PORT SCAN ATTACK DETECTOR (PSAD)

This page contains the output of the Port Scan Attack Detector (PSAD) daemon running on my home network.

These statistics have been tracked since Mon Aug 3 00:30:15 2020.  Read more here:  PSAD on Raspberry Pi

Click here to show the various live data being tracked:

Last Attacks  |  Top Attackers  |  Top Signatures  |  Top Ports
Last SeenFirst SeenIP AddressCountryPorts Targeted
Thu Sep 23 22:45:00 2021Sat Jul 31 06:15:32 2021 185.191.34.90 RU37301
Thu Sep 23 22:44:53 2021Fri Jun 18 22:55:13 2021 89.248.165.247 NL46299
Thu Sep 23 22:44:11 2021Mon Jul 5 15:45:09 2021 222.186.19.235 CN31280
Thu Sep 23 22:44:11 2021Sun Aug 15 07:37:57 2021 49.64.220.97 CN2376
Thu Sep 23 22:44:03 2021Mon Jul 19 23:45:27 2021 46.161.27.99 NL6669
Thu Sep 23 22:43:49 2021Sat Jun 12 13:14:37 2021 192.241.213.189 US7474
Thu Sep 23 22:43:49 2021Tue Sep 15 14:17:57 2020 167.248.133.67 US1456
Thu Sep 23 22:43:28 2021Tue Sep 7 04:12:50 2021 195.54.160.82 RU7058
Thu Sep 23 22:43:21 2021Thu May 20 07:55:35 2021 185.156.73.109 NL28473
Thu Sep 23 22:42:59 2021Tue Apr 6 23:03:23 2021 193.27.228.60 RU2031
Thu Sep 23 22:42:38 2021Tue Apr 27 20:15:31 2021 94.232.45.198 RU3668
Thu Sep 23 22:41:49 2021Sat Jun 19 23:15:53 2021 107.189.8.2 US6905
Thu Sep 23 22:41:49 2021Fri Oct 2 16:35:56 2020 92.63.197.88 UA33851
Thu Sep 23 22:41:42 2021Mon Sep 20 04:24:03 2021 45.145.66.33 RU9743
Thu Sep 23 22:41:27 2021Sat Aug 8 21:39:58 2020 79.124.62.82 EU14001
Thu Sep 23 22:41:27 2021Sat Sep 4 06:49:26 2021 89.248.165.60 NL6780
Thu Sep 23 22:40:59 2021Thu May 13 04:43:37 2021 51.255.109.164 PL9999
Thu Sep 23 22:40:59 2021Thu May 6 07:34:34 2021 203.159.80.208 ZZ2071
Thu Sep 23 22:40:31 2021Mon Aug 3 22:18:44 2020 195.144.21.56 AT4747
Thu Sep 23 22:40:31 2021Sat Sep 11 20:30:10 2021 94.232.45.44 RU49427
Last SeenHitsIP AddressCountryHosting Provider
Thu Sep 23 22:44:53 20217279189.248.165.247NLORG-IVI1-RIPE
Thu Sep 23 22:45:00 202149854185.191.34.90RUStarcrecium Limited
Thu Sep 23 22:37:59 20213881089.248.165.48NLORG-IVI1-RIPE
Sat Sep 18 01:12:49 20213739245.143.203.3EUTOV VAIZ PARTNER
Sun Sep 12 04:40:05 202136898185.156.73.63NLIP Kiktev Nikolay Vladimirovich
Sat Mar 13 06:18:50 202130613194.147.140.83SCLeading Mechanical Industry PJS
Thu Jan 7 21:53:03 202129919193.27.229.94RUStarcrecium Limited
Thu Jan 7 21:48:45 202129705193.27.229.93RUStarcrecium Limited
Thu May 20 17:40:41 20212647345.155.205.31RUStarcrecium Limited
Thu Sep 16 17:12:23 20212443589.248.165.94NLORG-IVI1-RIPE
Mon May 10 15:00:49 20211942745.155.205.34RUStarcrecium Limited
Mon Sep 6 02:40:35 20211911445.155.204.193RUStarcrecium Limited
Thu Sep 23 22:10:55 20211825945.143.200.6BGKorotkij Denis Aleksandrovich
Fri Jul 30 19:14:11 202117306185.191.34.246RUStarcrecium Limited
Wed Jan 27 06:13:48 20211644445.146.166.126RUStarcrecium Limited
Wed Jan 27 11:44:19 20211633345.146.166.127RUStarcrecium Limited
Wed Jan 27 14:42:19 20211626545.134.26.169RUStarcrecium Limited
Wed Jan 27 15:26:51 20211601145.146.165.128RUStarcrecium Limited
Thu Sep 23 22:00:49 20211530692.63.197.74UAIP Kiktev Nikolay Vladimirovich
