627/tcp, 3003/tcp (CGMS), 475/tcp (tcpnethaspsrv), 465/tcp (URL Rendesvous Directory for SSM), 15253/tcp, 38283/tcp, 1007/tcp, 7657/tcp, 12345/tcp (Italk Chat System), 10/tcp, 450/tcp (Computer Supported Telecomunication Applications), 5117/tcp (GradeCam Image Processing), 1013/tcp, 36263/tcp, 23536/tcp, 510/tcp (FirstClass Protocol), 26/tcp, 14004/tcp, 996/tcp (vsinet), 600/tcp (Sun IPC server), 17879/tcp, 531/tcp (chat), 60100/tcp, 46061/tcp, 58182/tcp, 6897/tcp, 24546/tcp, 7769/tcp, 1023/tcp, 3563/tcp (Watcom Debug), 7766/tcp, 1011/tcp, 2065/tcp (Data Link Switch Read Port Number), 7307/tcp, 10045/tcp, 22627/tcp, 2242/tcp (Folio Remote Server), 37273/tcp, 712/tcp (TBRPF), 50123/tcp, 6699/tcp, 6882/tcp, 5025/tcp (SCPI-RAW), 43738/tcp, 2992/tcp (Avenyo Server), 2872/tcp (RADIX), 36970/tcp, 44444/tcp, 8877/tcp, 10777/tcp, 35859/tcp, 290/tcp, 33234/tcp, 402/tcp (Genie Protocol), 25000/tcp (icl-twobase1), 14/tcp, 340/tcp, 27000/tcp (-27009 FLEX LM (1-10)), 56162/tcp, 10000/tcp (Network Data Management Protocol), 16970/tcp, 5456/tcp (APC 5456), 22930/tcp, 11920/tcp, 880/tcp, 1015/tcp, 6257/tcp, 25556/tcp, 25758/tcp, 6784/tcp, 7831/tcp, 330/tcp, 7071/tcp (IWGADTS Aircraft Housekeeping Message), 990/tcp (ftp protocol, control, over TLS/SSL), 27778/tcp, 3380/tcp (SNS Channels), 882/tcp, 3397/tcp (Cloanto License Manager), 440/tcp (sgcp), 9991/tcp (OSM Event Server), 28687/tcp, 30/tcp, 607/tcp (nqs), 26869/tcp, 9992/tcp (OnLive-1), 750/tcp (rfile), 37576/tcp, 3388/tcp (CB Server), 2180/tcp (Millicent Vendor Gateway Server), 57273/tcp, 11718/tcp, 4561/tcp, 24/tcp (any private mail system), 7006/tcp (error interpretation service), 10666/tcp, 8501/tcp, 7237/tcp, 33894/tcp, 911/tcp (xact-backup), 22829/tcp, 12930/tcp, 1009/tcp, 33808/tcp, 1214/tcp (KAZAA), 480/tcp (iafdbase), 6906/tcp.
      
BHD Honeypot
Port scan
2020-01-17

In the last 24h, the attacker (93.174.95.41) attempted to scan 444 ports.
The following ports have been scanned: 570/tcp (demon), 10058/tcp, 32425/tcp, 10032/tcp, 700/tcp (Extensible Provisioning Protocol), 57879/tcp, 10010/tcp (ooRexx rxapi services), 320/tcp (PTP General), 9489/tcp, 5215/tcp, 37778/tcp, 9978/tcp, 24445/tcp, 530/tcp (rpc), 50600/tcp, 35000/tcp, 405/tcp (ncld), 35051/tcp, 1991/tcp (cisco STUN Priority 2 port), 8855/tcp, 11444/tcp, 33396/tcp, 33896/tcp, 7787/tcp (Popup Reminders Receive), 63334/tcp, 9876/tcp (Session Director), 38687/tcp, 54748/tcp, 10076/tcp, 795/tcp, 7289/tcp, 10060/tcp, 10011/tcp, 31718/tcp, 960/tcp, 1003/tcp, 54243/tcp, 9006/tcp, 800/tcp (mdbs_daemon), 820/tcp, 57677/tcp, 36465/tcp, 58788/tcp, 9993/tcp (OnLive-2), 17374/tcp, 38000/tcp, 63392/tcp, 970/tcp, 22222/tcp, 8906/tcp, 60006/tcp, 34748/tcp, 10050/tcp (Zabbix Agent), 33435/tcp, 33805/tcp, 33912/tcp, 981/tcp, 33339/tcp, 30600/tcp, 909/tcp, 50500/tcp, 2083/tcp (Secure Radius Service), 22021/tcp, 33536/tcp, 2045/tcp (cdfunc), 707/tcp (Borland DSJ), 34243/tcp, 30000/tcp, 33885/tcp, 985/tcp, 10059/tcp, 9001/tcp (ETL Service Manager), 580/tcp (SNTP HEARTBEAT), 690/tcp (Velazquez Application Transfer Protocol), 61415/tcp, 31920/tcp, 23/tcp (Telnet), 33222/tcp, 58687/tcp, 33300/tcp, 850/tcp, 7778/tcp (Interwise), 4455/tcp (PR Chat User), 31013/tcp, 37071/tcp, 1035/tcp (MX-XR RPC), 56/tcp (XNS Authentication), 33902/tcp, 17677/tcp, 430/tcp (UTMPSD), 55550/tcp, 63388/tcp, 32627/tcp, 1341/tcp (QuBES), 10040/tcp, 59394/tcp, 53380/tcp, 37879/tcp, 650/tcp (OBEX), 13390/tcp, 9977/tcp, 10055/tcp (Quantapoint FLEXlm Licensing Service), 2025/tcp (ellpack), 222/tcp (Berkeley rshd with SPX auth), 999/tcp (puprouter), 33381/tcp, 303/tcp, 27475/tcp, 36667/tcp, 659/tcp, 8008/tcp (HTTP Alternate), 753/tcp (rrh), 10333/tcp, 751/tcp (pump), 915/tcp, 10044/tcp, 389/tcp (Lightweight Directory Access Protocol), 58283/tcp, 875/tcp, 8869/tcp, 165/tcp (Xerox), 33802/tcp, 33916/tcp, 55444/tcp, 1016/tcp, 46768/tcp, 835/tcp, 56789/tcp, 1020/tcp, 870/tcp, 33908/tcp, 10015/tcp, 11111/tcp (Viral Computing Environment (VCE)), 950/tcp, 5093/tcp (Sentinel LM), 7312/tcp, 1002/tcp, 8989/tcp (Sun Web Server SSL Admin Service), 58081/tcp, 32829/tcp, 264/tcp (BGMP), 8291/tcp, 502/tcp (asa-appl-proto), 9996/tcp (Palace-5), 670/tcp (VACDSM-SWS), 4321/tcp (Remote Who Is), 33738/tcp, 57172/tcp, 36869/tcp, 65/tcp (TACACS-Database Service), 1080/tcp (Socks), 38990/tcp, 36000/tcp, 33914/tcp, 10001/tcp (SCP Configuration), 7391/tcp (mind-file system server), 903/tcp (self documenting Telnet Panic Door), 5875/tcp, 22000/tcp (SNAPenetIO), 62526/tcp, 675/tcp (DCTP), 4904/tcp, 63390/tcp, 20700/tcp, 4890/tcp, 55354/tcp, 940/tcp, 337/tcp, 36061/tcp, 8905/tcp, 10014/tcp, 10101/tcp (eZmeeting), 10389/tcp, 12324/tcp, 10087/tcp, 33555/tcp, 33389/tcp, 2060/tcp (Telenium Daemon IF), 33890/tcp, 710/tcp (Entrust Administration Service Handler), 8861/tcp, 15657/tcp, 860/tcp (iSCSI), 53839/tcp, 26061/tcp, 26364/tcp, 10111/tcp, 640/tcp (entrust-sps), 5000/tcp (commplex-main), 55051/tcp, 4433/tcp, 805/tcp, 10034/tcp, 7127/tcp, 8940/tcp, 13738/tcp, 12/tcp, 2100/tcp (Amiga Network Filesystem), 28990/tcp, 7567/tcp, 59091/tcp, 37677/tcp, 258/tcp, 8867/tcp, 930/tcp, 6697/tcp, 10042/tcp, 803/tcp, 8234/tcp, 370/tcp (codaauth2), 4445/tcp (UPNOTIFYP), 3030/tcp (Arepa Cas), 6901/tcp (Novell Jetstream messaging protocol), 840/tcp, 550/tcp (new-who), 10444/tcp, 8300/tcp (Transport Management Interface), 44888/tcp, 2106/tcp (MZAP), 33893/tcp, 56465/tcp, 808/tcp, 33884/tcp, 6060/tcp, 23031/tcp, 30800/tcp, 4234/tcp, 15/tcp, 59595/tcp, 9949/tcp, 10080/tcp (Amanda), 7002/tcp (users & groups database), 60300/tcp, 33111/tcp, 715/tcp (IRIS-LWZ), 470/tcp (scx-proxy), 32/tcp, 5677/tcp (Quest Central DB2 Launchr), 30003/tcp, 4214/tcp, 16465/tcp, 31516/tcp, 8904/tcp, 55888/tcp, 411/tcp (Remote MT Protocol), 53334/tcp, 10039/tcp, 2086/tcp (GNUnet), 666/tcp (doom Id Software), 8898/tcp, 904/tcp, 21415/tcp, 33809/tcp, 39/tcp (Resource Location Protocol), 8901/tcp (JMB-CDS 2), 21012/tcp, 9958/tcp, 25/tcp (Simple Mail Transfer), 9951/tcp (APC 9951), 32000/tcp, 34/tcp, 40/tcp, 21819/tcp, 825/tcp, 10500/tcp, 10555/tcp, 33880/tcp, 11617/tcp, 33806/tcp, 1008/tcp, 36768/tcp, 2070/tcp (AH and ESP Encapsulated in UDP packet), 12627/tcp, 41/tcp (Graphics), 1005/tcp, 615/tcp (Internet Configuration Manager), 58585/tcp, 965/tcp, 5125/tcp, 15253/tcp, 57778/tcp, 37980/tcp, 829/tcp (PKIX-3 CA/RA), 13233/tcp, 20900/tcp, 11222/tcp, 790/tcp, 1007/tcp, 495/tcp (intecourier), 34041/tcp, 1013/tcp, 810/tcp (FCP), 9997/tcp (Palace-6), 14004/tcp, 705/tcp (AgentX), 9459/tcp, 9789/tcp, 50000/tcp, 22888/tcp, 10027/tcp, 17879/tcp, 260/tcp (Openport), 351/tcp (bhoetty (added 5/21/97)), 14000/tcp (SCOTTY High-Speed Filetransfer), 531/tcp (chat), 7777/tcp (cbt), 33399/tcp, 33444/tcp, 625/tcp (DEC DLM), 9954/tcp, 49999/tcp, 33891/tcp, 10099/tcp, 1025/tcp (network blackjack), 9915/tcp, 55777/tcp, 22777/tcp, 3903/tcp (CharsetMGR), 740/tcp, 845/tcp, 216/tcp (Computer Associates Int'l License Server), 10004/tcp (EMC Replication Manager Client), 19798/tcp, 37273/tcp, 7001/tcp (callbacks to cache managers), 59899/tcp, 5901/tcp, 56970/tcp, 33913/tcp, 2872/tcp (RADIX), 33385/tcp, 14243/tcp, 10777/tcp, 8890/tcp (Desktop Data TCP 2), 29091/tcp, 8850/tcp, 51213/tcp, 402/tcp (Genie Protocol), 323/tcp, 38889/tcp, 945/tcp, 29899/tcp, 9969/tcp, 33400/tcp, 3873/tcp (fagordnc), 33839/tcp, 12829/tcp, 33666/tcp, 14950/tcp, 245/tcp (LINK), 880/tcp, 730/tcp (IBM NetView DM/6000 send/tcp), 330/tcp, 7724/tcp (Novell Snap-in Deep Freeze Control), 990/tcp (ftp protocol, control, over TLS/SSL), 17980/tcp, 5080/tcp (OnScreen Data Collection Service), 33393/tcp, 43940/tcp, 32021/tcp, 12728/tcp, 63839/tcp, 10077/tcp, 3399/tcp (CSMS), 44555/tcp, 9991/tcp (OSM Event Server), 9999/tcp (distinct), 11819/tcp, 10038/tcp, 415/tcp (BNet), 607/tcp (nqs), 12000/tcp (IBM Enterprise Extender SNA XID Exchange), 2102/tcp (Zephyr server), 33807/tcp, 750/tcp (rfile), 4566/tcp (Kids Watch Time Control Service), 62324/tcp, 37576/tcp, 54321/tcp, 33925/tcp, 560/tcp (rmonitord), 13536/tcp, 7010/tcp (onlinet uninterruptable power supplies), 605/tcp (SOAP over BEEP), 2000/tcp (Cisco SCCP), 29697/tcp, 175/tcp (VMNET), 295/tcp, 35657/tcp, 275/tcp, 9950/tcp (APC 9950), 33637/tcp, 8333/tcp, 39293/tcp, 6906/tcp.
      
