GeneralInformation

Hostnames	amap.com
Domains	amap.com
Country	China
City	Zhangjiakou
Organization	Zhejiang Taobao Network Co.,Ltd
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2024(1)

CVE-2024-6387

8.1A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(2)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

2019(4)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(3)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

2017(1)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(4)

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(1)

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 15 17 24 25 37 43 53 70 80 91 96 99 101 104 111 113 119 135 143 175 179 195 221 285 389 427 443 448 461 503 513 541 554 636 646 666 743 772 777 782 801 809 843 873 992 993 995 1050 1080 1099 1110 1153 1177 1200 1234 1235 1337 1355 1414 1433 1443 1450 1452 1459 1460 1515 1521 1554 1599 1723 1800 1801 1883 1911 1926 1962 1983 1986 1987 1988 2000 2003 2008 2016 2048 2051 2056 2087 2090 2100 2121 2130 2181 2222 2266 2323 2332 2344 2345 2376 2404 2423 2453 2549 2560 2567 2599 2628 2761 3001 3004 3006 3007 3012 3017 3050 3052 3060 3079 3087 3107 3119 3132 3184 3198 3200 3221 3256 3260 3268 3299 3349 3557 3561 3567 3780 3790 3838 3953 4000 4064 4101 4103 4157 4165 4242 4282 4343 4369 4402 4433 4434 4436 4443 4444 4455 4461 4499 4524 4531 4700 4786 4949 5006 5007 5010 5011 5172 5201 5222 5244 5248 5256 5257 5266 5269 5270 5274 5275 5321 5431 5432 5594 5595 5596 5599 5671 5672 5678 5696 5822 5858 5938 5984 5986 5987 6000 6001 6002 6005 6061 6134 6363 6379 6443 6544 6556 6560 6633 6666 6667 6668 6700 7001 7006 7018 7071 7078 7083 7084 7105 7218 7373 7415 7443 7510 7548 7654 7775 7777 7799 7998 8001 8004 8009 8010 8021 8027 8032 8042 8065 8068 8087 8089 8092 8099 8103 8113 8125 8126 8172 8174 8176 8181 8183 8196 8199 8200 8222 8300 8316 8333 8340 8402 8403 8424 8431 8443 8454 8457 8458 8465 8500 8513 8528 8536 8545 8548 8554 8558 8565 8573 8574 8575 8589 8592 8621 8666 8708 8728 8732 8733 8787 8790 8813 8815 8835 8837 8855 8865 8871 8877 8889 8901 8908 8980 8990 9001 9002 9013 9039 9041 9042 9051 9072 9073 9077 9097 9102 9113 9116 9129 9137 9151 9161 9163 9171 9193 9198 9204 9218 9222 9244 9251 9283 9306 9310 9333 9398 9399 9418 9443 9480 9507 9530 9600 9633 9710 9754 9758 9761 9811 9876 9898 9943 9944 9998 9999 10000 10003 10007 10024 10037 10044 10047 10134 10201 10533 10554 10909 10911 11065 11112 11210 11211 11288 11300 11371 11602 11681 12082 12104 12111 12115 12138 12140 12147 12159 12166 12169 12194 12203 12223 12231 12240 12242 12244 12252 12253 12267 12271 12294 12308 12314 12316 12318 12341 12343 12344 12345 12346 12354 12357 12358 12360 12369 12371 12379 12389 12392 12405 12421 12425 12449 12459 12465 12486 12517 12523 12528 12551 12554 12560 12568 12577 13047 13128 14147 14265 14344 14905 15044 16004 16025 16031 16034 16067 16074 16076 16078 16092 16464 16666 16993 17000 17773 18005 18007 18021 18040 18041 18046 18054 18074 18075 18081 18092 18096 18109 18245 18264 18443 18553 19000 19930 20000 20001 20053 20070 20087 20106 20150 20208 20512 20547 20600 20880 20900 21025 21241 21257 21260 21268 21286 21305 21313 21314 21316 21321 21325 21379 22000 22067 22070 22082 22556 22703 23424 24082 24808 25001 25082 25565 26656 26657 27017 27036 27571 28015 28017 28443 30001 30002 30009 30017 30022 30029 30122 30123 30222 30301 30322 30452 30522 30622 30718 30722 30822 30892 30922 31122 31322 31443 31522 31822 32101 32102 32122 32222 32400 32443 32522 32622 32722 32746 32764 32822 32922 33122 33222 33389 33422 33622 33722 34122 34322 34500 34722 34822 34922 35004 35222 35522 35531 35622 35722 35922 36022 36505 36522 36722 36984 37222 37322 37522 37722 37777 37922 38022 38122 39322 39822 40722 41443 41522 41794 43200 43222 43322 43422 43622 43822 44022 44158 44222 44310 44320 44340 44341 44520 44818 45001 45005 45022 45111 45666 45886 47922 47990 48022 48422 48522 49022 49121 49152 49153 50000 50005 50010 50012 50070 50100 50104 51002 51201 51235 52022 53480 53490 54138 55000 55022 55442 55443 55553 55622 57783 57785 57922 58122 58422 58603 58722 58822 58922 59012 59222 59322 59522 60129 61613 61616 61617 62078 63210 63256 63257 63260 65000

11 / tcp

1975288991 | 2025-03-27T22:06:40.437277

OPTI

13 / tcp

1297354658 | 2025-03-18T16:07:44.822707

J\x00\x00\x00
8.0.23\x00%\xc6\xec\x0e\x12X&/&?\x00\xff\xff-\x02\x00\xff\xcf\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00jde\x1d.9S\"\x1d:#\x00caching_sha2_password\x00

15 / tcp

-1316398834 | 2025-03-19T13:38:44.148793

ÿ

17 / tcp

344087494 | 2025-03-24T08:06:22.063794

"When a stupid man is doing something he is ashamed of, he always declares
 that it is his duty." George Bernard Shaw (1856-1950)
\x00

24 / tcp

575925250 | 2025-03-28T01:10:17.863245

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

25 / tcp

-1399940268 | 2025-03-27T22:52:05.420959

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

37 / tcp

1288534451 | 2025-03-25T23:36:23.337502

\\xe9XuK

43 / tcp

897328069 | 2025-03-11T22:25:54.094847

220 mail.scott000.com ESMTP

53 / tcp

1024248778 | 2025-03-28T01:45:01.501892

9
\x81\x80\x00\x01\x00\x02\x00\x00\x00\x00\x08clients1\x06google\x03com\x00\x00\x01\x00\x01\xc0\x00\x05\x00\x01\x00\x00\x00\xbd\x00\x07clients\x01l\xc0\x15\xc01\x00\x01\x00\x01\x00\x00\x00\xa2\x00\x04\xac٣.
\x00\x06\x85\x80\x00\x01\x00\x01\x00\x00\x00

70 / tcp

1738069263 | 2025-03-26T15:52:29.723578

\x01remshd: Kerberos Authentication not enabled.

80 / tcp

378047766 | 2025-03-28T06:36:30.725612

Hashes

hash

-2015942973

http.dom_hash

-2006505642

http.html_hash

378047766

http.server_hash

1673621694

HTTP/1.1 200 OK
Server: Tengine
Date: Fri, 28 Mar 2025 06:36:30 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: ring/1.0.0
gsid: 033043157097174314379022200040590409194
sc: 0.031
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: *
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,key,x-biz,x-info,platinfo,encr,enginever,gzipped,poiid

91 / tcp

-339084706 | 2025-03-10T16:07:50.373043

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

96 / tcp

-358801646 | 2025-03-16T21:30:51.188083

SSH-2.0-OpenSSH_6.6.1

99 / tcp

1713556628 | 2025-03-10T06:40:19.497570

HTTP/1.1 400 Bad Request
Server: Jdcloud-FE
Content-Type: text/html
Connection: keep-alive
Keep-Alive: timeout=20

101 / tcp

921225407 | 2025-03-13T20:35:28.516171

\x00\x00\x00\x04\x00\x00\x00\x00\x00

104 / tcp

-1114821551 | 2025-03-24T10:50:06.217251

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

111 / tcp

-746114901 | 2025-03-27T05:32:04.943716

[KpU

113 / tcp

1412519768 | 2025-03-15T15:52:59.691223

"AP0F1D85"
Connection: close

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR

119 / tcp

141730637 | 2025-03-19T19:20:45.922805

HTTP/1.0 200 OK
Server: Proxy

135 / tcp

1141948216 | 2025-03-21T16:21:27.789489

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: DESKTOP-HL59G5J\n IP2: 169.254.93.199\n IP3: 175.180.100.187\n\nNTLMSSP:\nTarget_Name: DESKTOP-HL59G5J\nProduct_Version: 10.0.19041 Ntlm 15\nOS: Windows 10, Version 2004/Windows Server, Version 2004\nNetBIOS_Domain_Name: DESKTOP-HL59G5J\nNetBIOS_Computer_Name: DESKTOP-HL59G5J\nDNS_Domain_Name: DESKTOP-HL59G5J\nDNS_Computer_Name: DESKTOP-HL59G5J\nSystem_Time: 2024-01-22 06:04:34 +0000 UTC\n\nDCERPC Dump:\n954

143 / tcp

376198496 | 2025-03-24T07:32:22.716854

* OK Coremail System IMap Server Ready(mispb-151a50c7-932b-471d-b699-900151c4d82d-foreseahealth.com[c1988e81907d5583d41947167f416ce9])\r\n

175 / tcp

1282941221 | 2025-03-25T07:48:15.376259

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

179 / tcp

-399606100 | 2025-03-21T13:44:14.707303

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

195 / tcp

550048729 | 2025-03-27T00:01:00.744351

ÿÿÿ
0 ...

221 / tcp

-136006866 | 2025-03-17T18:20:26.214773

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

285 / tcp

-2080784861 | 2025-03-26T19:05:07.580694

GBPK\xc3\xbb\xc3\xb7n\xc2\x93W\xc2\xaf\xc2\x86\xc2\x93x@\xc2\xa9\x0e\xc3\x8a*\xc2\x9bS\x00

389 / tcp

-1907080992 | 2025-03-10T01:58:52.130120

0\x0c\\x02\\x01\\x01a\\x07\n\\x01\\x00\\x04\\x00\\x04\\x00

427 / tcp

1998636604 | 2025-03-04T12:13:39.507708

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://192.168.2.254\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:VMwareInfrastructure\n\nResponse of service:VMwareInfrastructure SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:VMwareInfrastructure://192.168.2.254\n\n\nResponse of service:VMwareInfrastructure AttrRqst:\nVersion: 2\nFunction: Attribute Reply (7)\nErrorCode: SUCCESS (0)\nAttrList: (pro

443 / tcp

378047766 | 2025-03-22T02:58:12.218735

Hashes

hash

-1753546480

http.dom_hash

-2006505642

http.html_hash

378047766

http.server_hash

1673621694

HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 22 Mar 2025 02:58:12 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: ring/1.0.0
gsid: 033053200059174261229205500044980655589
sc: 0.029
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: *
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,key,x-biz,x-info,platinfo,encr,enginever,gzipped,poiid

