IP address: 194.147.140.69

Host rating:

2.0

out of 19 votes

Last update: 2021-03-02

Host details

Unknown
Switzerland
Unknown
Unknown
See comments

Reported breaches

  • Port scan
Report breach

Whois record

The publicly-available Whois record found at whois.ripe.net server.

% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
%       To receive output for a database update, use the "-B" flag.

% Information related to '194.147.140.0 - 194.147.140.255'

% Abuse contact for '194.147.140.0 - 194.147.140.255' is '[email protected]'

inetnum:        194.147.140.0 - 194.147.140.255
abuse-c:        ACRO38251-RIPE
netname:        IR-PSM-20191122
descr:          Abuse email address: [email protected]
descr:          Alexsey Smirnov Organization name: NetworkingAnalysis
descr:          Street and house number: yl. Svobodi 7 Postal code: 15006 City: Yaroslavl Country: Russian Federation
descr:          Website: https://networkinganalysis.com Email address: [email protected]
descr:          Phone number: +79618078577
country:        SC
org:            ORG-LMIP1-RIPE
admin-c:        AS44897-RIPE
tech-c:         AS44897-RIPE
status:         ALLOCATED PA
mnt-by:         RIPE-NCC-HM-MNT
mnt-by:         DeDServer
created:        2019-11-22T14:29:08Z
last-modified:  2021-01-20T04:20:19Z
source:         RIPE

% Information related to '194.147.140.0/24AS202425'

route:          194.147.140.0/24
origin:         AS202425
mnt-by:         DeDServer
created:        2021-01-10T09:42:46Z
last-modified:  2021-01-10T09:42:46Z
source:         RIPE

% This query was served by the RIPE Database Query Service version 1.99 (WAGYU)


User comments

19 security incident(s) reported by users

BHD Honeypot
Port scan
2021-03-02

In the last 24h, the attacker (194.147.140.69) attempted to scan 7 ports.
The following ports have been scanned: 9090/tcp (WebSM), 22222/tcp, 6666/tcp, 4444/tcp (NV Video default), 9999/tcp (distinct).
      
BHD Honeypot
Port scan
2021-03-01

In the last 24h, the attacker (194.147.140.69) attempted to scan 13 ports.
The following ports have been scanned: 2222/tcp (EtherNet/IP I/O), 22222/tcp, 5555/tcp (Personal Agent), 7070/tcp (ARCP), 11111/tcp (Viral Computing Environment (VCE)), 5050/tcp (multimedia conference control tool), 55555/tcp, 7777/tcp (cbt), 8888/tcp (NewsEDGE server TCP (TCP 1)).
      
BHD Honeypot
Port scan
2021-02-28

Port scan from IP: 194.147.140.69 detected by psad.
BHD Honeypot
Port scan
2021-02-21

In the last 24h, the attacker (194.147.140.69) attempted to scan 15 ports.
The following ports have been scanned: 56581/tcp, 63272/tcp, 64518/tcp, 38689/tcp, 32343/tcp, 38601/tcp, 37935/tcp, 25172/tcp, 64519/tcp, 26294/tcp, 39886/tcp, 23452/tcp, 30368/tcp, 39476/tcp, 61734/tcp.
      
BHD Honeypot
Port scan
2021-02-20

In the last 24h, the attacker (194.147.140.69) attempted to scan 20 ports.
The following ports have been scanned: 39810/tcp, 44597/tcp, 35005/tcp, 24087/tcp, 10514/tcp, 55539/tcp, 61708/tcp, 14450/tcp, 23276/tcp, 34729/tcp, 16774/tcp, 61579/tcp, 17280/tcp, 61572/tcp, 24887/tcp, 43046/tcp, 11824/tcp, 8816/tcp, 58362/tcp, 13655/tcp.
      
BHD Honeypot
Port scan
2021-02-19

In the last 24h, the attacker (194.147.140.69) attempted to scan 41 ports.
The following ports have been scanned: 9941/tcp, 58504/tcp, 5858/tcp, 12743/tcp, 49266/tcp, 64562/tcp, 14195/tcp, 8801/tcp, 18551/tcp, 29381/tcp, 41646/tcp, 9001/tcp (ETL Service Manager), 37241/tcp, 41789/tcp, 47952/tcp, 47120/tcp, 54579/tcp, 48899/tcp, 59760/tcp, 10995/tcp, 39928/tcp, 45937/tcp, 33952/tcp, 51191/tcp, 24896/tcp, 40382/tcp, 42571/tcp, 51430/tcp, 11671/tcp, 41044/tcp, 29933/tcp, 38593/tcp, 30551/tcp, 51877/tcp, 25386/tcp, 25327/tcp, 45939/tcp, 11227/tcp, 32424/tcp, 46867/tcp.
      