BHD Honeypot
Port scan
2020-01-16

In the last 24h, the attacker (93.174.95.41) attempted to scan 398 ports.
The following ports have been scanned: 34950/tcp, 10058/tcp, 7901/tcp (TNOS Service Protocol), 19495/tcp, 103/tcp (Genesis Point-to-Point Trans Net), 700/tcp (Extensible Provisioning Protocol), 10065/tcp, 55589/tcp, 9018/tcp, 652/tcp (HELLO_PORT), 15354/tcp, 320/tcp (PTP General), 33395/tcp, 53132/tcp, 347/tcp (Fatmen Server), 1032/tcp (BBN IAD), 50400/tcp, 555/tcp (dsf), 35000/tcp, 14647/tcp, 9009/tcp (Pichat Server), 33904/tcp, 735/tcp, 8855/tcp, 33896/tcp, 9900/tcp (IUA), 8825/tcp, 9329/tcp, 54748/tcp, 680/tcp (entrust-aaas), 660/tcp (MacOS Server Admin), 16869/tcp, 27374/tcp, 10060/tcp, 8815/tcp, 800/tcp (mdbs_daemon), 61016/tcp, 46869/tcp, 2678/tcp (Gadget Gate 2 Way), 14849/tcp, 54142/tcp, 52122/tcp, 2346/tcp (Game Connection Port), 8851/tcp, 725/tcp, 970/tcp, 11190/tcp, 8906/tcp, 34748/tcp, 10050/tcp (Zabbix Agent), 18586/tcp, 33805/tcp, 25859/tcp, 33912/tcp, 61213/tcp, 9988/tcp (Software Essentials Secure HTTP server), 9011/tcp, 5040/tcp, 9833/tcp, 34243/tcp, 33929/tcp, 79/tcp (Finger), 61415/tcp, 13388/tcp, 395/tcp (NetScout Control Protocol), 18283/tcp, 33222/tcp, 30900/tcp, 5985/tcp (WBEM WS-Management HTTP), 10081/tcp (FAM Archive Server), 90/tcp (DNSIX Securit Attribute Token Map), 47980/tcp, 19999/tcp (Distributed Network Protocol - Secure), 11777/tcp, 8933/tcp, 16667/tcp, 17576/tcp, 8860/tcp, 29394/tcp, 33882/tcp, 59394/tcp, 40300/tcp, 34445/tcp, 56061/tcp, 650/tcp (OBEX), 10008/tcp (Octopus Multiplexer), 754/tcp (send), 520/tcp (extended file name server), 8839/tcp, 999/tcp (puprouter), 30200/tcp, 50700/tcp, 36667/tcp, 33887/tcp, 8008/tcp (HTTP Alternate), 4784/tcp (BFD Multihop Control), 33803/tcp, 389/tcp (Lightweight Directory Access Protocol), 30389/tcp, 900/tcp (OMG Initial Refs), 95/tcp (SUPDUP), 1034/tcp (ActiveSync Notifications), 106/tcp (3COM-TSMUX), 33802/tcp, 33916/tcp, 9017/tcp, 54647/tcp, 28788/tcp, 33910/tcp, 8567/tcp (Object Access Protocol Administration), 835/tcp, 44546/tcp, 14546/tcp, 685/tcp (MDC Port Mapper), 8767/tcp, 9129/tcp, 55253/tcp, 5093/tcp (Sentinel LM), 50001/tcp, 8100/tcp (Xprint Server), 33031/tcp, 13435/tcp, 10035/tcp, 13391/tcp, 8989/tcp (Sun Web Server SSL Admin Service), 502/tcp (asa-appl-proto), 11110/tcp, 1080/tcp (Socks), 760/tcp (ns), 54/tcp (XNS Clearinghouse), 16000/tcp (Administration Server Access), 8830/tcp, 10001/tcp (SCP Configuration), 20300/tcp, 19899/tcp, 8886/tcp, 11333/tcp, 777/tcp (Multiling HTTP), 62526/tcp, 210/tcp (ANSI Z39.50), 52627/tcp, 13839/tcp, 9007/tcp, 675/tcp (DCTP), 20700/tcp, 33909/tcp, 5050/tcp (multimedia conference control tool), 55354/tcp, 337/tcp, 8905/tcp, 8218/tcp, 10389/tcp, 7171/tcp (Discovery and Retention Mgt Production), 888/tcp (CD Database Protocol), 22444/tcp, 33895/tcp, 8222/tcp, 10056/tcp, 860/tcp (iSCSI), 8128/tcp (PayCash Online Protocol), 9016/tcp, 33898/tcp, 33940/tcp, 360/tcp (scoi2odialog), 9012/tcp, 540/tcp (uucpd), 11999/tcp, 10111/tcp, 6888/tcp (MUSE), 64646/tcp, 6782/tcp, 33999/tcp, 17000/tcp, 805/tcp, 8789/tcp, 7897/tcp, 55758/tcp, 8940/tcp, 4750/tcp (Simple Service Auto Discovery), 120/tcp (CFDPTKT), 50300/tcp, 59091/tcp, 30100/tcp, 8894/tcp (Desktop Data TCP 6: COAL application), 285/tcp, 45657/tcp, 8867/tcp, 9043/tcp, 7999/tcp (iRDMI2), 55152/tcp, 33804/tcp, 8456/tcp, 33397/tcp, 9974/tcp, 8585/tcp, 54041/tcp, 8823/tcp, 59798/tcp, 33330/tcp, 901/tcp (SMPNAMERES), 8678/tcp, 808/tcp, 13032/tcp, 770/tcp (cadlock), 490/tcp (micom-pfs), 23031/tcp, 6014/tcp, 30800/tcp, 10100/tcp (VERITAS ITAP DDTP), 48384/tcp, 15859/tcp, 9013/tcp, 53392/tcp, 33111/tcp, 715/tcp (IRIS-LWZ), 630/tcp (RDA), 10999/tcp, 785/tcp, 55555/tcp, 45859/tcp, 5566/tcp (Westec Connect), 310/tcp (bhmds), 53334/tcp, 5666/tcp, 8887/tcp, 8294/tcp (Bloomberg intelligent client), 49596/tcp, 8899/tcp (ospf-lite), 195/tcp (DNSIX Network Level Module Audit), 825/tcp, 10555/tcp, 33880/tcp, 33806/tcp, 1008/tcp, 615/tcp (Internet Configuration Manager), 44849/tcp, 420/tcp (SMPTE), 5125/tcp, 4984/tcp (WebYast), 815/tcp, 33335/tcp, 20900/tcp, 55666/tcp, 52728/tcp, 790/tcp, 9389/tcp (Active Directory Web Services), 495/tcp (intecourier), 12345/tcp (Italk Chat System), 34041/tcp, 810/tcp (FCP), 925/tcp, 510/tcp (FirstClass Protocol), 705/tcp (AgentX), 9789/tcp, 8010/tcp, 260/tcp (Openport), 351/tcp (bhoetty (added 5/21/97)), 2008/tcp (conf), 531/tcp (chat), 33897/tcp, 59192/tcp, 33921/tcp, 46061/tcp, 625/tcp (DEC DLM), 7796/tcp, 9954/tcp, 15252/tcp, 505/tcp (mailbox-lm), 91/tcp (MIT Dover Spooler), 33891/tcp, 7020/tcp (DP Serve), 58182/tcp, 7000/tcp (file server itself), 48182/tcp, 64748/tcp, 65000/tcp, 740/tcp, 58889/tcp, 8870/tcp, 10045/tcp, 845/tcp, 45960/tcp, 712/tcp (TBRPF), 14445/tcp, 50123/tcp, 33923/tcp, 59697/tcp, 33913/tcp, 33886/tcp, 33391/tcp, 41011/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 42324/tcp, 8864/tcp, 51213/tcp, 323/tcp, 8768/tcp, 340/tcp, 34849/tcp, 40900/tcp, 44777/tcp, 20100/tcp, 5890/tcp, 333/tcp (Texar Security Port), 902/tcp (self documenting Telnet Door), 22728/tcp, 33350/tcp, 9678/tcp, 34546/tcp, 53940/tcp, 44999/tcp, 720/tcp, 54545/tcp, 16768/tcp, 440/tcp (sgcp), 31617/tcp, 10077/tcp, 8918/tcp, 50900/tcp, 9999/tcp (distinct), 10888/tcp, 8908/tcp, 750/tcp (rfile), 5667/tcp, 33387/tcp, 8189/tcp, 54321/tcp, 33380/tcp, 33925/tcp, 560/tcp (rmonitord), 13536/tcp, 605/tcp (SOAP over BEEP), 51617/tcp, 10666/tcp, 8501/tcp, 29697/tcp, 74/tcp (Remote Job Service), 295/tcp, 911/tcp (xact-backup), 7456/tcp, 33777/tcp, 12930/tcp, 33637/tcp, 48990/tcp, 55960/tcp, 12223/tcp.
      