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:c1:fc:fc:a3:34:61:b3:9f:e3:e0:44
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 OV TLS CA 2024
        Validity
            Not Before: Feb  6 06:17:01 2025 GMT
            Not After : Mar 10 03:21:00 2026 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.amap.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d6:bb:fc:ad:55:03:27:31:25:e1:80:b1:49:8e:
                    a0:6b:be:70:31:56:64:82:65:fd:ee:12:f4:43:b4:
                    c1:0d:74:d0:93:b4:97:53:ba:d5:10:e2:1d:55:7a:
                    e9:f8:d4:95:37:15:db:71:17:e1:9c:51:07:ca:31:
                    87:13:b5:19:31:2a:6e:e3:dd:61:f1:29:d3:22:d0:
                    b6:d5:ab:fa:60:37:37:ba:58:62:73:53:4d:39:85:
                    e2:99:56:4d:68:46:d7:a8:15:09:91:9b:3f:06:b0:
                    55:8a:a4:9e:a0:0a:5e:5b:d0:da:7d:1c:38:8c:e3:
                    32:c7:01:b0:18:24:8f:c2:c9:87:56:0d:73:ff:f7:
                    6c:95:88:63:81:72:66:d0:db:36:e5:b4:2a:8f:31:
                    97:a6:77:a5:c7:b4:48:da:d6:03:d0:ea:f8:af:74:
                    97:94:83:6a:de:82:52:8e:b6:2c:09:5b:8a:c1:e2:
                    bb:24:e4:f5:f0:ae:5e:c1:d8:1e:3c:0a:41:c5:16:
                    f5:6f:99:98:46:02:00:46:7a:fb:45:11:5b:07:bd:
                    c4:38:52:4c:20:8c:c8:14:76:ed:c0:17:ae:0d:e9:
                    9e:08:9e:0a:0f:94:d9:23:43:e2:0b:1c:34:6e:45:
                    87:85:f6:3f:0d:fe:cb:21:42:34:8d:d0:87:51:e7:
                    a9:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr3ovtlsca2024.crt
                OCSP - URI:http://ocsp.globalsign.com/gsgccr3ovtlsca2024
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                Policy: 1.3.6.1.4.1.4146.10.1.2
                  CPS: https://www.globalsign.com/repository/
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsgccr3ovtlsca2024.crl
            X509v3 Subject Alternative Name: 
                DNS:*.amap.com, DNS:amap.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                DA:D3:A8:08:48:0C:34:37:58:EE:E5:A7:75:2E:59:FC:D6:DC:3C:38
            X509v3 Subject Key Identifier: 
                2A:60:E6:A4:5B:C2:62:60:76:26:50:5F:FA:81:6F:4B:6D:A9:7B:AE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:86:D4:C7:28:AA:6F:FE:BA:03:6F:78:2A:4D:01:91:
                                AA:CE:2D:72:31:0F:AE:CE:5D:70:41:2D:25:4C:C7:D4
                    Timestamp : Feb  6 06:17:03.898 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:5A:70:04:39:10:D6:D5:F4:2F:79:03:C0:
                                15:F0:71:BA:B0:15:4A:F4:C0:92:B1:BA:DF:60:C9:B6:
                                EE:28:E3:B8:02:20:69:15:DC:72:7D:0E:5C:EC:E8:9D:
                                9A:34:E7:0F:99:91:81:0A:73:E5:CC:5B:84:FC:E3:78:
                                35:6C:EC:CF:91:8A
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CB:38:F7:15:89:7C:84:A1:44:5F:5B:C1:DD:FB:C9:6E:
                                F2:9A:59:CD:47:0A:69:05:85:B0:CB:14:C3:14:58:E7
                    Timestamp : Feb  6 06:17:03.923 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D5:C3:69:39:E3:94:40:6F:73:25:7D:
                                C4:86:D0:D8:C4:A7:42:F5:59:2E:30:90:FD:37:A3:82:
                                E6:51:13:7C:CC:02:21:00:CE:ED:42:2F:58:F9:18:C9:
                                CB:C9:79:AD:F6:58:A7:49:6B:12:0A:35:9A:35:73:9D:
                                80:8A:12:64:65:2A:BF:16
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 0E:57:94:BC:F3:AE:A9:3E:33:1B:2C:99:07:B3:F7:90:
                                DF:9B:C2:3D:71:32:25:DD:21:A9:25:AC:61:C5:4E:21
                    Timestamp : Feb  6 06:17:03.872 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:2F:25:75:15:CB:C5:D1:96:D0:E3:E1:60:
                                BA:C4:00:68:9E:1E:8B:C0:3F:94:FC:B0:E1:45:D9:2C:
                                63:AB:07:9C:02:20:21:67:EF:D6:07:7D:07:9F:88:51:
                                8D:F3:A1:74:1B:52:01:07:8C:21:57:34:53:EC:B4:DB:
                                B4:F5:CE:70:26:50
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        7b:87:92:6f:28:2c:eb:0e:dc:2c:67:a4:31:14:0c:ee:bd:6b:
        af:13:89:60:d6:d5:87:df:28:28:66:f6:96:41:d8:10:85:79:
        d2:3a:96:30:3b:fa:ee:fb:51:a9:43:3f:9e:2b:33:cb:ea:24:
        63:7e:95:e8:11:f9:f7:0c:77:77:00:3d:2c:89:20:5a:e6:2a:
        ad:3d:1e:f7:a5:08:63:0d:d6:f1:e4:2d:c9:c3:e6:d5:ee:80:
        f2:69:c8:42:52:c6:d9:c5:8c:78:23:90:ac:04:24:df:ba:ad:
        03:e9:ed:ac:12:04:a3:65:2e:46:c6:3e:c7:17:f6:37:fe:9b:
        34:18:af:5a:a7:f0:3a:83:cf:81:99:ad:c8:47:d5:69:6e:5b:
        02:dc:29:10:db:c4:9b:05:76:f0:3f:a2:e7:54:31:cf:fc:97:
        a4:29:08:36:f5:0c:7f:a9:e2:20:2b:2f:ba:9a:22:2d:f1:80:
        97:d5:76:9f:ae:ae:26:03:36:1b:fc:4b:8c:bf:b6:76:48:4c:
        bf:38:b8:eb:fb:af:5e:49:91:5c:68:25:05:62:2c:20:b0:60:
        1c:81:22:c4:94:10:62:64:69:ea:93:48:11:77:65:7c:9f:bb:
        30:83:a7:ac:cf:21:57:76:e9:6e:cf:97:15:37:76:94:75:00:
        a8:73:9e:c5

448 / tcp

165188539 | 2025-03-11T10:46:50.883256

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

461 / tcp

-1375131644 | 2025-03-19T17:56:38.954405

\x00[v\xc3\xbdC\x7f\x00\x00

503 / tcp

-358801646 | 2025-03-20T21:33:44.119971

SSH-2.0-OpenSSH_6.6.1

513 / tcp

1911457608 | 2025-02-27T20:14:41.761062

\x00[\x00\x00\x00\x00\x00\x00

541 / tcp

-1876452130 | 2025-03-16T09:11:09.004902

\\x16\\x03\\x01\\x01N\\x01\\x00\\x01J\\x03\\x03\\x1f\\xa5H\\xe5\\xb5*G%Y\\xc7\\xecN\\xe3\\x87\\xe4\\x86)D.}J\\x13\\xeb\'\\x95\\x8b\xc8\x8cD&b\\xae \\x8e\\x84\\x12\\x9fX\r\\xaf\\xcd)\\xa55kb\\xa2\\x8e\\xe72,\\x9e\x0b\\x90?}cg>\\xe6\\xfb\\x97\\x92O\\x94\\x002\\x13\\x02\\x13\\x03\\x13\\x01\\x009\\x005\\x00k\\x00=\\xc00\\

554 / tcp

285770450 | 2025-03-21T05:55:15.298902

RTSP/1.0 401 Unauthorized
CSeq: 1

636 / tcp

1402312074 | 2025-03-15T00:23:23.666805

HTTP/1.1 400 Bad Request
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 13-51264013-0 0NNN RT(1705909593861 113) q(-1 -1 -1 -1) r(0 -1) b1

646 / tcp

-1333327832 | 2025-03-04T23:13:28.107926

\\x00\\x01\\x00\\x1c\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\x00\\x12\\x00 \\xf2\\x94\\x03\\x00\\x00\n\\x80\\x00\\x00\\x03\\x00\\x00\\x00\\x00\\x00\\x00

666 / tcp

1300162323 | 2025-03-28T11:56:38.696838

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff

743 / tcp

632542934 | 2025-03-16T11:11:13.210037

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

772 / tcp

819727972 | 2025-03-18T23:31:57.920492

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

777 / tcp

1298735494 | 2025-03-24T13:43:18.386400

HTTP/1.1 200 OK
Server: openresty/1.11.2.4(dyss/1.3.2 Jul 17 2020 17:25:16)
Content-Type: text/plain
Connection: keep-alive

782 / tcp

-345718689 | 2025-03-13T19:21:52.653693

Vty password is not set.

801 / tcp

-1399940268 | 2025-03-14T00:36:28.748760

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

809 / tcp

639175818 | 2025-03-11T09:40:23.307934

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

843 / tcp

-2004989248 | 2025-03-22T15:23:55.300102

<cross-domain-policy>\n   <allow-access-from domain="*" to-po\nrts="*" />\n</cross-domain-policy>

873 / tcp

-992671574 | 2025-03-17T07:14:05.633377

@RSYNCD: 26

992 / tcp

-1242315829 | 2025-03-25T21:50:03.758204

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: /app/
Permissions-Policy: autoplay=(), camera=(), microphone=(), usb=()
Referrer-Policy: same-origin
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: DENY

993 / tcp

321971019 | 2025-03-26T12:30:48.791962

-ERR client ip is not in whitelist\r

995 / tcp

-1199842642 | 2025-03-14T03:37:32.385190

+OK Welcome to RaidenMAILD POP3 SSL service v4902, Mon, 22 Jan 2024 14:24:46 +0800, (C)2001-2023 <1044592421@raidenmaild>\r\n

1050 / tcp

1911457608 | 2025-03-28T19:34:32.237112

\x00[\x00\x00\x00\x00\x00\x00

1080 / tcp

1362344524 | 2025-03-19T20:54:55.885636

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7

1099 / tcp

819727972 | 2025-03-24T03:23:23.871845

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1110 / tcp

1909672637 | 2025-03-18T11:19:58.829902

HTTP/1.1 400 Bad Request
Content-Type: text/plain; charset=utf-8
Sec-Websocket-Version: 13
X-Content-Type-Options: nosniff

1153 / tcp

-2096652808 | 2025-02-28T21:07:01.366252

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1177 / tcp

1632932802 | 2025-03-21T17:41:37.127597

1200 / tcp

-956469251 | 2025-03-22T07:16:58.508673

[)

1234 / tcp

1919228981 | 2025-03-09T07:28:10.080732

\x00\x1e\x00\x06\xc2\x81\xc2\x85\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

1235 / tcp

921225407 | 2025-03-13T03:16:24.212616

\x00\x00\x00\x04\x00\x00\x00\x00\x00

1337 / tcp

-971970408 | 2025-03-20T13:59:14.701055

1355 / tcp

1911457608 | 2025-03-06T16:45:52.453499

\x00[\x00\x00\x00\x00\x00\x00

1414 / tcp

-1538260461 | 2025-02-27T07:19:05.155268

\x01\x00\x00\x00

1433 / tcp

-186520940 | 2025-03-23T23:36:10.079732

HTTP/1.1

1443 / tcp

-1715152554 | 2025-03-05T15:48:56.665999

Hashes

hash

720033020

http.dom_hash

1239617585

http.html_hash

-1715152554

http.server_hash

1727046647

http.title_hash

-1828380909

302 Found

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Wed, 05 Mar 2025 15:48:55 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://106.11.43.76:443/

1450 / tcp

707919486 | 2025-03-10T05:30:28.353062

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

1452 / tcp

-1839934832 | 2025-03-21T05:04:30.705141

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

1459 / tcp

-1839934832 | 2025-03-17T18:13:22.941755

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

1460 / tcp

-1097188123 | 2025-03-07T16:11:23.803484

[g\xc2\x95N\x7f

1515 / tcp

-971970408 | 2025-03-25T22:43:46.939697

1521 / tcp

1975288991 | 2025-03-27T13:43:12.566887

OPTI

1554 / tcp

-1265999252 | 2025-03-19T17:17:33.682671

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

1599 / tcp

996960436 | 2025-03-28T01:04:55.120568

572 Relay not authorized

1723 / tcp

-1608241410 | 2025-03-25T22:19:58.377635

Firmware: 1\nHostname: local\nVendor: linux\n

1800 / tcp

-2107996212 | 2025-03-11T08:36:11.530808

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

1801 / tcp

-1299899661 | 2025-03-25T12:36:27.409037

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074\\x97W\\xcd[\\x98\\xc4\\x1aJ\\xa5\xd1\xbf\\xf9\\xbd\\xc7\\xce\\xfd92d3\\x10\\x01\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

1883 / tcp

-1730858130 | 2025-03-19T07:08:37.616915

RFB 003.008
VNC:
  Protocol Version: 3.8

1911 / tcp

1353260875 | 2025-03-17T06:13:08.399786

\x00[g\xc2\x95N\x7f\x00\x00

1926 / tcp

841014058 | 2025-03-25T23:31:04.926185

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

1962 / tcp

-1399940268 | 2025-03-27T12:46:28.215570

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1983 / tcp

-2089734047 | 2025-03-09T08:51:39.309078

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1986 / tcp

-2107996212 | 2025-03-10T05:39:02.041210

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

1987 / tcp

1426971893 | 2025-03-09T21:00:48.225830

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

1988 / tcp

117101543 | 2025-03-24T16:20:26.706335

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

2000 / tcp

1665283070 | 2025-03-27T05:29:34.032310

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x01\x00\x00\x10\x00\x00\n0\x03\x00\x00\x00\x01\x00\x05\x00\x00@\x00\x00\x06\x00\x00\x1f@