BHD Honeypot
Port scan
2021-02-18

Port scan from IP: 194.147.140.69 detected by psad.
BHD Honeypot
Port scan
2021-02-16

In the last 24h, the attacker (194.147.140.69) attempted to scan 125 ports.
The following ports have been scanned: 5148/tcp, 8595/tcp, 6893/tcp, 9092/tcp (Xml-Ipc Server Reg), 5195/tcp, 9096/tcp, 7008/tcp (server-to-server updater), 6756/tcp, 8447/tcp, 7146/tcp, 6838/tcp, 5072/tcp (Anything In Anything), 5297/tcp, 5795/tcp, 5638/tcp, 5659/tcp, 5056/tcp (Intecom Pointspan 1), 9836/tcp, 8536/tcp, 9365/tcp, 5119/tcp, 6929/tcp, 6637/tcp, 9254/tcp, 6705/tcp, 6419/tcp (Simple VDR Protocol), 7974/tcp, 5655/tcp, 7545/tcp (FlowAnalyzer UtilityServer), 6920/tcp, 8650/tcp, 6066/tcp (EWCTSP), 9485/tcp, 8474/tcp (AquaMinds NoteShare), 5294/tcp, 8008/tcp (HTTP Alternate), 6180/tcp, 5924/tcp, 8559/tcp, 8108/tcp, 9225/tcp, 9372/tcp, 8154/tcp, 5422/tcp (Salient MUX), 7023/tcp (Comtech T2 NMCS), 8257/tcp, 7906/tcp, 9181/tcp, 9217/tcp (FSC Communication Port), 6058/tcp, 6492/tcp, 7306/tcp, 8956/tcp, 8772/tcp, 9346/tcp (C Tech Licensing), 6129/tcp, 6112/tcp (Desk-Top Sub-Process Control Daemon), 5449/tcp, 5070/tcp (VersaTrans Server Agent Service), 8403/tcp (admind), 6583/tcp (JOA Jewel Suite), 5707/tcp, 8793/tcp, 6916/tcp, 8614/tcp (Canon BJNP Port 4), 5680/tcp (Auriga Router Service), 9370/tcp, 6697/tcp, 6684/tcp, 7014/tcp (Microtalon Communications), 8514/tcp, 9272/tcp, 9902/tcp, 6834/tcp, 8109/tcp, 5963/tcp (Indy Application Server), 5053/tcp (RLM License Server), 9564/tcp, 5079/tcp, 7377/tcp, 5596/tcp, 5865/tcp, 9236/tcp, 5242/tcp, 6747/tcp, 9656/tcp, 5836/tcp, 6714/tcp (Internet Backplane Protocol), 9383/tcp, 8371/tcp, 9151/tcp, 6758/tcp, 5553/tcp (SGI Eventmond Port), 5660/tcp, 9745/tcp, 8029/tcp, 8914/tcp, 6019/tcp, 9291/tcp, 5742/tcp (IDA Discover Port 2), 8007/tcp, 7345/tcp, 7326/tcp, 5579/tcp (FleetDisplay Tracking Service), 8035/tcp, 8444/tcp (PCsync HTTP), 8306/tcp, 6307/tcp, 8296/tcp, 9781/tcp, 5499/tcp, 6433/tcp, 5135/tcp (ERP-Scale), 8498/tcp, 6142/tcp (Aspen Technology License Manager), 9449/tcp, 8426/tcp, 9249/tcp, 5647/tcp, 8709/tcp, 9334/tcp, 9099/tcp, 7746/tcp.
      
