GeneralInformation

Hostnames	alibabacloud.co.in alibabacloud.com alibabacloud.com.au alibabacloud.com.hk alibabacloud.com.my alibabacloud.com.sg alibabacloud.com.tw alicdn.com alicloud.com aliyun-iot-share.com aliyun.com manager.channel.aliyun.com aliyuncs.com asmlink.cn scdnphi6.com sparenode.com supet.com tburl.in teambition.com teambition.net teambitionapis.com account.www.net.cn dc.www.net.cn dmp.www.net.cn dns.www.net.cn panda.www.net.cn pandavip.www.net.cn whois.www.net.cn
Domains	alibabacloud.co.in alibabacloud.com alibabacloud.com.au alibabacloud.com.hk alibabacloud.com.my alibabacloud.com.sg alibabacloud.com.tw alicdn.com alicloud.com aliyun-iot-share.com aliyun.com aliyuncs.com asmlink.cn scdnphi6.com sparenode.com supet.com tburl.in teambition.com teambition.net teambitionapis.com www.net.cn
Country	China
City	Hangzhou
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2024(1)

CVE-2024-25117

6.8php-svg-lib is a scalable vector graphics (SVG) file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP < 8.0, and doesn't validate if external references are allowed. This might leads to bypass of restrictions or RCE on projects that are using it, if they do not strictly revalidate the fontName that is passed by php-svg-lib. The `Style::fromAttributes(`), or the `Style::parseCssStyle()` should check the content of the `font-family` and prevents it to use a PHAR url, to avoid passing an invalid and dangerous `fontName` value to other libraries. The same check as done in the `Style::fromStyleSheets` might be reused. Libraries using this library as a dependency might be vulnerable to some bypass of restrictions, or even remote code execution, if they do not double check the value of the `fontName` that is passed by php-svg-lib. Version 0.5.2 contains a fix for this issue.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2022(3)

CVE-2022-31629

6.5In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

CVE-2022-31628

2.3In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

CVE-2022-4900

6.2A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(3)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

CVE-2020-11579

7.5An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.

2019(8)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-9641

9.8An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.

CVE-2019-9639

7.5An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.

CVE-2019-9638

CVE-2019-9637

7.5An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(5)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-19396

7.5ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.

CVE-2018-19395

7.5ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM("WScript.Shell").

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

2017(4)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

CVE-2017-8923

9.8The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.

CVE-2017-7963

7.5The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings. NOTE: the vendor disputes this, stating "There is no security issue here, because GMP safely aborts in case of an OOM condition. The only attack vector here is denial of service. However, if you allow attacker-controlled, unbounded allocations you have a DoS vector regardless of GMP's OOM behavior.

CVE-2017-7272

7.4PHP through 7.1.11 enables potential SSRF in applications that accept an fsockopen or pfsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax is recognized, fsockopen will use the port number that is specified in the hostname argument, instead of the port number in the second argument of the function.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(5)

CVE-2015-9253

6.5An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility.

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2013(1)

CVE-2013-2220

7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(2)

CVE-2007-3205

5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 15 20 22 23 25 26 37 43 49 53 70 79 80 93 94 104 110 111 113 175 179 195 311 389 443 444 488 513 666 771 873 999 1000 1023 1080 1153 1198 1234 1433 1515 1521 1588 1599 1604 1723 1800 1911 1926 1962 1985 2000 2002 2065 2067 2081 2087 2095 2121 2154 2181 2211 2222 2332 2345 2404 2506 2550 2599 2626 2628 2701 2761 3001 3050 3066 3098 3103 3108 3138 3142 3155 3179 3191 3260 3301 3306 3388 3400 3522 3551 3556 3567 3790 3793 3954 4000 4002 4022 4064 4104 4150 4200 4242 4282 4369 4433 4435 4443 4444 4451 4506 4786 5001 5007 5010 5122 5201 5222 5228 5246 5269 5270 5432 5569 5603 5672 5909 5914 5938 5986 5990 6000 6002 6003 6061 6500 6581 6650 6666 6667 6775 6779 7001 7015 7025 7218 7302 7434 7443 7473 7500 7634 7989 7999 8000 8009 8021 8026 8028 8043 8053 8062 8075 8081 8083 8085 8089 8126 8144 8148 8157 8172 8251 8291 8300 8333 8343 8382 8384 8408 8500 8502 8505 8521 8536 8554 8584 8601 8640 8649 8728 8790 8801 8804 8820 8833 8834 8841 8855 8859 8866 8872 8880 8887 8899 8989 9000 9022 9051 9057 9062 9070 9071 9076 9082 9095 9100 9144 9155 9164 9183 9189 9200 9204 9208 9220 9292 9306 9333 9398 9418 9444 9513 9530 9758 9761 9876 9888 9923 9991 9992 9999 10000 10009 10018 10028 10040 10041 10049 10051 10101 10201 10225 10397 10911 11000 11112 11210 11211 11300 11601 11688 12000 12019 12108 12109 12115 12158 12159 12179 12207 12208 12225 12239 12242 12250 12254 12255 12256 12286 12307 12332 12342 12347 12352 12364 12381 12385 12407 12419 12421 12437 12444 12447 12469 12489 12515 12547 12576 12578 12583 13128 14130 14344 14401 14406 14443 14523 14873 14894 14895 15018 16015 16029 16037 16040 16041 16044 16062 16063 16066 16076 16101 16667 16993 17000 17082 17770 18012 18015 18026 18061 18079 18080 18081 18245 18553 19000 19930 20000 20107 20256 20440 20547 20880 21027 21235 21256 21306 21325 21935 22000 22001 22070 23023 23424 25105 25565 27015 27016 27017 28015 30002 30003 30023 30303 30322 30522 30622 30822 30922 31022 31210 31443 32122 32202 32722 32764 33122 33422 33622 33722 34722 35000 35101 35522 35822 35922 36222 36422 37022 37222 37322 37522 37722 37777 38022 38522 39122 39222 39522 40322 40522 41222 41443 41522 42222 42422 44158 44304 44320 44818 45001 45006 45668 45822 45922 47000 47534 47808 47822 47990 48899 49152 49692 50000 50002 50100 50102 50202 50997 51443 53413 54138 55000 55422 55442 55443 55522 55553 55554 55722 57522 57786 58822 58922 59012 60000 60129 61234 61613 62078 63210 63256 63260 64295 64738

11 / tcp

117101543 | 2025-03-26T05:28:38.835942

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

15 / tcp

-1304843095 | 2025-03-22T01:25:43.015286

[Ý

20 / tcp

-2089734047 | 2025-03-26T08:14:36.761448

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

22 / tcp

-1346477807 | 2025-03-14T23:04:25.866596

SSH-2.0-OpenSSH_X.X\r\n

23 / tcp

164764193 | 2025-03-25T01:20:00.114800

(none) login:

25 / tcp

1665283070 | 2025-03-17T00:31:59.490492

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x01\x00\x00\x10\x00\x00\n0\x03\x00\x00\x00\x01\x00\x05\x00\x00@\x00\x00\x06\x00\x00\x1f@

26 / tcp

575925250 | 2025-03-10T02:06:22.778198

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

37 / tcp

900697840 | 2025-03-17T09:14:42.018653

\xc3\xbf\xc3\xbb\\x01\n\rno data rcvd for versi

43 / tcp

-1248408558 | 2025-03-08T20:43:38.615279

220 MikroTik FTP server (MikroTik 6.44.3) ready

49 / tcp

-1056270173 | 2025-03-21T21:04:02.440381

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close

53 / tcp

1308081026 | 2025-03-09T22:06:22.355492

9
\x81\x80\x00\x01\x00\x02\x00\x00\x00\x00\x08clients1\x06google\x03com\x00\x00\x01\x00\x01\xc0\x00\x05\x00\x01\x00\x00\x00<\x00\x07clients\x01l\xc0\x15\xc01\x00\x01\x00\x01\x00\x00\x00R\x00\x04\xac٣.
\x00\x06\x81\x05\x00\x01\x00\x00\x00\x00\x00\x00\x

70 / tcp

-1763883228 | 2025-03-31T12:10:30.328189

HTTP/1.1 400 Bad Request
Server: vista/0.7
Content-Type: text/html
Connection: close

79 / tcp

627290832 | 2025-03-14T07:58:08.547866

ÿû\x01SOYO_SIP VBNQyQSKc settings
Password:

80 / tcp

501077178 | 2025-03-28T15:10:37.009269

Hashes

hash

-1743997206

http.dom_hash

1991980804

http.html_hash

501077178

http.server_hash

1673621694

http.title_hash

-1828380909

302 Found

HTTP/1.1 302 Moved Temporarily
Server: Tengine
Date: Fri, 28 Mar 2025 15:10:36 GMT
Content-Type: text/html
Content-Length: 215
Connection: keep-alive
Location: http://www.taobao.com/
Via: tongyijieru-aliyun-com011192089173.em21[web,302]

93 / tcp

-2096652808 | 2025-03-23T01:10:54.642630

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

94 / tcp

165188539 | 2025-03-15T21:29:03.357078

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

104 / tcp

-1399940268 | 2025-03-10T02:07:28.753633

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

110 / tcp

-1810987450 | 2025-03-25T11:30:11.281816

\xc3\xbf

111 / tcp

2087396567 | 2025-03-29T06:52:53.254142

kjnkjabhbanc283ubcsbhdc72

113 / tcp

-669112739 | 2025-03-24T17:04:21.375685

Bÿn\x04Too many connections

175 / tcp

-805362002 | 2025-03-19T06:58:32.521326

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

179 / tcp

-399606100 | 2025-03-28T14:55:58.318759

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

195 / tcp

1830697416 | 2025-03-19T10:09:16.757252

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

311 / tcp

676753056 | 2025-03-29T20:23:24.087211

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html

389 / tcp

-1743283776 | 2025-03-08T17:33:31.853387

0\x0c\\x02\\x01\\x01a\\x07\n\\x01\\x04\\x04

443 / tcp

0 | 2025-03-29T02:33:54.398985

Hashes

hash

-1967140710

http.dom_hash

http.html_hash

http.server_hash

1673621694

HTTP/1.1 302 Found
Date: Sat, 29 Mar 2025 02:33:53 GMT
Content-Length: 0
Connection: keep-alive
Server: Tengine
X-Content-Type-Options: nosniff
Location: https://account.alibabacloud.com/login/login.htm?oauth_callback=http%3A%2F%2Fdmslab.alibabacloud.com/&traceId=1a0f4b3317432156335248514ef77d
Content-Language: en
EagleEye-TraceId: 1a0f4b3317432156335248514ef77d
Strict-Transport-Security: max-age=31536000
Timing-Allow-Origin: *