2003 / tcp

-2089734047 | 2025-03-13T10:07:06.007614

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

2008 / tcp

233634112 | 2025-03-24T18:56:01.044445

SSH-98.60-SysaxSSH_81885..42

2016 / tcp

-1746074029 | 2025-03-24T23:59:59.324854

101 imqbroker =unV\r\n

2048 / tcp

-2089734047 | 2025-03-03T17:39:22.060995

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

2051 / tcp

165188539 | 2025-03-05T15:28:52.517630

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

2056 / tcp

-1032713145 | 2025-03-10T11:56:56.641297

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

2087 / tcp

2033888749 | 2025-03-28T04:33:30.844304

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

2090 / tcp

165188539 | 2025-03-21T20:19:53.632177

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

2100 / tcp

-1399940268 | 2025-03-26T08:27:49.717940

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2121 / tcp

141730637 | 2025-03-12T12:50:51.370493

HTTP/1.0 200 OK
Server: Proxy

2130 / tcp

-1399940268 | 2025-03-23T17:03:28.102254

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2181 / tcp

546151771 | 2025-03-17T14:15:37.734528

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

2222 / tcp

372433470 | 2025-03-13T05:26:36.481510

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

2266 / tcp

-1399940268 | 2025-03-23T11:32:42.078869

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2323 / tcp

1051421500 | 2025-03-24T10:50:20.131109

H3C login: 

TELNET Negotiation:
will: Echo, Suppress Go Ahead
do: Echo, Negotiate About Window Size, Remote Flow Control

2332 / tcp

171352214 | 2025-03-06T04:58:30.387958

-ERR client ip is not in whitelist

2344 / tcp

2143387245 | 2025-03-09T21:45:37.603035

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

2345 / tcp

-1476017887 | 2025-03-18T11:04:20.215053

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

2376 / tcp

-138733098 | 2025-03-10T23:45:07.875538

roku: ready

2404 / tcp

401555314 | 2025-03-21T07:33:29.318342

NB[GFXjA^R

2423 / tcp

745343730 | 2025-03-05T20:23:24.346108

220 smtp.qq.com Esmtp QQ Mail Server

2453 / tcp

-801484042 | 2025-03-08T18:23:21.940617

ERR 27

2549 / tcp

-2107996212 | 2025-03-06T10:51:26.199963

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

2560 / tcp

114471724 | 2025-03-13T13:37:46.271268

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN
Server: NSX

2567 / tcp

1991883981 | 2025-03-22T03:42:10.298893

B\x00\x00\x00\xc3\xbfn\x04Too many connections

2599 / tcp

-1399940268 | 2025-03-16T06:17:32.754697

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2628 / tcp

-2089734047 | 2025-03-06T18:17:15.361299

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

2761 / tcp

-747911285 | 2025-03-27T11:46:16.026557

\xc2\xaa

3001 / tcp

-1626979812 | 2025-03-17T03:10:08.373261

220 Service ready for new user.

3004 / tcp

1492413928 | 2025-03-12T19:55:51.592133

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

3006 / tcp

-2017887953 | 2025-03-22T20:17:11.768215

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

3007 / tcp

819727972 | 2025-03-24T22:19:41.697484

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3012 / tcp

165188539 | 2025-03-20T06:01:15.877500

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

3017 / tcp

587250289 | 2025-03-12T05:49:51.757957

HTTP/1.1 400 Bad Request
Server: nginx/1.18.11011 (Ubuntu)
Content-Type: text/plain; charset=utf-8
Connection: close

3050 / tcp

1911457608 | 2025-03-28T14:51:28.106175

\x00[\x00\x00\x00\x00\x00\x00

3052 / tcp

-2029572250 | 2025-03-21T19:44:06.074971

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae13b5_PS-CAN-010tS26_41492-23079

3060 / tcp

-1399940268 | 2025-03-14T11:10:08.124862

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3079 / tcp

-1399940268 | 2025-03-20T19:30:24.355515

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3087 / tcp

632542934 | 2025-03-24T11:06:29.825825

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

3107 / tcp

1381121983 | 2025-03-21T23:02:21.007737

Notify\r\n

3119 / tcp

1911457608 | 2025-03-21T16:54:00.669318

\x00[\x00\x00\x00\x00\x00\x00

3132 / tcp

-1032713145 | 2025-03-01T01:32:30.000667

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

3184 / tcp

1332894250 | 2025-03-18T23:41:51.341170

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

3198 / tcp

921225407 | 2025-03-22T16:54:46.694396

\x00\x00\x00\x04\x00\x00\x00\x00\x00

3200 / tcp

1911457608 | 2025-02-28T21:53:41.749242

\x00[\x00\x00\x00\x00\x00\x00

3221 / tcp

-1137877591 | 2025-03-23T11:22:25.629026

<?xml version="1.0" encoding="us-ascii"?>\n<junoscript xmlns="http://xml.juniper.net/xnm/1.1/xnm" xmlns:junos="http://xml.juniper.net/junos/15.1X49/junos" schemaLocation="http://xml.juniper.net/junos/15.1X49/junos junos/15.1X49/junos.xsd" os="JUNOS" release="15.1X49-D150.2" hostname="SM790316Sec" version="1.0">\n<!-- session start at 2024-01-19 07:36:03 HKT -->\n<rpc-reply xmlns:junos="http://xml.juniper.net/junos/15.1X49/junos">\n\n<authentication-response>\n<status>fail</status>\n<message>Unexpected XML tag type

3256 / tcp

-1013082686 | 2025-03-27T06:14:20.009801

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

3260 / tcp

-862070606 | 2025-03-17T06:58:46.624329

Login Response Success(0x0000)\nKey/Value Pairs\nAuthMethod=None\nTargetAlias=LIO Target\nTargetPortalGroupTag=1\n\n

3268 / tcp

-1547976805 | 2025-03-26T09:20:09.317165

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: close

3299 / tcp

-2033111675 | 2025-03-26T21:10:05.244552

~djb

3349 / tcp

-2089734047 | 2025-03-04T21:16:34.733985

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3557 / tcp

1911457608 | 2025-03-16T00:12:54.817488

\x00[\x00\x00\x00\x00\x00\x00

3561 / tcp

51259122 | 2025-03-06T21:06:09.135034

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

3567 / tcp

819727972 | 2025-03-14T20:56:42.964732

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3780 / tcp

-952165951 | 2025-03-06T04:45:21.711341

AB

3790 / tcp

-1248408558 | 2025-03-22T02:01:45.822260

220 MikroTik FTP server (MikroTik 6.44.3) ready

3838 / tcp

632542934 | 2025-03-06T16:25:49.100168

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

3953 / tcp

-1399940268 | 2025-03-19T22:43:06.737357

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4000 / tcp

-801484042 | 2025-03-24T13:13:03.503557

ERR 27

4064 / tcp

1911457608 | 2025-03-15T21:32:57.088455

\x00[\x00\x00\x00\x00\x00\x00

4101 / tcp

-2089734047 | 2025-03-26T05:00:10.556238

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

4103 / tcp

921225407 | 2025-03-28T04:07:45.899924

\x00\x00\x00\x04\x00\x00\x00\x00\x00

4157 / tcp

671605376 | 2025-03-24T05:42:07.542034

SSH-2.0-OpenSSH_X.X

4165 / tcp

-1839934832 | 2025-03-15T14:10:20.771520

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

4242 / tcp

-1879056922 | 2025-03-26T17:57:59.226799

HTTP/1.1 403 Forbidden
Server: Apache/2.4.41 (Unix) OpenSSL/1.1.1d TST PHP/7.3.11
Content-Type: text/plain; charset=utf-8
Connection: close

4282 / tcp

-527005584 | 2025-03-27T14:22:14.119072

/0 0 L
/0 0 HUH

4343 / tcp

1928678221 | 2025-03-25T02:14:05.432370

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1f37_PS-KHN-01W4q82_19885-2644

4369 / tcp

-1045760528 | 2025-03-14T00:43:33.738555

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

4402 / tcp

1763259671 | 2025-03-09T21:11:50.484518

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

4433 / tcp

2087396567 | 2025-03-12T15:08:18.628015

kjnkjabhbanc283ubcsbhdc72

4434 / tcp

1690634669 | 2025-03-21T02:25:24.705892

4436 / tcp

-904840257 | 2025-03-27T22:47:25.476313

572 Relay not authorized\r\n

4443 / tcp

594761768 | 2025-03-28T23:25:48.109818

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2a00_PS-NKG-01Aqo82_2843-52437

4444 / tcp

-1399940268 | 2025-03-23T01:23:17.676413

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4455 / tcp

-1888448627 | 2025-03-20T19:35:07.631815

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

4461 / tcp

-1399940268 | 2025-03-05T08:41:49.537001

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4499 / tcp

-1888448627 | 2025-03-07T17:34:06.576449

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

4524 / tcp

-441419608 | 2025-03-09T20:29:49.010723

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

4531 / tcp

819727972 | 2025-03-24T19:20:58.480950

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

4700 / tcp

1381121983 | 2025-03-10T22:34:09.194698

Notify\r\n

4786 / tcp

-1373613804 | 2025-03-24T03:19:29.829188

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

4949 / tcp

-1373613804 | 2025-03-21T06:06:51.202020

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

5006 / tcp

2087396567 | 2025-03-23T16:49:14.826000

kjnkjabhbanc283ubcsbhdc72

5007 / tcp

740837454 | 2025-03-25T09:13:08.851388

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

5010 / tcp

-1399940268 | 2025-03-27T16:30:24.478390

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5011 / tcp

-1399940268 | 2025-02-26T23:42:16.546611

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5172 / tcp

1282941221 | 2025-03-18T06:18:11.503974

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

5201 / tcp

1911457608 | 2025-03-21T04:23:14.643495

\x00[\x00\x00\x00\x00\x00\x00

5222 / tcp

1741579575 | 2025-03-05T13:52:32.717912

5244 / tcp

819727972 | 2025-03-06T13:51:06.807819

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

5248 / tcp

819727972 | 2025-03-13T18:46:38.781291

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

5256 / tcp

1911457608 | 2025-03-11T19:50:10.315334

\x00[\x00\x00\x00\x00\x00\x00

5257 / tcp

1911457608 | 2025-03-14T10:32:58.119397

\x00[\x00\x00\x00\x00\x00\x00

5266 / tcp

1911457608 | 2025-03-16T23:23:12.987266

\x00[\x00\x00\x00\x00\x00\x00

5269 / tcp

756886313 | 2025-03-25T06:03:43.021895

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html

5270 / tcp

-142686627 | 2025-03-28T20:12:33.582233

\x00[\xc2\xba\x7fs\x7f\x00\x00

5274 / tcp

-1189269828 | 2025-03-18T05:32:05.323182

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

5275 / tcp

165188539 | 2025-03-23T20:43:32.391381

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

5321 / tcp

1278527606 | 2025-03-28T15:40:17.164530

SSH-2.0-Teleport

5431 / tcp

858211407 | 2025-02-28T21:16:53.756142

HTTP/1.1 404 Not Found
DATE: Fri, 19 Jan 2024 11:56:45 GMT
Connection: Keep-Alive
Server: LINUX/2.4 UPnP/1.0 BRCM400/1.0
Content-Type: text/xml; charset="utf-8"
EXT:

5432 / tcp

-784071826 | 2025-03-17T17:10:56.234575

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

5594 / tcp

-616720387 | 2025-02-28T08:38:22.725702

SSH-2.0-SSHD_0.7.6

5595 / tcp

-616720387 | 2025-03-04T07:37:41.924386

SSH-2.0-SSHD_0.7.6

5596 / tcp

-1399940268 | 2025-03-21T05:52:39.146034

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5599 / tcp

165188539 | 2025-03-19T03:25:10.240888

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

5671 / tcp

-1189269828 | 2025-03-08T16:33:09.770403

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

5672 / tcp

575925250 | 2025-03-18T08:37:46.473683

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

5678 / tcp

1545287535 | 2025-03-23T17:07:43.764300

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8

5696 / tcp

-2046514463 | 2025-03-17T16:10:07.410907

AB\x01\t

5822 / tcp

-1547976805 | 2025-03-05T18:58:23.101199

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: close

5858 / tcp

-1316398834 | 2025-03-10T18:37:53.799294

ÿ

5938 / tcp

819727972 | 2025-03-15T19:27:59.454358

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

5984 / tcp

1999272906 | 2025-03-17T18:52:43.866238

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

5986 / tcp

-653033013 | 2025-03-14T02:24:31.772465

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

5987 / tcp

81614701 | 2025-03-14T16:00:34.432589

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

6000 / tcp

1492413928 | 2025-03-17T14:04:48.861874

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

6001 / tcp

-345718689 | 2025-03-18T02:06:33.803516

Vty password is not set.