BHD Honeypot
Port scan
2021-02-15

In the last 24h, the attacker (194.147.140.69) attempted to scan 127 ports.
The following ports have been scanned: 6087/tcp (Local Download Sharing Service), 6928/tcp, 7633/tcp (PMDF Management), 8502/tcp, 8929/tcp, 6131/tcp, 8473/tcp (Virtual Point to Point), 6395/tcp, 6011/tcp, 9788/tcp, 9260/tcp, 8170/tcp, 7692/tcp, 8738/tcp, 6993/tcp, 6642/tcp, 5915/tcp, 5013/tcp (FileMaker, Inc. - Proprietary transport), 6275/tcp, 8690/tcp, 5258/tcp, 6373/tcp, 9382/tcp, 5613/tcp, 5968/tcp (mppolicy-v5), 9836/tcp, 6907/tcp, 9667/tcp (Cross-platform Music Multiplexing System), 9001/tcp (ETL Service Manager), 8457/tcp, 5281/tcp (Undo License Manager), 6291/tcp, 5083/tcp (Qpur File Protocol), 6705/tcp, 5409/tcp (Salient Data Server), 8090/tcp, 5371/tcp, 9317/tcp, 7121/tcp (Virtual Prototypes License Manager), 6231/tcp, 6180/tcp, 6616/tcp, 6414/tcp, 9237/tcp, 7436/tcp, 5956/tcp, 8597/tcp, 5093/tcp (Sentinel LM), 7176/tcp, 5011/tcp (TelepathAttack), 8183/tcp (ProRemote), 7251/tcp, 9430/tcp, 5740/tcp, 7212/tcp, 6235/tcp, 5394/tcp, 5782/tcp (3PAR Management Service), 9083/tcp (EMC PowerPath Mgmt Service), 7036/tcp, 9012/tcp, 5966/tcp, 7406/tcp, 5026/tcp (Storix I/O daemon (data)), 6909/tcp, 8647/tcp, 5240/tcp, 7459/tcp, 8614/tcp (Canon BJNP Port 4), 9665/tcp, 7564/tcp, 5298/tcp (XMPP Link-Local Messaging), 6498/tcp, 8347/tcp, 5799/tcp, 6684/tcp, 7199/tcp, 8319/tcp, 9224/tcp, 7429/tcp (OpenView DM rqt communication), 5767/tcp (OpenMail Suer Agent Layer (Secure)), 5609/tcp, 5709/tcp, 5600/tcp (Enterprise Security Manager), 7293/tcp, 6690/tcp, 8016/tcp, 5162/tcp (SNMP Notification over SSH Transport Model), 9472/tcp, 6429/tcp, 8928/tcp, 5045/tcp (Open Settlement Protocol), 6707/tcp, 5660/tcp, 6310/tcp, 8843/tcp, 6861/tcp, 6862/tcp, 7162/tcp (CA Storage Manager), 7381/tcp, 6963/tcp (swismgr1), 5239/tcp, 5535/tcp, 8209/tcp, 7718/tcp, 8670/tcp, 6307/tcp, 8775/tcp, 8293/tcp (Hiperscan Identification Service), 6219/tcp, 7637/tcp, 8997/tcp, 9559/tcp, 6294/tcp, 8022/tcp (oa-system), 9976/tcp, 5130/tcp, 8422/tcp, 6023/tcp.
      
BHD Honeypot
Port scan
2021-02-14

In the last 24h, the attacker (194.147.140.69) attempted to scan 115 ports.
The following ports have been scanned: 6087/tcp (Local Download Sharing Service), 6802/tcp, 5998/tcp, 6459/tcp, 9096/tcp, 9192/tcp, 8534/tcp, 5934/tcp, 6159/tcp (EFB Application Control Interface), 5678/tcp (Remote Replication Agent Connection), 6629/tcp, 6838/tcp, 8233/tcp, 8206/tcp (LM Dta), 5623/tcp, 6965/tcp (swistrap), 9161/tcp (apani2), 7579/tcp, 6006/tcp, 6561/tcp, 7610/tcp, 5083/tcp (Qpur File Protocol), 7974/tcp, 5254/tcp, 9485/tcp, 8592/tcp, 6003/tcp, 8367/tcp, 8694/tcp, 8261/tcp, 8389/tcp, 9697/tcp, 8492/tcp, 7246/tcp, 8183/tcp (ProRemote), 7915/tcp, 5187/tcp, 8298/tcp, 7130/tcp, 9346/tcp (C Tech Licensing), 6454/tcp, 8128/tcp (PayCash Online Protocol), 9055/tcp, 5026/tcp (Storix I/O daemon (data)), 8352/tcp, 8550/tcp, 8225/tcp, 5930/tcp, 7737/tcp, 8565/tcp, 7156/tcp, 6478/tcp, 7199/tcp, 7143/tcp, 5543/tcp, 6074/tcp (Microsoft Max), 8460/tcp, 8582/tcp, 9867/tcp, 7806/tcp, 6365/tcp, 8652/tcp, 7536/tcp, 7527/tcp, 9035/tcp, 5600/tcp (Enterprise Security Manager), 9236/tcp, 9958/tcp, 7798/tcp (Propel Encoder port), 6883/tcp, 5375/tcp, 7822/tcp, 6953/tcp, 7230/tcp, 7020/tcp (DP Serve), 9246/tcp, 5024/tcp (SCPI-TELNET), 7114/tcp, 6127/tcp, 6971/tcp, 5987/tcp (WBEM RMI), 9641/tcp, 7290/tcp, 7185/tcp, 9182/tcp, 6297/tcp, 9278/tcp (Pegasus GPS Platform), 8035/tcp, 8077/tcp, 9465/tcp, 9969/tcp, 6099/tcp (RAXA Management), 5456/tcp (APC 5456), 8620/tcp, 9678/tcp, 8242/tcp, 5186/tcp, 7410/tcp (Ionix Network Monitor), 7142/tcp, 5214/tcp, 8601/tcp, 7637/tcp, 5284/tcp, 6256/tcp, 7703/tcp, 7006/tcp (error interpretation service), 9242/tcp, 6140/tcp (Pulsonix Network License Service), 6210/tcp, 6023/tcp, 6906/tcp.
      