BHD Honeypot
Port scan
2020-01-15

In the last 24h, the attacker (93.174.95.41) attempted to scan 501 ports.
The following ports have been scanned: 23738/tcp, 570/tcp (demon), 10058/tcp, 51718/tcp, 42000/tcp, 93/tcp (Device Control Protocol), 5672/tcp (AMQP), 103/tcp (Genesis Point-to-Point Trans Net), 10032/tcp, 700/tcp (Extensible Provisioning Protocol), 910/tcp (Kerberized Internet Negotiation of Keys (KINK)), 57879/tcp, 55657/tcp, 652/tcp (HELLO_PORT), 5215/tcp, 53132/tcp, 530/tcp (rpc), 50600/tcp, 6886/tcp, 6785/tcp (DGPF Individual Exchange), 52829/tcp, 555/tcp (dsf), 9009/tcp (Pichat Server), 735/tcp, 9110/tcp, 8855/tcp, 9000/tcp (CSlistener), 53637/tcp, 56869/tcp, 50200/tcp, 97/tcp (Swift Remote Virtural File Protocol), 325/tcp, 53031/tcp, 960/tcp, 3395/tcp (Dyna License Manager (Elam)), 20600/tcp, 2593/tcp (MNS Mail Notice Service), 8815/tcp, 7788/tcp, 57677/tcp, 56364/tcp, 60001/tcp, 59999/tcp, 111/tcp (SUN Remote Procedure Call), 52122/tcp, 725/tcp, 4662/tcp (OrbitNet Message Service), 8087/tcp (Simplify Media SPP Protocol), 11190/tcp, 8906/tcp, 7781/tcp (accu-lmgr), 10050/tcp (Zabbix Agent), 7898/tcp, 7894/tcp, 55000/tcp, 9011/tcp, 5040/tcp, 54849/tcp, 52021/tcp, 8458/tcp, 10021/tcp, 10066/tcp, 745/tcp, 707/tcp (Borland DSJ), 34243/tcp, 30000/tcp, 315/tcp (DPSI), 12526/tcp, 11666/tcp, 94/tcp (Tivoli Object Dispatcher), 40500/tcp, 435/tcp (MobilIP-MN), 50100/tcp, 4874/tcp, 8348/tcp, 985/tcp, 6006/tcp, 44748/tcp, 690/tcp (Velazquez Application Transfer Protocol), 3383/tcp (Enterprise Software Products License Manager), 96/tcp (DIXIE Protocol Specification), 30900/tcp, 58687/tcp, 5555/tcp (Personal Agent), 5985/tcp (WBEM WS-Management HTTP), 15000/tcp (Hypack Data Aquisition), 8808/tcp, 352/tcp (bhoedap4 (added 5/21/97)), 10081/tcp (FAM Archive Server), 130/tcp (cisco FNATIVE), 90/tcp (DNSIX Securit Attribute Token Map), 15455/tcp, 5010/tcp (TelepathStart), 63/tcp (whois++), 6884/tcp, 991/tcp (Netnews Administration System), 82/tcp (XFER Utility), 56/tcp (XNS Authentication), 11777/tcp, 14344/tcp, 8902/tcp, 430/tcp (UTMPSD), 590/tcp (TNS CML), 4035/tcp (WAP Push OTA-HTTP port), 14748/tcp, 33911/tcp, 59394/tcp, 53380/tcp, 62626/tcp, 650/tcp (OBEX), 5015/tcp (FileMaker, Inc. - Web publishing), 50005/tcp, 460/tcp (skronk), 62000/tcp, 9977/tcp, 754/tcp (send), 22425/tcp, 34647/tcp, 222/tcp (Berkeley rshd with SPX auth), 104/tcp (ACR-NEMA Digital Imag. & Comm. 300), 303/tcp, 410/tcp (DECLadebug Remote Debug Protocol), 50700/tcp, 33887/tcp, 6000/tcp (-6063/udp   X Window System), 110/tcp (Post Office Protocol - Version 3), 57980/tcp, 6326/tcp, 7889/tcp, 55859/tcp, 753/tcp (rrh), 10333/tcp, 751/tcp (pump), 915/tcp, 5895/tcp, 8220/tcp, 58283/tcp, 900/tcp (OMG Initial Refs), 6894/tcp, 7089/tcp, 95/tcp (SUPDUP), 8443/tcp (PCsync HTTPS), 106/tcp (3COM-TSMUX), 60000/tcp, 33916/tcp, 76/tcp (Distributed External Object Store), 46566/tcp, 835/tcp, 2369/tcp, 685/tcp (MDC Port Mapper), 7799/tcp (Alternate BSDP Service), 870/tcp, 86/tcp (Micro Focus Cobol), 8767/tcp, 33908/tcp, 6787/tcp (Sun Web Console Admin), 8389/tcp, 11001/tcp (Metasys), 50001/tcp, 7312/tcp, 10013/tcp, 13391/tcp, 9890/tcp, 9080/tcp (Groove GLRPC), 980/tcp, 8089/tcp, 57/tcp (any private terminal access), 8989/tcp (Sun Web Server SSL Admin Service), 58081/tcp, 8291/tcp, 10017/tcp, 895/tcp, 11110/tcp, 1030/tcp (BBN IAD), 65/tcp (TACACS-Database Service), 13940/tcp, 8830/tcp, 100/tcp ([unauthorized use]), 51112/tcp, 5875/tcp, 8001/tcp (VCOM Tunnel), 777/tcp (Multiling HTTP), 13/tcp (Daytime (RFC 867)), 22000/tcp (SNAPenetIO), 70/tcp (Gopher), 675/tcp (DCTP), 53390/tcp, 4894/tcp (LysKOM Protocol A), 48/tcp (Digital Audit Daemon), 47/tcp (NI FTP), 940/tcp, 2017/tcp (cypress-stat), 8905/tcp, 51819/tcp, 5445/tcp, 52000/tcp, 8218/tcp, 10389/tcp, 1311/tcp (RxMon), 6129/tcp, 10087/tcp, 645/tcp (PSSC), 6112/tcp (Desk-Top Sub-Process Control Daemon), 710/tcp (Entrust Administration Service Handler), 18485/tcp, 7217/tcp, 8222/tcp, 8128/tcp (PayCash Online Protocol), 2251/tcp (Distributed Framework Port), 6895/tcp, 7779/tcp (VSTAT), 5070/tcp (VersaTrans Server Agent Service), 84/tcp (Common Trace Facility), 52930/tcp, 640/tcp (entrust-sps), 5785/tcp (3PAR Inform Remote Copy), 7389/tcp, 7080/tcp (EmpowerID Communication), 8080/tcp (HTTP Alternate (see port 80)), 22333/tcp, 78/tcp (vettcp), 43/tcp (Who Is), 55222/tcp, 10034/tcp, 8789/tcp, 7127/tcp, 55758/tcp, 8940/tcp, 9938/tcp, 12/tcp, 7567/tcp, 58/tcp (XNS Mail), 8438/tcp, 905/tcp, 59/tcp (any private file service), 10042/tcp, 7025/tcp (Vormetric Service II), 148/tcp (Jargon), 803/tcp, 46/tcp (MPM [default send]), 54041/tcp, 8823/tcp, 7896/tcp, 109/tcp (Post Office Protocol - Version 2), 695/tcp (IEEE-MMS-SSL), 17/tcp (Quote of the Day), 59798/tcp, 7892/tcp, 56566/tcp, 73/tcp (Remote Job Service), 550/tcp (new-who), 8678/tcp, 56465/tcp, 808/tcp, 5435/tcp (SCEANICS situation and action notification), 6060/tcp, 490/tcp (micom-pfs), 23031/tcp, 5107/tcp, 15/tcp, 13000/tcp, 9949/tcp, 4900/tcp (HyperFileSQL Client/Server Database Engine), 5544/tcp, 81/tcp, 17778/tcp, 53392/tcp, 2041/tcp (interbase), 10078/tcp, 7002/tcp (users & groups database), 715/tcp (IRIS-LWZ), 42/tcp (Host Name Server), 470/tcp (scx-proxy), 444/tcp (Simple Network Paging Protocol), 52324/tcp, 5677/tcp (Quest Central DB2 Launchr), 47474/tcp, 55555/tcp, 8840/tcp, 45859/tcp, 16465/tcp, 8904/tcp, 105/tcp (Mailbox Name Nameserver), 5938/tcp, 4672/tcp (remote file access server), 53334/tcp, 5035/tcp, 666/tcp (doom Id Software), 904/tcp, 114/tcp, 21415/tcp, 8887/tcp, 39/tcp (Resource Location Protocol), 9958/tcp, 55111/tcp, 40/tcp, 49192/tcp, 6876/tcp, 10500/tcp, 10555/tcp, 59293/tcp, 8881/tcp, 8390/tcp, 7660/tcp, 41/tcp (Graphics), 615/tcp (Internet Configuration Manager), 7917/tcp, 8345/tcp, 5674/tcp (HyperSCSI Port), 465/tcp (URL Rendesvous Directory for SSM), 965/tcp, 2234/tcp (DirectPlay), 57778/tcp, 2014/tcp (troff), 829/tcp (PKIX-3 CA/RA), 52728/tcp, 11222/tcp, 2004/tcp (mailbox), 12345/tcp (Italk Chat System), 10/tcp, 5045/tcp (Open Settlement Protocol), 450/tcp (Computer Supported Telecomunication Applications), 35960/tcp, 9997/tcp (Palace-6), 554/tcp (Real Time Streaming Protocol (RTSP)), 481/tcp (Ph service), 43389/tcp, 14000/tcp (SCOTTY High-Speed Filetransfer), 531/tcp (chat), 7777/tcp (cbt), 10033/tcp, 49999/tcp, 2328/tcp (Netrix SFTM), 51/tcp (IMP Logical Address Maintenance), 91/tcp (MIT Dover Spooler), 20800/tcp, 10099/tcp, 8328/tcp, 7000/tcp (file server itself), 13637/tcp, 53388/tcp, 7769/tcp, 19/tcp (Character Generator), 9912/tcp, 22777/tcp, 45051/tcp, 8859/tcp, 7766/tcp, 740/tcp, 8870/tcp, 45454/tcp, 28/tcp, 98/tcp (TAC News), 113/tcp (Authentication Service), 712/tcp (TBRPF), 59697/tcp, 5675/tcp (V5UA application port), 14243/tcp, 33924/tcp, 8864/tcp, 2452/tcp (SnifferClient), 5676/tcp (RA Administration), 8999/tcp (Brodos Crypto Trade Protocol), 9994/tcp (OnLive-3), 9969/tcp, 256/tcp (RAP), 6892/tcp, 56162/tcp, 5671/tcp (amqp protocol over TLS/SSL), 375/tcp (Hassle), 7895/tcp, 5890/tcp, 5679/tcp (Direct Cable Connect Manager), 902/tcp (self documenting Telnet Door), 412/tcp (Trap Convention Port), 730/tcp (IBM NetView DM/6000 send/tcp), 64/tcp (Communications Integrator (CI)), 54950/tcp, 330/tcp, 8868/tcp, 720/tcp, 85/tcp (MIT ML Device), 5080/tcp (OnScreen Data Collection Service), 33393/tcp, 5105/tcp, 882/tcp, 18000/tcp (Beckman Instruments, Inc.), 49394/tcp, 5499/tcp, 60200/tcp, 5123/tcp, 8918/tcp, 38/tcp (Route Access Protocol), 6116/tcp (XicTools License Manager Service), 415/tcp (BNet), 500/tcp (isakmp), 607/tcp (nqs), 8880/tcp (CDDBP), 10888/tcp, 8908/tcp, 33387/tcp, 8189/tcp, 55333/tcp, 33380/tcp, 12425/tcp, 11888/tcp, 57475/tcp, 57273/tcp, 5075/tcp, 11718/tcp, 24/tcp (any private mail system), 7006/tcp (error interpretation service), 7234/tcp, 10666/tcp, 7237/tcp, 5523/tcp, 9916/tcp, 22829/tcp, 1009/tcp, 31/tcp (MSG Authentication), 8333/tcp, 170/tcp (Network PostScript), 480/tcp (iafdbase), 6906/tcp.
      