6002 / tcp

-1681927087 | 2025-03-27T06:24:45.898902

kjnkjabhbanc283ubcsbhdc72

6005 / tcp

-1730858130 | 2025-03-14T22:48:18.183126

RFB 003.008
VNC:
  Protocol Version: 3.8

6061 / tcp

-2107996212 | 2025-03-17T07:39:53.687815

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

6134 / tcp

-1399940268 | 2025-03-09T11:12:28.410326

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6363 / tcp

1492413928 | 2025-03-10T01:47:58.891655

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

6379 / tcp

321971019 | 2025-03-27T03:05:08.492281

-ERR client ip is not in whitelist\r

6443 / tcp

52574868 | 2025-03-21T18:12:19.798138

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Fri, 21 Mar 2025 18:12:19 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://106.11.43.76:443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

6544 / tcp

-1888448627 | 2025-02-27T15:46:37.374932

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

6556 / tcp

-1279886438 | 2025-03-25T15:42:15.762873

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

6560 / tcp

165188539 | 2025-03-20T17:36:42.415884

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

6633 / tcp

-653033013 | 2025-03-17T15:50:32.478415

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

6666 / tcp

4935895 | 2025-03-09T17:16:35.512854

HTTP/1.1 400 Bad Request
Server: CloudWAF

6667 / tcp

2087396567 | 2025-03-18T00:17:16.954751

kjnkjabhbanc283ubcsbhdc72

6668 / tcp

-1026951088 | 2025-03-18T10:45:58.792781

erro ip

6700 / tcp

-1399940268 | 2025-03-06T18:02:46.662707

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7001 / tcp

-829704895 | 2025-03-26T18:29:05.034940

+OK-1035|

7006 / tcp

-2089734047 | 2025-03-27T12:15:43.856205

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

7018 / tcp

740837454 | 2025-03-10T20:20:33.616940

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

7071 / tcp

-345718689 | 2025-03-22T22:56:47.807631

Vty password is not set.

7078 / tcp

1911457608 | 2025-03-26T22:25:10.333449

\x00[\x00\x00\x00\x00\x00\x00

7083 / tcp

1282941221 | 2025-03-09T08:59:59.998830

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

7084 / tcp

-805362002 | 2025-03-05T19:42:36.877353

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

7105 / tcp

819727972 | 2025-03-25T12:58:53.641445

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

7218 / tcp

1308377066 | 2025-03-20T00:16:48.946537

ncacn_http/1.0

7373 / tcp

819727972 | 2025-03-24T04:48:06.295664

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

7415 / tcp

-1019343788 | 2025-03-24T12:34:20.860823

W!\x00\x00\x00\x00

7443 / tcp

-584993230 | 2025-03-23T09:31:01.326525

HTTP/1.1 400 Bad Request
Server:  
Content-Type: text/html
Connection: close

7510 / tcp

819727972 | 2025-02-28T21:38:44.057437

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

7548 / tcp

971933601 | 2025-03-27T09:45:38.242214

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

7654 / tcp

-1099385124 | 2025-03-24T04:32:32.368727

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

7775 / tcp

165188539 | 2025-03-26T20:30:46.882726

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

7777 / tcp

1391945995 | 2025-03-27T13:58:09.289847

HTTP/1.1 403 Forbidden 
Content-Type: text/plain; charset=utf-8
Proxy-Authenticate: Basic realm=""

7799 / tcp

1492413928 | 2025-02-27T21:03:08.639528

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

7998 / tcp

-249504111 | 2025-03-16T05:13:55.819958

\x00[xU-\x7f\x00\x00

8001 / tcp

2103111368 | 2025-03-16T17:23:46.828182

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8004 / tcp

-1399940268 | 2025-03-15T21:48:30.858748

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8009 / tcp

321971019 | 2025-03-23T12:07:29.256454

-ERR client ip is not in whitelist\r

8010 / tcp

0 | 2025-03-11T03:39:31.459883

Hashes

hash

-119996482

http.dom_hash

http.html_hash

HTTP/1.1 408 Request Timeout
Content-Length: 0

8021 / tcp

-73658652 | 2025-03-17T07:44:32.719270

HTTP/1.1 404 Not Found
Cache-Control: must-revalidate,no-cache,no-store
Content-Type: text/html; charset=ISO-8859-1
Server: Jetty(9.2.13.v20150730)

8027 / tcp

-1105333987 | 2025-03-21T10:32:35.509315

\x00[KpU\x7f\x00\x00

8032 / tcp

-1839934832 | 2025-03-18T23:37:51.403207

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8042 / tcp

-734844577 | 2025-03-04T18:28:23.840590

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 657d1c3a_PSfjfzdx2nh100_10014-18094

8065 / tcp

819727972 | 2025-03-15T10:32:33.847163

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8068 / tcp

-1399940268 | 2025-03-16T14:24:17.906471

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8087 / tcp

971933601 | 2025-03-19T13:16:38.629207

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

8089 / tcp

2087396567 | 2025-03-27T21:54:26.294442

kjnkjabhbanc283ubcsbhdc72

8092 / tcp

-1810987450 | 2025-03-22T17:45:49.041708

\xc3\xbf

8099 / tcp

438715403 | 2025-03-16T23:16:48.032624

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2874_pingwangtong53_24882-28622

8103 / tcp

-2089734047 | 2025-03-22T07:44:57.692467

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8113 / tcp

-2089734047 | 2025-03-17T03:03:22.608556

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8125 / tcp

165188539 | 2025-03-12T10:39:24.977700

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8126 / tcp

-616720387 | 2025-03-04T04:19:24.290419

SSH-2.0-SSHD_0.7.6

8172 / tcp

-1399940268 | 2025-03-21T02:45:08.608333

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8174 / tcp

1911457608 | 2025-03-28T06:00:32.983823

\x00[\x00\x00\x00\x00\x00\x00

8176 / tcp

165188539 | 2025-03-18T14:37:35.771122

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8181 / tcp

2087396567 | 2025-03-11T01:35:36.565530

kjnkjabhbanc283ubcsbhdc72

8183 / tcp

1623746877 | 2025-03-27T10:38:01.469711

500 Permission denied - closing connection.\r\n

8196 / tcp

-2089734047 | 2025-03-13T04:37:39.152601

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8199 / tcp

1077013874 | 2025-03-17T17:33:41.359090

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

8200 / tcp

1320285193 | 2025-03-25T23:28:58.308391

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

8222 / tcp

759851410 | 2025-03-05T04:54:48.833714

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae252f_PShnhywt2ym144_35291-3960

8300 / tcp

-734440417 | 2025-03-12T19:18:16.959692

HTTP/1.1 400 Bad Request
Content-Type: text/html
Connection: close
Server: nginx/1.17.3

8316 / tcp

1911457608 | 2025-03-27T17:18:36.200112

\x00[\x00\x00\x00\x00\x00\x00

8333 / tcp

1335782347 | 2025-03-19T13:20:27.946788

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705940700.09-waf02bjtp3

8340 / tcp

632542934 | 2025-03-10T02:52:53.506435

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8402 / tcp

-476765094 | 2025-02-28T17:49:24.956990

HTTP/1.1 200 OK
Server: QWS
Content-Type: text/html
Connection: keep-alive
Access-Control-Allow-Origin: *
QY-H-M: HIT
Access-Control-Allow-Headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control
Access-Control-Allow-Methods: GET,OPTIONS
Expires: Sat, 23 Nov 2024 14:33:49 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

8403 / tcp

819727972 | 2025-03-21T23:41:04.347499

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8424 / tcp

1911457608 | 2025-03-18T08:43:57.273714

\x00[\x00\x00\x00\x00\x00\x00

8431 / tcp

921225407 | 2025-03-13T19:02:02.156660

\x00\x00\x00\x04\x00\x00\x00\x00\x00

8443 / tcp

-973238229 | 2025-03-16T21:07:23.743515

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Sun, 16 Mar 2025 21:07:23 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://106.11.43.76:443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

8454 / tcp

-1888448627 | 2025-03-10T07:45:04.393693

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8457 / tcp

-1399940268 | 2025-02-27T23:18:26.739530

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8458 / tcp

1426971893 | 2025-03-28T09:34:06.260887

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

8465 / tcp

-1888448627 | 2025-03-22T16:46:51.011582

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8500 / tcp

-918002969 | 2025-03-16T13:54:51.121446

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1f0c_CS-000-01n4m185_5018-27088

8513 / tcp

632542934 | 2025-03-14T11:08:43.362321

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8528 / tcp

-1699556818 | 2025-03-24T09:41:16.427739

\x01remshd: Kerberos Authentication not enabled.\n

8536 / tcp

1541211644 | 2025-03-25T17:46:16.136494

[\xc2\xba\x7fs\x7f

8545 / tcp

-1279886438 | 2025-02-28T17:26:11.157188

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

8548 / tcp

1615193817 | 2025-02-27T03:36:49.388542

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

8554 / tcp

1767345577 | 2025-03-27T16:31:48.843969

Hello, this is Quagga (version 0T).
Copyright 1996-200

8558 / tcp

819727972 | 2025-03-13T08:23:26.263116

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8565 / tcp

819727972 | 2025-03-22T11:14:53.259065

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8573 / tcp

819727972 | 2025-03-23T20:36:29.006329

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8574 / tcp

-358801646 | 2025-03-22T01:34:56.375558

SSH-2.0-OpenSSH_6.6.1

8575 / tcp

1911457608 | 2025-03-25T03:05:01.448665

\x00[\x00\x00\x00\x00\x00\x00

8589 / tcp

-1399940268 | 2025-02-27T01:55:13.694138

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8592 / tcp

-1399940268 | 2025-03-06T21:54:35.003425

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8621 / tcp

-2089734047 | 2025-03-27T22:43:46.498169

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8666 / tcp

921225407 | 2025-03-04T00:35:37.798893

\x00\x00\x00\x04\x00\x00\x00\x00\x00

8708 / tcp

-1713437100 | 2025-03-09T17:25:53.349585

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

8728 / tcp

-358801646 | 2025-03-04T02:18:25.573840

SSH-2.0-OpenSSH_6.6.1

8732 / tcp

-1538260461 | 2025-03-28T14:26:16.433181

\x01\x00\x00\x00

8733 / tcp

-1139539254 | 2025-03-16T17:04:23.107805

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

8787 / tcp

-274082663 | 2025-03-26T17:31:26.076691

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

8790 / tcp

-1888448627 | 2025-03-12T18:34:29.522217

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8813 / tcp

-1399940268 | 2025-03-07T11:29:22.631199

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8815 / tcp

165188539 | 2025-03-04T17:19:27.158656

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8835 / tcp

165188539 | 2025-03-27T17:16:26.203309

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8837 / tcp

-1399940268 | 2025-03-19T21:57:57.535471

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8855 / tcp

-441419608 | 2025-03-05T19:57:33.864528

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

8865 / tcp

-1453516345 | 2025-03-17T21:27:10.623604

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

8871 / tcp

-1996280214 | 2025-03-20T19:23:39.819479

\x06\x04\x05@

8877 / tcp

-1733106930 | 2025-03-22T09:03:20.746900

Mysql Version: 5.6.50-log\nN\n5.6.50-log\x14(\nG5se"tGE\xc3\xbf\xc3\xb7-\x02\x7f\xc2\x80\x15cB^3$Zwh$wM[mysql_native_password

