Note: I am not currently running PSAD at home. This page just has archival data collected over about two years. This is what the typical output looks like though.
PORT SCAN ATTACK DETECTOR (PSAD)

This page contains the output of the Port Scan Attack Detector (PSAD) daemon running on my home network.

These statistics were tracked since Mon August 3, 2020.  Read more here:  PSAD on Raspberry Pi

Click here to show the various live data being tracked:

Last Attacks  |  Top Attackers  |  Top Signatures  |  Top Ports
Last SeenFirst SeenIP AddressCountryPorts TargetedOSINT Links
Sat Sep 24 00:02:03 2022Sun Nov 1 20:29:39 2020 5.188.206.38 EU27859[1] [2] [3]
Sat Sep 24 00:01:40 2022Fri May 14 13:42:02 2021 89.248.165.87 NL46486[1] [2] [3]
Sat Sep 24 00:01:40 2022Mon Jul 18 19:32:24 2022 45.61.184.10 US5555[1] [2] [3]
Sat Sep 24 00:01:33 2022Fri Sep 23 11:10:18 2022 91.218.115.241 RU4643[1] [2] [3]
Sat Sep 24 00:01:19 2022Tue Sep 20 03:30:55 2022 89.248.163.189 NL3324[1] [2] [3]
Sat Sep 24 00:01:19 2022Tue Mar 9 13:48:18 2021 111.7.96.139 CN3114[1] [2] [3]
Sat Sep 24 00:01:12 2022Mon Apr 5 19:00:48 2021 193.57.40.49 EU53315[1] [2] [3]
Sat Sep 24 00:01:05 2022Sat Aug 27 22:52:33 2022 103.199.201.106 IN2323[1] [2] [3]
Sat Sep 24 00:00:49 2022Mon Sep 19 11:35:56 2022 187.188.166.152 MX3411[1] [2] [3]
Sat Sep 24 00:00:49 2022Fri Mar 26 01:09:53 2021 64.62.197.238 US8883[1] [2] [3]
Sat Sep 24 00:00:08 2022Sat Feb 5 08:37:09 2022 162.142.125.254 US57752[1] [2] [3]
Sat Sep 24 00:00:01 2022Mon Sep 19 12:05:07 2022 198.98.59.132 US9010[1] [2] [3]
Sat Sep 24 00:00:01 2022Fri Sep 23 10:21:03 2022 110.180.165.62 CN23[1] [2] [3]
Fri Sep 23 23:59:27 2022Wed Jul 7 06:25:30 2021 91.191.209.14 EU6654[1] [2] [3]
Fri Sep 23 23:59:20 2022Thu Sep 22 16:45:00 2022 174.138.47.162 US80[1] [2] [3]
Fri Sep 23 23:59:07 2022Tue Aug 30 11:59:32 2022 192.241.215.232 US443[1] [2] [3]
Fri Sep 23 23:59:07 2022Wed Apr 13 06:35:01 2022 185.196.220.27 DE6908[1] [2] [3]
Fri Sep 23 23:57:44 2022Tue Nov 9 02:42:58 2021 167.94.146.22 US51843[1] [2] [3]
Fri Sep 23 23:57:44 2022Sat Oct 17 00:56:25 2020 162.142.125.82 US12421[1] [2] [3]
Fri Sep 23 23:57:30 2022Mon Sep 19 20:14:06 2022 123.160.221.59 CN12503[1] [2] [3]
Last SeenHitsIP AddressCountryHosting ProviderOSINT Links
Fri Jan 21 15:07:16 202220045989.248.165.247NLORG-IVI1-RIPE [1] [2] [3]
Fri Jun 10 02:18:34 20229046989.248.165.248NLORG-IVI1-RIPE [1] [2] [3]
Tue Nov 16 08:33:56 202187142185.156.73.17NLOOO SibirInvest [1] [2] [3]
Fri Nov 5 11:37:52 202181348185.191.34.90RUIT Resheniya LLC [1] [2] [3]
Mon Feb 28 00:07:44 20227563494.232.45.4RUDmitriy Panchenko [1] [2] [3]
Sat Sep 24 00:01:40 20227058789.248.165.87NLORG-IVI1-RIPE [1] [2] [3]
Thu Aug 4 07:42:11 202252029193.201.9.43RUChang Way Technologies Co. Limited [1] [2] [3]
Wed Dec 1 01:15:59 20214891789.248.165.48NLORG-IVI1-RIPE [1] [2] [3]
Thu Jun 23 03:54:43 20224475645.143.203.3EUTOV VAIZ PARTNER [1] [2] [3]
Sat Feb 26 14:25:39 202238927185.156.73.63NLOOO SibirInvest [1] [2] [3]
Sat Mar 13 06:18:50 202130613194.147.140.83SCLeading Mechanical Industry PJS [1] [2] [3]
Thu Jan 7 21:53:03 202129919193.27.229.94RUStarcrecium Limited [1] [2] [3]
Thu Jan 7 21:48:45 202129705193.27.229.93RUStarcrecium Limited [1] [2] [3]
Sat Mar 26 18:16:37 20222885489.248.165.121NLORG-IVI1-RIPE [1] [2] [3]
