GeneralInformation

Country	China
City	Shenzhen
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2024(8)

CVE-2024-11236

9.8In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.

CVE-2024-11234

4.8In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user.

CVE-2024-11233

4.8In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas.

CVE-2024-6387

8.1A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

CVE-2024-5585

7.7In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, the fix for CVE-2024-1874 does not work if the command name includes trailing spaces. Original issue: when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell.

CVE-2024-5458

5.3In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. This may lead to the downstream code accepting invalid URLs as valid and parsing them incorrectly.

CVE-2024-4577

9.8In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.

CVE-2024-2408

5.9The openssl_private_decrypt function in PHP, when using PKCS1 padding (OPENSSL_PKCS1_PADDING, which is the default), is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/13817 (rsa_pkcs1_implicit_rejection). These changes are part of OpenSSL 3.2 and have also been backported to stable versions of various Linux distributions, as well as to the PHP builds provided for Windows since the previous release. All distributors and builders should ensure that this version is used to prevent PHP from being vulnerable. PHP Windows builds for the versions 8.1.29, 8.2.20 and 8.3.8 and above include OpenSSL patches that fix the vulnerability.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(2)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

2019(4)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(3)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

2017(1)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(4)

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2013(1)

CVE-2013-2220

7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(2)

CVE-2007-3205

5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 17 21 23 25 49 53 66 70 79 102 106 110 113 119 122 135 143 175 177 179 195 221 264 311 389 400 427 444 446 452 462 465 502 503 513 515 541 554 593 636 666 685 771 789 830 833 873 880 885 993 994 995 998 1002 1025 1080 1099 1110 1153 1177 1193 1200 1234 1235 1292 1337 1343 1414 1433 1451 1457 1515 1521 1588 1604 1800 1801 1883 1911 1926 1947 1962 1964 1967 1975 1982 2000 2001 2002 2003 2008 2020 2059 2061 2067 2072 2080 2083 2085 2087 2101 2108 2109 2121 2126 2130 2134 2154 2181 2210 2222 2248 2259 2323 2332 2345 2363 2376 2382 2404 2443 2455 2553 2554 2557 2567 2570 2572 2628 2761 2762 3001 3003 3009 3011 3015 3016 3017 3018 3049 3050 3054 3061 3064 3066 3072 3073 3074 3088 3093 3101 3102 3109 3110 3122 3124 3131 3135 3137 3140 3147 3148 3149 3157 3158 3162 3195 3211 3268 3269 3270 3299 3301 3310 3389 3406 3443 3498 3503 3530 3540 3541 3554 3567 3570 3790 3793 3910 3953 4000 4002 4043 4063 4064 4100 4118 4120 4150 4157 4242 4250 4282 4321 4344 4369 4400 4430 4433 4434 4451 4488 4499 4500 4502 4506 4520 4528 4602 4643 4747 4821 4840 4899 5001 5006 5007 5009 5010 5011 5025 5051 5080 5089 5105 5120 5130 5150 5172 5222 5224 5238 5248 5249 5253 5259 5260 5264 5269 5273 5276 5400 5432 5435 5444 5495 5503 5542 5543 5552 5556 5569 5590 5613 5672 5678 5696 5902 5905 5906 5910 5915 5916 5984 5986 5990 6001 6010 6102 6348 6379 6464 6500 6503 6512 6543 6544 6561 6565 6588 6633 6666 6667 6668 6697 6998 7001 7013 7016 7070 7071 7079 7087 7171 7218 7415 7443 7493 7548 7603 7634 7771 7774 7777 7822 7878 8000 8001 8003 8009 8019 8021 8023 8026 8032 8033 8034 8038 8039 8063 8066 8067 8079 8081 8083 8085 8087 8093 8099 8102 8105 8110 8119 8126 8137 8138 8139 8140 8149 8152 8155 8159 8162 8169 8171 8180 8181 8182 8185 8190 8192 8197 8200 8250 8251 8291 8300 8333 8381 8383 8402 8404 8411 8418 8419 8450 8460 8485 8500 8506 8510 8514 8525 8532 8545 8554 8562 8563 8579 8585 8586 8596 8597 8598 8600 8602 8606 8607 8637 8649 8704 8728 8732 8779 8784 8787 8801 8803 8810 8813 8814 8818 8822 8826 8829 8830 8834 8837 8839 8842 8843 8844 8858 8862 8871 8875 8881 8885 8889 8899 8943 8989 8990 8991 9001 9002 9011 9013 9014 9019 9021 9022 9034 9042 9045 9047 9049 9051 9088 9089 9091 9092 9095 9098 9099 9100 9102 9105 9109 9111 9112 9116 9118 9119 9120 9121 9130 9138 9141 9145 9150 9156 9168 9175 9176 9181 9183 9194 9203 9204 9207 9211 9217 9218 9222 9223 9226 9236 9245 9251 9289 9306 9309 9315 9333 9393 9398 9418 9480 9501 9505 9510 9529 9530 9532 9600 9633 9682 9704 9711 9743 9758 9761 9803 9811 9861 9898 9929 9939 9944 9998 9999 10000 10001 10004 10006 10012 10014 10016 10028 10037 10050 10051 10065 10068 10081 10106 10134 10200 10283 10324 10348 10393 10443 10444 10554 10909 10935 10936 11000 11110 11180 11182 11210 11211 11288 11481 12056 12082 12106 12113 12114 12116 12125 12138 12147 12149 12153 12166 12171 12179 12181 12182 12186 12192 12210 12220 12225 12226 12228 12232 12233 12244 12247 12252 12254 12259 12260 12268 12277 12278 12284 12286 12287 12305 12316 12318 12321 12322 12333 12340 12344 12356 12359 12361 12362 12363 12368 12377 12379 12380 12381 12384 12394 12395 12398 12407 12411 12417 12448 12455 12461 12463 12469 12485 12490 12491 12509 12510 12511 12513 12519 12533 12536 12542 12545 12552 12555 12559 12583 12588 13047 13128 13333 14006 14024 14101 14265 14344 14407 14873 14880 14897 14901 14905 15000 15042 15443 15588 16000 16009 16010 16011 16014 16018 16021 16043 16044 16049 16050 16054 16055 16061 16068 16072 16077 16097 16101 16403 16464 16993 17020 17100 17182 17770 17772 17775 18005 18008 18011 18020 18051 18057 18059 18064 18070 18074 18075 18080 18081 18082 18083 18085 18093 18100 18108 18109 18110 18113 18239 18245 18443 18802 18888 19000 19233 19998 20000 20010 20030 20202 20256 20325 20440 20880 21025 21081 21244 21245 21247 21252 21262 21269 21279 21282 21288 21290 21300 21315 21321 21327 21329 21515 22022 22084 22345 22556 23023 23184 24245 24472 25001 25003 25007 25008 25082 25565 26656 26657 27015 27017 27105 29798 29842 30002 30021 30022 30023 30025 30110 30122 30301 30422 30443 30444 30452 30468 30501 30622 30722 30822 30892 30922 31017 31022 31122 31222 31380 31443 31522 31722 31822 31922 32022 32122 32222 32303 32322 32400 32422 32764 32800 33022 33060 33122 33222 33322 33422 33622 33722 33822 33922 34022 34122 34222 34422 34522 34622 34722 34822 34922 35000 35022 35100 35101 35122 35222 35322 35422 35522 35524 35554 35560 35722 35822 36022 36122 36222 36322 36422 36522 36622 36722 36822 37022 37080 37122 37215 37222 37322 37522 37622 37722 37822 37922 38022 38122 38222 38322 38333 38522 38622 38722 38822 38922 39222 39322 39422 39522 39722 39922 40022 40099 40322 40471 40522 40722 41122 41443 41800 42208 42922 43200 43322 43522 43622 43822 44158 44222 44301 44304 44322 44334 44422 44520 44622 44722 44818 44822 44922 45122 45222 45322 45522 45555 45622 45786 45822 46001 46022 46122 46222 46422 46622 46922 47122 47222 47322 47522 47622 47822 47989 47990 48001 48222 48322 48422 48522 48722 48822 49122 49152 49200 49222 49322 49422 49502 49684 50000 50002 50005 50009 50014 50042 50050 50070 50100 50222 50522 50622 50722 50996 50999 51106 51201 51235 51294 51322 51434 51443 51822 52022 52536 52931 53200 53400 53413 53482 53485 53490 54138 54922 54984 55000 55055 55200 55422 55442 55443 55522 55553 55554 55722 55822 57422 57622 57722 57783 57784 57786 57787 57788 57822 57922 58122 58322 58392 58422 58522 58585 58722 58922 59022 59122 59222 60001 60023 60099 60129 61616 62078 63210 63256 63260 64477 65000 65004

11 / tcp

1690634669 | 2025-03-04T04:20:55.599675

13 / tcp

1024374118 | 2025-03-14T09:37:51.435781

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

17 / tcp

5698739 | 2025-03-19T21:37:40.802106

"We have no more right to consume happiness without producing it than to
 consume wealth without producing it." George Bernard Shaw (1856-1950)
\x00

21 / tcp

-1384102091 | 2025-02-25T02:58:06.650533

220 Firewall Authentication required before proceeding with service\r\n

23 / tcp

-23362551 | 2025-02-21T20:11:49.532179

\xff\xfb\x01\xff\xfb\x03\xff\xfd\x18

25 / tcp

632542934 | 2025-03-18T21:23:05.762032

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

49 / tcp

588096080 | 2025-03-06T22:45:47.549809

\\x00\\x00\\x01\\x00

53 / tcp

-1370420049 | 2025-03-20T21:03:44.351059

9
\x81\x80\x00\x01\x00\x02\x00\x00\x00\x00\x08clients1\x06google\x03com\x00\x00\x01\x00\x01\xc0\x00\x05\x00\x01\x00\x00\x00\x02\x00\x07clients\x01l\xc0\x15\xc01\x00\x01\x00\x01\x00\x00\x00\x02\x00\x04\xac٣.
\x00\x06\x85\x00\x00\x01\x00\x00\x00\x01\x00

66 / tcp

921225407 | 2025-03-06T06:17:22.734348

\x00\x00\x00\x04\x00\x00\x00\x00\x00

70 / tcp

-833941849 | 2025-03-21T15:43:08.299644

\x1e\x06\xc2\x81\x01\x07version\x04bind\x10\x03

79 / tcp

268196945 | 2025-03-05T18:07:43.611507

AB\x01

102 / tcp

401555314 | 2025-03-20T16:16:17.685161

NB[GFXjA^R

106 / tcp

1989907056 | 2025-03-14T19:10:30.130567

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

110 / tcp

1911457608 | 2025-02-24T01:20:42.689481

\x00[\x00\x00\x00\x00\x00\x00

113 / tcp

-414819019 | 2025-03-19T11:58:06.948510

HTTP/1.1 200 OK
Content-type: text/html
Connection: close

119 / tcp

141730637 | 2025-03-21T07:24:51.524237

HTTP/1.0 200 OK
Server: Proxy

122 / tcp

693973426 | 2025-03-14T11:58:56.099644

220 VMware Authentication Daemon Version 1.10: SSL Required, Se\nrverDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t

135 / tcp

1302177452 | 2025-03-04T06:59:12.145840

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: Lou\n IP2: 192.168.5.66\n IP3: 240e:381:1b0a:900:40eb:cce6:2dc1:4045\n IP4: 240e:381:1b0a:900:504f:3a1f:a682:9ab5\n IP5: 240e:381:1b0a:900::2e6\n\nNTLMSSP:\nTarget_Name: LOU\nProduct_Version: 10.0.22621 Ntlm 15\nOS: Windows 11, Version 22H2\nNetBIOS_Domain_Name: LOU\nNetBIOS_Computer_Name: LOU\nDNS_Domain_Name: Lou\nDNS_Computer_Name: Lou\nMsvAvFlags: 01000000\nSystem_Time: 2024-01-22 04:06:53 +0000 UTC\n\nDCE

143 / tcp

1771091364 | 2025-03-15T01:06:56.503027

* OK WIN-C1N84A1UUO4.elite-sz.cn Winmail Mail Server IMAP4 ready\r\n

175 / tcp

-1399940268 | 2025-03-20T01:36:01.308374

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

177 / tcp

-784071826 | 2025-03-21T18:41:44.468248

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

179 / tcp

-399606100 | 2025-03-05T04:30:04.807115

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

195 / tcp

1842524259 | 2025-03-20T13:53:43.147411

221 / tcp

165188539 | 2025-03-13T16:43:45.206166

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

264 / tcp

-1932800090 | 2025-03-06T21:14:04.516736

HTTP

311 / tcp

-1547976805 | 2025-03-04T01:18:23.552488

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: close

389 / tcp

-1713467553 | 2025-03-21T10:04:28.694016

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Connection: close

400 / tcp

-303199180 | 2025-03-06T06:39:29.849877

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

427 / tcp

1998636604 | 2025-03-07T16:06:30.690078

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://192.168.2.254\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:VMwareInfrastructure\n\nResponse of service:VMwareInfrastructure SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:VMwareInfrastructure://192.168.2.254\n\n\nResponse of service:VMwareInfrastructure AttrRqst:\nVersion: 2\nFunction: Attribute Reply (7)\nErrorCode: SUCCESS (0)\nAttrList: (pro

444 / tcp

-154107716 | 2025-03-12T19:45:29.497361

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

446 / tcp

-1399940268 | 2025-03-12T17:21:13.241075

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

452 / tcp

-1327660293 | 2025-03-12T11:45:12.171072

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

462 / tcp

1911457608 | 2025-02-22T21:07:05.114268

\x00[\x00\x00\x00\x00\x00\x00

465 / tcp

897328069 | 2025-03-20T09:50:57.153497

220 mail.scott000.com ESMTP

502 / tcp

-2096652808 | 2025-03-16T18:32:23.423466

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

503 / tcp

321971019 | 2025-03-05T06:59:43.931723

-ERR client ip is not in whitelist\r

513 / tcp

165188539 | 2025-02-23T03:22:00.396239

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

515 / tcp

-1900404274 | 2025-03-18T21:15:30.532584

Unknown command

541 / tcp

268285291 | 2025-03-11T15:01:54.000117

\\x16\\x03\\x01\\x01[\\x01\\x00\\x01W\\x03\\x03\\x86\\x12J\\xac\\xf6e\\xda\\x19A\\xcb\\x18qz\\x90\\xb2\\x89\\xfa\\xa2\\x83\\xf8\\xda\\xfe\xcd\x8d\\x89P\\xe96\\x93@\xcc\xbf E{@\\x8c\\xde\\xbf\\xf84x\x0c\\xb3\x0b\\x91\\x12\\xbc\\xa6\\xe5\\x17\\xe4\\xba\\xe2q\\x92\\xc7\\xdb\\x01\\x129L\\xc6ey\\x002\\x13\\x02\\x13\\x03\\x13\\x01\\x

554 / tcp

448214121 | 2025-03-13T00:13:23.959271

RTSP/1.0 200 OK
Server: TVT RTSP Server/1.0.0
CSeq: 1
Public: OPTIONS, DESCRIBE, SETUP, TEARDOWN, PLAY, GET_PARAMETER, SET_PARAMETER

593 / tcp

1308377066 | 2025-03-18T22:33:12.855250

ncacn_http/1.0

636 / tcp

-2023550675 | 2025-03-15T02:01:32.119800

\\x01\x0b=\\x01\xc3\x80\\x06\xc3\xbf\xc3\xbf?"<ZDECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\\x01\\x01

666 / tcp

1300162323 | 2025-03-05T10:30:47.914664

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff

685 / tcp

-1032713145 | 2025-02-21T19:23:50.240430

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

771 / tcp

-1013082686 | 2025-03-11T03:45:23.725290

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

789 / tcp

1911457608 | 2025-03-11T08:44:21.841843

\x00[\x00\x00\x00\x00\x00\x00

830 / tcp

103159425 | 2025-03-16T15:54:48.837680

SSH-1.99-RGOS_SSH

833 / tcp

1911457608 | 2025-02-24T20:35:19.074688

\x00[\x00\x00\x00\x00\x00\x00

873 / tcp

2128189041 | 2025-03-10T06:45:12.389414

@RSYNCD: 31.0\n\n@RSYNCD: EXIT\n

880 / tcp

-1256415508 | 2025-03-22T05:24:27.490327

HTTP/1.1 404 Not Found
Server: TornadoServer/6.1
Content-Type: text/html; charset=UTF-8