8889 / tcp

2087396567 | 2025-03-07T17:50:35.756162

kjnkjabhbanc283ubcsbhdc72

8901 / tcp

740837454 | 2025-03-17T17:22:55.506884

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

8908 / tcp

1911457608 | 2025-03-04T07:46:18.205267

\x00[\x00\x00\x00\x00\x00\x00

8980 / tcp

740837454 | 2025-03-25T15:07:48.574560

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

8990 / tcp

-1428621233 | 2025-03-19T00:47:16.251627

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

9001 / tcp

-1026951088 | 2025-03-21T04:08:46.406431

erro ip

9002 / tcp

504717326 | 2025-03-12T21:33:21.021910

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 5 1

9013 / tcp

410249975 | 2025-03-19T01:53:28.989030

LNS READY<>

9039 / tcp

-1399940268 | 2025-03-10T23:29:21.244818

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9041 / tcp

-1399940268 | 2025-03-20T12:47:24.063982

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9042 / tcp

740837454 | 2025-03-20T09:24:25.144185

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

9051 / tcp

165188539 | 2025-03-26T18:41:16.814194

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9072 / tcp

921225407 | 2025-03-19T20:20:40.655179

\x00\x00\x00\x04\x00\x00\x00\x00\x00

9073 / tcp

-1626979812 | 2025-03-09T06:05:38.612902

220 Service ready for new user.

9077 / tcp

-122096153 | 2025-03-22T08:12:54.777496

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

9097 / tcp

-1399940268 | 2025-03-28T09:16:29.190545

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9102 / tcp

1911457608 | 2025-03-07T18:10:11.129159

\x00[\x00\x00\x00\x00\x00\x00

9113 / tcp

1911457608 | 2025-03-08T17:52:49.420225

\x00[\x00\x00\x00\x00\x00\x00

9116 / tcp

-2107996212 | 2025-03-26T22:30:06.559096

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

9129 / tcp

-1399940268 | 2025-03-08T22:59:33.449367

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9137 / tcp

1332894250 | 2025-03-10T21:30:50.535216

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

9151 / tcp

307999478 | 2025-03-28T05:30:09.466564

unknown command \r\nunknown command \r\n

9161 / tcp

401555314 | 2025-03-13T17:23:55.852572

NB[GFXjA^R

9163 / tcp

-1327660293 | 2025-03-15T18:16:16.867366

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

9171 / tcp

-2031152423 | 2025-02-28T19:06:39.733123

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

9193 / tcp

401555314 | 2025-03-28T14:33:31.978975

NB[GFXjA^R

9198 / tcp

819727972 | 2025-02-27T21:24:19.430492

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9204 / tcp

819727972 | 2025-03-26T18:12:21.054771

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9218 / tcp

-288825733 | 2025-03-05T00:37:25.345405

HTTP/1.1 200 OK
Connection: close
Content-Length: 2619
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE
Content-Type: text/html
Server: Jetty(9.4.14.v20181114)
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

9222 / tcp

1911457608 | 2025-03-17T22:34:18.633842

\x00[\x00\x00\x00\x00\x00\x00

9244 / tcp

-1399940268 | 2025-03-05T07:47:58.138441

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9251 / tcp

165188539 | 2025-03-18T23:29:29.401217

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9283 / tcp

-1888448627 | 2025-03-09T06:53:38.261043

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9306 / tcp

-1399940268 | 2025-03-12T14:06:27.315993

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9310 / tcp

-2031152423 | 2025-02-28T12:05:46.080271

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

9333 / tcp

819727972 | 2025-03-15T22:43:11.684800

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9398 / tcp

660175493 | 2025-03-15T12:54:08.567729

9399 / tcp

-1399940268 | 2025-03-19T15:55:08.709088

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9418 / tcp

1529351907 | 2025-03-19T15:10:51.859387

HTTP/1.1 407 OK
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

please add white ip *.*.*.*

9443 / tcp

-1366361796 | 2025-03-10T18:04:33.395009

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Mon, 10 Mar 2025 18:04:33 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://106.11.43.76:443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

9480 / tcp

740837454 | 2025-03-17T09:27:27.418462

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

9507 / tcp

-1327660293 | 2025-03-14T13:25:36.022682

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

9530 / tcp

-1399940268 | 2025-03-19T18:54:55.206802

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9600 / tcp

165188539 | 2025-03-21T06:32:47.000626

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9633 / tcp

-905685638 | 2025-03-17T02:55:48.524124

bxz437

9710 / tcp

-1888448627 | 2025-03-10T09:48:07.480866

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9754 / tcp

321971019 | 2025-02-27T00:07:11.698917

-ERR client ip is not in whitelist\r

9758 / tcp

1911457608 | 2025-03-19T00:36:51.475778

\x00[\x00\x00\x00\x00\x00\x00

9761 / tcp

-2096652808 | 2025-03-14T00:13:53.326254

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

9811 / tcp

1991883981 | 2025-03-23T16:19:04.994194

B\x00\x00\x00\xc3\xbfn\x04Too many connections

9876 / tcp

2109639173 | 2025-03-13T10:26:59.622953

\\x00\\x00\\x01\\xb8\\x00\\x00\\x00_{"code":0,"flag":1,"language":"JAVA","opaque":0,"serializeTypeCurrentRPC":"JSON","version":401}{"brokerAddrTable":{"rocketmq-cnng0d8ee3802629-broker-0":{"brokerAddrs":{0:"180.184.35.245:30950",2:"180.184.35.245:30951",3:"180.184.35.245:30952"},"brokerName":"rocketmq-cnng0d8ee3802629-broker-0","cluster":"rocketmq-cnng0d8ee3802629-broker"}},"clusterAddrTable":{"rocketmq-cnng0d8ee3802629-broker":["rocketmq-cnng0d8ee3802629-broker-0"]}}

9898 / tcp

1615676803 | 2025-03-07T08:32:53.311474

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Etag: "s5sw6112h"

9943 / tcp

1833368189 | 2025-03-25T06:14:28.802021

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae18b9_dong118_31397-16667

9944 / tcp

1353260875 | 2025-03-18T06:36:58.551428

\x00[g\xc2\x95N\x7f\x00\x00

9998 / tcp

-696402907 | 2025-02-27T15:38:43.199847

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae298c_PS-HIA-01Q7y203_55153-4321

9999 / tcp

1161309183 | 2025-03-17T08:32:33.150736

ProxyServer is ready

10000 / tcp

-1810987450 | 2025-03-25T10:33:55.867269

\xc3\xbf

10003 / tcp

165188539 | 2025-03-15T07:33:06.595683

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

10007 / tcp

819727972 | 2025-03-17T23:25:00.112487

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

10024 / tcp

-234408721 | 2025-03-09T04:34:27.294510

\\x00[\'(\\xc0\\xa8Y\\xfd

10037 / tcp

-438503381 | 2025-03-14T17:28:50.188204

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

10044 / tcp

-2089734047 | 2025-03-18T23:01:40.496080

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

10047 / tcp

-1839934832 | 2025-03-11T09:59:31.923705

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

10134 / tcp

51259122 | 2025-03-16T16:38:32.603476

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

10201 / tcp

-339084706 | 2025-03-15T05:28:25.973021

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

10533 / tcp

677934968 | 2025-03-18T01:12:46.225570

lm^)Q

10554 / tcp

2087396567 | 2025-03-15T06:03:34.498989

kjnkjabhbanc283ubcsbhdc72

10909 / tcp

740837454 | 2025-03-17T23:26:55.053920

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

10911 / tcp

-1114821551 | 2025-03-16T22:18:38.839838

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

11065 / tcp

-980525298 | 2025-03-24T03:24:56.623997

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

11112 / tcp

-1230049476 | 2025-02-28T00:01:06.005315

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

11210 / tcp

-1399940268 | 2025-03-28T21:18:57.838320

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

11211 / tcp

-136006866 | 2025-03-23T11:24:47.140796

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

11288 / tcp

819727972 | 2025-03-19T15:25:12.753958

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

11300 / tcp

-407828767 | 2025-03-26T00:43:00.808884

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

11371 / tcp

0 | 2025-03-13T03:21:49.831926

Hashes

hash

-119996482

http.dom_hash

http.html_hash

HTTP/1.1 408 Request Timeout
Content-Length: 0

11602 / tcp

-1399940268 | 2025-03-13T02:35:43.531430

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

11681 / tcp

-2089734047 | 2025-03-19T18:59:33.966736

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12082 / tcp

819727972 | 2025-03-16T09:18:24.037952

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12104 / tcp

408230060 | 2025-03-04T13:36:37.758286

\r\nSorry, that nickname format is invalid.\r\n

12111 / tcp

1381121983 | 2025-03-12T18:52:37.570630

Notify\r\n

12115 / tcp

-1297953727 | 2025-02-28T11:24:35.316054

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

12138 / tcp

-1888448627 | 2025-03-19T03:20:43.344392

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12140 / tcp

1911457608 | 2025-03-08T18:00:45.919527

\x00[\x00\x00\x00\x00\x00\x00

12147 / tcp

1911457608 | 2025-03-15T19:37:50.831873

\x00[\x00\x00\x00\x00\x00\x00

12159 / tcp

-1327660293 | 2025-03-28T21:11:20.015478

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12166 / tcp

819727972 | 2025-03-27T16:19:51.502608

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12169 / tcp

740837454 | 2025-03-20T19:59:01.548496

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

12194 / tcp

1948301213 | 2025-03-24T20:18:16.128370

RFB 003.003
VNC:
  Protocol Version: 3.3

12203 / tcp

-136006866 | 2025-03-27T19:34:34.803614

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

12223 / tcp

-136006866 | 2025-03-18T23:12:46.337045

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

12231 / tcp

1308377066 | 2025-03-07T05:23:38.915722

ncacn_http/1.0

12240 / tcp

-375604792 | 2025-03-06T00:06:49.951115

220 Microsoft FTP Service

12242 / tcp

-2107996212 | 2025-03-03T18:26:45.750018

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

12244 / tcp

-1986594217 | 2025-03-11T07:49:45.683563

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

12252 / tcp

1363464823 | 2025-03-05T22:10:56.495549

\x00[|ox\x7f\x00\x00

12253 / tcp

819727972 | 2025-03-17T21:32:42.777088

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12267 / tcp

-1399940268 | 2025-03-17T08:13:00.709168

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12271 / tcp

-1399940268 | 2025-03-10T15:14:46.879727

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12294 / tcp

1911457608 | 2025-03-20T19:38:49.796002

\x00[\x00\x00\x00\x00\x00\x00

12308 / tcp

-1019343788 | 2025-03-06T05:33:40.094157

W!\x00\x00\x00\x00

12314 / tcp

-2031152423 | 2025-03-05T14:17:21.585937

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

12316 / tcp

2098371729 | 2025-03-20T17:07:03.400679

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

12318 / tcp

15018106 | 2025-03-15T16:55:30.175774

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

12341 / tcp

1911457608 | 2025-03-04T03:48:38.207044

\x00[\x00\x00\x00\x00\x00\x00

12343 / tcp

-2096652808 | 2025-03-08T11:45:39.463795

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12344 / tcp

-1399940268 | 2025-03-14T18:24:07.310424

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12345 / tcp

265065882 | 2025-03-22T19:01:55.484780

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked

12346 / tcp

-1399940268 | 2025-03-23T00:32:40.162674

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12354 / tcp

-1487943323 | 2025-03-22T04:03:01.950439

431 Unable to negotiate secure command connection.\r\n

12357 / tcp

-339084706 | 2025-03-03T19:36:00.930361

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

12358 / tcp

819727972 | 2025-03-10T13:42:50.025151

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12360 / tcp

-2089734047 | 2025-03-25T06:30:26.757917

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12369 / tcp

-438503381 | 2025-03-03T22:01:49.530690

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

12371 / tcp

597764502 | 2025-03-18T09:22:51.612314

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

12379 / tcp

-2089734047 | 2025-03-06T23:44:07.221546

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12389 / tcp

-1399940268 | 2025-03-20T21:42:02.230135

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12392 / tcp

1308377066 | 2025-03-05T03:37:43.993980

ncacn_http/1.0

12405 / tcp

1996932384 | 2025-03-12T13:53:59.063118

"raop" nonce

12421 / tcp

-445721795 | 2025-03-25T16:31:28.352887

\x00[\xc3\xaed\x1a\x7f\x00\x00

12425 / tcp

321971019 | 2025-03-04T03:47:48.245654

-ERR client ip is not in whitelist\r

12449 / tcp

1332894250 | 2025-03-15T21:41:15.366305

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

12459 / tcp

1332894250 | 2025-03-23T21:01:29.111481

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

12465 / tcp

-2033111675 | 2025-03-15T06:12:05.866175

~djb

12486 / tcp

-1399940268 | 2025-03-28T14:33:55.163179

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12517 / tcp

410249975 | 2025-03-26T01:23:51.751753

LNS READY<>

12523 / tcp

504717326 | 2025-03-11T19:20:21.823187

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 5 1

12528 / tcp

1212285915 | 2025-03-24T23:49:07.156628

\x00K\x00\x00\x02\x00\x00\x00%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

