IP address: 103.207.39.22

Host rating:

2.0

out of 22 votes

Last update: 2021-01-21

Host details

Unknown
Vietnam
Unknown
AS45899 VNPT Corp
See comments

Reported breaches

  • Port scan
Report breach

Whois record

The publicly-available Whois record found at whois.apnic.net server.

% [whois.apnic.net]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

% Information related to '103.207.36.0 - 103.207.39.255'

% Abuse contact for '103.207.36.0 - 103.207.39.255' is '[email protected]'

inetnum:        103.207.36.0 - 103.207.39.255
netname:        VIETSERVER-VN
descr:          VietServer Services technology company limited
descr:          Xa Khuc, Chu Phan ward, Me Linh district, Ha Noi City
admin-c:        NNA52-AP
tech-c:         NDM3-AP
country:        VN
mnt-by:         MAINT-VN-VNNIC
mnt-lower:      MAINT-VN-VNNIC
mnt-routes:     MAINT-VN-VNNIC
mnt-irt:        IRT-VNNIC-AP
status:         ALLOCATED PORTABLE
last-modified:  2020-09-14T11:30:16Z
source:         APNIC

irt:            IRT-VNNIC-AP
address:        Ha Noi, VietNam
phone:          +84-24-35564944
fax-no:         +84-24-37821462
e-mail:         [email protected]
abuse-mailbox:  [email protected]
admin-c:        NTTT1-AP
tech-c:         NTTT1-AP
auth:           # Filtered
mnt-by:         MAINT-VN-VNNIC
last-modified:  2017-11-08T09:40:06Z
source:         APNIC

person:         Nguyen Duc Manh
address:        VietServer Services technology company limited
address:        VIETSERVER-VN
country:        VN
phone:          +84-1698129166
e-mail:         [email protected]
nic-hdl:        NDM3-AP
mnt-by:         MAINT-VN-VNNIC
last-modified:  2018-03-08T05:02:52Z
source:         APNIC

person:         Nguyen Ngoc An
address:        Xa Khuc, Chu Phan ward, Me Linh district, Ha Noi City
country:        VN
phone:          +84987444400
e-mail:         [email protected]
nic-hdl:        NNA52-AP
mnt-by:         MAINT-VN-VNNIC
last-modified:  2020-09-14T11:27:20Z
source:         APNIC

% Information related to '103.207.36.0/22AS135905'

route:          103.207.36.0/22
descr:          VIETSERVER-VN
origin:         AS135905
mnt-by:         MAINT-VN-VNNIC
last-modified:  2017-02-16T06:49:53Z
source:         APNIC

% Information related to '103.207.36.0/22AS45899'

route:          103.207.36.0/22
descr:          VIETSERVER-VN
origin:         AS45899
mnt-by:         MAINT-VN-VNNIC
last-modified:  2016-09-20T04:27:32Z
source:         APNIC

% Information related to '103.207.36.0/22AS63737'

route:          103.207.36.0/22
descr:          VIETSERVER-VN
origin:         AS63737
mnt-by:         MAINT-VN-VNNIC
last-modified:  2016-12-07T08:30:47Z
source:         APNIC

% This query was served by the APNIC Whois Service version 1.88.15-SNAPSHOT (WHOIS-US4)


User comments

22 security incident(s) reported by users

BHD Honeypot
Port scan
2021-01-21

In the last 24h, the attacker (103.207.39.22) attempted to scan 21 ports.
The following ports have been scanned: 3398/tcp (Mercantile), 3396/tcp (Printer Agent), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 3383/tcp (Enterprise Software Products License Manager), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 3384/tcp (Cluster Management Services), 3393/tcp (D2K Tapestry Client to Server), 3392/tcp (EFI License Management), 3394/tcp (D2K Tapestry Server to Server), 3391/tcp (SAVANT), 3400/tcp (CSMS2), 3381/tcp (Geneous), 3380/tcp (SNS Channels), 3397/tcp (Cloanto License Manager), 3399/tcp (CSMS), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 3388/tcp (CB Server).
      
BHD Honeypot
Port scan
2021-01-16

In the last 24h, the attacker (103.207.39.22) attempted to scan 13 ports.
The following ports have been scanned: 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 3387/tcp (Back Room Net), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 3393/tcp (D2K Tapestry Client to Server), 3392/tcp (EFI License Management), 3394/tcp (D2K Tapestry Server to Server), 3391/tcp (SAVANT), 3388/tcp (CB Server).
      
BHD Honeypot
Port scan
2021-01-16

Port scan from IP: 103.207.39.22 detected by psad.
BHD Honeypot
Port scan
2021-01-11

In the last 24h, the attacker (103.207.39.22) attempted to scan 66 ports.
The following ports have been scanned: 2005/tcp (berknet), 3359/tcp (WG NetForce), 3323/tcp, 3324/tcp, 3389/tcp (MS WBT Server), 3356/tcp (UPNOTIFYPS), 3345/tcp (Influence), 2013/tcp (raid-am), 3377/tcp (Cogsys Network License Manager), 2001/tcp (dc), 2002/tcp (globe), 3343/tcp (MS Cluster Net), 1994/tcp (cisco serial tunnel port), 1995/tcp (cisco perf port), 2023/tcp (xinuexpansion3), 3330/tcp (MCS Calypso ICF), 3339/tcp (OMF data l), 3315/tcp (CDID), 1978/tcp (UniSQL), 3314/tcp (Unify Object Host), 1997/tcp (cisco Gateway Discovery Protocol), 3349/tcp (Chevin Services), 3302/tcp (MCS Fastmail), 1990/tcp (cisco STUN Priority 1 port), 3310/tcp (Dyna Access), 1965/tcp (Tivoli NPM), 3329/tcp (HP Device Disc), 3309/tcp (TNS ADV), 1957/tcp (unix-status), 3316/tcp (AICC/CMI), 3335/tcp (Direct TV Software Updates), 1962/tcp (BIAP-MP), 3371/tcp, 3353/tcp (FATPIPE), 3391/tcp (SAVANT), 1963/tcp (WebMachine), 2015/tcp (cypress), 3331/tcp (MCS Messaging), 1972/tcp (Cache), 3355/tcp (Ordinox Dbase), 3354/tcp (SUITJD), 3336/tcp (Direct TV Tickers), 3360/tcp (KV Server), 1111/tcp (LM Social Server), 3367/tcp (-3371  Satellite Video Data Link), 3333/tcp (DEC Notes), 1984/tcp (BB), 3307/tcp (OP Session Proxy), 3334/tcp (Direct TV Webcasting), 3341/tcp (OMF data h), 2020/tcp (xinupageserver), 1973/tcp (Data Link Switching Remote Access Protocol), 1951/tcp (bcs-lmserver), 3361/tcp (KV Agent), 1977/tcp (TCO Address Book), 3319/tcp (SDT License Manager), 1986/tcp (cisco license management), 1955/tcp (ABR-Secure Data (diskbridge)), 1960/tcp (Merit DAC NASmanager), 3322/tcp (-3325  Active Networks).
      
