GeneralInformation

Hostnames	oss-cn-shenzhen.aliyuncs.com
Domains	aliyuncs.com
Country	China
City	Shenzhen
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2024(1)

CVE-2024-6387

8.1A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(2)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

2019(4)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(3)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

2017(1)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(4)

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(1)

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

13 15 19 21 23 25 26 43 65 70 79 84 89 104 110 111 113 122 135 139 180 192 195 234 389 443 465 513 515 541 548 636 646 675 789 853 873 990 992 993 1023 1027 1028 1080 1099 1177 1180 1200 1234 1337 1343 1433 1450 1515 1521 1554 1599 1604 1800 1801 1958 1971 1972 1973 1975 1976 1979 1989 2000 2002 2003 2008 2049 2054 2055 2064 2079 2107 2121 2154 2271 2323 2376 2404 2455 2554 2556 2567 2599 2761 3017 3054 3073 3089 3101 3114 3118 3142 3149 3153 3159 3176 3186 3256 3260 3269 3299 3301 3306 3341 3345 3388 3407 3408 3524 3531 3542 3569 3580 4000 4002 4120 4157 4242 4250 4282 4369 4400 4434 4443 4459 4500 4502 4505 4510 4602 4646 4734 4899 4911 4949 4993 5003 5006 5007 5010 5022 5051 5070 5105 5180 5201 5224 5228 5249 5251 5256 5266 5267 5433 5435 5444 5446 5542 5544 5556 5593 5603 5613 5614 5640 5650 5672 5913 5916 5917 5984 5986 5997 6000 6002 6020 6021 6264 6379 6443 6550 6633 6661 6668 6697 7001 7005 7011 7016 7071 7085 7403 7415 7434 7443 7444 7634 7676 7801 8000 8001 8009 8012 8015 8034 8035 8051 8066 8074 8083 8085 8087 8089 8104 8105 8117 8126 8132 8139 8164 8196 8280 8393 8415 8421 8432 8451 8459 8465 8475 8481 8494 8501 8519 8531 8564 8566 8567 8576 8584 8605 8649 8666 8702 8703 8791 8806 8807 8828 8838 8839 8852 8860 8865 8866 8868 8870 8873 8877 8889 8899 8912 8988 9000 9006 9012 9024 9035 9037 9041 9042 9055 9065 9075 9079 9082 9091 9130 9131 9151 9176 9183 9193 9203 9210 9333 9600 9611 9761 9930 9955 9977 9998 9999 10001 10011 10015 10028 10036 10041 10051 10134 10443 10444 10554 10909 10911 10935 11000 11001 11002 11112 11182 11184 11211 11288 11701 12088 12126 12133 12139 12168 12239 12241 12268 12270 12287 12288 12291 12296 12307 12312 12321 12345 12352 12356 12359 12366 12371 12407 12414 12427 12457 12462 12468 12482 12483 12506 12516 12518 12522 12536 12555 12562 12568 12584 12589 12980 13047 14182 14265 14344 14880 14894 14909 15443 15504 15588 15831 16006 16018 16023 16028 16036 16041 16044 16046 16048 16054 16061 16065 16075 16091 16101 16316 16601 17772 17773 18004 18010 18030 18032 18036 18043 18058 18065 18080 18081 18085 18099 18101 18105 18106 18368 19071 19100 20082 20106 20150 20182 20184 20202 20256 20547 20880 20900 21025 21261 21284 21303 21316 21321 21379 22403 22556 22705 23023 23184 24245 25001 25002 25007 26656 26657 28015 28080 30002 30003 30004 30022 30050 30106 30222 30301 30422 30473 30622 30892 31022 31122 31222 31322 31337 31380 31422 31443 31522 31722 31822 32022 32122 32222 32322 32443 32522 32622 32722 32764 33422 33622 33722 34422 34722 35000 35004 35022 35322 35522 35560 35622 35822 35922 36022 36122 36222 36322 36422 36501 36622 36722 37022 37122 37222 37322 37522 37622 37922 38022 38222 38333 38622 38722 38822 39122 39522 39622 39722 40022 40222 40322 41022 41443 41522 41822 41922 42122 42222 42422 42424 42901 44158 44222 44307 45002 45003 45022 45111 45777 45822 45922 46443 47722 47822 47990 48013 48020 48022 48422 48522 49690 50000 50050 50101 50106 50580 50777 50805 52340 53022 53480 54545 54922 55000 55222 55422 55553 55822 57522 57722 57779 57785 57787 57822 58122 58322 58522 58722 58822 58922 59022 59222 59322 59522 60001 60129 61613 62237 62443 63210 63257 63260 64738 65000

13 / tcp

-2127598635 | 2025-03-17T14:58:32.895219

14:02:51 2024/1/22

15 / tcp

921225407 | 2025-03-17T00:01:48.024353

\x00\x00\x00\x04\x00\x00\x00\x00\x00

19 / tcp

751496153 | 2025-03-15T14:42:24.260206

* OK TeamXchange IMAP4rev1 server (otyUg) ready.

21 / tcp

1564456597 | 2025-03-11T12:46:49.790241

220 Firewall Authentication required before proceeding with service

23 / tcp

-1288412979 | 2025-03-14T20:16:57.289331

Connection refused

25 / tcp

-1261090339 | 2025-03-07T02:27:05.763004

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

26 / tcp

-2096652808 | 2025-03-12T09:32:09.702752

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

43 / tcp

104385780 | 2025-03-14T15:37:33.628839

ceph v2

65 / tcp

-1059554316 | 2025-03-12T22:21:37.643419

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

70 / tcp

857710896 | 2025-03-04T13:21:03.082119

HTTP/1.1 200 OK
Server:  
X-Frame-Options: SAMEORIGIN
Content-type: text/html; charset=UTF-8
Last-modified: Mon, 27 Nov 2023 21:45:42 GMT
Accept-Ranges: bytes
Content-length: 580
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff

79 / tcp

-1770051369 | 2025-03-10T11:27:44.238804

421 too many connections

84 / tcp

0 | 2025-03-04T22:31:27.874399

Hashes

hash

-119996482

http.dom_hash

http.html_hash

HTTP/1.1 408 Request Timeout
Content-Length: 0

89 / tcp

1208318993 | 2025-03-16T16:05:51.395972

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

104 / tcp

-2107996212 | 2025-03-06T10:41:12.460765

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

110 / tcp

819727972 | 2025-03-14T17:21:26.613762

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

111 / tcp

1996932384 | 2025-03-11T22:14:02.223100

"raop" nonce

113 / tcp

-669112739 | 2025-03-14T00:16:44.721977

Bÿn\x04Too many connections

122 / tcp

-2096652808 | 2025-03-06T19:38:08.046666

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

135 / tcp

1483120365 | 2025-03-17T18:36:17.928663

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: OP2\n IP2: 192.168.0.20\n IP3: 61.230.135.142\n IP4: 2001:b011:2006:c3ef:18c0:9e02:ef7:84c8\n\nNTLMSSP:\nTarget_Name: OP2\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: OP2\nNetBIOS_Computer_Name: OP2\nDNS_Domain_Name: OP2\nDNS_Computer_Name: OP2\nSystem_Time: 2024-01-22 07:10:42 +0000 UTC\n\nDCERPC Dump:\n4b112204-0e19-11d3-b42b-

139 / tcp

-1270998736 | 2025-03-08T20:20:53.403731

\\x83\\x00\\x00\\x01\\x8f

180 / tcp

1767345577 | 2025-03-05T16:29:03.940619

Hello, this is Quagga (version 0T).
Copyright 1996-200

192 / tcp

819727972 | 2025-03-17T02:56:11.882754

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

195 / tcp

669849225 | 2025-03-14T02:09:56.865421

SSH-98.60-SysaxSSH_81885..42\r\n

234 / tcp

1381121983 | 2025-03-15T00:25:45.364549

Notify\r\n

389 / tcp

-1907080992 | 2025-03-16T17:11:15.357306

0\x0c\\x02\\x01\\x01a\\x07\n\\x01\\x00\\x04\\x00\\x04\\x00

443 / tcp

-348384753 | 2025-03-31T13:00:38.775892

Hashes

hash

-1083147712

http.dom_hash

1799269922

http.html_hash

-348384753

http.server_hash

-498774968

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Mon, 31 Mar 2025 13:00:38 GMT
Content-Type: application/xml
Content-Length: 345
Connection: keep-alive
x-oss-request-id: 67EA91F68A5A1434394173F6
x-oss-server-time: 0
x-oss-ec: 0003-00001201