BHD Honeypot
Port scan
2021-02-13

In the last 24h, the attacker (194.147.140.69) attempted to scan 125 ports.
The following ports have been scanned: 5513/tcp, 9268/tcp, 6843/tcp, 7468/tcp, 6826/tcp, 8855/tcp, 8500/tcp (Flight Message Transfer Protocol), 7532/tcp, 7092/tcp, 5808/tcp, 6275/tcp, 9440/tcp, 9520/tcp, 7046/tcp, 8206/tcp (LM Dta), 5902/tcp, 7629/tcp (OpenXDAS Wire Protocol), 8377/tcp (Cruise SWROUTE), 6341/tcp, 7319/tcp, 7793/tcp, 9796/tcp, 9945/tcp, 9871/tcp, 8878/tcp, 7922/tcp, 6830/tcp, 8588/tcp, 9081/tcp, 6042/tcp, 5732/tcp, 9509/tcp, 5590/tcp, 9690/tcp, 7481/tcp, 7236/tcp, 7847/tcp, 7101/tcp (Embedded Light Control Network), 7852/tcp, 9942/tcp, 6460/tcp, 6555/tcp, 9518/tcp, 8464/tcp, 8246/tcp, 5526/tcp, 8409/tcp, 9351/tcp, 9962/tcp, 8834/tcp, 8479/tcp, 7863/tcp, 9439/tcp, 6422/tcp, 9703/tcp, 5006/tcp (wsm server), 9464/tcp, 9851/tcp, 5511/tcp, 8665/tcp, 6919/tcp, 7648/tcp (bonjour-cuseeme), 8219/tcp, 8003/tcp (Mulberry Connect Reporting Service), 9586/tcp, 8288/tcp, 8537/tcp, 6916/tcp, 7459/tcp, 9178/tcp, 8682/tcp, 7050/tcp, 6514/tcp (Syslog over TLS), 5256/tcp, 8066/tcp, 7116/tcp, 6542/tcp, 7902/tcp (TNOS shell Protocol), 7682/tcp, 7806/tcp, 7627/tcp (SOAP Service Port), 9168/tcp, 7536/tcp, 9323/tcp, 9233/tcp, 5566/tcp (Westec Connect), 7767/tcp, 8390/tcp, 7774/tcp, 9956/tcp, 6201/tcp, 9420/tcp, 6197/tcp, 5805/tcp, 9864/tcp, 6220/tcp, 8547/tcp, 5768/tcp (OpenMail CMTS Server), 9278/tcp (Pegasus GPS Platform), 7477/tcp, 5846/tcp, 9452/tcp, 8827/tcp, 7191/tcp, 6283/tcp, 7055/tcp, 8602/tcp, 9226/tcp, 7451/tcp, 8610/tcp (Canon MFNP Service), 8469/tcp, 9731/tcp, 9028/tcp, 7374/tcp, 7233/tcp, 8022/tcp (oa-system), 8501/tcp, 7948/tcp, 6324/tcp.
      