BHD Honeypot
Port scan
2021-01-10

In the last 24h, the attacker (103.207.39.22) attempted to scan 236 ports.
The following ports have been scanned: 3352/tcp (Scalable SQL), 1954/tcp (ABR-API (diskbridge)), 1999/tcp (cisco identification port), 3305/tcp (ODETTE-FTP), 2005/tcp (berknet), 3368/tcp, 3398/tcp (Mercantile), 1991/tcp (cisco STUN Priority 2 port), 2012/tcp (ttyinfo), 2222/tcp (EtherNet/IP I/O), 3396/tcp (Printer Agent), 1958/tcp (CA Administration Daemon), 3323/tcp, 3390/tcp (Distributed Service Coordinator), 3324/tcp, 3364/tcp (Creative Server), 1979/tcp (UniSQL Java), 3303/tcp (OP Session Client), 3317/tcp (VSAI PORT), 22222/tcp, 2013/tcp (raid-am), 2030/tcp (device2), 3344/tcp (BNT Manager), 2011/tcp (raid), 3343/tcp (MS Cluster Net), 3383/tcp (Enterprise Software Products License Manager), 5555/tcp (Personal Agent), 1995/tcp (cisco perf port), 3363/tcp (NATI Vi Server), 6666/tcp, 3320/tcp (Office Link 2000), 2023/tcp (xinuexpansion3), 3387/tcp (Back Room Net), 3330/tcp (MCS Calypso ICF), 1985/tcp (Hot Standby Router Protocol), 1988/tcp (cisco RSRB Priority 2 port), 2025/tcp (ellpack), 3339/tcp (OMF data l), 3315/tcp (CDID), 3379/tcp (SOCORFS), 1978/tcp (UniSQL), 3314/tcp (Unify Object Host), 3348/tcp (Pangolin Laser), 3349/tcp (Chevin Services), 2027/tcp (shadowserver), 3302/tcp (MCS Fastmail), 1990/tcp (cisco STUN Priority 1 port), 3332/tcp (MCS Mail Server), 11111/tcp (Viral Computing Environment (VCE)), 3376/tcp (CD Broker), 3373/tcp (Lavenir License Manager), 3347/tcp (Phoenix RPC), 3372/tcp (TIP 2), 2024/tcp (xinuexpansion4), 1971/tcp (NetOp School), 3385/tcp (qnxnetman), 3311/tcp (MCNS Tel Ret), 1964/tcp (SOLID E ENGINE), 2028/tcp (submitserver), 3384/tcp (Cluster Management Services), 2017/tcp (cypress-stat), 1965/tcp (Tivoli NPM), 3328/tcp (Eaglepoint License Manager), 3337/tcp (Direct TV Data Catalog), 3393/tcp (D2K Tapestry Client to Server), 3392/tcp (EFI License Management), 1959/tcp (SIMP Channel), 3309/tcp (TNS ADV), 1957/tcp (unix-status), 3327/tcp (BBARS), 3378/tcp (WSICOPY), 3351/tcp (Btrieve port), 2016/tcp (bootserver), 3394/tcp (D2K Tapestry Server to Server), 3335/tcp (Direct TV Software Updates), 1967/tcp (SNS Quote), 1962/tcp (BIAP-MP), 3371/tcp, 3306/tcp (MySQL), 3346/tcp (Trnsprnt Proxy), 1981/tcp (p2pQ), 3353/tcp (FATPIPE), 1950/tcp (ISMA Easdaq Test), 3391/tcp (SAVANT), 1970/tcp (NetOp Remote Control), 3300/tcp, 1963/tcp (WebMachine), 1953/tcp (Rapid Base), 2015/tcp (cypress), 3308/tcp (TNS Server), 55555/tcp, 3313/tcp (Unify Object Broker), 1968/tcp (LIPSinc), 3400/tcp (CSMS2), 3331/tcp (MCS Messaging), 2007/tcp (dectalk), 1972/tcp (Cache), 3355/tcp (Ordinox Dbase), 1974/tcp (DRP), 3326/tcp (SFTU), 3338/tcp (OMF data b), 3350/tcp (FINDVIATV), 3362/tcp (DJ ILM), 3374/tcp (Cluster Disc), 1992/tcp (IPsendmsg), 2014/tcp (troff), 3304/tcp (OP Session Server), 2029/tcp (Hot Standby Router Protocol IPv6), 2022/tcp (down), 2004/tcp (mailbox), 3325/tcp, 3381/tcp (Geneous), 2008/tcp (conf), 4444/tcp (NV Video default), 3367/tcp (-3371  Satellite Video Data Link), 3333/tcp (DEC Notes), 1984/tcp (BB), 3307/tcp (OP Session Proxy), 3370/tcp, 3366/tcp (Creative Partner), 3341/tcp (OMF data h), 44444/tcp, 1996/tcp (cisco Remote SRB port), 3312/tcp (Application Management Server), 1989/tcp (MHSnet system), 2020/tcp (xinupageserver), 3365/tcp (Content Server), 3342/tcp (WebTIE), 1973/tcp (Data Link Switching Remote Access Protocol), 1951/tcp (bcs-lmserver), 1975/tcp (TCO Flash Agent), 1987/tcp (cisco RSRB Priority 1 port), 3361/tcp (KV Agent), 33333/tcp (Digital Gaslight Service), 3380/tcp (SNS Channels), 2003/tcp (Brutus Server), 3397/tcp (Cloanto License Manager), 3399/tcp (CSMS), 1952/tcp (mpnjsc), 3375/tcp (VSNM Agent), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 1977/tcp (TCO Address Book), 3388/tcp (CB Server), 1983/tcp (Loophole Test Protocol), 2010/tcp (search), 2000/tcp (Cisco SCCP), 2019/tcp (whosockami), 1955/tcp (ABR-Secure Data (diskbridge)), 2021/tcp (servexec), 1960/tcp (Merit DAC NASmanager), 3322/tcp (-3325  Active Networks).
      