12551 / tcp

1615193817 | 2025-03-13T04:46:09.701963

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

12554 / tcp

1212285915 | 2025-03-28T10:02:03.847275

\x00K\x00\x00\x02\x00\x00\x00%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

12560 / tcp

819727972 | 2025-03-17T01:08:00.665203

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12568 / tcp

-454087041 | 2025-03-27T18:32:39.525597

\x1e\xc3\x80\x010\x02\x00\xc2\xa8\xc3\xa3\x00\x00\x00\x00

12577 / tcp

632542934 | 2025-03-03T20:59:26.529314

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

13047 / tcp

2087396567 | 2025-03-27T08:57:15.237648

kjnkjabhbanc283ubcsbhdc72

13128 / tcp

1911457608 | 2025-03-21T04:29:46.916592

\x00[\x00\x00\x00\x00\x00\x00

14147 / tcp

1911457608 | 2025-03-18T11:34:19.498164

\x00[\x00\x00\x00\x00\x00\x00

14265 / tcp

495406742 | 2025-03-11T06:45:23.208415

/0 0 L

14344 / tcp

1126993057 | 2025-03-25T20:44:39.159099

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

14905 / tcp

639175818 | 2025-03-12T19:17:50.581602

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

15044 / tcp

819727972 | 2025-03-15T18:47:46.822621

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

16004 / tcp

-2089734047 | 2025-03-20T21:51:42.675112

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

16025 / tcp

1911457608 | 2025-03-06T01:02:29.344662

\x00[\x00\x00\x00\x00\x00\x00

16031 / tcp

-1327660293 | 2025-03-24T19:34:40.499841

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

16034 / tcp

707919486 | 2025-02-28T08:35:54.721306

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

16067 / tcp

-454087041 | 2025-03-12T17:40:38.813214

\x1e\xc3\x80\x010\x02\x00\xc2\xa8\xc3\xa3\x00\x00\x00\x00

16074 / tcp

1830187220 | 2025-03-10T19:38:54.304837

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

16076 / tcp

819727972 | 2025-03-23T12:38:33.412347

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

16078 / tcp

1282941221 | 2025-03-08T19:02:31.535692

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

16092 / tcp

921225407 | 2025-03-04T16:55:44.310628

\x00\x00\x00\x04\x00\x00\x00\x00\x00

16464 / tcp

-321444299 | 2025-03-21T00:10:32.795567

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

16666 / tcp

819727972 | 2025-03-23T06:16:37.244292

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

16993 / tcp

1308377066 | 2025-03-22T15:19:50.220017

ncacn_http/1.0

17000 / tcp

-1810987450 | 2025-03-26T00:50:42.297740

\xc3\xbf

17773 / tcp

-1230049476 | 2025-03-16T01:13:27.488983

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

18005 / tcp

1911457608 | 2025-03-25T16:12:42.784822

\x00[\x00\x00\x00\x00\x00\x00

18007 / tcp

-1230049476 | 2025-03-05T16:10:21.769945

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

18021 / tcp

-1648456501 | 2025-03-15T05:31:05.421277

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

18040 / tcp

1148421955 | 2025-03-05T23:35:02.886314

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65a1140e_PSfjfzdx2wz88_25283-62185

18041 / tcp

1911457608 | 2025-03-21T17:44:17.318803

\x00[\x00\x00\x00\x00\x00\x00

18046 / tcp

575925250 | 2025-03-20T18:44:36.131384

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

18054 / tcp

-1810987450 | 2025-03-16T22:43:34.769861

\xc3\xbf

18074 / tcp

-2089734047 | 2025-03-25T21:04:50.610490

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

18075 / tcp

-1399940268 | 2025-03-15T08:58:48.391800

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18081 / tcp

104385780 | 2025-03-26T19:54:24.174887

ceph v2

18092 / tcp

-1261090339 | 2025-03-16T20:09:53.974756

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

18096 / tcp

1332894250 | 2025-03-14T19:26:32.568941

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

18109 / tcp

1911457608 | 2025-03-04T15:51:34.486217

\x00[\x00\x00\x00\x00\x00\x00

18245 / tcp

-1399940268 | 2025-03-18T07:55:08.998244

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18264 / tcp

-980525298 | 2025-03-22T07:08:33.589440

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

18443 / tcp

-2107996212 | 2025-03-28T20:34:21.949702

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

18553 / tcp

-1839934832 | 2025-03-26T21:34:48.430638

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

19000 / tcp

819727972 | 2025-03-21T14:42:17.863654

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

19930 / tcp

1842524259 | 2025-03-26T17:35:02.898459

20000 / tcp

1900503736 | 2025-03-07T07:53:25.927222

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

20001 / tcp

-136006866 | 2025-03-19T14:25:01.659905

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

20053 / tcp

-1399940268 | 2025-03-24T20:23:00.876412

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20070 / tcp

1989907056 | 2025-02-27T21:43:40.901430

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

20087 / tcp

-297128567 | 2025-03-26T11:24:46.294320

\x04\x01\xc3\xb4\x00\x15Internal Server Error\x00\x00\x00AB\x00\x02\x05\x00

20106 / tcp

820958131 | 2025-03-25T17:13:28.525306

kjnkjabhbanc283ubcsbhdc72\x02

20150 / tcp

-2080784861 | 2025-03-12T23:22:37.154844

GBPK\xc3\xbb\xc3\xb7n\xc2\x93W\xc2\xaf\xc2\x86\xc2\x93x@\xc2\xa9\x0e\xc3\x8a*\xc2\x9bS\x00

20208 / tcp

-297128567 | 2025-03-23T17:42:51.962280

\x04\x01\xc3\xb4\x00\x15Internal Server Error\x00\x00\x00AB\x00\x02\x05\x00

20512 / tcp

1426971893 | 2025-03-17T09:14:46.634425

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

20547 / tcp

722711397 | 2025-03-09T22:17:40.583208

\x00[M\xc3\xba\xc3\x9a\x7f\x00\x00

20600 / tcp

2063598737 | 2025-02-27T22:52:13.280933

/0 0 L\r\n/0 0 HUH\r\n

20880 / tcp

1370263973 | 2025-03-25T17:55:16.120400

dubbo>

20900 / tcp

-2017887953 | 2025-03-24T12:01:58.808323

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

21025 / tcp

-1441741890 | 2025-03-06T21:08:59.426505

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2
0181212])

21241 / tcp

1574088840 | 2025-03-25T02:35:21.882191

">Application and Content Networking Software 3.9</a>)\n</BODY><

21257 / tcp

-1399940268 | 2025-02-27T20:41:01.508740

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21260 / tcp

-1230049476 | 2025-03-23T16:01:50.202007

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

21268 / tcp

2063598737 | 2025-03-23T21:47:58.311595

/0 0 L\r\n/0 0 HUH\r\n

21286 / tcp

-1399940268 | 2025-03-23T11:43:35.213439

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21305 / tcp

-1297953727 | 2025-03-09T19:04:17.195277

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

21313 / tcp

2063598737 | 2025-03-06T10:05:23.867473

/0 0 L\r\n/0 0 HUH\r\n

21314 / tcp

-1399940268 | 2025-03-05T13:39:00.059791

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21316 / tcp

165188539 | 2025-03-03T21:12:41.049130

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

21321 / tcp

-441419608 | 2025-03-28T05:43:37.885579

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

21325 / tcp

307999478 | 2025-03-25T05:40:11.130995

unknown command \r\nunknown command \r\n

21379 / tcp

-1810987450 | 2025-03-24T18:52:02.165571

\xc3\xbf

22000 / tcp

1741579575 | 2025-03-27T11:57:14.247302

22067 / tcp

1544300041 | 2025-03-27T17:41:19.698910

SSH-25453-Cisco-3524665.35

22070 / tcp

-1441741890 | 2025-03-27T17:13:26.322980

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2
0181212])

22082 / tcp

-1746074029 | 2025-03-10T12:59:23.184614

101 imqbroker =unV\r\n

22556 / tcp

-1899074860 | 2025-03-19T07:43:41.522635

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

22703 / tcp

-1399940268 | 2025-03-26T21:10:05.745703

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

23424 / tcp

1830187220 | 2025-03-24T22:18:33.733884

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

24082 / tcp

119860953 | 2025-03-06T07:41:02.484651

* OK ArGoSoft Mail Server IMAP Module v.YW at

24808 / tcp

740837454 | 2025-03-03T18:49:41.437977

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

25001 / tcp

-1399940268 | 2025-03-27T00:16:16.126595

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

25082 / tcp

1975288991 | 2025-03-03T22:54:19.357223

OPTI

25565 / tcp

-2096652808 | 2025-03-11T18:27:30.472542

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

26656 / tcp

1308377066 | 2025-03-13T06:25:33.051260

ncacn_http/1.0

26657 / tcp

2103111368 | 2025-03-28T02:45:47.891540

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

27017 / tcp

1763259671 | 2025-03-06T09:54:36.427712

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

27036 / tcp

-2017887953 | 2025-03-25T08:54:35.502192

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

27571 / tcp

1996932384 | 2025-03-06T09:47:12.876200

"raop" nonce

28015 / tcp

1741579575 | 2025-03-21T12:21:43.822836

28017 / tcp

-971970408 | 2025-03-24T15:48:34.953572

28443 / tcp

632542934 | 2025-03-22T19:14:23.181170

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

30001 / tcp

-2089734047 | 2025-03-04T10:10:37.814762

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

30002 / tcp

648533320 | 2025-03-14T03:26:53.644153

[l¶Ð

30009 / tcp

-1399940268 | 2025-03-25T21:46:50.016405

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

30017 / tcp

-1230049476 | 2025-03-26T11:58:24.899307

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

30022 / tcp

2087396567 | 2025-03-18T21:39:07.604432

kjnkjabhbanc283ubcsbhdc72

30029 / tcp

-1399940268 | 2025-03-06T12:45:59.823920

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

30122 / tcp

1762042191 | 2025-03-18T16:26:55.105010

\x7f\x7fICA\x00

30123 / tcp

1762042191 | 2025-03-09T16:39:07.072479

\x7f\x7fICA\x00

30222 / tcp

1544300041 | 2025-03-25T17:19:33.030544

SSH-25453-Cisco-3524665.35

30301 / tcp

819727972 | 2025-03-15T19:15:50.566454

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

30322 / tcp

-971970408 | 2025-03-24T13:47:06.014401

30452 / tcp

-445721795 | 2025-03-12T01:15:34.223550

\x00[\xc3\xaed\x1a\x7f\x00\x00

30522 / tcp

2087396567 | 2025-03-26T06:08:33.122198

kjnkjabhbanc283ubcsbhdc72

30622 / tcp

2087396567 | 2025-03-26T03:16:51.431226

kjnkjabhbanc283ubcsbhdc72

30718 / tcp

1555536667 | 2025-03-22T11:48:30.080496

LH\xdb\xc6\xdd\xf6g\x10\x19\x00\x00\x00\x18\x00\x01\x02\x00\x10\x00\x04\x00\x00\x00\x010\x06/@\xa2\x81Z\xfd\xc8I\x90;}P\xd6