BHD Honeypot
Port scan
2021-02-12

In the last 24h, the attacker (194.147.140.69) attempted to scan 116 ports.
The following ports have been scanned: 6987/tcp, 9720/tcp, 8785/tcp, 5891/tcp, 5201/tcp (TARGUS GetData 1), 7678/tcp, 9900/tcp (IUA), 5933/tcp, 5282/tcp (Marimba Transmitter Port), 7734/tcp (Smith Protocol over IP), 9617/tcp (eRunbook Server), 5976/tcp, 9443/tcp (WSO2 Tungsten HTTPS), 8988/tcp, 9696/tcp, 9409/tcp, 6773/tcp, 7629/tcp (OpenXDAS Wire Protocol), 9695/tcp (Content Centric Networking), 7795/tcp, 6354/tcp, 6649/tcp, 7730/tcp, 7053/tcp, 6539/tcp, 6072/tcp (DIAGNOSE-PROC), 7464/tcp, 7545/tcp (FlowAnalyzer UtilityServer), 8971/tcp, 5590/tcp, 6580/tcp (Parsec Masterserver), 5210/tcp, 7236/tcp, 8849/tcp, 5843/tcp, 9648/tcp, 6367/tcp, 5946/tcp, 8108/tcp, 9627/tcp, 9333/tcp, 8089/tcp, 9887/tcp, 6727/tcp, 9605/tcp, 6622/tcp (Multicast FTP), 7368/tcp, 9464/tcp, 8394/tcp, 7446/tcp, 6811/tcp, 9213/tcp (ServerStart RemoteControl [August 2005]), 8424/tcp, 6738/tcp, 7743/tcp (Sakura Script Transfer Protocol), 7765/tcp, 7851/tcp, 7409/tcp, 8174/tcp, 7670/tcp, 7371/tcp, 9682/tcp, 6683/tcp, 5558/tcp, 9314/tcp, 8840/tcp, 9744/tcp, 5982/tcp, 7300/tcp (-7359   The Swiss Exchange), 7886/tcp, 7660/tcp, 8368/tcp, 8798/tcp, 8164/tcp, 7563/tcp, 6391/tcp, 7873/tcp, 8271/tcp, 5272/tcp (PK), 7789/tcp (Office Tools Pro Receive), 8920/tcp, 9864/tcp, 8229/tcp, 9456/tcp, 8875/tcp, 7864/tcp, 9809/tcp, 5217/tcp, 9223/tcp, 8811/tcp, 5581/tcp (T-Mobile SMS Protocol Message 1), 8421/tcp, 7037/tcp, 6723/tcp, 6581/tcp (Parsec Peer-to-Peer), 7883/tcp, 9604/tcp, 5456/tcp (APC 5456), 7797/tcp (Propel Connector port), 7831/tcp, 8505/tcp, 9241/tcp, 8879/tcp, 8469/tcp, 8895/tcp, 9786/tcp, 8599/tcp, 8302/tcp, 9191/tcp (Sun AppSvr JPDA), 9498/tcp, 9772/tcp, 7578/tcp, 7075/tcp, 7589/tcp.
      
BHD Honeypot
Port scan
2021-02-11

In the last 24h, the attacker (194.147.140.69) attempted to scan 60 ports.
The following ports have been scanned: 6739/tcp, 9384/tcp, 8660/tcp, 5951/tcp, 8785/tcp, 8853/tcp, 6754/tcp, 8862/tcp, 9443/tcp (WSO2 Tungsten HTTPS), 6891/tcp, 6169/tcp, 5571/tcp, 9409/tcp, 7647/tcp, 8205/tcp (LM Instmgr), 7605/tcp, 8737/tcp, 8669/tcp, 7675/tcp (iMQ Tunnel), 5254/tcp, 5590/tcp, 9894/tcp, 6046/tcp, 6255/tcp, 5883/tcp, 7742/tcp (Mugginsoft Script Server Service), 8805/tcp, 8076/tcp, 6114/tcp (WRspice IPC Service), 5713/tcp (proshare conf audio), 5149/tcp, 6738/tcp, 8756/tcp, 5236/tcp (padl2sim), 7508/tcp, 9390/tcp (OpenVAS Transfer Protocol), 7550/tcp, 9920/tcp, 7129/tcp (Catalog Content Search), 8338/tcp, 5227/tcp (HP System Performance Metric Service), 7715/tcp, 7777/tcp (cbt), 7354/tcp, 5768/tcp (OpenMail CMTS Server), 5577/tcp, 5864/tcp, 8605/tcp, 9579/tcp, 8518/tcp, 6165/tcp, 5113/tcp, 5380/tcp, 9191/tcp (Sun AppSvr JPDA), 6217/tcp, 6725/tcp, 8766/tcp, 6594/tcp.
      