BHD Honeypot
Port scan
2021-01-07

In the last 24h, the attacker (103.207.39.22) attempted to scan 192 ports.
The following ports have been scanned: 3352/tcp (Scalable SQL), 3205/tcp (iSNS Server Port), 3282/tcp (Datusorb), 3305/tcp (ODETTE-FTP), 3368/tcp, 3398/tcp (Mercantile), 3219/tcp (WMS Messenger), 3252/tcp (DHE port), 3396/tcp (Printer Agent), 3204/tcp (Network Watcher DB Access), 3280/tcp (VS Server), 3358/tcp (Mp Sys Rmsvr), 3359/tcp (WG NetForce), 3293/tcp (fg-fps), 3262/tcp (NECP), 3323/tcp, 3235/tcp (MDAP port), 3216/tcp (Ferrari electronic FOAM), 3321/tcp (VNSSTR), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3324/tcp, 3364/tcp (Creative Server), 3389/tcp (MS WBT Server), 3299/tcp (pdrncs), 3265/tcp (Altav Tunnel), 3303/tcp (OP Session Client), 3356/tcp (UPNOTIFYPS), 3208/tcp (PFU PR Callback), 3248/tcp (PROCOS LM), 3345/tcp (Influence), 3256/tcp (Compaq RPM Agent Port), 3377/tcp (Cogsys Network License Manager), 3213/tcp (NEON 24X7 Mission Control), 3318/tcp (Swith to Swith Routing Information Protocol), 3263/tcp (E-Color Enterprise Imager), 3236/tcp (appareNet Test Server), 3343/tcp (MS Cluster Net), 3383/tcp (Enterprise Software Products License Manager), 3257/tcp (Compaq RPM Server Port), 3363/tcp (NATI Vi Server), 3225/tcp (FCIP), 3202/tcp (IntraIntra), 3320/tcp (Office Link 2000), 3387/tcp (Back Room Net), 3210/tcp (Flamenco Networks Proxy), 3215/tcp (JMQ Daemon Port 2), 3277/tcp (AWG Proxy), 3369/tcp, 3234/tcp (Alchemy Server), 3214/tcp (JMQ Daemon Port 1), 3254/tcp (PDA System), 3339/tcp (OMF data l), 3315/tcp (CDID), 3288/tcp (COPS), 3224/tcp (AES Discovery Port), 3267/tcp (IBM Dial Out), 3379/tcp (SOCORFS), 3314/tcp (Unify Object Host), 3271/tcp (CSoft Prev Port), 3348/tcp (Pangolin Laser), 3349/tcp (Chevin Services), 3302/tcp (MCS Fastmail), 3332/tcp (MCS Mail Server), 3297/tcp (Cytel License Manager), 3376/tcp (CD Broker), 3373/tcp (Lavenir License Manager), 3251/tcp (Sys Scanner), 3347/tcp (Phoenix RPC), 3372/tcp (TIP 2), 3212/tcp (Survey Instrument), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 3222/tcp (Gateway Load Balancing Pr), 3200/tcp (Press-sense Tick Port), 3311/tcp (MCNS Tel Ret), 3229/tcp (Global CD Port), 3384/tcp (Cluster Management Services), 3310/tcp (Dyna Access), 3243/tcp (Timelot Port), 3329/tcp (HP Device Disc), 3241/tcp (SysOrb Monitoring Server), 3328/tcp (Eaglepoint License Manager), 3253/tcp (PDA Data), 3264/tcp (cc:mail/lotus), 3281/tcp (SYSOPT), 3294/tcp (fg-gip), 3290/tcp (CAPS LOGISTICS TOOLKIT - LM), 3337/tcp (Direct TV Data Catalog), 3393/tcp (D2K Tapestry Client to Server), 3392/tcp (EFI License Management), 3226/tcp (ISI Industry Software IRP), 3309/tcp (TNS ADV), 3230/tcp (Software Distributor Port), 3228/tcp (DiamondWave MSG Server), 3242/tcp (Session Description ID), 3209/tcp (HP OpenView Network Path Engine Server), 3206/tcp (IronMail POP Proxy), 3327/tcp (BBARS), 3378/tcp (WSICOPY), 3275/tcp (SAMD), 3351/tcp (Btrieve port), 3276/tcp (Maxim ASICs), 3394/tcp (D2K Tapestry Server to Server), 3218/tcp (EMC SmartPackets), 3295/tcp (Dynamic IP Lookup), 3255/tcp (Semaphore Connection Port), 3220/tcp (XML NM over SSL), 3284/tcp (4Talk), 3335/tcp (Direct TV Software Updates), 3371/tcp, 3306/tcp (MySQL), 3211/tcp (Avocent Secure Management), 3346/tcp (Trnsprnt Proxy), 3260/tcp (iSCSI port), 3353/tcp (FATPIPE), 3391/tcp (SAVANT), 3278/tcp (LKCM Server), 3300/tcp, 3238/tcp (appareNet Analysis Server), 3261/tcp (winShadow), 3308/tcp (TNS Server), 3279/tcp (admind), 3313/tcp (Unify Object Broker), 3232/tcp (MDT port), 3400/tcp (CSMS2), 3340/tcp (OMF data m), 3331/tcp (MCS Messaging), 3221/tcp (XML NM over TCP), 3355/tcp (Ordinox Dbase), 3269/tcp (Microsoft Global Catalog with LDAP/SSL), 3326/tcp (SFTU), 3338/tcp (OMF data b), 3350/tcp (FINDVIATV), 3354/tcp (SUITJD), 3362/tcp (DJ ILM), 3374/tcp (Cluster Disc), 3273/tcp (Simple Extensible Multiplexed Protocol), 3304/tcp (OP Session Server), 3298/tcp (DeskView), 3336/tcp (Direct TV Tickers), 3325/tcp, 3381/tcp (Geneous), 3217/tcp (Unified IP & Telecom Environment), 3203/tcp (Network Watcher Monitor), 3360/tcp (KV Server), 3247/tcp (DVT DATA LINK), 3287/tcp (DIRECTVDATA), 3357/tcp (Adtech Test IP), 3367/tcp (-3371  Satellite Video Data Link), 3244/tcp (OneSAF), 3233/tcp (WhiskerControl main port), 3231/tcp (VidiGo communication (previous was: Delta Solutions Direct)), 3201/tcp (CPQ-TaskSmart), 3333/tcp (DEC Notes), 3307/tcp (OP Session Proxy), 3370/tcp, 3334/tcp (Direct TV Webcasting), 3258/tcp (Ivecon Server Port), 3268/tcp (Microsoft Global Catalog), 3366/tcp (Creative Partner), 3341/tcp (OMF data h), 3286/tcp (E-Net), 3312/tcp (Application Management Server), 3237/tcp (appareNet Test Packet Sequencer), 3365/tcp (Content Server), 3342/tcp (WebTIE), 3301/tcp, 3361/tcp (KV Agent), 3380/tcp (SNS Channels), 3397/tcp (Cloanto License Manager), 3285/tcp (Plato), 3274/tcp (Ordinox Server), 3399/tcp (CSMS), 3375/tcp (VSNM Agent), 3250/tcp (HMS hicp port), 3240/tcp (Trio Motion Control Port), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 3289/tcp (ENPC), 3259/tcp (Epson Network Common Devi), 3296/tcp (Rib License Manager), 3319/tcp (SDT License Manager), 3388/tcp (CB Server), 3270/tcp (Verismart), 3239/tcp (appareNet User Interface), 3227/tcp (DiamondWave NMS Server), 3283/tcp (Net Assistant), 3266/tcp (NS CFG Server), 3207/tcp (Veritas Authentication Port), 3249/tcp (State Sync Protocol), 3322/tcp (-3325  Active Networks).
      
