PORT SCAN ATTACK DETECTOR (PSAD)

This page contains the output of the Port Scan Attack Detector (PSAD) daemon running on my home network.

These statistics have been tracked since Mon Aug 3 00:30:15 2020.  Read more here:  PSAD on Raspberry Pi

Click here to show the various live data being tracked:

Last Attacks  |  Top Attackers  |  Top Signatures  |  Top Ports
Last SeenFirst SeenIP AddressCountryPorts Targeted
Sun Jul 25 21:03:25 2021Fri Jul 23 03:49:56 2021 107.189.1.149 US3128
Sun Jul 25 20:56:19 2021Wed Jun 16 08:53:12 2021 185.180.143.28 EU53
Sun Jul 25 20:45:25 2021Thu Jul 22 16:09:24 2021 144.86.173.152 US3389
Sun Jul 25 20:40:57 2021Sun Jul 25 20:40:30 2021 103.59.113.193 CN1433
Sun Jul 25 20:35:24 2021Sun Jul 25 20:34:56 2021 114.217.90.65 CN1433
Sun Jul 25 20:19:13 2021Thu Jul 15 18:47:09 2021 192.241.211.121 US22
Sun Jul 25 20:15:24 2021Thu Dec 17 22:36:39 2020 124.248.48.106 CN1433
Sun Jul 25 20:13:45 2021Sun Jul 25 20:13:38 2021 143.244.130.21 US12346
Sun Jul 25 20:09:24 2021Tue Nov 17 17:05:01 2020 128.199.14.144 NL9272
Sun Jul 25 20:06:31 2021Tue Aug 18 02:48:09 2020 184.105.247.202 US5555
Sun Jul 25 19:56:47 2021Sun Jul 25 19:56:38 2021 189.112.123.65 BR3389
Sun Jul 25 19:48:47 2021Sun Jul 25 19:48:47 2021 165.232.157.70 US8888
Sun Jul 25 19:37:30 2021Sun Jul 25 19:37:21 2021 197.43.161.13 EG22-8728
Sun Jul 25 19:37:21 2021Sat Dec 26 01:35:46 2020 192.241.210.213 US8888
Sun Jul 25 19:24:30 2021Sun Jul 25 19:24:09 2021 123.56.42.50 CN1433
Sun Jul 25 19:24:03 2021Sat May 8 04:13:32 2021 180.149.126.181 MN8630
Sun Jul 25 19:23:44 2021Wed Jul 21 18:06:38 2021 195.133.40.158 NL5555
Sun Jul 25 19:21:08 2021Sun Jan 31 21:01:27 2021 194.61.25.217 NL3389
Sun Jul 25 19:11:44 2021Sat Jul 17 09:21:33 2021 192.241.201.125 US8123
Sun Jul 25 19:09:45 2021Sat May 1 13:12:59 2021 203.159.80.75 ZZ5555
Last SeenHitsIP AddressCountryHosting Provider
Fri Jul 16 00:12:00 202131206185.156.73.63NLIP Kiktev Nikolay Vladimirovich
Sat Mar 13 06:18:50 202130613194.147.140.83SCLeading Mechanical Industry PJS
Thu Jan 7 21:53:03 202129919193.27.229.94RUStarcrecium Limited
Fri Jul 9 08:19:54 20212972445.143.203.3EUTOV VAIZ PARTNER
Thu Jan 7 21:48:45 202129705193.27.229.93RUStarcrecium Limited
Thu May 20 17:40:41 20212647345.155.205.31RUStarcrecium Limited
Sun Jul 25 20:58:42 20212426489.248.165.48NLORG-IVI1-RIPE
Sat Jul 24 07:56:29 20212127789.248.165.247NLORG-IVI1-RIPE
Mon May 10 15:00:49 20211942745.155.205.34RUStarcrecium Limited
Wed Jan 27 06:13:48 20211644445.146.166.126RUStarcrecium Limited
Wed Jan 27 11:44:19 20211633345.146.166.127RUStarcrecium Limited
Wed Jan 27 14:42:19 20211626545.134.26.169RUStarcrecium Limited
Wed Jan 27 15:26:51 20211601145.146.165.128RUStarcrecium Limited
Sun Jul 18 18:57:02 20211537045.143.200.6BGKorotkij Denis Aleksandrovich
Wed Jan 27 19:16:56 20211490445.146.166.162RUStarcrecium Limited
Tue Jul 13 04:20:00 20211310992.63.197.101UAIP Kiktev Nikolay Vladimirovich
Sun Jul 11 22:01:54 202112921185.156.73.114NLIP Kiktev Nikolay Vladimirovich
Sun Jul 18 16:23:51 20211276492.63.197.74UAIP Kiktev Nikolay Vladimirovich