BHD Honeypot
Port scan
2021-02-11

Port scan from IP: 194.147.140.69 detected by psad.
BHD Honeypot
Port scan
2021-02-06

In the last 24h, the attacker (194.147.140.69) attempted to scan 98 ports.
The following ports have been scanned: 7333/tcp, 7178/tcp, 6863/tcp, 7046/tcp, 7470/tcp, 6832/tcp, 6686/tcp, 7126/tcp, 7397/tcp (Hexarc Command Language), 6884/tcp, 7219/tcp, 7070/tcp (ARCP), 6801/tcp (ACNET Control System Protocol), 6955/tcp, 7424/tcp, 7369/tcp, 7365/tcp (LifeKeeper Communications), 7110/tcp, 7285/tcp, 6930/tcp, 7236/tcp, 6939/tcp, 6604/tcp, 6902/tcp, 6727/tcp, 6685/tcp, 6620/tcp (Kerberos V5 FTP Data), 6622/tcp (Multicast FTP), 7421/tcp (Matisse Port Monitor), 6943/tcp, 7280/tcp (ITACTIONSERVER 1), 7271/tcp, 6711/tcp, 7084/tcp, 7403/tcp, 6654/tcp, 6749/tcp, 6633/tcp, 6992/tcp, 6612/tcp, 7396/tcp, 7485/tcp, 7449/tcp, 6973/tcp, 6692/tcp, 7134/tcp, 6994/tcp, 6638/tcp, 7347/tcp, 6899/tcp, 6814/tcp, 6709/tcp, 7341/tcp, 6656/tcp (Emergency Message Control Service), 6609/tcp, 7201/tcp (DLIP), 6844/tcp, 7166/tcp (Aruba eDiscovery Server), 6676/tcp, 6641/tcp, 6945/tcp, 6715/tcp (Fibotrader Communications), 7453/tcp, 6839/tcp, 6707/tcp, 7262/tcp (Calypso Network Access Protocol), 6611/tcp, 6866/tcp, 7398/tcp, 6699/tcp, 7376/tcp, 7345/tcp, 7268/tcp, 7028/tcp, 6892/tcp, 6980/tcp, 7451/tcp, 7410/tcp (Ionix Network Monitor), 7142/tcp, 7457/tcp, 6661/tcp, 6937/tcp, 6966/tcp (swispol), 7286/tcp, 7378/tcp, 6678/tcp, 7152/tcp, 7010/tcp (onlinet uninterruptable power supplies), 7040/tcp, 7486/tcp, 6976/tcp, 6718/tcp.
      