BHD Honeypot
Port scan
2021-01-07

Port scan from IP: 103.207.39.22 detected by psad.
BHD Honeypot
Port scan
2021-01-01

In the last 24h, the attacker (103.207.39.22) attempted to scan 11 ports.
The following ports have been scanned: 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 3387/tcp (Back Room Net), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 3392/tcp (EFI License Management), 3394/tcp (D2K Tapestry Server to Server), 3391/tcp (SAVANT), 3388/tcp (CB Server).
      
BHD Honeypot
Port scan
2021-01-01

Port scan from IP: 103.207.39.22 detected by psad.
BHD Honeypot
Port scan
2020-12-27

In the last 24h, the attacker (103.207.39.22) attempted to scan 35 ports.
The following ports have been scanned: 1993/tcp (cisco SNMP TCP port), 1991/tcp (cisco STUN Priority 2 port), 3396/tcp (Printer Agent), 3395/tcp (Dyna License Manager (Elam)), 3344/tcp (BNT Manager), 3318/tcp (Swith to Swith Routing Information Protocol), 3369/tcp, 1978/tcp (UniSQL), 3314/tcp (Unify Object Host), 2027/tcp (shadowserver), 1990/tcp (cisco STUN Priority 1 port), 2024/tcp (xinuexpansion4), 1959/tcp (SIMP Channel), 3378/tcp (WSICOPY), 3371/tcp, 3353/tcp (FATPIPE), 1953/tcp (Rapid Base), 3400/tcp (CSMS2), 3331/tcp (MCS Messaging), 2007/tcp (dectalk), 1969/tcp (LIPSinc 1), 2029/tcp (Hot Standby Router Protocol IPv6), 3325/tcp, 2008/tcp (conf), 3341/tcp (OMF data h), 2018/tcp (terminaldb), 3312/tcp (Application Management Server), 1989/tcp (MHSnet system), 3342/tcp (WebTIE), 1973/tcp (Data Link Switching Remote Access Protocol), 2026/tcp (scrabble), 3361/tcp (KV Agent), 1952/tcp (mpnjsc), 3388/tcp (CB Server).
      
BHD Honeypot
Port scan
2020-12-26

In the last 24h, the attacker (103.207.39.22) attempted to scan 265 ports.
The following ports have been scanned: 3352/tcp (Scalable SQL), 1954/tcp (ABR-API (diskbridge)), 1999/tcp (cisco identification port), 3368/tcp, 3398/tcp (Mercantile), 2012/tcp (ttyinfo), 2222/tcp (EtherNet/IP I/O), 3396/tcp (Printer Agent), 3358/tcp (Mp Sys Rmsvr), 3359/tcp (WG NetForce), 1958/tcp (CA Administration Daemon), 3323/tcp, 3321/tcp (VNSSTR), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 1979/tcp (UniSQL Java), 3303/tcp (OP Session Client), 1956/tcp (Vertel VMF DS), 3356/tcp (UPNOTIFYPS), 22222/tcp, 3345/tcp (Influence), 2013/tcp (raid-am), 3377/tcp (Cogsys Network License Manager), 2001/tcp (dc), 2030/tcp (device2), 3344/tcp (BNT Manager), 2002/tcp (globe), 3318/tcp (Swith to Swith Routing Information Protocol), 2011/tcp (raid), 3343/tcp (MS Cluster Net), 3383/tcp (Enterprise Software Products License Manager), 1994/tcp (cisco serial tunnel port), 5555/tcp (Personal Agent), 1995/tcp (cisco perf port), 3363/tcp (NATI Vi Server), 6666/tcp, 3320/tcp (Office Link 2000), 2023/tcp (xinuexpansion3), 3387/tcp (Back Room Net), 3330/tcp (MCS Calypso ICF), 1985/tcp (Hot Standby Router Protocol), 1988/tcp (cisco RSRB Priority 2 port), 2025/tcp (ellpack), 3339/tcp (OMF data l), 3379/tcp (SOCORFS), 1978/tcp (UniSQL), 3314/tcp (Unify Object Host), 1982/tcp (Evidentiary Timestamp), 1997/tcp (cisco Gateway Discovery Protocol), 3348/tcp (Pangolin Laser), 3349/tcp (Chevin Services), 2027/tcp (shadowserver), 3302/tcp (MCS Fastmail), 1990/tcp (cisco STUN Priority 1 port), 3332/tcp (MCS Mail Server), 11111/tcp (Viral Computing Environment (VCE)), 2009/tcp (news), 3373/tcp (Lavenir License Manager), 3347/tcp (Phoenix RPC), 3372/tcp (TIP 2), 1971/tcp (NetOp School), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 3311/tcp (MCNS Tel Ret), 2028/tcp (submitserver), 3384/tcp (Cluster Management Services), 3310/tcp (Dyna Access), 2017/tcp (cypress-stat), 3329/tcp (HP Device Disc), 3328/tcp (Eaglepoint License Manager), 3337/tcp (Direct TV Data Catalog), 3393/tcp (D2K Tapestry Client to Server), 3392/tcp (EFI License Management), 1959/tcp (SIMP Channel), 3309/tcp (TNS ADV), 1957/tcp (unix-status), 3327/tcp (BBARS), 3378/tcp (WSICOPY), 3351/tcp (Btrieve port), 2016/tcp (bootserver), 3394/tcp (D2K Tapestry Server to Server), 3316/tcp (AICC/CMI), 3335/tcp (Direct TV Software Updates), 1967/tcp (SNS Quote), 1962/tcp (BIAP-MP), 3371/tcp, 3306/tcp (MySQL), 3346/tcp (Trnsprnt Proxy), 1950/tcp (ISMA Easdaq Test), 3391/tcp (SAVANT), 1970/tcp (NetOp Remote Control), 3300/tcp, 1966/tcp (Slush), 1963/tcp (WebMachine), 1953/tcp (Rapid Base), 3308/tcp (TNS Server), 55555/tcp, 3313/tcp (Unify Object Broker), 3400/tcp (CSMS2), 3340/tcp (OMF data m), 3331/tcp (MCS Messaging), 2007/tcp (dectalk), 1972/tcp (Cache), 3355/tcp (Ordinox Dbase), 3326/tcp (SFTU), 1980/tcp (PearlDoc XACT), 3338/tcp (OMF data b), 3350/tcp (FINDVIATV), 3354/tcp (SUITJD), 1961/tcp (BTS APPSERVER), 3362/tcp (DJ ILM), 3374/tcp (Cluster Disc), 1992/tcp (IPsendmsg), 2014/tcp (troff), 3304/tcp (OP Session Server), 2029/tcp (Hot Standby Router Protocol IPv6), 2004/tcp (mailbox), 3336/tcp (Direct TV Tickers), 3325/tcp, 3381/tcp (Geneous), 3360/tcp (KV Server), 1111/tcp (LM Social Server), 2008/tcp (conf), 3357/tcp (Adtech Test IP), 4444/tcp (NV Video default), 3367/tcp (-3371  Satellite Video Data Link), 3307/tcp (OP Session Proxy), 3334/tcp (Direct TV Webcasting), 3366/tcp (Creative Partner), 3341/tcp (OMF data h), 44444/tcp, 2018/tcp (terminaldb), 3312/tcp (Application Management Server), 3365/tcp (Content Server), 3301/tcp, 1951/tcp (bcs-lmserver), 1975/tcp (TCO Flash Agent), 2026/tcp (scrabble), 3361/tcp (KV Agent), 33333/tcp (Digital Gaslight Service), 3380/tcp (SNS Channels), 2003/tcp (Brutus Server), 3397/tcp (Cloanto License Manager), 3399/tcp (CSMS), 1952/tcp (mpnjsc), 3375/tcp (VSNM Agent), 2006/tcp (invokator), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 1977/tcp (TCO Address Book), 1983/tcp (Loophole Test Protocol), 2010/tcp (search), 2000/tcp (Cisco SCCP), 1986/tcp (cisco license management), 2019/tcp (whosockami), 1955/tcp (ABR-Secure Data (diskbridge)), 2021/tcp (servexec), 1960/tcp (Merit DAC NASmanager).
      
