IP address: 103.139.45.129

Host rating:

2.0

out of 12 votes

Last update: 2020-09-16

Host details

Unknown
Vietnam
Unknown
Unknown
See comments

Reported breaches

  • Port scan
Report breach

Whois record

The publicly-available Whois record found at whois.apnic.net server.

% [whois.apnic.net]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

% Information related to '103.139.44.0 - 103.139.45.255'

% Abuse contact for '103.139.44.0 - 103.139.45.255' is '[email protected]'

inetnum:        103.139.44.0 - 103.139.45.255
netname:        THNET-VN
descr:          Trung Hieu Services Trading Investment Company Limited
descr:          Xa Mac, Lien Mac, Me Linh, Hanoi
admin-c:        NNA35-AP
tech-c:         NDM12-AP
country:        VN
mnt-by:         MAINT-VN-VNNIC
mnt-irt:        IRT-VNNIC-AP
mnt-routes:     MAINT-VN-VNNIC
status:         ASSIGNED PORTABLE
last-modified:  2019-05-14T09:10:43Z
source:         APNIC

irt:            IRT-VNNIC-AP
address:        Ha Noi, VietNam
phone:          +84-24-35564944
fax-no:         +84-24-37821462
e-mail:         [email protected]
abuse-mailbox:  [email protected]
admin-c:        NTTT1-AP
tech-c:         NTTT1-AP
auth:           # Filtered
mnt-by:         MAINT-VN-VNNIC
last-modified:  2017-11-08T09:40:06Z
source:         APNIC

person:         Nguyen Duc Manh
address:        THNET-VN
country:        VN
phone:          +84-0398129166
e-mail:         [email protected]
nic-hdl:        NDM12-AP
mnt-by:         MAINT-VN-VNNIC
last-modified:  2019-08-05T08:19:30Z
source:         APNIC

person:         Nguyen Ngoc An
address:        THNET-VN
country:        VN
phone:          +84-0971686999
e-mail:         [email protected]
nic-hdl:        NNA35-AP
mnt-by:         MAINT-VN-VNNIC
last-modified:  2019-05-14T08:52:37Z
source:         APNIC

% Information related to '103.139.44.0/23AS135905'

route:          103.139.44.0/23
descr:          Trung Hieu Services Trading Investment Company Limited
descr:          Trung Hieu Services Trading Investment Company Limited
notify:         [email protected]
origin:         AS135905
mnt-by:         MAINT-VN-VNNIC
last-modified:  2019-05-21T09:56:11Z
source:         APNIC

% This query was served by the APNIC Whois Service version 1.88.15-SNAPSHOT (WHOIS-US3)


User comments

12 security incident(s) reported by users

BHD Honeypot
Port scan
2020-09-16

In the last 24h, the attacker (103.139.45.129) attempted to scan 15 ports.
The following ports have been scanned: 32289/tcp, 5176/tcp, 4200/tcp (-4299  VRML Multi User Systems), 6498/tcp, 2879/tcp (ucentric-ds), 6818/tcp, 11400/tcp, 4004/tcp (pxc-roid), 33930/tcp, 3704/tcp (Adobe Server 4), 3102/tcp (SoftlinK Slave Mon Port), 24313/tcp, 7071/tcp (IWGADTS Aircraft Housekeeping Message), 33387/tcp, 1503/tcp (Databeam).
      
BHD Honeypot
Port scan
2020-09-15

In the last 24h, the attacker (103.139.45.129) attempted to scan 41 ports.
The following ports have been scanned: 32289/tcp, 65001/tcp, 7788/tcp, 121/tcp (Encore Expedited Remote Pro.Call), 3918/tcp (PacketCableMultimediaCOPS), 4888/tcp, 1004/tcp, 49846/tcp, 4001/tcp (NewOak), 25052/tcp, 4153/tcp (MBL Remote Battery Monitoring), 50505/tcp, 4000/tcp (Terabase), 3372/tcp (TIP 2), 11333/tcp, 4904/tcp, 20139/tcp, 20004/tcp, 3451/tcp (ASAM Services), 4550/tcp (Perman I Interbase Server), 4111/tcp (Xgrid), 4080/tcp (Lorica inside facing), 3634/tcp (hNTSP Library Manager), 2759/tcp (APOLLO GMS), 6465/tcp, 3553/tcp (Red Box Recorder ADP), 3340/tcp (OMF data m), 65294/tcp, 5443/tcp (Pearson HTTPS), 3418/tcp (Remote nmap), 31015/tcp, 52001/tcp, 3839/tcp (AMX Resource Management Suite), 8484/tcp, 33839/tcp, 3999/tcp (Norman distributes scanning service), 3610/tcp (ECHONET), 4490/tcp, 3500/tcp (RTMP Port).
      