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:14:da:36:53:09:8b:0e:94:cd:6d:ee
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 OV TLS CA 2024
        Validity
            Not Before: Jan  3 03:21:02 2025 GMT
            Not After : Feb  4 03:21:01 2026 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.oss-cn-shenzhen.aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b0:c7:54:83:40:8e:09:77:61:48:ac:c9:ca:24:
                    6b:a5:f6:40:76:6a:c2:5e:38:f5:c3:d9:fa:b8:28:
                    2b:0e:8e:1d:d8:e3:c2:c3:e4:cc:bb:ce:ed:dc:88:
                    cf:31:05:22:ef:ae:26:bf:a2:15:1f:dd:cb:1f:46:
                    8f:4e:bc:41:5f:58:65:97:ad:8e:07:54:c3:f7:d8:
                    23:9e:3e:8e:a6:1b:36:86:e3:0d:f0:6f:fc:1e:a0:
                    c7:33:e3:2c:13:02:a1:12:10:d2:a8:8a:a2:ce:8e:
                    73:8c:83:e5:c5:51:c4:63:bf:57:a3:ff:37:4c:db:
                    bc:44:d9:91:cc:ee:88:9e:83:74:91:30:a2:d6:c7:
                    2b:ad:1b:68:de:63:a1:e6:13:b9:e4:2e:9c:64:18:
                    0e:b6:20:81:7b:00:14:c1:46:80:31:a4:cb:10:5d:
                    38:a2:6c:d7:77:09:8f:12:d1:6e:47:69:a1:79:c6:
                    35:c7:90:0b:84:09:ec:33:26:6c:56:98:fb:2d:38:
                    e4:a6:8a:98:1a:d5:f9:ac:d2:40:58:44:5d:a2:cb:
                    c1:34:98:c7:31:9a:78:f8:1e:98:26:4a:42:ef:78:
                    c8:27:b5:57:c3:c2:c4:f7:9a:dc:e0:66:75:56:0e:
                    02:c4:88:e5:16:e6:25:db:bf:24:26:b9:96:8c:07:
                    e2:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr3ovtlsca2024.crt
                OCSP - URI:http://ocsp.globalsign.com/gsgccr3ovtlsca2024
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                Policy: 1.3.6.1.4.1.4146.10.1.2
                  CPS: https://www.globalsign.com/repository/
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsgccr3ovtlsca2024.crl
            X509v3 Subject Alternative Name: 
                DNS:*.oss-cn-shenzhen.aliyuncs.com, DNS:*.oss-cn-shenzhen-finance-1.aliyuncs.com, DNS:*.oss-cn-shenzhen-internal.aliyuncs.com, DNS:*.img-cn-shenzhen-internal.aliyuncs.com, DNS:*.oss-cn-shenzhen-internal-cross.aliyuncs.com, DNS:*.oss-cn-szfinance.aliyuncs.com, DNS:*.oss-cn-shenzhen-diku-internal.aliyuncs.com, DNS:*.oss-cn-shenzhen-finance-1-internal.aliyuncs.com, DNS:*.cn-heyuan.oss.aliyuncs.com, DNS:*.oss-cn-shenzhen-cross.aliyuncs.com, DNS:*.oss-enet-cn-south.aliyuncs.com, DNS:*.oss-internal.aliyuncs.com, DNS:*.oss-cn-guangzhou.aliyuncs.com, DNS:*.oss-cn-guangzhou-cross.aliyuncs.com, DNS:*.oss-accelerate.aliyuncs.com, DNS:*.oss-cn-heyuan-internal.aliyuncs.com, DNS:*.oss-accelerate-overseas.aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.oss.aliyuncs.com, DNS:*.oss-cn-heyuan-cross.aliyuncs.com, DNS:*.img-cn-shenzhen.aliyuncs.com, DNS:*.oss-enet.aliyuncs.com, DNS:*.oss-cn-szfinance-internal.aliyuncs.com, DNS:*.vpc100-oss-cn-shenzhen.aliyuncs.com, DNS:*.cn-shenzhen.oss.aliyuncs.com, DNS:*.oss-cn-heyuan.aliyuncs.com, DNS:*.oss-cn-guangzhou-internal.aliyuncs.com, DNS:*.cn-guangzhou.oss.aliyuncs.com, DNS:*.cn-shenzhen-finance.oss.aliyuncs.com, DNS:*.cn-shenzhen-dualstack.oss.aliyuncs.com, DNS:*.cn-shenzhen-vpc.oss.aliyuncs.com, DNS:*.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-shenzhen.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-shenzhen-internal.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-heyuan.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-heyuan-internal.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-guangzhou.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-guangzhou-internal.oss-accesspoint.aliyuncs.com, DNS:*.cn-shenzhen.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-shenzhen.aliyuncs.com, DNS:*.s3.oss-cn-shenzhen-internal.aliyuncs.com, DNS:*.cn-shenzhen.mgw.aliyuncs.com, DNS:*.oss.cn-shenzhen.privatelink.aliyuncs.com, DNS:*.oss-cn-shenzhen.oss-object-process.aliyuncs.com, DNS:*.oss-cn-shenzhen-internal.oss-object-process.aliyuncs.com, DNS:*.oss-vpc.aliyuncs.com, DNS:*.cn-shenzhen.oss-vpc.aliyuncs.com, DNS:oss-cn-shenzhen.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                DA:D3:A8:08:48:0C:34:37:58:EE:E5:A7:75:2E:59:FC:D6:DC:3C:38
            X509v3 Subject Key Identifier: 
                6F:0A:05:0F:AD:E0:67:D5:94:20:25:0A:B9:A1:6C:32:00:B2:CD:87
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 64:11:C4:6C:A4:12:EC:A7:89:1C:A2:02:2E:00:BC:AB:
                                4F:28:07:D4:1E:35:27:AB:EA:FE:D5:03:C9:7D:CD:F0
                    Timestamp : Jan  3 03:21:04.713 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D6:1F:CC:D3:A4:9D:5F:9F:32:F0:74:
                                5F:B8:85:EF:D7:C9:B4:59:58:74:B2:B0:4A:06:A1:1E:
                                8B:A5:22:34:B9:02:21:00:B3:B1:61:82:15:32:FA:81:
                                22:82:AA:E0:3A:55:16:20:15:DE:B3:1B:94:7B:03:AE:
                                27:37:66:28:7C:4F:D2:82
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 0E:57:94:BC:F3:AE:A9:3E:33:1B:2C:99:07:B3:F7:90:
                                DF:9B:C2:3D:71:32:25:DD:21:A9:25:AC:61:C5:4E:21
                    Timestamp : Jan  3 03:21:05.062 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:35:96:5D:CD:F7:99:BA:18:39:06:9E:79:
                                69:44:44:96:FB:13:1A:9B:65:EC:FA:79:BA:AF:2D:51:
                                1E:1F:B3:E2:02:21:00:C7:A2:1C:30:C9:8A:51:6C:57:
                                6C:D4:B8:3B:84:E6:20:85:DA:FB:88:A6:38:F1:4C:5E:
                                34:69:AD:30:37:D4:AF
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 25:2F:94:C2:2B:29:E9:6E:9F:41:1A:72:07:2B:69:5C:
                                5B:52:FF:97:A9:0D:25:40:BB:FC:DC:51:EC:4D:EE:0B
                    Timestamp : Jan  3 03:21:04.792 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:4D:BB:E7:FF:BA:3B:0B:43:8F:9D:17:8C:
                                F4:3C:82:FA:F6:0F:8D:74:4C:EE:90:CA:F9:1F:36:CD:
                                1E:A7:1A:8F:02:20:4E:D0:A0:43:56:04:25:22:B3:24:
                                2E:60:EB:26:3C:8D:BD:42:15:F9:9C:FE:7E:74:EE:28:
                                E8:3F:CC:85:B4:B1
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        2b:f7:41:91:27:63:90:44:b9:92:f0:38:13:64:80:52:9b:fc:
        d7:23:bc:5b:b9:6b:05:a4:2d:4b:22:b9:c0:59:73:ca:5c:70:
        0e:97:6d:d5:00:d3:40:19:a1:39:81:a4:52:45:8e:8f:2b:32:
        cd:df:31:cf:6e:aa:a4:99:34:66:5a:43:b7:62:ed:7d:97:63:
        56:73:79:d5:c0:a2:df:e2:d2:73:22:90:93:7c:b8:d6:3f:ae:
        52:3e:b7:14:f4:e9:e3:2f:a0:ac:ba:db:cd:48:1e:8c:df:ef:
        25:d8:2c:3b:93:06:09:a6:13:25:45:27:68:e9:49:cc:03:27:
        48:0a:f5:ed:ed:e4:d1:3c:fa:ac:2f:6a:0d:ee:92:d4:b5:f2:
        31:8c:6b:61:88:81:e0:6f:89:f6:b9:1f:39:9e:00:6f:e2:d7:
        c2:e9:47:ec:12:4f:cf:ad:74:2c:5a:a0:ea:b6:39:b5:c3:70:
        fb:71:db:b0:f7:d3:b3:27:3f:14:5d:f2:3e:fe:46:97:f3:71:
        1f:2b:23:c9:35:1d:aa:61:4b:16:9e:1b:05:dd:21:b2:ae:30:
        05:aa:03:f6:75:ca:9e:a7:45:cc:77:ca:e7:09:3c:4b:e8:f8:
        fb:8e:fc:91:b3:59:9c:a7:9f:76:17:b7:25:05:d1:e3:15:f8:
        ce:8c:37:c6

465 / tcp

897328069 | 2025-03-16T11:25:52.389824

220 mail.scott000.com ESMTP

513 / tcp

1332894250 | 2025-03-11T18:34:46.273643

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

515 / tcp

-222277909 | 2025-03-16T12:03:13.493637

0@@

541 / tcp

268285291 | 2025-03-06T05:53:09.969883

\\x16\\x03\\x01\\x01[\\x01\\x00\\x01W\\x03\\x03\\x86\\x12J\\xac\\xf6e\\xda\\x19A\\xcb\\x18qz\\x90\\xb2\\x89\\xfa\\xa2\\x83\\xf8\\xda\\xfe\xcd\x8d\\x89P\\xe96\\x93@\xcc\xbf E{@\\x8c\\xde\\xbf\\xf84x\x0c\\xb3\x0b\\x91\\x12\\xbc\\xa6\\xe5\\x17\\xe4\\xba\\xe2q\\x92\\xc7\\xdb\\x01\\x129L\\xc6ey\\x002\\x13\\x02\\x13\\x03\\x13\\x01\\x

548 / tcp

1801869778 | 2025-03-13T14:40:16.367776

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: DS1019Plus\nMachine Type: \rNetatalk3.1.8\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: Cleartxt Passwrd\\x04,DHX2\t,DHCAST128\\x00\nServer Signature: 00000000008002000180030002800280

636 / tcp

826560219 | 2025-03-07T02:35:12.896754

HTTP/1.1 400 Bad Request
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 59-8951886-0 0NNN RT(1705909763732 169) q(-1 -1 -1 -1) r(0 -1) b1

646 / tcp

-1600864159 | 2025-03-17T06:09:42.818222

\\x00\\x01\\x00\\x1c\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\x00\\x12\\x00<\xce\x89\\x03\\x00\\x00\n\\x80\\x00\\x00\\x03\\x00\\x00\\x00\\x00\\x00\\x00

675 / tcp

819727972 | 2025-03-08T21:03:21.001622

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

789 / tcp

-1947777893 | 2025-03-10T05:07:04.455595

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

853 / tcp

-1327660293 | 2025-03-11T19:12:05.264675

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

873 / tcp

-1970692834 | 2025-03-16T22:38:01.874310

@RSYNCD: 31.0\n@RSYNCD: EXIT\n

990 / tcp

1583167286 | 2025-03-13T02:56:46.393040

\\x01remshd: Kerberos Authentication not enabled.\n

992 / tcp

-936692830 | 2025-03-13T00:45:21.256739

HTTP/1.1 202 OK
Connection: Keep-Alive
Content-Type: text/html
Keep-Alive: timeout=15; max=19

993 / tcp

-1329831334 | 2025-03-16T21:44:24.949687

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

1023 / tcp

1231376952 | 2025-03-16T21:02:54.624089

1027 / tcp

-1297953727 | 2025-03-05T15:42:47.750199

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

1028 / tcp

819727972 | 2025-03-12T10:14:06.608541

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1080 / tcp

1362344524 | 2025-03-16T20:19:34.223369

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7

1099 / tcp

-1435414831 | 2025-03-09T15:04:57.276414

roku: ready\r\n

1177 / tcp

-971970408 | 2025-03-14T00:06:19.298578

1180 / tcp

639175818 | 2025-03-10T23:34:50.019995

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

1200 / tcp

819727972 | 2025-03-14T01:10:43.504312

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1234 / tcp

819727972 | 2025-03-12T22:52:36.657684

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1337 / tcp

-1999117212 | 2025-03-14T21:00:15.509036

1343 / tcp

-1839934832 | 2025-03-16T05:36:30.952331

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

1433 / tcp

-1781810481 | 2025-03-06T13:13:27.018903

MSSQL Server\nVersion: 150998979 (0x9000fc3)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: PULI\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: PULI\nNetBIOS_Computer_Name: CIXIAO\nDNS_Domain_Name: puli.gov.tw\nDNS_Computer_Name: cixiao.puli.gov.tw\nMsvAvDnsTreeName: puli.gov.tw\nSystem_Time: 2024-01-22 05:04:23 +0000 UTC\n\n

