| Port(s) |
Protocol |
Service |
Scan level |
Description |
| 42593 |
tcp,udp |
applications |
not scanned |
Glue - MakePro X |
| 42594 |
tcp,udp |
applications |
not scanned |
Glue - MakePro X |
| 42595 |
tcp,udp |
applications |
not scanned |
Glue - MakePro X |
| 42893 |
udp |
games |
not scanned |
Virtual Tennis, developer: Strangelite |
| 42999 |
tcp |
curiosity |
not scanned |
API endpoint for search application (IANA official) |
| 43000 |
tcp |
recvr-rc |
not scanned |
Receiver Remote Control [Research_Electronics_International] (IANA official) |
| 43000 |
udp |
recvr-rc-disc |
not scanned |
Receiver Remote Control Discovery [Research_Electronics_International] (IANA official) |
| 43034 |
tcp,udp |
applications |
not scanned |
LarmX.comâ„¢ database update mtr port |
| 43047 |
tcp |
applications |
Premium scan |
TheosMessenger, TheosNet-Admin uses these ports:
2500/tcp, 2501/tcp - listening for client connections
43047/tcp, 43048/tcp - service ports |
| 43048 |
tcp |
applications |
not scanned |
TheosMessenger, TheosNet-Admin uses these ports:
2500/tcp, 2501/tcp - listening for client connections
43047/tcp, 43048/tcp - service ports |
| 43188 |
tcp,udp |
reachout |
not scanned |
REACHOUT |
| 43189 |
tcp,udp |
ndm-agent-port |
not scanned |
NDM-AGENT-PORT |
| 43190 |
tcp,udp |
ip-provision |
not scanned |
IP-PROVISION |
| 43191 |
tcp |
noit-transport |
not scanned |
Reconnoiter Agent Data Transport |
| 43210 |
tcp |
trojan |
Premium scan |
Master's Paradise, Schoolbus 1.6 / 2.0 trojan horse
Octave network daemon
Shaper Automation Server Management [Shaper_Automation] (IANA official) |
| 43210 |
udp |
shaperai-disc |
not scanned |
Bombsquad game uses port 43210 UDP
Shaper Automation Server Management Discovery [Shaper_Automation] (IANA official) |
| 43287 |
tcp |
trojans |
Members scan |
W32.Mytob.KU@mm [Symantec-2005-101522-1102-99] - mass-mailing worm that uses its own SMTP engine, has backdoor capabilities, and lowers security settings on the compromised computer. Opens a backdoor and listens for remote commands on port 43287/tcp.
Also: W32.Mytob.KR@mm [Symantec-2005-101517-4223-99] variant. |
| 43438 |
udp |
hmip-routing |
not scanned |
IANA registered for: HmIP LAN Routing |
| 43439 |
tcp |
eq3-update |
not scanned |
EQ3 firmware update [eQ-3 AG] (IANA official) |
| 43439 |
udp |
eq3-config |
not scanned |
EQ3 discovery and configuration [eQ-3 AG] (IANA official) |
| 43440 |
tcp |
ew-mgmt |
not scanned |
Cisco EnergyWise Management |
| 43440 |
udp |
ew-disc-cmd |
not scanned |
Cisco EnergyWise Discovery and Command Flooding |
| 43441 |
tcp,udp |
ciscocsdb |
not scanned |
Cisco NetMgmt DB Ports [Cisco Systems] (IANA official) |
| 43594 |
tcp,udp |
applications |
not scanned |
Runescape Private Server |
| 43595 |
tcp |
applications |
not scanned |
RuneScape JAGGRAB servers |
| 43654 |
tcp |
viera |
not scanned |
Panasonic Viera cast may use the following ports: 80, 443, 43654, 48705 |
| 43690 |
udp |
applications |
not scanned |
Huawei EchoLife HG520c could allow a remote attacker to obtain sensitive information, caused by an error when processing packets. By sending specially-crafted packets to UDP port 43690, a remote attacker could exploit this vulnerability to obtain firmware version, IP addresses and other sensitive information.