Wed Jan 27 19:16:56 20211490445.146.166.162RUStarcrecium Limited
Thu Sep 23 22:43:21 202114040185.156.73.109NLIP Kiktev Nikolay Vladimirovich
Thu Sep 23 22:24:10 202113349185.156.73.111NLIP Kiktev Nikolay Vladimirovich
Tue Jul 13 04:20:00 20211310992.63.197.101UAIP Kiktev Nikolay Vladimirovich
Sun Jul 11 22:01:54 202112921185.156.73.114NLIP Kiktev Nikolay Vladimirovich
Thu Jan 7 18:19:49 20211273645.129.33.41EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 05:56:59 20211264845.129.33.24EUMaximilian Kutzner trading as HostSlick
Tue Aug 31 11:37:18 202112409185.156.73.104NLIP Kiktev Nikolay Vladimirovich
Tue Jan 12 05:46:38 20211240845.129.33.12EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:23:56 20211238745.129.33.13EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:24:24 20211218545.129.33.9EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:19:15 20211214845.129.33.10EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:17:19 20211204445.129.33.8EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 05:26:21 20211193845.129.33.15EUMaximilian Kutzner trading as HostSlick
Wed Jan 13 02:19:21 20211170545.129.33.60EUMaximilian Kutzner trading as HostSlick
Thu Sep 23 22:19:10 202111568185.156.73.107NLIP Kiktev Nikolay Vladimirovich
Thu Aug 27 21:38:23 202011487194.26.29.104RURU-MEDIA-LAND-2-20191120
Thu Mar 18 07:06:33 202111322194.26.27.101RURU-MEDIA-LAND-2-20191120
Thu Aug 27 21:34:35 202011304194.26.29.102RURU-MEDIA-LAND-2-20191120
Fri Jul 16 12:07:39 20211125589.248.165.7NLORG-IVI1-RIPE
Mon Mar 22 03:12:44 202111222135.181.219.37NLRIPE Network Coordination Centre (RIPE)
Tue Aug 24 13:57:49 202111138193.27.228.101RUStarcrecium Limited
Thu Apr 15 14:24:59 202111058195.54.160.155RUStarcrecium Limited
Wed Jan 20 08:02:09 20211087151.77.86.185DESD-LIM-113A-10G-HG
Tue Apr 20 06:54:08 20211081845.155.205.32RUStarcrecium Limited
Thu Sep 23 22:36:12 20211069294.232.45.4RUDmitriy Panchenko
Mon Jul 26 14:24:41 20211063092.63.197.103UAIP Kiktev Nikolay Vladimirovich
Wed Mar 10 10:24:58 20211061794.102.51.17NLORG-IVI1-RIPE
Wed Jan 13 04:01:11 20211053145.129.33.43EUMaximilian Kutzner trading as HostSlick
Wed Jan 13 03:03:35 20211047545.129.33.57EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:06:55 20211029845.129.33.84EUMaximilian Kutzner trading as HostSlick
HitsSIDSignature
61910100205MISC Microsoft SQL Server communication attempt
39040100077MISC MS Terminal Server communication attempt
231142375BACKDOOR DoomJuice file upload attempt
22516564P2P Napster Client Data communication attempt
10606510POLICY HP JetDirect LCD communication attempt
9182100202MISC VNC communication attempt
7338100090P2P napster communication attempt
7163100084MISC HP Web JetAdmin communication attempt
5331100082MISC Microsoft PPTP communication attempt
4833562P2P Napster Client Data communication attempt
2897563P2P Napster Client Data communication attempt
22141846POLICY vncviewer Java applet communication attempt
1912100063BACKDOOR RUX the Tick connection attempt
1849100028BACKDOOR netbus Connection Cttempt