BHD Honeypot
Port scan
2021-02-05

In the last 24h, the attacker (194.147.140.69) attempted to scan 122 ports.
The following ports have been scanned: 7254/tcp, 6689/tcp (Tofino Security Appliance), 6928/tcp, 7128/tcp (intelligent data manager), 7210/tcp, 7004/tcp (AFS/Kerberos authentication service), 6669/tcp, 7092/tcp, 7470/tcp, 7056/tcp, 6627/tcp (Allied Electronics NeXGen), 7112/tcp, 6848/tcp, 6640/tcp, 7074/tcp, 7190/tcp, 7281/tcp (ITACTIONSERVER 2), 6912/tcp, 7167/tcp (CA SRM Agent), 7240/tcp, 7491/tcp (telops-lmd), 7474/tcp, 7414/tcp, 6660/tcp, 6751/tcp, 7110/tcp, 7422/tcp, 7402/tcp (RTPS Data-Distribution Meta-Traffic), 7298/tcp, 7436/tcp, 7089/tcp, 6677/tcp, 6828/tcp, 6615/tcp, 6942/tcp, 6685/tcp, 7322/tcp, 7500/tcp (Silhouette User), 7431/tcp (OpenView DM ovc/xmpv3 api pipe), 7130/tcp, 6898/tcp, 6745/tcp, 7036/tcp, 7338/tcp, 6881/tcp, 7367/tcp, 7371/tcp, 7382/tcp, 7250/tcp, 7024/tcp (Vormetric service), 6765/tcp, 6857/tcp, 7294/tcp, 6794/tcp, 7267/tcp, 7257/tcp, 7198/tcp, 6709/tcp, 7429/tcp (OpenView DM rqt communication), 7143/tcp, 7490/tcp, 7196/tcp, 6872/tcp, 6845/tcp, 7042/tcp, 7329/tcp, 7180/tcp, 7384/tcp, 6870/tcp, 7017/tcp, 6874/tcp, 6835/tcp, 7095/tcp, 6813/tcp, 7334/tcp, 6839/tcp, 7012/tcp (Talon Engine), 6953/tcp, 6746/tcp, 6790/tcp (HNMP), 7022/tcp (CT Discovery Protocol), 6851/tcp, 6803/tcp, 7148/tcp, 7232/tcp, 7262/tcp (Calypso Network Access Protocol), 6639/tcp, 7209/tcp, 6614/tcp, 7242/tcp, 6651/tcp, 7108/tcp, 7477/tcp, 7214/tcp, 7041/tcp, 6868/tcp (Acctopus Command Channel), 7434/tcp, 7489/tcp, 7140/tcp, 7096/tcp, 7451/tcp, 7498/tcp, 7071/tcp (IWGADTS Aircraft Housekeeping Message), 7493/tcp, 7226/tcp, 7385/tcp, 7161/tcp (CA BSM Comm), 6833/tcp, 7233/tcp, 6608/tcp, 6713/tcp, 7010/tcp (onlinet uninterruptable power supplies), 7486/tcp, 7098/tcp, 6740/tcp, 6718/tcp.
      
BHD Honeypot
Port scan
2021-02-04

In the last 24h, the attacker (194.147.140.69) attempted to scan 67 ports.
The following ports have been scanned: 7169/tcp (Consequor Consulting Process Integration Bridge), 6886/tcp, 7277/tcp (OMA Internal Location Secure Protocol), 6990/tcp, 7295/tcp, 6601/tcp (Microsoft Threat Management Gateway SSTP), 7433/tcp, 6809/tcp, 6849/tcp, 6904/tcp, 7032/tcp, 6759/tcp, 7411/tcp, 7126/tcp, 6922/tcp, 6911/tcp, 7481/tcp, 7278/tcp (OMA Dynamic Content Delivery over CBS), 6615/tcp, 7247/tcp, 7324/tcp, 7391/tcp (mind-file system server), 6792/tcp, 6898/tcp, 7036/tcp, 7404/tcp, 6612/tcp, 6888/tcp (MUSE), 7439/tcp, 6913/tcp, 6916/tcp, 7025/tcp (Vormetric Service II), 7400/tcp (RTPS Discovery), 7412/tcp, 6865/tcp, 6834/tcp, 6854/tcp, 7471/tcp, 7341/tcp, 7002/tcp (users & groups database), 7085/tcp, 7201/tcp (DLIP), 7377/tcp, 7473/tcp (Rise: The Vieneo Province), 6918/tcp, 7252/tcp, 6777/tcp, 7488/tcp, 7012/tcp (Talon Engine), 6643/tcp, 7243/tcp, 6783/tcp, 6851/tcp, 7020/tcp (DP Serve), 6862/tcp, 6653/tcp, 7228/tcp, 7416/tcp, 7425/tcp, 6856/tcp, 6608/tcp, 7234/tcp, 6657/tcp, 7487/tcp.
      