Mon May 23 12:33:04 202228225185.156.73.109NLOOO SibirInvest [1] [2] [3]
Thu May 20 17:40:41 20212647345.155.205.31RUStarcrecium Limited [1] [2] [3]
Wed May 4 01:01:21 20222523089.248.165.94NLORG-IVI1-RIPE [1] [2] [3]
Fri Sep 23 22:45:10 20222519078.128.113.250EUMiti 2000 EOOD [1] [2] [3]
Fri Sep 23 15:02:34 20222504645.143.200.6BGKorotkij Denis Aleksandrovich [1] [2] [3]
Sat Sep 24 00:01:12 202224700193.57.40.49EUAlviva Holding Limited [1] [2] [3]
Sun Apr 3 17:19:58 20222250989.248.162.161NLORG-IVI1-RIPE [1] [2] [3]
Fri Sep 23 23:50:19 202221540185.156.73.107NLOOO SibirInvest [1] [2] [3]
Fri Sep 23 13:31:03 20222104992.63.197.74UAOOO SibirInvest [1] [2] [3]
Mon May 10 15:00:49 20211942745.155.205.34RUStarcrecium Limited [1] [2] [3]
Mon Sep 6 02:40:35 20211911445.155.204.193RUStarcrecium Limited [1] [2] [3]
Tue Aug 2 05:33:16 202218252185.73.126.100NLXHOSTIS-NET [1] [2] [3]
Fri Jul 30 19:14:11 202117306185.191.34.246RUStarcrecium Limited [1] [2] [3]
Wed Jan 27 06:13:48 20211644445.146.166.126RUStarcrecium Limited [1] [2] [3]
Wed Jan 27 11:44:19 20211633345.146.166.127RUStarcrecium Limited [1] [2] [3]
Wed Jan 27 14:42:19 20211626545.134.26.169RUStarcrecium Limited [1] [2] [3]
Thu Dec 16 05:50:34 202116157185.156.73.111NLOOO SibirInvest [1] [2] [3]
Wed Jan 27 15:26:51 20211601145.146.165.128RUStarcrecium Limited [1] [2] [3]
Wed Oct 27 08:51:03 202115975193.27.228.101RUIT Resheniya LLC [1] [2] [3]
Fri Sep 23 15:25:24 20221595345.143.200.46BGKorotkij Denis Aleksandrovich [1] [2] [3]
Wed Jan 26 00:51:11 20221553192.63.197.55UAOOO SibirInvest [1] [2] [3]
Mon Aug 29 14:39:03 20221530589.248.165.204NLORG-IVI1-RIPE [1] [2] [3]
Fri Sep 23 04:53:23 20221498089.248.165.210NLORG-IVI1-RIPE [1] [2] [3]
Wed Jan 27 19:16:56 20211490445.146.166.162RUStarcrecium Limited [1] [2] [3]
Sat May 21 04:41:29 20221482880.66.83.30RUZSERVERS-NET [1] [2] [3]
Thu Jul 28 18:45:49 20221480389.248.165.51NLORG-IVI1-RIPE [1] [2] [3]
Wed Mar 2 21:24:13 20221476894.232.45.44RUDmitriy Panchenko [1] [2] [3]
Thu Apr 7 21:24:43 20221389589.248.165.202NLORG-IVI1-RIPE [1] [2] [3]
Sat Jan 15 12:37:55 20221368489.248.165.119NLORG-IVI1-RIPE [1] [2] [3]
Fri Dec 3 03:16:21 20211366094.232.46.40RUDmitriy Panchenko [1] [2] [3]
Wed Dec 22 23:18:39 20211327745.145.67.74RUIT Resheniya LLC [1] [2] [3]
Tue Jul 13 04:20:00 20211310992.63.197.101UAIP Kiktev Nikolay Vladimirovich [1] [2] [3]
Fri Sep 23 23:28:23 202212962185.156.73.57NLOOO SibirInvest [1] [2] [3]
Sun Jul 11 22:01:54 202112921185.156.73.114NLIP Kiktev Nikolay Vladimirovich [1] [2] [3]
Sun Jan 23 02:59:08 20221290589.248.165.53NLORG-IVI1-RIPE [1] [2] [3]
Thu May 26 10:56:31 20221278645.135.232.96RUIT Resheniya LLC [1] [2] [3]
HitsSIDSignature
85197100205MISC Microsoft SQL Server communication attempt
65159100077MISC MS Terminal Server communication attempt
51785564P2P Napster Client Data communication attempt
425032375BACKDOOR DoomJuice file upload attempt
20642510POLICY HP JetDirect LCD communication attempt
15256100202MISC VNC communication attempt
14026100084MISC HP Web JetAdmin communication attempt
12698100090P2P napster communication attempt
8671100082MISC Microsoft PPTP communication attempt
7454562P2P Napster Client Data communication attempt
4521563P2P Napster Client Data communication attempt
