IP address: 103.145.13.241

Host rating:

2.0

out of 9 votes

Last update: 2020-09-23

Host details

Unknown
Unknown
Unknown
Unknown
See comments

Reported breaches

  • Port scan
Report breach

User comments

9 security incident(s) reported by users

BHD Honeypot
Port scan
2020-09-23

In the last 24h, the attacker (103.145.13.241) attempted to scan 10 ports.
The following ports have been scanned: 5365/udp, 5362/udp (Microsoft Windows Server WSD2 Service), 5366/udp, 5364/udp, 5368/udp, 5361/udp (Secure Protocol for Windows SideShow).
      
BHD Honeypot
Port scan
2020-09-22

In the last 24h, the attacker (103.145.13.241) attempted to scan 31 ports.
The following ports have been scanned: 5365/udp, 5278/udp, 5273/udp, 5272/udp (PK), 5276/udp, 5277/udp, 5270/udp (Cartographer XMP), 5284/udp, 5280/udp, 5366/udp, 5281/udp, 5282/udp (Marimba Transmitter Port), 5269/udp (XMPP Server Connection), 5364/udp, 5368/udp, 5274/udp, 5361/udp (Secure Protocol for Windows SideShow).
      
BHD Honeypot
Port scan
2020-09-21

In the last 24h, the attacker (103.145.13.241) attempted to scan 37 ports.
The following ports have been scanned: 5273/udp, 5192/udp (AmericaOnline2), 5272/udp (PK), 5276/udp, 5169/udp, 5270/udp (Cartographer XMP), 5186/udp, 5174/udp, 5189/udp, 5269/udp (XMPP Server Connection), 5188/udp, 5190/udp (America-Online), 5172/udp, 5170/udp, 5185/udp, 5176/udp, 5274/udp, 5173/udp.
      
BHD Honeypot
Port scan
2020-09-21

Port scan from IP: 103.145.13.241 detected by psad.
BHD Honeypot
Port scan
2020-09-19

In the last 24h, the attacker (103.145.13.241) attempted to scan 32 ports.
The following ports have been scanned: 5077/udp, 5070/udp (VersaTrans Server Agent Service), 5062/udp (Localisation access), 5072/udp (Anything In Anything), 5078/udp, 5086/udp, 5064/udp (Channel Access 1), 5080/udp (OnScreen Data Collection Service), 5061/udp (SIP-TLS), 5069/udp (I/Net 2000-NPR), 5085/udp (EPCglobal Encrypted LLRP), 5088/udp.
      