885 / tcp

-1373613804 | 2025-03-20T01:20:37.211239

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

993 / tcp

-249504111 | 2025-02-25T18:02:18.340294

\x00[xU-\x7f\x00\x00

994 / tcp

1543809371 | 2025-02-20T17:06:35.320850

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

995 / tcp

934210070 | 2025-03-10T21:07:31.816525

+OK mail.dupre.idv.tw IceWarp 11.2.1.2 x64 POP3 Mon, 22 Jan 2024 12:43:35 +0800 <20240122124334@mail.dupre.idv.tw>\r\n

998 / tcp

819727972 | 2025-02-23T15:47:39.819428

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1002 / tcp

1911457608 | 2025-03-04T01:33:11.424299

\x00[\x00\x00\x00\x00\x00\x00

1025 / tcp

-1839934832 | 2025-02-23T23:04:49.366559

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

1080 / tcp

1362344524 | 2025-03-19T04:15:36.238342

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7

1099 / tcp

-1399940268 | 2025-02-27T19:48:24.789192

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1110 / tcp

456721301 | 2025-03-18T20:03:34.864764

HTTP/1.1 200 OK
Server: Citrix-3.2.5.9 'Marshal West'
Content-Type: text/html; charset=UTF-8

1153 / tcp

819727972 | 2025-03-15T13:29:23.595785

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1177 / tcp

-358801646 | 2025-03-04T07:05:18.223856

SSH-2.0-OpenSSH_6.6.1

1193 / tcp

-1399940268 | 2025-03-11T07:03:52.835830

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1200 / tcp

2087396567 | 2025-03-17T16:03:23.043925

kjnkjabhbanc283ubcsbhdc72

1234 / tcp

1911457608 | 2025-02-24T11:32:42.985989

\x00[\x00\x00\x00\x00\x00\x00

1235 / tcp

-2107996212 | 2025-03-09T22:04:30.158475

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

1292 / tcp

-1399940268 | 2025-03-20T23:10:30.760718

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1337 / tcp

-1032713145 | 2025-03-17T23:02:47.726260

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

1343 / tcp

819727972 | 2025-03-06T23:44:45.944526

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1414 / tcp

819727972 | 2025-03-13T20:16:23.253114

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1433 / tcp

-651181868 | 2025-03-12T02:05:42.526781

MSSQL Server\nVersion: 134219767 (0x80007f7)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nProduct_Version: 5.1.2600 Ntlm 15\nOS: Windows XP/Windows XP, Service Pack 3\n

1451 / tcp

1126993057 | 2025-03-22T08:14:27.052187

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

1457 / tcp

321971019 | 2025-03-09T08:59:15.933335

-ERR client ip is not in whitelist\r

1515 / tcp

-971970408 | 2025-03-19T14:29:43.398953

1521 / tcp

-186520940 | 2025-03-12T16:17:49.197121

HTTP/1.1

1588 / tcp

1308377066 | 2025-03-03T22:38:16.709202

ncacn_http/1.0

1604 / tcp

677934968 | 2025-03-04T02:11:59.878714

lm^)Q

1800 / tcp

-904840257 | 2025-03-06T02:19:07.563867

572 Relay not authorized\r\n

1801 / tcp

1535389866 | 2025-03-10T23:11:48.599341

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2157_PS-LHW-01jjk135_25164-48622

1883 / tcp

-1996280214 | 2025-03-21T02:28:45.570106

\x06\x04\x05@

1911 / tcp

-1399940268 | 2025-03-21T19:55:19.324940

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1926 / tcp

1919228981 | 2025-03-16T12:13:15.751390

\x00\x1e\x00\x06\xc2\x81\xc2\x85\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

1947 / tcp

1345412733 | 2025-03-10T21:01:44.614220

HTTP/1.1 403 Forbidden
Server: HASP LM/19.00
Content-Type: text/html

1962 / tcp

2103111368 | 2025-03-13T18:29:12.300834

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

1964 / tcp

-1399940268 | 2025-03-06T19:17:00.669022

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1967 / tcp

1911457608 | 2025-03-10T07:10:35.070064

\x00[\x00\x00\x00\x00\x00\x00

1975 / tcp

-1399940268 | 2025-03-08T13:07:32.677169

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1982 / tcp

-1399940268 | 2025-02-25T17:12:42.350071

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2000 / tcp

-653033013 | 2025-03-21T22:40:16.725886

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

2001 / tcp

-2107996212 | 2025-02-28T23:04:12.247343

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

2002 / tcp

-1681927087 | 2025-03-15T02:49:31.399063

kjnkjabhbanc283ubcsbhdc72

2003 / tcp

165188539 | 2025-03-20T17:08:15.911189

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

2008 / tcp

398077695 | 2025-02-28T14:20:34.269482

2020 / tcp

-1622153914 | 2025-03-11T16:18:26.976082

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1fcc_PS-CAN-01KHa41_1237-13342

2059 / tcp

1363464823 | 2025-03-13T10:08:06.650006

\x00[|ox\x7f\x00\x00

2061 / tcp

-1399940268 | 2025-03-13T14:54:03.999770

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2067 / tcp

539065883 | 2025-03-19T17:35:47.744104

2072 / tcp

1911457608 | 2025-02-28T09:04:04.314259

\x00[\x00\x00\x00\x00\x00\x00

2080 / tcp

1989907056 | 2025-03-14T21:35:45.423706

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

2083 / tcp

103159425 | 2025-03-04T06:12:40.433614

SSH-1.99-RGOS_SSH

2085 / tcp

1911457608 | 2025-03-19T09:56:56.230555

\x00[\x00\x00\x00\x00\x00\x00

2087 / tcp

-527005584 | 2025-03-20T11:12:41.134317

/0 0 L
/0 0 HUH

2101 / tcp

-1399940268 | 2025-03-13T22:34:22.580352

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2108 / tcp

1989907056 | 2025-03-05T21:43:40.464494

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

2109 / tcp

1911457608 | 2025-03-09T16:50:38.561355

\x00[\x00\x00\x00\x00\x00\x00

2121 / tcp

-459998123 | 2025-03-20T21:01:54.626319

220-FileZilla Server version 0.9.46 beta\r\n

2126 / tcp

448162306 | 2025-03-20T08:05:35.397834

HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
Connection: keep-alive
Server: WorkerMan/3.0

2130 / tcp

-616720387 | 2025-03-10T09:33:48.834565

SSH-2.0-SSHD_0.7.6

2134 / tcp

1767345577 | 2025-03-04T11:51:15.024529

Hello, this is Quagga (version 0T).
Copyright 1996-200

2154 / tcp

2087396567 | 2025-03-15T22:27:34.633769

kjnkjabhbanc283ubcsbhdc72

2181 / tcp

546151771 | 2025-02-26T22:49:50.812917

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

2210 / tcp

-1598265216 | 2025-03-11T10:48:08.886147

@RSYNCD: 31.0

2222 / tcp

-1659353189 | 2025-03-18T22:48:30.928559

SSH-2.0-ssh-server\r\n\\x00\\x00\\x02\\x14\x0b\\x14\x0b\\xed\\x16\\xae\\x96\t\\xc5En\\xbd\\x1cgn\\xff\\xad\\xd7\\x00\\x00\\x00\\xbbcurve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group14-sha256,diffie-hellman-gr

2248 / tcp

-1399940268 | 2025-02-21T08:30:20.078882

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2259 / tcp

632542934 | 2025-03-12T05:58:17.976620

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

2323 / tcp

1662205251 | 2025-03-17T16:27:56.240367

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

2332 / tcp

1632932802 | 2025-03-20T22:36:50.019904

2345 / tcp

-2089734047 | 2025-02-22T09:07:52.661055

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

2363 / tcp

819727972 | 2025-03-05T21:42:28.628806

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

2376 / tcp

2087396567 | 2025-03-08T14:01:29.018004

kjnkjabhbanc283ubcsbhdc72

2382 / tcp

1911457608 | 2025-03-07T08:17:54.697295

\x00[\x00\x00\x00\x00\x00\x00

2404 / tcp

1282941221 | 2025-03-15T23:51:13.650940

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

2443 / tcp

-1399940268 | 2025-03-22T07:47:06.578088

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2455 / tcp

1161309183 | 2025-03-11T11:16:45.877524

ProxyServer is ready

2553 / tcp

-1399940268 | 2025-03-13T22:51:00.901112

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2554 / tcp

-1399940268 | 2025-02-22T17:25:03.455286

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2557 / tcp

-1283030107 | 2025-03-14T09:46:17.908694

HTTP/1.1 302 
Server: nginx
Content-Type: text/html;charset=UTF-8
Connection: keep-alive
Location: https://117.186.29.181/seeyon/index.jsp

2567 / tcp

819727972 | 2025-03-19T12:20:56.258030

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2570 / tcp

740837454 | 2025-03-16T02:23:04.521702

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

2572 / tcp

819727972 | 2025-03-14T14:53:51.335895

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2628 / tcp

-971970408 | 2025-03-13T20:53:45.087728

2761 / tcp

819727972 | 2025-03-06T04:03:42.988957

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

2762 / tcp

-297128567 | 2025-03-20T14:27:48.476090

\x04\x01\xc3\xb4\x00\x15Internal Server Error\x00\x00\x00AB\x00\x02\x05\x00

3001 / tcp

819727972 | 2025-03-17T03:46:28.415670

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3003 / tcp

-1227409554 | 2025-03-15T11:57:24.027069

HTTP/1.1 500 Internal Server Error
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

3009 / tcp

165188539 | 2025-03-13T11:07:10.391279

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

3011 / tcp

-1227409554 | 2025-02-25T18:19:18.609397

HTTP/1.1 500 Internal Server Error
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

3015 / tcp

819727972 | 2025-03-17T20:43:20.586960

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3016 / tcp

-1140468363 | 2025-03-18T17:44:41.201234

\x02\t\x01

3017 / tcp

-1768187140 | 2025-03-13T08:56:05.720525

HTTP/1.1 403 Forbidden
Server: Microsoft-IIS/10.110
Content-Type: text/plain; charset=utf-8
Connection: close

3018 / tcp

1632932802 | 2025-03-19T16:36:15.751153

3049 / tcp

-1097188123 | 2025-02-20T22:33:38.220420

[g\xc2\x95N\x7f

3050 / tcp

-1810987450 | 2025-03-10T04:17:53.481171

\xc3\xbf

3054 / tcp

-1733106930 | 2025-03-13T20:01:59.463230

Mysql Version: 5.6.50-log\nN\n5.6.50-log\x14(\nG5se"tGE\xc3\xbf\xc3\xb7-\x02\x7f\xc2\x80\x15cB^3$Zwh$wM[mysql_native_password

3061 / tcp

-1888448627 | 2025-03-12T23:51:33.856465

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

3064 / tcp

1665283070 | 2025-02-27T07:56:37.931908

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x01\x00\x00\x10\x00\x00\n0\x03\x00\x00\x00\x01\x00\x05\x00\x00@\x00\x00\x06\x00\x00\x1f@

3066 / tcp

-980525298 | 2025-03-11T23:59:23.743693

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

3072 / tcp

1911457608 | 2025-03-13T06:50:44.194935

\x00[\x00\x00\x00\x00\x00\x00

3073 / tcp

1911457608 | 2025-02-21T16:28:08.763074

\x00[\x00\x00\x00\x00\x00\x00

3074 / tcp

-1032713145 | 2025-03-11T12:42:22.358348

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

3088 / tcp

-445721795 | 2025-03-11T09:56:23.822819

\x00[\xc3\xaed\x1a\x7f\x00\x00

3093 / tcp

-1730858130 | 2025-02-26T09:54:37.215711

RFB 003.008
VNC:
  Protocol Version: 3.8

3101 / tcp

722711397 | 2025-03-16T11:29:33.986179

\x00[M\xc3\xba\xc3\x9a\x7f\x00\x00

3102 / tcp

597764502 | 2025-03-07T17:46:49.836653

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

3109 / tcp

-1013082686 | 2025-03-17T09:30:49.714731

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

3110 / tcp

819727972 | 2025-03-12T00:09:42.947629

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

3122 / tcp

-2017887953 | 2025-02-20T16:17:43.527559

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 9 1

3124 / tcp

-441419608 | 2025-03-20T11:17:03.502076

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

3131 / tcp

-653033013 | 2025-03-15T03:21:05.102714

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

3135 / tcp

-1453516345 | 2025-03-14T13:55:59.277934

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

3137 / tcp

2103111368 | 2025-03-20T08:55:28.042330

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

3140 / tcp

-1399940268 | 2025-02-23T07:10:08.023540

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3147 / tcp

-1399940268 | 2025-03-21T01:03:37.206035

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3148 / tcp

677934968 | 2025-03-04T16:54:20.594961

lm^)Q

3149 / tcp

677934968 | 2025-02-27T11:15:02.353859

lm^)Q

3157 / tcp

-1947777893 | 2025-03-17T18:39:40.498612

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

3158 / tcp

819727972 | 2025-03-20T21:56:55.419441

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3162 / tcp

-1399940268 | 2025-03-07T04:44:03.836261

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3195 / tcp

1126993057 | 2025-03-12T05:41:25.531399

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

3211 / tcp

129602154 | 2025-02-24T15:59:19.062798

HTTP/1.1 200 OK
Content-Type: text/html
Pragma: no-cache
Cache-control: no-store

3268 / tcp

-1547976805 | 2025-03-21T22:05:01.818592

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: close

3269 / tcp

-1399940268 | 2025-03-06T16:52:38.334230

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3270 / tcp

1396488228 | 2025-02-24T19:36:46.837199

HTTP/1.1 200 OK
Content-Length: 2037
Cache-Control: private, max-age=300
Content-Type: text/html

3299 / tcp

-1839934832 | 2025-03-12T00:25:11.536456

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

3301 / tcp

-1013082686 | 2025-02-26T17:42:32.703414

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

3310 / tcp

580340387 | 2025-02-21T00:23:24.156430

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

3389 / tcp

623170236 | 2025-03-14T22:02:03.019075

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x02\\x1f\\x08\\x00\\x08\\x00\\x00\\x00\n\nFlag: PROTOCOL_HYBRID_EX\nTarget_Name: PC82139\nProduct_Version: 10.0.19041 Ntlm 15\nOS: Windows 10, Version 2004/Windows Server, Version 2004\nNetBIOS_Domain_Name: PC82139\nNetBIOS_Computer_Name: PC82139\nDNS_Domain_Name: PC82139\nDNS_Computer_Name: PC82139\nSystem_Time: 2024-01-19 08:39:46 +0000 UTC\n\n

3406 / tcp

-1888448627 | 2025-03-15T18:30:53.233949

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

3443 / tcp

-1399940268 | 2025-03-13T19:12:35.991099

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3498 / tcp

-1699556818 | 2025-03-04T09:03:20.826536

\x01remshd: Kerberos Authentication not enabled.\n

3503 / tcp

677934968 | 2025-02-24T00:12:46.472811

lm^)Q

3530 / tcp

-805362002 | 2025-03-13T19:05:15.177189

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

3540 / tcp

-904840257 | 2025-03-05T21:53:03.654043

572 Relay not authorized\r\n

3541 / tcp

0 | 2025-03-08T17:26:52.994245

Hashes

hash

-119996482

http.dom_hash

http.html_hash

HTTP/1.1 408 Request Timeout
Content-Length: 0

3554 / tcp

632542934 | 2025-03-12T13:21:07.653753

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

3567 / tcp

1282941221 | 2025-03-04T20:40:17.334180

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

3570 / tcp

921225407 | 2025-03-05T21:58:28.626189

\x00\x00\x00\x04\x00\x00\x00\x00\x00

3790 / tcp

842535728 | 2025-03-05T09:44:44.470815

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

3793 / tcp

-1399940268 | 2025-02-26T23:20:01.510569

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3910 / tcp

1332894250 | 2025-03-06T20:17:54.396977

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

3953 / tcp

-1453516345 | 2025-03-18T21:11:27.267883

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

4000 / tcp

-180163620 | 2025-03-06T19:13:07.552684

NPC Telnet permit one connection.\r\n But One connection() already keep alive.\r\nGood Bye !! \r\n

4002 / tcp

-1888448627 | 2025-03-10T10:39:53.412667

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

4043 / tcp

1723769361 | 2025-03-20T23:30:19.173889

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

4063 / tcp

291723434 | 2025-03-19T08:20:30.341130

Lantronix MSS100 Version V118/523(045538937)

Type HELP at the 'Local_61349> ' prompt for assistance.