BHD Honeypot
Port scan
2020-01-14

In the last 24h, the attacker (93.174.95.41) attempted to scan 407 ports.
The following ports have been scanned: 10058/tcp, 8074/tcp (Gadu-Gadu), 93/tcp (Device Control Protocol), 54344/tcp, 230/tcp, 10222/tcp, 57879/tcp, 1022/tcp (RFC3692-style Experiment 2 (*)    [RFC4727]), 9489/tcp, 240/tcp, 7744/tcp (RAQMON PDU), 50400/tcp, 3123/tcp (EDI Translation Protocol), 75/tcp (any private dial out service), 35000/tcp, 33903/tcp, 33904/tcp, 1678/tcp (prolink), 190/tcp (Gateway Access Control Protocol), 33388/tcp, 2012/tcp (ttyinfo), 11444/tcp, 200/tcp (IBM System Resource Controller), 8500/tcp (Flight Message Transfer Protocol), 33896/tcp, 350/tcp (MATIP Type A), 63334/tcp, 56869/tcp, 97/tcp (Swift Remote Virtural File Protocol), 4345/tcp (Macro 4 Network AS), 47677/tcp, 20400/tcp, 325/tcp, 51011/tcp, 31718/tcp, 5235/tcp (Galaxy Network Service), 51314/tcp, 54243/tcp, 9006/tcp, 57677/tcp, 9696/tcp, 400/tcp (Oracle Secure Backup), 58788/tcp, 1431/tcp (Reverse Gossip Transport), 69/tcp (Trivial File Transfer), 33912/tcp, 54849/tcp, 52021/tcp, 50500/tcp, 2030/tcp (device2), 8458/tcp, 3344/tcp (BNT Manager), 33536/tcp, 10066/tcp, 707/tcp (Borland DSJ), 30000/tcp, 11666/tcp, 2011/tcp (raid), 61819/tcp, 1024/tcp (Reserved), 33929/tcp, 19920/tcp, 53233/tcp, 235/tcp, 33222/tcp, 58687/tcp, 5555/tcp (Personal Agent), 62930/tcp, 83/tcp (MIT ML Device), 11777/tcp, 8933/tcp, 101/tcp (NIC Host Name Server), 35556/tcp, 7723/tcp, 10040/tcp, 33911/tcp, 385/tcp (IBM Application), 5015/tcp (FileMaker, Inc. - Web publishing), 2050/tcp (Avaya EMB Config Port), 45253/tcp, 2025/tcp (ellpack), 520/tcp (extended file name server), 3103/tcp (Autocue SMI Protocol), 8839/tcp, 1651/tcp (shiva_confsrvr), 30200/tcp, 11555/tcp, 57980/tcp, 8008/tcp (HTTP Alternate), 4784/tcp (BFD Multihop Control), 270/tcp, 10333/tcp, 6786/tcp (Sun Java Web Console JMX), 9998/tcp (Distinct32), 751/tcp (pump), 52223/tcp, 321/tcp (PIP), 1997/tcp (cisco Gateway Discovery Protocol), 1090/tcp (FF Fieldbus Message Specification), 4045/tcp (Network Paging Protocol), 6894/tcp, 62/tcp (ACA Services), 9919/tcp, 8443/tcp (PCsync HTTPS), 44440/tcp, 7547/tcp (DSL Forum CWMP), 60000/tcp, 55444/tcp, 46768/tcp, 33910/tcp, 3065/tcp (slinterbase), 4747/tcp, 606/tcp (Cray Unified Resource Manager), 56789/tcp, 22999/tcp, 1231/tcp (menandmice-lpm), 61000/tcp, 86/tcp (Micro Focus Cobol), 2542/tcp (uDraw(Graph)), 4901/tcp (FileLocator Remote Search Agent), 55253/tcp, 10020/tcp, 11001/tcp (Metasys), 59495/tcp, 33031/tcp, 33394/tcp, 5510/tcp, 502/tcp (asa-appl-proto), 4321/tcp (Remote Who Is), 57071/tcp, 58485/tcp, 57172/tcp, 6889/tcp, 1080/tcp (Socks), 36000/tcp, 9345/tcp, 20300/tcp, 5176/tcp, 13/tcp (Daytime (RFC 867)), 62526/tcp, 32526/tcp, 210/tcp (ANSI Z39.50), 675/tcp (DCTP), 4904/tcp, 31415/tcp, 53390/tcp, 3384/tcp (Cluster Management Services), 33909/tcp, 4890/tcp, 33883/tcp, 5511/tcp, 5445/tcp, 7306/tcp, 1311/tcp (RxMon), 1122/tcp (availant-mgr), 22444/tcp, 1561/tcp (facilityview), 10087/tcp, 10030/tcp, 5005/tcp (RTP control protocol [RFC 3551][RFC 4571]), 710/tcp (Entrust Administration Service Handler), 33320/tcp, 9979/tcp, 3393/tcp (D2K Tapestry Client to Server), 53839/tcp, 5070/tcp (VersaTrans Server Agent Service), 84/tcp (Common Trace Facility), 10007/tcp (MVS Capacity), 11999/tcp, 2892/tcp (SNIFFERDATA), 63233/tcp, 2349/tcp (Diagnostics Port), 5905/tcp, 8080/tcp (HTTP Alternate (see port 80)), 20/tcp (File Transfer [Default Data]), 6881/tcp, 56768/tcp, 8568/tcp, 4563/tcp, 4433/tcp, 8789/tcp, 10026/tcp, 2016/tcp (bootserver), 120/tcp (CFDPTKT), 8238/tcp, 59091/tcp, 53/tcp (Domain Name Server), 33382/tcp, 8438/tcp, 89/tcp (SU/MIT Telnet Gateway), 285/tcp, 51015/tcp, 4025/tcp (Partition Image Port), 10042/tcp, 5673/tcp (JACL Message Server), 10012/tcp, 8585/tcp, 9549/tcp, 109/tcp (Post Office Protocol - Version 2), 17/tcp (Quote of the Day), 185/tcp (Remote-KIS), 901/tcp (SMPNAMERES), 9219/tcp, 10444/tcp, 21314/tcp, 8300/tcp (Transport Management Interface), 33893/tcp, 48484/tcp, 13032/tcp, 23435/tcp, 7780/tcp, 5107/tcp, 15/tcp, 10100/tcp (VERITAS ITAP DDTP), 59595/tcp, 3391/tcp (SAVANT), 4080/tcp (Lorica inside facing), 1716/tcp (xmsg), 1201/tcp (Nucleus Sand Database Server), 6900/tcp, 60300/tcp, 715/tcp (IRIS-LWZ), 42/tcp (Host Name Server), 10999/tcp, 5030/tcp (SurfPass), 32/tcp, 52/tcp (XNS Time Protocol), 55555/tcp, 4214/tcp, 31516/tcp, 10039/tcp, 666/tcp (doom Id Software), 33809/tcp, 2007/tcp (dectalk), 36/tcp, 25/tcp (Simple Mail Transfer), 1541/tcp (rds2), 34/tcp, 4055/tcp (CosmoCall Universe Communications Port 3), 10500/tcp, 33880/tcp, 8390/tcp, 11617/tcp, 50/tcp (Remote Mail Checking Protocol), 1321/tcp (PIP), 58585/tcp, 475/tcp (tcpnethaspsrv), 7007/tcp (basic overseer process), 8889/tcp (Desktop Data TCP 1), 33907/tcp, 55666/tcp, 11222/tcp, 7657/tcp, 9389/tcp (Active Directory Web Services), 4568/tcp (BMC Reporting), 150/tcp (SQL-NET), 61718/tcp, 2243/tcp (Magicom Protocol), 1917/tcp (nOAgent), 3381/tcp (Geneous), 4678/tcp (boundary traversal), 36263/tcp, 61/tcp (NI MAIL), 48889/tcp, 4654/tcp, 26/tcp, 87/tcp (any private terminal link), 8010/tcp, 260/tcp (Openport), 14000/tcp (SCOTTY High-Speed Filetransfer), 2008/tcp (conf), 102/tcp (ISO-TSAP Class 0), 60100/tcp, 59192/tcp, 33921/tcp, 123/tcp (Network Time Protocol), 8548/tcp, 30500/tcp, 20800/tcp, 1019/tcp, 33917/tcp, 9569/tcp, 19/tcp (Character Generator), 58889/tcp, 10045/tcp, 845/tcp, 27/tcp (NSW User System FE), 113/tcp (Authentication Service), 59899/tcp, 14445/tcp, 61314/tcp, 6882/tcp, 56970/tcp, 43738/tcp, 35152/tcp, 7345/tcp, 56000/tcp, 21617/tcp, 10777/tcp, 2096/tcp (NBX DIR), 290/tcp, 29091/tcp, 51213/tcp, 5085/tcp (EPCglobal Encrypted LLRP), 14/tcp, 280/tcp (http-mgmt), 37/tcp (Time), 10022/tcp, 58990/tcp, 340/tcp, 57575/tcp, 27980/tcp, 4565/tcp, 33839/tcp, 48687/tcp, 2020/tcp (xinupageserver), 365/tcp (DTK), 63031/tcp, 4764/tcp, 40200/tcp, 33899/tcp, 33350/tcp, 67/tcp (Bootstrap Protocol Server), 8868/tcp, 7724/tcp (Novell Snap-in Deep Freeze Control), 2085/tcp (ADA Control), 33889/tcp, 10025/tcp, 53389/tcp, 45/tcp (Message Processing Module [recv]), 12728/tcp, 7457/tcp, 19000/tcp (iGrid Server), 58384/tcp, 5031/tcp, 60200/tcp, 57374/tcp, 11819/tcp, 6116/tcp (XicTools License Manager Service), 257/tcp (Secure Electronic Transaction), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 10888/tcp, 5765/tcp, 33919/tcp, 22555/tcp (Vocaltec Web Conference), 62728/tcp, 62324/tcp, 11888/tcp, 57475/tcp, 5075/tcp, 4561/tcp, 605/tcp (SOAP over BEEP), 51617/tcp, 8501/tcp, 10002/tcp (EMC-Documentum Content Server Product), 7237/tcp, 5234/tcp (EEnet communications), 35657/tcp, 7456/tcp, 275/tcp, 6885/tcp, 55960/tcp, 12223/tcp.
      