1450 / tcp

-1399940268 | 2025-03-06T13:48:04.047308

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1515 / tcp

957278843 | 2025-03-08T20:58:28.131694

[|ox

1521 / tcp

1975288991 | 2025-03-15T18:37:53.456751

OPTI

1554 / tcp

819727972 | 2025-03-04T09:29:46.616071

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1599 / tcp

-454087041 | 2025-03-15T19:16:43.187366

\x1e\xc3\x80\x010\x02\x00\xc2\xa8\xc3\xa3\x00\x00\x00\x00

1604 / tcp

-1839934832 | 2025-03-16T05:43:43.692939

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

1800 / tcp

1308377066 | 2025-03-16T04:41:52.920985

ncacn_http/1.0

1801 / tcp

1266492139 | 2025-03-15T02:59:58.316668

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074q\\xc0\\x86\xd9\xb0\\xc1hG\\xbf\\xbd\\x9f\\x89tx%\\x8892d3\\x10\\x03\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

1958 / tcp

819727972 | 2025-03-08T18:40:40.869216

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1971 / tcp

-42767839 | 2025-03-07T16:04:14.191898

RFB 005.000

VNC:
  Protocol Version: 5.0

1972 / tcp

1761482307 | 2025-03-10T10:03:18.397673

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

1973 / tcp

671605376 | 2025-03-15T17:10:17.975512

SSH-2.0-OpenSSH_X.X

1975 / tcp

819727972 | 2025-03-13T20:51:32.189635

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1976 / tcp

-1839934832 | 2025-03-15T02:21:47.444069

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

1979 / tcp

-1538260461 | 2025-03-05T07:45:52.649820

\x01\x00\x00\x00

1989 / tcp

-1730858130 | 2025-03-14T11:06:40.708226

RFB 003.008
VNC:
  Protocol Version: 3.8

2000 / tcp

1911457608 | 2025-03-08T21:06:55.232293

\x00[\x00\x00\x00\x00\x00\x00

2002 / tcp

540463538 | 2025-03-15T13:12:33.871617

@
03d

2003 / tcp

-457235091 | 2025-03-15T12:31:43.954068

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

2008 / tcp

2084412416 | 2025-03-11T23:40:58.204123

yÐÿÿsLINSÓ

2049 / tcp

819727972 | 2025-03-12T01:33:05.585277

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

2054 / tcp

921225407 | 2025-03-04T01:33:24.381495

\x00\x00\x00\x04\x00\x00\x00\x00\x00

2055 / tcp

-1399940268 | 2025-03-13T17:01:38.165283

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2064 / tcp

-2046514463 | 2025-03-09T12:15:48.004254

AB\x01\t

2079 / tcp

-992671574 | 2025-03-09T22:07:40.392151

@RSYNCD: 26

2107 / tcp

-146605374 | 2025-03-06T14:35:14.795459

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

2121 / tcp

-2107996212 | 2025-03-10T07:54:30.481473

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

2154 / tcp

-1839934832 | 2025-03-11T12:20:52.391043

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

2271 / tcp

-1888448627 | 2025-03-16T01:08:46.241242

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

2323 / tcp

958068551 | 2025-03-15T11:25:10.227976

\r\r\n(none) login: \n\nTELNET Negotiation:\nwill: Echo, Suppress Go Ahead\ndo: Echo, Negotiate About Window Size\n

2376 / tcp

-971970408 | 2025-03-05T08:04:45.593018

2404 / tcp

321971019 | 2025-03-16T10:23:36.667225

-ERR client ip is not in whitelist\r

2455 / tcp

-1990350878 | 2025-03-14T19:17:18.069190

 
04 \...

2554 / tcp

1975288991 | 2025-03-15T10:41:21.790153

OPTI

2556 / tcp

1911457608 | 2025-03-15T19:25:49.611580

\x00[\x00\x00\x00\x00\x00\x00

2567 / tcp

-1899074860 | 2025-03-09T18:56:05.934163

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

2599 / tcp

-653033013 | 2025-03-14T19:08:26.470025

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

2761 / tcp

-1399940268 | 2025-03-04T04:29:48.078206

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3017 / tcp

587250289 | 2025-03-05T21:23:46.417416

HTTP/1.1 400 Bad Request
Server: nginx/1.18.11011 (Ubuntu)
Content-Type: text/plain; charset=utf-8
Connection: close

3054 / tcp

-1399940268 | 2025-03-10T20:34:41.987168

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3073 / tcp

-2089734047 | 2025-03-07T18:19:11.142751

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3089 / tcp

1989907056 | 2025-03-09T16:21:13.911437

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

3101 / tcp

-616720387 | 2025-03-14T03:41:21.418304

SSH-2.0-SSHD_0.7.6

3114 / tcp

-1795027372 | 2025-03-12T10:31:46.441482

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

3118 / tcp

-1399940268 | 2025-03-06T07:33:13.187437

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3142 / tcp

-1399940268 | 2025-03-06T20:13:37.755035

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3149 / tcp

-1327660293 | 2025-03-10T02:23:23.705181

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

3153 / tcp

-249504111 | 2025-03-11T07:13:14.615372

\x00[xU-\x7f\x00\x00

3159 / tcp

-445721795 | 2025-03-06T11:47:17.503023

\x00[\xc3\xaed\x1a\x7f\x00\x00

3176 / tcp

819727972 | 2025-03-04T15:43:04.666765

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

3186 / tcp

819727972 | 2025-03-04T04:46:50.585494

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

3256 / tcp

-1626979812 | 2025-03-14T17:29:33.917558

220 Service ready for new user.

3260 / tcp

-1914158197 | 2025-03-11T07:11:46.720950

HTTP/1.1 500 Internal Server Error
Server: nginx/1.18.11011 (Ubuntu)
Content-Type: text/plain; charset=utf-8
Connection: close

3269 / tcp

1911457608 | 2025-03-05T12:44:33.584285

\x00[\x00\x00\x00\x00\x00\x00

3299 / tcp

-407828767 | 2025-03-16T13:30:31.734815

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

3301 / tcp

1189133115 | 2025-03-13T08:28:01.227779

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

3306 / tcp

292351399 | 2025-03-05T05:02:20.419420

Mysql Version: 5.5.24-log \r\nN\\x00\\x00\\x00\n5.5.24-log\\x00\\x87\\x00\\x00\\x00uF>E}hpx\\x00\\xff\\xf7!\\x02\\x00\\x0f\\x80\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00-rx$GyO\\aT]Z\\x00mysql_native_password\\x00

3341 / tcp

-1730858130 | 2025-03-14T06:16:15.065598

RFB 003.008
VNC:
  Protocol Version: 3.8

3345 / tcp

-2089734047 | 2025-03-17T18:15:36.975583

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3388 / tcp

819727972 | 2025-03-10T06:47:41.268953

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

3407 / tcp

-1795027372 | 2025-03-11T03:46:47.282246

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

3408 / tcp

1911457608 | 2025-03-17T12:48:29.900608

\x00[\x00\x00\x00\x00\x00\x00

3524 / tcp

-1013082686 | 2025-03-06T17:43:06.516160

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

3531 / tcp

-1297953727 | 2025-03-12T16:24:58.001588

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

3542 / tcp

0 | 2025-03-14T11:46:47.336423

Hashes

hash

-119996482

http.dom_hash

http.html_hash

HTTP/1.1 408 Request Timeout
Content-Length: 0

3569 / tcp

-1598265216 | 2025-03-09T20:44:10.417176

@RSYNCD: 31.0

3580 / tcp

-1227409554 | 2025-03-12T21:19:07.974041

HTTP/1.1 500 Internal Server Error
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

4000 / tcp

-1960639992 | 2025-03-06T10:30:45.325106

HTTP/1.1 401 Unauthorized

4002 / tcp

117101543 | 2025-03-09T05:33:56.471669

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

4120 / tcp

-1399940268 | 2025-03-05T14:13:50.323600

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4157 / tcp

474736340 | 2025-03-12T02:53:08.387570

431 Unable to negotiate secure command connection.

4242 / tcp

302222687 | 2025-03-08T17:42:42.957908

HTTP/1.1 301 Moved Permanently
Server: Apache/2.4.41 (Unix) OpenSSL/1.1.1d TST PHP/7.3.11
Content-Type: text/plain; charset=utf-8
Connection: close

4250 / tcp

-1399940268 | 2025-03-07T16:01:16.935855

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4282 / tcp

1880683805 | 2025-03-05T10:19:19.633179

ÿ

4369 / tcp

-1327660293 | 2025-03-13T00:00:03.217006

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

4400 / tcp

-1779118422 | 2025-03-14T00:28:02.920759

\x00[\xc2\xae\xc2\x8d{\x7f\x00\x00

4434 / tcp

1690634669 | 2025-03-17T19:21:32.721143

4443 / tcp

751161953 | 2025-03-14T03:23:17.411798

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
Deny-Reason: hotload rechange server uri format error!!
Request-Id: 65ae295529c967ad650ec3304d944abd

4459 / tcp

-1399940268 | 2025-03-09T12:07:49.832710

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4500 / tcp

897328069 | 2025-03-12T22:34:35.346078

220 mail.scott000.com ESMTP

4502 / tcp

-1399940268 | 2025-03-14T08:48:13.043202

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4505 / tcp

-1399940268 | 2025-03-09T22:38:32.063739

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4510 / tcp

-2089734047 | 2025-03-14T11:50:33.730168

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

4602 / tcp

-1399940268 | 2025-03-14T22:44:41.362047

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4646 / tcp

921225407 | 2025-03-12T21:33:01.312026

\x00\x00\x00\x04\x00\x00\x00\x00\x00

4734 / tcp

-1626979812 | 2025-03-15T03:53:46.417093

220 Service ready for new user.

4899 / tcp

2087396567 | 2025-03-16T01:54:21.291552

kjnkjabhbanc283ubcsbhdc72

4911 / tcp

-1399940268 | 2025-03-14T03:03:10.569279

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4949 / tcp

-1729629024 | 2025-03-09T06:03:05.471674

101 imqbroker =unV

4993 / tcp

-1835475271 | 2025-03-12T11:57:47.475247

200 NOD32SS 99 (3318497116)\r\n

5003 / tcp

1911457608 | 2025-03-12T08:36:11.779059

\x00[\x00\x00\x00\x00\x00\x00

5006 / tcp

-358801646 | 2025-03-05T07:39:44.155368

SSH-2.0-OpenSSH_6.6.1

5007 / tcp

1767345577 | 2025-03-11T11:35:03.587336

Hello, this is Quagga (version 0T).
Copyright 1996-200

5010 / tcp

-1327660293 | 2025-03-10T04:38:18.775453

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

5022 / tcp

-358801646 | 2025-03-05T23:37:22.135242

SSH-2.0-OpenSSH_6.6.1

5051 / tcp

1911457608 | 2025-03-12T18:02:30.220714

\x00[\x00\x00\x00\x00\x00\x00

5070 / tcp

-1947777893 | 2025-03-15T01:50:53.014823

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

5105 / tcp

-1399940268 | 2025-03-17T22:11:51.079735

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5180 / tcp

-1648456501 | 2025-03-10T12:03:00.479917

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

5201 / tcp

1642597142 | 2025-03-12T01:02:17.478153

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

5224 / tcp

-1888448627 | 2025-03-09T09:16:42.976818

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

5228 / tcp

-2089734047 | 2025-03-17T21:33:43.011511

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

5249 / tcp

632542934 | 2025-03-13T17:20:33.542479

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

5251 / tcp

-441419608 | 2025-03-12T23:34:12.837302

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

5256 / tcp

1911457608 | 2025-03-10T22:58:07.879350

\x00[\x00\x00\x00\x00\x00\x00

5266 / tcp

321971019 | 2025-03-04T07:50:37.521976

-ERR client ip is not in whitelist\r

5267 / tcp

-616720387 | 2025-03-15T21:05:08.912112

SSH-2.0-SSHD_0.7.6

5433 / tcp

1632932802 | 2025-03-09T20:56:53.974949

5435 / tcp

745343730 | 2025-03-16T23:50:27.822038

220 smtp.qq.com Esmtp QQ Mail Server

5444 / tcp

819727972 | 2025-03-16T23:01:01.586401

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

5446 / tcp

-1399940268 | 2025-03-07T11:25:15.794959

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5542 / tcp

1426971893 | 2025-03-06T22:05:37.344553

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

5544 / tcp

1518789944 | 2025-03-11T11:16:17.966199

HTTP/1.0 200 OK
Connection: close
Expires: Sun, Nov 12 2023 10:00:52 GMT
Cache-Control: no-store
Pragma: no-cache
Content-Type: application/x-rtsp-tunnelled