Username>

4064 / tcp

-1899074860 | 2025-03-22T08:34:10.583734

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

4100 / tcp

165188539 | 2025-03-21T13:51:27.178980

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

4118 / tcp

-2089734047 | 2025-03-07T11:01:48.403187

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

4120 / tcp

-1230049476 | 2025-02-26T12:36:22.079400

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

4150 / tcp

-1435414831 | 2025-02-28T12:17:30.931271

roku: ready\r\n

4157 / tcp

-971970408 | 2025-03-20T22:48:14.892327

4242 / tcp

-1341662640 | 2025-03-20T16:21:13.128093

HTTP/1.1 301 Moved Permanently
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

4250 / tcp

1282941221 | 2025-03-17T21:58:57.959442

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

4282 / tcp

-1839934832 | 2025-03-16T02:09:42.584344

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

4321 / tcp

-1250504565 | 2025-03-21T16:52:17.072246

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

4344 / tcp

103159425 | 2025-03-05T16:05:56.277032

SSH-1.99-RGOS_SSH

4369 / tcp

-1730858130 | 2025-03-17T11:35:05.538038

RFB 003.008
VNC:
  Protocol Version: 3.8

4400 / tcp

1911457608 | 2025-02-24T13:27:32.790358

\x00[\x00\x00\x00\x00\x00\x00

4430 / tcp

1332894250 | 2025-02-22T01:41:05.192962

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

4433 / tcp

-971970408 | 2025-03-04T23:32:58.918383

4434 / tcp

1690634669 | 2025-03-19T04:46:42.409557

4451 / tcp

-1399940268 | 2025-03-12T12:21:15.713466

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4488 / tcp

-1399940268 | 2025-03-07T13:53:34.120465

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4499 / tcp

-792826324 | 2025-02-26T11:21:11.224956

220 FTP server ready - login please

4500 / tcp

-2096652808 | 2025-03-20T17:24:49.734745

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

4502 / tcp

-1730858130 | 2025-03-03T23:06:37.764094

RFB 003.008
VNC:
  Protocol Version: 3.8

4506 / tcp

1689518693 | 2025-02-22T10:48:54.261936

[¼/

4520 / tcp

669849225 | 2025-02-20T23:59:37.074823

SSH-98.60-SysaxSSH_81885..42\r\n

4528 / tcp

-1013082686 | 2025-02-27T03:46:02.667255

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

4602 / tcp

1762042191 | 2025-03-04T13:42:36.876929

\x7f\x7fICA\x00

4643 / tcp

1620329124 | 2025-03-12T11:55:05.761323

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\x01\xc3\xbf\xc3\xbb\x03\xc3\xbf\xc3\xbd\x01\xc3\xbf\xc3\xbe\x01Username:

4747 / tcp

819727972 | 2025-03-19T14:09:10.411204

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

4821 / tcp

1011407350 | 2025-03-07T16:19:36.800296

* OK GroupWise IMAP4rev1 Server Ready\r\n

4840 / tcp

921225407 | 2025-03-17T04:40:45.993034

\x00\x00\x00\x04\x00\x00\x00\x00\x00

4899 / tcp

-319440554 | 2025-03-18T18:53:25.717745

5001 / tcp

1690634669 | 2025-03-15T00:30:42.491859

5006 / tcp

1842524259 | 2025-03-20T23:13:23.904561

5007 / tcp

1623746877 | 2025-03-20T12:27:38.618738

500 Permission denied - closing connection.\r\n

5009 / tcp

-2015162143 | 2025-03-21T20:30:45.731771

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1c5f_PStjdxtk16_38859-13702

5010 / tcp

-1399940268 | 2025-03-10T21:49:00.139114

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5011 / tcp

819727972 | 2025-03-13T03:52:40.963878

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

5025 / tcp

-1230049476 | 2025-03-12T18:24:27.508228

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

5051 / tcp

-407828767 | 2025-03-05T11:33:53.994874

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

5080 / tcp

25420265 | 2025-03-10T10:04:59.459126

HTTP/1.1 302 Found
Server: Apache
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: master-only
X-Download-Options: noopen
Strict-Transport-Security: max-age=31536000;include SubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Access-Control-Allow-Origin: same-origin
X-XSS-Protection: 1
Permissions-Policy: payment 'none';geolocation 'none'; 
Location: ipg/
Content-Type: text/html; charset=UTF-8

5089 / tcp

-2089734047 | 2025-03-11T08:13:21.120064

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

5105 / tcp

1655023012 | 2025-02-23T04:50:28.841540

athinfod: invalid query.\n

5120 / tcp

-485307777 | 2025-02-20T18:04:17.968513

HTTP/1.0 200 OK
Server: BigIP
Connection: Keep-Alive

5130 / tcp

-2096652808 | 2025-02-26T23:31:23.826965

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

5150 / tcp

-904840257 | 2025-02-28T13:20:51.536338

572 Relay not authorized\r\n

5172 / tcp

660175493 | 2025-03-21T09:00:11.487412

5222 / tcp

539065883 | 2025-03-17T23:21:41.381917

5224 / tcp

1911457608 | 2025-02-27T10:45:35.849522

\x00[\x00\x00\x00\x00\x00\x00

5238 / tcp

-1737707071 | 2025-03-16T10:53:56.320548

\x00b\x00\x01\x00\x00\x00\x00x\x0b\x00\x00\x00\x00z\x00437

5248 / tcp

-1428621233 | 2025-03-16T07:06:05.484759

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

5249 / tcp

-2089734047 | 2025-03-12T04:38:15.120414

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

5253 / tcp

165188539 | 2025-02-25T03:52:47.645152

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

5259 / tcp

-1888448627 | 2025-02-25T05:41:42.126513

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

5260 / tcp

1911457608 | 2025-03-06T09:43:06.713451

\x00[\x00\x00\x00\x00\x00\x00

5264 / tcp

307999478 | 2025-03-18T15:09:06.283978

unknown command \r\nunknown command \r\n

5269 / tcp

-1854630806 | 2025-03-07T15:58:48.317927

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705937491.237-w-waf01tjgt

5273 / tcp

-1888448627 | 2025-03-12T07:08:43.871025

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

5276 / tcp

819727972 | 2025-03-20T16:26:56.461281

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

5400 / tcp

-1648456501 | 2025-03-20T22:33:54.953815

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

5432 / tcp

-1737707071 | 2025-02-27T04:29:38.878687

\x00b\x00\x01\x00\x00\x00\x00x\x0b\x00\x00\x00\x00z\x00437

5435 / tcp

1504401647 | 2025-03-19T15:53:51.334359

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

5444 / tcp

-1265999252 | 2025-02-21T10:44:34.274564

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

5495 / tcp

-1648456501 | 2025-03-08T18:48:32.834536

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

5503 / tcp

-1399940268 | 2025-02-26T18:48:27.141391

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5542 / tcp

-2096652808 | 2025-03-17T01:34:46.508436

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

5543 / tcp

-345718689 | 2025-03-11T12:07:22.975763

Vty password is not set.

5552 / tcp

-2031152423 | 2025-02-24T04:58:08.061447

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

5556 / tcp

117101543 | 2025-03-20T19:45:59.407443

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

5569 / tcp

-2089734047 | 2025-03-04T05:25:56.449784

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

5590 / tcp

51259122 | 2025-03-17T11:03:48.286141

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

5613 / tcp

-1399940268 | 2025-03-13T16:48:25.120465

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5672 / tcp

575925250 | 2025-03-12T18:33:50.621049

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

5678 / tcp

687434487 | 2025-03-14T12:09:07.541767

 \\x00\\x00\\x00{\n  "RPCMethod":"preinstall",\n }

5696 / tcp

-1375131644 | 2025-03-11T05:49:27.984130

\x00[v\xc3\xbdC\x7f\x00\x00

5902 / tcp

-1730858130 | 2025-03-07T08:08:41.916453

RFB 003.008
VNC:
  Protocol Version: 3.8

5905 / tcp

-1839934832 | 2025-03-05T03:08:37.828049

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

5906 / tcp

-1249500036 | 2025-03-12T00:40:46.026647

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes

5910 / tcp

-2073565391 | 2025-02-25T21:03:59.554414

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 7-10116032-0 0NNN RT(1705363875214 11) q(0 -1 -1 -1) r(0 -1)

5915 / tcp

-1249500036 | 2025-03-14T17:23:59.623886

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes

5916 / tcp

-1399940268 | 2025-03-11T20:47:43.150234

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5984 / tcp

1999272906 | 2025-03-17T23:53:49.201742

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

5986 / tcp

-345718689 | 2025-03-17T06:53:55.613635

Vty password is not set.

5990 / tcp

-1730858130 | 2025-03-11T11:46:20.004032

RFB 003.008
VNC:
  Protocol Version: 3.8

6001 / tcp

-2017887953 | 2025-03-06T01:29:57.243968

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 9 1

6010 / tcp

-1139539254 | 2025-02-28T23:24:07.139538

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

6102 / tcp

-1399940268 | 2025-03-17T12:15:36.127166

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6348 / tcp

1830187220 | 2025-03-13T09:37:44.434828

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

6379 / tcp

321971019 | 2025-02-23T16:26:52.384847

-ERR client ip is not in whitelist\r

6464 / tcp

-992671574 | 2025-03-13T05:40:37.878236

@RSYNCD: 26

6500 / tcp

-1189269828 | 2025-03-19T20:46:57.946978

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

6503 / tcp

1911457608 | 2025-03-20T09:48:50.900756

\x00[\x00\x00\x00\x00\x00\x00

6512 / tcp

-2089734047 | 2025-03-16T02:17:08.139696

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

6543 / tcp

-193136767 | 2025-03-15T15:57:30.098674

\\xba\\xdc\xcd\xab\\x01#\\x19\\x10C\\x00U\xd0\x94\\x8bP\\x00\\x94z\\xab\\x18\\x00\\x00\\x00\\x00\\x00\\x00[062][15:11:17.280]\\xc1\\xac\\xbd\xd3\xb3\xc9\xb9\\xa6\\xa3\\xac\\xb1\\xbe\xc4\xa3\\xbf\\xe9 PID \xce\xaa 0x23=35\\x00\\xba\\xdc\xcd\xab\\x01#\\x19\\x10_\\x00U\xd0\x94\\x8bP\\x00\\x94z\\xab\\x18\\x00\\x00\\x00\\x00\\x00\\x00[063][15:11:17.2

6544 / tcp

1282941221 | 2025-03-18T02:36:54.619107

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

6561 / tcp

321971019 | 2025-03-14T05:02:46.803108

-ERR client ip is not in whitelist\r

6565 / tcp

-1575864528 | 2025-03-04T23:24:16.795986

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 13-60574284-0 0NNN RT(1705911538273 0) q(0 -1 -1 -1) r(0 -1)

6588 / tcp

1504401647 | 2025-02-24T11:51:41.020852

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

6633 / tcp

1308377066 | 2025-03-10T10:19:51.360654

ncacn_http/1.0

6666 / tcp

-696112747 | 2025-03-12T18:45:48.426944

\x00\x0e@\xbdT\xa7\xd0f(*\xd4\x00\x00\x00\x00\x00

6667 / tcp

-2089734047 | 2025-03-19T00:36:23.804640

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

6668 / tcp

1911457608 | 2025-03-12T05:34:50.093029

\x00[\x00\x00\x00\x00\x00\x00

6697 / tcp

1632932802 | 2025-03-12T14:30:30.348139

6998 / tcp

1975288991 | 2025-03-10T05:21:55.188702

OPTI

7001 / tcp

1634746382 | 2025-02-27T12:40:33.620453

HTTP/1.1 200 OK
X-Current-Requests: 1
Vary: Origin
Content-Type: application/json; charset=utf-8
X-ReadTime: 51
Connection: keep-alive
Keep-Alive: timeout=5

7013 / tcp

-454087041 | 2025-03-20T11:29:23.292206

\x1e\xc3\x80\x010\x02\x00\xc2\xa8\xc3\xa3\x00\x00\x00\x00

7016 / tcp

632542934 | 2025-03-17T13:07:56.882058

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

7070 / tcp

572436013 | 2025-03-20T23:43:09.525609

HTTP/1.1 404 Not Found
Content-Type: text/plain

7071 / tcp

-1139539254 | 2025-03-07T16:13:59.646852

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

7079 / tcp

1208318993 | 2025-03-13T18:55:56.460309

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

7087 / tcp

632542934 | 2025-03-18T22:39:14.900398

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

7171 / tcp

165188539 | 2025-03-18T14:34:46.749035

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

7218 / tcp

1189133115 | 2025-03-16T18:39:34.403292

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

7415 / tcp

-1373613804 | 2025-03-15T06:45:53.399366

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

7443 / tcp

328982367 | 2025-03-05T15:46:18.136611

HTTP/1.1 302 Found
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
X-Powered-By: PHP/8.2.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://mcchatgp.synology.me:7443/login
Content-Typ

Vulnerabilities

2 2 5

7493 / tcp

-358801646 | 2025-03-20T18:19:16.053783

SSH-2.0-OpenSSH_6.6.1

7548 / tcp

1690634669 | 2025-03-14T08:07:38.467862

7603 / tcp

819727972 | 2025-02-28T11:18:59.899648

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

7634 / tcp

863754335 | 2025-03-10T21:43:55.923232

0a

7771 / tcp

1308377066 | 2025-03-22T05:56:29.142734

ncacn_http/1.0

7774 / tcp

669849225 | 2025-03-17T01:45:00.520857

SSH-98.60-SysaxSSH_81885..42\r\n

7777 / tcp

1391945995 | 2025-03-15T07:17:18.917751

HTTP/1.1 403 Forbidden 
Content-Type: text/plain; charset=utf-8
Proxy-Authenticate: Basic realm=""

7822 / tcp

-375604792 | 2025-03-15T00:56:07.064074

220 Microsoft FTP Service

7878 / tcp

1911457608 | 2025-03-21T17:00:49.733055

\x00[\x00\x00\x00\x00\x00\x00

8000 / tcp

-1204391172 | 2025-03-16T06:23:10.832276

JDWP-Handshake

8001 / tcp

2103111368 | 2025-03-16T18:29:47.868489

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8003 / tcp

-2017887953 | 2025-02-28T16:45:27.946914

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 9 1

8009 / tcp

677934968 | 2025-03-21T19:22:33.707849

lm^)Q

8019 / tcp

669849225 | 2025-03-17T11:01:01.478436

SSH-98.60-SysaxSSH_81885..42\r\n

8021 / tcp

447971635 | 2025-03-20T18:59:38.065800

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae0fe7_bowangtong161_37156-43198

8023 / tcp

-1476017887 | 2025-02-25T11:02:47.646362

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

8026 / tcp

-1327660293 | 2025-02-23T18:29:33.572330

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

8032 / tcp

-1839934832 | 2025-03-17T00:22:45.309807

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8033 / tcp

1126993057 | 2025-02-26T12:01:09.107243

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

8034 / tcp

321971019 | 2025-03-04T16:55:04.285448

-ERR client ip is not in whitelist\r

8038 / tcp

165188539 | 2025-03-20T12:31:44.115303

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8039 / tcp

1911457608 | 2025-03-13T00:18:03.771045

\x00[\x00\x00\x00\x00\x00\x00

8063 / tcp

1126993057 | 2025-02-26T19:25:08.886060

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

8066 / tcp

1911457608 | 2025-02-26T22:12:10.876282

\x00[\x00\x00\x00\x00\x00\x00

8067 / tcp

455076604 | 2025-03-18T04:08:17.166601

!\x07version\x04bind7 t{RPowerDNS Recursor 410

8079 / tcp

-1026951088 | 2025-02-26T01:20:04.268732

erro ip

8081 / tcp

-358801646 | 2025-03-20T21:31:49.127544

SSH-2.0-OpenSSH_6.6.1

8083 / tcp

-1428621233 | 2025-02-28T23:59:19.866365

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

8085 / tcp

2087396567 | 2025-02-26T08:15:39.799593

kjnkjabhbanc283ubcsbhdc72

8087 / tcp

1911457608 | 2025-03-17T14:15:34.883641

\x00[\x00\x00\x00\x00\x00\x00

8093 / tcp

81614701 | 2025-03-20T12:38:20.671821

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

8099 / tcp

623236583 | 2025-03-10T13:58:25.561072

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae293a_dedxin34_19677-349

8102 / tcp

-1428621233 | 2025-03-05T06:31:58.455567

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

8105 / tcp

1911457608 | 2025-03-21T22:32:10.133698

\x00[\x00\x00\x00\x00\x00\x00

8110 / tcp

-1399940268 | 2025-03-17T17:30:31.766309

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8119 / tcp

-1888448627 | 2025-03-19T22:09:10.919968

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8126 / tcp

-345718689 | 2025-03-13T20:38:47.644198

Vty password is not set.

