PORT SCAN ATTACK DETECTOR (PSAD)

This page contains the output of the Port Scan Attack Detector (PSAD) daemon running on my home network.

These statistics have been tracked since Mon Aug 3 00:30:15 2020.  Read more here:  PSAD on Raspberry Pi

Click here to show the various live data being tracked:

Last Attacks  |  Top Attackers  |  Top Signatures  |  Top Ports
Last SeenFirst SeenIP AddressCountryPorts Targeted
Sun Jun 13 07:04:58 2021Sun Jun 13 07:04:48 2021 219.78.217.176 HK5555
Sun Jun 13 07:02:31 2021Mon Dec 7 10:27:28 2020 185.167.98.154 NL3389
Sun Jun 13 07:00:50 2021Sun Apr 18 23:08:22 2021 185.191.34.207 RU32000
Sun Jun 13 06:37:10 2021Sun Jun 13 06:36:36 2021 103.102.86.3 IN1433
Sun Jun 13 06:32:09 2021Sun Jun 13 06:31:53 2021 135.181.213.34 NL3389
Sun Jun 13 06:31:32 2021Mon May 31 21:04:09 2021 185.180.143.170 EU1723
Sun Jun 13 06:30:12 2021Fri Nov 13 22:01:20 2020 182.74.197.50 IN1433
Sun Jun 13 06:21:13 2021Mon Apr 26 14:35:48 2021 205.185.127.25 US5555
Sun Jun 13 06:17:46 2021Sun Jun 13 06:17:35 2021 183.100.39.146 ?1433
Sun Jun 13 06:07:32 2021Thu Aug 13 13:09:17 2020 184.105.139.82 US3389
Sun Jun 13 05:29:55 2021Fri May 21 00:30:21 2021 101.32.44.75 HK6379
Sun Jun 13 05:26:54 2021Sun Jun 13 05:26:53 2021 206.189.127.36 US6969
Sun Jun 13 05:14:39 2021Fri Sep 25 13:20:08 2020 193.27.229.184 RU3389
Sun Jun 13 05:11:10 2021Sat May 22 03:41:40 2021 120.78.222.240 CN2376
Sun Jun 13 05:08:31 2021Sun Apr 11 10:24:03 2021 192.241.213.248 US5223
Sun Jun 13 05:00:37 2021Sun Jun 6 22:52:25 2021 193.163.125.238 GB60000
Sun Jun 13 04:52:32 2021Tue Apr 6 21:47:54 2021 193.27.228.61 RU5679
Sun Jun 13 04:47:09 2021Tue Sep 1 10:16:58 2020 167.248.133.26 US5900
Sun Jun 13 04:42:55 2021Sat Apr 24 16:00:55 2021 200.105.200.182 BO23
Sun Jun 13 04:25:18 2021Thu Sep 24 00:11:48 2020 192.35.168.154 US1433
Last SeenHitsIP AddressCountryHosting Provider
Sat Mar 13 06:18:50 202130613194.147.140.83SCLeading Mechanical Industry PJS
Thu Jan 7 21:53:03 202129919193.27.229.94RUStarcrecium Limited
Thu Jan 7 21:48:45 202129705193.27.229.93RUStarcrecium Limited
Thu May 20 17:40:41 20212647345.155.205.31RUStarcrecium Limited
Mon May 10 15:00:49 20211942745.155.205.34RUStarcrecium Limited
Wed Jan 27 06:13:48 20211644445.146.166.126RUStarcrecium Limited
Wed Jan 27 11:44:19 20211633345.146.166.127RUStarcrecium Limited
Wed Jan 27 14:42:19 20211626545.134.26.169RUStarcrecium Limited
Wed Jan 27 15:26:51 20211601145.146.165.128RUStarcrecium Limited
Wed Jan 27 19:16:56 20211490445.146.166.162RUStarcrecium Limited
Thu Jan 7 18:19:49 20211273645.129.33.41EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 05:56:59 20211264845.129.33.24EUMaximilian Kutzner trading as HostSlick
Sun Jun 13 06:51:22 20211264245.143.200.6BGKorotkij Denis Aleksandrovich
Tue Jan 12 05:46:38 20211240845.129.33.12EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:23:56 20211238745.129.33.13EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:24:24 20211218545.129.33.9EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:19:15 20211214845.129.33.10EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:17:19 20211204445.129.33.8EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 05:26:21 20211193845.129.33.15EUMaximilian Kutzner trading as HostSlick
