GeneralInformation

Hostnames	dingtalk.com
Domains	dingtalk.com
Country	China
City	Zhangjiakou
Organization	Zhejiang Taobao Network Co.,Ltd
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2024(1)

CVE-2024-6387

8.1A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(2)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

2019(4)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(3)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

2017(1)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(4)

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(1)

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 15 17 19 20 21 23 37 43 53 70 79 80 84 87 98 104 106 110 111 113 121 122 135 175 179 195 221 263 311 343 389 427 443 444 515 548 554 587 636 666 675 685 771 785 789 830 832 843 873 995 1025 1027 1080 1099 1153 1177 1234 1235 1291 1364 1459 1515 1521 1577 1599 1604 1723 1801 1911 1957 1958 1962 1965 1967 2002 2008 2021 2048 2067 2077 2079 2081 2083 2087 2121 2181 2200 2221 2222 2232 2259 2332 2345 2353 2376 2404 2433 2455 2558 2569 2628 2761 2762 3001 3015 3020 3050 3054 3057 3060 3066 3069 3070 3072 3083 3100 3119 3129 3137 3140 3164 3185 3186 3195 3268 3269 3299 3301 3306 3388 3389 3410 3498 3500 3522 3523 3551 3790 3792 3950 3952 4000 4022 4063 4095 4147 4150 4157 4190 4242 4243 4282 4369 4433 4434 4444 4466 4482 4500 4506 4531 4550 4786 4840 4899 4933 4949 5001 5006 5007 5009 5010 5025 5083 5093 5172 5201 5222 5232 5234 5247 5269 5280 5321 5400 5432 5435 5444 5494 5556 5591 5593 5599 5600 5605 5608 5672 5902 5908 5919 5938 5984 5992 5996 6001 6002 6262 6379 6500 6503 6560 6561 6653 6666 6668 6697 6748 7001 7011 7018 7020 7088 7218 7348 7415 7434 7548 7634 7654 7700 8009 8017 8034 8035 8061 8062 8081 8085 8087 8089 8093 8099 8105 8124 8126 8132 8139 8142 8147 8155 8157 8158 8162 8174 8181 8193 8195 8291 8333 8421 8425 8432 8449 8461 8500 8533 8545 8557 8563 8583 8607 8649 8686 8728 8789 8812 8819 8823 8824 8825 8828 8848 8854 8868 8891 9002 9005 9018 9020 9023 9042 9047 9051 9054 9079 9091 9095 9097 9098 9100 9104 9111 9120 9123 9130 9151 9160 9161 9172 9173 9177 9193 9194 9195 9198 9200 9208 9236 9244 9306 9308 9312 9333 9345 9376 9418 9433 9441 9443 9445 9446 9447 9456 9458 9488 9515 9530 9532 9550 9600 9633 9761 9804 9811 9876 9898 9908 9923 9943 9944 9991 9998 9999 10000 10001 10024 10035 10038 10043 10050 10051 10066 10087 10201 10205 10250 10256 10390 10399 10443 10554 10909 10911 11000 11112 11210 11288 11300 11481 11602 12016 12103 12110 12123 12130 12144 12159 12170 12176 12182 12198 12199 12201 12224 12230 12240 12257 12261 12268 12272 12275 12283 12292 12319 12322 12324 12341 12345 12348 12349 12357 12366 12373 12374 12377 12397 12401 12407 12416 12426 12427 12431 12440 12454 12465 12473 12484 12529 12540 12544 12546 12550 12554 12558 12561 12562 12563 12568 12575 12902 13047 13082 14147 14265 14401 14402 14404 14524 14900 14905 15001 16003 16009 16011 16015 16026 16047 16049 16077 16083 16316 16401 16993 17020 17082 18029 18030 18031 18033 18044 18050 18067 18072 18081 18086 18088 18100 18101 18106 18245 18264 19015 19022 19082 19998 19999 20000 20150 20256 20547 20800 20880 20892 20894 20900 21025 21084 21200 21231 21237 21239 21241 21242 21243 21251 21258 21265 21266 21284 21292 21299 21308 21309 21320 21328 21379 22000 22103 22222 23023 23424 24181 24245 24472 24510 25001 25565 27015 27016 28015 28017 30002 30003 30023 30122 30222 30443 30468 30479 30501 30522 30722 30822 30892 31001 31022 31337 31422 31443 31822 32022 32101 32322 32422 32443 32622 32722 32746 32764 33122 33222 33389 33522 33622 33822 33922 34225 34422 34522 34822 35022 35101 35250 35422 35522 35622 35722 35822 36422 36505 36522 36622 37022 37122 37222 37422 37522 37722 37777 37822 37922 38022 38080 38122 38322 38333 38622 38722 38880 39001 39122 39322 39522 39622 40022 40322 40522 41122 41222 41443 41922 42122 42422 42922 43222 43522 43822 43922 44022 44122 44158 44222 44300 44332 44422 44520 44522 44722 45003 45122 45222 45322 45677 45822 45922 46122 46322 46422 47080 47534 47622 47722 47808 47822 47984 47990 48012 48013 48122 48322 48522 48622 48722 48822 49022 49153 50000 50003 50010 50100 50112 51106 52200 52340 52536 52869 54022 54138 54984 55000 55350 55443 55490 55522 55553 55554 55722 57522 57622 57780 57783 57822 58322 59022 59122 59522 60001 60023 60129 61613 61616 62078 63210 63256 64738

11 / tcp

-952165951 | 2025-03-11T17:21:02.401131

AB

13 / tcp

-2127598635 | 2025-03-22T04:42:48.886928

14:02:51 2024/1/22

15 / tcp

-2089734047 | 2025-03-20T09:08:47.587789

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

17 / tcp

2111892176 | 2025-03-23T20:17:57.942256

"When a stupid man is doing something he is ashamed of, he always declares\r\n that it is his duty." George Bernard Shaw (1856-1950)\r\\x00

19 / tcp

620044682 | 2025-02-26T08:22:43.154457

 !"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefg\r\n!"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefgh\r\n"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghi\r\n#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghij\r\n$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijk\r\n%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijkl\r\n&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghi

20 / tcp

819727972 | 2025-03-10T03:19:00.215841

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

21 / tcp

-731285715 | 2025-03-25T14:16:12.364249

220 (vsFTPd 1.2.2)

23 / tcp

-1816600103 | 2025-03-09T04:23:03.490359

tc login:

37 / tcp

1288534451 | 2025-03-23T14:51:21.119952

\\xe9XuK

43 / tcp

1189133115 | 2025-03-24T16:22:15.306032

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

53 / tcp

-42462918 | 2025-03-22T09:27:45.303446

9
\x81\x05\x00\x01\x00\x00\x00\x00\x00\x00\x08clients1\x06google\x03com\x00\x00\x01\x00\x01
\x00\x06\x85\x00\x00\x01\x00\x01\x00\x01\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03\xc0\x00\x10\x00\x03\x00\x00\x00\x00\x00\x05\x04none\xc0\x00\x02\x00\x03\

70 / tcp

1738069263 | 2025-03-15T10:33:42.972053

\x01remshd: Kerberos Authentication not enabled.

79 / tcp

-876294238 | 2025-03-17T08:03:12.884085

HTTP/1.1 400 Bad Request
Server: nginx/1.25.3
Content-Type: text/html
Connection: close

80 / tcp

-805429198 | 2025-03-19T15:31:23.682663

Hashes

hash

1305719777

http.dom_hash

1991980804

http.html_hash

-805429198

http.server_hash

2109761476

http.title_hash

1522695184

301 Moved Permanently

HTTP/1.1 301 Moved Permanently
Server: DingTalk/1.0.0
Date: Wed, 19 Mar 2025 15:31:23 GMT
Content-Type: text/html
Content-Length: 246
Connection: keep-alive
Location: https://106.11.43.160/

84 / tcp

-2118655245 | 2025-03-17T19:12:46.504224

Hashes

hash

1015654041

http.dom_hash

-2006505642

http.html_hash

-2118655245

HTTP/1.0 500 Internal Server Error
Content-Length: 20

87 / tcp

-1105333987 | 2025-03-18T14:18:14.278949

\x00[KpU\x7f\x00\x00

98 / tcp

-1487943323 | 2025-03-23T21:40:51.980048

431 Unable to negotiate secure command connection.\r\n

104 / tcp

575925250 | 2025-03-11T05:13:44.031267

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

106 / tcp

366084633 | 2025-03-12T14:18:50.191196

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

110 / tcp

-1399940268 | 2025-03-16T09:14:29.968096

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

111 / tcp

-952165951 | 2025-03-21T12:12:38.960313

AB

113 / tcp

1921398876 | 2025-03-23T02:57:42.934954

ÿý"
LinuxNode v06953 (ggfks)

login:

121 / tcp

819727972 | 2025-03-23T03:53:01.463152

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

122 / tcp

-303199180 | 2025-03-19T05:19:27.345152

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

135 / tcp

-1729522695 | 2025-03-15T14:03:58.367044

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: DESKTOP-BFAHJ06\n IP2: 192.168.3.8\n IP3: 172.29.96.1\n IP4: 172.19.80.1\n\nNTLMSSP:\nTarget_Name: DESKTOP-BFAHJ06\nProduct_Version: 10.0.19041 Ntlm 15\nOS: Windows 10, Version 2004/Windows Server, Version 2004\nNetBIOS_Domain_Name: DESKTOP-BFAHJ06\nNetBIOS_Computer_Name: DESKTOP-BFAHJ06\nDNS_Domain_Name: DESKTOP-BFAHJ06\nDNS_Computer_Name: DESKTOP-BFAHJ06\nSystem_Time: 2024-01-22 04:05:47 +0000 UTC\n\nDCERP

175 / tcp

1911457608 | 2025-02-28T05:24:37.668303

\x00[\x00\x00\x00\x00\x00\x00

179 / tcp

-399606100 | 2025-03-12T19:13:49.407978

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

195 / tcp

1542849631 | 2025-03-25T09:15:12.199091

* OK [CAPABILITY a2,M\] nBwXk2pPP IMAP4rev1 20qx at

221 / tcp

1911457608 | 2025-03-17T18:48:15.436953

\x00[\x00\x00\x00\x00\x00\x00

263 / tcp

-288825733 | 2025-03-19T01:30:01.160756

HTTP/1.1 200 OK
Connection: close
Content-Length: 2619
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE
Content-Type: text/html
Server: Jetty(9.4.14.v20181114)
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

311 / tcp

749429829 | 2025-03-18T15:40:18.440953

\xc3\xa3\r\n\r\n\\x01KvInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

343 / tcp

1282941221 | 2025-03-17T09:47:57.238528

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

389 / tcp

-1907080992 | 2025-03-15T11:29:18.632966

0\x0c\\x02\\x01\\x01a\\x07\n\\x01\\x00\\x04\\x00\\x04\\x00

427 / tcp

1998636604 | 2025-03-24T00:33:42.639515

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://192.168.2.254\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:VMwareInfrastructure\n\nResponse of service:VMwareInfrastructure SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:VMwareInfrastructure://192.168.2.254\n\n\nResponse of service:VMwareInfrastructure AttrRqst:\nVersion: 2\nFunction: Attribute Reply (7)\nErrorCode: SUCCESS (0)\nAttrList: (pro

