Open NAT-PMP Report

This report identifies hosts that have the NAT Port Mapping Protocol (NAT-PMP) running and accessible on the Internet.

These services have the potential to expose information about a client’s network on which this service is accessible. Information on this vulnerability can be found here.

For more details behind the scan methodology and a daily update of global NAT-PMP scan statistics please visit our dedicated NAT-PMP scan page.

For more information on our scanning efforts, check out our Internet scanning summary page.

Fields

  • timestamp
    Time that the IP was probed in UTC+0
  • ip
    The IP address of the device in question
  • protocol
    Protocol that the NAT-PMP response came on (usually UDP)
  • port
    Port that the NAT-PMP response came from
  • hostname
    Reverse DNS name of the device in question
  • tag
    Will always be nat-pmp
  • asn
    ASN of where the device in question resides
  • geo
    Country where the device in question resides
  • region
    State / Province / Administrative region where the device in question resides
  • city
    City in which the device in question resides
  • naics
    North American Industry Classification System Code
  • sic
    Standard Industrial Classification System Code
  • version
    Version Code sent in response
  • opcode
    Operation Code sent in response
  • uptime
    Amount of time in seconds since the device was reset
  • external_ip
    The IPv4 address the device thinks is its external address

Sample

"timestamp","ip","protocol","port","hostname","tag","version","asn","geo","region","city","naics","sic","opcode","uptime","external_ip"
"2014-12-19 07:08:59","177.9.199.160","udp",5351,"177-9-199-160.dsl.telesp.net.br","nat-pmp",0,27699,"BR","SAO PAULO","LORENA",518210,737415,128,29730,"177.9.199.160"
"2014-12-19 07:08:59","94.254.3.170","udp",5351,"h-3-170.a322.priv.bahnhof.se","nat-pmp",0,8473,"SE","GAVLEBORGS LAN","GAVLE",0,0,128,8388607,"94.254.3.170"
"2014-12-19 07:08:59","186.134.58.172","udp",5351,"186-134-58-172.speedy.com.ar","nat-pmp",0,22927,"AR","BUENOS AIRES","CASTELAR",0,0,128,711477,"186.134.58.172"
"2014-12-19 07:08:59","117.68.107.157","udp",5351,,"nat-pmp",0,4134,"CN","ANHUI","HEFEI",0,0,128,8388607,"117.68.107.157"
"2014-12-19 07:08:59","189.50.111.239","udp",5351,,"nat-pmp",0,28668,"BR","SAO PAULO","JAU",0,0,128,1791235,"189.50.111.239"
"2014-12-19 07:08:59","186.106.128.38","udp",5351,"186-106-128-38.baf.movistar.cl","nat-pmp",0,7418,"CL","REGION METRO DE SANTIAGO","SANTIAGO",0,0,128,1294225,"186.106.128.38"
"2014-12-19 07:08:59","113.116.218.16","udp",5351,,"nat-pmp",0,4134,"CN","GUANGDONG","SHENZHEN",0,0,128,8388607,"113.116.218.16"

Our 80 Report Types

« Back to Network Reporting