5556 / tcp

-1399940268 | 2025-03-10T23:51:17.464081

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5593 / tcp

-454087041 | 2025-03-04T21:23:56.547461

\x1e\xc3\x80\x010\x02\x00\xc2\xa8\xc3\xa3\x00\x00\x00\x00

5603 / tcp

-146605374 | 2025-03-15T07:01:49.795444

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

5613 / tcp

671605376 | 2025-03-09T10:39:27.467955

SSH-2.0-OpenSSH_X.X

5614 / tcp

-1399940268 | 2025-03-17T10:17:16.339474

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5640 / tcp

-2096652808 | 2025-03-09T15:24:53.318183

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

5650 / tcp

-1888448627 | 2025-03-13T21:46:14.485747

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

5672 / tcp

575925250 | 2025-03-17T13:21:03.895538

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

5913 / tcp

1353260875 | 2025-03-06T07:58:58.870404

\x00[g\xc2\x95N\x7f\x00\x00

5916 / tcp

408230060 | 2025-03-16T21:18:53.203195

\r\nSorry, that nickname format is invalid.\r\n

5917 / tcp

-1947777893 | 2025-03-15T15:48:57.037733

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

5984 / tcp

1999272906 | 2025-03-03T18:37:01.083007

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

5986 / tcp

1690634669 | 2025-03-16T22:25:19.351710

5997 / tcp

1212285915 | 2025-03-15T00:23:52.532505

\x00K\x00\x00\x02\x00\x00\x00%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

6000 / tcp

996960436 | 2025-03-17T14:20:02.016287

572 Relay not authorized

6002 / tcp

-1013082686 | 2025-03-14T11:38:06.288258

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

6020 / tcp

1363464823 | 2025-03-12T21:13:33.196113

\x00[|ox\x7f\x00\x00

6021 / tcp

1189133115 | 2025-03-14T05:36:27.601538

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

6264 / tcp

-904840257 | 2025-03-16T18:12:39.857585

572 Relay not authorized\r\n

6379 / tcp

321971019 | 2025-03-12T21:44:35.534142

-ERR client ip is not in whitelist\r

6443 / tcp

2087396567 | 2025-03-10T06:43:40.670590

kjnkjabhbanc283ubcsbhdc72

6550 / tcp

-2089734047 | 2025-03-15T06:42:48.184962

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

6633 / tcp

657364692 | 2025-03-15T15:26:21.423695

OpenFlow:
  Version: 1.0

6661 / tcp

-1839934832 | 2025-03-08T18:29:06.612739

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

6668 / tcp

-805362002 | 2025-03-06T04:28:45.601721

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

6697 / tcp

1332894250 | 2025-03-14T23:05:05.054673

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

7001 / tcp

1220127183 | 2025-03-07T15:25:17.340506

HTTP/1.1 400 Bad Request
Connection: keep-alive
Connection: close
X-Via-JSL: 6958812,-
X-Cache: error

7005 / tcp

-2089734047 | 2025-03-14T10:27:40.036089

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

7011 / tcp

1161309183 | 2025-03-08T21:23:44.088216

ProxyServer is ready

7016 / tcp

-2107996212 | 2025-03-14T01:53:53.247051

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

7071 / tcp

707919486 | 2025-03-16T09:27:21.473829

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

7085 / tcp

575925250 | 2025-03-11T19:55:22.288401

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

7403 / tcp

-1713437100 | 2025-03-13T09:07:34.448430

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

7415 / tcp

-1399940268 | 2025-03-09T12:51:04.067020

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7434 / tcp

-1529979118 | 2025-03-06T20:26:22.036522

inv2W

7443 / tcp

1320285193 | 2025-03-14T16:03:43.437804

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

7444 / tcp

-2017887953 | 2025-03-17T04:44:14.405478

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

7634 / tcp

641705735 | 2025-03-13T03:59:48.607261



0
dø...

7676 / tcp

-339084706 | 2025-03-12T22:30:19.229153

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

7801 / tcp

-1399940268 | 2025-03-16T19:09:11.784325

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8000 / tcp

-1204391172 | 2025-03-16T04:49:08.449370

JDWP-Handshake

8001 / tcp

2103111368 | 2025-03-16T17:30:12.319986

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8009 / tcp

921225407 | 2025-03-16T20:54:25.608094

\x00\x00\x00\x04\x00\x00\x00\x00\x00

8012 / tcp

1830187220 | 2025-03-10T00:38:59.632757

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

8015 / tcp

119860953 | 2025-03-14T12:55:49.371075

* OK ArGoSoft Mail Server IMAP Module v.YW at

8034 / tcp

45131230 | 2025-03-11T23:34:41.525899

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

8035 / tcp

819727972 | 2025-03-09T18:41:33.300818

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8051 / tcp

-1045760528 | 2025-03-09T11:39:31.173886

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

8066 / tcp

-2089734047 | 2025-03-14T22:27:30.993911

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8074 / tcp

-1746074029 | 2025-03-12T18:05:30.779692

101 imqbroker =unV\r\n

8083 / tcp

-1839934832 | 2025-03-14T11:06:04.334703

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8085 / tcp

1161309183 | 2025-03-05T22:44:17.257606

ProxyServer is ready

8087 / tcp

-303199180 | 2025-03-14T07:11:39.870901

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

8089 / tcp

-358801646 | 2025-03-04T02:06:25.106621

SSH-2.0-OpenSSH_6.6.1

8104 / tcp

-1399940268 | 2025-03-04T12:54:18.491690

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8105 / tcp

921225407 | 2025-03-13T09:24:42.971251

\x00\x00\x00\x04\x00\x00\x00\x00\x00

8117 / tcp

-2096652808 | 2025-03-13T19:15:22.283780

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8126 / tcp

819727972 | 2025-03-09T15:22:57.919991

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8132 / tcp

307999478 | 2025-03-12T00:28:27.653512

unknown command \r\nunknown command \r\n

8139 / tcp

597764502 | 2025-03-14T22:08:50.812130

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

8164 / tcp

-2046514463 | 2025-03-07T07:44:24.867187

AB\x01\t

8196 / tcp

-1810987450 | 2025-03-17T10:32:31.038767

\xc3\xbf

8280 / tcp

-2031152423 | 2025-03-11T20:33:17.449590

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

8393 / tcp

-1032713145 | 2025-03-11T22:27:35.557774

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

8415 / tcp

1911457608 | 2025-03-15T20:05:58.757507

\x00[\x00\x00\x00\x00\x00\x00

8421 / tcp

-653033013 | 2025-03-17T04:02:14.827601

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

8432 / tcp

1332894250 | 2025-03-13T03:24:19.051268

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

8451 / tcp

1911457608 | 2025-03-10T11:44:38.850909

\x00[\x00\x00\x00\x00\x00\x00

8459 / tcp

1574088840 | 2025-03-12T00:32:44.979021

">Application and Content Networking Software 3.9</a>)\n</BODY><

8465 / tcp

307999478 | 2025-03-16T02:02:49.490605

unknown command \r\nunknown command \r\n

8475 / tcp

165188539 | 2025-03-05T19:54:22.749153

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8481 / tcp

-2089734047 | 2025-03-17T23:24:53.929215

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8494 / tcp

-1888448627 | 2025-03-07T02:11:36.963383

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8501 / tcp

599074451 | 2025-03-11T03:45:44.153419

msg

8519 / tcp

321971019 | 2025-03-04T10:25:50.169556

-ERR client ip is not in whitelist\r

8531 / tcp

321971019 | 2025-03-13T17:16:33.638076

-ERR client ip is not in whitelist\r

8564 / tcp

1911457608 | 2025-03-06T02:24:58.046919

\x00[\x00\x00\x00\x00\x00\x00

8566 / tcp

1911457608 | 2025-03-16T15:35:57.538191

\x00[\x00\x00\x00\x00\x00\x00

8567 / tcp

1426971893 | 2025-03-17T01:54:17.251908

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

8576 / tcp

50497985 | 2025-03-04T07:30:28.464247

\x00[\xc3\x88\xc3\x9dS\x7f\x00\x00

8584 / tcp

-1019343788 | 2025-03-05T03:39:42.993045

W!\x00\x00\x00\x00

8605 / tcp

51259122 | 2025-03-15T19:38:32.543839

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

8649 / tcp

2098371729 | 2025-03-10T15:52:20.173519

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

8666 / tcp

-1730858130 | 2025-03-11T00:24:38.892697

RFB 003.008
VNC:
  Protocol Version: 3.8

8702 / tcp

1623746877 | 2025-03-12T15:00:13.684796

500 Permission denied - closing connection.\r\n

8703 / tcp

-1399940268 | 2025-03-05T16:06:35.266070

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8791 / tcp

-1399940268 | 2025-03-16T11:59:31.172805

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8806 / tcp

-1105333987 | 2025-03-15T22:53:53.069023

\x00[KpU\x7f\x00\x00

8807 / tcp

45131230 | 2025-03-10T09:43:49.632768

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

8828 / tcp

-1399940268 | 2025-03-12T09:05:43.304272

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8838 / tcp

1308377066 | 2025-03-06T01:04:36.650740

ncacn_http/1.0

8839 / tcp

366084633 | 2025-03-15T07:25:56.863120

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

8852 / tcp

-2089734047 | 2025-03-13T16:50:14.379521

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8860 / tcp

-1297953727 | 2025-03-12T00:17:50.843857

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

8865 / tcp

455076604 | 2025-03-12T18:12:43.491229

!\x07version\x04bind7 t{RPowerDNS Recursor 410

8866 / tcp

-2089734047 | 2025-03-04T16:54:14.582796

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8868 / tcp

-180163620 | 2025-03-09T19:45:37.481477

NPC Telnet permit one connection.\r\n But One connection() already keep alive.\r\nGood Bye !! \r\n