8137 / tcp

-1399940268 | 2025-03-17T01:47:57.151793

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8138 / tcp

-1888448627 | 2025-03-18T18:55:33.503741

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8139 / tcp

808560482 | 2025-03-20T22:55:57.582223

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP
 : USERID : UNIX : Cr8

8140 / tcp

472902042 | 2025-03-18T03:24:35.214415

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

8149 / tcp

-1399940268 | 2025-03-19T08:17:31.222587

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8152 / tcp

-1399940268 | 2025-03-09T14:52:42.708125

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8155 / tcp

-1114821551 | 2025-03-08T21:18:50.173032

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

8159 / tcp

-1114821551 | 2025-03-15T14:20:03.672469

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

8162 / tcp

921225407 | 2025-03-12T14:01:17.852811

\x00\x00\x00\x04\x00\x00\x00\x00\x00

8169 / tcp

-1538260461 | 2025-03-13T22:34:49.148419

\x01\x00\x00\x00

8171 / tcp

-1399940268 | 2025-03-21T21:56:59.189202

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8180 / tcp

-1902426733 | 2025-02-20T10:50:57.500577

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html
Expires: 0

8181 / tcp

-345718689 | 2025-03-12T04:15:08.773285

Vty password is not set.

8182 / tcp

1396488228 | 2025-03-15T16:23:46.037390

HTTP/1.1 200 OK
Content-Length: 2037
Cache-Control: private, max-age=300
Content-Type: text/html

8185 / tcp

401555314 | 2025-03-17T12:11:18.883465

NB[GFXjA^R

8190 / tcp

1911457608 | 2025-03-22T05:32:55.254806

\x00[\x00\x00\x00\x00\x00\x00

8192 / tcp

-2050145619 | 2025-03-06T01:48:37.738274

HTTP/1.1 404 Not Found

8197 / tcp

-1888448627 | 2025-03-21T01:58:56.363128

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8200 / tcp

1320285193 | 2025-03-14T11:49:37.366398

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

8250 / tcp

1623746877 | 2025-02-20T16:58:47.602613

500 Permission denied - closing connection.\r\n

8251 / tcp

455076604 | 2025-03-15T16:13:23.797738

!\x07version\x04bind7 t{RPowerDNS Recursor 410

8291 / tcp

-1487943323 | 2025-02-21T20:35:10.281348

431 Unable to negotiate secure command connection.\r\n

8300 / tcp

-734440417 | 2025-03-18T02:47:35.227701

HTTP/1.1 400 Bad Request
Content-Type: text/html
Connection: close
Server: nginx/1.17.3

8333 / tcp

-1300025046 | 2025-03-19T13:48:49.778434

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705941025.555-waf01bjtp3

8381 / tcp

1919228981 | 2025-03-10T16:19:32.143697

\x00\x1e\x00\x06\xc2\x81\xc2\x85\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

8383 / tcp

-42767839 | 2025-03-20T00:53:16.197379

RFB 005.000

VNC:
  Protocol Version: 5.0

8402 / tcp

-1046119860 | 2025-02-24T21:06:28.027488

\\x19\\x02\\x02\\x07Protocol version mismatch

8404 / tcp

165188539 | 2025-03-10T00:57:06.467871

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8411 / tcp

-1265999252 | 2025-03-21T12:05:38.360660

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

8418 / tcp

-1399940268 | 2025-02-28T08:45:23.878554

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8419 / tcp

-1189269828 | 2025-03-05T03:41:34.184993

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8450 / tcp

-1839934832 | 2025-02-28T21:28:44.116739

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8460 / tcp

921225407 | 2025-03-16T04:14:23.500626

\x00\x00\x00\x04\x00\x00\x00\x00\x00

8485 / tcp

1830187220 | 2025-03-20T09:21:36.986914

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

8500 / tcp

-1455149952 | 2025-03-16T10:18:48.387106

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1e27_PS-000-01sNY99_31294-28028

8506 / tcp

-1453516345 | 2025-03-05T16:42:33.051521

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

8510 / tcp

-2017887953 | 2025-02-23T22:50:29.025012

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 9 1

8514 / tcp

2103111368 | 2025-03-20T22:48:50.413100

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8525 / tcp

-2140303521 | 2025-03-18T06:09:10.311732

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

8532 / tcp

-891714208 | 2025-02-23T05:31:35.506583

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

8545 / tcp

-971970408 | 2025-03-19T05:09:29.673626

8554 / tcp

104385780 | 2025-03-13T08:53:24.849593

ceph v2

8562 / tcp

-1099385124 | 2025-02-28T21:10:00.365030

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

8563 / tcp

1911457608 | 2025-03-15T05:49:22.911951

\x00[\x00\x00\x00\x00\x00\x00

8579 / tcp

-653033013 | 2025-03-16T00:47:00.843102

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

8585 / tcp

165188539 | 2025-03-12T12:39:25.448219

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8586 / tcp

1911457608 | 2025-03-17T17:11:13.491556

\x00[\x00\x00\x00\x00\x00\x00

8596 / tcp

1134517380 | 2025-03-22T01:14:01.655606

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

8597 / tcp

1911457608 | 2025-02-24T22:25:02.727281

\x00[\x00\x00\x00\x00\x00\x00

8598 / tcp

-457235091 | 2025-03-06T05:40:46.450268

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

8600 / tcp

527766507 | 2025-02-25T04:10:43.070451

\\x0e\\x00O\\x00\\x01\\x001\\xfez$\\xaf^\\x01\t\\x05\\x04

8602 / tcp

-274082663 | 2025-03-03T19:44:48.224997

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

8606 / tcp

-445721795 | 2025-03-05T16:46:08.910396

\x00[\xc3\xaed\x1a\x7f\x00\x00

8607 / tcp

1911457608 | 2025-02-28T09:02:26.423669

\x00[\x00\x00\x00\x00\x00\x00

8637 / tcp

-1399940268 | 2025-02-28T17:00:03.692415

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8649 / tcp

842535728 | 2025-03-21T08:45:08.402824

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

8704 / tcp

-2096652808 | 2025-03-16T15:19:11.218273

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8728 / tcp

-1713437100 | 2025-03-21T18:03:10.956829

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

8732 / tcp

819727972 | 2025-03-19T09:04:26.275924

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8779 / tcp

504717326 | 2025-03-21T03:44:25.451719

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 6 1

8784 / tcp

1911457608 | 2025-03-11T13:58:26.649521

\x00[\x00\x00\x00\x00\x00\x00

8787 / tcp

-1746074029 | 2025-03-20T16:04:42.636319

101 imqbroker =unV\r\n

8801 / tcp

-1140468363 | 2025-03-16T07:58:35.630418

\x02\t\x01

8803 / tcp

-1399940268 | 2025-02-27T01:19:06.215936

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8810 / tcp

-1399940268 | 2025-03-17T12:40:52.800577

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8813 / tcp

1632932802 | 2025-02-21T16:42:26.754141

8814 / tcp

-1399940268 | 2025-03-17T16:39:17.830779

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8818 / tcp

165188539 | 2025-03-06T01:42:09.482432

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8822 / tcp

819727972 | 2025-03-19T05:26:58.307652

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8826 / tcp

-1399940268 | 2025-03-13T13:09:55.552962

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8829 / tcp

-1399940268 | 2025-03-04T07:56:53.168556

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8830 / tcp

-2031152423 | 2025-03-20T17:38:30.412383

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

8834 / tcp

-971970408 | 2025-02-23T03:52:31.363839

8837 / tcp

1665283070 | 2025-03-22T06:45:15.692461

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x01\x00\x00\x10\x00\x00\n0\x03\x00\x00\x00\x01\x00\x05\x00\x00@\x00\x00\x06\x00\x00\x1f@

8839 / tcp

-1399940268 | 2025-03-13T15:22:35.952424

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8842 / tcp

820958131 | 2025-02-24T05:43:37.282477

kjnkjabhbanc283ubcsbhdc72\x02

8843 / tcp

-1839934832 | 2025-03-03T20:37:14.414964

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8844 / tcp

-1399940268 | 2025-02-23T00:35:43.624842

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8858 / tcp

632542934 | 2025-02-26T20:09:54.623878

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8862 / tcp

-2096652808 | 2025-03-04T11:11:55.053139

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8871 / tcp

819727972 | 2025-03-06T20:52:06.528265

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8875 / tcp

-1996280214 | 2025-03-17T13:53:22.091041

\x06\x04\x05@

8881 / tcp

1632932802 | 2025-03-12T10:45:18.831620

8885 / tcp

-358801646 | 2025-03-14T12:38:41.819645

SSH-2.0-OpenSSH_6.6.1

8889 / tcp

660175493 | 2025-03-18T00:02:48.556895

8899 / tcp

372433470 | 2025-03-15T16:17:20.685106

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

8943 / tcp

320677201 | 2025-02-24T11:59:31.281598

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

8989 / tcp

-288825733 | 2025-03-13T04:30:01.223502

HTTP/1.1 200 OK
Connection: close
Content-Length: 2619
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE
Content-Type: text/html
Server: Jetty(9.4.14.v20181114)
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

8990 / tcp

-1399940268 | 2025-03-06T11:58:37.924672

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8991 / tcp

-1399940268 | 2025-03-05T16:11:59.330601

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9001 / tcp

-1026951088 | 2025-03-18T21:24:33.174100

erro ip

9002 / tcp

819727972 | 2025-03-10T01:32:01.263990

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9011 / tcp

-1888448627 | 2025-02-23T12:18:37.915489

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9013 / tcp

1911457608 | 2025-03-15T01:31:16.864783

\x00[\x00\x00\x00\x00\x00\x00

9014 / tcp

-1733645023 | 2025-03-06T00:55:21.384511

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

9019 / tcp

-585940771 | 2025-03-17T14:45:05.495098

Unknown command\r\n

9021 / tcp

-1888448627 | 2025-03-04T06:00:39.189513

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9022 / tcp

1577475130 | 2025-03-18T02:05:16.639236

HTTP/1.1 200 OK
Content-Type:text/html; charset=UTF-8
Ext:
Server: RomPager/4.07 UPnP/1.0

9034 / tcp

1623746877 | 2025-03-12T03:48:40.867650

500 Permission denied - closing connection.\r\n

9042 / tcp

2087396567 | 2025-03-16T00:55:06.718955

kjnkjabhbanc283ubcsbhdc72

9045 / tcp

114471724 | 2025-03-07T14:02:42.431815

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN
Server: NSX

9047 / tcp

1911457608 | 2025-02-20T11:53:41.901391

\x00[\x00\x00\x00\x00\x00\x00

9049 / tcp

669849225 | 2025-03-14T06:55:31.178391

SSH-98.60-SysaxSSH_81885..42\r\n

9051 / tcp

1690634669 | 2025-03-07T17:12:31.759463

9088 / tcp

-1373613804 | 2025-03-20T02:54:02.754799

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

9089 / tcp

819727972 | 2025-02-28T16:28:20.609065

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9091 / tcp

1370263973 | 2025-03-14T09:56:31.577364

dubbo>

9092 / tcp

819727972 | 2025-03-22T06:24:12.384926

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9095 / tcp

819727972 | 2025-03-17T21:46:12.749156

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9098 / tcp

-1230049476 | 2025-03-14T02:06:50.836675

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

9099 / tcp

-1914711518 | 2025-03-10T14:34:24.454224

HTTP/1.1 400 Bad Request
Connection: close
Server: Lego Server

9100 / tcp

307999478 | 2025-03-05T21:45:49.528849

unknown command \r\nunknown command \r\n

9102 / tcp

-1399940268 | 2025-02-20T21:54:58.680115

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9105 / tcp

1991883981 | 2025-02-20T20:17:48.306476

B\x00\x00\x00\xc3\xbfn\x04Too many connections

9109 / tcp

1911457608 | 2025-02-22T07:07:42.191413

\x00[\x00\x00\x00\x00\x00\x00

9111 / tcp

-1399940268 | 2025-03-21T12:28:28.939586

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9112 / tcp

366084633 | 2025-02-26T02:00:32.930947

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

9116 / tcp

-1373613804 | 2025-03-15T10:50:05.804408

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

9118 / tcp

-1297953727 | 2025-03-15T08:21:58.947916

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

9119 / tcp

819727972 | 2025-02-26T01:46:30.155068

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9120 / tcp

-1399940268 | 2025-03-09T08:35:46.316073

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9121 / tcp

-1399940268 | 2025-03-03T23:37:17.505498

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9130 / tcp

493955023 | 2025-03-04T04:41:58.230166

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

9138 / tcp

1948301213 | 2025-03-11T07:30:50.924911

RFB 003.003
VNC:
  Protocol Version: 3.3

9141 / tcp

-1399940268 | 2025-03-20T09:40:35.730076

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9145 / tcp

1911457608 | 2025-02-26T02:52:06.859265

\x00[\x00\x00\x00\x00\x00\x00

9150 / tcp

819727972 | 2025-02-25T13:19:45.654065

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9156 / tcp

740837454 | 2025-02-21T18:34:59.655204

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

9168 / tcp

819727972 | 2025-03-12T15:11:19.187139

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9175 / tcp

-1399940268 | 2025-02-22T19:39:05.036683

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9176 / tcp

366084633 | 2025-02-27T17:36:42.784027

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

9181 / tcp

-2089734047 | 2025-03-17T23:01:46.511216

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9183 / tcp

-1399940268 | 2025-03-08T21:08:20.276810

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9194 / tcp

-1477838366 | 2025-02-27T16:49:43.645219

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

9203 / tcp

-1399940268 | 2025-03-12T09:40:38.657259

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9204 / tcp

-1399940268 | 2025-03-16T03:43:51.587926

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9207 / tcp

740837454 | 2025-02-22T08:00:35.164004

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

9211 / tcp

-303199180 | 2025-02-22T10:49:17.390488

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

9217 / tcp

819727972 | 2025-03-20T20:58:50.648154

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9218 / tcp

-904840257 | 2025-02-28T16:57:54.964169

572 Relay not authorized\r\n

9222 / tcp

-1996280214 | 2025-03-16T13:06:25.410251

\x06\x04\x05@

9223 / tcp

-1730858130 | 2025-02-27T23:12:58.132188

RFB 003.008
VNC:
  Protocol Version: 3.8

9226 / tcp

-1947777893 | 2025-02-21T10:33:47.868166

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

9236 / tcp

-1140468363 | 2025-02-24T02:54:11.519033

\x02\t\x01

9245 / tcp

-441419608 | 2025-02-25T20:43:24.734248

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

9251 / tcp

-1261090339 | 2025-03-16T20:43:44.081772

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

9289 / tcp

-358801646 | 2025-02-21T16:27:41.136734

SSH-2.0-OpenSSH_6.6.1

9306 / tcp

671605376 | 2025-03-04T22:18:37.638937

SSH-2.0-OpenSSH_X.X

9309 / tcp

-616720387 | 2025-02-24T12:05:30.707337

SSH-2.0-SSHD_0.7.6

9315 / tcp

-1399940268 | 2025-03-16T04:42:11.497165

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9333 / tcp

599074451 | 2025-03-21T20:30:13.056763

msg

9393 / tcp

-1327660293 | 2025-03-11T03:05:08.360191

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

9398 / tcp

-445721795 | 2025-03-22T07:11:44.226555

\x00[\xc3\xaed\x1a\x7f\x00\x00

9418 / tcp

-1261053701 | 2025-03-17T16:14:14.544443

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset="UTF-8"
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Cache-control: no-store
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