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:ec:5b:15:fa:5e:f4:1d:24:b0:85:aa
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 OV TLS CA 2024
        Validity
            Not Before: Feb 18 08:42:02 2025 GMT
            Not After : Sep  4 00:00:00 2025 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.aliyun.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:8f:7e:68:30:ee:4a:3b:97:32:7e:76:74:9f:2a:
                    94:b4:15:3f:8a:ab:16:98:6c:64:76:6e:ee:32:0a:
                    98:68:87:d3:b3:54:1b:d1:c3:11:cc:ce:ea:6b:9e:
                    13:02:ad:50:b6:52:34:b0:4d:4c:da:f8:f5:46:80:
                    12:da:07:bd:c0
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr3ovtlsca2024.crt
                OCSP - URI:http://ocsp.globalsign.com/gsgccr3ovtlsca2024
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                Policy: 1.3.6.1.4.1.4146.10.1.2
                  CPS: https://www.globalsign.com/repository/
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsgccr3ovtlsca2024.crl
            X509v3 Subject Alternative Name: 
                DNS:*.aliyun.com, DNS:manager.channel.aliyun.com, DNS:*.account.ltc.aliyun.com, DNS:*.ace.aliyun.com, DNS:*.acs-internal.aliyuncs.com, DNS:*.acs.aliyun.com, DNS:*.ads.aliyun.com, DNS:*.ai.aliyun.com, DNS:*.aicrowd.aliyun.com, DNS:*.aiearth.aliyun.com, DNS:*.alibabacloud.co.in, DNS:*.alibabacloud.com, DNS:*.alibabacloud.com.au, DNS:*.alibabacloud.com.hk, DNS:*.alibabacloud.com.my, DNS:*.alibabacloud.com.sg, DNS:*.alibabacloud.com.tw, DNS:*.alibabacloudsso.com, DNS:*.alicdn.com, DNS:*.alicloud.com, DNS:*.aligroup.aliyun.com, DNS:*.alink.aliyun.com, DNS:*.alios.aliyuncs.com, DNS:*.aliplus.com, DNS:*.alitranx.aliyun.com, DNS:*.aliyun-iot-share.com, DNS:*.aliyuncorp.com, DNS:*.aliyuncs.com, DNS:*.aliyunidaas.com, DNS:*.aliyunjinbao.com, DNS:*.alyms.cn, DNS:*.ap-northeast-1.aliyuncs.com, DNS:*.ap-south-1.aliyuncs.com, DNS:*.ap-southeast-1.aliyuncs.com, DNS:*.ap-southeast-2.aliyuncs.com, DNS:*.ap-southeast-3.aliyuncs.com, DNS:*.ap-southeast-5.aliyuncs.com, DNS:*.api.alibabacloud.com, DNS:*.api.aliyun.com, DNS:*.api.aliyunidaas.com, DNS:*.apm.aliyun.com, DNS:*.app.aliyun.com, DNS:*.asmlink.cn, DNS:*.banma.aliyuncs.com, DNS:*.base.shuju.aliyun.com, DNS:*.beian.aliyun.com, DNS:*.bi.aliyun.com, DNS:*.biz.aliyun.com, DNS:*.bridge.aliyun.com, DNS:*.business.aliyun.com, DNS:*.ccc.aliyuncs.com, DNS:*.center.aliyun.com, DNS:*.cfc.aliyuncs.com, DNS:*.channel.aliyun.com, DNS:*.citybrain.aliyun.com, DNS:*.cloudapp.aliyun.com, DNS:*.cloudeagle.cn, DNS:*.cloudgame.aliyun.com, DNS:*.cn-beijing.aliyuncs.com, DNS:*.cn-chengdu.aliyuncs.com, DNS:*.cn-guizhou.aliyuncs.com, DNS:*.cn-haidian.aliyuncs.com, DNS:*.cn-hangzhou-finance.aliyuncs.com, DNS:*.cn-hangzhou.aliyuncs.com, DNS:*.cn-hongkong.aliyuncs.com, DNS:*.cn-huhehaote.aliyuncs.com, DNS:*.cn-ningxia.aliyuncs.com, DNS:*.cn-north-2-gov-1.aliyuncs.com, DNS:*.cn-qingdao-nebula.aliyuncs.com, DNS:*.cn-qingdao.aliyuncs.com, DNS:*.cn-shanghai-finance-1.aliyuncs.com, DNS:*.cn-shanghai.aliyun.com, DNS:*.cn-shanghai.aliyuncs.com, DNS:*.cn-shenzhen-cloudstone.aliyuncs.com, DNS:*.cn-shenzhen-finance-1.aliyuncs.com, DNS:*.cn-shenzhen.aliyuncs.com, DNS:*.cn-sichuan.aliyuncs.com, DNS:*.cn-zhangjiakou.aliyuncs.com, DNS:*.connect.aliyun.com, DNS:*.console.alibabacloud.com, DNS:*.console.alicloud.com, DNS:*.console.aliyun.com, DNS:*.console.aliyuncs.com, DNS:*.cs.aliyun.com, DNS:*.cschat-ccs.aliyun.com, DNS:*.daily.aliyunidaas.com, DNS:*.data.alibabacloud.com, DNS:*.data.aliyun.com, DNS:*.dataapi.aliyun.com, DNS:*.dataq.aliyun.com, DNS:*.dataq.aliyuncs.com, DNS:*.datav.aliyun.com, DNS:*.datav.aliyuncs.com, DNS:*.dbs.aliyun.com, DNS:*.dev.aliyunidaas.com, DNS:*.devlops.aliyun.com, DNS:*.devops.aliyun.com, DNS:*.ditu.aliyun.com, DNS:*.domain.aliyun.com, DNS:*.dyiot.aliyun.com, DNS:*.dyiot.aliyuncs.com, DNS:*.ebs.aliyun.com, DNS:*.edu-aliyun.com, DNS:*.edu.aliyun.com, DNS:*.emas.aliyun.com, DNS:*.emr.aliyun.com, DNS:*.enterprise.aliyun.com, DNS:*.env.aliyun.com, DNS:*.et-industry.aliyun.com, DNS:*.eu-central-1.aliyuncs.com, DNS:*.eu-west-1.aliyuncs.com, DNS:*.faasonasi.aliyuncs.com, DNS:*.fc.aliyun.com, DNS:*.fc.aliyuncs.com, DNS:*.feedback.console.aliyun.com, DNS:*.fintech.aliyuncs.com, DNS:*.gts-x.aliyun.com, DNS:*.gts.aliyun.com, DNS:*.help-ccs.aliyun.com, DNS:*.hologres.aliyuncs.com, DNS:*.ialicdn.com, DNS:*.im.aliyuncs.com, DNS:*.imp.aliyuncs.com, DNS:*.in-mumbai.aliyuncs.com, DNS:*.iot.aliyun.com, DNS:*.jp-fudao.aliyuncs.com, DNS:*.lancet.aliyuncs.com, DNS:*.license-manage.aliyun.com, DNS:*.linkedmall.aliyun.com, DNS:*.linkwan.aliyun.com, DNS:*.living.aliyun.com, DNS:*.login-dev.aliyunidaas.com, DNS:*.login.aliyunidaas.com, DNS:*.luban.aliyun.com, DNS:*.m.aliyun.com, DNS:*.market.aliyun.com, DNS:*.maxcompute.aliyun.com, DNS:*.me-east-1.aliyuncs.com, DNS:*.media.aliyun.com, DNS:*.microdingtalk.aliyun.com, DNS:*.mit.aliyun.com, DNS:*.mobile.aliyun.com, DNS:*.mp.aliyun.com, DNS:*.msea.aliyun.com, DNS:*.mts.aliyun.com, DNS:*.mvp.aliyun.com, DNS:*.nebula.aliyun.com, DNS:*.nlp.aliyun.com, DNS:*.nls.aliyuncs.com, DNS:*.odps.aliyun.com, DNS:*.onepub.aliyun.com, DNS:*.ons.aliyun.com, DNS:*.ose.aliyun.com, DNS:*.pai.data.aliyun.com, DNS:*.pcs-gw-cn-beijing.aliyun.com, DNS:*.pcs-gw-cn-shanghai.aliyun.com, DNS:*.pre-innodeep.aliyuncs.com, DNS:*.pre-operation.aliyuncs.com, DNS:*.pre-page.aliyun.com, DNS:*.pre-sg-purchase.aliyun.com, DNS:*.pre.aliyun.com, DNS:*.prepub.aliyun.com, DNS:*.product.center.aliyun.com, DNS:*.proxy.aliyun.com, DNS:*.proxy.aliyuncs.com, DNS:*.pts.aliyun.com, DNS:*.r-app-cn-beijing-data.aliyun.com, DNS:*.r-app-cn-hangzhou-data.aliyun.com, DNS:*.r-app-cn-shenzhen-data.aliyun.com, DNS:*.r-app-data.aliyun.com, DNS:*.rdc.aliyun.com, DNS:*.rds.aliyun.com, DNS:*.reid.aliyun.com, DNS:*.rtc.aliyun.com, DNS:*.rtc.aliyuncs.com, DNS:*.sc-cmdb.aliyuncs.com, DNS:*.scsp.aliyun.com, DNS:*.service.aliyun.com, DNS:*.settlement.aliyun.com, DNS:*.sg.aliyun.com, DNS:*.sg.aliyuncs.com, DNS:*.shuju.aliyun.com, DNS:*.smart.aliyun.com, DNS:*.soc.aliyun.com, DNS:*.soc.aliyuncs.com, DNS:*.sparenode.com, DNS:*.supet.com, DNS:*.tburl.in, DNS:*.teambition.com, DNS:*.teambition.net, DNS:*.teambitionapis.com, DNS:*.tianchi.aliyun.com, DNS:*.toolkit.aliyun.com, DNS:*.tools.aliyun.com, DNS:*.tv.aliyun.com, DNS:*.tw-gaoxiong.aliyuncs.com, DNS:*.us-east-1.aliyuncs.com, DNS:*.us-west-1.aliyuncs.com, DNS:*.webide.aliyun.com, DNS:*.xspace.alibabacloud.com, DNS:*.yunqi.aliyun.com, DNS:*.yuntu.aliyun.com, DNS:account.www.net.cn, DNS:alibabacloud.co.in, DNS:alibabacloud.com, DNS:alibabacloud.com.au, DNS:alibabacloud.com.hk, DNS:alibabacloud.com.my, DNS:alibabacloud.com.sg, DNS:alibabacloud.com.tw, DNS:alicdn.com, DNS:alicloud.com, DNS:aliyun-iot-share.com, DNS:aliyuncs.com, DNS:asmlink.cn, DNS:dc.www.net.cn, DNS:dmp.www.net.cn, DNS:dns.www.net.cn, DNS:panda.www.net.cn, DNS:pandavip.www.net.cn, DNS:scdnphi6.com, DNS:sparenode.com, DNS:supet.com, DNS:tburl.in, DNS:teambition.com, DNS:teambition.net, DNS:teambitionapis.com, DNS:whois.www.net.cn, DNS:aliyun.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                DA:D3:A8:08:48:0C:34:37:58:EE:E5:A7:75:2E:59:FC:D6:DC:3C:38
            X509v3 Subject Key Identifier: 
                E0:43:01:3E:DF:17:FD:BD:64:EE:8A:59:34:7F:5A:CF:A0:A3:B0:AB
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : AF:18:1A:28:D6:8C:A3:E0:A9:8A:4C:9C:67:AB:09:F8:
                                BB:BC:22:BA:AE:BC:B1:38:A3:A1:9D:D3:F9:B6:03:0D
                    Timestamp : Feb 18 08:42:06.314 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:58:A3:C0:89:B0:B5:A2:EE:B8:3B:98:E9:
                                AC:75:BF:8F:98:1E:E0:47:36:71:0C:28:8E:2D:DE:4D:
                                75:B8:15:F1:02:20:6E:BD:52:F6:47:E8:DB:8D:60:1B:
                                84:6B:0A:A4:7E:C7:6F:E2:3E:00:93:1B:34:4B:7B:72:
                                2E:F2:FF:11:73:D7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 1A:04:FF:49:D0:54:1D:40:AF:F6:A0:C3:BF:F1:D8:C4:
                                67:2F:4E:EC:EE:23:40:68:98:6B:17:40:2E:DC:89:7D
                    Timestamp : Feb 18 08:42:06.719 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:F2:D6:D2:EE:62:0B:1E:C9:7C:0C:B6:
                                5E:64:AD:DD:E7:25:45:3D:F5:DD:80:D3:A8:6D:45:7F:
                                A6:66:13:5C:E6:02:20:64:91:64:22:C0:BD:4F:44:06:
                                15:27:0C:3B:67:FF:C6:C8:2B:7B:C5:B7:AB:6B:FA:E3:
                                25:74:EE:97:89:A5:D3
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
                                F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
                    Timestamp : Feb 18 08:42:06.762 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:28:20:CA:D4:6B:FC:9F:38:7B:BC:15:A2:
                                98:B4:D9:1C:22:78:22:58:BF:C6:44:E8:C7:C1:A9:EF:
                                E0:6A:F6:8D:02:21:00:EE:D0:B0:93:B0:B7:1E:CE:A5:
                                DD:4A:EA:D4:62:82:C2:65:4C:A5:A1:A0:9E:8B:07:77:
                                A2:D5:E4:77:0E:66:08
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a5:24:69:de:5b:14:09:48:2c:ea:b8:23:1a:65:7d:fc:39:7a:
        70:fe:02:0a:eb:dc:2d:b3:7e:70:1f:92:00:59:fc:5f:ba:3b:
        55:55:0e:b6:49:b2:91:48:fb:79:1a:a9:56:bd:21:1b:c9:c5:
        aa:f0:20:bd:1a:18:98:3d:62:bf:1c:62:21:15:94:d0:02:ee:
        be:f6:c4:fb:dc:82:cb:67:4d:60:c3:85:9e:ea:4d:a3:46:ed:
        37:42:74:7b:a7:53:4a:91:3c:13:d6:e6:47:6a:28:dd:e1:e5:
        33:55:92:cf:54:4c:ab:b9:2b:1b:88:98:90:ce:36:99:26:f3:
        58:d7:5b:d1:b5:a3:31:6b:0f:6c:1a:40:76:5d:fe:27:53:3f:
        00:36:f9:52:d9:0f:9e:c1:a7:8d:47:6d:94:30:2a:b0:30:72:
        75:c4:89:f6:37:6b:83:b8:cb:e8:ac:6b:5c:d4:02:87:9a:72:
        ce:8e:cc:7b:b7:e8:84:93:b0:7f:1a:4a:4d:97:f9:00:0a:0b:
        0a:3a:8e:7b:68:81:8e:68:7e:34:2f:f5:aa:97:35:dd:a1:d9:
        03:57:0e:a4:28:6d:4c:89:27:09:95:5a:38:ae:cf:6f:7c:33:
        08:b2:e0:17:19:13:24:e4:f1:82:a9:aa:2c:f4:a7:11:da:c4:
        c0:70:1d:6a