443 / tcp

2098045381 | 2025-03-19T15:31:25.833961

Hashes

hash

1243340479

http.dom_hash

1991980804

http.favicon.hash

-821928985

http.html_hash

2098045381

http.server_hash

2109761476

http.title_hash

-1030444411

403 Forbidden

HTTP/1.1 403 Forbidden
Server: DingTalk/1.0.0
Date: Wed, 19 Mar 2025 15:31:25 GMT
Content-Type: text/html
Content-Length: 230
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:20:72:7e:00:35:e5:23:96:aa:8b:2a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: Apr  8 04:56:05 2024 GMT
            Not After : May 10 04:56:04 2025 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.dingtalk.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bd:8d:33:69:b4:64:a2:e8:70:50:0d:16:f0:02:
                    c2:82:b6:32:f6:76:14:b4:42:08:df:65:e7:1d:24:
                    53:b3:27:56:50:ed:09:f3:0f:b2:ea:8c:e7:50:2e:
                    10:2f:a3:06:71:de:a5:68:76:20:aa:fb:22:a3:40:
                    72:1e:a7:fd:21:13:b0:2e:99:9b:78:88:51:86:d3:
                    7f:0d:81:e3:cd:2f:42:56:fd:39:31:a2:5d:24:dc:
                    6a:5c:ed:69:b4:62:0d:4b:bc:b7:b3:1b:c7:4d:65:
                    3e:6a:af:c3:63:1e:4a:b1:f8:3e:a7:a0:1a:c3:42:
                    13:88:d6:41:fe:cd:0e:e9:d8:a7:30:b8:24:1f:b3:
                    83:30:eb:95:8e:78:69:98:2a:24:28:ff:e0:5f:0e:
                    86:18:70:7b:da:d9:57:0f:a1:77:88:80:85:53:2f:
                    e1:56:f8:ac:77:5b:4e:c2:9b:56:85:07:99:7b:6f:
                    7e:8e:36:47:3f:08:f2:66:29:a4:3e:05:10:0e:6a:
                    5c:0b:a5:d2:99:b9:79:73:96:d2:0a:20:cb:27:ac:
                    34:8c:18:26:bb:10:29:85:d3:57:e0:45:6e:4f:d9:
                    9a:db:ee:7d:ea:9e:9a:de:b7:d8:0b:86:cd:6e:a6:
                    54:a2:57:61:3c:91:3a:f6:23:31:bc:88:b2:11:ee:
                    b0:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
            X509v3 Subject Alternative Name: 
                DNS:*.dingtalk.com, DNS:dingtalk.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            X509v3 Subject Key Identifier: 
                C8:0E:6A:38:33:AD:DC:43:73:5E:96:52:82:75:4C:80:A6:17:98:9A
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Apr  8 04:56:07.937 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:36:1E:8F:A2:9A:17:F1:A1:E4:AC:E8:B0:
                                8C:0A:74:CC:4E:F0:25:62:2B:79:AE:05:7A:87:00:EC:
                                D3:B0:78:DD:02:20:26:42:8E:3C:A5:98:C0:F8:68:A0:
                                C5:F5:5E:76:D8:6D:76:71:53:06:7E:4E:9D:E2:05:1D:
                                EA:F3:3F:A1:64:EF
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
                                16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
                    Timestamp : Apr  8 04:56:08.141 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:0A:05:1E:BD:D3:EC:A9:7E:EE:FD:2A:8B:
                                82:A2:31:37:FE:B2:19:3D:00:76:4E:35:9E:8E:0C:22:
                                13:B6:A9:5D:02:21:00:D9:12:C5:70:61:1B:BF:79:24:
                                6E:B6:06:34:AE:47:D0:38:2C:8E:78:96:E9:E0:38:40:
                                21:65:DA:C8:8C:13:4D
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Apr  8 04:56:08.207 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:7E:CD:B2:F9:16:5F:85:A9:62:03:19:7C:
                                D3:3F:32:BD:15:E8:40:FB:A1:9C:80:93:1C:34:85:9E:
                                DE:6D:1D:10:02:20:13:E2:E4:30:35:77:8F:F2:40:34:
                                C9:83:68:07:16:2D:BE:D2:01:CC:2D:67:58:1C:39:C6:
                                8A:07:DC:D6:93:36
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        2c:84:e4:e8:a3:3d:05:60:2b:d5:b8:ca:49:44:39:17:62:81:
        ae:0a:33:f1:98:f4:eb:05:80:11:96:88:28:6c:b9:f8:05:88:
        8f:4b:f1:9a:33:35:06:b2:d9:9b:20:fa:84:21:13:c7:78:c3:
        6a:0d:3e:d8:1c:0c:83:19:1b:b6:82:53:33:bb:2f:a2:2d:75:
        88:ee:2d:b5:c8:b8:4d:47:3c:e4:ee:a7:b9:cb:c6:fc:80:ca:
        a0:4d:3c:07:19:37:4f:ef:d1:49:13:0c:10:14:e2:c3:c5:ee:
        a2:15:c9:b2:aa:69:4b:ad:09:4c:7b:6b:1b:de:30:9f:94:b5:
        78:03:0c:36:c9:05:27:38:3d:3b:7c:8f:b8:eb:5a:1b:5a:76:
        13:04:64:c6:aa:be:91:15:bf:32:25:0a:6c:04:55:5d:f7:be:
        5a:71:cc:1e:ff:f8:c1:a6:89:52:fc:48:45:4a:53:2c:b9:5a:
        22:7a:66:5b:64:f2:ff:3e:03:97:3b:fe:22:e8:71:1a:33:42:
        c4:f7:64:69:cf:ae:3c:71:e0:78:d5:10:81:d9:6d:1e:b8:fe:
        a6:0e:f4:2c:18:89:10:84:74:28:c1:75:85:00:35:e6:9d:9a:
        21:29:35:d7:a8:76:ec:82:d4:b4:e1:49:6e:d7:bf:d1:5e:5b:
        2e:90:74:1a

444 / tcp

1485623376 | 2025-03-05T16:26:38.963073

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Wed, 05 Mar 2025 16:26:38 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://106.11.43.160:443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

515 / tcp

-79865617 | 2025-03-04T16:46:15.787078

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com
mit-revprops depth log-revprops partial-replay ) ) )

548 / tcp

-2035415184 | 2025-03-17T14:10:31.461515

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: Landisk2\nMachine Type: \rNetatalk3.1.8\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: Cleartxt Passwrd\\x04,DHX2\t,DHCAST128\\x00\nServer Signature: 00000000008002000180030002800280

554 / tcp

1207252947 | 2025-02-25T23:57:45.462364

RTSP/1.0 401 Unauthorized\r\nCSeq: 1\r\n\r\n

587 / tcp

745343730 | 2025-02-28T13:56:31.334927

220 smtp.qq.com Esmtp QQ Mail Server

636 / tcp

-2023550675 | 2025-03-06T23:16:12.703804

\\x01\x0b=\\x01\xc3\x80\\x06\xc3\xbf\xc3\xbf?"<ZDECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\\x01\\x01

666 / tcp

1300162323 | 2025-03-07T00:34:27.750259

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff

675 / tcp

819727972 | 2025-02-28T19:41:25.365654

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

685 / tcp

-1733645023 | 2025-03-10T06:16:21.341233

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

771 / tcp

165188539 | 2025-02-24T16:10:16.789092

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

785 / tcp

599074451 | 2025-03-21T01:07:07.192627

msg

789 / tcp

-2089734047 | 2025-03-11T18:37:15.815145

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

830 / tcp

103159425 | 2025-03-23T07:33:46.213284

SSH-1.99-RGOS_SSH

832 / tcp

-1297953727 | 2025-03-23T18:30:40.062568

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

843 / tcp

-2004989248 | 2025-02-25T19:35:47.348415

<cross-domain-policy>\n   <allow-access-from domain="*" to-po\nrts="*" />\n</cross-domain-policy>

873 / tcp

-1970692834 | 2025-03-25T07:25:39.203419

@RSYNCD: 31.0\n@RSYNCD: EXIT\n

995 / tcp

1356395159 | 2025-03-09T08:12:14.183780

+OK Welcome to RaidenMAILD POP3 SSL service v4904, Mon, 22 Jan 2024 16:39:07 +0800, (C)2001-2023 <947064546@raidenmaild>\r\n

1025 / tcp

-1428621233 | 2025-02-27T23:28:22.968157

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

1027 / tcp

-441419608 | 2025-03-18T17:56:24.055542

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

1080 / tcp

1362344524 | 2025-03-24T15:05:11.198493

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7

1099 / tcp

-249504111 | 2025-03-18T23:55:26.699904

\x00[xU-\x7f\x00\x00

1153 / tcp

321971019 | 2025-03-19T20:53:38.783399

-ERR client ip is not in whitelist\r

1177 / tcp

-1013082686 | 2025-03-18T22:58:07.836292

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

1234 / tcp

-1099385124 | 2025-03-18T22:04:40.475068

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

1235 / tcp

1762042191 | 2025-03-17T02:25:13.519767

\x7f\x7fICA\x00

1291 / tcp

205347087 | 2025-02-28T03:16:34.931830

SSH-25453-Cisco-3524665.35\n

1364 / tcp

-1996280214 | 2025-02-24T21:10:49.650985

\x06\x04\x05@

1459 / tcp

-1888448627 | 2025-03-14T13:15:23.700204

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1515 / tcp

539065883 | 2025-03-22T08:01:14.265525

1521 / tcp

-1337747449 | 2025-03-17T14:23:50.997687

Version:12.2.0.1.0\n"\\x00\\x00Y(DESCRIPTION=(TMP=)(VSNNUM=203424000)(ERR=1189)(ERROR_STACK=(ERROR=(CODE=1189)(EMFI=4))))

1577 / tcp

-1839934832 | 2025-03-25T01:09:03.829373

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

1599 / tcp

819727972 | 2025-03-20T06:16:10.678351

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1604 / tcp

539065883 | 2025-03-13T00:22:34.866984

1723 / tcp

1103582599 | 2025-03-22T01:56:10.858257

Firmware: 1\nHostname: Vigor\nVendor: DrayTek\n

1801 / tcp

-1139999322 | 2025-03-22T19:04:32.459150

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074\\xf2\\xdby\\x96\\xbb\\xb1LE\\xa1\\x1f.%\xd2\xbft\\xb692d3\\x10\\x03\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

1911 / tcp

819727972 | 2025-03-24T00:26:50.837968

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1957 / tcp

819727972 | 2025-03-04T20:39:27.153512

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1958 / tcp

-1399940268 | 2025-03-21T08:12:41.415999

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1962 / tcp

1911457608 | 2025-02-28T11:16:41.153866

\x00[\x00\x00\x00\x00\x00\x00

1965 / tcp

1726594447 | 2025-03-16T15:06:41.190920

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

1967 / tcp

1492413928 | 2025-03-24T03:13:22.276612

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

2002 / tcp

-1730858130 | 2025-03-24T00:20:26.097713

RFB 003.008
VNC:
  Protocol Version: 3.8

2008 / tcp

-154107716 | 2025-02-24T05:43:09.747586

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

2021 / tcp

-2046514463 | 2025-03-20T15:06:40.356182

AB\x01\t

2048 / tcp

-1453516345 | 2025-03-14T03:32:47.383137

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

2067 / tcp

-1023516719 | 2025-03-04T21:18:56.404847

ã

KvInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

2077 / tcp

-1140468363 | 2025-03-21T18:59:22.451634

\x02\t\x01

2079 / tcp

-903067560 | 2025-03-20T16:07:04.551167

\x00[\x13)\xc2\x81\x7f\x00\x00

2081 / tcp

-1399940268 | 2025-03-09T15:37:21.905333

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2083 / tcp

-2033111675 | 2025-03-23T00:36:26.044025

~djb

2087 / tcp

1842524259 | 2025-03-21T11:48:51.081760

2121 / tcp

2047379038 | 2025-03-13T20:52:20.993988

220 RS820Plus FTP server ready.

2181 / tcp

546151771 | 2025-03-18T04:05:29.788701

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

2200 / tcp

1023953321 | 2025-03-11T02:18:33.268500

HTTP/1.0 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm="proxy"
Connection: close
Content-type: text/html; charset=utf-8