BHD Honeypot
Port scan
2020-12-25

In the last 24h, the attacker (103.207.39.22) attempted to scan 95 ports.
The following ports have been scanned: 1999/tcp (cisco identification port), 3305/tcp (ODETTE-FTP), 3398/tcp (Mercantile), 2222/tcp (EtherNet/IP I/O), 1958/tcp (CA Administration Daemon), 3323/tcp, 3321/tcp (VNSSTR), 3390/tcp (Distributed Service Coordinator), 3324/tcp, 3389/tcp (MS WBT Server), 3303/tcp (OP Session Client), 3317/tcp (VSAI PORT), 1956/tcp (Vertel VMF DS), 2001/tcp (dc), 2030/tcp (device2), 3383/tcp (Enterprise Software Products License Manager), 5555/tcp (Personal Agent), 1995/tcp (cisco perf port), 3363/tcp (NATI Vi Server), 6666/tcp, 2023/tcp (xinuexpansion3), 3369/tcp, 1988/tcp (cisco RSRB Priority 2 port), 3339/tcp (OMF data l), 3315/tcp (CDID), 3379/tcp (SOCORFS), 1998/tcp (cisco X.25 service (XOT)), 3314/tcp (Unify Object Host), 3332/tcp (MCS Mail Server), 11111/tcp (Viral Computing Environment (VCE)), 3376/tcp (CD Broker), 1976/tcp (TCO Reg Agent), 3347/tcp (Phoenix RPC), 3372/tcp (TIP 2), 2024/tcp (xinuexpansion4), 1971/tcp (NetOp School), 3386/tcp (GPRS Data), 3311/tcp (MCNS Tel Ret), 3384/tcp (Cluster Management Services), 3310/tcp (Dyna Access), 3329/tcp (HP Device Disc), 3393/tcp (D2K Tapestry Client to Server), 3309/tcp (TNS ADV), 3351/tcp (Btrieve port), 2016/tcp (bootserver), 3306/tcp (MySQL), 1981/tcp (p2pQ), 2015/tcp (cypress), 3308/tcp (TNS Server), 55555/tcp, 3313/tcp (Unify Object Broker), 3355/tcp (Ordinox Dbase), 1974/tcp (DRP), 3338/tcp (OMF data b), 1969/tcp (LIPSinc 1), 3354/tcp (SUITJD), 3374/tcp (Cluster Disc), 2029/tcp (Hot Standby Router Protocol IPv6), 1111/tcp (LM Social Server), 2008/tcp (conf), 3367/tcp (-3371  Satellite Video Data Link), 3333/tcp (DEC Notes), 1984/tcp (BB), 3370/tcp, 3334/tcp (Direct TV Webcasting), 3366/tcp (Creative Partner), 44444/tcp, 1996/tcp (cisco Remote SRB port), 2020/tcp (xinupageserver), 3342/tcp (WebTIE), 1973/tcp (Data Link Switching Remote Access Protocol), 1951/tcp (bcs-lmserver), 2026/tcp (scrabble), 1987/tcp (cisco RSRB Priority 1 port), 2006/tcp (invokator), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 3319/tcp (SDT License Manager), 1960/tcp (Merit DAC NASmanager).
      
BHD Honeypot
Port scan
2020-12-24

Port scan from IP: 103.207.39.22 detected by psad.
BHD Honeypot
Port scan
2020-12-17

In the last 24h, the attacker (103.207.39.22) attempted to scan 16 ports.
The following ports have been scanned: 3398/tcp (Mercantile), 3396/tcp (Printer Agent), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3389/tcp (MS WBT Server), 3387/tcp (Back Room Net), 3385/tcp (qnxnetman), 3393/tcp (D2K Tapestry Client to Server), 3392/tcp (EFI License Management), 3394/tcp (D2K Tapestry Server to Server), 3391/tcp (SAVANT), 3400/tcp (CSMS2), 3397/tcp (Cloanto License Manager), 3399/tcp (CSMS), 3388/tcp (CB Server).
      