444 / tcp

1282941221 | 2025-03-28T15:25:27.580147

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

488 / tcp

671605376 | 2025-03-21T12:47:42.493815

SSH-2.0-OpenSSH_X.X

513 / tcp

-904840257 | 2025-03-05T15:51:06.993546

572 Relay not authorized\r\n

666 / tcp

-1420968138 | 2025-03-24T22:34:08.910881

HTTP/1.0 200 OK
Server: SonicWALL
Expires: -1
Cache-Control: no-cache
Content-type: text/html; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains

771 / tcp

165188539 | 2025-03-21T21:32:11.485801

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

873 / tcp

-992671574 | 2025-03-28T08:54:10.421992

@RSYNCD: 26

999 / tcp

-1093031919 | 2025-03-20T14:55:25.059669

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate,  pre-check=0, post-check=0, max-age=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Mon, 22 Jan 2024 08:33:58 +0000
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/5.6.40
X-ob_mode: 1
X-Frame-Options: DENY
Referrer-Policy: no-referrer
X-X-WebKit-CSP: default-src 'self' ;script-src 'self'  'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data:

Vulnerabilities

2 9 5 1

1000 / tcp

-1888448627 | 2025-03-09T22:06:40.029925

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1023 / tcp

-1681927087 | 2025-03-11T00:40:42.642366

kjnkjabhbanc283ubcsbhdc72

1080 / tcp

1362344524 | 2025-03-05T04:32:45.420716

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7

1153 / tcp

1948301213 | 2025-03-25T11:42:57.336257

RFB 003.003
VNC:
  Protocol Version: 3.3

1198 / tcp

67948279 | 2025-03-03T21:02:02.467037

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET

1234 / tcp

1492413928 | 2025-03-15T16:06:59.431724

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

1433 / tcp

-325802316 | 2025-03-18T14:50:15.416710

MSSQL Server\nVersion: 134219767 (0x80007f7)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: PC-20150816MQOM\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: PC-20150816MQOM\nNetBIOS_Computer_Name: PC-20150816MQOM\nDNS_Domain_Name: PC-20150816MQOM\nDNS_Computer_Name: PC-20150816MQOM\nMsvAvFlags: 01000000\nSystem_Time: 2024-01-22 04:03:26 +0000 UTC\n\n

1515 / tcp

104385780 | 2025-03-27T08:42:27.841645

ceph v2

1521 / tcp

2002686051 | 2025-03-22T12:09:39.020650

Version:11.1.0.6.0\n\\x016\\x00\\x01\\x08\\x00\\x7f\\xff\\x01\\x00\\x00-\\x00 \r\\x08\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00(DESCRIPTION=(TMP=)(VSNNUM=185599488)(ERR=0))

1588 / tcp

1911457608 | 2025-03-11T19:14:17.465329

\x00[\x00\x00\x00\x00\x00\x00

1599 / tcp

1887224352 | 2025-03-07T08:03:29.520173

1604 / tcp

-1230049476 | 2025-03-15T19:33:58.476421

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

1723 / tcp

2064046231 | 2025-03-11T07:38:18.360823

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1c77_tb143_15913-45531

1800 / tcp

-1399940268 | 2025-03-06T12:56:04.938320

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1911 / tcp

554385174 | 2025-03-05T08:46:44.281400

HTTP/1.1 408 Request Timeout\r\nContent-Length: 0\r\nCo\nntent-Type: text/plain

1926 / tcp

-1598265216 | 2025-03-19T22:53:25.985238

@RSYNCD: 31.0

1962 / tcp

1282941221 | 2025-03-25T12:44:50.081411

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

1985 / tcp

-832380282 | 2025-03-28T05:26:56.714140

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).\n

2000 / tcp

-891714208 | 2025-03-15T21:10:29.076892

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

2002 / tcp

1189133115 | 2025-03-28T23:14:32.123544

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

2065 / tcp

-42767839 | 2025-03-05T20:09:15.918266

RFB 005.000

VNC:
  Protocol Version: 5.0

2067 / tcp

1308377066 | 2025-03-31T09:41:45.927583

ncacn_http/1.0

2081 / tcp

410249975 | 2025-03-17T00:29:33.422612

LNS READY<>

2087 / tcp

-1373613804 | 2025-03-23T05:37:45.607264

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

2095 / tcp

1911457608 | 2025-03-23T10:15:36.571261

\x00[\x00\x00\x00\x00\x00\x00

2121 / tcp

141730637 | 2025-03-24T11:15:51.935721

HTTP/1.0 200 OK
Server: Proxy

2154 / tcp

-971970408 | 2025-03-19T20:16:54.995604

2181 / tcp

546151771 | 2025-03-26T19:43:51.789594

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

2211 / tcp

-1399940268 | 2025-03-12T19:12:38.839365

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2222 / tcp

372433470 | 2025-03-13T03:23:38.425361

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

2332 / tcp

1632932802 | 2025-03-21T23:29:49.314258

2345 / tcp

1308377066 | 2025-03-06T02:20:18.445465

ncacn_http/1.0

2404 / tcp

-2089734047 | 2025-03-16T22:37:20.850205

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

2506 / tcp

-441419608 | 2025-03-16T10:57:56.883445

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

2550 / tcp

-1399940268 | 2025-03-04T05:30:45.817745

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2599 / tcp

-2096652808 | 2025-03-06T02:47:09.208227

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

2626 / tcp

599074451 | 2025-03-16T03:06:25.019845

msg

2628 / tcp

2087396567 | 2025-03-16T05:04:46.308858

kjnkjabhbanc283ubcsbhdc72

2701 / tcp

-1678345660 | 2025-03-29T19:17:55.694687

!\\x07version\\x04bind7 t{RPowerDNS Recursor 410

2761 / tcp

819727972 | 2025-03-21T02:09:00.925173

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3001 / tcp

-1399940268 | 2025-03-21T23:32:52.791147

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3050 / tcp

819727972 | 2025-03-13T01:41:00.578224

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3066 / tcp

1911457608 | 2025-03-26T16:18:01.409671

\x00[\x00\x00\x00\x00\x00\x00

3098 / tcp

-1839934832 | 2025-03-29T17:22:36.056631

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

3103 / tcp

-2089734047 | 2025-03-18T22:20:22.499446

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3108 / tcp

1574088840 | 2025-03-09T05:27:29.000011

">Application and Content Networking Software 3.9</a>)\n</BODY><

3138 / tcp

-1888448627 | 2025-03-11T20:43:11.910768

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

3142 / tcp

819727972 | 2025-03-19T22:22:11.056254

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3155 / tcp

-1888448627 | 2025-03-18T15:37:46.285348

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

3179 / tcp

819727972 | 2025-03-17T16:27:22.601689

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3191 / tcp

-1835475271 | 2025-03-18T14:51:23.252260

200 NOD32SS 99 (3318497116)\r\n

3260 / tcp

1655023012 | 2025-03-21T09:10:36.720750

athinfod: invalid query.\n

3301 / tcp

-1476017887 | 2025-03-14T17:37:18.350130

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

3306 / tcp

1047846045 | 2025-03-28T19:03:57.261454

H\\x00\\x00\\x01\\xffj\\x04Host \'*.*.*.*\' is not allowed to connect to this MariaDB server