Wed Jan 13 02:19:21 20211170545.129.33.60EUMaximilian Kutzner trading as HostSlick
Thu Aug 27 21:38:23 202011487194.26.29.104RURU-MEDIA-LAND-2-20191120
Thu Mar 18 07:06:33 202111322194.26.27.101RURU-MEDIA-LAND-2-20191120
Thu Aug 27 21:34:35 202011304194.26.29.102RURU-MEDIA-LAND-2-20191120
Mon Mar 22 03:12:44 202111222135.181.219.37NLRIPE Network Coordination Centre (RIPE)
Thu Apr 15 14:24:59 202111058195.54.160.155RUStarcrecium Limited
Wed Jan 20 08:02:09 20211087151.77.86.185DESD-LIM-113A-10G-HG
Tue Apr 20 06:54:08 20211081845.155.205.32RUStarcrecium Limited
Wed Mar 10 10:24:58 20211061794.102.51.17NLORG-IVI1-RIPE
Wed Jan 13 04:01:11 20211053145.129.33.43EUMaximilian Kutzner trading as HostSlick
Sun Jun 13 06:58:33 20211047989.248.165.48NLORG-IVI1-RIPE
Wed Jan 13 03:03:35 20211047545.129.33.57EUMaximilian Kutzner trading as HostSlick
Sun Jun 13 05:46:39 20211037392.63.197.74UAIP Kiktev Nikolay Vladimirovich
Tue Jan 12 06:06:55 20211029845.129.33.84EUMaximilian Kutzner trading as HostSlick
Mon May 24 09:16:35 202110259185.156.73.119NLIP Kiktev Nikolay Vladimirovich
Mon May 24 09:16:43 20211022092.63.197.101UAIP Kiktev Nikolay Vladimirovich
Mon May 24 09:16:35 202110179185.156.73.114NLIP Kiktev Nikolay Vladimirovich
Mon May 24 09:16:57 202110167185.156.73.116NLIP Kiktev Nikolay Vladimirovich
Mon May 24 09:18:47 20211011792.63.197.103UAIP Kiktev Nikolay Vladimirovich
Mon May 24 09:17:12 202110109185.156.73.107NLIP Kiktev Nikolay Vladimirovich
Mon May 24 09:14:43 202110102185.156.73.104NLIP Kiktev Nikolay Vladimirovich
Mon May 24 09:15:57 202110082185.156.73.102NLIP Kiktev Nikolay Vladimirovich
Mon May 24 09:15:19 202110060185.156.73.111NLIP Kiktev Nikolay Vladimirovich
Tue Jan 12 06:27:17 20211004445.129.33.82EUMaximilian Kutzner trading as HostSlick
Mon May 24 09:16:43 202110035185.156.73.109NLIP Kiktev Nikolay Vladimirovich
Thu Apr 15 14:27:31 20219831185.156.73.57NLIP Kiktev Nikolay Vladimirovich
Tue Jan 12 05:53:52 2021969445.129.33.129EUMaximilian Kutzner trading as HostSlick
Mon Apr 26 23:08:36 2021957345.155.205.33RUStarcrecium Limited
Fri Feb 5 04:42:59 2021931292.63.197.18UAIP Kiktev Nikolay Vladimirovich
Mon Dec 21 17:49:43 2020923351.161.14.102EUNON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
Tue Jan 12 06:22:27 2021892345.129.33.6EUMaximilian Kutzner trading as HostSlick
HitsSIDSignature
52824100205MISC Microsoft SQL Server communication attempt
30938100077MISC MS Terminal Server communication attempt
17917564P2P Napster Client Data communication attempt
168582375BACKDOOR DoomJuice file upload attempt
7644510POLICY HP JetDirect LCD communication attempt
6506100202MISC VNC communication attempt
5337100084MISC HP Web JetAdmin communication attempt
5145100090P2P napster communication attempt
4210100082MISC Microsoft PPTP communication attempt
3993562P2P Napster Client Data communication attempt
2008563P2P Napster Client Data communication attempt
15851846POLICY vncviewer Java applet communication attempt