8870 / tcp

408230060 | 2025-03-14T02:40:08.356484

\r\nSorry, that nickname format is invalid.\r\n

8873 / tcp

-1153858743 | 2025-03-09T10:36:31.071461

@RSYNCD: 31.0\n

8877 / tcp

-1538260461 | 2025-03-10T16:20:06.061136

\x01\x00\x00\x00

8889 / tcp

-971970408 | 2025-03-13T21:56:10.677292

8899 / tcp

372433470 | 2025-03-15T16:11:52.115913

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

8912 / tcp

-2089734047 | 2025-03-16T01:15:23.758318

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8988 / tcp

1492413928 | 2025-03-05T06:01:30.377816

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

9000 / tcp

-2067028711 | 2025-03-06T18:23:32.646265

\x15\x03\x01\x00\x02\x02F

9006 / tcp

-1399940268 | 2025-03-12T18:28:50.419345

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9012 / tcp

1911457608 | 2025-03-12T01:58:37.417596

\x00[\x00\x00\x00\x00\x00\x00

9024 / tcp

-792826324 | 2025-03-17T06:15:15.897200

220 FTP server ready - login please

9035 / tcp

1830697416 | 2025-03-15T08:48:36.901968

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

9037 / tcp

-1888448627 | 2025-03-09T12:55:27.959861

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9041 / tcp

-1013082686 | 2025-03-09T19:49:12.464446

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

9042 / tcp

599074451 | 2025-03-15T19:37:38.135804

msg

9055 / tcp

-792826324 | 2025-03-16T04:08:54.386523

220 FTP server ready - login please

9065 / tcp

-2140303521 | 2025-03-08T19:28:04.947225

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

9075 / tcp

-1399940268 | 2025-03-12T01:10:18.372784

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9079 / tcp

1911457608 | 2025-03-05T20:44:40.774798

\x00[\x00\x00\x00\x00\x00\x00

9082 / tcp

-1399940268 | 2025-03-14T04:58:10.089028

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9091 / tcp

-971970408 | 2025-03-12T11:32:38.048804

9130 / tcp

-2107996212 | 2025-03-07T14:18:32.479543

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

9131 / tcp

580340387 | 2025-03-14T14:12:14.552023

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

9151 / tcp

1842524259 | 2025-03-11T05:57:47.881941

9176 / tcp

504717326 | 2025-03-17T13:06:40.197546

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 6 1

9183 / tcp

-2089734047 | 2025-03-12T01:50:10.762911

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9193 / tcp

-1399940268 | 2025-03-11T13:57:23.665903

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9203 / tcp

1189133115 | 2025-03-10T00:05:41.226039

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

9210 / tcp

819727972 | 2025-03-13T21:45:20.218971

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9333 / tcp

751496153 | 2025-03-15T22:45:17.489778

* OK TeamXchange IMAP4rev1 server (otyUg) ready.

9600 / tcp

-358801646 | 2025-03-04T20:38:46.472617

SSH-2.0-OpenSSH_6.6.1

9611 / tcp

1426971893 | 2025-03-08T16:40:28.519044

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

9761 / tcp

-1261090339 | 2025-03-16T22:56:14.854939

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

9930 / tcp

-1399940268 | 2025-03-05T23:52:16.692515

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9955 / tcp

-1399940268 | 2025-03-10T07:51:26.479835

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9977 / tcp

-358801646 | 2025-03-12T07:48:46.526662

SSH-2.0-OpenSSH_6.6.1

9998 / tcp

-1901729922 | 2025-03-17T09:28:37.453374

HTTP/1.1 404 
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Transfer-Encoding: chunked

9999 / tcp

1161309183 | 2025-03-12T10:33:40.045072

ProxyServer is ready

10001 / tcp

1492413928 | 2025-03-07T08:45:39.146928

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

10011 / tcp

2103111368 | 2025-03-10T15:20:18.269565

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

10015 / tcp

-1399940268 | 2025-03-13T01:58:39.524459

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10028 / tcp

921225407 | 2025-03-15T15:12:52.030741

\x00\x00\x00\x04\x00\x00\x00\x00\x00

10036 / tcp

-1032713145 | 2025-03-13T22:08:19.697203

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

10041 / tcp

819727972 | 2025-03-13T06:37:50.656034

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

10051 / tcp

-1032713145 | 2025-03-14T15:38:40.285848

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

10134 / tcp

-358801646 | 2025-03-16T02:06:20.426789

SSH-2.0-OpenSSH_6.6.1

10443 / tcp

1642597142 | 2025-03-11T04:19:05.000112

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

10444 / tcp

320677201 | 2025-03-12T13:44:24.386872

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

10554 / tcp

-971970408 | 2025-03-15T16:40:40.270790

10909 / tcp

410249975 | 2025-03-12T15:03:01.884248

LNS READY<>

10911 / tcp

-2089734047 | 2025-03-17T07:36:18.025954

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

10935 / tcp

-1399940268 | 2025-03-08T11:55:02.225649

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

11000 / tcp

1911457608 | 2025-03-17T06:23:04.001156

\x00[\x00\x00\x00\x00\x00\x00

11001 / tcp

-1261090339 | 2025-03-09T19:06:55.405698

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

11002 / tcp

-1435414831 | 2025-03-17T13:39:14.297892

roku: ready\r\n

11112 / tcp

1911457608 | 2025-03-12T21:30:42.787848

\x00[\x00\x00\x00\x00\x00\x00

11182 / tcp

-1839934832 | 2025-03-11T20:01:16.217824

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

11184 / tcp

-1839934832 | 2025-03-11T12:44:55.958693

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

11211 / tcp

-136006866 | 2025-03-17T09:49:04.326786

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

11288 / tcp

751496153 | 2025-03-14T07:36:34.613895

* OK TeamXchange IMAP4rev1 server (otyUg) ready.

11701 / tcp

2103111368 | 2025-03-16T11:19:20.696071

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

12088 / tcp

-1399940268 | 2025-03-10T16:42:13.836438

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12126 / tcp

-1399940268 | 2025-03-14T23:50:22.864775

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12133 / tcp

-980525298 | 2025-03-06T21:04:54.329698

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12139 / tcp

-1996280214 | 2025-03-10T06:35:33.085258

\x06\x04\x05@

12168 / tcp

-1648456501 | 2025-03-13T14:56:10.681722

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

12239 / tcp

1574088840 | 2025-03-14T04:03:36.042430

">Application and Content Networking Software 3.9</a>)\n</BODY><

12241 / tcp

-585940771 | 2025-03-04T19:44:20.803794

Unknown command\r\n

12268 / tcp

-1399940268 | 2025-03-16T17:28:49.768647

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12270 / tcp

-653033013 | 2025-03-16T00:43:23.517896

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

12287 / tcp

321971019 | 2025-03-15T10:25:34.251284

-ERR client ip is not in whitelist\r

12288 / tcp

1911457608 | 2025-03-04T20:32:25.759893

\x00[\x00\x00\x00\x00\x00\x00

12291 / tcp

1126993057 | 2025-03-07T01:09:54.711530

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

12296 / tcp

-2089734047 | 2025-03-16T02:05:30.823008

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12307 / tcp

1655023012 | 2025-03-06T19:13:43.540233

athinfod: invalid query.\n

12312 / tcp

-457235091 | 2025-03-09T23:25:35.939688

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

12321 / tcp

580340387 | 2025-03-13T01:44:23.880328

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

12345 / tcp

296364507 | 2025-03-11T22:35:04.297713

HTTP/1.1 500 Internal Server Error
SERVER: Trend Chip UPnP/1.0 DMS
CONNECTION: close
CONTENT-LENGTH: 60
CONTENT-TYPE: text/html

12352 / tcp

-2089734047 | 2025-03-06T03:05:11.046608

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12356 / tcp

819727972 | 2025-03-06T06:46:55.239488

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12359 / tcp

-1013082686 | 2025-03-16T02:27:38.275946

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

12366 / tcp

-2089734047 | 2025-03-05T03:22:47.813704

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12371 / tcp

-1626979812 | 2025-03-11T04:30:28.945738

220 Service ready for new user.

12407 / tcp

-1105333987 | 2025-03-09T18:23:43.691035

\x00[KpU\x7f\x00\x00

12414 / tcp

-358801646 | 2025-03-10T22:41:27.421087

SSH-2.0-OpenSSH_6.6.1

12427 / tcp

321971019 | 2025-03-06T18:18:54.139466

-ERR client ip is not in whitelist\r

12457 / tcp

1911457608 | 2025-03-14T13:13:49.510621

\x00[\x00\x00\x00\x00\x00\x00

12462 / tcp

669849225 | 2025-03-14T02:04:37.769304

SSH-98.60-SysaxSSH_81885..42\r\n

12468 / tcp

1911457608 | 2025-03-04T09:44:48.918036

\x00[\x00\x00\x00\x00\x00\x00

12482 / tcp

2103111368 | 2025-03-05T04:47:14.715418

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

12483 / tcp

-1795027372 | 2025-03-14T17:45:24.554498

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

12506 / tcp

819727972 | 2025-03-10T15:39:15.145963

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12516 / tcp

117101543 | 2025-03-14T19:07:55.743997

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

12518 / tcp

-345718689 | 2025-03-05T23:21:06.280638

Vty password is not set.