BHD Honeypot
Port scan
2020-09-18

In the last 24h, the attacker (103.145.13.241) attempted to scan 202 ports.
The following ports have been scanned: 4050/udp (Wide Area File Services), 3980/udp (Aircraft Cabin Management System), 4640/udp, 3740/udp (Heartbeat Protocol), 4060/udp (DSMETER Inter-Agent Transfer Channel), 3870/udp (hp OVSAM HostAgent Disco), 4750/udp (Simple Service Auto Discovery), 4150/udp (PowerAlert Network Shutdown Agent), 4790/udp, 4540/udp, 3910/udp (Printer Request Port), 4560/udp, 4760/udp, 3880/udp (IGRS), 4180/udp (HTTPX), 4360/udp, 4120/udp, 4670/udp (Light packets transfer protocol), 4290/udp, 3830/udp (Cerner System Management Agent), 4400/udp (ASIGRA Services), 4380/udp, 4230/udp, 4580/udp, 3950/udp (Name Munging), 4660/udp (smaclmgr), 4740/udp (ipfix protocol over DTLS), 4310/udp (Mir-RT exchange service), 3820/udp (Siemens AuD SCP), 4570/udp, 4550/udp (Perman I Interbase Server), 3750/udp (CBOS/IP ncapsalatoin port), 4080/udp (Lorica inside facing), 4160/udp (Jini Discovery), 4100/udp (IGo Incognito Data Port), 4130/udp (FRONET message protocol), 4110/udp (G2 RFID Tag Telemetry Data), 4270/udp, 4250/udp, 3920/udp (Exasoft IP Port), 4040/udp (Yo.net main service), 4700/udp (NetXMS Agent), 3810/udp (WLAN AS server), 4170/udp, 4030/udp (Accell/JSP Daemon Port), 4070/udp (Trivial IP Encryption (TrIPE)), 4800/udp (Icona Instant Messenging System), 4710/udp, 4600/udp (Piranha1), 4330/udp, 4490/udp, 4140/udp (Cedros Fraud Detection System), 3970/udp (LANrev Agent), 4240/udp, 4320/udp (FDT Remote Categorization Protocol), 4300/udp (Corel CCam), 4220/udp, 3850/udp (QTMS Bootstrap Protocol), 4350/udp (Net Device), 3930/udp (Syam Web Server Port), 3960/udp (Bess Peer Assessment), 4850/udp (Sun App Server - NA), 3790/udp (QuickBooks RDS), 4500/udp (IPsec NAT-Traversal), 4450/udp (Camp), 3760/udp (adTEmpus Client), 3900/udp (Unidata UDT OS), 3770/udp (Cinderella Collaboration), 4590/udp, 3720/udp (UF Astro. Instr. Services), 4810/udp, 4510/udp, 4410/udp, 4780/udp, 4190/udp, 4020/udp (TRAP Port), 4770/udp, 3860/udp (Server/Application State Protocol (SASP)), 4260/udp, 4530/udp, 4610/udp, 4650/udp, 4630/udp, 3890/udp (Niche Data Server Connect), 4830/udp, 3940/udp (XeCP Node Service), 3780/udp (Nuzzler Network Protocol), 4460/udp, 4730/udp (Gearman Job Queue System), 4000/udp (Terabase), 3840/udp (www.FlirtMitMir.de), 4010/udp (Samsung Unidex), 4860/udp, 4430/udp (REAL SQL Server), 4840/udp (OPC UA TCP Protocol), 4620/udp, 4680/udp (MGE UPS Management), 4870/udp (Citcom Tracking Service), 4470/udp, 4340/udp (Gaia Connector Protocol), 4370/udp (ELPRO V2 Protocol Tunnel), 4440/udp, 4820/udp, 4420/udp, 4090/udp (OMA BCAST Service Guide), 4210/udp, 3730/udp (Client Control), 3990/udp (BindView-IS), 4880/udp, 4520/udp, 3800/udp (Print Services Interface), 4200/udp (-4299  VRML Multi User Systems), 4690/udp (Prelude IDS message proto).
      