9480 / tcp

-1746074029 | 2025-03-17T08:00:39.047844

101 imqbroker =unV\r\n

9501 / tcp

-1746074029 | 2025-03-06T08:05:15.478999

101 imqbroker =unV\r\n

9505 / tcp

-2031152423 | 2025-03-08T19:19:49.160819

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

9510 / tcp

-339084706 | 2025-02-27T16:11:40.648364

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

9529 / tcp

-1248408558 | 2025-03-09T12:52:26.586449

220 MikroTik FTP server (MikroTik 6.44.3) ready

9530 / tcp

-1399940268 | 2025-03-18T20:10:26.885943

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9532 / tcp

819727972 | 2025-03-13T09:55:10.860105

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9600 / tcp

819727972 | 2025-03-15T07:48:19.297597

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9633 / tcp

1741579575 | 2025-03-21T02:49:42.426071

9682 / tcp

-2017887953 | 2025-03-09T11:26:55.053185

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 9 1

9704 / tcp

921225407 | 2025-02-25T17:28:38.846361

\x00\x00\x00\x04\x00\x00\x00\x00\x00

9711 / tcp

-1428621233 | 2025-02-26T23:29:21.958076

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

9743 / tcp

1011407350 | 2025-03-12T18:27:57.902427

* OK GroupWise IMAP4rev1 Server Ready\r\n

9758 / tcp

-2089734047 | 2025-02-24T22:22:19.908850

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9761 / tcp

-1399940268 | 2025-02-28T09:19:09.806649

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9803 / tcp

-1329831334 | 2025-03-15T08:58:23.004442

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

9811 / tcp

-1399940268 | 2025-02-25T08:13:40.419297

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9861 / tcp

-1399940268 | 2025-02-24T10:21:59.047738

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9898 / tcp

1304012963 | 2025-03-07T08:07:35.729326

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: close

9929 / tcp

-1399940268 | 2025-03-09T10:16:32.704387

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9939 / tcp

-1399940268 | 2025-03-15T14:15:19.263655

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9944 / tcp

-971970408 | 2025-03-18T09:12:09.726426

9998 / tcp

-347274959 | 2025-03-05T13:56:18.134481

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2831_PS-000-01PIX79_36197-59880

9999 / tcp

1161309183 | 2025-03-16T06:23:39.257783

ProxyServer is ready

10000 / tcp

2087396567 | 2025-03-18T02:40:01.003006

kjnkjabhbanc283ubcsbhdc72

10001 / tcp

1492413928 | 2025-03-16T20:47:46.515183

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

10004 / tcp

165188539 | 2025-03-22T02:17:53.353489

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

10006 / tcp

1492413928 | 2025-02-23T22:43:02.407508

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

10012 / tcp

939210732 | 2025-03-12T14:23:59.187628

\\x00[\'\\x1c\\xc0\\xa8Y\\xfd

10014 / tcp

-2033111675 | 2025-03-17T08:37:46.116962

~djb

10016 / tcp

580340387 | 2025-03-10T07:54:32.842274

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

10028 / tcp

-1947777893 | 2025-03-18T23:13:45.208504

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

10037 / tcp

1134517380 | 2025-02-24T09:19:15.718689

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

10050 / tcp

660175493 | 2025-03-12T13:18:59.899645

10051 / tcp

60948681 | 2025-03-14T16:16:22.657945

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).

10065 / tcp

-2096652808 | 2025-02-24T04:26:21.811378

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

10068 / tcp

165188539 | 2025-03-17T19:11:15.626326

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

10081 / tcp

-2089734047 | 2025-03-14T13:22:15.856665

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

10106 / tcp

820958131 | 2025-03-14T17:19:07.319602

kjnkjabhbanc283ubcsbhdc72\x02

10134 / tcp

-2089734047 | 2025-03-17T04:24:50.691114

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

10200 / tcp

165188539 | 2025-02-23T16:37:51.965542

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

10283 / tcp

945910976 | 2025-02-22T19:12:01.418905

* OK TeamXchange IMAP4rev1 server (otyUg) ready.\r\n

10324 / tcp

-358801646 | 2025-03-08T21:48:14.722171

SSH-2.0-OpenSSH_6.6.1

10348 / tcp

-616720387 | 2025-03-11T12:25:07.701493

SSH-2.0-SSHD_0.7.6

10393 / tcp

1726594447 | 2025-03-15T00:03:15.392518

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

10443 / tcp

1103544327 | 2025-03-18T07:56:04.675898

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Tue, 18 Mar 2025 07:56:04 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://120.76.16.11:443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

10444 / tcp

1632932802 | 2025-03-21T20:46:26.344576

10554 / tcp

2032042134 | 2025-03-11T09:42:35.370932

[¥	¾

10909 / tcp

-1839934832 | 2025-03-19T04:52:04.882848

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

10935 / tcp

45131230 | 2025-03-06T11:58:44.168472

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

10936 / tcp

-1598265216 | 2025-03-09T08:59:28.911711

@RSYNCD: 31.0

11000 / tcp

-1626979812 | 2025-02-24T19:09:04.347422

220 Service ready for new user.

11110 / tcp

-147424911 | 2025-03-14T04:57:28.827242

HTTP/1.1 404 Not Found
Content Length: 0

11180 / tcp

-2096652808 | 2025-02-20T20:58:32.904909

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

11182 / tcp

1767345577 | 2025-03-09T10:06:58.152112

Hello, this is Quagga (version 0T).
Copyright 1996-200

11210 / tcp

-1248408558 | 2025-03-07T11:16:42.584302

220 MikroTik FTP server (MikroTik 6.44.3) ready

11211 / tcp

-136006866 | 2025-03-17T18:12:10.657790

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

11288 / tcp

-1105333987 | 2025-03-05T02:14:41.615386

\x00[KpU\x7f\x00\x00

11481 / tcp

1911457608 | 2025-03-03T18:58:53.598070

\x00[\x00\x00\x00\x00\x00\x00

12056 / tcp

819727972 | 2025-03-16T11:20:41.402767

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12082 / tcp

580340387 | 2025-02-24T23:42:02.684205

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

12106 / tcp

504717326 | 2025-03-21T11:07:14.727468

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 6 1

12113 / tcp

-1810987450 | 2025-03-18T18:45:47.764959

\xc3\xbf

12114 / tcp

597764502 | 2025-02-25T04:53:21.036494

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

12116 / tcp

321971019 | 2025-03-17T15:47:28.134392

-ERR client ip is not in whitelist\r

12125 / tcp

819727972 | 2025-03-21T08:18:08.679139

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12138 / tcp

-445721795 | 2025-03-18T17:50:28.783450

\x00[\xc3\xaed\x1a\x7f\x00\x00

12147 / tcp

-1032713145 | 2025-03-13T18:22:00.856620

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

12149 / tcp

-1810987450 | 2025-03-12T01:22:22.322328

\xc3\xbf

12153 / tcp

103159425 | 2025-03-05T15:30:02.244552

SSH-1.99-RGOS_SSH

12166 / tcp

632542934 | 2025-02-23T23:07:19.164186

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

12171 / tcp

-1261090339 | 2025-03-14T16:55:13.079791

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

12179 / tcp

401555314 | 2025-03-13T09:06:36.802963

NB[GFXjA^R

12181 / tcp

-2017887953 | 2025-03-12T08:00:56.168626

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 9 1

12182 / tcp

-1476017887 | 2025-02-28T03:54:34.254082

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

12186 / tcp

401555314 | 2025-03-17T08:37:54.136856

NB[GFXjA^R

12192 / tcp

-1795027372 | 2025-03-18T23:49:54.326199

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

12210 / tcp

1615193817 | 2025-03-19T09:36:58.610836

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

12220 / tcp

-1795027372 | 2025-03-20T01:02:48.916886

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

12225 / tcp

1911457608 | 2025-03-10T17:22:46.848866

\x00[\x00\x00\x00\x00\x00\x00

12226 / tcp

-1888448627 | 2025-03-20T11:23:29.407514

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12228 / tcp

-653033013 | 2025-03-03T21:40:16.296242

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

12232 / tcp

-1888448627 | 2025-03-13T12:07:50.932715

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12233 / tcp

455076604 | 2025-03-06T08:22:54.515149

!\x07version\x04bind7 t{RPowerDNS Recursor 410

12244 / tcp

-249504111 | 2025-02-28T12:03:49.950803

\x00[xU-\x7f\x00\x00

12247 / tcp

89142341 | 2025-03-20T08:52:33.044047

\x05\x00\x00\x00\x0b\x08\x05\x1a\x00

12252 / tcp

-1099385124 | 2025-02-20T12:03:43.787822

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

12254 / tcp

1911457608 | 2025-03-10T15:33:16.025123

\x00[\x00\x00\x00\x00\x00\x00

12259 / tcp

-1730858130 | 2025-02-24T04:38:28.550823

RFB 003.008
VNC:
  Protocol Version: 3.8

12260 / tcp

-1399940268 | 2025-02-22T00:05:33.935118

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12268 / tcp

-1435414831 | 2025-03-19T19:27:29.122940

roku: ready\r\n

12277 / tcp

1723769361 | 2025-02-24T18:02:46.484476

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

12278 / tcp

1134517380 | 2025-03-17T05:09:41.744941

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

12284 / tcp

1911457608 | 2025-02-23T02:22:22.896914

\x00[\x00\x00\x00\x00\x00\x00

12286 / tcp

-1399940268 | 2025-03-19T20:53:06.268370

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12287 / tcp

-1730858130 | 2025-03-19T05:27:43.390554

RFB 003.008
VNC:
  Protocol Version: 3.8

12305 / tcp

632542934 | 2025-03-13T15:01:50.275518

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

12316 / tcp

-1399940268 | 2025-03-21T16:05:43.932377

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12318 / tcp

-438503381 | 2025-02-20T11:01:00.235363

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

12321 / tcp

119860953 | 2025-03-21T10:05:32.158657

* OK ArGoSoft Mail Server IMAP Module v.YW at

12322 / tcp

-2089734047 | 2025-03-06T13:05:54.864544

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12333 / tcp

1911457608 | 2025-02-26T17:14:30.106750

\x00[\x00\x00\x00\x00\x00\x00

12340 / tcp

2098371729 | 2025-03-18T19:00:31.597466

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

12344 / tcp

2063598737 | 2025-03-18T17:39:02.235590

/0 0 L\r\n/0 0 HUH\r\n

12356 / tcp

819727972 | 2025-03-14T18:33:37.002373

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12359 / tcp

-1399940268 | 2025-02-22T17:26:45.440096

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12361 / tcp

-1013082686 | 2025-03-15T05:55:15.326111

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

12362 / tcp

-136006866 | 2025-03-10T15:22:38.824092

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

12363 / tcp

1543809371 | 2025-03-05T08:27:21.246861

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

12368 / tcp

1370263973 | 2025-02-22T08:35:10.660161

dubbo>

12377 / tcp

1996932384 | 2025-03-14T19:14:12.392590

"raop" nonce

12379 / tcp

-1888448627 | 2025-03-12T15:12:16.355311

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12380 / tcp

819727972 | 2025-03-13T04:44:13.917428

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12381 / tcp

-653033013 | 2025-03-06T09:26:27.422221

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

12384 / tcp

1911457608 | 2025-02-25T08:53:15.775669

\x00[\x00\x00\x00\x00\x00\x00

12394 / tcp

45131230 | 2025-03-19T21:29:29.843525

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

12395 / tcp

-1399940268 | 2025-02-23T20:00:15.024077

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12398 / tcp

1911457608 | 2025-02-26T03:17:19.805827

\x00[\x00\x00\x00\x00\x00\x00

12407 / tcp

-1399940268 | 2025-03-09T14:07:25.779740

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12411 / tcp

-2089734047 | 2025-03-14T02:00:23.343964

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12417 / tcp

-1399940268 | 2025-03-12T10:36:22.564798

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12448 / tcp

580340387 | 2025-03-12T21:31:43.519173

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

12455 / tcp

-784071826 | 2025-03-21T05:51:10.047441

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

12461 / tcp

-1730858130 | 2025-03-06T22:17:44.323029

RFB 003.008
VNC:
  Protocol Version: 3.8

12463 / tcp

-1730858130 | 2025-02-23T01:07:52.043999

RFB 003.008
VNC:
  Protocol Version: 3.8

12469 / tcp

580340387 | 2025-02-25T20:38:35.284600

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

12485 / tcp

-1265999252 | 2025-03-17T14:49:30.275887

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

12490 / tcp

937756010 | 2025-03-07T12:52:57.771000

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x01\x00\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12491 / tcp

937756010 | 2025-02-24T19:18:45.270509

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x01\x00\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12509 / tcp

-2107996212 | 2025-02-25T02:54:25.764462

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

12510 / tcp

-2107996212 | 2025-03-17T23:40:55.412811

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

12511 / tcp

740837454 | 2025-03-09T12:51:13.916514

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

12513 / tcp

-445721795 | 2025-03-19T23:00:35.771502

\x00[\xc3\xaed\x1a\x7f\x00\x00

12519 / tcp

1911457608 | 2025-02-25T09:15:48.824825

\x00[\x00\x00\x00\x00\x00\x00

12533 / tcp

-1730858130 | 2025-03-09T14:31:49.925059

RFB 003.008
VNC:
  Protocol Version: 3.8

12536 / tcp

-1105333987 | 2025-02-27T23:26:39.459783

\x00[KpU\x7f\x00\x00

12542 / tcp

1126993057 | 2025-02-25T16:10:17.946269

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

12545 / tcp

921225407 | 2025-03-11T03:53:56.213256

\x00\x00\x00\x04\x00\x00\x00\x00\x00

12552 / tcp

819727972 | 2025-02-27T19:36:53.881274

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12555 / tcp

1726594447 | 2025-03-21T20:23:50.307927

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

12559 / tcp

1911457608 | 2025-03-16T06:38:50.313586

\x00[\x00\x00\x00\x00\x00\x00

12583 / tcp

-1453516345 | 2025-02-24T06:29:59.915578

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

12588 / tcp

-1399940268 | 2025-03-17T05:18:24.060391

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

13047 / tcp

366084633 | 2025-03-12T00:42:26.781942

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

13128 / tcp

-1746074029 | 2025-03-20T17:03:12.095467

101 imqbroker =unV\r\n

13333 / tcp

-980525298 | 2025-03-06T14:37:28.741878

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

14006 / tcp

-1399940268 | 2025-02-27T23:16:27.577081

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14024 / tcp

-616720387 | 2025-03-06T10:33:47.217810

SSH-2.0-SSHD_0.7.6

14101 / tcp

321971019 | 2025-02-22T19:33:01.081518

-ERR client ip is not in whitelist\r

14265 / tcp

-2107996212 | 2025-03-17T13:09:52.914416

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

14344 / tcp

15018106 | 2025-03-12T03:18:45.612528

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

14407 / tcp

-2089734047 | 2025-03-18T20:42:03.438377

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

14873 / tcp

819727972 | 2025-02-21T18:20:53.028061

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

14880 / tcp

-1399940268 | 2025-02-28T21:29:40.265009

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14897 / tcp

-358801646 | 2025-03-14T12:53:23.921420

SSH-2.0-OpenSSH_6.6.1

14901 / tcp

-1399940268 | 2025-03-14T02:06:47.554729

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14905 / tcp

165188539 | 2025-03-11T18:39:47.302028

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

15000 / tcp

-942457744 | 2025-03-11T07:50:30.968428

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2b2f_PS-KWE-013ZZ60_26763-44971