12522 / tcp

321971019 | 2025-03-16T01:57:36.814291

-ERR client ip is not in whitelist\r

12536 / tcp

-1105333987 | 2025-03-16T14:41:23.632665

\x00[KpU\x7f\x00\x00

12555 / tcp

-1428621233 | 2025-03-05T06:21:41.013518

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

12562 / tcp

921225407 | 2025-03-05T20:18:38.210618

\x00\x00\x00\x04\x00\x00\x00\x00\x00

12568 / tcp

398077695 | 2025-03-13T23:25:41.351124

12584 / tcp

-1099385124 | 2025-03-11T10:25:26.383363

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

12589 / tcp

1308377066 | 2025-03-12T19:10:05.737341

ncacn_http/1.0

12980 / tcp

-1399940268 | 2025-03-04T11:49:13.280626

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

13047 / tcp

-971970408 | 2025-03-12T01:13:14.018684

14182 / tcp

921225407 | 2025-03-15T08:24:12.825244

\x00\x00\x00\x04\x00\x00\x00\x00\x00

14265 / tcp

-1399940268 | 2025-03-12T14:45:28.486166

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14344 / tcp

1541211644 | 2025-03-15T07:08:53.986409

[\xc2\xba\x7fs\x7f

14880 / tcp

677934968 | 2025-03-04T14:35:18.091187

lm^)Q

14894 / tcp

1911457608 | 2025-03-05T00:20:28.995236

\x00[\x00\x00\x00\x00\x00\x00

14909 / tcp

-1538260461 | 2025-03-08T22:43:43.518126

\x01\x00\x00\x00

15443 / tcp

-1013082686 | 2025-03-11T11:52:11.365603

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

15504 / tcp

-1487943323 | 2025-03-05T19:02:41.628524

431 Unable to negotiate secure command connection.\r\n

15588 / tcp

1911457608 | 2025-03-11T10:21:46.844053

\x00[\x00\x00\x00\x00\x00\x00

15831 / tcp

971933601 | 2025-03-14T16:29:11.273536

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

16006 / tcp

-1105333987 | 2025-03-12T23:23:35.183714

\x00[KpU\x7f\x00\x00

16018 / tcp

-147424911 | 2025-03-17T23:27:49.617362

HTTP/1.1 404 Not Found
Content Length: 0

16023 / tcp

-1114821551 | 2025-03-15T03:25:25.425866

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

16028 / tcp

1332894250 | 2025-03-15T23:48:07.393869

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

16036 / tcp

410249975 | 2025-03-09T08:59:53.416425

LNS READY<>

16041 / tcp

1911457608 | 2025-03-10T19:30:53.767169

\x00[\x00\x00\x00\x00\x00\x00

16044 / tcp

1655023012 | 2025-03-17T12:12:38.919403

athinfod: invalid query.\n

16046 / tcp

-1189269828 | 2025-03-04T22:59:59.908168

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

16048 / tcp

-1399940268 | 2025-03-17T02:25:00.702849

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16054 / tcp

575925250 | 2025-03-12T22:55:54.687054

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

16061 / tcp

921225407 | 2025-03-05T20:02:54.738096

\x00\x00\x00\x04\x00\x00\x00\x00\x00

16065 / tcp

580340387 | 2025-03-15T12:29:50.534498

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

16075 / tcp

-1399940268 | 2025-03-08T14:27:53.889108

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16091 / tcp

165188539 | 2025-03-15T13:05:58.851103

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

16101 / tcp

-1399940268 | 2025-03-17T06:51:24.372148

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16316 / tcp

819727972 | 2025-03-10T18:27:10.436952

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

16601 / tcp

945910976 | 2025-03-03T22:34:40.671618

* OK TeamXchange IMAP4rev1 server (otyUg) ready.\r\n

17772 / tcp

-2031152423 | 2025-03-17T09:20:16.080278

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

17773 / tcp

1911457608 | 2025-03-14T12:12:54.946644

\x00[\x00\x00\x00\x00\x00\x00

18004 / tcp

-1399940268 | 2025-03-17T20:19:38.789654

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18010 / tcp

-1538260461 | 2025-03-17T22:18:08.680588

\x01\x00\x00\x00

18030 / tcp

-1114821551 | 2025-03-06T00:08:49.478091

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

18032 / tcp

-2096652808 | 2025-03-15T09:51:10.632460

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

18036 / tcp

-1839934832 | 2025-03-16T05:02:12.543393

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

18043 / tcp

-1114821551 | 2025-03-09T13:09:54.622725

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

18058 / tcp

-1261090339 | 2025-03-05T17:04:55.552195

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

18065 / tcp

-1888448627 | 2025-03-11T02:39:16.729098

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

18080 / tcp

2087396567 | 2025-03-17T15:49:18.232933

kjnkjabhbanc283ubcsbhdc72

18081 / tcp

2087396567 | 2025-03-17T07:21:35.602774

kjnkjabhbanc283ubcsbhdc72

18085 / tcp

580340387 | 2025-03-04T07:49:10.513773

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

18099 / tcp

-1810987450 | 2025-03-18T00:52:00.181879

\xc3\xbf

18101 / tcp

-1601079786 | 2025-03-13T16:19:25.846693

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65a113c3_PSfjfzdx2zb89_10840-46230

18105 / tcp

410249975 | 2025-03-13T02:50:00.915140

LNS READY<>

18106 / tcp

-1733106930 | 2025-03-11T19:35:09.784858

Mysql Version: 5.6.50-log\nN\n5.6.50-log\x14(\nG5se"tGE\xc3\xbf\xc3\xb7-\x02\x7f\xc2\x80\x15cB^3$Zwh$wM[mysql_native_password

18368 / tcp

-441419608 | 2025-03-09T09:45:21.636993

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

19071 / tcp

-2118655245 | 2025-03-06T12:31:21.698705

Hashes

hash

1015654041

http.dom_hash

-2006505642

http.html_hash

-2118655245

HTTP/1.0 500 Internal Server Error
Content-Length: 20

19100 / tcp

-1327660293 | 2025-03-14T08:18:00.043125

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

20082 / tcp

-2089734047 | 2025-03-04T15:30:19.406319

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

20106 / tcp

722711397 | 2025-03-11T16:32:14.211919

\x00[M\xc3\xba\xc3\x9a\x7f\x00\x00

20150 / tcp

745343730 | 2025-03-09T22:15:24.594337

220 smtp.qq.com Esmtp QQ Mail Server

20182 / tcp

740837454 | 2025-03-10T16:37:08.106214

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

20184 / tcp

-1399940268 | 2025-03-15T12:16:02.702309

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20202 / tcp

1911457608 | 2025-03-13T05:22:28.465217

\x00[\x00\x00\x00\x00\x00\x00

20256 / tcp

1996932384 | 2025-03-10T21:24:08.476190

"raop" nonce

20547 / tcp

-2089734047 | 2025-03-04T21:57:07.146405

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

20880 / tcp

1370263973 | 2025-03-12T15:49:37.796751

dubbo>

20900 / tcp

-2089734047 | 2025-03-10T01:18:53.736085

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

21025 / tcp

-746114901 | 2025-03-12T01:18:13.345337

[KpU

21261 / tcp

-249504111 | 2025-03-09T07:55:13.192587

\x00[xU-\x7f\x00\x00

21284 / tcp

1911457608 | 2025-03-16T04:13:21.517395

\x00[\x00\x00\x00\x00\x00\x00

21303 / tcp

-2096652808 | 2025-03-03T23:18:08.420117

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

21316 / tcp

1911457608 | 2025-03-17T18:07:59.536497

\x00[\x00\x00\x00\x00\x00\x00

21321 / tcp

-1810987450 | 2025-03-05T03:00:00.902855

\xc3\xbf

21379 / tcp

819727972 | 2025-03-09T21:50:30.970249

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

22403 / tcp

-1013082686 | 2025-03-13T21:52:13.560254

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

22556 / tcp

-1327660293 | 2025-03-14T00:57:40.996075

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

22705 / tcp

599074451 | 2025-03-15T22:11:16.699351

msg

23023 / tcp

1767345577 | 2025-03-04T07:47:35.672706

Hello, this is Quagga (version 0T).
Copyright 1996-200

23184 / tcp

-2089734047 | 2025-03-17T21:16:01.000983

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

24245 / tcp

1690634669 | 2025-03-14T13:56:01.884358

25001 / tcp

-1399940268 | 2025-03-12T13:39:46.307781

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

25002 / tcp

-438503381 | 2025-03-10T11:47:40.440538

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

25007 / tcp

1282941221 | 2025-03-12T09:27:00.622801

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

26656 / tcp

50497985 | 2025-03-13T06:06:04.372063

\x00[\xc3\x88\xc3\x9dS\x7f\x00\x00

26657 / tcp

1208318993 | 2025-03-12T02:14:09.804022

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

28015 / tcp

165188539 | 2025-03-06T10:28:45.785059

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

28080 / tcp

-297128567 | 2025-03-11T00:19:11.955579

\x04\x01\xc3\xb4\x00\x15Internal Server Error\x00\x00\x00AB\x00\x02\x05\x00

30002 / tcp

-154107716 | 2025-03-07T11:11:38.759149

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

30003 / tcp

1960438949 | 2025-03-17T17:53:02.996253

Siemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready
ÿûÿûÿýÿþUsername:

30004 / tcp

1363464823 | 2025-03-07T08:33:08.805204

\x00[|ox\x7f\x00\x00

30022 / tcp

819727972 | 2025-03-14T21:43:40.114376

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

30050 / tcp

-1810987450 | 2025-03-13T06:44:15.420333

\xc3\xbf

30106 / tcp

-1261090339 | 2025-03-03T20:20:02.108412

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

30222 / tcp

1741579575 | 2025-03-09T05:55:07.501315

30301 / tcp

-2096652808 | 2025-03-15T20:00:45.928717

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

30422 / tcp

1690634669 | 2025-03-13T11:33:48.766153

30473 / tcp

-2089734047 | 2025-03-17T20:20:24.111958

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

30622 / tcp

171352214 | 2025-03-12T10:45:03.048180

-ERR client ip is not in whitelist

30892 / tcp

-801484042 | 2025-03-16T18:53:22.837061

ERR 27

31022 / tcp

290819026 | 2025-03-13T07:57:48.927402

welcome to Pandora console!
----------------------------
-------------------------
|     Login Time     |     2021-12-08 1...

31122 / tcp

-2031152423 | 2025-03-09T12:22:14.315815

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

31222 / tcp

2087396567 | 2025-03-13T04:15:49.899339

kjnkjabhbanc283ubcsbhdc72

31322 / tcp

957278843 | 2025-03-09T16:05:53.044051

[|ox

31337 / tcp

756886313 | 2025-03-04T16:50:53.409798

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html

31380 / tcp

-1428621233 | 2025-03-14T15:26:46.466864

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

31422 / tcp

863754335 | 2025-03-13T02:44:55.590557

0a

31443 / tcp

2087396567 | 2025-03-12T17:44:11.134990

kjnkjabhbanc283ubcsbhdc72

31522 / tcp

660175493 | 2025-03-13T00:51:10.990866

31722 / tcp

1308377066 | 2025-03-12T21:19:15.793330

ncacn_http/1.0

31822 / tcp

291723434 | 2025-03-12T07:26:40.272426

Lantronix MSS100 Version V118/523(045538937)

Type HELP at the 'Local_61349> ' prompt for assistance.



Username>

32022 / tcp

-445721795 | 2025-03-12T04:50:06.616967

\x00[\xc3\xaed\x1a\x7f\x00\x00

32122 / tcp

2087396567 | 2025-03-09T20:51:40.142980

kjnkjabhbanc283ubcsbhdc72

32222 / tcp

-1189269828 | 2025-03-09T07:18:45.439691

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

32322 / tcp

597764502 | 2025-03-16T14:41:43.695317

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

32443 / tcp

-1399940268 | 2025-03-14T04:22:16.595550

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

32522 / tcp

1778988322 | 2025-03-08T16:40:35.213248

* OK GroupWise IMAP4rev1 Server Ready

32622 / tcp

2033888749 | 2025-03-11T19:18:12.275019

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

32722 / tcp

2067064333 | 2025-03-11T16:10:26.374960

athinfod: invalid query.