BHD Honeypot
Port scan
2020-09-14

In the last 24h, the attacker (103.139.45.129) attempted to scan 51 ports.
The following ports have been scanned: 64883/tcp, 10010/tcp (ooRexx rxapi services), 8088/tcp (Radan HTTP), 555/tcp (dsf), 9009/tcp (Pichat Server), 33860/tcp, 1099/tcp (RMI Registry), 63318/tcp, 82/tcp (XFER Utility), 3693/tcp, 63388/tcp, 4426/tcp (SMARTS Beacon Port), 4001/tcp (NewOak), 4315/tcp, 1990/tcp (cisco STUN Priority 1 port), 11000/tcp (IRISA), 15015/tcp, 33966/tcp, 49158/tcp, 3111/tcp (Web Synchronous Services), 3037/tcp (HP SAN Mgmt), 3483/tcp (Slim Devices Protocol), 6464/tcp, 3310/tcp (Dyna Access), 5001/tcp (commplex-link), 2250/tcp (remote-collab), 55955/tcp, 33895/tcp, 65112/tcp, 3579/tcp (Tarantella Load Balancing), 1070/tcp (GMRUpdateSERV), 4080/tcp (Lorica inside facing), 156/tcp (SQL Service), 8002/tcp (Teradata ORDBMS), 8887/tcp, 195/tcp (DNSIX Network Level Module Audit), 3355/tcp (Ordinox Dbase), 33089/tcp, 8889/tcp (Desktop Data TCP 1), 59338/tcp, 1025/tcp (network blackjack), 6389/tcp (clariion-evr01), 64321/tcp, 9698/tcp, 50010/tcp, 4490/tcp, 8501/tcp, 5586/tcp, 9950/tcp (APC 9950), 44844/tcp.
      
BHD Honeypot
Port scan
2020-09-13

In the last 24h, the attacker (103.139.45.129) attempted to scan 56 ports.
The following ports have been scanned: 103/tcp (Genesis Point-to-Point Trans Net), 555/tcp (dsf), 50043/tcp, 65001/tcp, 9982/tcp, 63391/tcp, 6113/tcp (Daylite Server), 9392/tcp, 3356/tcp (UPNOTIFYPS), 10050/tcp (Zabbix Agent), 5392/tcp, 10701/tcp, 2382/tcp (Microsoft OLAP), 63000/tcp, 8745/tcp, 62000/tcp, 4708/tcp, 14141/tcp (VCS Application), 1929/tcp (Bandwiz System - Server), 4022/tcp (DNOX), 11000/tcp (IRISA), 6515/tcp (Elipse RPC Protocol), 33200/tcp, 33909/tcp, 2017/tcp (cypress-stat), 10389/tcp, 4433/tcp, 8686/tcp (Sun App Server - JMX/RMI), 9983/tcp, 4789/tcp, 22111/tcp, 2890/tcp (CSPCLMULTI), 9902/tcp, 3353/tcp (FATPIPE), 3888/tcp (Ciphire Services), 30003/tcp, 3313/tcp (Unify Object Broker), 2768/tcp (UACS), 2424/tcp (KOFAX-SVR), 55666/tcp, 7777/tcp (cbt), 4902/tcp (magicCONROL RF and Data Interface), 6611/tcp, 1944/tcp (close-combat), 8484/tcp, 4801/tcp (Icona Web Embedded Chat), 2020/tcp (xinupageserver), 7878/tcp, 4499/tcp, 2605/tcp (NSC POSA), 9999/tcp (distinct), 44144/tcp, 5523/tcp, 4050/tcp (Wide Area File Services).
      
BHD Honeypot
Port scan
2020-09-12

In the last 24h, the attacker (103.139.45.129) attempted to scan 5 ports.
The following ports have been scanned: 6878/tcp, 9986/tcp, 2050/tcp (Avaya EMB Config Port), 62858/tcp, 2706/tcp (NCD Mirroring).
      