Thu Jan 7 18:19:49 20211273645.129.33.41EUMaximilian Kutzner trading as HostSlick
Sun Jul 25 21:08:53 202112703185.191.34.246RUStarcrecium Limited
Tue Jan 12 05:56:59 20211264845.129.33.24EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 05:46:38 20211240845.129.33.12EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:23:56 20211238745.129.33.13EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:24:24 20211218545.129.33.9EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:19:15 20211214845.129.33.10EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:17:19 20211204445.129.33.8EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 05:26:21 20211193845.129.33.15EUMaximilian Kutzner trading as HostSlick
Sun Jul 25 20:21:50 202111786185.156.73.104NLIP Kiktev Nikolay Vladimirovich
Wed Jan 13 02:19:21 20211170545.129.33.60EUMaximilian Kutzner trading as HostSlick
Thu Aug 27 21:38:23 202011487194.26.29.104RURU-MEDIA-LAND-2-20191120
Thu Mar 18 07:06:33 202111322194.26.27.101RURU-MEDIA-LAND-2-20191120
Thu Aug 27 21:34:35 202011304194.26.29.102RURU-MEDIA-LAND-2-20191120
Fri Jul 16 12:07:38 20211125589.248.165.7NLORG-IVI1-RIPE
Mon Mar 22 03:12:44 202111222135.181.219.37NLRIPE Network Coordination Centre (RIPE)
Sun Jul 25 19:58:57 202111213185.156.73.107NLIP Kiktev Nikolay Vladimirovich
Thu Apr 15 14:24:59 202111058195.54.160.155RUStarcrecium Limited
Sun Jul 25 20:38:26 202110921185.156.73.109NLIP Kiktev Nikolay Vladimirovich
Wed Jan 20 08:02:09 20211087151.77.86.185DESD-LIM-113A-10G-HG
Sun Jul 25 19:55:58 202110865185.156.73.111NLIP Kiktev Nikolay Vladimirovich
Tue Apr 20 06:54:08 20211081845.155.205.32RUStarcrecium Limited
Wed Mar 10 10:24:58 20211061794.102.51.17NLORG-IVI1-RIPE
Sun Jul 25 20:45:12 20211058692.63.197.103UAIP Kiktev Nikolay Vladimirovich
Wed Jan 13 04:01:11 20211053145.129.33.43EUMaximilian Kutzner trading as HostSlick
Wed Jan 13 03:03:35 20211047545.129.33.57EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:06:55 20211029845.129.33.84EUMaximilian Kutzner trading as HostSlick
Mon May 24 09:16:35 202110259185.156.73.119NLIP Kiktev Nikolay Vladimirovich
Mon May 24 09:16:57 202110167185.156.73.116NLIP Kiktev Nikolay Vladimirovich
Mon May 24 09:15:57 202110082185.156.73.102NLIP Kiktev Nikolay Vladimirovich
Tue Jan 12 06:27:17 20211004445.129.33.82EUMaximilian Kutzner trading as HostSlick
Thu Apr 15 14:27:31 20219831185.156.73.57NLIP Kiktev Nikolay Vladimirovich
HitsSIDSignature
56858100205MISC Microsoft SQL Server communication attempt
34323100077MISC MS Terminal Server communication attempt
19656564P2P Napster Client Data communication attempt
188622375BACKDOOR DoomJuice file upload attempt
8759510POLICY HP JetDirect LCD communication attempt
7513100202MISC VNC communication attempt
6179100084MISC HP Web JetAdmin communication attempt
5746100090P2P napster communication attempt
4712100082MISC Microsoft PPTP communication attempt
4339562P2P Napster Client Data communication attempt
2246563P2P Napster Client Data communication attempt
18391846POLICY vncviewer Java applet communication attempt
1671100063BACKDOOR RUX the Tick connection attempt