BHD Honeypot
Port scan
2020-12-15

In the last 24h, the attacker (103.207.39.22) attempted to scan 123 ports.
The following ports have been scanned: 1993/tcp (cisco SNMP TCP port), 1954/tcp (ABR-API (diskbridge)), 3368/tcp, 1991/tcp (cisco STUN Priority 2 port), 2012/tcp (ttyinfo), 3323/tcp, 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3324/tcp, 3364/tcp (Creative Server), 3389/tcp (MS WBT Server), 3303/tcp (OP Session Client), 1956/tcp (Vertel VMF DS), 3345/tcp (Influence), 2001/tcp (dc), 2030/tcp (device2), 3318/tcp (Swith to Swith Routing Information Protocol), 3343/tcp (MS Cluster Net), 1994/tcp (cisco serial tunnel port), 3363/tcp (NATI Vi Server), 6666/tcp, 3387/tcp (Back Room Net), 1988/tcp (cisco RSRB Priority 2 port), 3315/tcp (CDID), 1998/tcp (cisco X.25 service (XOT)), 1978/tcp (UniSQL), 3314/tcp (Unify Object Host), 3348/tcp (Pangolin Laser), 2027/tcp (shadowserver), 1990/tcp (cisco STUN Priority 1 port), 3332/tcp (MCS Mail Server), 3376/tcp (CD Broker), 3372/tcp (TIP 2), 1971/tcp (NetOp School), 3385/tcp (qnxnetman), 3311/tcp (MCNS Tel Ret), 1964/tcp (SOLID E ENGINE), 3384/tcp (Cluster Management Services), 3310/tcp (Dyna Access), 1965/tcp (Tivoli NPM), 1957/tcp (unix-status), 3327/tcp (BBARS), 2016/tcp (bootserver), 3394/tcp (D2K Tapestry Server to Server), 3335/tcp (Direct TV Software Updates), 1967/tcp (SNS Quote), 3306/tcp (MySQL), 3346/tcp (Trnsprnt Proxy), 1981/tcp (p2pQ), 3391/tcp (SAVANT), 1970/tcp (NetOp Remote Control), 1966/tcp (Slush), 1963/tcp (WebMachine), 3308/tcp (TNS Server), 55555/tcp, 1972/tcp (Cache), 1974/tcp (DRP), 3326/tcp (SFTU), 3338/tcp (OMF data b), 3350/tcp (FINDVIATV), 3354/tcp (SUITJD), 3362/tcp (DJ ILM), 3304/tcp (OP Session Server), 2029/tcp (Hot Standby Router Protocol IPv6), 2022/tcp (down), 2004/tcp (mailbox), 3336/tcp (Direct TV Tickers), 3325/tcp, 3381/tcp (Geneous), 1111/tcp (LM Social Server), 4444/tcp (NV Video default), 3367/tcp (-3371  Satellite Video Data Link), 3333/tcp (DEC Notes), 1984/tcp (BB), 3307/tcp (OP Session Proxy), 3370/tcp, 3334/tcp (Direct TV Webcasting), 3366/tcp (Creative Partner), 3341/tcp (OMF data h), 1996/tcp (cisco Remote SRB port), 2018/tcp (terminaldb), 1989/tcp (MHSnet system), 2020/tcp (xinupageserver), 3342/tcp (WebTIE), 1951/tcp (bcs-lmserver), 1987/tcp (cisco RSRB Priority 1 port), 3361/tcp (KV Agent), 33333/tcp (Digital Gaslight Service), 3397/tcp (Cloanto License Manager), 3399/tcp (CSMS), 2006/tcp (invokator), 1977/tcp (TCO Address Book), 1983/tcp (Loophole Test Protocol), 2010/tcp (search), 2000/tcp (Cisco SCCP), 1986/tcp (cisco license management), 2021/tcp (servexec), 1960/tcp (Merit DAC NASmanager), 3322/tcp (-3325  Active Networks).
      
BHD Honeypot
Port scan
2020-12-14

In the last 24h, the attacker (103.207.39.22) attempted to scan 137 ports.
The following ports have been scanned: 3352/tcp (Scalable SQL), 1993/tcp (cisco SNMP TCP port), 2005/tcp (berknet), 3398/tcp (Mercantile), 3359/tcp (WG NetForce), 3323/tcp, 3321/tcp (VNSSTR), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3324/tcp, 3364/tcp (Creative Server), 3389/tcp (MS WBT Server), 1979/tcp (UniSQL Java), 1956/tcp (Vertel VMF DS), 3356/tcp (UPNOTIFYPS), 22222/tcp, 3345/tcp (Influence), 2013/tcp (raid-am), 3344/tcp (BNT Manager), 2002/tcp (globe), 2011/tcp (raid), 1994/tcp (cisco serial tunnel port), 5555/tcp (Personal Agent), 1995/tcp (cisco perf port), 6666/tcp, 3320/tcp (Office Link 2000), 2023/tcp (xinuexpansion3), 1985/tcp (Hot Standby Router Protocol), 1988/tcp (cisco RSRB Priority 2 port), 3339/tcp (OMF data l), 3315/tcp (CDID), 3379/tcp (SOCORFS), 1982/tcp (Evidentiary Timestamp), 1997/tcp (cisco Gateway Discovery Protocol), 3348/tcp (Pangolin Laser), 3349/tcp (Chevin Services), 3302/tcp (MCS Fastmail), 2009/tcp (news), 1976/tcp (TCO Reg Agent), 3373/tcp (Lavenir License Manager), 3347/tcp (Phoenix RPC), 3372/tcp (TIP 2), 2024/tcp (xinuexpansion4), 3386/tcp (GPRS Data), 2028/tcp (submitserver), 3384/tcp (Cluster Management Services), 2017/tcp (cypress-stat), 3329/tcp (HP Device Disc), 3337/tcp (Direct TV Data Catalog), 3393/tcp (D2K Tapestry Client to Server), 3327/tcp (BBARS), 3378/tcp (WSICOPY), 3351/tcp (Btrieve port), 3394/tcp (D2K Tapestry Server to Server), 3316/tcp (AICC/CMI), 3335/tcp (Direct TV Software Updates), 1962/tcp (BIAP-MP), 3371/tcp, 3306/tcp (MySQL), 1981/tcp (p2pQ), 3353/tcp (FATPIPE), 1950/tcp (ISMA Easdaq Test), 3391/tcp (SAVANT), 3300/tcp, 1953/tcp (Rapid Base), 55555/tcp, 3313/tcp (Unify Object Broker), 1968/tcp (LIPSinc), 3400/tcp (CSMS2), 3340/tcp (OMF data m), 1972/tcp (Cache), 1980/tcp (PearlDoc XACT), 1969/tcp (LIPSinc 1), 1961/tcp (BTS APPSERVER), 1992/tcp (IPsendmsg), 2022/tcp (down), 3336/tcp (Direct TV Tickers), 3325/tcp, 1111/tcp (LM Social Server), 2008/tcp (conf), 3367/tcp (-3371  Satellite Video Data Link), 3333/tcp (DEC Notes), 1984/tcp (BB), 3334/tcp (Direct TV Webcasting), 3366/tcp (Creative Partner), 44444/tcp, 1996/tcp (cisco Remote SRB port), 3312/tcp (Application Management Server), 1989/tcp (MHSnet system), 2020/tcp (xinupageserver), 3342/tcp (WebTIE), 3301/tcp, 1975/tcp (TCO Flash Agent), 2026/tcp (scrabble), 3361/tcp (KV Agent), 33333/tcp (Digital Gaslight Service), 3380/tcp (SNS Channels), 3375/tcp (VSNM Agent), 2006/tcp (invokator), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 3388/tcp (CB Server), 1983/tcp (Loophole Test Protocol), 2000/tcp (Cisco SCCP), 2019/tcp (whosockami), 2021/tcp (servexec), 1960/tcp (Merit DAC NASmanager).
      
BHD Honeypot
Port scan
2020-12-13

In the last 24h, the attacker (103.207.39.22) attempted to scan 30 ports.
The following ports have been scanned: 3352/tcp (Scalable SQL), 2222/tcp (EtherNet/IP I/O), 3359/tcp (WG NetForce), 3343/tcp (MS Cluster Net), 3383/tcp (Enterprise Software Products License Manager), 3320/tcp (Office Link 2000), 2023/tcp (xinuexpansion3), 3330/tcp (MCS Calypso ICF), 1982/tcp (Evidentiary Timestamp), 3302/tcp (MCS Fastmail), 3392/tcp (EFI License Management), 3309/tcp (TNS ADV), 3378/tcp (WSICOPY), 55555/tcp, 2007/tcp (dectalk), 3338/tcp (OMF data b), 2014/tcp (troff), 3381/tcp (Geneous), 3360/tcp (KV Server), 1111/tcp (LM Social Server), 2008/tcp (conf), 2026/tcp (scrabble), 2003/tcp (Brutus Server), 3375/tcp (VSNM Agent), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 1977/tcp (TCO Address Book), 3322/tcp (-3325  Active Networks).
      