30722 / tcp

2087396567 | 2025-03-25T00:12:04.693096

kjnkjabhbanc283ubcsbhdc72

30822 / tcp

-1013082686 | 2025-03-12T19:46:47.467208

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

30892 / tcp

-1810987450 | 2025-03-16T17:26:46.182324

\xc3\xbf

30922 / tcp

-971970408 | 2025-03-20T22:27:28.170812

31122 / tcp

-1428621233 | 2025-03-09T13:17:01.485741

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

31322 / tcp

-1059554316 | 2025-03-25T05:34:44.491866

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

31443 / tcp

1761482307 | 2025-03-28T16:59:26.303893

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

31522 / tcp

671605376 | 2025-03-13T01:01:45.896787

SSH-2.0-OpenSSH_X.X

31822 / tcp

819727972 | 2025-03-20T19:13:18.790492

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

32101 / tcp

1278527606 | 2025-03-04T14:51:56.073972

SSH-2.0-Teleport

32102 / tcp

-1399940268 | 2025-03-20T09:48:33.118528

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

32122 / tcp

1741579575 | 2025-03-20T03:18:16.621605

32222 / tcp

1282941221 | 2025-03-09T07:33:23.825548

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

32400 / tcp

-154107716 | 2025-03-23T15:36:38.779325

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

32443 / tcp

1911457608 | 2025-03-21T19:26:02.069466

\x00[\x00\x00\x00\x00\x00\x00

32522 / tcp

2087396567 | 2025-03-22T03:59:41.115281

kjnkjabhbanc283ubcsbhdc72

32622 / tcp

-1760806421 | 2025-03-11T19:34:41.884917

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected

32722 / tcp

-971970408 | 2025-03-23T06:58:19.969778

32746 / tcp

-1888448627 | 2025-03-26T06:39:02.976844

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

32764 / tcp

2087396567 | 2025-03-24T10:27:40.369559

kjnkjabhbanc283ubcsbhdc72

32822 / tcp

-1316491703 | 2025-03-23T03:54:05.335663

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready

32922 / tcp

2087396567 | 2025-03-23T01:56:42.145801

kjnkjabhbanc283ubcsbhdc72

33122 / tcp

819727972 | 2025-03-04T15:22:38.631149

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

33222 / tcp

-1375131644 | 2025-03-19T23:52:53.580494

\x00[v\xc3\xbdC\x7f\x00\x00

33389 / tcp

-1839934832 | 2025-03-26T17:44:23.452834

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

33422 / tcp

2087396567 | 2025-03-19T16:54:58.984296

kjnkjabhbanc283ubcsbhdc72

33622 / tcp

-1598265216 | 2025-03-08T19:40:47.091667

@RSYNCD: 31.0

33722 / tcp

-971970408 | 2025-03-08T17:57:49.327550

34122 / tcp

-1648456501 | 2025-03-20T15:37:41.875736

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

34322 / tcp

-441419608 | 2025-03-19T18:40:11.793982

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

34500 / tcp

971933601 | 2025-03-15T14:53:16.131950

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

34722 / tcp

-1839934832 | 2025-03-19T08:08:23.399082

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

34822 / tcp

1261582754 | 2025-03-19T06:24:56.805368

unknown command 
unknown command

34922 / tcp

-746114901 | 2025-03-18T20:13:54.265066

[KpU

35004 / tcp

1911457608 | 2025-03-14T21:11:50.607493

\x00[\x00\x00\x00\x00\x00\x00

35222 / tcp

2087396567 | 2025-03-18T09:35:15.474429

kjnkjabhbanc283ubcsbhdc72

35522 / tcp

1741579575 | 2025-03-17T01:47:00.466045

35531 / tcp

819727972 | 2025-03-25T03:49:16.752350

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

35622 / tcp

-1261090339 | 2025-03-18T08:39:46.059595

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

35722 / tcp

1741579575 | 2025-03-17T11:03:35.021164

35922 / tcp

2087396567 | 2025-03-17T00:46:14.772737

kjnkjabhbanc283ubcsbhdc72

36022 / tcp

-1611764932 | 2025-03-17T21:16:46.794146

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

36505 / tcp

-1399940268 | 2025-03-06T06:57:32.648788

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

36522 / tcp

-971970408 | 2025-02-28T20:46:44.863052

36722 / tcp

2087396567 | 2025-03-17T05:03:35.631632

kjnkjabhbanc283ubcsbhdc72

36984 / tcp

-1428621233 | 2025-03-22T06:31:09.227407

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

37222 / tcp

1332894250 | 2025-03-14T19:41:25.838692

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

37322 / tcp

-971970408 | 2025-03-16T11:19:50.276372

37522 / tcp

-641479109 | 2025-03-16T09:43:44.057246

[xU-

37722 / tcp

841014058 | 2025-03-16T00:59:40.039357

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

37777 / tcp

1911457608 | 2025-03-23T23:05:06.478079

\x00[\x00\x00\x00\x00\x00\x00

37922 / tcp

1308377066 | 2025-03-18T00:57:29.638628

ncacn_http/1.0

38022 / tcp

1741579575 | 2025-03-17T22:58:45.525240

38122 / tcp

-2096652808 | 2025-03-15T17:55:07.581766

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

39322 / tcp

-971970408 | 2025-03-11T11:10:17.845955

39822 / tcp

1278527606 | 2025-03-12T05:54:05.850466

SSH-2.0-Teleport

40722 / tcp

2033888749 | 2025-03-08T14:48:07.326521

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

41443 / tcp

819727972 | 2025-03-28T06:29:38.838888

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

41522 / tcp

1741579575 | 2025-03-04T22:03:47.699215

41794 / tcp

2087396567 | 2025-03-23T21:01:25.836192

kjnkjabhbanc283ubcsbhdc72

43200 / tcp

1189133115 | 2025-03-12T23:44:42.679445

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

43222 / tcp

2087396567 | 2025-03-01T00:15:28.905789

kjnkjabhbanc283ubcsbhdc72

43322 / tcp

-1730858130 | 2025-02-27T22:26:24.781686

RFB 003.008
VNC:
  Protocol Version: 3.8

43422 / tcp

-1990350878 | 2025-02-27T20:10:13.124747

 
04 \...

43622 / tcp

2087396567 | 2025-02-27T00:14:20.422856

kjnkjabhbanc283ubcsbhdc72

43822 / tcp

819727972 | 2025-02-27T04:09:49.459906

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

44022 / tcp

1690634669 | 2025-02-27T16:04:17.258483

44158 / tcp

-433302150 | 2025-03-27T14:25:59.419976

/multistream/1.0.0

44222 / tcp

-1730858130 | 2025-03-10T23:12:08.816592

RFB 003.008
VNC:
  Protocol Version: 3.8

44310 / tcp

-2089734047 | 2025-03-26T00:12:46.857713

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

44320 / tcp

921225407 | 2025-03-08T17:54:38.749533

\x00\x00\x00\x04\x00\x00\x00\x00\x00

44340 / tcp

819727972 | 2025-03-18T22:17:45.566696

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

44341 / tcp

819727972 | 2025-02-27T17:48:09.494941

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

44520 / tcp

1911457608 | 2025-03-22T14:02:11.657259

\x00[\x00\x00\x00\x00\x00\x00

44818 / tcp

539065883 | 2025-03-24T20:32:55.126107

45001 / tcp

-2033111675 | 2025-03-07T02:08:06.528829

~djb

45005 / tcp

-1453516345 | 2025-02-27T05:41:08.512339

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

45022 / tcp

2087396567 | 2025-03-10T16:09:02.565374

kjnkjabhbanc283ubcsbhdc72

45111 / tcp

455076604 | 2025-03-26T18:11:34.524600

!\x07version\x04bind7 t{RPowerDNS Recursor 410

45666 / tcp

321971019 | 2025-03-12T18:44:39.499555

-ERR client ip is not in whitelist\r

45886 / tcp

-2089734047 | 2025-03-14T11:47:03.418947

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

47922 / tcp

599074451 | 2025-03-10T07:28:34.657015

msg

47990 / tcp

539065883 | 2025-03-03T20:54:46.160351

48022 / tcp

-971970408 | 2025-03-07T11:04:28.392444

48422 / tcp

2087396567 | 2025-03-10T01:03:41.986840

kjnkjabhbanc283ubcsbhdc72

48522 / tcp

1741579575 | 2025-03-09T22:49:49.655744

49022 / tcp

1161309183 | 2025-03-07T14:27:59.324426

ProxyServer is ready

49121 / tcp

-653033013 | 2025-03-22T10:01:35.379388

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

49152 / tcp

130818875 | 2025-03-20T07:08:02.309509

HTTP/1.1 500 Internal Server Error
CONTENT-LENGTH: 411
CONTENT-TYPE: text/xml; charset="utf-8"
DATE: Mon, 22 Jan 2024 16:06:03 GMT
EXT:
SERVER: Linux/4.9.118, UPnP/1.0, Portable SDK for UPnP devices/1.6.18
X-User-Agent: redsonic

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<s:Body>
<s:Fault>
<faultcode>s:Client</faultcode>
<faultstring>UPnPError</faultstring>
<detail>
<UPnPError xmlns="urn:schemas-upnp-org:control-1-0">

49153 / tcp

819727972 | 2025-03-22T13:40:12.749079

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

50000 / tcp

-154107716 | 2025-03-24T17:57:27.719366

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

50005 / tcp

-1399940268 | 2025-03-17T20:23:07.378474

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

50010 / tcp

-585940771 | 2025-02-27T17:02:53.121318

Unknown command\r\n

50012 / tcp

-1399940268 | 2025-03-20T10:39:59.892407

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

50070 / tcp

2087396567 | 2025-03-28T11:34:35.086015

kjnkjabhbanc283ubcsbhdc72

50100 / tcp

1758906148 | 2025-03-28T02:11:45.390804

[KpU

50104 / tcp

-136006866 | 2025-03-18T19:16:39.583908

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

51002 / tcp

-1399940268 | 2025-03-18T17:31:38.374835

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

51201 / tcp

-1105333987 | 2025-03-25T13:07:22.518822

\x00[KpU\x7f\x00\x00

51235 / tcp

2033888749 | 2025-03-21T17:49:49.191758

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

52022 / tcp

-1681927087 | 2025-03-07T01:12:07.350036

kjnkjabhbanc283ubcsbhdc72

53480 / tcp

-1327660293 | 2025-03-08T12:03:42.490194

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

53490 / tcp

1504401647 | 2025-03-07T16:12:31.154703

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

54138 / tcp

2087396567 | 2025-03-21T09:23:21.012960

kjnkjabhbanc283ubcsbhdc72

55000 / tcp

632542934 | 2025-03-18T21:24:37.234917

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

55022 / tcp

2087396567 | 2025-03-07T04:23:18.843243

kjnkjabhbanc283ubcsbhdc72

55442 / tcp

-1013082686 | 2025-03-20T20:45:01.562447

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

55443 / tcp

-79865617 | 2025-03-18T14:50:31.626477

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com
mit-revprops depth log-revprops partial-replay ) ) )

55553 / tcp

-1036370807 | 2025-03-24T00:16:10.792258

JDWP-Handshake

55622 / tcp

-1795027372 | 2025-03-06T16:15:30.721302

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

57783 / tcp

1911457608 | 2025-03-11T01:33:00.603694

\x00[\x00\x00\x00\x00\x00\x00

57785 / tcp

-2096652808 | 2025-03-23T21:02:40.232943

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

57922 / tcp

1690634669 | 2025-03-06T04:39:13.767206

58122 / tcp

2087396567 | 2025-03-06T04:12:45.396439

kjnkjabhbanc283ubcsbhdc72

58422 / tcp

1978059005 | 2025-03-05T21:41:16.436117

Sorry, that nickname format is invalid.

58603 / tcp

580340387 | 2025-03-20T16:05:40.008780

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

58722 / tcp

1741579575 | 2025-03-05T18:15:32.776027

58822 / tcp

-784071826 | 2025-03-05T16:32:52.669679

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 5 1

58922 / tcp

-971970408 | 2025-03-05T15:07:43.475930

59012 / tcp

-2046514463 | 2025-03-22T01:57:04.602680

AB\x01\t

59222 / tcp

-1428621233 | 2025-03-05T09:39:22.023312

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

59322 / tcp

291723434 | 2025-03-05T07:53:55.084667

Lantronix MSS100 Version V118/523(045538937)

Type HELP at the 'Local_61349> ' prompt for assistance.



Username>

59522 / tcp

819727972 | 2025-03-03T19:17:09.070061

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

60129 / tcp

-79865617 | 2025-03-28T12:10:33.314936

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com
mit-revprops depth log-revprops partial-replay ) ) )

61613 / tcp

-1399940268 | 2025-03-09T18:39:14.223855

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

61616 / tcp

550048729 | 2025-03-07T14:24:31.564892

ÿÿÿ
0 ...