1594100028BACKDOOR netbus Connection Cttempt
1493100204MISC Radmin Default install options attempt
14132181P2P BitTorrent communication attempt
1142100073MISC PCAnywhere communication attempt
929568POLICY HP JetDirect LCD commnication attempt
8471408DOS MSDTC communication attempt
828561P2P Napster Client Data communication attempt
794100112DOS Real Audio Server communication attempt
7241641DOS DB2 dos communication attempt
717100041BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt
658147BACKDOOR GateCrasher Connection attempt
588119BACKDOOR Doly 2.0 Connection attempt
504100100FTP Yak! FTP server communication attempt
4941605DOS iParty DOS attempt
4832586P2P eDonkey transfer attempt
368208BACKDOOR PhaseZero Server Active on Network
3571987MISC xfs communication attempt
284152BACKDOOR BackConstruction 2.1 connection attempt
229100044BACKDOOR NetSphere Connection attempt
2182587P2P eDonkey communication attempt
216100038BACKDOOR - Dagger_1.4.0 Connection attempt
1961636MISC Xtramail communication attempt
187565P2P Napster Server Login communication attempt
1701985BACKDOOR Doly 1.5 Connection attempt
1541383P2P Fastrack kazaa/morpheus communication attempt
153159BACKDOOR NetMetro File List connection attempt
118100040BACKDOOR Infector.1.x Connection attempt
101505MISC Insecure TIMBUKTU communication attempt
99100203MISC Ghostsurf communication attempt
93108BACKDOOR QAZ Worm Client Login access
92207BAD-TRAFFIC data in TCP SYN packet
861819MISC Alcatel PABX 4400 connection attempt
861421SNMP AgentX/tcp request
86599RPC portmap listing TCP 32771
83163BACKDOOR WinCrash 1.0 communication attempt
79282DOS arkiea backup communication attempt
732124BACKDOOR Remote PC Access connection attempt
70100083MISC LDAP communication attempt
51247DDOS mstream client to handler
50107BACKDOOR Subseven DEFCON8 2.1 connection Attempt
49100029BACKDOOR NetBus Pro 2.0 Connection Cttempt
47100064BACKDOOR Asylum 0.1 connection request
44100206PSAD-CUSTOM Kuang2 virus communication attempt
42153BACKDOOR DonaldDick 1.53 connection attempt
40249DDOS mstream client to handler
37145BACKDOOR GirlFriend Connection attempt
351843BACKDOOR trinity connection attempt
31100207BACKDOOR Subseven connection attempt
31141BACKDOOR HackAttack 1.20 Connection attempt
23100007DDOS Trin00 Attacker to Master connection attempt
133016BACKDOOR Insane Network 4.0 connection established port 63536
3613SCAN myscan
3230DDOS shaft client login to handler connection attempt
12182BACKDOOR typot trojan traffic
PortHits
23167411
2261276
143357806
8046904
808046163
637936148
44335638
338934894
844331901
8120784
555519662
808912828
237512405
854510929
503810535
23769246
23238489
80818258
82918161
59007593
92007212
33907084
508026433
33066368
80006181
PortHits
215970
88885752
112115665
31285661
104435625
80885397
54325278
87285103
270175040
33914990
90004726
17234712
264585
95304474
77774339
33884295
22224131
70014100
50604019
33923916
99993902
600013629
50003592
33993372
30003354
The script to generate this HTML from PSAD output data can be downloaded here:  https://github.com/disloops/psadify