BHD Honeypot
Port scan
2020-01-13

Port scan from IP: 93.174.95.41 detected by psad.
BHD Honeypot
Port scan
2019-11-15

In the last 24h, the attacker (93.174.95.41) attempted to scan 1518 ports.
The following ports have been scanned: 5209/tcp, 5387/tcp, 5395/tcp, 7636/tcp, 10321/tcp (Computer Op System Information Report), 5290/tcp, 5036/tcp, 7686/tcp, 5672/tcp (AMQP), 6689/tcp (Tofino Security Appliance), 5318/tcp, 5513/tcp, 10065/tcp, 10091/tcp, 10222/tcp, 7679/tcp, 10010/tcp (ooRexx rxapi services), 10202/tcp, 7502/tcp, 5368/tcp, 5148/tcp, 5060/tcp (SIP), 7700/tcp (EM7 Secure Communications), 10363/tcp, 10005/tcp (EMC Replication Manager Server), 5421/tcp (Net Support 2), 7690/tcp, 10147/tcp, 5102/tcp (Oracle OMS non-secure), 7691/tcp, 5126/tcp, 5215/tcp, 5495/tcp, 10311/tcp, 7622/tcp, 5314/tcp (opalis-rbt-ipc), 10226/tcp, 7697/tcp (KLIO communications), 5529/tcp, 5406/tcp (Systemics Sox), 5043/tcp (ShopWorX Administration), 10154/tcp, 10182/tcp, 5183/tcp, 10342/tcp, 5062/tcp (Localisation access), 5402/tcp (OmniCast MFTP), 5100/tcp (Socalia service mux), 2222/tcp (EtherNet/IP I/O), 5517/tcp, 5201/tcp (TARGUS GetData 1), 5490/tcp, 7678/tcp, 10340/tcp, 5364/tcp, 7692/tcp, 7532/tcp, 5516/tcp, 5182/tcp, 10395/tcp, 5614/tcp, 5233/tcp, 10361/tcp, 5066/tcp (STANAG-5066-SUBNET-INTF), 5567/tcp (Multicast Object Access Protocol), 5563/tcp, 5470/tcp, 5282/tcp (Marimba Transmitter Port), 5273/tcp, 5474/tcp, 10373/tcp, 5430/tcp (RADEC CORP), 10054/tcp, 5482/tcp, 5431/tcp (PARK AGENT), 5425/tcp (Beyond Remote Command Channel), 10076/tcp, 10142/tcp, 5606/tcp, 5642/tcp, 5405/tcp (NetSupport), 5539/tcp, 10060/tcp, 5013/tcp (FileMaker, Inc. - Proprietary transport), 5071/tcp (PowerSchool), 5597/tcp (inin secure messaging), 5220/tcp, 5545/tcp, 10241/tcp, 5235/tcp (Galaxy Network Service), 5057/tcp (Intecom Pointspan 2), 7608/tcp, 10352/tcp, 5491/tcp, 10046/tcp, 10390/tcp, 10384/tcp, 5175/tcp, 7685/tcp, 5372/tcp, 10023/tcp, 7661/tcp, 5549/tcp, 5237/tcp (m-net discovery), 7666/tcp, 10070/tcp, 5346/tcp, 5354/tcp (Multicast DNS Responder IPC), 5390/tcp, 10270/tcp, 5576/tcp, 5602/tcp (A1-MSC), 5326/tcp, 5695/tcp, 5305/tcp (HA Cluster Test), 5437/tcp, 5650/tcp, 5571/tcp, 10334/tcp, 10310/tcp, 5363/tcp (Windows Network Projection), 5469/tcp, 5321/tcp (Webservices-based Zn interface of BSF over SSL), 10085/tcp, 5008/tcp (Synapsis EDGE), 5223/tcp (HP Virtual Machine Group Management), 5320/tcp (Webservices-based Zn interface of BSF), 5072/tcp (Anything In Anything), 10156/tcp, 10247/tcp, 5670/tcp, 10050/tcp (Zabbix Agent), 7598/tcp, 5297/tcp, 5059/tcp (SIP Directory Services), 7530/tcp, 5442/tcp, 10024/tcp, 5509/tcp, 5514/tcp, 10233/tcp, 10125/tcp, 5167/tcp (SCTE104 Connection), 5613/tcp, 5150/tcp (Ascend Tunnel Management Protocol), 5040/tcp, 7647/tcp, 5525/tcp, 13389/tcp, 5638/tcp, 10149/tcp, 5392/tcp, 5659/tcp, 7687/tcp, 5575/tcp (Oracle Access Protocol), 5056/tcp (Intecom Pointspan 1), 10152/tcp, 10021/tcp, 5196/tcp, 9833/tcp, 10066/tcp, 5623/tcp, 5023/tcp (Htuil Server for PLD2), 7629/tcp (OpenXDAS Wire Protocol), 10386/tcp, 10072/tcp, 5160/tcp, 10324/tcp, 10345/tcp, 7552/tcp, 7549/tcp (Network Layer Signaling Transport Layer), 5286/tcp, 5631/tcp (pcANYWHEREdata), 5087/tcp, 7674/tcp (iMQ SSL tunnel), 10257/tcp, 7605/tcp, 7533/tcp, 7659/tcp, 10059/tcp, 5265/tcp (3Com Network Jack Port 2), 5573/tcp (SAS Domain Management Messaging Protocol), 10266/tcp, 10198/tcp, 5416/tcp (SNS Gateway), 10094/tcp, 7577/tcp, 5599/tcp (Enterprise Security Remote Install), 10332/tcp, 5259/tcp, 5058/tcp, 10144/tcp, 5106/tcp, 10315/tcp, 5555/tcp (Personal Agent), 10244/tcp, 10231/tcp, 10112/tcp, 5020/tcp (zenginkyo-1), 5522/tcp, 10081/tcp (FAM Archive Server), 7576/tcp, 7571/tcp, 5181/tcp, 5010/tcp (TelepathStart), 7575/tcp, 5018/tcp, 7695/tcp, 10079/tcp, 5565/tcp, 5119/tcp, 5663/tcp, 5540/tcp, 20301/tcp, 7610/tcp, 7673/tcp (iMQ STOMP Server over SSL), 5605/tcp (A4-SDUNode), 5584/tcp (BeInSync-Web), 5316/tcp (HP Device Monitor Service), 5083/tcp (Qpur File Protocol), 5512/tcp, 6666/tcp, 5409/tcp (Salient Data Server), 5357/tcp (Web Services for Devices), 5152/tcp (ESRI SDE Instance Discovery), 5570/tcp, 5546/tcp, 5373/tcp, 10223/tcp, 5003/tcp (FileMaker, Inc. - Proprietary transport), 7525/tcp, 7522/tcp, 5371/tcp, 7623/tcp, 5343/tcp (Sculptor Database Server), 5414/tcp (StatusD), 5225/tcp (HP Server), 5589/tcp, 7505/tcp, 10040/tcp, 5598/tcp (MCT Market Data Feed), 5104/tcp, 5323/tcp, 7680/tcp (Pando Media Public Distribution), 10239/tcp, 5493/tcp, 5101/tcp (Talarian_TCP), 10067/tcp, 7655/tcp, 7545/tcp (FlowAnalyzer UtilityServer), 5473/tcp, 10232/tcp, 7514/tcp, 5200/tcp (TARGUS GetData), 10103/tcp (eZrelay), 10073/tcp, 7675/tcp (iMQ Tunnel), 5159/tcp, 5620/tcp, 5015/tcp (FileMaker, Inc. - Web publishing), 5587/tcp, 10008/tcp (Octopus Multiplexer), 5351/tcp (NAT Port Mapping Protocol), 5254/tcp, 10055/tcp (Quantapoint FLEXlm Licensing Service), 10133/tcp, 5407/tcp (Foresyte-Clear), 10272/tcp, 5686/tcp, 7632/tcp, 5524/tcp, 10300/tcp, 10331/tcp, 7521/tcp, 5590/tcp, 5492/tcp, 5560/tcp, 5451/tcp, 5438/tcp, 5210/tcp, 7683/tcp, 10064/tcp, 10355/tcp, 7630/tcp (HA Web Konsole), 5229/tcp, 5173/tcp, 5463/tcp (TTL Price Proxy), 10333/tcp, 9998/tcp (Distinct32), 5241/tcp, 5505/tcp (Checkout Database), 10044/tcp, 10359/tcp, 10179/tcp, 5377/tcp, 5657/tcp, 7568/tcp, 7628/tcp (Primary Agent Work Notification), 5342/tcp, 10057/tcp, 5607/tcp, 5151/tcp (ESRI SDE Instance), 5076/tcp, 5622/tcp, 5604/tcp (A3-SDUNode), 10235/tcp, 5009/tcp (Microsoft Windows Filesystem), 5664/tcp, 7653/tcp, 10173/tcp, 5417/tcp (SNS Agent), 5627/tcp (Node Initiated Network Association Forma), 10205/tcp, 5376/tcp, 10201/tcp (Remote Server Management Service), 5472/tcp, 10263/tcp, 5637/tcp, 7555/tcp, 5527/tcp, 5521/tcp, 5489/tcp, 5683/tcp, 10048/tcp, 5017/tcp, 5661/tcp, 5478/tcp, 5561/tcp, 5415/tcp (NS Server), 10153/tcp, 5161/tcp (SNMP over SSH Transport Model), 10227/tcp, 7590/tcp, 10117/tcp (NetIQ IQCResource Managament Svc), 7511/tcp (pafec-lm), 5656/tcp, 5367/tcp, 7624/tcp (Instrument Neutral Distributed Interface), 5147/tcp, 5398/tcp (Elektron Administration), 5436/tcp, 5301/tcp (HA cluster general services), 5481/tcp, 5049/tcp (iVocalize Web Conference), 5554/tcp (SGI ESP HTTP), 5185/tcp, 7604/tcp, 10195/tcp, 10020/tcp, 7635/tcp, 5439/tcp, 10185/tcp, 10393/tcp, 10309/tcp, 10260/tcp (Axis WIMP Port), 5404/tcp (HPOMS-DPS-LSTN), 5093/tcp (Sentinel LM), 2298/tcp (D2K DataMover 2), 5291/tcp, 5427/tcp (SCO-PEER-TTA), 5510/tcp, 10035/tcp, 10320/tcp, 5221/tcp (3eTI Extensible Management Protocol for OAMP), 5324/tcp, 5379/tcp, 10174/tcp, 10183/tcp, 10137/tcp, 7654/tcp, 5011/tcp (TelepathAttack), 10184/tcp, 10387/tcp, 5526/tcp, 10252/tcp (Apollo Relay Port), 5617/tcp, 10017/tcp, 7689/tcp (Collaber Network Service), 5446/tcp, 5488/tcp, 5457/tcp, 5452/tcp, 6506/tcp (BoKS Admin Public Port), 7652/tcp, 10172/tcp, 5422/tcp (Salient MUX), 7557/tcp, 10369/tcp, 5016/tcp, 10208/tcp, 5556/tcp (Freeciv gameplay), 10243/tcp, 5688/tcp (GGZ Gaming Zone), 7599/tcp, 5696/tcp, 5048/tcp (Texai Message Service), 5384/tcp, 10290/tcp, 5433/tcp (Pyrrho DBMS), 5374/tcp, 5352/tcp (DNS Long-Lived Queries), 5628/tcp (HTrust API), 10106/tcp, 10001/tcp (SCP Configuration), 5347/tcp, 5381/tcp, 5504/tcp (fcp-cics-gw1), 5176/tcp, 5156/tcp (Russian Online Game), 5179/tcp, 5508/tcp, 7596/tcp, 7625/tcp, 7600/tcp, 5424/tcp (Beyond Remote), 5394/tcp, 10141/tcp, 5292/tcp, 5341/tcp, 7500/tcp (Silhouette User), 5111/tcp (TAEP AS service), 5684/tcp, 10110/tcp (NMEA-0183 Navigational Data), 5454/tcp (APC 5454), 10171/tcp, 5502/tcp (fcp-srvr-inst1), 5651/tcp, 5350/tcp (NAT-PMP Status Announcements), 5378/tcp, 5386/tcp, 5006/tcp (wsm server), 5420/tcp (Cylink-C), 5050/tcp (multimedia conference control tool), 5275/tcp, 7620/tcp, 7537/tcp, 10092/tcp, 5208/tcp, 5511/tcp, 6606/tcp, 10014/tcp, 33390/tcp, 5001/tcp (commplex-link), 5157/tcp (Mediat Remote Object Exchange), 5445/tcp, 10101/tcp (eZmeeting), 5447/tcp, 10399/tcp, 5624/tcp, 5636/tcp (SFMdb - SFM DB server), 5411/tcp (ActNet), 5618/tcp, 7648/tcp (bonjour-cuseeme), 5340/tcp, 10087/tcp, 5458/tcp, 10088/tcp, 5665/tcp, 5005/tcp (RTP control protocol [RFC 3551][RFC 4571]), 2289/tcp (Lookup dict server), 5268/tcp, 33389/tcp, 5580/tcp (T-Mobile SMS Protocol Message 0), 5449/tcp, 33890/tcp, 10164/tcp, 5299/tcp (NLG