BHD Honeypot
Port scan
2020-09-12

Port scan from IP: 103.139.45.129 detected by psad.
BHD Honeypot
Port scan
2020-08-14

In the last 24h, the attacker (103.139.45.129) attempted to scan 72 ports.
The following ports have been scanned: 1433/tcp (Microsoft-SQL-Server), 2525/tcp (MS V-Worlds), 8560/tcp, 3678/tcp (DataGuardianLT), 3368/tcp, 555/tcp (dsf), 5062/tcp (Localisation access), 1000/tcp (cadlock2), 7676/tcp (iMQ Broker Rendezvous), 32289/tcp, 65533/tcp, 3390/tcp (Distributed Service Coordinator), 40500/tcp, 9986/tcp, 20001/tcp (MicroSAN), 4237/tcp, 2379/tcp, 9995/tcp (Palace-4), 4469/tcp, 5706/tcp, 7089/tcp, 4531/tcp, 4153/tcp (MBL Remote Battery Monitoring), 7820/tcp, 11111/tcp (Viral Computing Environment (VCE)), 223/tcp (Certificate Distribution Center), 49158/tcp, 3212/tcp (Survey Instrument), 62858/tcp, 11333/tcp, 33/tcp (Display Support Protocol), 53053/tcp, 12300/tcp (LinoGrid Engine), 8052/tcp (Senomix Timesheets Server), 8128/tcp (PayCash Online Protocol), 33898/tcp, 41236/tcp, 22111/tcp, 2879/tcp (ucentric-ds), 8300/tcp (Transport Management Interface), 7275/tcp (OMA UserPlane Location), 2521/tcp (Adaptec Manager), 3331/tcp (MCS Messaging), 6690/tcp, 10555/tcp, 8390/tcp, 1980/tcp (PearlDoc XACT), 2424/tcp (KOFAX-SVR), 24442/tcp, 33500/tcp, 1289/tcp (JWalkServer), 4389/tcp (Xandros Community Management Service), 33897/tcp, 5640/tcp, 45454/tcp, 1314/tcp (Photoscript Distributed Printing System), 33998/tcp, 3838/tcp (Scito Object Server), 2108/tcp (Comcam), 8999/tcp (Brodos Crypto Trade Protocol), 8105/tcp, 3342/tcp (WebTIE), 6732/tcp, 33333/tcp (Digital Gaslight Service), 5506/tcp (Amcom Mobile Connect), 58787/tcp, 8501/tcp, 9981/tcp, 5586/tcp.
      