15042 / tcp

632542934 | 2025-03-16T08:04:22.445156

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

15443 / tcp

2087396567 | 2025-03-14T05:50:18.789778

kjnkjabhbanc283ubcsbhdc72

15588 / tcp

1189133115 | 2025-03-06T02:31:52.870688

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

16000 / tcp

665929633 | 2025-03-15T09:24:31.221864

<MSG>;88888;99998;</MSG>\r

16009 / tcp

-1026951088 | 2025-03-06T06:19:23.704712

erro ip

16010 / tcp

-1136600457 | 2025-03-21T02:52:34.976863

HELO:10.3.6.0.false
AS:2048
HL:19

16011 / tcp

-1230049476 | 2025-02-22T21:24:49.153355

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

16014 / tcp

-1399940268 | 2025-03-15T21:03:40.309489

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16018 / tcp

-1881410605 | 2025-02-27T17:35:32.521087

<HTML>\r\n<HEAD>\r\n<TITLE>\r\nADAM-6000 Ethernet-Enabled DA&C Modules\r\n</TITLE>\r\n</HEAD>\r\n<BODY>

16021 / tcp

1948301213 | 2025-03-14T21:44:32.730191

RFB 003.003
VNC:
  Protocol Version: 3.3

16043 / tcp

597764502 | 2025-02-25T10:36:20.871791

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

16044 / tcp

-375604792 | 2025-03-11T13:21:44.050351

220 Microsoft FTP Service

16049 / tcp

1996932384 | 2025-03-11T16:30:22.386428

"raop" nonce

16050 / tcp

-1399940268 | 2025-03-07T14:04:30.088511

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16054 / tcp

-358801646 | 2025-03-18T22:04:34.893610

SSH-2.0-OpenSSH_6.6.1

16055 / tcp

-2089734047 | 2025-03-07T16:48:46.316106

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

16061 / tcp

-1888448627 | 2025-03-15T12:25:40.019755

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

16068 / tcp

-2089734047 | 2025-03-09T21:13:45.470047

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

16072 / tcp

-1399940268 | 2025-03-06T07:52:02.142639

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16077 / tcp

819727972 | 2025-03-20T22:02:37.279508

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

16097 / tcp

1077013874 | 2025-02-22T15:26:20.498645

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

16101 / tcp

-122096153 | 2025-03-04T00:31:42.101092

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

16403 / tcp

-585940771 | 2025-03-20T03:39:02.131740

Unknown command\r\n

16464 / tcp

819727972 | 2025-03-21T00:35:59.666509

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

16993 / tcp

-358801646 | 2025-03-17T17:43:39.208802

SSH-2.0-OpenSSH_6.6.1

17020 / tcp

1543809371 | 2025-02-23T20:40:49.137467

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

17100 / tcp

-1399940268 | 2025-03-12T15:58:34.832230

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

17182 / tcp

-2017887953 | 2025-03-03T18:23:01.407359

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 9 1

17770 / tcp

-1399940268 | 2025-02-25T04:41:32.675507

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

17772 / tcp

575925250 | 2025-03-12T19:10:20.321802

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

17775 / tcp

-1487943323 | 2025-03-18T00:09:47.202440

431 Unable to negotiate secure command connection.\r\n

18005 / tcp

-2140303521 | 2025-03-13T07:50:50.644293

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

18008 / tcp

1126993057 | 2025-03-18T04:35:01.566625

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

18011 / tcp

819727972 | 2025-02-22T20:26:38.219488

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

18020 / tcp

-747911285 | 2025-02-23T21:06:52.339877

\xc2\xaa

18051 / tcp

-801484042 | 2025-02-21T11:26:16.399239

ERR 27

18057 / tcp

-653033013 | 2025-02-28T01:26:39.192577

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

18059 / tcp

-1810987450 | 2025-03-09T21:25:58.686119

\xc3\xbf

18064 / tcp

1723769361 | 2025-03-13T08:26:06.639273

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

18070 / tcp

-1888448627 | 2025-03-04T09:40:05.438779

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

18074 / tcp

-1399940268 | 2025-02-28T04:25:28.469094

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18075 / tcp

1911457608 | 2025-03-10T13:47:14.611260

\x00[\x00\x00\x00\x00\x00\x00

18080 / tcp

799468586 | 2025-03-17T16:34:04.465568

ICA

18081 / tcp

819727972 | 2025-03-17T08:18:49.134526

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

18082 / tcp

-1399940268 | 2025-03-05T15:50:54.144505

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18083 / tcp

165188539 | 2025-02-25T21:00:17.694270

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

18085 / tcp

-2096652808 | 2025-03-07T04:12:20.245581

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

18093 / tcp

1975288991 | 2025-03-17T12:55:58.745168

OPTI

18100 / tcp

671605376 | 2025-02-23T17:04:20.987339

SSH-2.0-OpenSSH_X.X

18108 / tcp

-1399940268 | 2025-03-11T02:14:18.945874

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18109 / tcp

-303199180 | 2025-03-16T16:48:31.864278

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

18110 / tcp

-2096652808 | 2025-03-16T14:30:55.570224

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

18113 / tcp

-1327660293 | 2025-03-04T22:11:53.054234

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

18239 / tcp

1975288991 | 2025-02-28T21:05:38.565826

OPTI

18245 / tcp

-1810987450 | 2025-03-20T13:58:37.916519

\xc3\xbf

18443 / tcp

-971970408 | 2025-03-15T10:59:15.793664

18802 / tcp

-2107996212 | 2025-03-19T18:26:43.105911

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

18888 / tcp

-1399940268 | 2025-02-22T05:13:57.815448

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

19000 / tcp

-1399940268 | 2025-02-26T21:52:15.697407

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

19233 / tcp

-747911285 | 2025-02-28T01:14:33.812207

\xc2\xaa

19998 / tcp

-1399940268 | 2025-03-12T03:39:34.095895

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20000 / tcp

1900503736 | 2025-03-12T00:19:40.812941

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

20010 / tcp

-1399940268 | 2025-03-04T21:19:08.240411

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20030 / tcp

819727972 | 2025-03-19T12:26:11.453045

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

20202 / tcp

-1373613804 | 2025-03-11T18:08:48.382958

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

20256 / tcp

819727972 | 2025-03-13T03:50:29.558919

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

20325 / tcp

819727972 | 2025-03-16T07:09:45.398889

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

20440 / tcp

-2089734047 | 2025-03-04T11:26:09.102838

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

20880 / tcp

1370263973 | 2025-03-20T22:02:24.334100

dubbo>

21025 / tcp

2087396567 | 2025-03-14T10:40:38.551816

kjnkjabhbanc283ubcsbhdc72

21081 / tcp

1948301213 | 2025-03-01T02:00:25.345295

RFB 003.003
VNC:
  Protocol Version: 3.3

21244 / tcp

1911457608 | 2025-03-04T17:13:53.185297

\x00[\x00\x00\x00\x00\x00\x00

21245 / tcp

819727972 | 2025-03-12T20:03:18.449543

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

21247 / tcp

819727972 | 2025-03-10T13:10:45.464445

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

21252 / tcp

-1399940268 | 2025-03-19T09:44:26.483118

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21262 / tcp

1278527606 | 2025-02-24T19:59:39.251492

SSH-2.0-Teleport

21269 / tcp

671605376 | 2025-03-17T21:32:40.932005

SSH-2.0-OpenSSH_X.X

21279 / tcp

-1399940268 | 2025-03-16T13:44:57.031817

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21282 / tcp

819727972 | 2025-03-11T23:50:57.077476

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

21288 / tcp

-1835475271 | 2025-03-09T17:04:50.418217

200 NOD32SS 99 (3318497116)\r\n

21290 / tcp

-288825733 | 2025-03-11T09:08:21.184263

HTTP/1.1 200 OK
Connection: close
Content-Length: 2619
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE
Content-Type: text/html
Server: Jetty(9.4.14.v20181114)
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

21300 / tcp

819727972 | 2025-03-13T20:00:25.299601

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

21315 / tcp

819727972 | 2025-03-15T09:02:26.576615

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

21321 / tcp

307999478 | 2025-02-23T16:45:02.319136

unknown command \r\nunknown command \r\n

21327 / tcp

-441419608 | 2025-03-13T05:08:38.681831

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

21329 / tcp

1282941221 | 2025-03-08T15:40:53.659678

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

21515 / tcp

1911457608 | 2025-03-03T22:59:48.012329

\x00[\x00\x00\x00\x00\x00\x00

22022 / tcp

2143387245 | 2025-03-16T11:06:47.745892

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

22084 / tcp

-1026951088 | 2025-03-19T00:54:50.811514

erro ip

22345 / tcp

1632932802 | 2025-03-10T22:51:26.239834

22556 / tcp

1911457608 | 2025-03-21T21:31:41.881570

\x00[\x00\x00\x00\x00\x00\x00

23023 / tcp

996960436 | 2025-03-05T21:11:39.091857

572 Relay not authorized

23184 / tcp

-1399940268 | 2025-03-11T00:22:32.357376

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

24245 / tcp

-1189269828 | 2025-03-14T14:40:09.130974

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

24472 / tcp

-2089734047 | 2025-03-15T05:39:36.149401

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

25001 / tcp

-1598265216 | 2025-03-10T12:47:09.546306

@RSYNCD: 31.0

25003 / tcp

1911457608 | 2025-02-27T20:04:26.860201

\x00[\x00\x00\x00\x00\x00\x00

25007 / tcp

-1399940268 | 2025-02-27T15:27:33.060484

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

25008 / tcp

-1099385124 | 2025-03-14T21:43:47.557487

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

25082 / tcp

-1428621233 | 2025-03-04T22:09:20.252853

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

25565 / tcp

1911457608 | 2025-03-14T13:20:46.573526

\x00[\x00\x00\x00\x00\x00\x00

26656 / tcp

1991883981 | 2025-03-13T06:50:48.164255

B\x00\x00\x00\xc3\xbfn\x04Too many connections

26657 / tcp

1741579575 | 2025-03-12T02:56:06.165472

27015 / tcp

-1516219311 | 2025-03-06T18:49:45.803301

Command: None
Size: 67502080
ID: 0
Type: 327680

27017 / tcp

1763259671 | 2025-03-01T01:28:41.587897

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

27105 / tcp

1282941221 | 2025-02-25T08:50:02.750905

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

29798 / tcp

1665283070 | 2025-03-11T14:46:11.824681

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x01\x00\x00\x10\x00\x00\n0\x03\x00\x00\x00\x01\x00\x05\x00\x00@\x00\x00\x06\x00\x00\x1f@

29842 / tcp

1632932802 | 2025-03-10T23:53:37.421277

30002 / tcp

171352214 | 2025-03-12T05:23:58.519911

-ERR client ip is not in whitelist

30021 / tcp

921225407 | 2025-03-13T20:57:41.188855

\x00\x00\x00\x04\x00\x00\x00\x00\x00

30022 / tcp

-971970408 | 2025-03-18T22:05:36.655395

30023 / tcp

-2089734047 | 2025-03-20T14:40:26.644921

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

30025 / tcp

-1737707071 | 2025-03-21T11:01:43.846016

\x00b\x00\x01\x00\x00\x00\x00x\x0b\x00\x00\x00\x00z\x00437

30110 / tcp

-1779118422 | 2025-03-13T18:14:43.823755

\x00[\xc2\xae\xc2\x8d{\x7f\x00\x00

30122 / tcp

1741579575 | 2025-03-11T05:29:32.368743

30301 / tcp

1741579575 | 2025-03-15T19:48:18.113676

30422 / tcp

819727972 | 2025-03-13T12:25:58.614743

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

30443 / tcp

-653033013 | 2025-02-27T19:34:24.086967

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

30444 / tcp

819727972 | 2025-02-20T19:29:51.954801

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

30452 / tcp

321971019 | 2025-03-20T19:16:09.984805

-ERR client ip is not in whitelist\r

30468 / tcp

-1899074860 | 2025-03-17T03:51:47.040963

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

30501 / tcp

1911457608 | 2025-03-04T19:17:34.012619

\x00[\x00\x00\x00\x00\x00\x00

30622 / tcp

171352214 | 2025-03-12T11:23:08.583524

-ERR client ip is not in whitelist

30722 / tcp

1830187220 | 2025-03-13T14:15:36.037466

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

30822 / tcp

2087396567 | 2025-03-12T20:15:04.738501

kjnkjabhbanc283ubcsbhdc72

30892 / tcp

819727972 | 2025-03-09T11:54:38.963434

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

30922 / tcp

104385780 | 2025-03-20T22:54:02.526799

ceph v2

31017 / tcp

-1839934832 | 2025-02-23T08:43:34.510776

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

31022 / tcp

2087396567 | 2025-03-13T11:42:21.756061

kjnkjabhbanc283ubcsbhdc72

31122 / tcp

-971970408 | 2025-03-09T13:05:37.159390

31222 / tcp

1852418385 | 2025-03-13T06:34:14.912251

RTSP/1.0 453 Not Enough Bandwidth
Server: AirTunes/7l_wZ

31380 / tcp

-653033013 | 2025-03-12T20:43:00.223386

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

31443 / tcp

819727972 | 2025-03-12T18:58:42.350843

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

31522 / tcp

971933601 | 2025-03-13T01:24:59.001715

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

31722 / tcp

1082732927 | 2025-03-21T16:35:32.950539

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

31822 / tcp

-1059554316 | 2025-03-20T19:44:53.163811

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

31922 / tcp

-1730858130 | 2025-03-11T06:25:53.984961

RFB 003.008
VNC:
  Protocol Version: 3.8

32022 / tcp

-1032713145 | 2025-03-12T04:39:47.966683

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

32122 / tcp

-2017887953 | 2025-03-09T21:32:03.930865

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 9 1

32222 / tcp

-1097188123 | 2025-03-09T08:10:26.847542

[g\xc2\x95N\x7f

32303 / tcp

51259122 | 2025-03-12T01:09:07.427520

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

32322 / tcp

1919228981 | 2025-03-16T15:23:58.554871

\x00\x1e\x00\x06\xc2\x81\xc2\x85\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

32400 / tcp

0 | 2025-02-25T08:27:06.568252

Hashes

hash

1865391109

http.dom_hash

http.html_hash

HTTP/1.1 408 Request Timeout
content-length: 0

32422 / tcp

2087396567 | 2025-03-09T14:47:51.074170

kjnkjabhbanc283ubcsbhdc72

32764 / tcp

-1839934832 | 2025-03-18T03:29:38.920532

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

32800 / tcp

1308377066 | 2025-03-05T18:43:53.007998

ncacn_http/1.0

33022 / tcp

-746114901 | 2025-02-27T17:09:02.703846

[KpU

33060 / tcp

2087396567 | 2025-02-27T08:02:01.095074

kjnkjabhbanc283ubcsbhdc72

33122 / tcp

1332894250 | 2025-03-04T15:00:17.844407

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

33222 / tcp

1231376952 | 2025-03-09T20:02:13.368963

33322 / tcp

-1477838366 | 2025-03-22T07:59:47.826297

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

33422 / tcp

-1114821551 | 2025-03-19T17:22:02.142979

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

33622 / tcp

-2096652808 | 2025-03-21T05:50:40.598378

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

33722 / tcp

660175493 | 2025-03-18T04:48:36.773923

33822 / tcp

2087396567 | 2025-03-18T11:45:46.859638

kjnkjabhbanc283ubcsbhdc72

33922 / tcp

-375604792 | 2025-03-08T11:35:52.094982

220 Microsoft FTP Service

34022 / tcp

104385780 | 2025-03-20T17:47:15.478141

ceph v2

34122 / tcp

-2017887953 | 2025-03-20T17:12:35.344371

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

34222 / tcp

819727972 | 2025-03-20T02:01:02.550570

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

34422 / tcp

2087396567 | 2025-02-28T06:15:03.484890

kjnkjabhbanc283ubcsbhdc72

34522 / tcp

1741579575 | 2025-03-19T11:58:47.182799

34622 / tcp

178736976 | 2025-03-19T10:15:54.968375

SSH-58-Ingrian_SSH

34722 / tcp

1208318993 | 2025-03-19T08:51:21.974395

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

34822 / tcp

-1477838366 | 2025-03-19T06:51:41.679461

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

34922 / tcp

1690634669 | 2025-03-18T20:44:29.230510

35000 / tcp

-1733645023 | 2025-02-26T01:50:05.801475

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

35022 / tcp

-971970408 | 2025-03-19T03:17:48.600012

35100 / tcp

-2096652808 | 2025-03-13T03:16:43.540998

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

35101 / tcp

677934968 | 2025-03-13T23:04:17.164112

lm^)Q

35122 / tcp

1978059005 | 2025-03-19T01:40:47.802502

Sorry, that nickname format is invalid.