32764 / tcp

-971970408 | 2025-03-17T23:11:49.607479

33422 / tcp

2087396567 | 2025-03-09T08:59:08.185679

kjnkjabhbanc283ubcsbhdc72

33622 / tcp

819727972 | 2025-03-08T19:24:40.758217

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

33722 / tcp

819727972 | 2025-03-08T17:41:54.937522

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

34422 / tcp

-1013082686 | 2025-03-15T00:48:08.949227

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

34722 / tcp

660175493 | 2025-03-04T01:04:19.030534

35000 / tcp

-1261090339 | 2025-03-15T01:09:45.903130

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

35004 / tcp

820958131 | 2025-03-13T14:39:30.262165

kjnkjabhbanc283ubcsbhdc72\x02

35022 / tcp

1332894250 | 2025-03-04T01:34:14.326718

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

35322 / tcp

-297128567 | 2025-03-17T08:41:45.564700

\x04\x01\xc3\xb4\x00\x15Internal Server Error\x00\x00\x00AB\x00\x02\x05\x00

35522 / tcp

2087396567 | 2025-03-17T00:55:17.294857

kjnkjabhbanc283ubcsbhdc72

35560 / tcp

1911457608 | 2025-03-15T11:31:18.193438

\x00[\x00\x00\x00\x00\x00\x00

35622 / tcp

104385780 | 2025-03-04T12:16:38.822006

ceph v2

35822 / tcp

1741579575 | 2025-03-17T17:35:35.489435

35922 / tcp

660175493 | 2025-03-16T21:14:55.687700

36022 / tcp

-971970408 | 2025-03-17T21:01:47.225583

36122 / tcp

2087396567 | 2025-03-13T10:14:50.534148

kjnkjabhbanc283ubcsbhdc72

36222 / tcp

819727972 | 2025-03-17T19:20:43.660846

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

36322 / tcp

-321444299 | 2025-03-17T11:56:32.295316

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

36422 / tcp

-784071826 | 2025-03-15T08:21:46.707844

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

36501 / tcp

1077013874 | 2025-03-05T05:57:44.914617

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

36622 / tcp

539065883 | 2025-03-16T07:31:42.076623

36722 / tcp

290819026 | 2025-03-17T04:47:52.919478

welcome to Pandora console!
----------------------------
-------------------------
|     Login Time     |     2021-12-08 1...

37022 / tcp

-1611764932 | 2025-03-16T19:52:44.390896

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

37122 / tcp

1741579575 | 2025-03-17T01:25:22.526812

37222 / tcp

751496153 | 2025-03-14T21:02:23.658886

* OK TeamXchange IMAP4rev1 server (otyUg) ready.

37322 / tcp

-1136600457 | 2025-03-16T11:49:36.258814

HELO:10.3.6.0.false
AS:2048
HL:19

37522 / tcp

1261582754 | 2025-03-16T09:32:37.426432

unknown command 
unknown command

37622 / tcp

-2031152423 | 2025-03-16T01:52:57.941861

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

37922 / tcp

-905685638 | 2025-03-18T00:26:34.353377

bxz437

38022 / tcp

2087396567 | 2025-03-17T22:43:23.091208

kjnkjabhbanc283ubcsbhdc72

38222 / tcp

-971970408 | 2025-03-10T20:59:30.623111

38333 / tcp

-971970408 | 2025-03-15T20:58:25.961625

38622 / tcp

-1900404274 | 2025-03-14T08:39:01.166912

Unknown command

38722 / tcp

-321444299 | 2025-03-13T22:07:04.765742

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

38822 / tcp

1996932384 | 2025-03-03T20:15:58.112175

"raop" nonce

39122 / tcp

2087396567 | 2025-03-13T18:29:32.809744

kjnkjabhbanc283ubcsbhdc72

39522 / tcp

2087396567 | 2025-03-11T09:08:28.270376

kjnkjabhbanc283ubcsbhdc72

39622 / tcp

546151771 | 2025-03-11T07:25:26.333486

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

39722 / tcp

599074451 | 2025-03-05T04:20:19.488724

msg

40022 / tcp

1984588611 | 2025-03-09T10:39:50.753628

40222 / tcp

-971970408 | 2025-03-04T10:32:49.856464

40322 / tcp

-1114821551 | 2025-03-08T21:08:09.713034

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

41022 / tcp

1887224352 | 2025-03-08T23:06:31.578821

41443 / tcp

539065883 | 2025-03-14T03:12:46.626447

41522 / tcp

2087396567 | 2025-03-04T23:17:05.188699

kjnkjabhbanc283ubcsbhdc72

41822 / tcp

-1230049476 | 2025-03-07T17:57:42.204958

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

41922 / tcp

-1887823886 | 2025-03-07T16:20:38.693821

K%~)J/\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

42122 / tcp

1741579575 | 2025-03-05T02:26:37.187978

42222 / tcp

-893477759 | 2025-03-04T23:44:52.645503

!versionbind7 t{RPowerDNS Recursor 410

42422 / tcp

-1461540015 | 2025-03-04T19:24:36.070669

audio 0 RTP/AVP 18 4 3 8 0 101
a

42424 / tcp

398077695 | 2025-03-17T04:00:27.720762

42901 / tcp

819727972 | 2025-03-12T23:10:50.600085

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

44158 / tcp

-433302150 | 2025-03-05T03:31:32.173462

/multistream/1.0.0

44222 / tcp

-154107716 | 2025-03-10T22:33:28.640266

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

44307 / tcp

921225407 | 2025-03-06T16:25:34.081474

\x00\x00\x00\x04\x00\x00\x00\x00\x00

45002 / tcp

-2096652808 | 2025-03-04T08:44:59.637495

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

45003 / tcp

-1598265216 | 2025-03-17T19:09:55.657087

@RSYNCD: 31.0

45022 / tcp

819727972 | 2025-03-10T15:55:06.275254

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

45111 / tcp

1911457608 | 2025-03-08T14:57:26.144230

\x00[\x00\x00\x00\x00\x00\x00

45777 / tcp

-1045760528 | 2025-03-16T22:22:46.992067

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

45822 / tcp

-971970408 | 2025-03-10T12:24:00.249987

45922 / tcp

819727972 | 2025-03-10T14:08:00.796299

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

46443 / tcp

-1399940268 | 2025-03-11T01:28:48.797358

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

47722 / tcp

1370263973 | 2025-03-10T11:10:19.555013

dubbo>

47822 / tcp

1282941221 | 2025-03-10T08:55:43.708024

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

47990 / tcp

873425297 | 2025-03-11T02:17:12.641060

200 NOD32SS 99 (3318497116)

48013 / tcp

-1399940268 | 2025-03-08T22:01:48.632089

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

48020 / tcp

-1329831334 | 2025-03-16T18:55:20.348271

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

48022 / tcp

819727972 | 2025-03-07T10:52:08.068850

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

48422 / tcp

-358801646 | 2025-03-10T00:17:00.235797

SSH-2.0-OpenSSH_6.6.1

48522 / tcp

1492413928 | 2025-03-09T22:34:30.346018

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

49690 / tcp

-1810987450 | 2025-03-07T14:26:49.865117

\xc3\xbf

50000 / tcp

873425297 | 2025-03-13T19:59:35.792033

200 NOD32SS 99 (3318497116)

50050 / tcp

-1036370807 | 2025-03-16T12:56:17.633841

JDWP-Handshake

50101 / tcp

-1399940268 | 2025-03-10T03:57:47.519360

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

50106 / tcp

1975288991 | 2025-03-12T15:49:38.185450

OPTI

50580 / tcp

-1327660293 | 2025-03-16T10:37:18.897700

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

50777 / tcp

-784071826 | 2025-03-16T11:27:47.691152

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

50805 / tcp

-1099385124 | 2025-03-08T17:00:32.486273

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

52340 / tcp

-1327660293 | 2025-03-06T10:46:12.297923

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

53022 / tcp

1991883981 | 2025-03-07T07:17:47.237821

B\x00\x00\x00\xc3\xbfn\x04Too many connections

53480 / tcp

819727972 | 2025-03-15T09:05:34.688808

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

54545 / tcp

-1279886438 | 2025-03-15T06:45:08.226022

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

54922 / tcp

-1189269828 | 2025-03-07T09:04:52.039284

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

55000 / tcp

-1810987450 | 2025-03-16T20:18:15.307609

\xc3\xbf

55222 / tcp

-653033013 | 2025-03-07T02:15:21.260278

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

55422 / tcp

-1810987450 | 2025-03-06T17:40:57.262000

\xc3\xbf

55553 / tcp

2087396567 | 2025-03-09T16:51:06.737521

kjnkjabhbanc283ubcsbhdc72

55822 / tcp

-1230049476 | 2025-03-06T21:05:34.570070

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

57522 / tcp

1741579575 | 2025-03-06T12:37:08.068457

57722 / tcp

2087396567 | 2025-03-06T09:31:27.712005

kjnkjabhbanc283ubcsbhdc72

57779 / tcp

45131230 | 2025-03-11T19:02:04.097111

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

57785 / tcp

1504401647 | 2025-03-09T21:12:51.539339

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

57787 / tcp

-1399940268 | 2025-03-17T06:30:58.639995

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

57822 / tcp

-971970408 | 2025-03-06T06:05:54.761501

58122 / tcp

819727972 | 2025-03-06T02:47:41.588277

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

58322 / tcp

-1999117212 | 2025-03-05T23:09:48.324046

58522 / tcp

819727972 | 2025-03-05T19:42:21.313113

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

58722 / tcp

-1375131644 | 2025-03-05T17:59:32.212932

\x00[v\xc3\xbdC\x7f\x00\x00

58822 / tcp

2087396567 | 2025-03-05T16:16:37.486919

kjnkjabhbanc283ubcsbhdc72

58922 / tcp

2087396567 | 2025-03-05T15:08:40.694160

kjnkjabhbanc283ubcsbhdc72

59022 / tcp

677934968 | 2025-03-05T13:33:58.112099

lm^)Q

59222 / tcp

897328069 | 2025-03-05T09:23:01.876356

220 mail.scott000.com ESMTP

59322 / tcp

-971970408 | 2025-03-05T07:37:11.292919

59522 / tcp

-527005584 | 2025-03-03T18:45:47.564346

/0 0 L
/0 0 HUH

60001 / tcp

1077013874 | 2025-03-15T02:58:46.437012

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

60129 / tcp

-1626979812 | 2025-03-11T04:55:09.925699

220 Service ready for new user.

61613 / tcp

-249504111 | 2025-03-12T10:57:02.845378

\x00[xU-\x7f\x00\x00

62237 / tcp

1761482307 | 2025-03-17T00:39:29.287229

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

62443 / tcp

-1839934832 | 2025-03-15T20:19:43.149266

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

63210 / tcp

290819026 | 2025-03-14T23:02:17.215529

welcome to Pandora console!
----------------------------
-------------------------
|     Login Time     |     2021-12-08 1...

63257 / tcp

-314039103 | 2025-03-11T14:26:23.681313

Surnom.
Sorry, that nickname format is invalid.