BHD Honeypot
Port scan
2020-12-13

Port scan from IP: 103.207.39.22 detected by psad.
BHD Honeypot
Port scan
2020-11-29

In the last 24h, the attacker (103.207.39.22) attempted to scan 195 ports.
The following ports have been scanned: 3352/tcp (Scalable SQL), 1993/tcp (cisco SNMP TCP port), 1954/tcp (ABR-API (diskbridge)), 3305/tcp (ODETTE-FTP), 2005/tcp (berknet), 3368/tcp, 3398/tcp (Mercantile), 1991/tcp (cisco STUN Priority 2 port), 2012/tcp (ttyinfo), 2222/tcp (EtherNet/IP I/O), 3358/tcp (Mp Sys Rmsvr), 3359/tcp (WG NetForce), 1958/tcp (CA Administration Daemon), 3323/tcp, 3321/tcp (VNSSTR), 3324/tcp, 3389/tcp (MS WBT Server), 1979/tcp (UniSQL Java), 3317/tcp (VSAI PORT), 1956/tcp (Vertel VMF DS), 3356/tcp (UPNOTIFYPS), 22222/tcp, 3345/tcp (Influence), 2013/tcp (raid-am), 3377/tcp (Cogsys Network License Manager), 2001/tcp (dc), 2030/tcp (device2), 3344/tcp (BNT Manager), 2002/tcp (globe), 2011/tcp (raid), 3343/tcp (MS Cluster Net), 3383/tcp (Enterprise Software Products License Manager), 1994/tcp (cisco serial tunnel port), 5555/tcp (Personal Agent), 3363/tcp (NATI Vi Server), 6666/tcp, 3320/tcp (Office Link 2000), 2023/tcp (xinuexpansion3), 3387/tcp (Back Room Net), 3330/tcp (MCS Calypso ICF), 1985/tcp (Hot Standby Router Protocol), 1988/tcp (cisco RSRB Priority 2 port), 2025/tcp (ellpack), 3379/tcp (SOCORFS), 1978/tcp (UniSQL), 3314/tcp (Unify Object Host), 1982/tcp (Evidentiary Timestamp), 1997/tcp (cisco Gateway Discovery Protocol), 2027/tcp (shadowserver), 3302/tcp (MCS Fastmail), 3332/tcp (MCS Mail Server), 2009/tcp (news), 3347/tcp (Phoenix RPC), 2024/tcp (xinuexpansion4), 1971/tcp (NetOp School), 3386/tcp (GPRS Data), 3311/tcp (MCNS Tel Ret), 2028/tcp (submitserver), 3384/tcp (Cluster Management Services), 2017/tcp (cypress-stat), 3328/tcp (Eaglepoint License Manager), 3337/tcp (Direct TV Data Catalog), 1959/tcp (SIMP Channel), 3309/tcp (TNS ADV), 3327/tcp (BBARS), 3351/tcp (Btrieve port), 2016/tcp (bootserver), 3316/tcp (AICC/CMI), 1967/tcp (SNS Quote), 1962/tcp (BIAP-MP), 3371/tcp, 1981/tcp (p2pQ), 3391/tcp (SAVANT), 1970/tcp (NetOp Remote Control), 1963/tcp (WebMachine), 1953/tcp (Rapid Base), 2015/tcp (cypress), 3308/tcp (TNS Server), 55555/tcp, 1968/tcp (LIPSinc), 3400/tcp (CSMS2), 2007/tcp (dectalk), 1972/tcp (Cache), 3355/tcp (Ordinox Dbase), 1974/tcp (DRP), 3326/tcp (SFTU), 3338/tcp (OMF data b), 1969/tcp (LIPSinc 1), 3354/tcp (SUITJD), 3374/tcp (Cluster Disc), 3304/tcp (OP Session Server), 2029/tcp (Hot Standby Router Protocol IPv6), 2022/tcp (down), 2004/tcp (mailbox), 3336/tcp (Direct TV Tickers), 3381/tcp (Geneous), 1111/tcp (LM Social Server), 2008/tcp (conf), 3357/tcp (Adtech Test IP), 4444/tcp (NV Video default), 1984/tcp (BB), 3307/tcp (OP Session Proxy), 3370/tcp, 3366/tcp (Creative Partner), 3341/tcp (OMF data h), 44444/tcp, 2018/tcp (terminaldb), 3312/tcp (Application Management Server), 1989/tcp (MHSnet system), 2020/tcp (xinupageserver), 3365/tcp (Content Server), 3342/tcp (WebTIE), 1973/tcp (Data Link Switching Remote Access Protocol), 1951/tcp (bcs-lmserver), 1975/tcp (TCO Flash Agent), 1987/tcp (cisco RSRB Priority 1 port), 3397/tcp (Cloanto License Manager), 3399/tcp (CSMS), 3375/tcp (VSNM Agent), 2006/tcp (invokator), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 1977/tcp (TCO Address Book), 3388/tcp (CB Server), 1983/tcp (Loophole Test Protocol), 2000/tcp (Cisco SCCP), 1986/tcp (cisco license management), 2019/tcp (whosockami), 1955/tcp (ABR-Secure Data (diskbridge)), 2021/tcp (servexec), 3322/tcp (-3325  Active Networks).
      