BHD Honeypot
Port scan
2020-09-17

In the last 24h, the attacker (103.145.13.241) attempted to scan 684 ports.
The following ports have been scanned: 1840/udp (netopia-vo2), 3590/udp (WV CSP SMS Binding), 3060/udp (interserver), 3090/udp (Senforce Session Services), 1020/udp, 2100/udp (Amiga Network Filesystem), 3250/udp (HMS hicp port), 3350/udp (FINDVIATV), 2300/udp (CVMMON), 1790/udp (Narrative Media Streaming Protocol), 2170/udp (EyeTV Server Port), 3340/udp (OMF data m), 2910/udp (TDAccess), 1850/udp (GSI), 2840/udp (l3-exprt), 2320/udp (Siebel NS), 3610/udp (ECHONET), 3050/udp (gds_db), 1920/udp (IBM Tivoli Directory Service - FERRET), 4060/udp (DSMETER Inter-Agent Transfer Channel), 2760/udp (Saba MS), 2850/udp (MetaConsole), 3020/udp (CIFS), 1980/udp (PearlDoc XACT), 3440/udp (Net Steward Mgmt Console), 3000/udp (RemoteWare Client), 1540/udp (rds), 1140/udp (AutoNOC Network Operations Protocol), 1450/udp (Tandem Distributed Workbench Facility), 1660/udp (skip-mc-gikreq), 1420/udp (Timbuktu Service 4 Port), 4150/udp (PowerAlert Network Shutdown Agent), 1300/udp (H323 Host Call Secure), 2920/udp (roboEDA), 3460/udp (EDM Manger), 2530/udp (VR Commerce), 1680/udp (microcom-sbp), 1120/udp (Battle.net File Transfer Protocol), 1520/udp (atm zip office), 2470/udp (taskman port), 1330/udp (StreetPerfect), 2460/udp (ms-theater), 1700/udp (mps-raft), 1990/udp (cisco STUN Priority 1 port), 2940/udp (SM-PAS-3), 1350/udp (Registration Network Protocol), 4180/udp (HTTPX), 2010/udp (pipe_server), 4360/udp, 4120/udp, 2030/udp (device2), 3080/udp (stm_pproc), 3280/udp (VS Server), 1130/udp (CAC App Service Protocol), 4290/udp, 4390/udp (Physical Access Control), 2350/udp (Pharos Booking Server), 4400/udp (ASIGRA Services), 2670/udp (TVE Announce), 4380/udp, 4230/udp, 2110/udp (UMSP), 3580/udp (NATI-ServiceLocator), 2650/udp (eristwoguns), 1610/udp (taurus-wh), 2600/udp (HPSTGMGR), 3390/udp (Distributed Service Coordinator), 2260/udp (APC 2260), 1860/udp (SunSCALAR Services), 3690/udp (Subversion), 2240/udp (RECIPe), 4310/udp (Mir-RT exchange service), 2120/udp (Quick Eagle Networks CP), 1340/udp (NAAP), 2720/udp (wkars), 3660/udp (IBM Tivoli Directory Service using SSL), 2930/udp (AMX-WEBLINX), 3640/udp (Netplay Port 1), 2870/udp (daishi), 1030/udp (BBN IAD), 3500/udp (RTMP Port), 1240/udp (Instantia), 3170/udp (SERVERVIEW-ASN), 3360/udp (KV Server), 3630/udp (C&S Remote Database Port), 3400/udp (CSMS2), 4080/udp (Lorica inside facing), 4160/udp (Jini Discovery), 2780/udp (LBC Control), 1150/udp (Blaze File Server), 3330/udp (MCS Calypso ICF), 2800/udp (ACC RAID), 1770/udp (bmc-net-svc), 3210/udp (Flamenco Networks Proxy), 2950/udp (ESIP), 4100/udp (IGo Incognito Data Port), 4130/udp (FRONET message protocol), 4110/udp (G2 RFID Tag Telemetry Data), 2210/udp (NOAAPORT Broadcast Network), 4270/udp, 2620/udp (LPSRecommender), 1730/udp (roketz), 1010/udp (surf), 1600/udp (issd), 2410/udp (VRTS Registry), 1100/udp (MCTP), 3560/udp (INIServe port), 1670/udp (netview-aix-10), 2630/udp (Sitara Management), 1740/udp (encore), 1380/udp (Telesis Network License Manager), 2820/udp (UniVision), 2960/udp (DFOXSERVER), 1930/udp (Drive AppServer), 4250/udp, 2900/udp (QUICKSUITE), 2970/udp (INDEX-NET), 4040/udp (Yo.net main service), 4170/udp, 4030/udp (Accell/JSP Daemon Port), 4070/udp (Trivial IP Encryption (TrIPE)), 3530/udp (Grid Friendly), 3200/udp (Press-sense Tick Port), 2570/udp (HS Port), 1210/udp (EOSS), 3030/udp (Arepa Cas), 2680/udp (pxc-sapxom), 3700/udp (LRS NetPage), 4330/udp, 4490/udp, 3480/udp (Secure Virtual Workspace), 4140/udp (Cedros Fraud Detection System), 1110/udp (Client status info), 2520/udp (Pervasive Listener), 2810/udp (Active Net Steward), 2180/udp (Millicent Vendor Gateway Server), 2860/udp (Dialpad Voice 1), 1500/udp (VLSI License Manager), 1640/udp (cert-responder), 1230/udp (Periscope), 1780/udp (dpkeyserv), 2540/udp (LonWorks), 4240/udp, 1160/udp (DB Lite Mult-User Server), 2130/udp (XDS), 2740/udp (Alarm), 4320/udp (FDT Remote Categorization Protocol), 4300/udp (Corel CCam), 4220/udp, 3300/udp, 3620/udp (EPSON Projector Control Port), 3130/udp (ICPv2), 1630/udp (Oracle Net8 Cman), 2560/udp (labrat), 2160/udp (APC 2160), 3040/udp (Tomato Springs), 4350/udp (Net Device), 2980/udp (Instant Messaging Service), 1820/udp (mcagent), 1590/udp (gemini-lm), 2880/udp (Synapse Transport), 1320/udp (AMX-AXBNET), 2060/udp (Telenium Daemon IF), 1870/udp (SunSCALAR DNS Service), 1260/udp (ibm-ssd), 3270/udp (Verismart), 1720/udp (h323hostcall), 2340/udp (WRS Registry), 1360/udp (MIMER), 1800/udp (ANSYS-License manager), 4450/udp (Camp), 3490/udp (Colubris Management Port), 3680/udp (NPDS Tracker), 2360/udp (NexstorIndLtd), 2690/udp (HP NNM Embedded Database), 2610/udp (VersaTek), 2450/udp (netadmin), 3110/udp (simulator control port), 1080/udp (Socks), 3120/udp (D2000 Webserver Port), 3710/udp (PortGate Authentication), 2280/udp (LNVPOLLER), 1040/udp (Netarx Netcare), 1070/udp (GMRUpdateSERV), 2750/udp (fjippol-port1), 1370/udp (Unix Shell to GlobalView), 1270/udp (Microsoft Operations Manager), 2090/udp (Load Report Protocol), 1900/udp (SSDP), 1480/udp (PacerForum), 3150/udp (NetMike Assessor Administrator), 3370/udp, 4410/udp, 1310/udp (Husky), 2140/udp (IAS-REG), 1810/udp (Jerand License Manager), 2510/udp (fjappmgrbulk), 1060/udp (POLESTAR), 2000/udp (Cisco SCCp), 2890/udp (CSPCLMULTI), 1560/udp (ASCI-RemoteSHADOW), 2390/udp (RSMTP), 2790/udp (PLG Proxy), 2050/udp (Avaya EMB Config Port), 1090/udp (FF Fieldbus Message Specification), 4190/udp, 1290/udp (WinJaServer), 2770/udp (Veronica), 4020/udp (TRAP Port), 2490/udp (qip_qdhcp), 1440/udp (Eicon Service Location Protocol), 1000/udp (cadlock2), 3550/udp (Secure SMPP), 2480/udp (Informatica PowerExchange Listener), 1280/udp (Pictrography), 2710/udp (SSO Service), 2070/udp (AH and ESP Encapsulated in UDP packet), 3430/udp (Scott Studios Dispatch), 3470/udp (jt400), 3290/udp (CAPS LOGISTICS TOOLKIT - LM), 1390/udp (Storage Controller), 3320/udp (Office Link 2000), 3450/udp (CAStorProxy), 2830/udp (silkp2), 1620/udp (faxportwinport), 4260/udp, 4280/udp, 3260/udp (iSCSI port), 2370/udp (L3-HBMon), 3100/udp (OpCon/xps), 2700/udp (tqdata), 2310/udp (SD Client), 3570/udp (MCC Web Server Port), 1690/udp (ng-umds), 2660/udp (GC Monitor), 1580/udp (tn-tl-r2), 1750/udp (Simple Socket Library's PortMaster), 2020/udp (xinupageserver), 3310/udp (Dyna Access), 2230/udp (MetaSoft Job Queue Administration Service), 1880/udp (Gilat VSAT Control), 2420/udp (DSL Remote Management), 1830/udp (Oracle Net8 CMan Admin), 1760/udp (www-ldap-gw), 1190/udp (CommLinx GPS / AVL System), 3070/udp (MGXSWITCH), 3520/udp (Netvion Galileo Log Port), 3180/udp (Millicent Broker Server), 4460/udp, 1410/udp (HiQ License Manager), 3230/udp (Software Distributor Port), 1530/udp (rap-service), 3420/udp (iFCP User Port), 2440/udp (Spearway Lockers), 2380/udp, 2400/udp (OpEquus Server), 3240/udp (Trio Motion Control Port), 2990/udp (BOSCAP), 2270/udp (starSchool), 1050/udp (CORBA Management Agent), 2040/udp (lam), 1550/udp (Image Storage license manager 3M Company), 3220/udp (XML NM over SSL), 4010/udp (Samsung Unidex), 3670/udp (SMILE TCP/UDP Interface), 2190/udp (TiVoConnect Beacon), 1460/udp (Proshare Notebook Application), 1400/udp (Cadkey Tablet Daemon), 2220/udp (NetIQ End2End), 1220/udp (QT SERVER ADMIN), 1950/udp (ISMA Easdaq Test), 2200/udp (ICI), 4430/udp (REAL SQL Server), 1510/udp (Midland Valley Exploration Ltd. Lic. Man.), 2730/udp (NEC RaidPlus), 2080/udp (Autodesk NLM (FLEXlm)), 3190/udp (ConServR Proxy), 2250/udp (remote-collab), 3160/udp (TIP Application Server), 3510/udp (XSS Port), 1940/udp (JetVision Client Port), 1910/udp (UltraBac Software communications port), 4470/udp, 4340/udp (Gaia Connector Protocol), 2590/udp (idotdist), 2330/udp (TSCCHAT), 2550/udp (ADS), 1960/udp (Merit DAC NASmanager), 4370/udp (ELPRO V2 Protocol Tunnel), 4440/udp, 1570/udp (orbixd), 2430/udp (venus), 3140/udp (Arilia Multiplexor), 4420/udp, 4090/udp (OMA BCAST Service Guide), 1430/udp (Hypercom TPDU), 2150/udp (DYNAMIC3D), 1970/udp (NetOp Remote Control), 4210/udp, 1170/udp (AT+C License Manager), 1710/udp (impera), 1650/udp (nkd), 3380/udp (SNS Channels), 1490/udp (insitu-conf), 1470/udp (Universal Analytics), 1250/udp (swldy-sias), 3010/udp (Telerate Workstation), 3410/udp (NetworkLens SSL Event), 3540/udp (PNRP User Port), 4480/udp, 1180/udp (Millicent Client Proxy), 3650/udp (PRISMIQ VOD plug-in), 2580/udp (Tributary), 1200/udp (SCOL), 2290/udp (Sonus Logging Services), 3600/udp (text relay-answer), 2500/udp (Resource Tracking system server), 4200/udp (-4299  VRML Multi User Systems), 1890/udp (wilkenListener).
      