BHD Honeypot
Port scan
2020-08-13

In the last 24h, the attacker (103.139.45.129) attempted to scan 164 ports.
The following ports have been scanned: 6381/tcp, 30080/tcp, 6001/tcp, 54549/tcp, 555/tcp (dsf), 1154/tcp (Community Service), 31089/tcp, 2012/tcp (ttyinfo), 1000/tcp (cadlock2), 7676/tcp (iMQ Broker Rendezvous), 33896/tcp, 9900/tcp (IUA), 9000/tcp (CSlistener), 65533/tcp, 65001/tcp, 3390/tcp (Distributed Service Coordinator), 9696/tcp, 10270/tcp, 4002/tcp (pxc-spvr-ft), 51115/tcp, 5509/tcp, 33912/tcp, 3377/tcp (Cogsys Network License Manager), 5150/tcp (Ascend Tunnel Management Protocol), 5392/tcp, 9289/tcp, 10021/tcp, 23918/tcp, 11112/tcp (DICOM), 10059/tcp, 9001/tcp (ETL Service Manager), 20289/tcp, 3141/tcp (VMODEM), 4727/tcp (F-Link Client Information Service), 4455/tcp (PR Chat User), 6666/tcp, 4888/tcp, 3906/tcp (TopoVista elevation data), 55855/tcp, 8765/tcp (Ultraseek HTTP), 40300/tcp, 10103/tcp (eZrelay), 4469/tcp, 65401/tcp, 44544/tcp, 4001/tcp (NewOak), 10044/tcp, 30389/tcp, 3931/tcp (MSR Plugin Port), 10201/tcp (Remote Server Management Service), 8443/tcp (PCsync HTTPS), 9989/tcp, 1037/tcp (AMS), 1990/tcp (cisco STUN Priority 1 port), 4901/tcp (FileLocator Remote Search Agent), 10020/tcp, 9352/tcp, 390/tcp (UIS), 20022/tcp, 4102/tcp (Braille protocol), 60002/tcp, 8800/tcp (Sun Web Server Admin Service), 3384/tcp (Cluster Management Services), 33918/tcp, 5050/tcp (multimedia conference control tool), 3675/tcp (CallTrax Data Port), 33000/tcp, 43390/tcp, 33890/tcp, 3392/tcp (EFI License Management), 56001/tcp, 29000/tcp, 7388/tcp, 65112/tcp, 3351/tcp (Btrieve port), 8686/tcp (Sun App Server - JMX/RMI), 1076/tcp (DAB STI-C), 9983/tcp, 40113/tcp, 6569/tcp, 3450/tcp (CAStorProxy), 9889/tcp (Port for Cable network related data proxy or repeater), 8002/tcp (Teradata ORDBMS), 2759/tcp (APOLLO GMS), 5566/tcp (Westec Connect), 2139/tcp (IAS-AUTH), 24389/tcp, 3331/tcp (MCS Messaging), 65294/tcp, 2388/tcp (MYNAH AutoStart), 10555/tcp, 20011/tcp, 5551/tcp, 2366/tcp (qip-login), 3336/tcp (Direct TV Tickers), 5443/tcp (Pearson HTTPS), 17771/tcp, 1289/tcp (JWalkServer), 3102/tcp (SoftlinK Slave Mon Port), 554/tcp (Real Time Streaming Protocol (RTSP)), 15351/tcp, 64003/tcp, 3418/tcp (Remote nmap), 60100/tcp, 33897/tcp, 59338/tcp, 4444/tcp (NV Video default), 55167/tcp, 65000/tcp, 9393/tcp, 28748/tcp, 5689/tcp (QM video network management protocol), 25000/tcp (icl-twobase1), 24313/tcp, 10000/tcp (Network Data Management Protocol), 33778/tcp, 2020/tcp (xinupageserver), 3342/tcp (WebTIE), 5393/tcp, 1987/tcp (cisco RSRB Priority 1 port), 31408/tcp, 5633/tcp (BE Operations Request Listener), 1528/tcp, 65411/tcp, 53389/tcp, 8895/tcp, 1629/tcp (LonTalk urgent), 49285/tcp, 6523/tcp, 9999/tcp (distinct), 49151/tcp, 10189/tcp, 6858/tcp, 54321/tcp, 43434/tcp, 7006/tcp (error interpretation service), 456/tcp (macon-tcp), 11261/tcp, 49490/tcp, 10006/tcp, 1503/tcp (Databeam), 9950/tcp (APC 9950), 33808/tcp.
      