3388 / tcp

401555314 | 2025-03-19T09:55:04.964690

NB[GFXjA^R

3400 / tcp

1911457608 | 2025-03-19T15:39:44.941192

\x00[\x00\x00\x00\x00\x00\x00

3522 / tcp

1911457608 | 2025-03-04T04:24:50.590655

\x00[\x00\x00\x00\x00\x00\x00

3551 / tcp

198844676 | 2025-03-23T12:59:46.185472

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3556 / tcp

2063598737 | 2025-03-09T22:13:58.439382

/0 0 L\r\n/0 0 HUH\r\n

3567 / tcp

-339084706 | 2025-03-25T04:17:48.092988

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

3790 / tcp

-1900404274 | 2025-03-23T22:15:15.105727

Unknown command

3793 / tcp

1911457608 | 2025-03-23T21:58:57.258545

\x00[\x00\x00\x00\x00\x00\x00

3954 / tcp

1911457608 | 2025-03-22T09:39:36.123706

\x00[\x00\x00\x00\x00\x00\x00

4000 / tcp

1170207731 | 2025-03-12T19:44:43.467494

HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
content-length: 9446
content-type: text/html; charset=utf-8
cross-origin-window-policy: deny
date: Mon, 22 Jan 2024 08:34:42 GMT
server: Cowboy
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: F6yeXaHCjyC4elgAAoAh
x-xss-protection: 1; mode=block
set-cookie: _teslamate_key=SFMyNTY.g3QAAAAEbQAAAAtfY3NyZl90b2tlbm0AAAAYaUxzWXpoMm5SdWh1V2piMFd

4002 / tcp

820958131 | 2025-03-08T15:35:58.345198

kjnkjabhbanc283ubcsbhdc72\x02

4022 / tcp

-1327660293 | 2025-03-28T12:19:45.125626

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

4064 / tcp

-122096153 | 2025-03-21T16:08:23.474691

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

4104 / tcp

408230060 | 2025-03-29T03:22:55.216887

\r\nSorry, that nickname format is invalid.\r\n

4150 / tcp

1011407350 | 2025-03-09T15:24:11.935094

* OK GroupWise IMAP4rev1 Server Ready\r\n

4200 / tcp

-1399940268 | 2025-03-22T23:44:17.093599

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4242 / tcp

-1879056922 | 2025-03-13T02:00:48.755591

HTTP/1.1 403 Forbidden
Server: Apache/2.4.41 (Unix) OpenSSL/1.1.1d TST PHP/7.3.11
Content-Type: text/plain; charset=utf-8
Connection: close

4282 / tcp

-1888448627 | 2025-03-27T11:17:21.797418

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

4369 / tcp

819727972 | 2025-03-23T05:03:23.009506

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

4433 / tcp

-971970408 | 2025-03-14T03:22:57.367970

4435 / tcp

-1230049476 | 2025-03-15T15:10:51.591825

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

4443 / tcp

141533638 | 2025-03-18T17:11:58.732004

HTTP/1.1 302 Found
Location: /index.html

4444 / tcp

921225407 | 2025-03-23T19:43:40.388484

\x00\x00\x00\x04\x00\x00\x00\x00\x00

4451 / tcp

1911457608 | 2025-03-28T23:55:04.577984

\x00[\x00\x00\x00\x00\x00\x00

4506 / tcp

-971970408 | 2025-03-21T02:02:27.091625

4786 / tcp

15018106 | 2025-03-12T19:49:54.967109

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

5001 / tcp

2087396567 | 2025-03-21T20:03:11.774353

kjnkjabhbanc283ubcsbhdc72

5007 / tcp

1911457608 | 2025-03-29T07:00:15.397532

\x00[\x00\x00\x00\x00\x00\x00

5010 / tcp

1975288991 | 2025-03-19T00:59:10.989412

OPTI

5122 / tcp

-2031152423 | 2025-03-09T16:02:21.387136

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

5201 / tcp

-249504111 | 2025-03-19T00:04:30.829660

\x00[xU-\x7f\x00\x00

5222 / tcp

550048729 | 2025-03-31T10:06:27.670566

ÿÿÿ
0 ...

5228 / tcp

-1399940268 | 2025-03-24T02:57:08.038022

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5246 / tcp

-1428621233 | 2025-03-21T16:08:44.562976

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

5269 / tcp

-1074907534 | 2025-03-27T05:58:39.277126

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705938603.82-w-waf02tjgt

5270 / tcp

-1099385124 | 2025-03-26T20:02:40.446333

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

5432 / tcp

819727972 | 2025-03-26T08:14:12.072593

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

5569 / tcp

1726594447 | 2025-03-08T23:02:04.945662

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

5603 / tcp

1911457608 | 2025-03-26T19:21:55.808439

\x00[\x00\x00\x00\x00\x00\x00

5672 / tcp

575925250 | 2025-03-15T18:20:35.621361

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

5909 / tcp

2103111368 | 2025-03-17T15:12:36.373345

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

5914 / tcp

-1839934832 | 2025-03-28T18:55:58.121409

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

5938 / tcp

1911457608 | 2025-03-19T16:55:37.384316

\x00[\x00\x00\x00\x00\x00\x00

5986 / tcp

-1013082686 | 2025-03-14T17:01:50.096942

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

5990 / tcp

819727972 | 2025-03-26T18:23:00.896812

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

6000 / tcp

819727972 | 2025-03-29T14:25:10.786293

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

6002 / tcp

-1142844482 | 2025-03-25T16:34:24.652085

ÿûSOYO_SIP VBNQyQSKc settings
Password:

6003 / tcp

-1399940268 | 2025-03-18T19:55:44.021375

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6061 / tcp

1911457608 | 2025-03-19T11:43:03.058111

\x00[\x00\x00\x00\x00\x00\x00

6500 / tcp

-1399940268 | 2025-03-17T22:17:57.757662

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6581 / tcp

165188539 | 2025-03-27T14:31:27.093358

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

6650 / tcp

-1399940268 | 2025-03-16T06:15:54.137302

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6666 / tcp

-696112747 | 2025-03-17T05:29:39.167735

\x00\x0e@\xbdT\xa7\xd0f(*\xd4\x00\x00\x00\x00\x00

6667 / tcp

-616720387 | 2025-03-27T02:16:42.864772

SSH-2.0-SSHD_0.7.6

6775 / tcp

-805362002 | 2025-03-23T01:28:02.587805

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

6779 / tcp

1713990968 | 2025-03-26T04:25:46.963926

HTTP/1.1 400 Bad Request
Content-Type: text/html
Connection: close
Server: Sky-CDN

7001 / tcp

1634746382 | 2025-03-12T16:20:22.099866

HTTP/1.1 200 OK
X-Current-Requests: 1
Vary: Origin
Content-Type: application/json; charset=utf-8
X-ReadTime: 51
Connection: keep-alive
Keep-Alive: timeout=5

7015 / tcp

-358801646 | 2025-03-14T05:49:21.924527

SSH-2.0-OpenSSH_6.6.1

7025 / tcp

1948301213 | 2025-03-10T19:37:32.036336

RFB 003.003
VNC:
  Protocol Version: 3.3

7218 / tcp

-1229955678 | 2025-03-05T22:52:52.633584

[¥	¾

7302 / tcp

819727972 | 2025-03-16T01:55:29.152373

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

7434 / tcp

1741579575 | 2025-03-09T12:09:38.717653

7443 / tcp

-1006110807 | 2025-03-07T18:23:55.334391

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
via: CHN-GDdongguan-GLOBAL1-CACHE20[3]
X-CCDN-ERRCODE-SRC: 01
X-CCDN-FORBID-CODE: 040001

7473 / tcp

45131230 | 2025-03-08T21:47:21.572520

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

7500 / tcp

-1248408558 | 2025-03-11T22:34:22.514235

220 MikroTik FTP server (MikroTik 6.44.3) ready

7634 / tcp

398077695 | 2025-03-13T00:19:43.771072

7989 / tcp

0 | 2025-03-29T02:50:50.279473

Hashes

hash

1865391109

http.dom_hash

http.html_hash

HTTP/1.1 408 Request Timeout
content-length: 0

7999 / tcp

-1259524839 | 2025-03-14T17:15:58.148827

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

8000 / tcp

-1036370807 | 2025-03-16T03:00:31.935619

JDWP-Handshake

8009 / tcp

104385780 | 2025-03-28T18:07:11.543747

ceph v2

8021 / tcp

-1816125480 | 2025-03-28T07:05:19.912467

Content-Type: text/rude-rejection\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

8026 / tcp

-2096652808 | 2025-03-14T17:26:46.090301

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8028 / tcp

-1327660293 | 2025-03-21T18:57:08.581141

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

8043 / tcp

1519486042 | 2025-03-24T06:45:33.063303

<KU_goodbye>Protocol Error: XML data is not well-formed.</KU_goodbye>

8053 / tcp

103159425 | 2025-03-16T02:50:36.801970

SSH-1.99-RGOS_SSH

8062 / tcp

1911457608 | 2025-03-24T09:21:55.809644

\x00[\x00\x00\x00\x00\x00\x00

8075 / tcp

-1428621233 | 2025-03-03T17:35:23.777907

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

8081 / tcp

-1013082686 | 2025-03-05T02:07:58.057203

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

8083 / tcp

819727972 | 2025-03-22T19:02:02.839029

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8085 / tcp

-441419608 | 2025-03-11T16:21:41.529566

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

8089 / tcp

1690634669 | 2025-03-16T07:01:33.200316

8126 / tcp

819727972 | 2025-03-10T23:54:13.717052

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8144 / tcp

-1839934832 | 2025-03-12T19:55:57.962128

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8148 / tcp

1911457608 | 2025-03-27T17:31:18.705616

\x00[\x00\x00\x00\x00\x00\x00

8157 / tcp

1911457608 | 2025-03-26T01:09:35.749189

\x00[\x00\x00\x00\x00\x00\x00

8172 / tcp

-1996280214 | 2025-03-14T16:11:44.609880

\x06\x04\x05@

8251 / tcp

819727972 | 2025-03-15T08:16:57.400675

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8291 / tcp

-1399940268 | 2025-03-19T20:27:22.956168

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8300 / tcp

-734440417 | 2025-03-29T21:38:50.542298

HTTP/1.1 400 Bad Request
Content-Type: text/html
Connection: close
Server: nginx/1.17.3