BHD Honeypot
Port scan
2020-09-16

In the last 24h, the attacker (103.145.13.241) attempted to scan 97 ports.
The following ports have been scanned: 2100/udp (Amiga Network Filesystem), 2170/udp (EyeTV Server Port), 2530/udp (VR Commerce), 2010/udp (pipe_server), 2030/udp (device2), 2670/udp (TVE Announce), 2110/udp (UMSP), 2650/udp (eristwoguns), 2600/udp (HPSTGMGR), 2240/udp (RECIPe), 2120/udp (Quick Eagle Networks CP), 2720/udp (wkars), 2210/udp (NOAAPORT Broadcast Network), 2620/udp (LPSRecommender), 2630/udp (Sitara Management), 2570/udp (HS Port), 2680/udp (pxc-sapxom), 2640/udp (Sabbagh Associates Licence Manager), 2520/udp (Pervasive Listener), 2180/udp (Millicent Vendor Gateway Server), 2540/udp (LonWorks), 2130/udp (XDS), 2740/udp (Alarm), 2560/udp (labrat), 2160/udp (APC 2160), 2060/udp (Telenium Daemon IF), 2690/udp (HP NNM Embedded Database), 2610/udp (VersaTek), 2090/udp (Load Report Protocol), 2140/udp (IAS-REG), 2510/udp (fjappmgrbulk), 2000/udp (Cisco SCCp), 2050/udp (Avaya EMB Config Port), 2710/udp (SSO Service), 2070/udp (AH and ESP Encapsulated in UDP packet), 2700/udp (tqdata), 2660/udp (GC Monitor), 2020/udp (xinupageserver), 2230/udp (MetaSoft Job Queue Administration Service), 2040/udp (lam), 2190/udp (TiVoConnect Beacon), 2220/udp (NetIQ End2End), 2200/udp (ICI), 2730/udp (NEC RaidPlus), 2080/udp (Autodesk NLM (FLEXlm)), 2590/udp (idotdist), 2550/udp (ADS), 2150/udp (DYNAMIC3D), 2580/udp (Tributary), 2500/udp (Resource Tracking system server).
      
BHD Honeypot
Port scan
2020-09-15

Port scan from IP: 103.145.13.241 detected by psad.

Blacklist

Near real-time, easy to use data feed containing IPs reported on our website.

Bronze

$3

Updated daily

Learn More

Silver

$15

Updated every hour

Learn More

Gold

$30

Updated every 10 minutes

Learn More

Remarks

Black hat directory contains this IP address, because Internet users reported it as an address making unsolicited, nagging requests. We make every effort to ensure that the information contained in the Black hat directory are correct and up to date. The database is developed and updated by Internet users and moderators.

If you have any reliable information regarding malicious activity originating from this IP address, please share it with others and fill in the 'Report breach' form. It is prohibited from adding personally identifiable information.

Below breach categories are used in the database:

  • Denial of service attack - this attack is accomplished by flooding the target with massive amount of requests in order to overload the targeted system
  • Brute force attack - this category encompasses attempts to login to machine by trying many passwords and usernames
  • Backdoor attack - this category represents bypassing authentication by hidden programs or services to obtain remote access to a computer or trojan activity
  • Port scan - represents attackers identifying running services on the targeted machine by probing a server for open ports
  • Malicious bot - this category encompasses all bots performing unsolicited requests or ignoring robots.txt file
  • Anonymous proxy - public proxies like Tor, I2P relays or anonymous VPNs are often used by attacker to hide his identity
  • Web attack - attempts to exploit web application security flaws
  • CMS attack - attempts to exploit CMS vulnerability
  • App vulnerability attack - attempts to exploit other applications vulnerability
  • Web spam - encompasses all kind of HTTP spamming
  • Email spam - encompasses all kind of E-mail spamming
  • Dodgy activity - this category encompasses superfluous, dodgy requests

Report breach!

Rate host 103.145.13.241