1724100204MISC Radmin Default install options attempt
16492181P2P BitTorrent communication attempt
1288100073MISC PCAnywhere communication attempt
1069568POLICY HP JetDirect LCD commnication attempt
9921408DOS MSDTC communication attempt
966561P2P Napster Client Data communication attempt
914100112DOS Real Audio Server communication attempt
839100041BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt
8321641DOS DB2 dos communication attempt
768147BACKDOOR GateCrasher Connection attempt
675119BACKDOOR Doly 2.0 Connection attempt
5991605DOS iParty DOS attempt
5522586P2P eDonkey transfer attempt
545100100FTP Yak! FTP server communication attempt
4261987MISC xfs communication attempt
420208BACKDOOR PhaseZero Server Active on Network
338152BACKDOOR BackConstruction 2.1 connection attempt
268100044BACKDOOR NetSphere Connection attempt
2482587P2P eDonkey communication attempt
243100038BACKDOOR - Dagger_1.4.0 Connection attempt
2311636MISC Xtramail communication attempt
220565P2P Napster Server Login communication attempt
1981985BACKDOOR Doly 1.5 Connection attempt
1811383P2P Fastrack kazaa/morpheus communication attempt
168159BACKDOOR NetMetro File List connection attempt
128505MISC Insecure TIMBUKTU communication attempt
126100040BACKDOOR Infector.1.x Connection attempt
1131421SNMP AgentX/tcp request
112108BACKDOOR QAZ Worm Client Login access
110100203MISC Ghostsurf communication attempt
1091819MISC Alcatel PABX 4400 connection attempt
100599RPC portmap listing TCP 32771
96207BAD-TRAFFIC data in TCP SYN packet
94163BACKDOOR WinCrash 1.0 communication attempt
902124BACKDOOR Remote PC Access connection attempt
89282DOS arkiea backup communication attempt
77100083MISC LDAP communication attempt
57100064BACKDOOR Asylum 0.1 connection request
56100029BACKDOOR NetBus Pro 2.0 Connection Cttempt
53247DDOS mstream client to handler
53100206PSAD-CUSTOM Kuang2 virus communication attempt
52107BACKDOOR Subseven DEFCON8 2.1 connection Attempt
461843BACKDOOR trinity connection attempt
44153BACKDOOR DonaldDick 1.53 connection attempt
43249DDOS mstream client to handler
41145BACKDOOR GirlFriend Connection attempt
35100207BACKDOOR Subseven connection attempt
33100007DDOS Trin00 Attacker to Master connection attempt
33141BACKDOOR HackAttack 1.20 Connection attempt
153016BACKDOOR Insane Network 4.0 connection established port 63536
7230DDOS shaft client login to handler connection attempt
3613SCAN myscan
12182BACKDOOR typot trojan traffic
PortHits
23194618
2274978
143362896
637960332
808058504
8056339
44345662
844342021
338939709
8126391
555522522
237518383
237614511
808914061
854512913
503812324
829110792
80819842
23239531
59009273
92008789
33908131
104437573
508027536
33067409
PortHits
88887344
80007166
217042
31286918
112116893
87286874
54326279
80886162
270175995
90005869
33915726
17235331
265032
95305019
33884921
77774833
22224753
70014635
50604616
99994571
33924504
600014496
81814310
30004180
50004161
The script to generate this HTML from PSAD output data can be downloaded here:  https://github.com/disloops/psadify