BHD Honeypot
Port scan
2020-08-12

In the last 24h, the attacker (103.139.45.129) attempted to scan 253 ports.
The following ports have been scanned: 6689/tcp (Tofino Security Appliance), 103/tcp (Genesis Point-to-Point Trans Net), 44389/tcp, 10010/tcp (ooRexx rxapi services), 8560/tcp, 22090/tcp, 6500/tcp (BoKS Master), 6669/tcp, 2012/tcp (ttyinfo), 8500/tcp (Flight Message Transfer Protocol), 7676/tcp (iMQ Broker Rendezvous), 33860/tcp, 20202/tcp (IPD Tunneling Port), 5858/tcp, 5567/tcp (Multicast Object Access Protocol), 50043/tcp, 3758/tcp (apw RMI registry), 5980/tcp, 4145/tcp (VVR Control), 10060/tcp, 65533/tcp, 5545/tcp, 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 7788/tcp, 4051/tcp (Cisco Peer to Peer Distribution Protocol), 9696/tcp, 2105/tcp (MiniPay), 59999/tcp, 6878/tcp, 45590/tcp, 9993/tcp (OnLive-2), 5999/tcp (CVSup), 7401/tcp (RTPS Data-Distribution User-Traffic), 4002/tcp (pxc-spvr-ft), 4848/tcp (App Server - Admin HTTP), 37964/tcp, 20500/tcp, 33798/tcp, 9060/tcp, 3492/tcp (TVDUM Tray Port), 9833/tcp, 33988/tcp, 9986/tcp, 30434/tcp, 6600/tcp (Microsoft Hyper-V Live Migration), 15000/tcp (Hypack Data Aquisition), 49156/tcp, 5152/tcp (ESRI SDE Instance Discovery), 4647/tcp, 4888/tcp, 5003/tcp (FileMaker, Inc. - Proprietary transport), 7117/tcp, 1004/tcp, 3215/tcp (JMQ Daemon Port 2), 9995/tcp (Palace-4), 4711/tcp, 4230/tcp, 4469/tcp, 39000/tcp, 5800/tcp, 2549/tcp (IPASS), 8839/tcp, 59095/tcp, 34193/tcp, 3315/tcp (CDID), 6000/tcp (-6063/udp   X Window System), 8008/tcp (HTTP Alternate), 7889/tcp, 19070/tcp, 23052/tcp, 50003/tcp, 4343/tcp (UNICALL), 1632/tcp (PAMMRATC), 7089/tcp, 6543/tcp (lds_distrib), 4251/tcp, 4712/tcp, 4044/tcp (Location Tracking Protocol), 7820/tcp, 4901/tcp (FileLocator Remote Search Agent), 10015/tcp, 6432/tcp (PgBouncer), 4491/tcp, 53535/tcp, 8089/tcp, 3347/tcp (Phoenix RPC), 9352/tcp, 38395/tcp, 6313/tcp, 10001/tcp (SCP Configuration), 1653/tcp (alphatech-lm), 4102/tcp (Braille protocol), 6767/tcp (BMC PERFORM AGENT), 20300/tcp, 3490/tcp (Colubris Management Port), 11333/tcp, 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 44046/tcp, 65003/tcp, 13731/tcp, 3384/tcp (Cluster Management Services), 3939/tcp (Anti-virus Application Management Port), 33390/tcp, 5001/tcp (commplex-link), 