2221 / tcp

580340387 | 2025-03-15T15:55:28.139270

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

2222 / tcp

2051656595 | 2025-03-21T18:52:04.436376

SSH-2.0-OpenSSH_7.4\r\n\n

2232 / tcp

-375604792 | 2025-03-19T18:30:58.936963

220 Microsoft FTP Service

2259 / tcp

819727972 | 2025-03-12T19:45:12.310175

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

2332 / tcp

-653033013 | 2025-03-23T16:54:25.822290

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

2345 / tcp

1911457608 | 2025-03-19T18:54:46.024738

\x00[\x00\x00\x00\x00\x00\x00

2353 / tcp

1615193817 | 2025-03-05T03:51:37.525469

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

2376 / tcp

819727972 | 2025-03-25T16:36:51.054778

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2404 / tcp

671605376 | 2025-03-17T04:43:29.501600

SSH-2.0-OpenSSH_X.X

2433 / tcp

1911457608 | 2025-03-20T17:11:07.599069

\x00[\x00\x00\x00\x00\x00\x00

2455 / tcp

2103111368 | 2025-03-11T19:01:25.679093

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

2558 / tcp

-1105333987 | 2025-02-24T16:37:29.886554

\x00[KpU\x7f\x00\x00

2569 / tcp

-1810987450 | 2025-03-22T16:26:50.580819

\xc3\xbf

2628 / tcp

842535728 | 2025-03-16T05:47:38.286663

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

2761 / tcp

1574088840 | 2025-03-25T12:06:37.898329

">Application and Content Networking Software 3.9</a>)\n</BODY><

2762 / tcp

-1810987450 | 2025-03-21T16:10:59.175932

\xc3\xbf

3001 / tcp

-653033013 | 2025-03-18T01:29:34.368391

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

3015 / tcp

-358801646 | 2025-03-12T21:16:10.106081

SSH-2.0-OpenSSH_6.6.1

3020 / tcp

897328069 | 2025-03-23T02:16:19.034577

220 mail.scott000.com ESMTP

3050 / tcp

1282941221 | 2025-03-21T07:09:59.792596

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

3054 / tcp

-1888448627 | 2025-03-23T13:05:56.338215

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

3057 / tcp

1911457608 | 2025-03-15T23:21:12.555452

\x00[\x00\x00\x00\x00\x00\x00

3060 / tcp

-407828767 | 2025-03-11T04:55:05.251566

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

3066 / tcp

819727972 | 2025-02-26T16:42:43.167791

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

3069 / tcp

677934968 | 2025-03-15T19:18:16.455590

lm^)Q

3070 / tcp

1762042191 | 2025-02-26T05:33:57.527667

\x7f\x7fICA\x00

3072 / tcp

-1839934832 | 2025-03-25T03:38:45.286080

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

3083 / tcp

321971019 | 2025-03-15T03:57:00.619865

-ERR client ip is not in whitelist\r

3100 / tcp

-1907909544 | 2025-03-06T02:16:29.240778

\r\nHello, this is Quagga (version 0T).\r\nCopyright 1996-200

3119 / tcp

-1399940268 | 2025-03-12T15:15:08.348860

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3129 / tcp

-1888448627 | 2025-03-23T21:05:18.498320

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

3137 / tcp

-1399940268 | 2025-03-25T20:02:46.984001

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3140 / tcp

-1986594217 | 2025-02-26T11:54:13.970785

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

3164 / tcp

669849225 | 2025-03-19T01:57:49.935319

SSH-98.60-SysaxSSH_81885..42\r\n

3185 / tcp

-1399940268 | 2025-02-25T16:34:54.451451

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3186 / tcp

1911457608 | 2025-03-19T15:41:48.197378

\x00[\x00\x00\x00\x00\x00\x00

3195 / tcp

-2089734047 | 2025-03-13T13:47:37.551299

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3268 / tcp

1727372229 | 2025-03-07T15:45:35.306556

HTTP/1.1 302 
Location: http://116.6.76.114:3268/index.html

3269 / tcp

-358801646 | 2025-03-25T22:56:16.077666

SSH-2.0-OpenSSH_6.6.1

3299 / tcp

819727972 | 2025-03-22T21:21:56.059854

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3301 / tcp

-2089734047 | 2025-03-14T21:21:27.092005

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3306 / tcp

849822411 | 2025-03-14T04:30:52.704846

Mysql Version: 5.7.44-log \r\nN\\x00\\x00\\x00\n5.7.44-log\\x00s/\\x06\\x00(o>\\x1c`\\x18*a\\x00\\xff\\xff-\\x02\\x00\\xff\\xc1\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00fFU\\x07_\\x1ay\\x14i}\\x02E\\x00mysql_native_password\\x00

3388 / tcp

-1399940268 | 2025-03-11T09:46:26.488530

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3389 / tcp

740837454 | 2025-03-16T07:38:16.376670

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

3410 / tcp

-616720387 | 2025-03-10T20:31:42.405075

SSH-2.0-SSHD_0.7.6

3498 / tcp

921225407 | 2025-03-13T20:06:51.039232

\x00\x00\x00\x04\x00\x00\x00\x00\x00

3500 / tcp

-441419608 | 2025-02-28T11:29:56.270088

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

3522 / tcp

321971019 | 2025-03-08T17:42:01.318689

-ERR client ip is not in whitelist\r

3523 / tcp

597764502 | 2025-03-12T18:22:40.142894

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

3551 / tcp

198844676 | 2025-02-25T19:52:05.751392

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3790 / tcp

-1261090339 | 2025-03-22T04:14:52.024730

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

3792 / tcp

-1019343788 | 2025-03-18T18:01:21.204935

W!\x00\x00\x00\x00

3950 / tcp

-1399940268 | 2025-03-16T23:23:07.785764

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3952 / tcp

-2031152423 | 2025-03-20T02:18:28.337809

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

4000 / tcp

-801484042 | 2025-03-23T20:11:14.140246

ERR 27

4022 / tcp

-1329831334 | 2025-03-13T12:44:11.171852

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

4063 / tcp

-1105333987 | 2025-03-25T13:12:32.603680

\x00[KpU\x7f\x00\x00

4095 / tcp

307999478 | 2025-03-12T07:23:05.832810

unknown command \r\nunknown command \r\n

4147 / tcp

-1399940268 | 2025-03-21T06:00:13.833482

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4150 / tcp

-345718689 | 2025-03-13T06:54:58.717945

Vty password is not set.

4157 / tcp

-905685638 | 2025-03-13T03:09:45.917399

bxz437

4190 / tcp

971933601 | 2025-02-24T01:44:00.512990

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

4242 / tcp

-1879056922 | 2025-03-08T19:44:53.619004

HTTP/1.1 403 Forbidden
Server: Apache/2.4.41 (Unix) OpenSSL/1.1.1d TST PHP/7.3.11
Content-Type: text/plain; charset=utf-8
Connection: close

4243 / tcp

-1538260461 | 2025-03-18T08:27:03.081125

\x01\x00\x00\x00

4282 / tcp

-1839934832 | 2025-03-25T07:46:10.448350

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

4369 / tcp

1911457608 | 2025-03-05T23:52:42.257290

\x00[\x00\x00\x00\x00\x00\x00

4433 / tcp

819727972 | 2025-03-10T13:33:51.441843

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

4434 / tcp

-358801646 | 2025-03-20T14:40:01.728605

SSH-2.0-OpenSSH_6.6.1

4444 / tcp

-1887823886 | 2025-02-26T04:08:32.707223

K%~)J/\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

4466 / tcp

-992671574 | 2025-03-03T21:37:53.113312

@RSYNCD: 26

4482 / tcp

165188539 | 2025-03-19T04:59:22.833134

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

4500 / tcp

580340387 | 2025-03-22T13:16:03.079388

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

4506 / tcp

2087396567 | 2025-03-14T16:23:09.243832

kjnkjabhbanc283ubcsbhdc72

4531 / tcp

1975288991 | 2025-03-12T09:56:08.883222

OPTI

4550 / tcp

-1153110624 | 2025-03-22T18:48:49.272823

\\xfc!\\x00\\x00

4786 / tcp

-1733645023 | 2025-03-04T16:54:47.427830

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

4840 / tcp

-1399940268 | 2025-03-14T01:38:05.405709

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4899 / tcp

-2089734047 | 2025-03-22T05:14:39.877141

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

4933 / tcp

-1476017887 | 2025-03-19T18:50:08.663470

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

4949 / tcp

-952165951 | 2025-03-22T10:45:25.047903

AB

5001 / tcp

1690634669 | 2025-03-05T03:29:32.387337

5006 / tcp

-2033111675 | 2025-03-21T20:45:01.210717

~djb

5007 / tcp

1911457608 | 2025-03-06T08:43:52.277998

\x00[\x00\x00\x00\x00\x00\x00

5009 / tcp

567505242 | 2025-03-14T11:00:31.015862

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1a3c_wdx20_40557-6922

5010 / tcp

1504401647 | 2025-03-05T09:41:34.791638

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

5025 / tcp

1741579575 | 2025-03-11T10:38:48.537253

5083 / tcp

-653033013 | 2025-03-23T03:11:03.362469

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

5093 / tcp

1077013874 | 2025-03-08T22:33:03.386836

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

5172 / tcp

-801484042 | 2025-02-28T19:47:48.226140

ERR 27

5201 / tcp

-1399940268 | 2025-03-15T23:24:16.843529

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5222 / tcp

103159425 | 2025-03-07T16:12:26.812591

SSH-1.99-RGOS_SSH

5232 / tcp

-1399940268 | 2025-03-06T15:47:31.070832

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5234 / tcp

-1746074029 | 2025-03-22T12:58:51.597870

101 imqbroker =unV\r\n

5247 / tcp

1623746877 | 2025-03-19T12:31:11.322239

500 Permission denied - closing connection.\r\n

5269 / tcp

-898901461 | 2025-03-14T16:50:35.339743

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705941047.522-w-waf01tjgt

5280 / tcp

1661529882 | 2025-02-26T06:36:41.498775

HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: /index.php/welcome/login
X-POS: WEL:1
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mod=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: Sundray

5321 / tcp

-1399940268 | 2025-02-24T18:47:52.088908

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5400 / tcp

-146605374 | 2025-03-18T07:21:36.844985

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

5432 / tcp

-1888448627 | 2025-03-20T17:38:35.981539

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

5435 / tcp

1911457608 | 2025-03-21T15:30:58.701008

\x00[\x00\x00\x00\x00\x00\x00

5444 / tcp

580340387 | 2025-03-23T22:44:55.499517

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

5494 / tcp

1911457608 | 2025-03-25T18:41:08.657125

\x00[\x00\x00\x00\x00\x00\x00

5556 / tcp

-1013082686 | 2025-03-10T12:05:38.255992

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

5591 / tcp

-1795027372 | 2025-02-28T16:58:02.100123

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

5593 / tcp

165188539 | 2025-03-05T18:39:18.784018

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

5599 / tcp

401555314 | 2025-03-12T19:55:23.459990

NB[GFXjA^R

5600 / tcp

-1013082686 | 2025-03-05T20:03:51.509874

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

5605 / tcp

-303199180 | 2025-02-25T22:52:24.223646

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

5608 / tcp

-2089734047 | 2025-03-04T17:48:53.999661

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

5672 / tcp

575925250 | 2025-02-27T00:39:46.763859

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

5902 / tcp

-1730858130 | 2025-03-16T21:55:42.488373

RFB 003.008
VNC:
  Protocol Version: 3.8

5908 / tcp

-1399940268 | 2025-03-22T17:05:40.986361

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5919 / tcp

-1648456501 | 2025-03-18T03:58:18.294230

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

5938 / tcp

-1399940268 | 2025-02-28T16:22:37.280594

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5984 / tcp

1999272906 | 2025-02-26T15:14:19.837039

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

5992 / tcp

-1399940268 | 2025-03-09T06:33:18.844205

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5996 / tcp

455076604 | 2025-02-27T03:12:42.986459

!\x07version\x04bind7 t{RPowerDNS Recursor 410

6001 / tcp

-1713437100 | 2025-03-03T21:57:21.094783

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

6002 / tcp

-21576419 | 2025-03-18T17:11:38.381521

ÿûUDo you want ANSI color? (Y/n)

6262 / tcp

-1598265216 | 2025-03-22T20:12:57.068979

@RSYNCD: 31.0

6379 / tcp

321971019 | 2025-03-16T00:30:19.397842

-ERR client ip is not in whitelist\r

6500 / tcp

-1399940268 | 2025-03-23T18:06:30.489768

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6503 / tcp

-1399940268 | 2025-03-17T23:42:17.129369

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6560 / tcp

-2096652808 | 2025-02-25T20:04:43.914183

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

6561 / tcp

-1428621233 | 2025-03-19T17:20:16.173285

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

6653 / tcp

-358801646 | 2025-03-12T11:01:02.532278

SSH-2.0-OpenSSH_6.6.1

6666 / tcp

372433470 | 2025-03-18T16:48:57.554414

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

6668 / tcp

-1032713145 | 2025-03-23T18:47:49.591606

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

6697 / tcp

1504401647 | 2025-03-24T11:46:37.332461

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

6748 / tcp

-1399940268 | 2025-03-16T07:29:09.675997

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7001 / tcp

-829704895 | 2025-03-22T15:19:24.000586

+OK-1035|

7011 / tcp

165188539 | 2025-03-17T02:01:04.595355

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

7018 / tcp

-1699556818 | 2025-03-23T00:41:52.026688

\x01remshd: Kerberos Authentication not enabled.\n

7020 / tcp

-1399940268 | 2025-03-04T05:32:05.673762

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7088 / tcp

1282941221 | 2025-03-22T16:22:42.102012

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

7218 / tcp

751496153 | 2025-03-17T09:19:56.427554

* OK TeamXchange IMAP4rev1 server (otyUg) ready.