Data Service), 10145/tcp, 10047/tcp, 10259/tcp, 10169/tcp, 5166/tcp (WinPCS Service Connection), 5531/tcp, 5370/tcp, 5317/tcp, 10108/tcp, 7551/tcp, 5410/tcp (Salient User Manager), 5070/tcp (VersaTrans Server Agent Service), 7602/tcp, 5149/tcp, 10007/tcp (MVS Capacity), 5315/tcp (HA Cluster UDP Polling), 5026/tcp (Storix I/O daemon (data)), 5260/tcp, 5462/tcp (TTL Publisher), 10111/tcp, 5403/tcp (HPOMS-CI-LSTN), 5098/tcp, 5251/tcp (CA eTrust VM Service), 5211/tcp, 7556/tcp, 5465/tcp (NETOPS-BROKER), 7631/tcp (TESLA System Messaging), 5327/tcp, 5000/tcp (commplex-main), 5099/tcp (SentLM Srv2Srv), 10248/tcp, 5202/tcp (TARGUS GetData 2), 5399/tcp (SecurityChase), 5503/tcp (fcp-srvr-inst2), 5552/tcp, 5479/tcp, 5055/tcp (UNOT), 7580/tcp, 10167/tcp, 5682/tcp, 10350/tcp, 5271/tcp (/tdp   StageSoft CueLink messaging), 5308/tcp (CFengine), 5236/tcp (padl2sim), 5198/tcp, 5120/tcp, 5153/tcp (ToruX Game Server), 5541/tcp, 5610/tcp, 7670/tcp, 7539/tcp, 5325/tcp, 7565/tcp, 5680/tcp (Auriga Router Service), 5648/tcp, 5461/tcp (SILKMETER), 5122/tcp, 10268/tcp, 10217/tcp, 10146/tcp, 5204/tcp, 10335/tcp, 10062/tcp, 10246/tcp, 5466/tcp, 5396/tcp, 5639/tcp, 10042/tcp, 5293/tcp, 5467/tcp, 5197/tcp, 5608/tcp, 5673/tcp (JACL Message Server), 7677/tcp (Sun App Server - HTTPS), 10275/tcp, 5369/tcp, 7613/tcp, 10298/tcp, 1089/tcp (FF Annunciation), 5073/tcp (Advantage Group Port Mgr), 5154/tcp (BZFlag game server), 10083/tcp, 7667/tcp, 5428/tcp (TELACONSOLE), 5365/tcp, 10207/tcp, 5307/tcp (SCO AIP), 5538/tcp, 10161/tcp (SNMP-TLS), 10265/tcp, 5585/tcp (BeInSync-sync), 5498/tcp, 5257/tcp, 5027/tcp (Storix I/O daemon (stat)), 5435/tcp (SCEANICS situation and action notification), 7615/tcp, 5693/tcp, 5021/tcp (zenginkyo-2), 5542/tcp, 10337/tcp, 5669/tcp, 5089/tcp, 10197/tcp, 5054/tcp (RLM administrative interface), 5594/tcp, 5107/tcp, 5053/tcp (RLM License Server), 1010/tcp (surf), 5046/tcp, 7662/tcp, 5544/tcp, 5654/tcp, 5543/tcp, 5295/tcp, 5603/tcp (A1-BS), 5302/tcp (HA cluster configuration), 7664/tcp, 5464/tcp (Quail Networks Object Broker), 10175/tcp, 10078/tcp, 5032/tcp, 7627/tcp (SOAP Service Port), 23389/tcp, 5609/tcp, 5366/tcp, 5232/tcp, 10051/tcp (Zabbix Trapper), 5030/tcp (SurfPass), 5645/tcp, 7536/tcp, 10190/tcp, 5322/tcp, 5079/tcp, 5557/tcp (Sandlab FARENET), 5677/tcp (Quest Central DB2 Launchr), 10113/tcp (NetIQ Endpoint), 5564/tcp, 5558/tcp, 3308/tcp (TNS Server), 7558/tcp, 5313/tcp (Real-time & Reliable Data), 10353/tcp, 10199/tcp, 5180/tcp, 5566/tcp (Westec Connect), 10258/tcp, 5591/tcp, 5485/tcp, 5065/tcp (Channel Access 2), 7506/tcp, 5596/tcp, 5434/tcp (SGI Array Services Daemon), 5583/tcp (T-Mobile SMS Protocol Message 2), 5600/tcp (Enterprise Security Manager), 5412/tcp (Continuus), 7572/tcp, 5115/tcp (Symantec Autobuild Service), 10063/tcp, 10039/tcp, 10158/tcp, 5423/tcp (VIRTUALUSER), 5611/tcp, 7570/tcp (Aries Kfinder), 10400/tcp, 5248/tcp (CA Access Control Web Service), 7510/tcp (HP OpenView Application Server), 7621/tcp, 5400/tcp (Excerpt Search), 7672/tcp (iMQ STOMP Server), 7523/tcp, 10041/tcp, 5616/tcp, 5051/tcp (ITA Agent), 7583/tcp, 33089/tcp, 5419/tcp (DJ-ICE), 7550/tcp, 5455/tcp (APC 5455), 5649/tcp, 5595/tcp, 5548/tcp, 10143/tcp, 10212/tcp, 5335/tcp, 5375/tcp, 5496/tcp, 10240/tcp, 5014/tcp, 5574/tcp (SAS IO Forwarding), 10181/tcp, 5634/tcp (SF Message Service), 5588/tcp, 5206/tcp, 10075/tcp, 10218/tcp, 5141/tcp, 7660/tcp, 10155/tcp, 5630/tcp (PreciseCommunication), 5155/tcp (Oracle asControl Agent), 10228/tcp, 7544/tcp (FlowAnalyzer DisplayServer), 7573/tcp, 5658/tcp, 10341/tcp, 5125/tcp, 7668/tcp, 5551/tcp, 5694/tcp, 5199/tcp, 10224/tcp, 10132/tcp, 10095/tcp, 5246/tcp, 5476/tcp, 7609/tcp, 7698/tcp, 5227/tcp (HP System Performance Metric Service), 10215/tcp, 5002/tcp (radio free ethernet), 5443/tcp (Pearson HTTPS), 5550/tcp, 5388/tcp, 10126/tcp, 5668/tcp, 5146/tcp (Social Alarm Service), 10180/tcp, 10139/tcp, 5045/tcp (Open Settlement Protocol), 5494/tcp, 5480/tcp, 5653/tcp, 10031/tcp, 10318/tcp, 5224/tcp (HP Virtual Machine Console Operations), 7585/tcp, 10374/tcp, 5339/tcp, 5515/tcp, 5028/tcp (Quiqum Virtual Relais), 7597/tcp, 10119/tcp, 5068/tcp (Bitforest Data Service), 10016/tcp, 10357/tcp, 5440/tcp, 5108/tcp, 5641/tcp, 5283/tcp, 5267/tcp, 5029/tcp (Infobright Database Server), 10302/tcp, 7543/tcp (atul server), 5475/tcp, 10193/tcp, 43389/tcp, 5569/tcp, 7593/tcp, 5553/tcp (SGI Eventmond Port), 5629/tcp (Symantec Storage Foundation for Database), 5034/tcp, 33892/tcp, 10316/tcp, 20002/tcp (Commtact HTTP), 7642/tcp, 10027/tcp, 10036/tcp, 5391/tcp, 7789/tcp (Office Tools Pro Receive), 5660/tcp, 7684/tcp, 5582/tcp (T-Mobile SMS Protocol Message 3), 10033/tcp, 5448/tcp, 5262/tcp, 5429/tcp (Billing and Accounting System Exchange), 7592/tcp, 5460/tcp, 5103/tcp (Actifio C2C), 5328/tcp, 5401/tcp (Excerpt Search Secure), 33891/tcp, 10261/tcp, 5121/tcp, 5253/tcp (Kohler Power Device Protocol), 5134/tcp (PP ActivationServer), 7561/tcp, 5355/tcp (LLMNR), 5483/tcp, 5024/tcp (SCPI-TELNET), 7529/tcp, 5092/tcp, 5044/tcp (LXI Event Service), 10391/tcp, 5497/tcp, 10069/tcp, 5250/tcp (soaGateway), 5385/tcp, 10289/tcp, 5534/tcp, 50321/tcp, 5519/tcp, 7638/tcp, 5097/tcp, 10045/tcp, 5484/tcp, 5520/tcp, 5095/tcp, 10102/tcp (eZproxy), 10213/tcp, 10191/tcp, 5217/tcp, 5127/tcp, 5593/tcp, 5158/tcp, 5052/tcp (ITA Manager), 5004/tcp (RTP media data [RFC 3551][RFC 4571]), 7694/tcp, 10327/tcp, 7616/tcp, 10292/tcp, 5687/tcp, 5568/tcp (Session Data Transport Multicast), 5279/tcp, 5074/tcp (ALES Query), 5700/tcp, 5337/tcp, 5675/tcp (V5UA application port), 5453/tcp (SureBox), 5562/tcp, 5581/tcp (T-Mobile SMS Protocol Message 1), 5025/tcp (SCPI-RAW), 5577/tcp, 5689/tcp (QM video network management protocol), 5078/tcp, 33391/tcp, 5222/tcp (XMPP Client Connection), 10322/tcp, 5144/tcp, 5632/tcp (pcANYWHEREstat), 7588/tcp (Sun License Manager), 5579/tcp (FleetDisplay Tracking Service), 7663/tcp, 5535/tcp, 5477/tcp, 5397/tcp (StressTester(tm) Injector), 5646/tcp, 5312/tcp (Permabit Client-Server), 5572/tcp, 5310/tcp (Outlaws), 5676/tcp (RA Administration), 5418/tcp (MCNTP), 10250/tcp, 10165/tcp, 7671/tcp, 5643/tcp, 10138/tcp, 7546/tcp (Cisco Fabric service), 10022/tcp, 5685/tcp, 10317/tcp, 10347/tcp, 10398/tcp, 5578/tcp, 10378/tcp, 5081/tcp (SDL - Ent Trans Server), 5626/tcp, 5389/tcp, 5432/tcp (PostgreSQL Database), 10071/tcp, 7619/tcp, 5652/tcp, 10368/tcp, 7520/tcp, 5132/tcp, 5537/tcp, 10074/tcp, 7586/tcp, 2020/tcp (xinupageserver), 10360/tcp, 5169/tcp, 5041/tcp, 5671/tcp (amqp protocol over TLS/SSL), 10339/tcp, 10283/tcp, 5456/tcp (APC 5456), 5393/tcp, 10131/tcp, 10127/tcp, 5022/tcp (mice server), 7665/tcp, 10242/tcp, 5679/tcp (Direct Cable Connect Manager), 5450/tcp, 5077/tcp, 10269/tcp, 10068/tcp, 5413/tcp (WWIOTALK), 5338/tcp, 5691/tcp, 5500/tcp (fcp-addr-srvr1), 5559/tcp, 5486/tcp, 10130/tcp, 7649/tcp, 10148/tcp, 5426/tcp (DEVBASIC), 5118/tcp, 7548/tcp (Threat Information Distribution Protocol), 7651/tcp, 5633/tcp (BE Operations Request Listener), 5012/tcp (NetOnTap Service), 5080/tcp (OnScreen Data Collection Service), 7699/tcp, 7501/tcp (HP OpenView Bus Daemon), 5105/tcp, 7656/tcp, 10025/tcp, 5143/tcp, 7581/tcp, 7560/tcp (Sniffer Command Protocol), 7591/tcp, 5528/tcp, 5499/tcp, 7626/tcp (SImple Middlebox COnfiguration (SIMCO) Server), 10084/tcp, 5530/tcp, 5212/tcp, 7509/tcp (ACPLT - process automation service), 7611/tcp, 5336/tcp, 5031/tcp, 10162/tcp (SNMP-Trap-TLS), 5172/tcp, 10370/tcp, 10245/tcp, 5348/tcp, 5082/tcp (Qpur Communication Protocol), 5468/tcp, 10282/tcp, 10221/tcp, 5042/tcp (asnaacceler8db), 5228/tcp (HP Virtual Room Service), 10090/tcp, 7681/tcp, 7637/tcp, 5109/tcp, 10038/tcp, 10189/tcp, 5284/tcp, 10203/tcp, 5506/tcp (Amcom Mobile Connect), 10114/tcp (NetIQ Qcheck), 5612/tcp, 5165/tcp (ife_1corp), 5277/tcp, 5619/tcp, 10093/tcp, 5647/tcp, 5667/tcp, 5205/tcp, 7650/tcp, 7594/tcp, 54321/tcp, 10382/tcp, 5444/tcp, 5261/tcp, 10206/tcp, 5075/tcp, 5501/tcp (fcp-addr-srvr2), 10043/tcp, 5471/tcp, 5382/tcp, 5131/tcp, 5311/tcp, 5408/tcp (Foresyte-Sec), 5287/tcp, 10295/tcp, 5033/tcp, 5662/tcp, 10151/tcp, 7528/tcp, 10210/tcp, 5615/tcp, 39833/tcp, 5507/tcp, 5130/tcp, 10388/tcp, 5047/tcp, 5234/tcp (EEnet communications), 5523/tcp, 5533/tcp, 5586/tcp, 5697/tcp, 10006/tcp, 5007/tcp (wsm server ssl), 5174/tcp, 5532/tcp, 5334/tcp, 5330/tcp, 5547/tcp, 5644/tcp.
      