10389/tcp, 3675/tcp (CallTrax Data Port), 55955/tcp, 3337/tcp (Direct TV Data Catalog), 51301/tcp, 3392/tcp (EFI License Management), 48389/tcp, 5000/tcp (commplex-main), 6426/tcp, 33975/tcp, 22333/tcp, 54632/tcp, 4433/tcp, 5055/tcp (UNOT), 3351/tcp (Btrieve port), 5190/tcp (America-Online), 44/tcp (MPM FLAGS Protocol), 1568/tcp (tsspmap), 45389/tcp, 4111/tcp (Xgrid), 57059/tcp, 3335/tcp (Direct TV Software Updates), 8720/tcp, 8038/tcp, 2879/tcp (ucentric-ds), 8300/tcp (Transport Management Interface), 9902/tcp, 4080/tcp (Lorica inside facing), 4569/tcp (Inter-Asterisk eXchange), 31890/tcp, 3888/tcp (Ciphire Services), 55555/tcp, 24389/tcp, 3553/tcp (Red Box Recorder ADP), 33809/tcp, 20009/tcp, 4004/tcp (pxc-roid), 6690/tcp, 8899/tcp (ospf-lite), 3355/tcp (Ordinox Dbase), 33089/tcp, 6566/tcp (SANE Control Port), 2291/tcp (EPSON Advanced Printer Share Protocol), 33500/tcp, 7563/tcp, 5443/tcp (Pearson HTTPS), 4500/tcp (IPsec NAT-Traversal), 12345/tcp (Italk Chat System), 33933/tcp, 5900/tcp (Remote Framebuffer), 3889/tcp (D and V Tester Control Port), 3360/tcp (KV Server), 554/tcp (Real Time Streaming Protocol (RTSP)), 26/tcp, 7022/tcp (CT Discovery Protocol), 43389/tcp, 33892/tcp, 4902/tcp (magicCONROL RF and Data Interface), 3899/tcp (ITV Port), 1025/tcp (network blackjack), 6007/tcp, 5640/tcp, 9912/tcp, 13393/tcp, 6611/tcp, 3370/tcp, 3334/tcp (Direct TV Webcasting), 7989/tcp, 1314/tcp (Photoscript Distributed Printing System), 2744/tcp (honyaku), 33998/tcp, 3839/tcp (AMX Resource Management Suite), 5700/tcp, 1493/tcp (netmap_lm), 8000/tcp (iRDMI), 45789/tcp, 8888/tcp (NewsEDGE server TCP (TCP 1)), 6868/tcp (Acctopus Command Channel), 2018/tcp (terminaldb), 8999/tcp (Brodos Crypto Trade Protocol), 10115/tcp (NetIQ Endpoint), 8105/tcp, 5389/tcp, 9969/tcp, 7845/tcp (APC 7845), 33839/tcp, 3132/tcp (Microsoft Business Rule Engine Update Service), 20100/tcp, 12771/tcp, 5214/tcp, 8895/tcp, 21589/tcp, 6661/tcp, 4220/tcp, 49151/tcp, 12488/tcp, 2107/tcp (BinTec Admin), 40002/tcp, 5506/tcp (Amcom Mobile Connect), 9992/tcp (OnLive-1), 6858/tcp, 7330/tcp, 9191/tcp (Sun AppSvr JPDA), 2244/tcp (NMS Server), 5501/tcp (fcp-addr-srvr2), 37373/tcp, 9834/tcp, 8501/tcp, 5662/tcp, 2021/tcp (servexec), 5586/tcp, 10006/tcp, 1503/tcp (Databeam).
      