8333 / tcp

-1300025046 | 2025-03-10T02:42:56.720237

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705941025.555-waf01bjtp3

8343 / tcp

1911457608 | 2025-03-19T02:03:40.349446

\x00[\x00\x00\x00\x00\x00\x00

8382 / tcp

632542934 | 2025-03-19T19:49:05.236033

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8384 / tcp

745343730 | 2025-03-27T22:00:54.334074

220 smtp.qq.com Esmtp QQ Mail Server

8408 / tcp

1911457608 | 2025-03-05T05:54:43.065516

\x00[\x00\x00\x00\x00\x00\x00

8500 / tcp

-684625978 | 2025-03-24T06:41:31.270040

{Datacenter:dc1 NodeName:consul-dev NodeID:e61aec6b-e338-67fa-3b08-f8185bd5b528 Revision:db839f18b Server:true Version:1.10.1}

8502 / tcp

819727972 | 2025-03-29T09:56:02.404949

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8505 / tcp

1911457608 | 2025-03-11T21:18:14.578257

\x00[\x00\x00\x00\x00\x00\x00

8521 / tcp

1989907056 | 2025-03-16T18:29:46.391464

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

8536 / tcp

-2089734047 | 2025-03-22T10:25:49.596832

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8554 / tcp

641705735 | 2025-03-10T22:53:39.031917



0
dø...

8584 / tcp

1623746877 | 2025-03-10T18:48:25.393598

500 Permission denied - closing connection.\r\n

8601 / tcp

2103111368 | 2025-03-23T22:51:30.651311

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8640 / tcp

819727972 | 2025-03-25T10:48:16.775358

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8649 / tcp

842535728 | 2025-03-06T05:48:04.044679

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

8728 / tcp

-1399940268 | 2025-03-16T07:55:03.664059

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8790 / tcp

-441419608 | 2025-03-23T20:48:01.722181

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

8801 / tcp

-1399940268 | 2025-03-23T16:55:22.028022

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8804 / tcp

819727972 | 2025-03-10T16:28:10.143227

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8820 / tcp

-358801646 | 2025-03-13T20:37:31.531636

SSH-2.0-OpenSSH_6.6.1

8833 / tcp

921225407 | 2025-03-14T09:16:18.797728

\x00\x00\x00\x04\x00\x00\x00\x00\x00

8834 / tcp

819727972 | 2025-03-27T17:39:02.171878

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8841 / tcp

1213931722 | 2025-03-06T21:29:56.794720

ICAP/1.0 501 Other\r\nServer: Traffic Spicer 7788179225\r\n

8855 / tcp

410249975 | 2025-03-28T23:32:10.557632

LNS READY<>

8859 / tcp

-1032713145 | 2025-03-10T16:10:52.837887

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

8866 / tcp

1655023012 | 2025-03-19T12:50:52.575834

athinfod: invalid query.\n

8872 / tcp

165188539 | 2025-03-25T04:28:25.411573

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8880 / tcp

539065883 | 2025-03-06T21:01:54.476590

8887 / tcp

-1487943323 | 2025-03-04T10:49:22.350403

431 Unable to negotiate secure command connection.\r\n

8899 / tcp

372433470 | 2025-03-29T10:18:55.035489

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

8989 / tcp

-1611764932 | 2025-03-07T01:44:47.962188

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

9000 / tcp

1966849516 | 2025-03-14T16:43:57.154594

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65adecfe_CS-000-01NFs233_3728-19750

9022 / tcp

1577475130 | 2025-03-14T03:52:03.042366

HTTP/1.1 200 OK
Content-Type:text/html; charset=UTF-8
Ext:
Server: RomPager/4.07 UPnP/1.0

9051 / tcp

-1428621233 | 2025-03-29T17:16:09.132055

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

9057 / tcp

819727972 | 2025-03-22T03:44:45.477480

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9062 / tcp

1761482307 | 2025-03-13T23:40:04.095086

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

9070 / tcp

677934968 | 2025-03-25T22:49:20.587099

lm^)Q

9071 / tcp

-1056270173 | 2025-03-13T03:15:21.414119

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close

9076 / tcp

-2096652808 | 2025-03-17T15:36:01.481078

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

9082 / tcp

-1399940268 | 2025-03-16T03:47:39.123768

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9095 / tcp

1161309183 | 2025-03-28T00:04:16.302694

ProxyServer is ready

9100 / tcp

1911457608 | 2025-03-08T12:17:48.626638

\x00[\x00\x00\x00\x00\x00\x00

9144 / tcp

-1399940268 | 2025-03-29T18:27:15.333906

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9155 / tcp

-445721795 | 2025-03-21T08:50:43.267592

\x00[\xc3\xaed\x1a\x7f\x00\x00

9164 / tcp

-345718689 | 2025-03-08T18:01:22.678882

Vty password is not set.

9183 / tcp

-445721795 | 2025-03-19T08:49:52.292357

\x00[\xc3\xaed\x1a\x7f\x00\x00

9189 / tcp

819727972 | 2025-03-23T19:00:58.020168

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9200 / tcp

-1163346640 | 2025-03-24T10:54:50.367350

Hashes

hash

-997913363

http.dom_hash

-2006505642

http.html_hash

-1163346640

HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
content-length: 215

9204 / tcp

-2140303521 | 2025-03-05T20:28:25.588050

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

9208 / tcp

1574088840 | 2025-03-18T17:03:31.938252

">Application and Content Networking Software 3.9</a>)\n</BODY><

9220 / tcp

-1399940268 | 2025-03-18T17:44:53.593258

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9292 / tcp

-2140303521 | 2025-03-12T08:00:15.431139

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

9306 / tcp

398077695 | 2025-03-08T21:33:20.396448

9333 / tcp

-980525298 | 2025-03-04T20:10:18.474381

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9398 / tcp

-1999117212 | 2025-03-25T12:51:32.812709

9418 / tcp

1529351907 | 2025-03-21T16:22:22.161869

HTTP/1.1 407 OK
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

please add white ip *.*.*.*

9444 / tcp

455076604 | 2025-03-29T02:41:55.026066

!\x07version\x04bind7 t{RPowerDNS Recursor 410

9513 / tcp

1519486042 | 2025-03-16T18:17:09.451455

<KU_goodbye>Protocol Error: XML data is not well-formed.</KU_goodbye>

9530 / tcp

-1399940268 | 2025-03-31T12:12:23.053594

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9758 / tcp

-303199180 | 2025-03-25T17:54:08.423788

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

9761 / tcp

-1019343788 | 2025-03-08T14:44:04.632846

W!\x00\x00\x00\x00

9876 / tcp

2070013657 | 2025-03-21T18:01:54.717217

\\x00\\x00\\x01+\\x00\\x00\\x00_{"code":0,"flag":1,"language":"JAVA","opaque":0,"serializeTypeCurrentRPC":"JSON","version":433}{"brokerAddrTable":{"broker-a":{"brokerAddrs":{0:"127.63.135.245:10911"},"brokerName":"broker-a","cluster":"DefaultCluster","enableActingMaster":false}},"clusterAddrTable":{"DefaultCluster":["broker-a"]}}

9888 / tcp

669849225 | 2025-03-28T10:41:43.597733

SSH-98.60-SysaxSSH_81885..42\r\n

9923 / tcp

-1428621233 | 2025-03-03T19:47:55.854811

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

9991 / tcp

-1399940268 | 2025-03-21T07:36:05.162421

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9992 / tcp

-1399940268 | 2025-03-28T23:38:35.453495

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9999 / tcp

1161309183 | 2025-03-24T01:14:17.857268

ProxyServer is ready

10000 / tcp

1830697416 | 2025-03-17T08:32:54.634679

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

10009 / tcp

1191574520 | 2025-03-22T09:43:18.405256

\\x00[\'\\x19\\xc0\\xa8Y\\xfd

10018 / tcp

205347087 | 2025-03-19T23:26:36.068389

SSH-25453-Cisco-3524665.35\n

10028 / tcp

1911457608 | 2025-03-24T01:33:27.867147

\x00[\x00\x00\x00\x00\x00\x00

10040 / tcp

1975288991 | 2025-03-13T21:45:41.219170

OPTI

10041 / tcp

-784071826 | 2025-03-03T18:30:19.878623

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 5 1

10049 / tcp

-1329831334 | 2025-03-12T16:24:35.212917

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

10051 / tcp

-971970408 | 2025-03-25T18:25:45.679680

10101 / tcp

-1032713145 | 2025-03-22T03:48:56.787732

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

10201 / tcp

597764502 | 2025-03-22T01:32:25.672380

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

10225 / tcp

-2089734047 | 2025-03-25T19:53:42.550724

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

10397 / tcp

-1626979812 | 2025-03-07T00:29:08.047240

220 Service ready for new user.

10911 / tcp

-1626979812 | 2025-03-20T16:01:33.596741

220 Service ready for new user.

11000 / tcp

-358801646 | 2025-03-18T02:51:56.969604

SSH-2.0-OpenSSH_6.6.1

11112 / tcp

-1399940268 | 2025-03-29T12:22:56.118774

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

11210 / tcp

-1538260461 | 2025-03-17T19:14:32.467663

\x01\x00\x00\x00

11211 / tcp

-136006866 | 2025-03-10T09:06:09.844743

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

11300 / tcp

1911457608 | 2025-03-16T23:56:19.966857

\x00[\x00\x00\x00\x00\x00\x00

11601 / tcp

401555314 | 2025-03-09T21:18:05.855330

NB[GFXjA^R

11688 / tcp

398077695 | 2025-03-14T20:11:11.364860

12000 / tcp

-1368104760 | 2025-03-11T00:25:30.802263

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1d31_PS-TNA-01mQW36_7416-41955