1493100063BACKDOOR RUX the Tick connection attempt
1409100028BACKDOOR netbus Connection Cttempt
1305100204MISC Radmin Default install options attempt
12272181P2P BitTorrent communication attempt
981100073MISC PCAnywhere communication attempt
836568POLICY HP JetDirect LCD commnication attempt
7701408DOS MSDTC communication attempt
735561P2P Napster Client Data communication attempt
703100112DOS Real Audio Server communication attempt
6341641DOS DB2 dos communication attempt
617100041BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt
583147BACKDOOR GateCrasher Connection attempt
512119BACKDOOR Doly 2.0 Connection attempt
471100100FTP Yak! FTP server communication attempt
4222586P2P eDonkey transfer attempt
4121605DOS iParty DOS attempt
331208BACKDOOR PhaseZero Server Active on Network
3071987MISC xfs communication attempt
245152BACKDOOR BackConstruction 2.1 connection attempt
211100044BACKDOOR NetSphere Connection attempt
196100038BACKDOOR - Dagger_1.4.0 Connection attempt
1932587P2P eDonkey communication attempt
1721636MISC Xtramail communication attempt
166565P2P Napster Server Login communication attempt
1551985BACKDOOR Doly 1.5 Connection attempt
1391383P2P Fastrack kazaa/morpheus communication attempt
129159BACKDOOR NetMetro File List connection attempt
106100040BACKDOOR Infector.1.x Connection attempt
93100203MISC Ghostsurf communication attempt
87207BAD-TRAFFIC data in TCP SYN packet
86505MISC Insecure TIMBUKTU communication attempt
83108BACKDOOR QAZ Worm Client Login access
791819MISC Alcatel PABX 4400 connection attempt
781421SNMP AgentX/tcp request
72163BACKDOOR WinCrash 1.0 communication attempt
70282DOS arkiea backup communication attempt
69599RPC portmap listing TCP 32771
65100083MISC LDAP communication attempt
632124BACKDOOR Remote PC Access connection attempt
45107BACKDOOR Subseven DEFCON8 2.1 connection Attempt
44247DDOS mstream client to handler
43100029BACKDOOR NetBus Pro 2.0 Connection Cttempt
43100206PSAD-CUSTOM Kuang2 virus communication attempt
40100064BACKDOOR Asylum 0.1 connection request
37249DDOS mstream client to handler
33145BACKDOOR GirlFriend Connection attempt
33153BACKDOOR DonaldDick 1.53 connection attempt
311843BACKDOOR trinity connection attempt
28100207BACKDOOR Subseven connection attempt
25141BACKDOOR HackAttack 1.20 Connection attempt
21100007DDOS Trin00 Attacker to Master connection attempt
113016BACKDOOR Insane Network 4.0 connection established port 63536
3613SCAN myscan
2230DDOS shaft client login to handler connection attempt
12182BACKDOOR typot trojan traffic
PortHits
23151563
143353559
2252740
8040493
808035988
338931433
44330713
844323163
637923022
555517923
8117889
808911947
854510095
50388987
23758374
23237706
80817353
59006575
82916534
33906295
92006148
33065624
23765613
508025422
80005339
PortHits
215213
88885151
112115114
31284941
80884890
54324597
33914496
264328
270174214
17234210
90004145
104434026
77773993
33883903
87283871
70013710
50603603
22223592
33923546
99993450
600013371
50003230
42433126
95303100
33933028
The script to generate this HTML from PSAD output data can be downloaded here:  https://github.com/disloops/psadify