BHD Honeypot
Port scan
2020-08-11

In the last 24h, the attacker (103.139.45.129) attempted to scan 211 ports.
The following ports have been scanned: 2848/tcp (AMT-BLC-PORT), 6001/tcp, 5899/tcp, 6669/tcp, 6547/tcp (APC 6547), 5062/tcp (Localisation access), 1000/tcp (cadlock2), 8500/tcp (Flight Message Transfer Protocol), 33896/tcp, 9900/tcp (IUA), 5858/tcp, 5567/tcp (Multicast Object Access Protocol), 5980/tcp, 9443/tcp (WSO2 Tungsten HTTPS), 121/tcp (Encore Expedited Remote Pro.Call), 9696/tcp, 6113/tcp (Daylite Server), 1865/tcp (ENTP), 45590/tcp, 5353/tcp (Multicast DNS), 3901/tcp (NIM Service Handler), 7401/tcp (RTPS Data-Distribution User-Traffic), 53335/tcp, 4422/tcp, 3444/tcp (Denali Server), 13389/tcp, 9289/tcp, 2789/tcp (Media Agent), 10021/tcp, 10701/tcp, 30000/tcp, 9445/tcp, 2382/tcp (Microsoft OLAP), 5555/tcp (Personal Agent), 3597/tcp (A14 (AN-to-SC/MM)), 11113/tcp, 49156/tcp, 4647/tcp, 20001/tcp (MicroSAN), 4395/tcp (OmniVision communication for Virtual environments), 3404/tcp, 3693/tcp, 7117/tcp, 63388/tcp, 55855/tcp, 8095/tcp, 10003/tcp (EMC-Documentum Content Server Product), 3369/tcp, 53380/tcp, 4469/tcp, 5800/tcp, 13899/tcp, 65535/tcp, 44544/tcp, 2389/tcp (OpenView Session Mgr), 5802/tcp, 6543/tcp (lds_distrib), 9989/tcp, 6033/tcp, 3000/tcp (RemoteWare Client), 6969/tcp (acmsoda), 7820/tcp, 11000/tcp (IRISA), 50505/tcp, 3905/tcp (Mailbox Update (MUPDATE) protocol), 41123/tcp, 8989/tcp (Sun Web Server SSL Admin Service), 38395/tcp, 6313/tcp, 55655/tcp, 390/tcp (UIS), 3483/tcp (Slim Devices Protocol), 5504/tcp (fcp-cics-gw1), 6767/tcp (BMC PERFORM AGENT), 5176/tcp, 3490/tcp (Colubris Management Port), 3386/tcp (GPRS Data), 33/tcp (Display Support Protocol), 3223/tcp (DIGIVOTE (R) Vote-Server), 53053/tcp, 9007/tcp, 3384/tcp (Cluster Management Services), 10389/tcp, 3675/tcp (CallTrax Data Port), 8375/tcp, 33389/tcp, 33000/tcp, 59000/tcp, 35001/tcp, 3586/tcp (License Server Console), 3309/tcp (TNS ADV), 33392/tcp, 5055/tcp (UNOT), 2569/tcp (Sonus Call Signal), 29000/tcp, 4877/tcp, 7388/tcp, 5190/tcp (America-Online), 4550/tcp (Perman I Interbase Server), 1568/tcp (tsspmap), 4789/tcp, 45000/tcp, 57059/tcp, 11011/tcp, 3579/tcp (Tarantella Load Balancing), 16002/tcp (GoodSync Mediation Service), 6818/tcp, 10444/tcp, 8300/tcp (Transport Management Interface), 4003/tcp (pxc-splr-ft), 11400/tcp, 49000/tcp, 6080/tcp, 1189/tcp (Unet Connection), 81/tcp, 4080/tcp (Lorica inside facing), 1716/tcp (xmsg), 3300/tcp, 4999/tcp (HyperFileSQL Client/Server Database Engine Manager), 17289/tcp, 7002/tcp (users & groups database), 2719/tcp (Scan & Change), 2051/tcp (EPNSDP), 2139/tcp (IAS-AUTH), 3313/tcp (Unify Object Broker), 39800/tcp, 3553/tcp (Red Box Recorder ADP), 3331/tcp (MCS Messaging), 8887/tcp, 20009/tcp, 6690/tcp, 3355/tcp (Ordinox Dbase), 33089/tcp, 6522/tcp, 8390/tcp, 30598/tcp, 8674/tcp, 33500/tcp, 55666/tcp, 4500/tcp (IPsec NAT-Traversal), 33933/tcp, 3467/tcp (RCST), 554/tcp (Real Time Streaming Protocol (RTSP)), 4389/tcp (Xandros Community Management Service), 43399/tcp, 27777/tcp, 3048/tcp (Sierra Net PC Trader), 4489/tcp, 6611/tcp, 1011/tcp, 3334/tcp (Direct TV Webcasting), 4434/tcp, 16161/tcp (Solaris SEA Port), 9393/tcp, 2744/tcp (honyaku), 33998/tcp, 3839/tcp (AMX Resource Management Suite), 5700/tcp, 12019/tcp, 5689/tcp (QM video network management protocol), 8888/tcp (NewsEDGE server TCP (TCP 1)), 4112/tcp (Apple VPN Server Reporting Protocol), 25000/tcp (icl-twobase1), 24313/tcp, 3629/tcp (ESC/VP.net), 7878/tcp, 7071/tcp (IWGADTS Aircraft Housekeeping Message), 5633/tcp (BE Operations Request Listener), 3505/tcp (CCM communications port), 3399/tcp (CSMS), 12488/tcp, 15251/tcp, 9100/tcp (Printer PDL Data Stream), 9191/tcp (Sun AppSvr JPDA), 54321/tcp, 2244/tcp (NMS Server), 33894/tcp, 2019/tcp (whosockami), 44144/tcp, 9981/tcp, 2021/tcp (servexec), 10006/tcp, 35589/tcp, 3322/tcp (-3325  Active Networks).
      