35222 / tcp

-971970408 | 2025-03-18T10:17:14.751080

35322 / tcp

-438503381 | 2025-03-17T09:11:42.911245

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

35422 / tcp

290819026 | 2025-03-19T00:29:44.067862

welcome to Pandora console!
----------------------------
-------------------------
|     Login Time     |     2021-12-08 1...

35522 / tcp

2087396567 | 2025-03-04T04:11:09.149810

kjnkjabhbanc283ubcsbhdc72

35524 / tcp

740837454 | 2025-02-22T07:07:30.082240

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

35554 / tcp

1208318993 | 2025-03-17T04:33:46.757556

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

35560 / tcp

1282941221 | 2025-03-14T01:47:37.148359

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

35722 / tcp

-1461540015 | 2025-03-17T11:43:47.301357

audio 0 RTP/AVP 18 4 3 8 0 101
a

35822 / tcp

1308377066 | 2025-03-17T18:18:03.189231

ncacn_http/1.0

36022 / tcp

1212921144 | 2025-03-17T22:04:06.314791

0@

36122 / tcp

-971970408 | 2025-03-13T10:32:37.072994

36222 / tcp

996960436 | 2025-03-17T20:12:56.619846

572 Relay not authorized

36322 / tcp

171352214 | 2025-03-17T12:38:46.694075

-ERR client ip is not in whitelist

36422 / tcp

2087396567 | 2025-03-15T09:02:53.896184

kjnkjabhbanc283ubcsbhdc72

36522 / tcp

842535728 | 2025-03-18T19:33:51.242806

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

36622 / tcp

-1730858130 | 2025-03-16T08:17:03.177799

RFB 003.008
VNC:
  Protocol Version: 3.8

36722 / tcp

2087396567 | 2025-03-17T05:37:51.446543

kjnkjabhbanc283ubcsbhdc72

36822 / tcp

819727972 | 2025-03-18T15:19:08.769869

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

37022 / tcp

-441419608 | 2025-03-16T20:40:38.694037

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

37080 / tcp

-1399940268 | 2025-03-14T15:57:27.701624

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

37122 / tcp

1741579575 | 2025-03-16T23:44:24.450341

37215 / tcp

971933601 | 2025-03-21T11:06:01.309817

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

37222 / tcp

1741579575 | 2025-03-14T20:10:07.665265

37322 / tcp

2087396567 | 2025-03-16T11:48:19.484502

kjnkjabhbanc283ubcsbhdc72

37522 / tcp

-992671574 | 2025-03-16T11:31:15.247467

@RSYNCD: 26

37622 / tcp

-1013082686 | 2025-02-28T14:12:02.294907

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

37722 / tcp

971933601 | 2025-03-16T02:00:42.618155

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

37822 / tcp

89282912 | 2025-03-14T02:12:08.807791

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto
col:SOAP, MKSDisplayProtocol:VNC , ,

37922 / tcp

-971970408 | 2025-03-18T01:12:15.349847

38022 / tcp

-1045760528 | 2025-02-27T13:43:06.296147

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

38122 / tcp

-1114821551 | 2025-03-15T18:28:51.164747

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

38222 / tcp

-1036370807 | 2025-03-11T18:32:27.328392

JDWP-Handshake

38322 / tcp

-1730858130 | 2025-03-15T14:16:33.496647

RFB 003.008
VNC:
  Protocol Version: 3.8

38333 / tcp

-653033013 | 2025-03-15T21:24:46.605925

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

38522 / tcp

819727972 | 2025-03-14T00:28:11.694284

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

38622 / tcp

-971970408 | 2025-02-26T03:12:36.462799

38722 / tcp

-2096652808 | 2025-03-07T06:25:47.748110

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

38822 / tcp

819727972 | 2025-03-03T22:21:52.847260

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

38922 / tcp

-641479109 | 2025-03-13T15:43:30.500073

[xU-

39222 / tcp

-971970408 | 2025-03-13T17:27:54.338051

39322 / tcp

597764502 | 2025-03-11T11:37:37.339239

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

39422 / tcp

-2107996212 | 2025-03-11T13:37:11.919945

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

39522 / tcp

-971970408 | 2025-03-11T09:51:24.083066

39722 / tcp

1282941221 | 2025-03-05T04:52:54.389353

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

39922 / tcp

-641479109 | 2025-02-26T21:26:53.957831

[xU-

40022 / tcp

-1648456501 | 2025-03-09T11:21:57.588378

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

40099 / tcp

945910976 | 2025-03-20T19:41:25.213580

* OK TeamXchange IMAP4rev1 server (otyUg) ready.\r\n

40322 / tcp

-1529979118 | 2025-03-08T21:49:14.255072

inv2W

40471 / tcp

-345718689 | 2025-03-21T11:59:39.657052

Vty password is not set.

40522 / tcp

1978059005 | 2025-03-04T07:44:51.197385

Sorry, that nickname format is invalid.

40722 / tcp

1948301213 | 2025-03-08T14:58:12.772631

RFB 003.003
VNC:
  Protocol Version: 3.3

41122 / tcp

-1681927087 | 2025-02-27T15:24:07.337838

kjnkjabhbanc283ubcsbhdc72

41443 / tcp

1077013874 | 2025-03-14T03:56:20.730951

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

41800 / tcp

1948301213 | 2025-03-12T08:02:26.556742

RFB 003.003
VNC:
  Protocol Version: 3.3

42208 / tcp

-1996280214 | 2025-02-26T12:47:55.181761

\x06\x04\x05@

42922 / tcp

1353260875 | 2025-02-28T15:54:41.795904

\x00[g\xc2\x95N\x7f\x00\x00

43200 / tcp

1911457608 | 2025-03-21T06:21:04.782915

\x00[\x00\x00\x00\x00\x00\x00

43322 / tcp

539065883 | 2025-02-27T22:24:18.251688

43522 / tcp

474736340 | 2025-02-27T18:51:55.538021

431 Unable to negotiate secure command connection.

43622 / tcp

819727972 | 2025-02-21T18:30:30.799154

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

43822 / tcp

-358801646 | 2025-02-23T05:52:44.964014

SSH-2.0-OpenSSH_6.6.1

44158 / tcp

-433302150 | 2025-02-22T17:42:17.129263

/multistream/1.0.0

44222 / tcp

1082732927 | 2025-03-10T23:09:43.896958

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

44301 / tcp

1332894250 | 2025-02-21T00:53:26.191308

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

44304 / tcp

599074451 | 2025-03-14T05:53:34.762573

msg

44322 / tcp

1077013874 | 2025-02-26T02:29:55.327231

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

44334 / tcp

-1399940268 | 2025-03-18T10:23:31.934132

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

44422 / tcp

1723769361 | 2025-02-26T09:14:12.597375

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

44520 / tcp

2121220663 | 2025-03-06T08:37:10.328275

SSH-58-Ingrian_SSH\r\n

44622 / tcp

-375604792 | 2025-02-23T04:09:12.754046

220 Microsoft FTP Service

44722 / tcp

2087396567 | 2025-02-26T05:50:45.155064

kjnkjabhbanc283ubcsbhdc72

44818 / tcp

165188539 | 2025-03-20T16:33:21.197807

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

44822 / tcp

-971970408 | 2025-02-20T11:47:33.795126

44922 / tcp

1690634669 | 2025-02-26T04:09:11.409919

45122 / tcp

2087396567 | 2025-02-25T13:20:25.312936

kjnkjabhbanc283ubcsbhdc72

45222 / tcp

1353260875 | 2025-02-25T20:09:23.791286

\x00[g\xc2\x95N\x7f\x00\x00

45322 / tcp

819727972 | 2025-02-25T18:11:17.463769

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

45522 / tcp

-1477838366 | 2025-02-25T16:39:06.652557

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

45555 / tcp

-1399940268 | 2025-03-13T23:10:37.690121

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

45622 / tcp

1278527606 | 2025-02-25T15:47:02.462972

SSH-2.0-Teleport

45786 / tcp

-136006866 | 2025-03-09T06:59:24.877481

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

45822 / tcp

2033888749 | 2025-03-10T13:05:53.079366

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

46001 / tcp

-2089734047 | 2025-03-20T02:27:22.808948

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

46022 / tcp

320677201 | 2025-02-25T08:15:46.477020

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

46122 / tcp

1996932384 | 2025-02-25T09:26:02.838506

"raop" nonce

46222 / tcp

957278843 | 2025-02-24T23:30:57.800910

[|ox

46422 / tcp

410249975 | 2025-02-24T09:52:10.199781

LNS READY<>

46622 / tcp

996960436 | 2025-02-24T05:34:38.414528

572 Relay not authorized

46922 / tcp

472902042 | 2025-02-24T00:59:16.575054

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

47122 / tcp

104385780 | 2025-02-23T23:15:26.130347

ceph v2

47222 / tcp

-1999117212 | 2025-02-23T21:29:45.751813

47322 / tcp

-1648456501 | 2025-02-23T20:19:14.159999

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

47522 / tcp

819727972 | 2025-02-25T09:54:52.674559

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

47622 / tcp

2087396567 | 2025-02-23T14:33:35.911775

kjnkjabhbanc283ubcsbhdc72

47822 / tcp

1741579575 | 2025-03-10T09:36:55.766126

47989 / tcp

677934968 | 2025-03-11T07:29:26.269874

lm^)Q

47990 / tcp

1492413928 | 2025-03-20T00:03:57.724707

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

48001 / tcp

-1733645023 | 2025-03-22T06:49:31.216809

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

48222 / tcp

-358801646 | 2025-03-10T04:45:57.367611

SSH-2.0-OpenSSH_6.6.1

48322 / tcp

-1648456501 | 2025-03-10T02:43:34.349611

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

48422 / tcp

1741579575 | 2025-03-10T00:59:39.460322

48522 / tcp

-2033111675 | 2025-03-09T23:15:54.661027

~djb

48722 / tcp

117101543 | 2025-02-24T16:29:43.953323

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

48822 / tcp

819727972 | 2025-02-24T18:13:55.468161

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

49122 / tcp

539065883 | 2025-02-21T06:52:48.853674

49152 / tcp

148329221 | 2025-03-20T08:09:04.421905

HTTP/1.1 500 Internal Server Error
CONTENT-LENGTH: 411
CONTENT-TYPE: text/xml; charset="utf-8"
DATE: Mon, 03 Jan 2000 05:26:54 GMT
EXT:
SERVER: Linux/2.4.30, UPnP/1.0, Portable SDK for UPnP devices/1.3.1
X-User-Agent: redsonic
<s:Envelope
xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"
s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<s:Body>
<s:Fault>
<faultcode>s:Client</faultcode>
<faultstring>UPnPError</faultstring>
<detail>
<UPnPError xmlns="urn:schemas-upnp-org:control-1-0">
<er

49200 / tcp

-2096652808 | 2025-03-04T11:45:18.347662

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

49222 / tcp

-971970408 | 2025-02-23T01:08:49.963600

49322 / tcp

-345718689 | 2025-02-20T22:11:04.857233

Vty password is not set.

49422 / tcp

-441419608 | 2025-02-23T02:27:14.903761

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

49502 / tcp

-1428621233 | 2025-02-27T01:23:21.902025

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

49684 / tcp

632542934 | 2025-03-16T11:00:09.736092

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

50000 / tcp

632542934 | 2025-03-21T15:01:50.123435

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

50002 / tcp

-1399940268 | 2025-02-28T10:23:00.755461

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

50005 / tcp

-980525298 | 2025-03-20T17:10:12.928617

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

50009 / tcp

-1261090339 | 2025-03-19T11:54:54.898967

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

50014 / tcp

-345718689 | 2025-02-22T06:38:04.122813

Vty password is not set.

50042 / tcp

671605376 | 2025-03-18T19:26:13.881054

SSH-2.0-OpenSSH_X.X

50050 / tcp

-445721795 | 2025-03-16T14:06:36.039433

\x00[\xc3\xaed\x1a\x7f\x00\x00

50070 / tcp

-2118655245 | 2025-03-15T07:14:00.328352

Hashes

hash

1015654041

http.dom_hash

-2006505642

http.html_hash

-2118655245

HTTP/1.0 500 Internal Server Error
Content-Length: 20

50100 / tcp

1690634669 | 2025-03-21T23:18:26.073336

50222 / tcp

117101543 | 2025-02-22T07:55:51.365125

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

50522 / tcp

1189133115 | 2025-02-22T00:17:59.482631

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

50622 / tcp

89282912 | 2025-02-21T20:28:03.664875

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto
col:SOAP, MKSDisplayProtocol:VNC , ,

50722 / tcp

2087396567 | 2025-02-20T23:55:55.480474

kjnkjabhbanc283ubcsbhdc72

50996 / tcp

-1279886438 | 2025-03-10T02:16:03.924055

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

50999 / tcp

-1327660293 | 2025-03-09T04:36:25.400663

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

51106 / tcp

-1032713145 | 2025-03-20T11:00:14.551266

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

51201 / tcp

1911457608 | 2025-02-24T07:35:00.578827

\x00[\x00\x00\x00\x00\x00\x00

51235 / tcp

2087396567 | 2025-03-21T17:58:01.460393

kjnkjabhbanc283ubcsbhdc72

51294 / tcp

-1032713145 | 2025-03-07T06:47:58.902263

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

51322 / tcp

1978059005 | 2025-02-21T11:49:27.614526

Sorry, that nickname format is invalid.

51434 / tcp

1574088840 | 2025-03-13T06:33:46.373664

">Application and Content Networking Software 3.9</a>)\n</BODY><

51443 / tcp

-445721795 | 2025-03-12T01:12:52.642515

\x00[\xc3\xaed\x1a\x7f\x00\x00

51822 / tcp

819727972 | 2025-02-20T17:16:23.959887

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

52022 / tcp

2087396567 | 2025-03-07T01:16:30.407458

kjnkjabhbanc283ubcsbhdc72

52536 / tcp

321971019 | 2025-03-03T20:17:06.930479

-ERR client ip is not in whitelist\r

52931 / tcp

1911457608 | 2025-03-16T03:02:10.090898

\x00[\x00\x00\x00\x00\x00\x00

53200 / tcp

455076604 | 2025-03-21T15:33:19.718576

!\x07version\x04bind7 t{RPowerDNS Recursor 410

53400 / tcp

-2096652808 | 2025-02-22T08:06:04.805940

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

53413 / tcp

2087396567 | 2025-03-22T02:40:45.821210

kjnkjabhbanc283ubcsbhdc72

53482 / tcp

-1746074029 | 2025-03-18T16:25:16.771346

101 imqbroker =unV\r\n

53485 / tcp

-1399940268 | 2025-03-15T06:55:00.813878

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

53490 / tcp

-2089734047 | 2025-03-18T15:39:49.547153

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

54138 / tcp

-1148066627 | 2025-03-21T09:22:35.878612

\x00[\xc2\x84\xc2\x86\xc3\xb2\x7f\x00\x00

54922 / tcp

-1139539254 | 2025-03-07T10:24:44.609342

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

54984 / tcp

2087396567 | 2025-03-21T07:41:00.399889

kjnkjabhbanc283ubcsbhdc72

55000 / tcp

1948301213 | 2025-03-20T02:50:52.009944

RFB 003.003
VNC:
  Protocol Version: 3.3

55055 / tcp

-271515508 | 2025-03-08T13:01:25.093479

HTTP/1.1 302 Moved Temporarily
Server: DrcomServer1.0
Location: http://192.168.254.3
Cache-Control: no-cache
Connection: close

55200 / tcp

-136006866 | 2025-02-23T21:44:10.908755

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

55422 / tcp

-971970408 | 2025-03-06T18:21:45.380170

55442 / tcp

2087396567 | 2025-03-20T21:10:55.826345

kjnkjabhbanc283ubcsbhdc72

55443 / tcp

-1900404274 | 2025-02-22T09:19:27.838211

Unknown command

55522 / tcp

-971970408 | 2025-03-06T23:32:46.390642

55553 / tcp

2087396567 | 2025-03-06T03:02:19.418814

kjnkjabhbanc283ubcsbhdc72

55554 / tcp

550048729 | 2025-02-27T20:38:51.462113

ÿÿÿ
0 ...