7348 / tcp

575925250 | 2025-03-19T10:03:47.542882

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

7415 / tcp

819727972 | 2025-03-16T15:39:29.821248

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

7434 / tcp

1282941221 | 2025-03-19T10:32:18.497940

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

7548 / tcp

233634112 | 2025-03-17T23:54:18.268383

SSH-98.60-SysaxSSH_81885..42

7634 / tcp

1690634669 | 2025-03-17T04:00:15.546093

7654 / tcp

-2107996212 | 2025-03-14T11:59:26.980138

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

7700 / tcp

-2096652808 | 2025-03-15T16:10:56.393125

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8009 / tcp

-971970408 | 2025-03-23T20:11:18.022937

8017 / tcp

-1139539254 | 2025-03-10T17:07:58.473385

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

8034 / tcp

-792826324 | 2025-02-24T18:43:44.785939

220 FTP server ready - login please

8035 / tcp

-1888448627 | 2025-03-20T02:39:51.654917

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8061 / tcp

-375604792 | 2025-03-03T19:41:08.613864

220 Microsoft FTP Service

8062 / tcp

1623746877 | 2025-03-11T08:40:35.174457

500 Permission denied - closing connection.\r\n

8081 / tcp

539065883 | 2025-03-13T15:16:24.779611

8085 / tcp

819727972 | 2025-03-12T12:58:27.365983

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8087 / tcp

1332894250 | 2025-03-13T16:10:33.572573

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

8089 / tcp

819727972 | 2025-03-12T21:14:27.711505

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8093 / tcp

-84715459 | 2025-03-11T03:35:15.387080

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1e3a_hlj44_13815-35562

8099 / tcp

-1639624373 | 2025-02-25T02:13:13.450768

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae28c9_CS-000-01kgX25_35624-12255

8105 / tcp

401555314 | 2025-03-20T11:07:09.119663

NB[GFXjA^R

8124 / tcp

921225407 | 2025-03-19T07:31:20.479733

\x00\x00\x00\x04\x00\x00\x00\x00\x00

8126 / tcp

104385780 | 2025-02-28T16:09:18.748853

ceph v2

8132 / tcp

1332894250 | 2025-03-15T03:20:37.184035

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

8139 / tcp

1690634669 | 2025-03-11T19:16:09.857743

8142 / tcp

1911457608 | 2025-02-25T16:38:42.244656

\x00[\x00\x00\x00\x00\x00\x00

8147 / tcp

-2107996212 | 2025-03-19T21:31:23.286698

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

8155 / tcp

-1399940268 | 2025-02-27T06:15:34.670921

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8157 / tcp

-1327660293 | 2025-03-09T20:27:09.701851

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

8158 / tcp

-1888448627 | 2025-03-17T21:42:35.873871

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8162 / tcp

1353260875 | 2025-03-13T08:46:43.099712

\x00[g\xc2\x95N\x7f\x00\x00

8174 / tcp

-1099385124 | 2025-03-19T03:28:55.132179

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

8181 / tcp

-1611764932 | 2025-03-04T18:54:12.603511

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

8193 / tcp

-445721795 | 2025-02-28T11:39:42.105393

\x00[\xc3\xaed\x1a\x7f\x00\x00

8195 / tcp

-2089734047 | 2025-03-09T18:24:47.138160

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8291 / tcp

-2089734047 | 2025-02-26T12:05:16.292119

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8333 / tcp

1335782347 | 2025-03-20T15:55:31.589844

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705940700.09-waf02bjtp3

8421 / tcp

-122096153 | 2025-03-17T21:34:14.797977

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

8425 / tcp

1911457608 | 2025-03-14T21:38:18.767996

\x00[\x00\x00\x00\x00\x00\x00

8432 / tcp

632542934 | 2025-03-05T01:54:19.764738

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8449 / tcp

819727972 | 2025-02-25T11:13:52.123068

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8461 / tcp

1911457608 | 2025-02-28T21:03:33.272820

\x00[\x00\x00\x00\x00\x00\x00

8500 / tcp

1529351907 | 2025-02-28T22:31:52.880036

HTTP/1.1 407 OK
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

please add white ip *.*.*.*

8533 / tcp

2063598737 | 2025-03-06T03:43:37.717217

/0 0 L\r\n/0 0 HUH\r\n

8545 / tcp

2087396567 | 2025-03-19T04:03:10.575337

kjnkjabhbanc283ubcsbhdc72

8557 / tcp

1161309183 | 2025-03-24T00:39:30.707284

ProxyServer is ready

8563 / tcp

1161309183 | 2025-03-04T16:46:18.544688

ProxyServer is ready

8583 / tcp

-585940771 | 2025-03-18T23:38:20.350506

Unknown command\r\n

8607 / tcp

-2089734047 | 2025-03-24T18:59:51.397318

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8649 / tcp

2098371729 | 2025-02-26T21:51:49.843732

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

8686 / tcp

-1399940268 | 2025-03-23T11:10:45.409126

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8728 / tcp

1948301213 | 2025-03-22T08:45:14.166398

RFB 003.003
VNC:
  Protocol Version: 3.3

8789 / tcp

-1888448627 | 2025-02-25T14:43:08.618074

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8812 / tcp

-1036370807 | 2025-03-12T21:29:13.330749

JDWP-Handshake

8819 / tcp

-904840257 | 2025-03-19T15:53:34.256971

572 Relay not authorized\r\n

8823 / tcp

1911457608 | 2025-03-04T02:22:54.056580

\x00[\x00\x00\x00\x00\x00\x00

8824 / tcp

-1399940268 | 2025-02-26T10:15:47.754975

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8825 / tcp

-904840257 | 2025-03-08T21:23:49.848200

572 Relay not authorized\r\n

8828 / tcp

1210754493 | 2025-03-04T00:08:09.056287

0\x0c\x02\x01\x01a\x07\n\x01\x00\x04\x00\x04\x00

8848 / tcp

-1399940268 | 2025-03-12T19:56:42.877424

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8854 / tcp

-1399940268 | 2025-03-15T03:33:55.823779

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8868 / tcp

-1888448627 | 2025-03-12T03:44:05.084207

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8891 / tcp

-1399940268 | 2025-03-06T08:13:43.564869

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9002 / tcp

819727972 | 2025-03-12T21:20:08.005386

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9005 / tcp

-1598265216 | 2025-03-18T18:36:06.476364

@RSYNCD: 31.0

9018 / tcp

-1598265216 | 2025-03-24T09:44:27.610478

@RSYNCD: 31.0

9020 / tcp

1911457608 | 2025-03-16T13:35:35.378001

\x00[\x00\x00\x00\x00\x00\x00

9023 / tcp

945910976 | 2025-03-14T14:47:33.477014

* OK TeamXchange IMAP4rev1 server (otyUg) ready.\r\n

9042 / tcp

171352214 | 2025-03-18T10:28:52.454935

-ERR client ip is not in whitelist

9047 / tcp

-1888448627 | 2025-03-17T21:07:56.913043

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9051 / tcp

792973478 | 2025-03-13T23:15:31.202988

[®{

9054 / tcp

1911457608 | 2025-03-18T16:13:44.699216

\x00[\x00\x00\x00\x00\x00\x00

9079 / tcp

2063598737 | 2025-02-25T19:58:12.100994

/0 0 L\r\n/0 0 HUH\r\n

9091 / tcp

1690634669 | 2025-03-25T01:08:06.356729

9095 / tcp

873425297 | 2025-03-19T10:36:05.995218

200 NOD32SS 99 (3318497116)

9097 / tcp

-345718689 | 2025-03-22T17:17:26.830617

Vty password is not set.

9098 / tcp

-2096652808 | 2025-03-04T17:33:55.304490

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

9100 / tcp

-1261090339 | 2025-03-17T20:39:00.763479

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

9104 / tcp

-358801646 | 2025-03-18T02:59:35.009227

SSH-2.0-OpenSSH_6.6.1

9111 / tcp

-2096652808 | 2025-02-28T14:30:29.000515

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

9120 / tcp

-2031152423 | 2025-03-08T20:10:39.948909

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

9123 / tcp

-1399940268 | 2025-03-24T02:02:07.396435

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9130 / tcp

-1019343788 | 2025-03-18T21:30:49.312708

W!\x00\x00\x00\x00

9151 / tcp

2087396567 | 2025-03-23T19:58:52.424144

kjnkjabhbanc283ubcsbhdc72

9160 / tcp

707919486 | 2025-03-12T08:06:26.691370

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

9161 / tcp

-1641514916 | 2025-03-21T20:25:43.489038

* OK Merak 1dFUa2 IMAP4rev1

9172 / tcp

504717326 | 2025-02-28T18:11:01.492750

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 5 1

9173 / tcp

-2089734047 | 2025-03-21T18:11:01.284455

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9177 / tcp

819727972 | 2025-03-07T11:06:06.738127

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9193 / tcp

632542934 | 2025-03-23T05:36:54.696334

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

9194 / tcp

165188539 | 2025-02-26T21:15:13.512394

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9195 / tcp

-616720387 | 2025-03-18T23:50:31.356850

SSH-2.0-SSHD_0.7.6

9198 / tcp

745343730 | 2025-02-26T09:17:54.920956

220 smtp.qq.com Esmtp QQ Mail Server

9200 / tcp

-1163346640 | 2025-03-15T12:47:50.402950

Hashes

hash

-997913363

http.dom_hash

-2006505642

http.html_hash

-1163346640

HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
content-length: 215

9208 / tcp

-441419608 | 2025-03-16T10:39:49.917825

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

9236 / tcp

-1399940268 | 2025-03-22T17:02:42.585111

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9244 / tcp

-2089734047 | 2025-02-28T08:54:46.515966

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9306 / tcp

1282941221 | 2025-03-08T18:10:53.081795

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

9308 / tcp

1911457608 | 2025-03-18T19:32:53.824137

\x00[\x00\x00\x00\x00\x00\x00

9312 / tcp

819727972 | 2025-03-15T08:38:44.140819

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9333 / tcp

-1399940268 | 2025-03-12T18:52:33.097961

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9345 / tcp

-1399940268 | 2025-03-19T04:51:29.417347

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9376 / tcp

-1399940268 | 2025-03-22T10:31:17.416521

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9418 / tcp

-1261053701 | 2025-03-08T21:19:55.100340

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset="UTF-8"
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Cache-control: no-store
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