BHD Honeypot
Port scan
2020-08-10

In the last 24h, the attacker (103.139.45.129) attempted to scan 136 ports.
The following ports have been scanned: 25290/tcp, 6001/tcp, 6500/tcp (BoKS Master), 3678/tcp (DataGuardianLT), 3398/tcp (Mercantile), 50400/tcp, 6577/tcp, 7676/tcp (iMQ Broker Rendezvous), 5858/tcp, 25890/tcp, 3977/tcp (Opsware Manager), 3323/tcp, 5545/tcp, 9443/tcp (WSO2 Tungsten HTTPS), 2204/tcp (b2 License Server), 60001/tcp, 45590/tcp, 10270/tcp, 22222/tcp, 5008/tcp (Synapsis EDGE), 3918/tcp (PacketCableMultimediaCOPS), 33110/tcp, 5150/tcp (Ascend Tunnel Management Protocol), 13389/tcp, 15000/tcp (Hypack Data Aquisition), 3463/tcp (EDM ADM Notify), 7474/tcp, 7773/tcp, 1071/tcp (BSQUARE-VOIP), 4395/tcp (OmniVision communication for Virtual environments), 5003/tcp (FileMaker, Inc. - Proprietary transport), 7070/tcp (ARCP), 3676/tcp (VisualAge Pacbase server), 63388/tcp, 3210/tcp (Flamenco Networks Proxy), 6502/tcp (BoKS Servm), 50005/tcp, 4708/tcp, 2549/tcp (IPASS), 4300/tcp (Corel CCam), 10044/tcp, 19070/tcp, 6565/tcp, 30389/tcp, 4531/tcp, 6033/tcp, 4712/tcp, 6969/tcp (acmsoda), 8512/tcp, 4901/tcp (FileLocator Remote Search Agent), 10015/tcp, 4491/tcp, 8100/tcp (Xprint Server), 8989/tcp (Sun Web Server SSL Admin Service), 4567/tcp (TRAM), 8083/tcp (Utilistor (Server)), 33101/tcp, 3483/tcp (Slim Devices Protocol), 10001/tcp (SCP Configuration), 60002/tcp, 6767/tcp (BMC PERFORM AGENT), 9209/tcp (ALMobile System Service), 4446/tcp (N1-FWP), 9007/tcp, 4904/tcp, 2017/tcp (cypress-stat), 3939/tcp (Anti-virus Application Management Port), 33992/tcp, 6933/tcp, 8128/tcp (PayCash Online Protocol), 56001/tcp, 4104/tcp (Braille protocol), 65112/tcp, 3451/tcp (ASAM Services), 3316/tcp (AICC/CMI), 9983/tcp, 11011/tcp, 3450/tcp (CAStorProxy), 2890/tcp (CSPCLMULTI), 8720/tcp, 3030/tcp (Arepa Cas), 6818/tcp, 8300/tcp (Transport Management Interface), 3391/tcp (SAVANT), 5557/tcp (Sandlab FARENET), 57002/tcp, 3634/tcp (hNTSP Library Manager), 6465/tcp, 666/tcp (doom Id Software), 33809/tcp, 6690/tcp, 6522/tcp, 10555/tcp, 7721/tcp, 3110/tcp (simulator control port), 2291/tcp (EPSON Advanced Printer Share Protocol), 17771/tcp, 3360/tcp (KV Server), 4389/tcp (Xandros Community Management Service), 1111/tcp (LM Social Server), 7777/tcp (cbt), 3899/tcp (ITV Port), 6389/tcp (clariion-evr01), 3370/tcp, 7989/tcp, 50123/tcp, 3366/tcp (Creative Partner), 6868/tcp (Acctopus Command Channel), 25000/tcp (icl-twobase1), 8999/tcp (Brodos Crypto Trade Protocol), 7845/tcp (APC 7845), 4011/tcp (Alternate Service Boot), 3420/tcp (iFCP User Port), 5773/tcp, 3505/tcp (CCM communications port), 5019/tcp, 7330/tcp, 5501/tcp (fcp-addr-srvr2), 10002/tcp (EMC-Documentum Content Server Product), 5586/tcp, 44844/tcp, 14200/tcp.
      
BHD Honeypot
Port scan
2020-08-10

Port scan from IP: 103.139.45.129 detected by psad.

Blacklist

Near real-time, easy to use data feed containing IPs reported on our website.

Bronze

$3

Updated daily

Learn More

Silver

$15

Updated every hour

Learn More

Gold

$30

Updated every 10 minutes

Learn More

Remarks

Black hat directory contains this IP address, because Internet users reported it as an address making unsolicited, nagging requests. We make every effort to ensure that the information contained in the Black hat directory are correct and up to date. The database is developed and updated by Internet users and moderators.

If you have any reliable information regarding malicious activity originating from this IP address, please share it with others and fill in the 'Report breach' form. It is prohibited from adding personally identifiable information.

Below breach categories are used in the database:

  • Denial of service attack - this attack is accomplished by flooding the target with massive amount of requests in order to overload the targeted system
  • Brute force attack - this category encompasses attempts to login to machine by trying many passwords and usernames
  • Backdoor attack - this category represents bypassing authentication by hidden programs or services to obtain remote access to a computer or trojan activity
  • Port scan - represents attackers identifying running services on the targeted machine by probing a server for open ports
  • Malicious bot - this category encompasses all bots performing unsolicited requests or ignoring robots.txt file
  • Anonymous proxy - public proxies like Tor, I2P relays or anonymous VPNs are often used by attacker to hide his identity
  • Web attack - attempts to exploit web application security flaws
  • CMS attack - attempts to exploit CMS vulnerability
  • App vulnerability attack - attempts to exploit other applications vulnerability
  • Web spam - encompasses all kind of HTTP spamming
  • Email spam - encompasses all kind of E-mail spamming
  • Dodgy activity - this category encompasses superfluous, dodgy requests

Report breach!

Rate host 103.139.45.129