63260 / tcp

2087396567 | 2025-03-11T20:59:41.731494

kjnkjabhbanc283ubcsbhdc72

64738 / tcp

671605376 | 2025-03-15T04:23:35.644152

SSH-2.0-OpenSSH_X.X

65000 / tcp

265065882 | 2025-03-14T19:20:48.302470

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked

112.74.1.115

Last Seen: 2025-03-31

Tags:

GeneralInformation

WebTechnologies

OpenPorts

13 / tcp -2127598635 | 2025-03-17T14:58:32.895219

15 / tcp 921225407 | 2025-03-17T00:01:48.024353

19 / tcp 751496153 | 2025-03-15T14:42:24.260206

21 / tcp 1564456597 | 2025-03-11T12:46:49.790241

23 / tcp -1288412979 | 2025-03-14T20:16:57.289331

25 / tcp -1261090339 | 2025-03-07T02:27:05.763004

26 / tcp -2096652808 | 2025-03-12T09:32:09.702752

43 / tcp 104385780 | 2025-03-14T15:37:33.628839

65 / tcp -1059554316 | 2025-03-12T22:21:37.643419

70 / tcp 857710896 | 2025-03-04T13:21:03.082119

79 / tcp -1770051369 | 2025-03-10T11:27:44.238804

84 / tcp 0 | 2025-03-04T22:31:27.874399

Hashes

89 / tcp 1208318993 | 2025-03-16T16:05:51.395972

104 / tcp -2107996212 | 2025-03-06T10:41:12.460765

110 / tcp 819727972 | 2025-03-14T17:21:26.613762

111 / tcp 1996932384 | 2025-03-11T22:14:02.223100

113 / tcp -669112739 | 2025-03-14T00:16:44.721977

122 / tcp -2096652808 | 2025-03-06T19:38:08.046666

135 / tcp 1483120365 | 2025-03-17T18:36:17.928663

139 / tcp -1270998736 | 2025-03-08T20:20:53.403731

180 / tcp 1767345577 | 2025-03-05T16:29:03.940619

192 / tcp 819727972 | 2025-03-17T02:56:11.882754

195 / tcp 669849225 | 2025-03-14T02:09:56.865421

234 / tcp 1381121983 | 2025-03-15T00:25:45.364549

389 / tcp -1907080992 | 2025-03-16T17:11:15.357306

443 / tcp -348384753 | 2025-03-31T13:00:38.775892

Hashes

465 / tcp 897328069 | 2025-03-16T11:25:52.389824

513 / tcp 1332894250 | 2025-03-11T18:34:46.273643

515 / tcp -222277909 | 2025-03-16T12:03:13.493637

541 / tcp 268285291 | 2025-03-06T05:53:09.969883

548 / tcp 1801869778 | 2025-03-13T14:40:16.367776

636 / tcp 826560219 | 2025-03-07T02:35:12.896754

646 / tcp -1600864159 | 2025-03-17T06:09:42.818222

675 / tcp 819727972 | 2025-03-08T21:03:21.001622

789 / tcp -1947777893 | 2025-03-10T05:07:04.455595

853 / tcp -1327660293 | 2025-03-11T19:12:05.264675

873 / tcp -1970692834 | 2025-03-16T22:38:01.874310

990 / tcp 1583167286 | 2025-03-13T02:56:46.393040

992 / tcp -936692830 | 2025-03-13T00:45:21.256739

993 / tcp -1329831334 | 2025-03-16T21:44:24.949687

1023 / tcp 1231376952 | 2025-03-16T21:02:54.624089

1027 / tcp -1297953727 | 2025-03-05T15:42:47.750199

1028 / tcp 819727972 | 2025-03-12T10:14:06.608541

1080 / tcp 1362344524 | 2025-03-16T20:19:34.223369

1099 / tcp -1435414831 | 2025-03-09T15:04:57.276414

1177 / tcp -971970408 | 2025-03-14T00:06:19.298578

1180 / tcp 639175818 | 2025-03-10T23:34:50.019995

1200 / tcp 819727972 | 2025-03-14T01:10:43.504312

1234 / tcp 819727972 | 2025-03-12T22:52:36.657684

1337 / tcp -1999117212 | 2025-03-14T21:00:15.509036

1343 / tcp -1839934832 | 2025-03-16T05:36:30.952331

1433 / tcp -1781810481 | 2025-03-06T13:13:27.018903

1450 / tcp -1399940268 | 2025-03-06T13:48:04.047308

1515 / tcp 957278843 | 2025-03-08T20:58:28.131694

1521 / tcp 1975288991 | 2025-03-15T18:37:53.456751

1554 / tcp 819727972 | 2025-03-04T09:29:46.616071

1599 / tcp -454087041 | 2025-03-15T19:16:43.187366

1604 / tcp -1839934832 | 2025-03-16T05:43:43.692939

1800 / tcp 1308377066 | 2025-03-16T04:41:52.920985

1801 / tcp 1266492139 | 2025-03-15T02:59:58.316668

1958 / tcp 819727972 | 2025-03-08T18:40:40.869216

1971 / tcp -42767839 | 2025-03-07T16:04:14.191898

1972 / tcp 1761482307 | 2025-03-10T10:03:18.397673

1973 / tcp 671605376 | 2025-03-15T17:10:17.975512

1975 / tcp 819727972 | 2025-03-13T20:51:32.189635

1976 / tcp -1839934832 | 2025-03-15T02:21:47.444069

1979 / tcp -1538260461 | 2025-03-05T07:45:52.649820

1989 / tcp -1730858130 | 2025-03-14T11:06:40.708226

2000 / tcp 1911457608 | 2025-03-08T21:06:55.232293

2002 / tcp 540463538 | 2025-03-15T13:12:33.871617

2003 / tcp -457235091 | 2025-03-15T12:31:43.954068

2008 / tcp 2084412416 | 2025-03-11T23:40:58.204123

13 / tcp

-2127598635 | 2025-03-17T14:58:32.895219

15 / tcp

921225407 | 2025-03-17T00:01:48.024353

19 / tcp

751496153 | 2025-03-15T14:42:24.260206

21 / tcp

1564456597 | 2025-03-11T12:46:49.790241

23 / tcp

-1288412979 | 2025-03-14T20:16:57.289331

25 / tcp

-1261090339 | 2025-03-07T02:27:05.763004

26 / tcp

-2096652808 | 2025-03-12T09:32:09.702752

43 / tcp

104385780 | 2025-03-14T15:37:33.628839

65 / tcp

-1059554316 | 2025-03-12T22:21:37.643419

70 / tcp

857710896 | 2025-03-04T13:21:03.082119

79 / tcp

-1770051369 | 2025-03-10T11:27:44.238804

84 / tcp

0 | 2025-03-04T22:31:27.874399

89 / tcp

1208318993 | 2025-03-16T16:05:51.395972

104 / tcp

-2107996212 | 2025-03-06T10:41:12.460765

110 / tcp

819727972 | 2025-03-14T17:21:26.613762

111 / tcp

1996932384 | 2025-03-11T22:14:02.223100

113 / tcp

-669112739 | 2025-03-14T00:16:44.721977

122 / tcp

-2096652808 | 2025-03-06T19:38:08.046666

135 / tcp

1483120365 | 2025-03-17T18:36:17.928663

139 / tcp

-1270998736 | 2025-03-08T20:20:53.403731

180 / tcp

1767345577 | 2025-03-05T16:29:03.940619

192 / tcp

819727972 | 2025-03-17T02:56:11.882754

195 / tcp

669849225 | 2025-03-14T02:09:56.865421

234 / tcp

1381121983 | 2025-03-15T00:25:45.364549

389 / tcp

-1907080992 | 2025-03-16T17:11:15.357306

443 / tcp

-348384753 | 2025-03-31T13:00:38.775892

465 / tcp

897328069 | 2025-03-16T11:25:52.389824

513 / tcp

1332894250 | 2025-03-11T18:34:46.273643

515 / tcp

-222277909 | 2025-03-16T12:03:13.493637

541 / tcp

268285291 | 2025-03-06T05:53:09.969883

548 / tcp

1801869778 | 2025-03-13T14:40:16.367776

636 / tcp

826560219 | 2025-03-07T02:35:12.896754

646 / tcp

-1600864159 | 2025-03-17T06:09:42.818222

675 / tcp

819727972 | 2025-03-08T21:03:21.001622

789 / tcp

-1947777893 | 2025-03-10T05:07:04.455595

853 / tcp

-1327660293 | 2025-03-11T19:12:05.264675

873 / tcp

-1970692834 | 2025-03-16T22:38:01.874310

990 / tcp

1583167286 | 2025-03-13T02:56:46.393040

992 / tcp

-936692830 | 2025-03-13T00:45:21.256739

993 / tcp

-1329831334 | 2025-03-16T21:44:24.949687

1023 / tcp

1231376952 | 2025-03-16T21:02:54.624089

1027 / tcp

-1297953727 | 2025-03-05T15:42:47.750199

1028 / tcp

819727972 | 2025-03-12T10:14:06.608541

1080 / tcp

1362344524 | 2025-03-16T20:19:34.223369

1099 / tcp

-1435414831 | 2025-03-09T15:04:57.276414

1177 / tcp

-971970408 | 2025-03-14T00:06:19.298578

1180 / tcp

639175818 | 2025-03-10T23:34:50.019995

1200 / tcp

819727972 | 2025-03-14T01:10:43.504312

1234 / tcp

819727972 | 2025-03-12T22:52:36.657684

1337 / tcp

-1999117212 | 2025-03-14T21:00:15.509036

1343 / tcp

-1839934832 | 2025-03-16T05:36:30.952331

1433 / tcp

-1781810481 | 2025-03-06T13:13:27.018903

1450 / tcp

-1399940268 | 2025-03-06T13:48:04.047308

1515 / tcp

957278843 | 2025-03-08T20:58:28.131694

1521 / tcp

1975288991 | 2025-03-15T18:37:53.456751

1554 / tcp

819727972 | 2025-03-04T09:29:46.616071

1599 / tcp

-454087041 | 2025-03-15T19:16:43.187366

1604 / tcp

-1839934832 | 2025-03-16T05:43:43.692939

1800 / tcp

1308377066 | 2025-03-16T04:41:52.920985

1801 / tcp

1266492139 | 2025-03-15T02:59:58.316668

1958 / tcp

819727972 | 2025-03-08T18:40:40.869216

1971 / tcp

-42767839 | 2025-03-07T16:04:14.191898

1972 / tcp

1761482307 | 2025-03-10T10:03:18.397673

1973 / tcp

671605376 | 2025-03-15T17:10:17.975512

1975 / tcp

819727972 | 2025-03-13T20:51:32.189635

1976 / tcp

-1839934832 | 2025-03-15T02:21:47.444069

1979 / tcp

-1538260461 | 2025-03-05T07:45:52.649820

1989 / tcp

-1730858130 | 2025-03-14T11:06:40.708226

2000 / tcp

1911457608 | 2025-03-08T21:06:55.232293

2002 / tcp

540463538 | 2025-03-15T13:12:33.871617

2003 / tcp

-457235091 | 2025-03-15T12:31:43.954068

2008 / tcp

2084412416 | 2025-03-11T23:40:58.204123

2049 / tcp

819727972 | 2025-03-12T01:33:05.585277

2054 / tcp

921225407 | 2025-03-04T01:33:24.381495

2055 / tcp

-1399940268 | 2025-03-13T17:01:38.165283

2064 / tcp

-2046514463 | 2025-03-09T12:15:48.004254

2079 / tcp

-992671574 | 2025-03-09T22:07:40.392151

2107 / tcp

-146605374 | 2025-03-06T14:35:14.795459

2121 / tcp

-2107996212 | 2025-03-10T07:54:30.481473

2154 / tcp

-1839934832 | 2025-03-11T12:20:52.391043