9433 / tcp

307999478 | 2025-03-04T06:57:07.074030

unknown command \r\nunknown command \r\n

9441 / tcp

1911457608 | 2025-03-10T14:04:21.103208

\x00[\x00\x00\x00\x00\x00\x00

9443 / tcp

819727972 | 2025-03-18T09:44:09.406929

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9445 / tcp

-2089734047 | 2025-02-28T19:30:12.686779

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9446 / tcp

2098371729 | 2025-03-16T01:17:58.809260

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

9447 / tcp

-1327660293 | 2025-03-22T08:35:06.366835

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

9456 / tcp

-2096652808 | 2025-03-24T16:34:53.375245

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

9458 / tcp

-288825733 | 2025-03-18T04:36:35.884089

HTTP/1.1 200 OK
Connection: close
Content-Length: 2619
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE
Content-Type: text/html
Server: Jetty(9.4.14.v20181114)
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

9488 / tcp

-2096652808 | 2025-03-05T16:36:20.271188

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

9515 / tcp

-1399940268 | 2025-02-28T19:44:57.754560

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9530 / tcp

819727972 | 2025-03-13T08:12:12.568755

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9532 / tcp

1282941221 | 2025-03-25T04:52:22.788728

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

9550 / tcp

-1105333987 | 2025-03-10T18:01:04.818889

\x00[KpU\x7f\x00\x00

9600 / tcp

-2089734047 | 2025-03-10T16:54:14.974037

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9633 / tcp

-1036370807 | 2025-03-22T11:41:19.433673

JDWP-Handshake

9761 / tcp

2103111368 | 2025-03-06T05:35:40.127837

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

9804 / tcp

-1327660293 | 2025-03-21T05:04:45.358560

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

9811 / tcp

165188539 | 2025-03-24T20:08:13.521896

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9876 / tcp

1721921834 | 2025-03-18T16:07:24.548777

\\x00\\x00\\x01+\\x00\\x00\\x00_{"code":0,"flag":1,"language":"JAVA","opaque":0,"serializeTypeCurrentRPC":"JSON","version":433}{"brokerAddrTable":{"broker-a":{"brokerAddrs":{0:"180.116.172.66:10911"},"brokerName":"broker-a","cluster":"DefaultCluster","enableActingMaster":false}},"clusterAddrTable":{"DefaultCluster":["broker-a"]}}

9898 / tcp

1320285193 | 2025-03-08T16:33:31.528443

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

9908 / tcp

-441419608 | 2025-03-18T12:36:42.647946

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

9923 / tcp

-1476017887 | 2025-03-22T04:08:46.812626

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

9943 / tcp

491999737 | 2025-03-10T10:39:40.836687

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705935095.837-s5jhg

9944 / tcp

-375604792 | 2025-03-18T05:34:15.754315

220 Microsoft FTP Service

9991 / tcp

-1888448627 | 2025-02-26T07:36:59.814834

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9998 / tcp

-347274959 | 2025-03-14T15:17:11.738879

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2831_PS-000-01PIX79_36197-59880

9999 / tcp

1161309183 | 2025-03-10T21:36:27.392920

ProxyServer is ready

10000 / tcp

-1032713145 | 2025-03-22T18:59:59.832439

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

10001 / tcp

1492413928 | 2025-03-17T19:30:54.434215

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

10024 / tcp

-1473669891 | 2025-03-25T18:45:41.009027

\\x00[\'(\\xc0\\xa8X\\xfd

10035 / tcp

-1329831334 | 2025-03-18T14:42:54.115833

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

10038 / tcp

1830187220 | 2025-03-20T23:18:55.177851

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

10043 / tcp

366084633 | 2025-03-09T20:07:51.196442

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

10050 / tcp

1741579575 | 2025-03-12T12:09:29.733134

10051 / tcp

1778988322 | 2025-03-25T18:50:39.304641

* OK GroupWise IMAP4rev1 Server Ready

10066 / tcp

819727972 | 2025-03-13T02:24:07.902016

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

10087 / tcp

-1399940268 | 2025-02-24T18:25:55.236977

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10201 / tcp

819727972 | 2025-03-12T19:11:52.718683

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

10205 / tcp

632542934 | 2025-02-27T08:42:42.130720

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

10250 / tcp

-1375131644 | 2025-03-10T22:05:45.253001

\x00[v\xc3\xbdC\x7f\x00\x00

10256 / tcp

-1699556818 | 2025-03-14T02:32:01.929534

\x01remshd: Kerberos Authentication not enabled.\n

10390 / tcp

119860953 | 2025-03-23T22:26:15.041587

* OK ArGoSoft Mail Server IMAP Module v.YW at

10399 / tcp

819727972 | 2025-03-06T00:06:50.569973

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

10443 / tcp

-1428621233 | 2025-03-16T13:06:30.686708

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

10554 / tcp

1778988322 | 2025-02-26T02:54:16.636223

* OK GroupWise IMAP4rev1 Server Ready

10909 / tcp

-616720387 | 2025-03-25T05:01:02.940648

SSH-2.0-SSHD_0.7.6

10911 / tcp

-2140303521 | 2025-02-24T22:59:26.644251

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

11000 / tcp

1911457608 | 2025-03-24T07:17:18.609910

\x00[\x00\x00\x00\x00\x00\x00

11112 / tcp

1911457608 | 2025-03-25T05:55:58.296374

\x00[\x00\x00\x00\x00\x00\x00

11210 / tcp

401555314 | 2025-03-15T20:01:01.197721

NB[GFXjA^R

11288 / tcp

-1872120160 | 2025-03-14T07:39:42.419185

">Application and Content Networking Software 3.9</a>)
</BODY><

11300 / tcp

819727972 | 2025-03-17T16:48:07.960447

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

11481 / tcp

-1399940268 | 2025-03-13T18:09:39.846165

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

11602 / tcp

921225407 | 2025-03-22T14:06:47.558537

\x00\x00\x00\x04\x00\x00\x00\x00\x00

12016 / tcp

-1097188123 | 2025-03-21T03:12:57.763849

[g\xc2\x95N\x7f

12103 / tcp

-1399940268 | 2025-03-16T11:58:54.996598

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12110 / tcp

1911457608 | 2025-02-25T22:52:35.689862

\x00[\x00\x00\x00\x00\x00\x00

12123 / tcp

-407828767 | 2025-03-19T03:12:57.784700

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

12130 / tcp

-1713437100 | 2025-03-18T04:14:01.471461

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

12144 / tcp

165188539 | 2025-02-25T04:44:39.762279

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12159 / tcp

-980525298 | 2025-03-24T17:08:24.416654

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12170 / tcp

-1399940268 | 2025-03-21T02:29:01.884798

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12176 / tcp

-1279886438 | 2025-03-03T21:20:58.588013

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

12182 / tcp

-1888448627 | 2025-03-24T12:57:59.897725

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12198 / tcp

408230060 | 2025-02-28T10:26:28.455354

\r\nSorry, that nickname format is invalid.\r\n

12199 / tcp

632542934 | 2025-03-24T16:03:07.141324

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

12201 / tcp

1134517380 | 2025-03-17T04:06:53.243944

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

12224 / tcp

165188539 | 2025-03-13T14:12:19.157993

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12230 / tcp

-1375131644 | 2025-03-16T22:25:49.917277

\x00[v\xc3\xbdC\x7f\x00\x00

12240 / tcp

-1399940268 | 2025-03-24T23:48:35.197537

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12257 / tcp

-1730858130 | 2025-03-21T13:41:31.009241

RFB 003.008
VNC:
  Protocol Version: 3.8

12261 / tcp

-1327660293 | 2025-03-04T23:51:29.251364

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12268 / tcp

-1428621233 | 2025-03-18T15:24:12.700069

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

12272 / tcp

-1399940268 | 2025-03-05T21:58:44.138519

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12275 / tcp

-1327660293 | 2025-03-14T23:31:29.110867

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12283 / tcp

-1888448627 | 2025-03-24T23:52:00.685070

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12292 / tcp

-805362002 | 2025-03-11T20:18:09.304870

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

12319 / tcp

-2017887953 | 2025-03-07T18:33:03.571601

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 9 1

12322 / tcp

1504401647 | 2025-03-10T12:04:21.524705

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

12324 / tcp

-784071826 | 2025-03-04T01:41:25.972590

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 5 1

12341 / tcp

740837454 | 2025-03-22T09:00:23.122186

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

12345 / tcp

265065882 | 2025-03-12T20:09:17.178305

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked

12348 / tcp

-1399940268 | 2025-03-13T18:27:26.957353

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12349 / tcp

-1730858130 | 2025-03-18T00:37:49.550001

RFB 003.008
VNC:
  Protocol Version: 3.8

12357 / tcp

-1013082686 | 2025-03-12T16:44:55.831642

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

12366 / tcp

-2096652808 | 2025-03-05T13:00:53.893191

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12373 / tcp

-653033013 | 2025-03-12T14:40:38.916176

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

12374 / tcp

-441419608 | 2025-03-03T22:49:41.482788

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

12377 / tcp

-1399940268 | 2025-03-16T20:52:34.120701

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12397 / tcp

-1399940268 | 2025-02-27T01:27:19.951665

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12401 / tcp

740837454 | 2025-03-12T00:24:47.087671

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

12407 / tcp

1911457608 | 2025-03-11T06:47:33.133772

\x00[\x00\x00\x00\x00\x00\x00

12416 / tcp

1911457608 | 2025-03-15T06:06:14.956043

\x00[\x00\x00\x00\x00\x00\x00

12426 / tcp

-2089734047 | 2025-02-26T23:30:00.317555

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12427 / tcp

819727972 | 2025-03-10T03:41:54.808311

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12431 / tcp

1911457608 | 2025-03-08T15:34:33.354005

\x00[\x00\x00\x00\x00\x00\x00

12440 / tcp

1911457608 | 2025-03-19T20:54:42.987053

\x00[\x00\x00\x00\x00\x00\x00

12454 / tcp

1370263973 | 2025-03-11T13:46:26.158709

dubbo>

12465 / tcp

-1487943323 | 2025-02-24T01:53:45.352382

431 Unable to negotiate secure command connection.\r\n

12473 / tcp

-1487943323 | 2025-03-22T20:43:09.173825

431 Unable to negotiate secure command connection.\r\n

12484 / tcp

-345718689 | 2025-03-15T07:23:27.536515

Vty password is not set.

12529 / tcp

15018106 | 2025-03-22T19:46:17.533050

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

12540 / tcp

819727972 | 2025-02-28T22:48:08.865173

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12544 / tcp

819727972 | 2025-03-15T01:07:27.830077

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12546 / tcp

819727972 | 2025-03-06T17:04:58.336880

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12550 / tcp

2063598737 | 2025-03-11T16:38:12.018148

/0 0 L\r\n/0 0 HUH\r\n

12554 / tcp

307999478 | 2025-03-20T00:05:06.431380

unknown command \r\nunknown command \r\n

12558 / tcp

-1399940268 | 2025-03-13T12:43:13.605973

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12561 / tcp

-1888448627 | 2025-03-16T22:05:30.137649

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12562 / tcp

-1399940268 | 2025-02-28T10:56:09.032231

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12563 / tcp

-1779118422 | 2025-02-25T01:05:42.079135

\x00[\xc2\xae\xc2\x8d{\x7f\x00\x00

12568 / tcp

380146262 | 2025-03-10T18:45:25.813381

@RSYNCD: 30.0

12575 / tcp

819727972 | 2025-02-24T17:09:55.443801

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12902 / tcp

-1888448627 | 2025-03-09T07:19:58.198868

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

13047 / tcp

1948301213 | 2025-03-11T22:25:56.897170

RFB 003.003
VNC:
  Protocol Version: 3.3

13082 / tcp

-1399940268 | 2025-03-18T11:07:23.195836

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14147 / tcp

-1399940268 | 2025-03-13T16:42:04.281160

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14265 / tcp

1911457608 | 2025-03-11T14:42:29.636178

\x00[\x00\x00\x00\x00\x00\x00

14401 / tcp

-1399940268 | 2025-03-06T16:13:38.619031

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14402 / tcp

1830697416 | 2025-03-04T19:50:14.069438

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

14404 / tcp

-2080784861 | 2025-03-11T08:44:14.856425

GBPK\xc3\xbb\xc3\xb7n\xc2\x93W\xc2\xaf\xc2\x86\xc2\x93x@\xc2\xa9\x0e\xc3\x8a*\xc2\x9bS\x00