BHD Honeypot
Port scan
2019-11-14

In the last 24h, the attacker (93.174.95.41) attempted to scan 1083 ports.
The following ports have been scanned: 3846/tcp (Astare Network PCP), 3574/tcp (DMAF Server), 4265/tcp, 4010/tcp (Samsung Unidex), 3019/tcp (Resource Manager), 4033/tcp (SANavigator Peer Port), 4172/tcp (PC over IP), 3920/tcp (Exasoft IP Port), 4271/tcp, 3282/tcp (Datusorb), 4018/tcp (Talarian Mcast), 4167/tcp (DeskDirect Global Network), 4298/tcp, 3123/tcp (EDI Translation Protocol), 4178/tcp (StorMan), 4103/tcp (Braille protocol), 4117/tcp (Hillr Connection Manager), 3975/tcp (Air Shot), 4199/tcp (EIMS ADMIN), 4137/tcp (Classic Line Database Server Remote), 4027/tcp (bitxpress), 3252/tcp (DHE port), 3736/tcp (RealSpace RMI), 4203/tcp, 4052/tcp (VoiceConnect Interact), 4098/tcp (drmsfsd), 4285/tcp, 4156/tcp (STAT Results), 4171/tcp (Maxlogic Supervisor Communication), 3551/tcp (Apcupsd Information Port), 3758/tcp (apw RMI registry), 4195/tcp, 4145/tcp (VVR Control), 4204/tcp, 4129/tcp (NuFW authentication protocol), 3216/tcp (Ferrari electronic FOAM), 4284/tcp, 4207/tcp, 4006/tcp (pxc-spvr), 3870/tcp (hp OVSAM HostAgent Disco), 4123/tcp (Zensys Z-Wave Control Protocol), 3321/tcp (VNSSTR), 4183/tcp (General Metaverse Messaging Protocol), 4279/tcp, 4187/tcp (Cascade Proxy), 3389/tcp (MS WBT Server), 4090/tcp (OMA BCAST Service Guide), 4051/tcp (Cisco Peer to Peer Distribution Protocol), 4159/tcp (Network Security Service), 3686/tcp (Trivial Network Management), 4154/tcp (atlinks device discovery), 4119/tcp (Assuria Log Manager), 4208/tcp, 4086/tcp, 3673/tcp (Openview Media Vault GUI), 4201/tcp, 4046/tcp (Accounting Protocol), 4036/tcp (WAP Push OTA-HTTP secure), 4177/tcp (Wello P2P pubsub service), 3570/tcp (MCC Web Server Port), 4173/tcp, 3527/tcp (VERITAS Backup Exec Server), 4002/tcp (pxc-spvr-ft), 4068/tcp (IP Fleet Broadcast), 4192/tcp (Azeti Agent Service), 3694/tcp, 4254/tcp, 4221/tcp, 4247/tcp, 3195/tcp (Network Control Unit), 4273/tcp, 4275/tcp, 4041/tcp (Rocketeer-Houston), 4149/tcp (A10 GSLB Service), 3344/tcp (BNT Manager), 3403/tcp, 3878/tcp (FotoG CAD interface), 4160/tcp (Jini Discovery), 4008/tcp (NetCheque accounting), 3780/tcp (Nuzzler Network Protocol), 3663/tcp (DIRECWAY Tunnel Protocol), 4038/tcp (Fazzt Point-To-Point), 4130/tcp (FRONET message protocol), 4067/tcp (Information Distribution Protocol), 4014/tcp (TAICLOCK), 3236/tcp (appareNet Test Server), 3245/tcp (VIEO Fabric Executive), 4282/tcp, 3383/tcp (Enterprise Software Products License Manager), 4264/tcp, 4164/tcp (Silver Peak Communication Protocol), 4244/tcp, 4039/tcp (Fazzt Administration), 3898/tcp (IAS, Inc. SmartEye NET Internet Protocol), 3597/tcp (A14 (AN-to-SC/MM)), 4184/tcp (UNIVERSE SUITE MESSAGE SERVICE), 4189/tcp (Path Computation Element Communication Protocol), 4139/tcp (Imperfect Networks Server), 4094/tcp (sysrq daemon), 4146/tcp (TGCConnect Beacon), 3909/tcp (SurfControl CPA), 4144/tcp, 3120/tcp (D2000 Webserver Port), 3823/tcp (Compute Pool Conduit), 4188/tcp (Vatata Peer to Peer Protocol), 4030/tcp (Accell/JSP Daemon Port), 4237/tcp, 4035/tcp (WAP Push OTA-HTTP port), 4222/tcp, 3197/tcp (Embrace Device Protocol Server), 3215/tcp (JMQ Daemon Port 2), 4289/tcp, 4253/tcp, 3013/tcp (Gilat Sky Surfer), 4185/tcp (Woven Control Plane Protocol), 4079/tcp (SANtools Diagnostic Server), 4230/tcp, 4163/tcp (Silver Peak Peer Protocol), 4088/tcp (Noah Printing Service Protocol), 4049/tcp (Wide Area File Services), 3886/tcp (NEI management port), 3008/tcp (Midnight Technologies), 3224/tcp (AES Discovery Port), 3267/tcp (IBM Dial Out), 4295/tcp, 4300/tcp (Corel CCam), 4246/tcp, 4001/tcp (NewOak), 4059/tcp (DLMS/COSEM), 3596/tcp (Illusion Wireless MMOG), 4238/tcp, 4013/tcp (ACL Manager), 4074/tcp (Cequint City ID UI trigger), 3199/tcp (DMOD WorkSpace), 4045/tcp (Network Paging Protocol), 4278/tcp, 3122/tcp (MTI VTR Emulator port), 4153/tcp (MBL Remote Battery Monitoring), 4251/tcp, 3768/tcp (rblcheckd server daemon), 3784/tcp (BFD Control Protocol), 4292/tcp, 3965/tcp (Avanti IP to NCPE API), 3000/tcp (RemoteWare Client), 4266/tcp, 4076/tcp (Seraph DCS), 4262/tcp, 4209/tcp, 4060/tcp (DSMETER Inter-Agent Transfer Channel), 4150/tcp (PowerAlert Network Shutdown Agent), 4212/tcp, 3964/tcp (SASG GPRS), 4044/tcp (Location Tracking Protocol), 3576/tcp (Coalsere CMC Port), 4075/tcp (ISC Alarm Message Service), 3332/tcp (MCS Mail Server), 4012/tcp (PDA Gate), 4022/tcp (DNOX), 4136/tcp (Classic Line Database Server Request), 4109/tcp (Instantiated Zero-control Messaging), 4257/tcp, 4047/tcp (Context Transfer Protocol), 4252/tcp, 4106/tcp (Synchronite), 4267/tcp, 4021/tcp (Nexus Portal), 3484/tcp (GBS SnapTalk Protocol), 4198/tcp, 4096/tcp (BRE (Bridge Relay Element)), 4115/tcp (CDS Transfer Agent), 4077/tcp, 4000/tcp (Terabase), 3160/tcp (TIP Application Server), 4028/tcp (DTServer Port), 4176/tcp (Translattice Cluster IPC Proxy), 4155/tcp (Bazaar version control system), 4205/tcp, 3080/tcp (stm_pproc), 3516/tcp (Smartcard Port), 4016/tcp (Talarian Mcast), 4287/tcp, 4202/tcp, 4133/tcp (NUTS Bootp Server), 4169/tcp (Automation Drive Interface Transport), 4102/tcp (Braille protocol), 4216/tcp, 3490/tcp (Colubris Management Port), 3386/tcp (GPRS Data), 4158/tcp (STAT Command Center), 3647/tcp (Splitlock Gateway), 3223/tcp (DIGIVOTE (R) Vote-Server), 3519/tcp (Netvion Messenger Port), 4072/tcp (Zieto Socket Communications), 4272/tcp, 4070/tcp (Trivial IP Encryption (TrIPE)), 3192/tcp (FireMon Revision Control), 3561/tcp (BMC-OneKey), 3456/tcp (VAT default data), 3200/tcp (Press-sense Tick Port), 3311/tcp (MCNS Tel Ret), 4213/tcp, 4085/tcp (EZNews Newsroom Message Service), 3173/tcp (SERVERVIEW-ICC), 4210/tcp, 3919/tcp (HyperIP), 4029/tcp (IP Q signaling protocol), 3943/tcp (TetraNode Ip Gateway), 4175/tcp (Brocade Cluster Communication Protocol), 3585/tcp (Emprise License Server), 3675/tcp (CallTrax Data Port), 4054/tcp (CosmoCall Universe Communications Port 2), 4283/tcp, 4141/tcp (Workflow Server), 4200/tcp (-4299  VRML Multi User Systems), 4215/tcp, 4239/tcp, 4140/tcp (Cedros Fraud Detection System), 4291/tcp, 4058/tcp (Kingfisher protocol), 4161/tcp (OMS Contact), 4114/tcp (JomaMQMonitor), 3392/tcp (EFI License Management), 4168/tcp (PrintSoft License Server), 4281/tcp, 3952/tcp (I3 Session Manager), 3640/tcp (Netplay Port 1), 4104/tcp (Braille protocol), 4182/tcp (Production Company Pro TCP Service), 4166/tcp (Joost Peer to Peer Protocol), 4116/tcp (smartcard-TLS), 3513/tcp (Adaptec Remote Protocol), 3001/tcp, 3946/tcp (BackupEDGE Server), 4225/tcp, 4226/tcp, 4095/tcp (xtgui information service), 3209/tcp (HP OpenView Network Path Engine Server), 4224/tcp, 3378/tcp (WSICOPY), 4043/tcp (Neighbour Identity Resolution), 4148/tcp (HHB Handheld Client), 3683/tcp (BMC EDV/EA), 4128/tcp (NuFW decision delegation protocol), 3024/tcp (NDS_SSO), 3702/tcp (Web Service Discovery), 4235/tcp, 3074/tcp (Xbox game port), 3295/tcp (Dynamic IP Lookup), 4296/tcp, 4025/tcp (Partition Image Port), 3070/tcp (MGXSWITCH), 4111/tcp (Xgrid), 4269/tcp, 4057/tcp (Servigistics WFM server), 3674/tcp (WinINSTALL IPC Port), 4121/tcp (e-Builder Application Communication), 4217/tcp, 4093/tcp (Pvx Plus CS