References: [XFDB-57952], [BID-39650], [SECUNIA-39491] |
| 43720 |
udp |
trojan |
not scanned |
KiLo trojan [Symantec-2003-021319-1815-99] |
| 43900 |
tcp |
games |
not scanned |
PGA Championship Golf 2000 uses ports 43900-43910 |
| 43910 |
tcp |
games |
not scanned |
PGA Championship Golf 2000 uses ports 43900-43910 |
| 43958 |
tcp |
applications |
Members scan |
Serv-U FTP Server
Trojans that use this port:
Backdoor.ServU-based (AVP), Backdoor.ServU.B (Central Command), Troj/Vicwor-A, BKDR_ServU_ey |
| 43981 |
udp |
applications |
not scanned |
Netware IP, Vicar networks X10 mgmt |
| 44000 |
udp |
games |
not scanned |
Brothers in Arms: Road To Hill 30, Far Cry, Heroes of Might and Magic V, Rainbox Six 3: Raven Shield |
| 44000 |
tcp |
games |
not scanned |
PGA Championship Golf 2000 |
| 44003 |
tcp,udp |
applications |
not scanned |
MTA SA R1.0 |
| 44014 |
tcp,udp |
trojan |
not scanned |
Iani trojan |
| 44123 |
tcp |
z-wave-s |
not scanned |
Z-Wave Secure Tunnel [Sigma Designs Inc] (IANA official) |
| 44280 |
tcp |
trojans |
Premium scan |
Backdoor.Amitis.B [Symantec-2003-051915-1012-99] (2003.05.19) Windows remote access trojan. Listens on ports 3547, 7823, 12345, 13173, 44280, 44390, 47387, 64429. Other variants of Backdoor.Amitis also use ports 27, 551. |
| 44321 |
tcp,udp |
pmcd |
not scanned |
PCP server (pmcd) (IANA official) |
| 44322 |
tcp,udp |
pmproxy |
not scanned |
PCP proxy (pmproxy) (IANA official) |
| 44323 |
udp |
pcp |
not scanned |
Port Control Protocol (IANA official) |
| 44333 |
tcp,udp |
applications |
not scanned |
Kerio MailServer, Kerio Personal Firewall, and Kerio WinRoute Firewall are vulnerable to a denial of service attack. A remote attacker, with access to the administration ports, 44333, 44334, and 44337 could send specially-crafted data to exceed the amount of connections allowed, resulting in a denial of service.
References: [BID-13458], [CVE-2005-1063], [XFDB-20337] |
| 44334 |
tcp,udp |
tiny firewall |
Members scan |
Remote administration port used by Tiny Personal Firewall, and Kerio Personal firewall.
There is a possible exploit in Kerio Personal Firewall using this port: SecuriTeam 5HP0A2AA1Y
Also Kerio personal firewall has hidden "Internal Traffic Rules" that allow for open ports not being displayed in the GUI.
A remote attacker, with access to the administration ports, 44333, 44334, and 44337 could send specially-crafted data to exceed the amount of connections allowed, resulting in a denial of service.
References: [BID-13458], [CVE-2005-1063], [XFDB-20337] |
| 44337 |
tcp,udp |
applications |
not scanned |
Kerio MailServer, Kerio Personal Firewall, and Kerio WinRoute Firewall are vulnerable to a denial of service attack. A remote attacker, with access to the administration ports, 44333, 44334, and 44337 could send specially-crafted data to exceed the amount of connections allowed, resulting in a denial of service.
References: [BID-13458], [CVE-2005-1063], [XFDB-20337] |
| 44390 |
tcp |
trojans |
Premium scan |
Backdoor.Amitis.B [Symantec-2003-051915-1012-99] (2003.05.19) Windows remote access trojan. Listens on ports 3547, 7823, 12345, 13173, 44280, 44390, 47387, 64429. Other variants of Backdoor.Amitis also use ports 27, 551. |
| 44405 |
tcp,udp |
applications |
not scanned |
Mu Online |
| 44444 |
tcp |
trojan |
Members scan |
Prosiak trojan
Cognex DataMan Management Protocol [Cognex] (IANA official)
Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets to port 44444, aka Bug ID CSCtz92776.
References: [CVE-2013-3388] |
| 44445 |
tcp |
acronis-backup |
not scanned |
Acronis Backup Gateway service port (IANA registered)
Malware: W32.Kibuv |
| 44488 |
tcp,udp |
applications |
not scanned |
BackupStream |
| 44490 |
tcp,udp |
applications |
not scanned |
BAckNBiz |
| 44501 |
tcp |
kerio |
Members scan |
Port used by Kerio Personal Firewall pop-up blocking.