14524 / tcp

1911457608 | 2025-03-13T02:52:10.098308

\x00[\x00\x00\x00\x00\x00\x00

14900 / tcp

-358801646 | 2025-03-10T19:53:27.819526

SSH-2.0-OpenSSH_6.6.1

14905 / tcp

-1399940268 | 2025-02-26T15:03:56.160557

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

15001 / tcp

-1105333987 | 2025-02-24T19:44:14.911806

\x00[KpU\x7f\x00\x00

16003 / tcp

632542934 | 2025-03-13T02:10:43.400041

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

16009 / tcp

-1399940268 | 2025-03-10T00:40:28.366654

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16011 / tcp

-1140468363 | 2025-03-19T04:40:06.294851

\x02\t\x01

16015 / tcp

819727972 | 2025-03-05T05:44:47.895350

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

16026 / tcp

819727972 | 2025-03-14T18:13:29.191473

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

16047 / tcp

-358801646 | 2025-03-05T08:21:54.227331

SSH-2.0-OpenSSH_6.6.1

16049 / tcp

-2089734047 | 2025-03-16T06:01:10.651783

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

16077 / tcp

-801484042 | 2025-03-04T17:47:53.552402

ERR 27

16083 / tcp

820958131 | 2025-02-25T22:35:37.184436

kjnkjabhbanc283ubcsbhdc72\x02

16316 / tcp

165188539 | 2025-03-18T13:36:32.934576

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

16401 / tcp

1623746877 | 2025-03-15T01:08:20.517920

500 Permission denied - closing connection.\r\n

16993 / tcp

863754335 | 2025-03-11T22:31:43.892717

0a

17020 / tcp

-1399940268 | 2025-02-28T19:29:12.600520

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

17082 / tcp

51259122 | 2025-02-26T19:28:32.790420

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

18029 / tcp

722711397 | 2025-03-13T00:52:13.029497

\x00[M\xc3\xba\xc3\x9a\x7f\x00\x00

18030 / tcp

1911457608 | 2025-02-25T17:30:37.736089

\x00[\x00\x00\x00\x00\x00\x00

18031 / tcp

597764502 | 2025-03-24T19:29:47.627483

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

18033 / tcp

819727972 | 2025-03-14T15:03:32.055754

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

18044 / tcp

-1248408558 | 2025-03-11T11:46:41.462213

220 MikroTik FTP server (MikroTik 6.44.3) ready

18050 / tcp

1911457608 | 2025-03-19T22:55:08.448490

\x00[\x00\x00\x00\x00\x00\x00

18067 / tcp

819727972 | 2025-03-20T02:57:52.985564

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

18072 / tcp

-1810987450 | 2025-03-10T21:22:52.567878

\xc3\xbf

18081 / tcp

-375604792 | 2025-03-17T06:32:13.906488

220 Microsoft FTP Service

18086 / tcp

-1230049476 | 2025-03-18T19:48:03.186882

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

18088 / tcp

819727972 | 2025-03-14T09:42:12.492717

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

18100 / tcp

455076604 | 2025-03-17T18:07:50.477713

!\x07version\x04bind7 t{RPowerDNS Recursor 410

18101 / tcp

-1836017301 | 2025-03-18T19:20:57.486202

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65a113d4_PSfjfzdx2jw87_1268-2858

18106 / tcp

819727972 | 2025-02-28T21:03:00.068208

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

18245 / tcp

165188539 | 2025-03-16T14:20:09.643194

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

18264 / tcp

819727972 | 2025-03-17T23:24:40.682986

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

19015 / tcp

-1230049476 | 2025-03-14T13:06:23.791494

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

19022 / tcp

819727972 | 2025-03-14T19:59:13.636888

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

19082 / tcp

-1839934832 | 2025-03-22T20:28:48.138124

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

19998 / tcp

410249975 | 2025-03-03T17:36:39.635017

LNS READY<>

19999 / tcp

707919486 | 2025-03-16T22:14:03.066546

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

20000 / tcp

1900503736 | 2025-03-22T20:55:19.271262

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

20150 / tcp

-1013082686 | 2025-03-18T14:40:53.827307

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

20256 / tcp

-1399940268 | 2025-03-18T19:48:52.608410

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20547 / tcp

921225407 | 2025-03-16T02:25:30.967376

\x00\x00\x00\x04\x00\x00\x00\x00\x00

20800 / tcp

1282941221 | 2025-03-09T10:47:06.808409

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

20880 / tcp

1370263973 | 2025-03-10T20:08:17.314536

dubbo>

20892 / tcp

-2096652808 | 2025-03-19T12:57:53.126865

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

20894 / tcp

-1032713145 | 2025-03-24T09:36:51.828659

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

20900 / tcp

1723769361 | 2025-03-24T06:21:21.016746

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

21025 / tcp

-1013082686 | 2025-03-25T06:35:59.409339

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

21084 / tcp

-1399940268 | 2025-03-24T08:18:21.137222

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21200 / tcp

1126993057 | 2025-03-14T02:52:03.899292

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

21231 / tcp

-2089734047 | 2025-03-10T00:04:15.612054

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

21237 / tcp

-1013082686 | 2025-03-20T03:40:20.637382

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

21239 / tcp

2063598737 | 2025-03-06T06:55:30.353805

/0 0 L\r\n/0 0 HUH\r\n

21241 / tcp

1381121983 | 2025-02-26T14:07:04.772097

Notify\r\n

21242 / tcp

-2140303521 | 2025-03-16T01:03:30.878967

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

21243 / tcp

921225407 | 2025-02-24T17:38:39.794120

\x00\x00\x00\x04\x00\x00\x00\x00\x00

21251 / tcp

15018106 | 2025-03-15T16:16:53.460280

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

21258 / tcp

-1399940268 | 2025-03-24T22:50:03.718617

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21265 / tcp

-180163620 | 2025-03-14T10:35:42.622882

NPC Telnet permit one connection.\r\n But One connection() already keep alive.\r\nGood Bye !! \r\n

21266 / tcp

307999478 | 2025-02-28T11:31:09.099177

unknown command \r\nunknown command \r\n

21284 / tcp

-2089734047 | 2025-03-15T22:12:37.207871

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

21292 / tcp

-1810987450 | 2025-03-08T12:59:05.646015

\xc3\xbf

21299 / tcp

-1399940268 | 2025-03-16T09:50:48.394229

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21308 / tcp

1911457608 | 2025-02-25T04:52:35.890642

\x00[\x00\x00\x00\x00\x00\x00

21309 / tcp

819727972 | 2025-03-20T21:21:06.075650

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

21320 / tcp

632542934 | 2025-03-15T20:38:53.703875

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

21328 / tcp

-832380282 | 2025-03-16T08:21:23.848527

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).\n

21379 / tcp

1134517380 | 2025-03-24T16:27:57.646344

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

22000 / tcp

1308377066 | 2025-02-25T04:02:55.843955

ncacn_http/1.0

22103 / tcp

-1105333987 | 2025-03-11T20:16:35.613438

\x00[KpU\x7f\x00\x00

22222 / tcp

-358801646 | 2025-03-23T19:59:27.587480

SSH-2.0-OpenSSH_6.6.1

23023 / tcp

-1681927087 | 2025-03-24T00:43:22.660644

kjnkjabhbanc283ubcsbhdc72

23424 / tcp

2087396567 | 2025-03-24T21:43:39.306211

kjnkjabhbanc283ubcsbhdc72

24181 / tcp

165188539 | 2025-03-22T23:40:21.128172

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

24245 / tcp

-971970408 | 2025-03-14T13:24:14.511048

24472 / tcp

819727972 | 2025-03-09T08:24:39.914745

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

24510 / tcp

-1399940268 | 2025-03-25T13:12:13.637297

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

25001 / tcp

-1399940268 | 2025-03-22T10:01:53.963432

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

25565 / tcp

-1888448627 | 2025-03-07T10:15:13.261365

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

27015 / tcp

2103111368 | 2025-03-25T11:57:25.325817

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

27016 / tcp

-1733645023 | 2025-03-25T13:42:44.478117

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

28015 / tcp

-314039103 | 2025-03-21T13:16:48.639090

Surnom.
Sorry, that nickname format is invalid.

28017 / tcp

660175493 | 2025-03-24T14:57:25.768488

30002 / tcp

-527005584 | 2025-03-22T06:18:39.931747

/0 0 L
/0 0 HUH

30003 / tcp

1911457608 | 2025-03-07T01:41:31.197393

\x00[\x00\x00\x00\x00\x00\x00

30023 / tcp

1948301213 | 2025-03-22T19:14:10.526786

RFB 003.003
VNC:
  Protocol Version: 3.3

30122 / tcp

2087396567 | 2025-03-19T20:06:55.706842

kjnkjabhbanc283ubcsbhdc72

30222 / tcp

-445721795 | 2025-03-25T15:25:00.165536

\x00[\xc3\xaed\x1a\x7f\x00\x00

30443 / tcp

740837454 | 2025-03-23T07:10:04.607962

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

30468 / tcp

-1839934832 | 2025-03-24T20:47:20.972267

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

30479 / tcp

-1399940268 | 2025-03-05T02:16:42.090633

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

30501 / tcp

-1835475271 | 2025-03-19T18:15:39.754724

200 NOD32SS 99 (3318497116)\r\n

30522 / tcp

-1453516345 | 2025-03-12T14:00:11.919728

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

30722 / tcp

539065883 | 2025-03-25T01:21:40.292343

30822 / tcp

-1810987450 | 2025-03-25T21:33:29.882455

\xc3\xbf

30892 / tcp

-1399940268 | 2025-02-28T03:05:35.553338

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

31001 / tcp

-441419608 | 2025-03-12T11:21:17.630905

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

31022 / tcp

-358801646 | 2025-03-24T11:32:50.679575

SSH-2.0-OpenSSH_6.6.1

31337 / tcp

-2133761335 | 2025-03-20T22:22:56.023286

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.21

31422 / tcp

-971970408 | 2025-03-25T03:10:40.565368

31443 / tcp

819727972 | 2025-03-12T17:25:50.045448

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

31822 / tcp

171352214 | 2025-03-20T18:29:44.104900

-ERR client ip is not in whitelist

32022 / tcp

-971970408 | 2025-03-23T18:39:54.911700

32101 / tcp

-1399940268 | 2025-03-23T19:26:16.710254

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

32322 / tcp

539065883 | 2025-03-16T14:29:44.411649

32422 / tcp

1642597142 | 2025-03-23T13:08:32.924894

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

32443 / tcp

-1399940268 | 2025-03-15T18:39:34.740777

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

32622 / tcp

1690634669 | 2025-03-21T03:35:40.341811

32722 / tcp

117101543 | 2025-03-23T04:54:33.529487

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

32746 / tcp

410249975 | 2025-03-15T22:33:47.390081

LNS READY<>

32764 / tcp

-971970408 | 2025-03-13T11:16:21.539848

33122 / tcp

2103111368 | 2025-03-22T21:57:49.378962

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

33222 / tcp

1978059005 | 2025-03-09T18:53:41.030289

Sorry, that nickname format is invalid.

