Internet-Security.com TCP port 1389 details

TCP port 1389 is commonly used for LDAP by directory servers that default to a non-privileged port.
ForgeRock Directory Services (formerly OpenDJ) listens on 1389 for LDAP by default in typical deployments.
OpenDS (the Sun/Oracle predecessor to OpenDJ) also defaults to LDAP on 1389.
Oracle Unified Directory (OUD) frequently uses 1389 as its default LDAP port in quickstart and standard installs.
The Gluu Server (IAM platform) ships with an OpenDJ/ForgeRock DS LDAP backend that listens on 1389 by default.
Security note: Port 1389 has been widely used in Log4Shell (CVE-2021-44228) exploits, where attackers run a rogue LDAP server (often via tools like marshalsec) on 1389 to deliver payloads.

TCP 1389