12019 / tcp

-1013082686 | 2025-03-28T21:36:23.986006

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

12108 / tcp

1989907056 | 2025-03-24T23:57:35.294579

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

12109 / tcp

2063598737 | 2025-03-13T10:28:10.699675

/0 0 L\r\n/0 0 HUH\r\n

12115 / tcp

-992671574 | 2025-03-23T05:53:25.727469

@RSYNCD: 26

12158 / tcp

819727972 | 2025-03-20T03:05:20.218300

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12159 / tcp

-2089734047 | 2025-03-10T19:29:52.029755

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12179 / tcp

-2017887953 | 2025-03-29T06:21:20.583349

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

12207 / tcp

-805362002 | 2025-03-23T18:19:26.746288

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

12208 / tcp

819727972 | 2025-03-19T22:43:14.152059

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12225 / tcp

671605376 | 2025-03-23T12:37:20.807609

SSH-2.0-OpenSSH_X.X

12239 / tcp

-1996280214 | 2025-03-17T09:44:37.969277

\x06\x04\x05@

12242 / tcp

1665283070 | 2025-03-11T13:11:49.724830

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x01\x00\x00\x10\x00\x00\n0\x03\x00\x00\x00\x01\x00\x05\x00\x00@\x00\x00\x06\x00\x00\x1f@

12250 / tcp

-784071826 | 2025-03-07T01:50:52.076352

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 5 1

12254 / tcp

671605376 | 2025-03-29T07:01:29.325140

SSH-2.0-OpenSSH_X.X

12255 / tcp

-1626979812 | 2025-03-16T21:33:12.434411

220 Service ready for new user.

12256 / tcp

819727972 | 2025-03-18T17:23:46.367861

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12286 / tcp

820958131 | 2025-03-14T10:19:51.762197

kjnkjabhbanc283ubcsbhdc72\x02

12307 / tcp

401555314 | 2025-03-27T10:22:17.473240

NB[GFXjA^R

12332 / tcp

-2080784861 | 2025-03-18T18:51:51.958809

GBPK\xc3\xbb\xc3\xb7n\xc2\x93W\xc2\xaf\xc2\x86\xc2\x93x@\xc2\xa9\x0e\xc3\x8a*\xc2\x9bS\x00

12342 / tcp

165188539 | 2025-03-20T20:03:48.311624

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12347 / tcp

-1399940268 | 2025-03-27T04:03:59.297684

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12352 / tcp

-1399940268 | 2025-03-12T22:38:43.500613

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12364 / tcp

1911457608 | 2025-03-19T16:22:22.881081

\x00[\x00\x00\x00\x00\x00\x00

12381 / tcp

1911457608 | 2025-03-10T14:13:01.456831

\x00[\x00\x00\x00\x00\x00\x00

12385 / tcp

410249975 | 2025-03-10T08:12:08.348213

LNS READY<>

12407 / tcp

-1733106930 | 2025-03-10T07:40:41.638022

Mysql Version: 5.6.50-log\nN\n5.6.50-log\x14(\nG5se"tGE\xc3\xbf\xc3\xb7-\x02\x7f\xc2\x80\x15cB^3$Zwh$wM[mysql_native_password

12419 / tcp

-1888448627 | 2025-03-05T15:13:51.937448

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12421 / tcp

-358801646 | 2025-03-28T16:16:58.024574

SSH-2.0-OpenSSH_6.6.1

12437 / tcp

-2107996212 | 2025-03-25T07:55:32.995508

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

12444 / tcp

165188539 | 2025-03-20T04:35:42.991452

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12447 / tcp

-358801646 | 2025-03-22T19:02:57.259870

SSH-2.0-OpenSSH_6.6.1

12469 / tcp

-1399940268 | 2025-03-20T14:50:26.468876

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12489 / tcp

1504401647 | 2025-03-25T11:19:40.222060

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

12515 / tcp

-1899074860 | 2025-03-25T11:04:25.764692

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

12547 / tcp

51259122 | 2025-03-17T03:46:30.773328

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

12576 / tcp

-358801646 | 2025-03-27T22:49:10.782907

SSH-2.0-OpenSSH_6.6.1

12578 / tcp

-407828767 | 2025-03-12T22:20:34.880865

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

12583 / tcp

-1399940268 | 2025-03-27T20:03:22.113532

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

13128 / tcp

-2096652808 | 2025-03-20T01:33:57.158592

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

14130 / tcp

671605376 | 2025-03-13T21:13:08.595197

SSH-2.0-OpenSSH_X.X

14344 / tcp

-2096652808 | 2025-03-14T18:59:00.869426

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

14401 / tcp

-2089734047 | 2025-03-31T06:15:39.620210

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

14406 / tcp

1126993057 | 2025-03-16T22:57:45.381434

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

14443 / tcp

-2017887953 | 2025-03-11T08:15:37.778726

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 9 1

14523 / tcp

1911457608 | 2025-03-16T14:15:35.638567

\x00[\x00\x00\x00\x00\x00\x00

14873 / tcp

114471724 | 2025-03-10T21:25:05.447980

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN
Server: NSX

14894 / tcp

-1399940268 | 2025-03-27T07:27:53.718279

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14895 / tcp

-1779118422 | 2025-03-24T00:29:10.393099

\x00[\xc2\xae\xc2\x8d{\x7f\x00\x00

15018 / tcp

1996932384 | 2025-03-24T07:35:02.481930

"raop" nonce

16015 / tcp

-1399940268 | 2025-03-20T23:47:08.958556

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16029 / tcp

-1399940268 | 2025-03-19T10:07:37.187936

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16037 / tcp

-653033013 | 2025-03-21T02:10:19.001008

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

16040 / tcp

819727972 | 2025-03-28T21:36:29.274536

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

16041 / tcp

-1810987450 | 2025-03-14T23:43:24.003226

\xc3\xbf

16044 / tcp

-142686627 | 2025-03-12T17:18:26.551465

\x00[\xc2\xba\x7fs\x7f\x00\x00

16062 / tcp

-1399940268 | 2025-03-22T01:09:12.893294

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16063 / tcp

-2089734047 | 2025-03-27T23:53:36.762771

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

16066 / tcp

671605376 | 2025-03-19T00:26:19.414478

SSH-2.0-OpenSSH_X.X

16076 / tcp

-1399940268 | 2025-03-04T09:48:27.638558

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16101 / tcp

114471724 | 2025-03-23T12:46:12.756570

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN
Server: NSX

16667 / tcp

-1399940268 | 2025-03-23T16:25:45.581177

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16993 / tcp

-345718689 | 2025-03-22T15:43:33.512101

Vty password is not set.

17000 / tcp

-1810987450 | 2025-03-25T23:43:51.739692

\xc3\xbf

17082 / tcp

1620329124 | 2025-03-17T17:59:14.365037

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\x01\xc3\xbf\xc3\xbb\x03\xc3\xbf\xc3\xbd\x01\xc3\xbf\xc3\xbe\x01Username:

17770 / tcp

-441419608 | 2025-03-05T21:19:39.291850

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

18012 / tcp

819727972 | 2025-03-06T08:47:24.541525

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

18015 / tcp

1642597142 | 2025-03-19T18:37:13.981852

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

18026 / tcp

921225407 | 2025-03-07T17:00:59.972516

\x00\x00\x00\x04\x00\x00\x00\x00\x00

18061 / tcp

1278527606 | 2025-03-15T06:24:14.791415

SSH-2.0-Teleport

18079 / tcp

165188539 | 2025-03-20T06:46:31.518631

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

18080 / tcp

-321444299 | 2025-03-17T15:34:50.560577

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

18081 / tcp

-527005584 | 2025-03-31T04:22:37.540247

/0 0 L
/0 0 HUH

18245 / tcp

2087396567 | 2025-03-21T18:12:56.624912

kjnkjabhbanc283ubcsbhdc72

18553 / tcp

1919228981 | 2025-03-26T20:29:42.537994

\x00\x1e\x00\x06\xc2\x81\xc2\x85\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

19000 / tcp

1615193817 | 2025-03-07T08:06:36.702998

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

19930 / tcp

2087396567 | 2025-03-14T09:29:53.796822

kjnkjabhbanc283ubcsbhdc72

20000 / tcp

1900503736 | 2025-03-27T00:07:43.427852

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

20107 / tcp

-1888448627 | 2025-03-20T22:20:32.935945

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

20256 / tcp

-1399940268 | 2025-03-14T20:26:30.678443

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20440 / tcp

819727972 | 2025-03-12T04:13:47.759028

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

20547 / tcp

-616720387 | 2025-03-07T14:09:11.783262

SSH-2.0-SSHD_0.7.6

20880 / tcp

1370263973 | 2025-03-11T16:07:44.793354

dubbo>

21027 / tcp

842535728 | 2025-03-26T22:17:47.562582

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

21235 / tcp

-2089734047 | 2025-03-23T06:29:13.326085

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

21256 / tcp

1911457608 | 2025-03-19T09:46:16.051724

\x00[\x00\x00\x00\x00\x00\x00

21306 / tcp

1911457608 | 2025-03-11T21:51:31.349495

\x00[\x00\x00\x00\x00\x00\x00

21325 / tcp

-2031152423 | 2025-03-06T03:33:35.165417

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

21935 / tcp

1911457608 | 2025-03-05T16:05:25.374840

\x00[\x00\x00\x00\x00\x00\x00

22000 / tcp

745343730 | 2025-03-27T10:43:01.988251

220 smtp.qq.com Esmtp QQ Mail Server

22001 / tcp

1189133115 | 2025-03-27T20:11:29.721413

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

22070 / tcp

-971970408 | 2025-03-27T15:12:39.297434

23023 / tcp

-1730858130 | 2025-03-17T16:20:45.764282

RFB 003.008
VNC:
  Protocol Version: 3.8

23424 / tcp

1741579575 | 2025-03-24T21:21:26.429399

25105 / tcp

660175493 | 2025-03-22T20:06:36.389742

25565 / tcp

-2089734047 | 2025-03-05T00:30:22.456688

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

27015 / tcp

-232716176 | 2025-03-29T02:11:20.038354

Command: None
Size: 759714643
ID: 758132274
Type: 1852141647

27016 / tcp

-2096652808 | 2025-03-25T13:24:32.564390

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

27017 / tcp

1763259671 | 2025-03-18T01:29:56.364858

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

28015 / tcp

1911457608 | 2025-03-29T12:22:27.911017

\x00[\x00\x00\x00\x00\x00\x00

30002 / tcp

-1694458451 | 2025-03-09T08:29:02.862784

@
05@ þ...