BHD Honeypot
Port scan
2020-11-28

In the last 24h, the attacker (103.207.39.22) attempted to scan 287 ports.
The following ports have been scanned: 3352/tcp (Scalable SQL), 1993/tcp (cisco SNMP TCP port), 1954/tcp (ABR-API (diskbridge)), 1999/tcp (cisco identification port), 3305/tcp (ODETTE-FTP), 2005/tcp (berknet), 3368/tcp, 2012/tcp (ttyinfo), 2222/tcp (EtherNet/IP I/O), 3396/tcp (Printer Agent), 1958/tcp (CA Administration Daemon), 3323/tcp, 3321/tcp (VNSSTR), 3390/tcp (Distributed Service Coordinator), 3395/tcp (Dyna License Manager (Elam)), 3324/tcp, 3364/tcp (Creative Server), 3389/tcp (MS WBT Server), 3303/tcp (OP Session Client), 1956/tcp (Vertel VMF DS), 3356/tcp (UPNOTIFYPS), 22222/tcp, 3345/tcp (Influence), 2013/tcp (raid-am), 3377/tcp (Cogsys Network License Manager), 2030/tcp (device2), 3344/tcp (BNT Manager), 2002/tcp (globe), 3318/tcp (Swith to Swith Routing Information Protocol), 2011/tcp (raid), 3343/tcp (MS Cluster Net), 3383/tcp (Enterprise Software Products License Manager), 1994/tcp (cisco serial tunnel port), 5555/tcp (Personal Agent), 1995/tcp (cisco perf port), 3363/tcp (NATI Vi Server), 6666/tcp, 2023/tcp (xinuexpansion3), 3387/tcp (Back Room Net), 3330/tcp (MCS Calypso ICF), 3369/tcp, 1988/tcp (cisco RSRB Priority 2 port), 3339/tcp (OMF data l), 3315/tcp (CDID), 3379/tcp (SOCORFS), 1998/tcp (cisco X.25 service (XOT)), 1978/tcp (UniSQL), 3314/tcp (Unify Object Host), 1982/tcp (Evidentiary Timestamp), 3348/tcp (Pangolin Laser), 3349/tcp (Chevin Services), 2027/tcp (shadowserver), 1990/tcp (cisco STUN Priority 1 port), 3332/tcp (MCS Mail Server), 11111/tcp (Viral Computing Environment (VCE)), 2009/tcp (news), 3376/tcp (CD Broker), 1976/tcp (TCO Reg Agent), 3373/tcp (Lavenir License Manager), 3347/tcp (Phoenix RPC), 3372/tcp (TIP 2), 2024/tcp (xinuexpansion4), 1971/tcp (NetOp School), 3386/tcp (GPRS Data), 3385/tcp (qnxnetman), 3311/tcp (MCNS Tel Ret), 1964/tcp (SOLID E ENGINE), 2028/tcp (submitserver), 3310/tcp (Dyna Access), 2017/tcp (cypress-stat), 1965/tcp (Tivoli NPM), 3328/tcp (Eaglepoint License Manager), 3393/tcp (D2K Tapestry Client to Server), 3392/tcp (EFI License Management), 1959/tcp (SIMP Channel), 3309/tcp (TNS ADV), 1957/tcp (unix-status), 3327/tcp (BBARS), 3378/tcp (WSICOPY), 3394/tcp (D2K Tapestry Server to Server), 3316/tcp (AICC/CMI), 3335/tcp (Direct TV Software Updates), 1967/tcp (SNS Quote), 1962/tcp (BIAP-MP), 3371/tcp, 3306/tcp (MySQL), 3346/tcp (Trnsprnt Proxy), 1981/tcp (p2pQ), 3353/tcp (FATPIPE), 1950/tcp (ISMA Easdaq Test), 3391/tcp (SAVANT), 1970/tcp (NetOp Remote Control), 3300/tcp, 1966/tcp (Slush), 1963/tcp (WebMachine), 1953/tcp (Rapid Base), 2015/tcp (cypress), 3308/tcp (TNS Server), 55555/tcp, 3313/tcp (Unify Object Broker), 3400/tcp (CSMS2), 3340/tcp (OMF data m), 3331/tcp (MCS Messaging), 2007/tcp (dectalk), 3355/tcp (Ordinox Dbase), 3326/tcp (SFTU), 1980/tcp (PearlDoc XACT), 3338/tcp (OMF data b), 1969/tcp (LIPSinc 1), 3350/tcp (FINDVIATV), 3354/tcp (SUITJD), 1961/tcp (BTS APPSERVER), 3362/tcp (DJ ILM), 3374/tcp (Cluster Disc), 1992/tcp (IPsendmsg), 2014/tcp (troff), 3304/tcp (OP Session Server), 2029/tcp (Hot Standby Router Protocol IPv6), 2004/tcp (mailbox), 3336/tcp (Direct TV Tickers), 3381/tcp (Geneous), 3360/tcp (KV Server), 1111/tcp (LM Social Server), 2008/tcp (conf), 3357/tcp (Adtech Test IP), 3367/tcp (-3371  Satellite Video Data Link), 3333/tcp (DEC Notes), 3307/tcp (OP Session Proxy), 3370/tcp, 3334/tcp (Direct TV Webcasting), 3341/tcp (OMF data h), 1996/tcp (cisco Remote SRB port), 2018/tcp (terminaldb), 3312/tcp (Application Management Server), 1989/tcp (MHSnet system), 3342/tcp (WebTIE), 1973/tcp (Data Link Switching Remote Access Protocol), 3301/tcp, 1951/tcp (bcs-lmserver), 1975/tcp (TCO Flash Agent), 2026/tcp (scrabble), 3361/tcp (KV Agent), 33333/tcp (Digital Gaslight Service), 3380/tcp (SNS Channels), 2003/tcp (Brutus Server), 3397/tcp (Cloanto License Manager), 3399/tcp (CSMS), 1952/tcp (mpnjsc), 3375/tcp (VSNM Agent), 2006/tcp (invokator), 3382/tcp (Fujitsu Network Enhanced Antitheft function), 1977/tcp (TCO Address Book), 3319/tcp (SDT License Manager), 3388/tcp (CB Server), 1983/tcp (Loophole Test Protocol), 2010/tcp (search), 2000/tcp (Cisco SCCP), 1986/tcp (cisco license management), 2019/tcp (whosockami), 1955/tcp (ABR-Secure Data (diskbridge)), 2021/tcp (servexec), 1960/tcp (Merit DAC NASmanager), 3322/tcp (-3325  Active Networks).
      

Blacklist

Near real-time, easy to use data feed containing IPs reported on our website.

Bronze

$3

Updated daily

Learn More

Silver

$15

Updated every hour

Learn More

Gold

$30

Updated every 10 minutes

Learn More

Remarks

Black hat directory contains this IP address, because Internet users reported it as an address making unsolicited, nagging requests. We make every effort to ensure that the information contained in the Black hat directory are correct and up to date. The database is developed and updated by Internet users and moderators.

If you have any reliable information regarding malicious activity originating from this IP address, please share it with others and fill in the 'Report breach' form. It is prohibited from adding personally identifiable information.

Below breach categories are used in the database:

  • Denial of service attack - this attack is accomplished by flooding the target with massive amount of requests in order to overload the targeted system
  • Brute force attack - this category encompasses attempts to login to machine by trying many passwords and usernames
  • Backdoor attack - this category represents bypassing authentication by hidden programs or services to obtain remote access to a computer or trojan activity
  • Port scan - represents attackers identifying running services on the targeted machine by probing a server for open ports
  • Malicious bot - this category encompasses all bots performing unsolicited requests or ignoring robots.txt file
  • Anonymous proxy - public proxies like Tor, I2P relays or anonymous VPNs are often used by attacker to hide his identity
  • Web attack - attempts to exploit web application security flaws
  • CMS attack - attempts to exploit CMS vulnerability
  • App vulnerability attack - attempts to exploit other applications vulnerability
  • Web spam - encompasses all kind of HTTP spamming
  • Email spam - encompasses all kind of E-mail spamming
  • Dodgy activity - this category encompasses superfluous, dodgy requests

Similar hosts

Hosts with the same ASN

Emerging threats

The most commonly reported IP addresses in the last 24 hours

Report breach!

Rate host 103.207.39.22