61617 / tcp

1911457608 | 2025-03-06T12:15:43.650923

\x00[\x00\x00\x00\x00\x00\x00

62078 / tcp

1842317374 | 2025-03-06T07:14:19.210015

/1.1 400 Bad Request
Server: nginx/1.13.0
Content-Type: text/html
Connection: close

63210 / tcp

2087396567 | 2025-03-24T18:54:46.748173

kjnkjabhbanc283ubcsbhdc72

63256 / tcp

-653033013 | 2025-03-21T20:57:50.847174

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

63257 / tcp

2087396567 | 2025-03-27T09:58:40.480134

kjnkjabhbanc283ubcsbhdc72

63260 / tcp

-445721795 | 2025-03-24T15:17:56.179292

\x00[\xc3\xaed\x1a\x7f\x00\x00

65000 / tcp

265065882 | 2025-03-05T07:17:08.021550

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked

106.11.43.76

Last Seen: 2025-03-28

Tags:

GeneralInformation

OpenPorts

11 / tcp 1975288991 | 2025-03-27T22:06:40.437277

13 / tcp 1297354658 | 2025-03-18T16:07:44.822707

15 / tcp -1316398834 | 2025-03-19T13:38:44.148793

17 / tcp 344087494 | 2025-03-24T08:06:22.063794

24 / tcp 575925250 | 2025-03-28T01:10:17.863245

25 / tcp -1399940268 | 2025-03-27T22:52:05.420959

37 / tcp 1288534451 | 2025-03-25T23:36:23.337502

43 / tcp 897328069 | 2025-03-11T22:25:54.094847

53 / tcp 1024248778 | 2025-03-28T01:45:01.501892

70 / tcp 1738069263 | 2025-03-26T15:52:29.723578

80 / tcp 378047766 | 2025-03-28T06:36:30.725612

Hashes

91 / tcp -339084706 | 2025-03-10T16:07:50.373043

96 / tcp -358801646 | 2025-03-16T21:30:51.188083

99 / tcp 1713556628 | 2025-03-10T06:40:19.497570

101 / tcp 921225407 | 2025-03-13T20:35:28.516171

104 / tcp -1114821551 | 2025-03-24T10:50:06.217251

111 / tcp -746114901 | 2025-03-27T05:32:04.943716

113 / tcp 1412519768 | 2025-03-15T15:52:59.691223

119 / tcp 141730637 | 2025-03-19T19:20:45.922805

135 / tcp 1141948216 | 2025-03-21T16:21:27.789489

143 / tcp 376198496 | 2025-03-24T07:32:22.716854

175 / tcp 1282941221 | 2025-03-25T07:48:15.376259

179 / tcp -399606100 | 2025-03-21T13:44:14.707303

195 / tcp 550048729 | 2025-03-27T00:01:00.744351

221 / tcp -136006866 | 2025-03-17T18:20:26.214773

285 / tcp -2080784861 | 2025-03-26T19:05:07.580694

389 / tcp -1907080992 | 2025-03-10T01:58:52.130120

427 / tcp 1998636604 | 2025-03-04T12:13:39.507708

443 / tcp 378047766 | 2025-03-22T02:58:12.218735

Hashes

448 / tcp 165188539 | 2025-03-11T10:46:50.883256

461 / tcp -1375131644 | 2025-03-19T17:56:38.954405

503 / tcp -358801646 | 2025-03-20T21:33:44.119971

513 / tcp 1911457608 | 2025-02-27T20:14:41.761062

541 / tcp -1876452130 | 2025-03-16T09:11:09.004902

554 / tcp 285770450 | 2025-03-21T05:55:15.298902

636 / tcp 1402312074 | 2025-03-15T00:23:23.666805

646 / tcp -1333327832 | 2025-03-04T23:13:28.107926

666 / tcp 1300162323 | 2025-03-28T11:56:38.696838

743 / tcp 632542934 | 2025-03-16T11:11:13.210037

772 / tcp 819727972 | 2025-03-18T23:31:57.920492

777 / tcp 1298735494 | 2025-03-24T13:43:18.386400

782 / tcp -345718689 | 2025-03-13T19:21:52.653693

801 / tcp -1399940268 | 2025-03-14T00:36:28.748760

809 / tcp 639175818 | 2025-03-11T09:40:23.307934

843 / tcp -2004989248 | 2025-03-22T15:23:55.300102

873 / tcp -992671574 | 2025-03-17T07:14:05.633377

992 / tcp -1242315829 | 2025-03-25T21:50:03.758204

993 / tcp 321971019 | 2025-03-26T12:30:48.791962

995 / tcp -1199842642 | 2025-03-14T03:37:32.385190

1050 / tcp 1911457608 | 2025-03-28T19:34:32.237112

1080 / tcp 1362344524 | 2025-03-19T20:54:55.885636

1099 / tcp 819727972 | 2025-03-24T03:23:23.871845

1110 / tcp 1909672637 | 2025-03-18T11:19:58.829902

1153 / tcp -2096652808 | 2025-02-28T21:07:01.366252

1177 / tcp 1632932802 | 2025-03-21T17:41:37.127597

1200 / tcp -956469251 | 2025-03-22T07:16:58.508673

1234 / tcp 1919228981 | 2025-03-09T07:28:10.080732

1235 / tcp 921225407 | 2025-03-13T03:16:24.212616

1337 / tcp -971970408 | 2025-03-20T13:59:14.701055

1355 / tcp 1911457608 | 2025-03-06T16:45:52.453499

1414 / tcp -1538260461 | 2025-02-27T07:19:05.155268

1433 / tcp -186520940 | 2025-03-23T23:36:10.079732

1443 / tcp -1715152554 | 2025-03-05T15:48:56.665999

Hashes

1450 / tcp 707919486 | 2025-03-10T05:30:28.353062

1452 / tcp -1839934832 | 2025-03-21T05:04:30.705141

1459 / tcp -1839934832 | 2025-03-17T18:13:22.941755

1460 / tcp -1097188123 | 2025-03-07T16:11:23.803484

1515 / tcp -971970408 | 2025-03-25T22:43:46.939697

1521 / tcp 1975288991 | 2025-03-27T13:43:12.566887

1554 / tcp -1265999252 | 2025-03-19T17:17:33.682671

1599 / tcp 996960436 | 2025-03-28T01:04:55.120568

1723 / tcp -1608241410 | 2025-03-25T22:19:58.377635

11 / tcp

1975288991 | 2025-03-27T22:06:40.437277

13 / tcp

1297354658 | 2025-03-18T16:07:44.822707

15 / tcp

-1316398834 | 2025-03-19T13:38:44.148793

17 / tcp

344087494 | 2025-03-24T08:06:22.063794

24 / tcp

575925250 | 2025-03-28T01:10:17.863245

25 / tcp

-1399940268 | 2025-03-27T22:52:05.420959

37 / tcp

1288534451 | 2025-03-25T23:36:23.337502

43 / tcp

897328069 | 2025-03-11T22:25:54.094847

53 / tcp

1024248778 | 2025-03-28T01:45:01.501892

70 / tcp

1738069263 | 2025-03-26T15:52:29.723578

80 / tcp

378047766 | 2025-03-28T06:36:30.725612

91 / tcp

-339084706 | 2025-03-10T16:07:50.373043

96 / tcp

-358801646 | 2025-03-16T21:30:51.188083

99 / tcp

1713556628 | 2025-03-10T06:40:19.497570

101 / tcp

921225407 | 2025-03-13T20:35:28.516171

104 / tcp

-1114821551 | 2025-03-24T10:50:06.217251

111 / tcp

-746114901 | 2025-03-27T05:32:04.943716

113 / tcp

1412519768 | 2025-03-15T15:52:59.691223

119 / tcp

141730637 | 2025-03-19T19:20:45.922805

135 / tcp

1141948216 | 2025-03-21T16:21:27.789489

143 / tcp

376198496 | 2025-03-24T07:32:22.716854

175 / tcp

1282941221 | 2025-03-25T07:48:15.376259

179 / tcp

-399606100 | 2025-03-21T13:44:14.707303

195 / tcp

550048729 | 2025-03-27T00:01:00.744351

221 / tcp

-136006866 | 2025-03-17T18:20:26.214773

285 / tcp

-2080784861 | 2025-03-26T19:05:07.580694

389 / tcp

-1907080992 | 2025-03-10T01:58:52.130120

427 / tcp

1998636604 | 2025-03-04T12:13:39.507708

443 / tcp

378047766 | 2025-03-22T02:58:12.218735

448 / tcp

165188539 | 2025-03-11T10:46:50.883256

461 / tcp

-1375131644 | 2025-03-19T17:56:38.954405

503 / tcp

-358801646 | 2025-03-20T21:33:44.119971

513 / tcp

1911457608 | 2025-02-27T20:14:41.761062

541 / tcp

-1876452130 | 2025-03-16T09:11:09.004902

554 / tcp

285770450 | 2025-03-21T05:55:15.298902

636 / tcp

1402312074 | 2025-03-15T00:23:23.666805

646 / tcp

-1333327832 | 2025-03-04T23:13:28.107926

666 / tcp

1300162323 | 2025-03-28T11:56:38.696838

743 / tcp

632542934 | 2025-03-16T11:11:13.210037

772 / tcp

819727972 | 2025-03-18T23:31:57.920492

777 / tcp

1298735494 | 2025-03-24T13:43:18.386400

782 / tcp

-345718689 | 2025-03-13T19:21:52.653693

801 / tcp

-1399940268 | 2025-03-14T00:36:28.748760

809 / tcp

639175818 | 2025-03-11T09:40:23.307934

843 / tcp

-2004989248 | 2025-03-22T15:23:55.300102

873 / tcp

-992671574 | 2025-03-17T07:14:05.633377

992 / tcp

-1242315829 | 2025-03-25T21:50:03.758204

993 / tcp

321971019 | 2025-03-26T12:30:48.791962

995 / tcp

-1199842642 | 2025-03-14T03:37:32.385190

1050 / tcp

1911457608 | 2025-03-28T19:34:32.237112

1080 / tcp

1362344524 | 2025-03-19T20:54:55.885636

1099 / tcp

819727972 | 2025-03-24T03:23:23.871845

1110 / tcp

1909672637 | 2025-03-18T11:19:58.829902

1153 / tcp

-2096652808 | 2025-02-28T21:07:01.366252

1177 / tcp

1632932802 | 2025-03-21T17:41:37.127597

1200 / tcp

-956469251 | 2025-03-22T07:16:58.508673

1234 / tcp

1919228981 | 2025-03-09T07:28:10.080732

1235 / tcp

921225407 | 2025-03-13T03:16:24.212616

1337 / tcp

-971970408 | 2025-03-20T13:59:14.701055

1355 / tcp

1911457608 | 2025-03-06T16:45:52.453499

1414 / tcp

-1538260461 | 2025-02-27T07:19:05.155268

1433 / tcp

-186520940 | 2025-03-23T23:36:10.079732

1443 / tcp

-1715152554 | 2025-03-05T15:48:56.665999

1450 / tcp

707919486 | 2025-03-10T05:30:28.353062

1452 / tcp

-1839934832 | 2025-03-21T05:04:30.705141

1459 / tcp

-1839934832 | 2025-03-17T18:13:22.941755

1460 / tcp

-1097188123 | 2025-03-07T16:11:23.803484

1515 / tcp

-971970408 | 2025-03-25T22:43:46.939697

1521 / tcp

1975288991 | 2025-03-27T13:43:12.566887

1554 / tcp

-1265999252 | 2025-03-19T17:17:33.682671

1599 / tcp

996960436 | 2025-03-28T01:04:55.120568

1723 / tcp

-1608241410 | 2025-03-25T22:19:58.377635

1800 / tcp

-2107996212 | 2025-03-11T08:36:11.530808

1801 / tcp

-1299899661 | 2025-03-25T12:36:27.409037

1883 / tcp

-1730858130 | 2025-03-19T07:08:37.616915

1911 / tcp

1353260875 | 2025-03-17T06:13:08.399786

1926 / tcp

841014058 | 2025-03-25T23:31:04.926185

1962 / tcp

-1399940268 | 2025-03-27T12:46:28.215570

1983 / tcp

-2089734047 | 2025-03-09T08:51:39.309078

1986 / tcp

-2107996212 | 2025-03-10T05:39:02.041210