Host), 4053/tcp (CosmoCall Universe Communications Port 1), 4223/tcp, 4084/tcp, 4101/tcp (Braille protocol), 4206/tcp, 4127/tcp (NetUniKeyServer), 4191/tcp, 3147/tcp (RFIO), 4228/tcp, 3346/tcp (Trnsprnt Proxy), 4256/tcp, 4003/tcp (pxc-splr-ft), 4024/tcp (TNP1 User Port), 3010/tcp (Telerate Workstation), 4234/tcp, 4142/tcp (Document Server), 4080/tcp (Lorica inside facing), 3682/tcp (EMC SmartPackets-MAPI), 4100/tcp (IGo Incognito Data Port), 4138/tcp (nettest), 3036/tcp (Hagel DUMP), 3888/tcp (Ciphire Services), 3082/tcp (TL1-RAW), 4260/tcp, 3413/tcp (SpecView Networking), 3510/tcp (XSS Port), 3180/tcp (Millicent Broker Server), 4290/tcp, 3042/tcp (journee), 4214/tcp, 4061/tcp (Ice Location Service (TCP)), 3232/tcp (MDT port), 4135/tcp (Classic Line Database Server Attach), 3664/tcp (UPS Engine Port), 4004/tcp (pxc-roid), 4255/tcp, 3525/tcp (EIS Server port), 4034/tcp (Ubiquinox Daemon), 4017/tcp (Talarian Mcast), 4020/tcp (TRAP Port), 4055/tcp (CosmoCall Universe Communications Port 3), 4219/tcp, 3190/tcp (ConServR Proxy), 3181/tcp (BMC Patrol Agent), 3955/tcp (p2pCommunity), 4165/tcp (ArcLink over Ethernet), 4233/tcp, 3523/tcp (Odeum Serverlink), 4120/tcp, 3704/tcp (Adobe Server 4), 4242/tcp, 3374/tcp (Cluster Disc), 3462/tcp (EDM STD Notify), 4299/tcp, 4211/tcp, 4261/tcp, 4147/tcp (Multum Service Manager), 4181/tcp (MacBak), 4124/tcp (Rohill TetraNode Ip Gateway v2), 4110/tcp (G2 RFID Tag Telemetry Data), 4132/tcp (NUTS Daemon), 4162/tcp (OMS Topology), 4274/tcp, 4078/tcp (Coordinated Security Service Protocol), 4040/tcp (Yo.net main service), 3904/tcp (Arnet Omnilink Port), 3177/tcp (Phonex Protocol), 3217/tcp (Unified IP & Telecom Environment), 3889/tcp (D and V Tester Control Port), 3360/tcp (KV Server), 4091/tcp (EminentWare Installer), 4099/tcp (DPCP), 4194/tcp, 3418/tcp (Remote nmap), 4118/tcp (Netadmin Systems NETscript service), 4032/tcp (VERITAS Authorization Service), 4009/tcp (Chimera HWM), 4071/tcp (Automatically Incremental Backup), 3089/tcp (ParaTek Agent Linking), 3614/tcp (Invensys Sigma Port), 4125/tcp (Opsview Envoy), 4087/tcp (APplus Service), 4186/tcp (Box Backup Store Service), 3172/tcp (SERVERVIEW-RM), 4240/tcp, 4019/tcp (Talarian Mcast), 4015/tcp (Talarian Mcast), 3094/tcp (Jiiva RapidMQ Registry), 3459/tcp (TIP Integral), 3201/tcp (CPQ-TaskSmart), 4151/tcp (Men & Mice Remote Control), 4069/tcp (Minger Email Address Validation Service), 3333/tcp (DEC Notes), 4248/tcp, 3178/tcp (Radiance UltraEdge Port), 4089/tcp (OpenCORE Remote Control Service), 3307/tcp (OP Session Proxy), 4062/tcp (Ice Location Service (SSL)), 4263/tcp, 3440/tcp (Net Steward Mgmt Console), 4157/tcp (STAT Scanner Control), 4270/tcp, 4179/tcp (Maxum Services), 4108/tcp (ACCEL), 3268/tcp (Microsoft Global Catalog), 3366/tcp (Creative Partner), 4193/tcp (PxPlus remote file srvr), 3623/tcp (HAIPIS Dynamic Discovery), 4288/tcp, 4258/tcp, 4286/tcp, 3027/tcp (LiebDevMgmt_C), 4280/tcp, 4231/tcp, 4112/tcp (Apple VPN Server Reporting Protocol), 4218/tcp, 3014/tcp (Broker Service), 4245/tcp, 4196/tcp, 4180/tcp (HTTPX), 4092/tcp (EminentWare DGS), 4105/tcp (ShofarPlayer), 3119/tcp (D2000 Kernel Port), 4126/tcp (Data Domain Replication Service), 4227/tcp, 4232/tcp, 4297/tcp, 4073/tcp (iRAPP Server Protocol), 4082/tcp (Lorica outside facing), 3996/tcp (abcsoftware-01), 3761/tcp (gsakmp port), 3185/tcp (SuSE Meta PPPD), 4152/tcp (iDigTech Multiplex), 4048/tcp, 3992/tcp (BindView-DirectoryServer), 4042/tcp (LDXP), 4083/tcp (Lorica outside facing (SSL)), 4113/tcp (AIPN LS Registration), 4276/tcp, 4241/tcp, 4107/tcp (JDL Accounting LAN Service), 4064/tcp (Ice Firewall Traversal Service (SSL)), 4011/tcp (Alternate Service Boot), 4037/tcp (RaveHD network control), 4249/tcp, 4236/tcp, 3796/tcp (Spaceway Dialer), 4174/tcp, 4229/tcp, 4122/tcp (Fiber Patrol Alarm Service), 3871/tcp (Avocent DS Authorization), 4031/tcp (UUCP over SSL), 4066/tcp (Performance Measurement and Analysis), 4097/tcp (Patrol View), 3004/tcp (Csoft Agent), 4220/tcp, 4197/tcp, 4259/tcp, 3171/tcp (SERVERVIEW-GF), 4134/tcp (NIFTY-Serve HMI protocol), 3250/tcp (HMS hicp port), 3135/tcp (PeerBook Port), 4243/tcp, 4081/tcp (Lorica inside facing (SSL)), 4065/tcp (Avanti Common Data), 3150/tcp (NetMike Assessor Administrator), 4026/tcp (Graphical Debug Server), 4023/tcp (ESNM Zoning Port), 3259/tcp (Epson Network Common Devi), 4131/tcp (Global Maintech Stars), 4143/tcp (Document Replication), 4007/tcp (pxc-splr), 3108/tcp (Geolocate protocol), 3319/tcp (SDT License Manager), 3388/tcp (CB Server), 3947/tcp (Connect and Control Protocol for Consumer, Commercial, and Industrial Electronic Devices), 3805/tcp (ThorGuard Server Port), 4005/tcp (pxc-pin), 3088/tcp (eXtensible Data Transfer Protocol), 4063/tcp (Ice Firewall Traversal Service (TCP)), 4190/tcp (ManageSieve Protocol), 4294/tcp, 3844/tcp (RNM), 3461/tcp (EDM Stager), 4056/tcp (Location Message Service), 3937/tcp (DVB Service Discovery), 4250/tcp, 4170/tcp (SMPTE Content Synchonization Protocol), 4050/tcp (Wide Area File Services), 4293/tcp, 3191/tcp (ConServR SSL Proxy), 4268/tcp, 4277/tcp.
      

Blacklist

Near real-time, easy to use data feed containing IPs reported on our website.

Bronze

$3

Updated daily

Learn More

Silver

$15

Updated every hour

Learn More

Gold

$30

Updated every 10 minutes

Learn More

Remarks

Black hat directory contains this IP address, because Internet users reported it as an address making unsolicited, nagging requests. We make every effort to ensure that the information contained in the Black hat directory are correct and up to date. The database is developed and updated by Internet users and moderators.

If you have any reliable information regarding malicious activity originating from this IP address, please share it with others and fill in the 'Report breach' form. It is prohibited from adding personally identifiable information.

Below breach categories are used in the database:

  • Denial of service attack - this attack is accomplished by flooding the target with massive amount of requests in order to overload the targeted system
  • Brute force attack - this category encompasses attempts to login to machine by trying many passwords and usernames
  • Backdoor attack - this category represents bypassing authentication by hidden programs or services to obtain remote access to a computer or trojan activity
  • Port scan - represents attackers identifying running services on the targeted machine by probing a server for open ports
  • Malicious bot - this category encompasses all bots performing unsolicited requests or ignoring robots.txt file
  • Anonymous proxy - public proxies like Tor, I2P relays or anonymous VPNs are often used by attacker to hide his identity
  • Web attack - attempts to exploit web application security flaws
  • CMS attack - attempts to exploit CMS vulnerability
  • App vulnerability attack - attempts to exploit other applications vulnerability
  • Web spam - encompasses all kind of HTTP spamming
  • Email spam - encompasses all kind of E-mail spamming
  • Dodgy activity - this category encompasses superfluous, dodgy requests

Similar hosts

Hosts with the same ASN

Report breach!

Rate host 93.174.95.41