BHD Honeypot
Port scan
2021-02-03

In the last 24h, the attacker (194.147.140.69) attempted to scan 142 ports.
The following ports have been scanned: 7344/tcp, 6804/tcp, 7093/tcp, 6826/tcp, 6886/tcp, 6730/tcp, 7081/tcp, 7370/tcp, 6993/tcp, 6687/tcp (CleverView for cTrace Message Service), 6820/tcp, 6754/tcp, 7088/tcp, 6877/tcp, 6781/tcp, 6610/tcp, 7427/tcp (OpenView DM Event Agent Manager), 6774/tcp, 6986/tcp, 7401/tcp (RTPS Data-Distribution User-Traffic), 6799/tcp, 7478/tcp, 6773/tcp, 7363/tcp, 6848/tcp, 6706/tcp, 7352/tcp, 6619/tcp (ODETTE-FTP over TLS/SSL), 7411/tcp, 7397/tcp (Hexarc Command Language), 6666/tcp, 7061/tcp, 7070/tcp (ARCP), 7424/tcp, 7369/tcp, 6750/tcp, 6967/tcp, 6674/tcp, 7241/tcp, 7373/tcp, 7278/tcp (OMA Dynamic Content Delivery over CBS), 6880/tcp, 6677/tcp, 6828/tcp, 6968/tcp, 7394/tcp (File system export of backup images), 7312/tcp, 6821/tcp, 7360/tcp, 6700/tcp, 7324/tcp, 7421/tcp (Matisse Port Monitor), 7435/tcp, 7391/tcp (mind-file system server), 6890/tcp, 7392/tcp (mrss-rendezvous server), 7147/tcp, 7306/tcp, 6919/tcp, 6811/tcp, 7260/tcp, 6933/tcp, 6895/tcp, 6932/tcp, 7389/tcp, 6738/tcp, 6805/tcp, 6768/tcp (BMC PERFORM MGRD), 7127/tcp, 7388/tcp, 7179/tcp, 6831/tcp (ambit-lm), 7383/tcp, 7177/tcp, 6997/tcp (Mobility XE Protocol), 7442/tcp, 6814/tcp, 6772/tcp, 7348/tcp, 6908/tcp, 7472/tcp, 6665/tcp (-6669/udp  IRCU), 7252/tcp, 7211/tcp, 7166/tcp (Aruba eDiscovery Server), 6645/tcp, 6836/tcp, 7258/tcp, 7461/tcp, 6714/tcp (Internet Backplane Protocol), 7223/tcp, 7095/tcp, 7334/tcp, 7170/tcp (Adaptive Name/Service Resolution), 7145/tcp, 7062/tcp, 7243/tcp, 6950/tcp, 6915/tcp, 6775/tcp, 6779/tcp, 7049/tcp, 6607/tcp, 6807/tcp, 7205/tcp, 6682/tcp, 6866/tcp, 7398/tcp, 7162/tcp (CA Storage Manager), 7477/tcp, 7434/tcp, 7220/tcp, 7259/tcp, 7045/tcp, 6732/tcp, 6957/tcp, 6688/tcp (CleverView for TCP/IP Message Service), 6850/tcp (ICCRUSHMORE), 7425/tcp, 6903/tcp, 7317/tcp, 7181/tcp, 6658/tcp, 6867/tcp, 6937/tcp, 7193/tcp, 6921/tcp, 7437/tcp (Faximum), 6718/tcp, 6906/tcp.
      
BHD Honeypot
Port scan
2021-02-02

Port scan from IP: 194.147.140.69 detected by psad.

Blacklist

Near real-time, easy to use data feed containing IPs reported on our website.

Bronze

$3

Updated daily

Learn More

Silver

$15

Updated every hour

Learn More

Gold

$30

Updated every 10 minutes

Learn More

Remarks

Black hat directory contains this IP address, because Internet users reported it as an address making unsolicited, nagging requests. We make every effort to ensure that the information contained in the Black hat directory are correct and up to date. The database is developed and updated by Internet users and moderators.

If you have any reliable information regarding malicious activity originating from this IP address, please share it with others and fill in the 'Report breach' form. It is prohibited from adding personally identifiable information.

Below breach categories are used in the database:

  • Denial of service attack - this attack is accomplished by flooding the target with massive amount of requests in order to overload the targeted system
  • Brute force attack - this category encompasses attempts to login to machine by trying many passwords and usernames
  • Backdoor attack - this category represents bypassing authentication by hidden programs or services to obtain remote access to a computer or trojan activity
  • Port scan - represents attackers identifying running services on the targeted machine by probing a server for open ports
  • Malicious bot - this category encompasses all bots performing unsolicited requests or ignoring robots.txt file
  • Anonymous proxy - public proxies like Tor, I2P relays or anonymous VPNs are often used by attacker to hide his identity
  • Web attack - attempts to exploit web application security flaws
  • CMS attack - attempts to exploit CMS vulnerability
  • App vulnerability attack - attempts to exploit other applications vulnerability
  • Web spam - encompasses all kind of HTTP spamming
  • Email spam - encompasses all kind of E-mail spamming
  • Dodgy activity - this category encompasses superfluous, dodgy requests

Emerging threats

The most commonly reported IP addresses in the last 24 hours

Report breach!

Rate host 194.147.140.69