42931846POLICY vncviewer Java applet communication attempt
3525100063BACKDOOR RUX the Tick connection attempt
3284100028BACKDOOR netbus Connection Cttempt
30142181P2P BitTorrent communication attempt
2997100204MISC Radmin Default install options attempt
2412100073MISC PCAnywhere communication attempt
2018568POLICY HP JetDirect LCD commnication attempt
1808561P2P Napster Client Data communication attempt
17141408DOS MSDTC communication attempt
1689100112DOS Real Audio Server communication attempt
1640100041BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt
14041641DOS DB2 dos communication attempt
1347147BACKDOOR GateCrasher Connection attempt
12101605DOS iParty DOS attempt
1161119BACKDOOR Doly 2.0 Connection attempt
9522586P2P eDonkey transfer attempt
889208BACKDOOR PhaseZero Server Active on Network
809100100FTP Yak! FTP server communication attempt
7691987MISC xfs communication attempt
602152BACKDOOR BackConstruction 2.1 connection attempt
470100044BACKDOOR NetSphere Connection attempt
4462587P2P eDonkey communication attempt
419565P2P Napster Server Login communication attempt
382100038BACKDOOR - Dagger_1.4.0 Connection attempt
3731636MISC Xtramail communication attempt
3351985BACKDOOR Doly 1.5 Connection attempt
3161383P2P Fastrack kazaa/morpheus communication attempt
279159BACKDOOR NetMetro File List connection attempt
257505MISC Insecure TIMBUKTU communication attempt
2111421SNMP AgentX/tcp request
210599RPC portmap listing TCP 32771
203100040BACKDOOR Infector.1.x Connection attempt
1911819MISC Alcatel PABX 4400 connection attempt
187100203MISC Ghostsurf communication attempt
173108BACKDOOR QAZ Worm Client Login access
164163BACKDOOR WinCrash 1.0 communication attempt
150282DOS arkiea backup communication attempt
1492124BACKDOOR Remote PC Access connection attempt
145207BAD-TRAFFIC data in TCP SYN packet
125100083MISC LDAP communication attempt
104100029BACKDOOR NetBus Pro 2.0 Connection Cttempt
95100064BACKDOOR Asylum 0.1 connection request
78247DDOS mstream client to handler
75100206PSAD-CUSTOM Kuang2 virus communication attempt
73107BACKDOOR Subseven DEFCON8 2.1 connection Attempt
66249DDOS mstream client to handler
641843BACKDOOR trinity connection attempt
63153BACKDOOR DonaldDick 1.53 connection attempt
60145BACKDOOR GirlFriend Connection attempt
59100007DDOS Trin00 Attacker to Master connection attempt
55100207BACKDOOR Subseven connection attempt
46141BACKDOOR HackAttack 1.20 Connection attempt
373016BACKDOOR Insane Network 4.0 connection established port 63536
37230DDOS shaft client login to handler connection attempt
4613SCAN myscan
42182BACKDOOR typot trojan traffic
PortHits
23405667
6379236772
22176340
8080133186
8443124660
8097399
44386938
143386331
338966335
555551791
8150344
237545168
237638664
3721524065
808922792
503820775
232319394
854518979
808117075
920015556
590015376
829114691
800014055
1044313762
5080213385
PortHits
2113194
330613011
888812711
339012333
543212290
900011637
312811558
1121111137
420010830
808810441
2701710441
600019942
22229509
50609401
1119189
17238678
75478608
33918594
99998035
80907762
887626
81817613
70017612
77777454
33887387
The script to generate this HTML from PSAD output data can be downloaded here:  https://github.com/disloops/psadify