33389 / tcp

1308377066 | 2025-03-19T13:17:41.798285

ncacn_http/1.0

33522 / tcp

819727972 | 2025-02-26T15:06:50.961183

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

33622 / tcp

660175493 | 2025-03-21T05:27:58.913100

33822 / tcp

-653033013 | 2025-03-18T11:05:53.602895

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

33922 / tcp

819727972 | 2025-03-18T02:59:44.831440

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

34225 / tcp

1911457608 | 2025-03-20T06:55:54.258644

\x00[\x00\x00\x00\x00\x00\x00

34422 / tcp

1830187220 | 2025-03-15T01:17:40.741899

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

34522 / tcp

-1713437100 | 2025-03-19T10:58:53.496627

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

34822 / tcp

-2096652808 | 2025-03-19T06:12:13.374093

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

35022 / tcp

-1900404274 | 2025-03-19T03:29:38.037155

Unknown command

35101 / tcp

-1899074860 | 2025-03-08T17:36:47.845144

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

35250 / tcp

921225407 | 2025-03-09T19:17:02.813234

\x00\x00\x00\x04\x00\x00\x00\x00\x00

35422 / tcp

539065883 | 2025-02-28T07:45:29.992540

35522 / tcp

2087396567 | 2025-03-17T03:25:30.022950

kjnkjabhbanc283ubcsbhdc72

35622 / tcp

2087396567 | 2025-03-18T07:17:36.945856

kjnkjabhbanc283ubcsbhdc72

35722 / tcp

-154107716 | 2025-03-17T09:52:52.686781

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

35822 / tcp

539065883 | 2025-03-17T17:17:53.995849

36422 / tcp

1542849631 | 2025-03-15T08:03:20.301066

* OK [CAPABILITY a2,M\] nBwXk2pPP IMAP4rev1 20qx at

36505 / tcp

-1399940268 | 2025-03-22T12:01:27.678024

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

36522 / tcp

-971970408 | 2025-03-18T15:54:54.355310

36622 / tcp

-1441741890 | 2025-02-27T11:00:31.920352

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2
0181212])

37022 / tcp

-971970408 | 2025-03-16T19:03:30.598149

37122 / tcp

1077013874 | 2025-03-16T22:42:47.145983

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

37222 / tcp

1690634669 | 2025-03-14T19:10:15.155379

37422 / tcp

1842524259 | 2025-03-15T11:34:36.325550

37522 / tcp

-1441741890 | 2025-03-16T09:16:17.472512

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2
0181212])

37722 / tcp

1544300041 | 2025-03-15T23:51:52.949656

SSH-25453-Cisco-3524665.35

37777 / tcp

-2107996212 | 2025-03-24T06:51:23.926533

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

37822 / tcp

-1032713145 | 2025-02-28T05:05:50.667154

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

37922 / tcp

366084633 | 2025-03-18T00:07:51.667401

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

38022 / tcp

-1189269828 | 2025-02-27T12:43:03.406261

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

38080 / tcp

-407828767 | 2025-02-26T20:21:42.847610

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

38122 / tcp

819727972 | 2025-03-15T16:58:08.402567

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

38322 / tcp

-971970408 | 2025-03-15T13:14:56.230275

38333 / tcp

-971970408 | 2025-03-15T20:24:52.618517

38622 / tcp

819727972 | 2025-03-14T08:16:40.337469

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

38722 / tcp

-971970408 | 2025-03-13T21:42:21.360127

38880 / tcp

-2089734047 | 2025-03-16T00:54:36.881410

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

39001 / tcp

-784071826 | 2025-03-25T08:41:31.186750

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

39122 / tcp

504717326 | 2025-03-13T18:11:02.663729

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 6 1

39322 / tcp

819727972 | 2025-03-11T10:35:57.931394

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

39522 / tcp

-1810987450 | 2025-03-11T08:57:11.141028

\xc3\xbf

39622 / tcp

2087396567 | 2025-03-11T07:15:09.511615

kjnkjabhbanc283ubcsbhdc72

40022 / tcp

1690634669 | 2025-03-09T10:30:45.821904

40322 / tcp

1887224352 | 2025-03-08T22:16:02.857429

40522 / tcp

-971970408 | 2025-03-04T06:41:53.247320

41122 / tcp

-2031152423 | 2025-02-27T14:27:46.379321

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

41222 / tcp

1690634669 | 2025-03-05T00:21:39.335165

41443 / tcp

2087396567 | 2025-03-14T04:57:22.139256

kjnkjabhbanc283ubcsbhdc72

41922 / tcp

-1139539254 | 2025-03-07T15:37:05.833468

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

42122 / tcp

-2096652808 | 2025-03-05T03:36:03.947634

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

42422 / tcp

-2096652808 | 2025-03-04T19:48:40.318033

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

42922 / tcp

-971970408 | 2025-02-28T14:52:46.962093

43222 / tcp

-445721795 | 2025-03-01T00:26:43.631863

\x00[\xc3\xaed\x1a\x7f\x00\x00

43522 / tcp

2087396567 | 2025-02-27T17:51:05.942143

kjnkjabhbanc283ubcsbhdc72

43822 / tcp

-1013082686 | 2025-02-27T01:22:49.362867

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

43922 / tcp

-616720387 | 2025-02-27T09:26:08.285926

SSH-2.0-SSHD_0.7.6

44022 / tcp

1077013874 | 2025-02-26T20:16:28.357805

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

44122 / tcp

-319440554 | 2025-02-26T21:59:51.036475

44158 / tcp

-433302150 | 2025-03-07T07:56:45.490991

/multistream/1.0.0

44222 / tcp

-1189269828 | 2025-03-10T22:10:11.674650

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

44300 / tcp

1991883981 | 2025-03-21T20:09:27.790874

B\x00\x00\x00\xc3\xbfn\x04Too many connections

44332 / tcp

-1888448627 | 2025-03-17T06:33:50.675740

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

44422 / tcp

660175493 | 2025-02-26T00:02:09.016445

44520 / tcp

165188539 | 2025-02-28T01:56:46.025205

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

44522 / tcp

-1839934832 | 2025-02-26T06:32:44.973400

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

44722 / tcp

1761482307 | 2025-02-26T06:17:49.927910

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

45003 / tcp

819727972 | 2025-03-09T21:24:31.302996

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

45122 / tcp

-288825733 | 2025-02-24T06:55:57.075995

HTTP/1.1 200 OK
Connection: close
Content-Length: 2619
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE
Content-Type: text/html
Server: Jetty(9.4.14.v20181114)
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

45222 / tcp

2087396567 | 2025-02-25T18:49:16.357800

kjnkjabhbanc283ubcsbhdc72

45322 / tcp

2087396567 | 2025-02-25T17:13:26.229262

kjnkjabhbanc283ubcsbhdc72

45677 / tcp

1134517380 | 2025-03-20T19:17:23.779460

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

45822 / tcp

660175493 | 2025-03-10T12:05:44.107078

45922 / tcp

819727972 | 2025-03-10T13:55:48.199867

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

46122 / tcp

-971970408 | 2025-02-25T05:25:50.991100

46322 / tcp

1778988322 | 2025-02-24T21:11:11.419112

* OK GroupWise IMAP4rev1 Server Ready

46422 / tcp

1636811864 | 2025-02-24T08:39:23.627910

47080 / tcp

165188539 | 2025-03-11T20:47:21.708524

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

47534 / tcp

-2107996212 | 2025-02-28T14:00:18.939067

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

47622 / tcp

-319440554 | 2025-02-25T01:58:32.882193

47722 / tcp

1741579575 | 2025-03-10T10:27:50.859691

47808 / tcp

1282941221 | 2025-03-24T03:34:12.288851

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

47822 / tcp

-1839934832 | 2025-03-10T08:36:52.246864

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

47984 / tcp

-1327660293 | 2025-03-15T01:22:18.185224

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

47990 / tcp

660175493 | 2025-03-22T01:13:04.164314

48012 / tcp

1911457608 | 2025-03-07T13:08:29.837701

\x00[\x00\x00\x00\x00\x00\x00

48013 / tcp

-1730858130 | 2025-02-26T13:13:38.313062

RFB 003.008
VNC:
  Protocol Version: 3.8

48122 / tcp

1741579575 | 2025-03-10T05:10:39.585952

48322 / tcp

1996932384 | 2025-03-10T01:53:03.309030

"raop" nonce

48522 / tcp

707919486 | 2025-03-09T22:14:54.033838

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

48622 / tcp

-438503381 | 2025-02-24T18:56:03.380315

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

48722 / tcp

1077013874 | 2025-02-24T16:10:33.496569

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

48822 / tcp

1208318993 | 2025-02-24T17:12:51.714558

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

49022 / tcp

1332894250 | 2025-03-07T15:13:22.034067

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

49153 / tcp

2087396567 | 2025-03-22T12:51:40.861021

kjnkjabhbanc283ubcsbhdc72

50000 / tcp

2087396567 | 2025-02-26T09:55:59.540858

kjnkjabhbanc283ubcsbhdc72

50003 / tcp

1762042191 | 2025-03-19T11:07:53.833756

\x7f\x7fICA\x00

50010 / tcp

-339084706 | 2025-03-10T09:48:32.006294

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

50100 / tcp

2103111368 | 2025-03-21T22:29:07.635977

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

50112 / tcp

-1399940268 | 2025-03-20T23:57:58.404788

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

51106 / tcp

1636811864 | 2025-03-20T10:15:34.682515

52200 / tcp

165188539 | 2025-03-14T14:42:07.954712

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

52340 / tcp

-1013082686 | 2025-03-06T09:55:05.302265

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

52536 / tcp

671605376 | 2025-03-25T22:31:15.113250

SSH-2.0-OpenSSH_X.X

52869 / tcp

-1072158793 | 2025-03-21T13:30:43.737630

HTTP/1.1 500 Internal Server Error
SERVER: Linux/2.6.21.5, UPnP/1.0, Portable SDK for UPnP devices/1.6.6
CONNECTION: close
CONTENT-LENGTH: 60
CONTENT-TYPE: text/html

54022 / tcp

819727972 | 2025-02-28T04:07:48.075442

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

54138 / tcp

-1746074029 | 2025-03-22T06:21:09.120573

101 imqbroker =unV\r\n

54984 / tcp

2103111368 | 2025-03-21T07:42:40.866279

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

55000 / tcp

-1097188123 | 2025-03-15T18:15:48.774663

[g\xc2\x95N\x7f

55350 / tcp

-1399940268 | 2025-03-25T17:59:36.963735

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

55443 / tcp

-653033013 | 2025-03-19T15:00:45.046699

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

55490 / tcp

321971019 | 2025-03-18T17:29:50.193882

-ERR client ip is not in whitelist\r

55522 / tcp

539065883 | 2025-03-06T22:32:11.309309

55553 / tcp

660175493 | 2025-03-17T15:21:39.012103

55554 / tcp

1767345577 | 2025-03-09T17:00:13.107719

Hello, this is Quagga (version 0T).
Copyright 1996-200

55722 / tcp

-1681927087 | 2025-03-06T19:05:26.889395

kjnkjabhbanc283ubcsbhdc72

57522 / tcp

-1730858130 | 2025-03-06T12:42:54.081439

RFB 003.008
VNC:
  Protocol Version: 3.8

57622 / tcp

2087396567 | 2025-03-06T09:12:59.962505

kjnkjabhbanc283ubcsbhdc72

57780 / tcp

1911457608 | 2025-02-26T03:59:14.666080

\x00[\x00\x00\x00\x00\x00\x00

57783 / tcp

205347087 | 2025-03-09T17:27:39.211934

SSH-25453-Cisco-3524665.35\n

57822 / tcp

660175493 | 2025-03-06T05:48:07.647292

58322 / tcp

-903067560 | 2025-03-05T22:52:06.031743

\x00[\x13)\xc2\x81\x7f\x00\x00

59022 / tcp

1741579575 | 2025-03-05T12:32:20.396126

59122 / tcp

660175493 | 2025-03-05T10:48:32.769736

59522 / tcp

-441419608 | 2025-03-03T18:46:23.817639

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

60001 / tcp

-1598265216 | 2025-03-15T02:11:41.423002

@RSYNCD: 31.0

60023 / tcp

165188539 | 2025-03-12T07:15:22.018255

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

60129 / tcp

1741579575 | 2025-03-20T04:27:25.534541

61613 / tcp

1948301213 | 2025-03-25T02:06:15.679789

RFB 003.003
VNC:
  Protocol Version: 3.3

61616 / tcp

2087396567 | 2025-03-09T16:23:11.158492

kjnkjabhbanc283ubcsbhdc72

62078 / tcp

-1113435755 | 2025-03-18T06:19:23.174896

/1.1 404 Not Found
Content Length: 0

63210 / tcp

-1681927087 | 2025-03-10T06:30:24.576000

kjnkjabhbanc283ubcsbhdc72

63256 / tcp

-1730858130 | 2025-03-21T21:41:46.595900

RFB 003.008
VNC:
  Protocol Version: 3.8

64738 / tcp

2087396567 | 2025-03-15T04:08:16.239311

kjnkjabhbanc283ubcsbhdc72

106.11.43.160

Last Seen: 2025-03-25

Tags:

GeneralInformation

OpenPorts

11 / tcp -952165951 | 2025-03-11T17:21:02.401131

13 / tcp -2127598635 | 2025-03-22T04:42:48.886928

15 / tcp -2089734047 | 2025-03-20T09:08:47.587789

17 / tcp 2111892176 | 2025-03-23T20:17:57.942256

19 / tcp 620044682 | 2025-02-26T08:22:43.154457

20 / tcp 819727972 | 2025-03-10T03:19:00.215841

21 / tcp -731285715 | 2025-03-25T14:16:12.364249

23 / tcp -1816600103 | 2025-03-09T04:23:03.490359

37 / tcp 1288534451 | 2025-03-23T14:51:21.119952

43 / tcp 1189133115 | 2025-03-24T16:22:15.306032

53 / tcp -42462918 | 2025-03-22T09:27:45.303446

70 / tcp 1738069263 | 2025-03-15T10:33:42.972053

79 / tcp -876294238 | 2025-03-17T08:03:12.884085

80 / tcp -805429198 | 2025-03-19T15:31:23.682663

Hashes

84 / tcp -2118655245 | 2025-03-17T19:12:46.504224

Hashes

87 / tcp -1105333987 | 2025-03-18T14:18:14.278949

98 / tcp -1487943323 | 2025-03-23T21:40:51.980048

104 / tcp 575925250 | 2025-03-11T05:13:44.031267

106 / tcp 366084633 | 2025-03-12T14:18:50.191196

110 / tcp -1399940268 | 2025-03-16T09:14:29.968096

111 / tcp -952165951 | 2025-03-21T12:12:38.960313

113 / tcp 1921398876 | 2025-03-23T02:57:42.934954

121 / tcp 819727972 | 2025-03-23T03:53:01.463152

122 / tcp -303199180 | 2025-03-19T05:19:27.345152

135 / tcp -1729522695 | 2025-03-15T14:03:58.367044

175 / tcp 1911457608 | 2025-02-28T05:24:37.668303

179 / tcp -399606100 | 2025-03-12T19:13:49.407978

195 / tcp 1542849631 | 2025-03-25T09:15:12.199091

221 / tcp 1911457608 | 2025-03-17T18:48:15.436953

263 / tcp -288825733 | 2025-03-19T01:30:01.160756

311 / tcp 749429829 | 2025-03-18T15:40:18.440953

343 / tcp 1282941221 | 2025-03-17T09:47:57.238528

389 / tcp -1907080992 | 2025-03-15T11:29:18.632966

427 / tcp 1998636604 | 2025-03-24T00:33:42.639515

443 / tcp 2098045381 | 2025-03-19T15:31:25.833961

Hashes

444 / tcp 1485623376 | 2025-03-05T16:26:38.963073

515 / tcp -79865617 | 2025-03-04T16:46:15.787078

548 / tcp -2035415184 | 2025-03-17T14:10:31.461515

554 / tcp 1207252947 | 2025-02-25T23:57:45.462364

587 / tcp 745343730 | 2025-02-28T13:56:31.334927

636 / tcp -2023550675 | 2025-03-06T23:16:12.703804

666 / tcp 1300162323 | 2025-03-07T00:34:27.750259

675 / tcp 819727972 | 2025-02-28T19:41:25.365654

685 / tcp -1733645023 | 2025-03-10T06:16:21.341233

771 / tcp 165188539 | 2025-02-24T16:10:16.789092

785 / tcp 599074451 | 2025-03-21T01:07:07.192627

789 / tcp -2089734047 | 2025-03-11T18:37:15.815145

830 / tcp 103159425 | 2025-03-23T07:33:46.213284

832 / tcp -1297953727 | 2025-03-23T18:30:40.062568

843 / tcp -2004989248 | 2025-02-25T19:35:47.348415

873 / tcp -1970692834 | 2025-03-25T07:25:39.203419

995 / tcp 1356395159 | 2025-03-09T08:12:14.183780

1025 / tcp -1428621233 | 2025-02-27T23:28:22.968157

1027 / tcp -441419608 | 2025-03-18T17:56:24.055542

1080 / tcp 1362344524 | 2025-03-24T15:05:11.198493

1099 / tcp -249504111 | 2025-03-18T23:55:26.699904

1153 / tcp 321971019 | 2025-03-19T20:53:38.783399

1177 / tcp -1013082686 | 2025-03-18T22:58:07.836292

1234 / tcp -1099385124 | 2025-03-18T22:04:40.475068

1235 / tcp 1762042191 | 2025-03-17T02:25:13.519767

1291 / tcp 205347087 | 2025-02-28T03:16:34.931830

1364 / tcp -1996280214 | 2025-02-24T21:10:49.650985

1459 / tcp -1888448627 | 2025-03-14T13:15:23.700204

1515 / tcp 539065883 | 2025-03-22T08:01:14.265525

1521 / tcp -1337747449 | 2025-03-17T14:23:50.997687

1577 / tcp -1839934832 | 2025-03-25T01:09:03.829373

1599 / tcp 819727972 | 2025-03-20T06:16:10.678351

1604 / tcp 539065883 | 2025-03-13T00:22:34.866984

1723 / tcp 1103582599 | 2025-03-22T01:56:10.858257

1801 / tcp -1139999322 | 2025-03-22T19:04:32.459150

1911 / tcp 819727972 | 2025-03-24T00:26:50.837968

1957 / tcp 819727972 | 2025-03-04T20:39:27.153512

11 / tcp

-952165951 | 2025-03-11T17:21:02.401131

13 / tcp

-2127598635 | 2025-03-22T04:42:48.886928

15 / tcp

-2089734047 | 2025-03-20T09:08:47.587789

17 / tcp

2111892176 | 2025-03-23T20:17:57.942256

19 / tcp

620044682 | 2025-02-26T08:22:43.154457

20 / tcp

819727972 | 2025-03-10T03:19:00.215841

21 / tcp

-731285715 | 2025-03-25T14:16:12.364249

23 / tcp

-1816600103 | 2025-03-09T04:23:03.490359

37 / tcp

1288534451 | 2025-03-23T14:51:21.119952

43 / tcp

1189133115 | 2025-03-24T16:22:15.306032

53 / tcp

-42462918 | 2025-03-22T09:27:45.303446

70 / tcp

1738069263 | 2025-03-15T10:33:42.972053

79 / tcp

-876294238 | 2025-03-17T08:03:12.884085

80 / tcp

-805429198 | 2025-03-19T15:31:23.682663

84 / tcp

-2118655245 | 2025-03-17T19:12:46.504224

87 / tcp

-1105333987 | 2025-03-18T14:18:14.278949

98 / tcp

-1487943323 | 2025-03-23T21:40:51.980048

104 / tcp

575925250 | 2025-03-11T05:13:44.031267

106 / tcp

366084633 | 2025-03-12T14:18:50.191196

110 / tcp

-1399940268 | 2025-03-16T09:14:29.968096

111 / tcp

-952165951 | 2025-03-21T12:12:38.960313

113 / tcp

1921398876 | 2025-03-23T02:57:42.934954

121 / tcp

819727972 | 2025-03-23T03:53:01.463152

122 / tcp

-303199180 | 2025-03-19T05:19:27.345152

135 / tcp

-1729522695 | 2025-03-15T14:03:58.367044

175 / tcp

1911457608 | 2025-02-28T05:24:37.668303

179 / tcp

-399606100 | 2025-03-12T19:13:49.407978

195 / tcp

1542849631 | 2025-03-25T09:15:12.199091

221 / tcp

1911457608 | 2025-03-17T18:48:15.436953

263 / tcp

-288825733 | 2025-03-19T01:30:01.160756

311 / tcp

749429829 | 2025-03-18T15:40:18.440953

343 / tcp

1282941221 | 2025-03-17T09:47:57.238528

389 / tcp

-1907080992 | 2025-03-15T11:29:18.632966

427 / tcp

1998636604 | 2025-03-24T00:33:42.639515

443 / tcp

2098045381 | 2025-03-19T15:31:25.833961

444 / tcp

1485623376 | 2025-03-05T16:26:38.963073

515 / tcp

-79865617 | 2025-03-04T16:46:15.787078

548 / tcp

-2035415184 | 2025-03-17T14:10:31.461515

554 / tcp

1207252947 | 2025-02-25T23:57:45.462364

587 / tcp

745343730 | 2025-02-28T13:56:31.334927

636 / tcp

-2023550675 | 2025-03-06T23:16:12.703804

666 / tcp

1300162323 | 2025-03-07T00:34:27.750259

675 / tcp

819727972 | 2025-02-28T19:41:25.365654

685 / tcp

-1733645023 | 2025-03-10T06:16:21.341233

771 / tcp

165188539 | 2025-02-24T16:10:16.789092

785 / tcp

599074451 | 2025-03-21T01:07:07.192627

789 / tcp

-2089734047 | 2025-03-11T18:37:15.815145

830 / tcp

103159425 | 2025-03-23T07:33:46.213284

832 / tcp

-1297953727 | 2025-03-23T18:30:40.062568

843 / tcp

-2004989248 | 2025-02-25T19:35:47.348415

873 / tcp

-1970692834 | 2025-03-25T07:25:39.203419

995 / tcp

1356395159 | 2025-03-09T08:12:14.183780

1025 / tcp

-1428621233 | 2025-02-27T23:28:22.968157

1027 / tcp

-441419608 | 2025-03-18T17:56:24.055542

1080 / tcp

1362344524 | 2025-03-24T15:05:11.198493

1099 / tcp

-249504111 | 2025-03-18T23:55:26.699904

1153 / tcp

321971019 | 2025-03-19T20:53:38.783399

1177 / tcp

-1013082686 | 2025-03-18T22:58:07.836292

1234 / tcp

-1099385124 | 2025-03-18T22:04:40.475068

1235 / tcp

1762042191 | 2025-03-17T02:25:13.519767

1291 / tcp

205347087 | 2025-02-28T03:16:34.931830

1364 / tcp

-1996280214 | 2025-02-24T21:10:49.650985

1459 / tcp

-1888448627 | 2025-03-14T13:15:23.700204

1515 / tcp

539065883 | 2025-03-22T08:01:14.265525

1521 / tcp

-1337747449 | 2025-03-17T14:23:50.997687

1577 / tcp

-1839934832 | 2025-03-25T01:09:03.829373

1599 / tcp

819727972 | 2025-03-20T06:16:10.678351

1604 / tcp

539065883 | 2025-03-13T00:22:34.866984

1723 / tcp

1103582599 | 2025-03-22T01:56:10.858257

1801 / tcp

-1139999322 | 2025-03-22T19:04:32.459150

1911 / tcp

819727972 | 2025-03-24T00:26:50.837968

1957 / tcp

819727972 | 2025-03-04T20:39:27.153512

1958 / tcp

-1399940268 | 2025-03-21T08:12:41.415999

1962 / tcp

1911457608 | 2025-02-28T11:16:41.153866

1965 / tcp

1726594447 | 2025-03-16T15:06:41.190920

1967 / tcp

1492413928 | 2025-03-24T03:13:22.276612

2002 / tcp

-1730858130 | 2025-03-24T00:20:26.097713

2008 / tcp

-154107716 | 2025-02-24T05:43:09.747586

2021 / tcp

-2046514463 | 2025-03-20T15:06:40.356182

2048 / tcp

-1453516345 | 2025-03-14T03:32:47.383137