There is a script that sends information on this port about blocked pages. Also, reportedly Kerio personal firewall has "Internal traffic rules" for open ports not displayed in the GUI. |
| 44544 |
udp |
domiq |
not scanned |
DOMIQ Building Automation [DOMIQ Sp zoo] (IANA official) |
| 44575 |
tcp |
trojan |
Premium scan |
Exploiter trojan |
| 44600 |
udp |
asihpi |
not scanned |
IANA registered for: AudioScience HPI |
| 44624 |
udp |
games |
not scanned |
Virtual Tennis, developer: Strangelite |
| 44767 |
tcp,udp |
trojan |
not scanned |
School Bus trojan |
| 44818 |
tcp,udp |
ethernetip |
not scanned |
Rockwell Encapsulation
Cognex In-Signt (IANA official) uses these ports:
68 udp - DHCP In-Signt vision system only
502 tcp - Modbus
1069 tcp/udp - In-Sight
1070 tcp - machine status data
2222 udp - Ethernet IP
5753 tcp - audit message server
44818 tcp/udp - Ethernet IP
51069 tcp - In-Sight secure
IANA registered for EtherNet/IP messaging
Cisco IOS is vulnerable to a denial of service, caused by an error within the Common Industrial Protocol (CIP) feature when processing malicious packets. By sending specially-crafted IPv4 packets destined to TCP port 44818, a remote attacker could exploit this vulnerability to cause the device to reload.
References: [CVE-2015-0649], [XFDB-101804]
Rockwell Automation ControlLogix is vulnerable to a denial of service, caused by the improper validation of input being sent to the buffer. By sending a specially-crafted CIP message to TCP and UDP ports 2222 and 44818, a remote attacker could exploit this vulnerability to cause the CPU to stop logic execution and enter a denial of service.
References: [XFDB-81235]
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote threat actor to intentionally send a malformed CIP packet to Port 44818, causing the software application to stop responding and crash. This vulnerability also has the potential to exploit a buffer overflow condition, which may allow the threat actor to remotely execute arbitrary code.
References: [CVE-2018-14829]
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. A remote, unauthenticated threat actor may intentionally send specially crafted Ethernet/IP packets to Port 44818, causing the software application to stop responding and crash. The user must restart the software to regain functionality.
References: [CVE-2018-14827]
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote, unauthenticated threat actor to intentionally send a malformed CIP packet to Port 44818, causing the RSLinx Classic application to terminate. The user will need to manually restart the software to regain functionality.
References: [CVE-2018-14821]
Tec4Data SmartCooler is vulnerable to a denial of service, caused by missing authentication for a critical function. By sending a specially crafted CIP packet to Port 44818, a remote attacker could exploit this vulnerability to cause a denial of service.
References: [CVE-2018-14796], [XFDB-150211] |
| 44900 |
tcp,udp |
m3da |
not scanned |
M3DA is used for efficient machine-to-machine communications [Eclipse Foundation] (IANA official) |
| 45000 |
tcp |
cisco-ids |
not scanned |
CiscoSecure IDS communication
Monitoring Protocol data transfer NSi AutoStore Status [Notable Solutions Inc] (IANA official) |
| 45000 |
udp |
games |
not scanned |
Brothers in Arms: Road To Hill 30, Heroes of Might and Magic V
Monitoring Protocol device, monitoring NSi AutoStore Status [Notable Solutions Inc] (IANA official) |
| 45001 |
udp |
games |
not scanned |
Brothers in Arms: Road To Hill 30 |
| 45001 |
tcp |
asmps |
not scanned |
Monitoring Protocol secure data transfer [Notable Solutions Inc] (IANA official) |
| 45002 |
tcp |
rs-status |
not scanned |
Redspeed Status Monitor (IANA official) |
| 45054 |
tcp,udp |
invision-ag |
not scanned |
InVision AG |
| 45092 |
tcp |
trojan |
Premium scan |
BackGate Kit |
| 45100 |
tcp,udp |
applications |
not scanned |
Limewire client magnet, Azureus |
| 45185 |
tcp,udp |
witsnet |
not scanned |
Wire and Wireless transfer on synchroniz (IANA official) |
| 45395 |
udp |
whatsapp |
not scanned |
WhatsApp uses these ports:
80, 443, 4244, 5222, 5223, 5228, 5242 TCP
50318, 59234 TCP/UDP
3478, 45395 UDP
|
| 45454 |
tcp |
trojan |
Premium scan |
Osiris trojan |
| 45456 |
tcp |
httptoolkit |
not scanned |
HTTP Toolkit (https://httptoolkit.tech) uses ports 45456/tcp and 45457/tcp as part of its internal communication and management API |
| 45457 |
tcp |
httptoolkit |
not scanned |
HTTP Toolkit (https://httptoolkit.tech) uses ports 45456/tcp and 45457/tcp as part of its internal communication and management API |
| 45514 |
tcp |
cloudcheck |
not scanned |
IANA registered for: ASSIA CloudCheck WiFi Management System |
| 45514 |
udp |
cloudcheck-ping |
not scanned |
IANA registered for: ASSIA CloudCheck WiFi Management keepalive |
| 45559 |
tcp |
trojan |
Premium scan |
Maniac rootkit trojan |
| 45631 |
tcp |
applications |
not scanned |
Air Video |
| 45632 |
tcp |
trojan |
Premium scan |
Little Witch trojan |
| 45672 |
tcp |
trojans |
Premium scan |
Backdoor.Delf.F [Symantec-2003-040117-4857-99] backdoor trojan that gives a hacker access to your computer. By default, it opens TCP ports 25226 and 45672. The existence of the file Svced.exe is an indication of a possible infection. |
| 45673 |
tcp |
trojans |
Premium scan |
Backdoor.Acropolis [Symantec-2001-021616-0142-99] remote access trojan, affects Windows, listens on TCP ports 32791, 45673. |
| 45678 |
tcp,udp |
eba |
not scanned |
EBA PRISE |
| 45682 |
tcp,udp |
applications |
not scanned |
pseudo-default uTorrent port |
| 45824 |
tcp |
dai-shell |
not scanned |
Server for the DAI family of client-server products [Data Access Inc] (IANA official) |
| 45836 |
tcp,udp |
worm |
not scanned |
W32.HLLW.Graps [Symantec-2003-070717-0814-99] - a network-aware worm with backdoor capabilities. By default, it opens port 45836 for listening. The worm copies itself to available network shares by connecting with weak passwords. |
| 45869 |
tcp |
hydrus |
not scanned |
Hydrus Network client API default port |
| 45966 |
tcp,udp |
ssr-servermgr |
not scanned |
SSRServerMgr |
| 46000 |
tcp,udp |
games |
not scanned |
Strike Fighters Project 1, developer: Third Wire |
| 46318 |
tcp |
applications |
not scanned |
Soft Circle French-Bread Melty Blood: Actress Again: Current Code through 1.07 Rev. 1.4.0 allows a remote attacker to execute arbitrary code on a client's machine via a crafted packet on TCP port 46318.
References: [CVE-2024-39704] |
| 46336 |
tcp |
inedo |
not scanned |
IANA registered for: Inedo agent communication |
| 46440 |
udp |
games |
not scanned |
Scrabble Complete |
| 46626 |
tcp |
trojan |
Premium scan |
Psychward [Symantec-2001-052208-1840-99] - trojan with backdoor capabilities. |
| 46631 |
tcp |
games |
not scanned |
Hedgewars game |
| 46666 |
tcp,udp |
trojan |
not scanned |
Taskman trojan |
| 46823 |
tcp |
applications |
not scanned |
Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server is enabled, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted 0x02 opcode to TCP port 46823.
References: [CVE-2011-0517], [BID-45813], [EDB-15992] |
| 46824 |
tcp |
applications |
not scanned |
Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or possibly have unspecified other impact via a port-46824 TCP packet with a crafted positive integer after the opcode.
References: [CVE-2012-4358] [SECUNIA-49395]
Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information.
References: [CVE-2012-3815] [BID-53811] [OSVDB-82654] [SECUNIA-49395] |
| 46882 |
tcp |
trojan |
Premium scan |
Psychward [Symantec-2001-052208-1840-99] - trojan with backdoor capabilities. |
| 46998 |
tcp |
sp-remotetablet |
not scanned |
Connection between a desktop computer or server and a signature tablet to capture handwritten signatures [SOFTPRO GmbH] (IANA official) |
| 47000 |
tcp,udp |
mbus |
not scanned |
Message Bus |
| 47001 |
tcp |
winrm |
not scanned |
Windows Remote Management Service |
| 47017 |
tcp |
trojan |
Premium scan |
T0rn Rootkit trojan |
| 47100 |
udp |
jvl-mactalk |
not scanned |
Configuration of motors connected to Industrial Ethernet [JVL_Industri_Elektronik] (IANA official) |
| 47141 |
tcp,udp |
applications |
not scanned |
Dartpro |
Shortcuts