55722 / tcp

-1114821551 | 2025-03-06T20:05:23.470638

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

55822 / tcp

2087396567 | 2025-03-06T21:48:55.530420

kjnkjabhbanc283ubcsbhdc72

57422 / tcp

-971970408 | 2025-03-03T17:28:35.409314

57622 / tcp

-1872120160 | 2025-03-06T12:08:54.880586

">Application and Content Networking Software 3.9</a>)
</BODY><

57722 / tcp

-971970408 | 2025-03-06T09:30:23.665061

57783 / tcp

-1399940268 | 2025-03-04T21:20:57.881482

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

57784 / tcp

-1428621233 | 2025-03-08T19:01:48.532466

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

57786 / tcp

-1428621233 | 2025-02-26T01:09:18.757330

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

57787 / tcp

-180163620 | 2025-03-07T08:10:10.580754

NPC Telnet permit one connection.\r\n But One connection() already keep alive.\r\nGood Bye !! \r\n

57788 / tcp

819727972 | 2025-03-16T19:56:16.674762

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

57822 / tcp

-1529979118 | 2025-03-06T06:57:26.967534

inv2W

57922 / tcp

504717326 | 2025-03-06T05:06:25.108027

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 5 1

58122 / tcp

-1013082686 | 2025-03-06T03:23:17.976791

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

58322 / tcp

2087396567 | 2025-03-05T23:51:19.990717

kjnkjabhbanc283ubcsbhdc72

58392 / tcp

1308377066 | 2025-03-14T10:10:48.522488

ncacn_http/1.0

58422 / tcp

1082732927 | 2025-03-05T22:10:41.295781

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

58522 / tcp

2087396567 | 2025-03-05T20:25:36.998659

kjnkjabhbanc283ubcsbhdc72

58585 / tcp

1726594447 | 2025-03-17T17:40:59.071260

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

58722 / tcp

2087396567 | 2025-03-05T18:41:46.046374

kjnkjabhbanc283ubcsbhdc72

58922 / tcp

1956828827 | 2025-03-05T15:15:52.596137

220 VMware Authentication Daemon Version 1.10: SSL Required, Se
rverDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t

59022 / tcp

-1648456501 | 2025-03-05T13:33:03.502720

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

59122 / tcp

1842524259 | 2025-03-05T11:49:57.075383

59222 / tcp

-2033111675 | 2025-03-05T10:06:20.920880

~djb

60001 / tcp

2087396567 | 2025-03-15T03:34:00.930795

kjnkjabhbanc283ubcsbhdc72

60023 / tcp

-1737707071 | 2025-03-16T21:38:30.559857

\x00b\x00\x01\x00\x00\x00\x00x\x0b\x00\x00\x00\x00z\x00437

60099 / tcp

-2089734047 | 2025-02-25T18:38:03.532062

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

60129 / tcp

2087396567 | 2025-03-20T04:35:33.136963

kjnkjabhbanc283ubcsbhdc72

61616 / tcp

2103111368 | 2025-03-17T20:55:39.397200

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

62078 / tcp

-575085326 | 2025-03-20T12:38:33.218006

\x00\x00\x01)

63210 / tcp

1887224352 | 2025-03-14T23:37:32.460339

63256 / tcp

1741579575 | 2025-03-21T22:14:09.825434

63260 / tcp

-1839934832 | 2025-03-14T23:51:37.490564

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

64477 / tcp

-1730858130 | 2025-03-14T13:46:21.330004

RFB 003.008
VNC:
  Protocol Version: 3.8

65000 / tcp

1906191280 | 2025-03-14T05:50:31.975836

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 657d0443_jdx210_8928-57530

65004 / tcp

-249504111 | 2025-02-28T13:43:35.092028

\x00[xU-\x7f\x00\x00

120.76.16.11

Last Seen: 2025-03-22

Tags:

GeneralInformation

OpenPorts

11 / tcp 1690634669 | 2025-03-04T04:20:55.599675

13 / tcp 1024374118 | 2025-03-14T09:37:51.435781

17 / tcp 5698739 | 2025-03-19T21:37:40.802106

21 / tcp -1384102091 | 2025-02-25T02:58:06.650533

23 / tcp -23362551 | 2025-02-21T20:11:49.532179

25 / tcp 632542934 | 2025-03-18T21:23:05.762032

49 / tcp 588096080 | 2025-03-06T22:45:47.549809

53 / tcp -1370420049 | 2025-03-20T21:03:44.351059

66 / tcp 921225407 | 2025-03-06T06:17:22.734348

70 / tcp -833941849 | 2025-03-21T15:43:08.299644

79 / tcp 268196945 | 2025-03-05T18:07:43.611507

102 / tcp 401555314 | 2025-03-20T16:16:17.685161

106 / tcp 1989907056 | 2025-03-14T19:10:30.130567

110 / tcp 1911457608 | 2025-02-24T01:20:42.689481

113 / tcp -414819019 | 2025-03-19T11:58:06.948510

119 / tcp 141730637 | 2025-03-21T07:24:51.524237

122 / tcp 693973426 | 2025-03-14T11:58:56.099644

135 / tcp 1302177452 | 2025-03-04T06:59:12.145840

143 / tcp 1771091364 | 2025-03-15T01:06:56.503027

175 / tcp -1399940268 | 2025-03-20T01:36:01.308374

177 / tcp -784071826 | 2025-03-21T18:41:44.468248

179 / tcp -399606100 | 2025-03-05T04:30:04.807115

195 / tcp 1842524259 | 2025-03-20T13:53:43.147411

221 / tcp 165188539 | 2025-03-13T16:43:45.206166

264 / tcp -1932800090 | 2025-03-06T21:14:04.516736

311 / tcp -1547976805 | 2025-03-04T01:18:23.552488

389 / tcp -1713467553 | 2025-03-21T10:04:28.694016

400 / tcp -303199180 | 2025-03-06T06:39:29.849877

427 / tcp 1998636604 | 2025-03-07T16:06:30.690078

444 / tcp -154107716 | 2025-03-12T19:45:29.497361

446 / tcp -1399940268 | 2025-03-12T17:21:13.241075

452 / tcp -1327660293 | 2025-03-12T11:45:12.171072

462 / tcp 1911457608 | 2025-02-22T21:07:05.114268

465 / tcp 897328069 | 2025-03-20T09:50:57.153497

502 / tcp -2096652808 | 2025-03-16T18:32:23.423466

503 / tcp 321971019 | 2025-03-05T06:59:43.931723

513 / tcp 165188539 | 2025-02-23T03:22:00.396239

515 / tcp -1900404274 | 2025-03-18T21:15:30.532584

541 / tcp 268285291 | 2025-03-11T15:01:54.000117

554 / tcp 448214121 | 2025-03-13T00:13:23.959271

593 / tcp 1308377066 | 2025-03-18T22:33:12.855250

636 / tcp -2023550675 | 2025-03-15T02:01:32.119800

666 / tcp 1300162323 | 2025-03-05T10:30:47.914664

685 / tcp -1032713145 | 2025-02-21T19:23:50.240430

771 / tcp -1013082686 | 2025-03-11T03:45:23.725290

789 / tcp 1911457608 | 2025-03-11T08:44:21.841843

830 / tcp 103159425 | 2025-03-16T15:54:48.837680

833 / tcp 1911457608 | 2025-02-24T20:35:19.074688

873 / tcp 2128189041 | 2025-03-10T06:45:12.389414

880 / tcp -1256415508 | 2025-03-22T05:24:27.490327

885 / tcp -1373613804 | 2025-03-20T01:20:37.211239

993 / tcp -249504111 | 2025-02-25T18:02:18.340294

994 / tcp 1543809371 | 2025-02-20T17:06:35.320850

995 / tcp 934210070 | 2025-03-10T21:07:31.816525

998 / tcp 819727972 | 2025-02-23T15:47:39.819428

1002 / tcp 1911457608 | 2025-03-04T01:33:11.424299

1025 / tcp -1839934832 | 2025-02-23T23:04:49.366559

1080 / tcp 1362344524 | 2025-03-19T04:15:36.238342

1099 / tcp -1399940268 | 2025-02-27T19:48:24.789192

1110 / tcp 456721301 | 2025-03-18T20:03:34.864764

1153 / tcp 819727972 | 2025-03-15T13:29:23.595785

1177 / tcp -358801646 | 2025-03-04T07:05:18.223856

1193 / tcp -1399940268 | 2025-03-11T07:03:52.835830

1200 / tcp 2087396567 | 2025-03-17T16:03:23.043925

1234 / tcp 1911457608 | 2025-02-24T11:32:42.985989

1235 / tcp -2107996212 | 2025-03-09T22:04:30.158475

1292 / tcp -1399940268 | 2025-03-20T23:10:30.760718

1337 / tcp -1032713145 | 2025-03-17T23:02:47.726260

1343 / tcp 819727972 | 2025-03-06T23:44:45.944526

1414 / tcp 819727972 | 2025-03-13T20:16:23.253114

1433 / tcp -651181868 | 2025-03-12T02:05:42.526781

1451 / tcp 1126993057 | 2025-03-22T08:14:27.052187

1457 / tcp 321971019 | 2025-03-09T08:59:15.933335

1515 / tcp -971970408 | 2025-03-19T14:29:43.398953

1521 / tcp -186520940 | 2025-03-12T16:17:49.197121

11 / tcp

1690634669 | 2025-03-04T04:20:55.599675

13 / tcp

1024374118 | 2025-03-14T09:37:51.435781

17 / tcp

5698739 | 2025-03-19T21:37:40.802106

21 / tcp

-1384102091 | 2025-02-25T02:58:06.650533

23 / tcp

-23362551 | 2025-02-21T20:11:49.532179

25 / tcp

632542934 | 2025-03-18T21:23:05.762032

49 / tcp

588096080 | 2025-03-06T22:45:47.549809

53 / tcp

-1370420049 | 2025-03-20T21:03:44.351059

66 / tcp

921225407 | 2025-03-06T06:17:22.734348

70 / tcp

-833941849 | 2025-03-21T15:43:08.299644

79 / tcp

268196945 | 2025-03-05T18:07:43.611507

102 / tcp

401555314 | 2025-03-20T16:16:17.685161

106 / tcp

1989907056 | 2025-03-14T19:10:30.130567

110 / tcp

1911457608 | 2025-02-24T01:20:42.689481

113 / tcp

-414819019 | 2025-03-19T11:58:06.948510

119 / tcp

141730637 | 2025-03-21T07:24:51.524237

122 / tcp

693973426 | 2025-03-14T11:58:56.099644

135 / tcp

1302177452 | 2025-03-04T06:59:12.145840

143 / tcp

1771091364 | 2025-03-15T01:06:56.503027

175 / tcp

-1399940268 | 2025-03-20T01:36:01.308374

177 / tcp

-784071826 | 2025-03-21T18:41:44.468248

179 / tcp

-399606100 | 2025-03-05T04:30:04.807115

195 / tcp

1842524259 | 2025-03-20T13:53:43.147411

221 / tcp

165188539 | 2025-03-13T16:43:45.206166

264 / tcp

-1932800090 | 2025-03-06T21:14:04.516736

311 / tcp

-1547976805 | 2025-03-04T01:18:23.552488

389 / tcp

-1713467553 | 2025-03-21T10:04:28.694016

400 / tcp

-303199180 | 2025-03-06T06:39:29.849877

427 / tcp

1998636604 | 2025-03-07T16:06:30.690078

444 / tcp

-154107716 | 2025-03-12T19:45:29.497361

446 / tcp

-1399940268 | 2025-03-12T17:21:13.241075

452 / tcp

-1327660293 | 2025-03-12T11:45:12.171072

462 / tcp

1911457608 | 2025-02-22T21:07:05.114268

465 / tcp

897328069 | 2025-03-20T09:50:57.153497

502 / tcp

-2096652808 | 2025-03-16T18:32:23.423466

503 / tcp

321971019 | 2025-03-05T06:59:43.931723

513 / tcp

165188539 | 2025-02-23T03:22:00.396239

515 / tcp

-1900404274 | 2025-03-18T21:15:30.532584

541 / tcp

268285291 | 2025-03-11T15:01:54.000117

554 / tcp

448214121 | 2025-03-13T00:13:23.959271

593 / tcp

1308377066 | 2025-03-18T22:33:12.855250

636 / tcp

-2023550675 | 2025-03-15T02:01:32.119800

666 / tcp

1300162323 | 2025-03-05T10:30:47.914664

685 / tcp

-1032713145 | 2025-02-21T19:23:50.240430

771 / tcp

-1013082686 | 2025-03-11T03:45:23.725290

789 / tcp

1911457608 | 2025-03-11T08:44:21.841843

830 / tcp

103159425 | 2025-03-16T15:54:48.837680

833 / tcp

1911457608 | 2025-02-24T20:35:19.074688

873 / tcp

2128189041 | 2025-03-10T06:45:12.389414

880 / tcp

-1256415508 | 2025-03-22T05:24:27.490327

885 / tcp

-1373613804 | 2025-03-20T01:20:37.211239

993 / tcp

-249504111 | 2025-02-25T18:02:18.340294

994 / tcp

1543809371 | 2025-02-20T17:06:35.320850

995 / tcp

934210070 | 2025-03-10T21:07:31.816525

998 / tcp

819727972 | 2025-02-23T15:47:39.819428

1002 / tcp

1911457608 | 2025-03-04T01:33:11.424299

1025 / tcp

-1839934832 | 2025-02-23T23:04:49.366559

1080 / tcp

1362344524 | 2025-03-19T04:15:36.238342

1099 / tcp

-1399940268 | 2025-02-27T19:48:24.789192

1110 / tcp

456721301 | 2025-03-18T20:03:34.864764

1153 / tcp

819727972 | 2025-03-15T13:29:23.595785

1177 / tcp

-358801646 | 2025-03-04T07:05:18.223856

1193 / tcp

-1399940268 | 2025-03-11T07:03:52.835830

1200 / tcp

2087396567 | 2025-03-17T16:03:23.043925

1234 / tcp

1911457608 | 2025-02-24T11:32:42.985989

1235 / tcp

-2107996212 | 2025-03-09T22:04:30.158475

1292 / tcp

-1399940268 | 2025-03-20T23:10:30.760718

1337 / tcp

-1032713145 | 2025-03-17T23:02:47.726260

1343 / tcp

819727972 | 2025-03-06T23:44:45.944526

1414 / tcp

819727972 | 2025-03-13T20:16:23.253114

1433 / tcp

-651181868 | 2025-03-12T02:05:42.526781

1451 / tcp

1126993057 | 2025-03-22T08:14:27.052187

1457 / tcp

321971019 | 2025-03-09T08:59:15.933335

1515 / tcp

-971970408 | 2025-03-19T14:29:43.398953

1521 / tcp

-186520940 | 2025-03-12T16:17:49.197121

1588 / tcp

1308377066 | 2025-03-03T22:38:16.709202

1604 / tcp

677934968 | 2025-03-04T02:11:59.878714

1800 / tcp

-904840257 | 2025-03-06T02:19:07.563867

1801 / tcp

1535389866 | 2025-03-10T23:11:48.599341

1883 / tcp

-1996280214 | 2025-03-21T02:28:45.570106