30003 / tcp

856458693 | 2025-03-13T07:01:22.979346

[®{

30023 / tcp

-1453516345 | 2025-03-14T21:02:59.412454

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

30303 / tcp

-971970408 | 2025-03-19T21:05:46.874311

30322 / tcp

1956828827 | 2025-03-24T12:46:22.061255

220 VMware Authentication Daemon Version 1.10: SSL Required, Se
rverDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t

30522 / tcp

-971970408 | 2025-03-12T13:52:00.243516

30622 / tcp

-1681927087 | 2025-03-12T10:01:36.939821

kjnkjabhbanc283ubcsbhdc72

30822 / tcp

2087396567 | 2025-03-12T18:43:34.879557

kjnkjabhbanc283ubcsbhdc72

30922 / tcp

2087396567 | 2025-03-12T08:18:50.898014

kjnkjabhbanc283ubcsbhdc72

31022 / tcp

117101543 | 2025-03-13T07:05:58.624402

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

31210 / tcp

1761482307 | 2025-03-14T18:26:53.857666

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

31443 / tcp

-792826324 | 2025-03-28T15:53:58.831842

220 FTP server ready - login please

32122 / tcp

740837454 | 2025-03-20T02:16:16.437716

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

32202 / tcp

321971019 | 2025-03-15T04:47:07.120822

-ERR client ip is not in whitelist\r

32722 / tcp

171352214 | 2025-03-23T04:25:51.171833

-ERR client ip is not in whitelist

32764 / tcp

819727972 | 2025-03-24T13:59:07.227286

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

33122 / tcp

1632932802 | 2025-03-22T21:19:12.268303

33422 / tcp

539065883 | 2025-03-09T08:14:11.038455

33622 / tcp

539065883 | 2025-03-08T18:39:12.714242

33722 / tcp

1778988322 | 2025-03-08T16:56:42.490672

* OK GroupWise IMAP4rev1 Server Ready

34722 / tcp

104385780 | 2025-03-03T22:59:41.966933

ceph v2

35000 / tcp

-1399940268 | 2025-03-29T11:16:50.005285

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

35101 / tcp

-1996280214 | 2025-03-27T02:19:46.811990

\x06\x04\x05@

35522 / tcp

2087396567 | 2025-03-17T00:15:41.868074

kjnkjabhbanc283ubcsbhdc72

35822 / tcp

996960436 | 2025-03-17T16:50:25.000562

572 Relay not authorized

35922 / tcp

1741579575 | 2025-03-16T20:22:44.615854

36222 / tcp

-1375131644 | 2025-03-17T18:33:42.741393

\x00[v\xc3\xbdC\x7f\x00\x00

36422 / tcp

1282941221 | 2025-03-15T07:34:29.801954

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

37022 / tcp

841014058 | 2025-03-16T18:31:03.481617

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

37222 / tcp

104385780 | 2025-03-14T18:35:52.027802

ceph v2

37322 / tcp

-2096652808 | 2025-03-16T10:35:36.737865

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

37522 / tcp

-971970408 | 2025-03-16T08:28:29.211723

37722 / tcp

1830697416 | 2025-03-15T23:32:21.587389

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

37777 / tcp

-345718689 | 2025-03-20T19:25:58.523419

Vty password is not set.

38022 / tcp

1842524259 | 2025-03-17T21:58:02.692821

38522 / tcp

-805362002 | 2025-03-13T23:00:22.444620

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

39122 / tcp

-1681927087 | 2025-03-13T17:44:10.608171

kjnkjabhbanc283ubcsbhdc72

39222 / tcp

-971970408 | 2025-03-13T16:01:03.506992

39522 / tcp

2087396567 | 2025-03-11T08:21:39.341596

kjnkjabhbanc283ubcsbhdc72

40322 / tcp

-786044033 | 2025-03-08T20:21:23.593228

OK Welcome <299685> on DirectUpdate server 7286

40522 / tcp

819727972 | 2025-03-04T06:13:24.844074

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

41222 / tcp

2087396567 | 2025-03-04T23:52:54.973899

kjnkjabhbanc283ubcsbhdc72

41443 / tcp

1690634669 | 2025-03-14T02:25:57.104188

41522 / tcp

-971970408 | 2025-03-04T20:21:39.312774

42222 / tcp

539065883 | 2025-03-04T22:08:08.003695

42422 / tcp

-454087041 | 2025-03-04T18:43:01.104640

\x1e\xc3\x80\x010\x02\x00\xc2\xa8\xc3\xa3\x00\x00\x00\x00

44158 / tcp

-433302150 | 2025-03-24T08:20:21.815134

/multistream/1.0.0

44304 / tcp

-980525298 | 2025-03-26T18:19:38.188344

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

44320 / tcp

165188539 | 2025-03-27T17:00:30.583146

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

44818 / tcp

321971019 | 2025-03-18T22:51:36.142942

-ERR client ip is not in whitelist\r

45001 / tcp

-441419608 | 2025-03-19T23:09:43.609981

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

45006 / tcp

-1399940268 | 2025-03-21T18:54:44.688182

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

45668 / tcp

1911457608 | 2025-03-26T03:12:45.515847

\x00[\x00\x00\x00\x00\x00\x00

45822 / tcp

1282941221 | 2025-03-10T12:34:17.689687

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

45922 / tcp

-1428621233 | 2025-03-10T13:21:37.362988

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

47000 / tcp

-2089734047 | 2025-03-19T01:00:46.141325

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

47534 / tcp

-2033111675 | 2025-03-14T18:35:52.164968

~djb

47808 / tcp

-1713437100 | 2025-03-31T10:23:14.971349

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

47822 / tcp

-971970408 | 2025-03-10T08:15:45.263644

47990 / tcp

2087396567 | 2025-03-18T16:56:20.277087

kjnkjabhbanc283ubcsbhdc72

48899 / tcp

1231376952 | 2025-03-31T08:14:38.564754

49152 / tcp

148329221 | 2025-03-20T05:45:35.368390

HTTP/1.1 500 Internal Server Error
CONTENT-LENGTH: 411
CONTENT-TYPE: text/xml; charset="utf-8"
DATE: Mon, 03 Jan 2000 05:26:54 GMT
EXT:
SERVER: Linux/2.4.30, UPnP/1.0, Portable SDK for UPnP devices/1.3.1
X-User-Agent: redsonic
<s:Envelope
xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"
s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<s:Body>
<s:Fault>
<faultcode>s:Client</faultcode>
<faultstring>UPnPError</faultstring>
<detail>
<UPnPError xmlns="urn:schemas-upnp-org:control-1-0">
<er

49692 / tcp

-1399940268 | 2025-03-06T17:51:17.504408

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

50000 / tcp

819727972 | 2025-03-14T21:42:47.391364

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

50002 / tcp

165188539 | 2025-03-17T15:48:48.368716

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

50100 / tcp

-1694458451 | 2025-03-16T04:43:24.308790

@
05@ þ...

50102 / tcp

-375604792 | 2025-03-13T03:41:46.116033

220 Microsoft FTP Service

50202 / tcp

1308377066 | 2025-03-18T17:10:50.999248

ncacn_http/1.0

50997 / tcp

-1399940268 | 2025-03-10T21:14:47.716244

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

51443 / tcp

-358801646 | 2025-03-11T23:52:16.719421

SSH-2.0-OpenSSH_6.6.1

53413 / tcp

-1559123399 | 2025-03-29T06:41:46.788008

500 Permission denied - closing connection.

54138 / tcp

103159425 | 2025-03-09T18:03:36.307660

SSH-1.99-RGOS_SSH

55000 / tcp

321971019 | 2025-03-07T04:38:56.662374

-ERR client ip is not in whitelist\r

55422 / tcp

-1461540015 | 2025-03-06T16:54:36.227122

audio 0 RTP/AVP 18 4 3 8 0 101
a

55442 / tcp

2087396567 | 2025-03-29T21:28:43.917554

kjnkjabhbanc283ubcsbhdc72

55443 / tcp

2067064333 | 2025-03-14T13:37:43.628055

athinfod: invalid query.

55522 / tcp

1842524259 | 2025-03-06T22:03:23.307778

55553 / tcp

-445721795 | 2025-03-18T18:25:55.128056

\x00[\xc3\xaed\x1a\x7f\x00\x00

55554 / tcp

472902042 | 2025-03-16T00:17:13.056330

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

55722 / tcp

171352214 | 2025-03-06T18:37:35.489580

-ERR client ip is not in whitelist

57522 / tcp

2087396567 | 2025-03-06T12:12:28.858061

kjnkjabhbanc283ubcsbhdc72

57786 / tcp

-2033111675 | 2025-03-25T02:41:32.563852

~djb

58822 / tcp

2087396567 | 2025-03-05T15:34:12.412148

kjnkjabhbanc283ubcsbhdc72

58922 / tcp

-1045760528 | 2025-03-05T14:02:21.304155

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

59012 / tcp

-2089734047 | 2025-03-11T11:10:04.438007

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

60000 / tcp

-992671574 | 2025-03-04T07:41:18.373698

@RSYNCD: 26

60129 / tcp

-971970408 | 2025-03-27T21:13:25.855763

61234 / tcp

1370263973 | 2025-03-26T05:33:46.930335

dubbo>

61613 / tcp

1492413928 | 2025-03-26T13:48:10.420813

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

62078 / tcp

-860824904 | 2025-03-21T14:14:48.042752

\x00\x01)

63210 / tcp

1542849631 | 2025-03-28T19:37:03.088781

* OK [CAPABILITY a2,M\] nBwXk2pPP IMAP4rev1 20qx at

63256 / tcp

-1681927087 | 2025-03-29T14:09:26.139800

kjnkjabhbanc283ubcsbhdc72

63260 / tcp

1911457608 | 2025-03-22T23:57:39.779804

\x00[\x00\x00\x00\x00\x00\x00

64295 / tcp

117101543 | 2025-03-23T04:10:12.346910

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

64738 / tcp

-1760806421 | 2025-03-15T03:36:26.883538

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected

120.27.176.229

Last Seen: 2025-03-31

Tags:

GeneralInformation

OpenPorts

11 / tcp 117101543 | 2025-03-26T05:28:38.835942

15 / tcp -1304843095 | 2025-03-22T01:25:43.015286

20 / tcp -2089734047 | 2025-03-26T08:14:36.761448

22 / tcp -1346477807 | 2025-03-14T23:04:25.866596

23 / tcp 164764193 | 2025-03-25T01:20:00.114800

25 / tcp 1665283070 | 2025-03-17T00:31:59.490492

26 / tcp 575925250 | 2025-03-10T02:06:22.778198

37 / tcp 900697840 | 2025-03-17T09:14:42.018653

43 / tcp -1248408558 | 2025-03-08T20:43:38.615279

49 / tcp -1056270173 | 2025-03-21T21:04:02.440381

53 / tcp 1308081026 | 2025-03-09T22:06:22.355492

70 / tcp -1763883228 | 2025-03-31T12:10:30.328189

79 / tcp 627290832 | 2025-03-14T07:58:08.547866

80 / tcp 501077178 | 2025-03-28T15:10:37.009269

Hashes

93 / tcp -2096652808 | 2025-03-23T01:10:54.642630

94 / tcp 165188539 | 2025-03-15T21:29:03.357078

104 / tcp -1399940268 | 2025-03-10T02:07:28.753633

110 / tcp -1810987450 | 2025-03-25T11:30:11.281816

111 / tcp 2087396567 | 2025-03-29T06:52:53.254142

113 / tcp -669112739 | 2025-03-24T17:04:21.375685

175 / tcp -805362002 | 2025-03-19T06:58:32.521326

179 / tcp -399606100 | 2025-03-28T14:55:58.318759

195 / tcp 1830697416 | 2025-03-19T10:09:16.757252

311 / tcp 676753056 | 2025-03-29T20:23:24.087211

389 / tcp -1743283776 | 2025-03-08T17:33:31.853387

443 / tcp 0 | 2025-03-29T02:33:54.398985

Hashes

444 / tcp 1282941221 | 2025-03-28T15:25:27.580147

488 / tcp 671605376 | 2025-03-21T12:47:42.493815

513 / tcp -904840257 | 2025-03-05T15:51:06.993546

666 / tcp -1420968138 | 2025-03-24T22:34:08.910881

771 / tcp 165188539 | 2025-03-21T21:32:11.485801

873 / tcp -992671574 | 2025-03-28T08:54:10.421992

999 / tcp -1093031919 | 2025-03-20T14:55:25.059669

1000 / tcp -1888448627 | 2025-03-09T22:06:40.029925

1023 / tcp -1681927087 | 2025-03-11T00:40:42.642366

1080 / tcp 1362344524 | 2025-03-05T04:32:45.420716

1153 / tcp 1948301213 | 2025-03-25T11:42:57.336257

1198 / tcp 67948279 | 2025-03-03T21:02:02.467037

1234 / tcp 1492413928 | 2025-03-15T16:06:59.431724

1433 / tcp -325802316 | 2025-03-18T14:50:15.416710

1515 / tcp 104385780 | 2025-03-27T08:42:27.841645

1521 / tcp 2002686051 | 2025-03-22T12:09:39.020650

1588 / tcp 1911457608 | 2025-03-11T19:14:17.465329

1599 / tcp 1887224352 | 2025-03-07T08:03:29.520173

1604 / tcp -1230049476 | 2025-03-15T19:33:58.476421

1723 / tcp 2064046231 | 2025-03-11T07:38:18.360823

1800 / tcp -1399940268 | 2025-03-06T12:56:04.938320

1911 / tcp 554385174 | 2025-03-05T08:46:44.281400

1926 / tcp -1598265216 | 2025-03-19T22:53:25.985238

1962 / tcp 1282941221 | 2025-03-25T12:44:50.081411

1985 / tcp -832380282 | 2025-03-28T05:26:56.714140

2000 / tcp -891714208 | 2025-03-15T21:10:29.076892

2002 / tcp 1189133115 | 2025-03-28T23:14:32.123544

2065 / tcp -42767839 | 2025-03-05T20:09:15.918266

2067 / tcp 1308377066 | 2025-03-31T09:41:45.927583

2081 / tcp 410249975 | 2025-03-17T00:29:33.422612

2087 / tcp -1373613804 | 2025-03-23T05:37:45.607264

2095 / tcp 1911457608 | 2025-03-23T10:15:36.571261

2121 / tcp 141730637 | 2025-03-24T11:15:51.935721

2154 / tcp -971970408 | 2025-03-19T20:16:54.995604

2181 / tcp 546151771 | 2025-03-26T19:43:51.789594

2211 / tcp -1399940268 | 2025-03-12T19:12:38.839365

2222 / tcp 372433470 | 2025-03-13T03:23:38.425361

2332 / tcp 1632932802 | 2025-03-21T23:29:49.314258

2345 / tcp 1308377066 | 2025-03-06T02:20:18.445465

2404 / tcp -2089734047 | 2025-03-16T22:37:20.850205

2506 / tcp -441419608 | 2025-03-16T10:57:56.883445

2550 / tcp -1399940268 | 2025-03-04T05:30:45.817745

2599 / tcp -2096652808 | 2025-03-06T02:47:09.208227

2626 / tcp 599074451 | 2025-03-16T03:06:25.019845

2628 / tcp 2087396567 | 2025-03-16T05:04:46.308858

2701 / tcp -1678345660 | 2025-03-29T19:17:55.694687

2761 / tcp 819727972 | 2025-03-21T02:09:00.925173

11 / tcp

117101543 | 2025-03-26T05:28:38.835942

15 / tcp

-1304843095 | 2025-03-22T01:25:43.015286

20 / tcp

-2089734047 | 2025-03-26T08:14:36.761448

22 / tcp

-1346477807 | 2025-03-14T23:04:25.866596

23 / tcp

164764193 | 2025-03-25T01:20:00.114800

25 / tcp

1665283070 | 2025-03-17T00:31:59.490492

26 / tcp

575925250 | 2025-03-10T02:06:22.778198

37 / tcp

900697840 | 2025-03-17T09:14:42.018653

43 / tcp

-1248408558 | 2025-03-08T20:43:38.615279

49 / tcp

-1056270173 | 2025-03-21T21:04:02.440381

53 / tcp

1308081026 | 2025-03-09T22:06:22.355492

70 / tcp

-1763883228 | 2025-03-31T12:10:30.328189

79 / tcp

627290832 | 2025-03-14T07:58:08.547866

80 / tcp

501077178 | 2025-03-28T15:10:37.009269

93 / tcp

-2096652808 | 2025-03-23T01:10:54.642630

94 / tcp

165188539 | 2025-03-15T21:29:03.357078

104 / tcp

-1399940268 | 2025-03-10T02:07:28.753633

110 / tcp

-1810987450 | 2025-03-25T11:30:11.281816

111 / tcp

2087396567 | 2025-03-29T06:52:53.254142

113 / tcp

-669112739 | 2025-03-24T17:04:21.375685

175 / tcp

-805362002 | 2025-03-19T06:58:32.521326

179 / tcp

-399606100 | 2025-03-28T14:55:58.318759

195 / tcp

1830697416 | 2025-03-19T10:09:16.757252

311 / tcp

676753056 | 2025-03-29T20:23:24.087211

389 / tcp

-1743283776 | 2025-03-08T17:33:31.853387

443 / tcp

0 | 2025-03-29T02:33:54.398985

444 / tcp

1282941221 | 2025-03-28T15:25:27.580147

488 / tcp

671605376 | 2025-03-21T12:47:42.493815

513 / tcp

-904840257 | 2025-03-05T15:51:06.993546

666 / tcp

-1420968138 | 2025-03-24T22:34:08.910881

771 / tcp

165188539 | 2025-03-21T21:32:11.485801

873 / tcp

-992671574 | 2025-03-28T08:54:10.421992

999 / tcp

-1093031919 | 2025-03-20T14:55:25.059669

1000 / tcp

-1888448627 | 2025-03-09T22:06:40.029925

1023 / tcp

-1681927087 | 2025-03-11T00:40:42.642366

1080 / tcp

1362344524 | 2025-03-05T04:32:45.420716

1153 / tcp

1948301213 | 2025-03-25T11:42:57.336257

1198 / tcp

67948279 | 2025-03-03T21:02:02.467037

1234 / tcp

1492413928 | 2025-03-15T16:06:59.431724

1433 / tcp

-325802316 | 2025-03-18T14:50:15.416710

1515 / tcp

104385780 | 2025-03-27T08:42:27.841645

1521 / tcp

2002686051 | 2025-03-22T12:09:39.020650

1588 / tcp

1911457608 | 2025-03-11T19:14:17.465329

1599 / tcp

1887224352 | 2025-03-07T08:03:29.520173

1604 / tcp

-1230049476 | 2025-03-15T19:33:58.476421

1723 / tcp

2064046231 | 2025-03-11T07:38:18.360823

1800 / tcp

-1399940268 | 2025-03-06T12:56:04.938320

1911 / tcp

554385174 | 2025-03-05T08:46:44.281400

1926 / tcp

-1598265216 | 2025-03-19T22:53:25.985238

1962 / tcp

1282941221 | 2025-03-25T12:44:50.081411

1985 / tcp

-832380282 | 2025-03-28T05:26:56.714140

2000 / tcp

-891714208 | 2025-03-15T21:10:29.076892

2002 / tcp

1189133115 | 2025-03-28T23:14:32.123544

2065 / tcp

-42767839 | 2025-03-05T20:09:15.918266

2067 / tcp

1308377066 | 2025-03-31T09:41:45.927583

2081 / tcp

410249975 | 2025-03-17T00:29:33.422612

2087 / tcp

-1373613804 | 2025-03-23T05:37:45.607264

2095 / tcp

1911457608 | 2025-03-23T10:15:36.571261

2121 / tcp

141730637 | 2025-03-24T11:15:51.935721

2154 / tcp

-971970408 | 2025-03-19T20:16:54.995604

2181 / tcp

546151771 | 2025-03-26T19:43:51.789594

2211 / tcp

-1399940268 | 2025-03-12T19:12:38.839365

2222 / tcp

372433470 | 2025-03-13T03:23:38.425361

2332 / tcp

1632932802 | 2025-03-21T23:29:49.314258

2345 / tcp

1308377066 | 2025-03-06T02:20:18.445465

2404 / tcp

-2089734047 | 2025-03-16T22:37:20.850205

2506 / tcp

-441419608 | 2025-03-16T10:57:56.883445

2550 / tcp

-1399940268 | 2025-03-04T05:30:45.817745

2599 / tcp

-2096652808 | 2025-03-06T02:47:09.208227

2626 / tcp

599074451 | 2025-03-16T03:06:25.019845

2628 / tcp

2087396567 | 2025-03-16T05:04:46.308858

2701 / tcp

-1678345660 | 2025-03-29T19:17:55.694687

2761 / tcp

819727972 | 2025-03-21T02:09:00.925173

3001 / tcp

-1399940268 | 2025-03-21T23:32:52.791147

3050 / tcp

819727972 | 2025-03-13T01:41:00.578224

3066 / tcp

1911457608 | 2025-03-26T16:18:01.409671

3098 / tcp

-1839934832 | 2025-03-29T17:22:36.056631

3103 / tcp

-2089734047 | 2025-03-18T22:20:22.499446

3108 / tcp

1574088840 | 2025-03-09T05:27:29.000011

3138 / tcp

-1888448627 | 2025-03-11T20:43:11.910768