GeneralInformation

Country	China
City	Beijing
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2024(1)

CVE-2024-6387

8.1A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(2)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

2019(3)

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(3)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

2017(1)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(4)

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(1)

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 15 20 25 37 43 49 79 89 101 102 110 111 113 119 121 131 135 175 179 195 443 444 447 449 452 485 487 503 513 541 554 555 636 666 789 811 833 873 993 1023 1080 1099 1177 1200 1387 1414 1443 1515 1521 1599 1604 1650 1660 1800 1801 1911 1926 1962 1964 1989 2000 2008 2067 2081 2087 2259 2271 2345 2404 2455 2548 2551 2558 2761 2762 3001 3006 3010 3017 3050 3057 3066 3071 3083 3108 3111 3122 3123 3131 3134 3136 3159 3165 3174 3183 3186 3190 3196 3200 3260 3268 3270 3299 3301 3306 3307 3310 3342 3352 3388 3389 3407 3410 3500 3503 3521 3540 3561 3780 3790 3910 3922 3951 3953 4000 4063 4064 4150 4159 4190 4321 4369 4401 4434 4435 4438 4443 4461 4500 4506 4520 4530 4573 4700 4899 4911 4949 5003 5010 5130 5172 5190 5209 5222 5223 5236 5261 5266 5269 5271 5400 5432 5435 5495 5605 5858 5938 5986 5987 5992 6000 6001 6005 6590 6603 6605 6633 6653 6661 6666 6667 6668 6688 6799 7001 7083 7373 7415 7434 7480 7548 7778 8007 8009 8012 8045 8047 8050 8051 8074 8081 8083 8084 8085 8087 8096 8099 8109 8118 8120 8122 8137 8140 8148 8155 8175 8176 8200 8236 8252 8291 8316 8333 8401 8406 8425 8456 8467 8500 8510 8515 8544 8545 8567 8568 8571 8573 8580 8598 8623 8702 8728 8803 8817 8818 8821 8825 8828 8835 8871 8874 8875 8878 8881 8889 8906 8911 9000 9001 9002 9005 9014 9042 9062 9063 9065 9068 9087 9089 9100 9120 9144 9151 9153 9155 9160 9166 9177 9201 9221 9283 9289 9299 9306 9333 9398 9441 9600 9606 9633 9804 9876 9943 9944 9998 9999 10023 10031 10032 10036 10050 10051 10134 10225 10393 10909 10911 10933 11112 11288 11300 11480 11601 12000 12101 12105 12114 12124 12135 12141 12148 12152 12177 12182 12185 12192 12194 12213 12240 12253 12261 12265 12286 12295 12312 12338 12340 12343 12345 12348 12361 12366 12383 12401 12418 12419 12445 12461 12477 12506 12507 12525 12539 12556 12563 12568 12576 12587 12615 13047 14084 14147 14265 14344 14403 14873 14896 14903 15018 15588 16010 16015 16035 16039 16043 16055 16058 16061 16063 16072 16075 16080 16091 16099 16992 16993 17000 17020 17778 18003 18013 18018 18033 18036 18062 18066 18073 18080 18081 18082 18104 18245 18553 19000 19016 19080 19200 19930 20000 20087 20150 20256 20547 20880 21002 21025 21242 21272 21276 21280 21293 21298 21304 21307 21379 22000 22001 22069 22070 22556 23128 23424 24245 25001 25105 25565 26657 27015 27016 27017 28015 30002 30008 30011 30019 30022 30122 30222 30322 30422 30473 30622 30701 30718 30822 30922 31022 31122 31222 31322 31422 31622 31722 31822 31922 32122 32222 32622 32764 32822 33022 33060 33122 33322 33338 33722 33922 34122 34522 34722 34822 35000 35022 35222 35422 36022 36922 37443 38022 40070 41800 42194 43221 44158 44306 44818 45667 45677 47808 47990 48899 49152 50000 50014 50022 50103 51000 51002 51106 51235 51434 52200 52869 53200 53482 54138 54984 55443 55553 55554 57785 60129 61613 62016 62078 63210 63256 63260 64295 64477 64738

11 / tcp

2087396567 | 2025-03-25T09:44:43.494131

kjnkjabhbanc283ubcsbhdc72

15 / tcp

-2089734047 | 2025-04-05T17:56:28.911758

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

20 / tcp

1911457608 | 2025-03-22T03:29:58.458580

\x00[\x00\x00\x00\x00\x00\x00

25 / tcp

-2089734047 | 2025-03-28T10:11:22.624913

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

37 / tcp

387930190 | 2025-04-02T21:15:44.692657

\xc3\xbf\xc3\xbb\\x01\n\rn

43 / tcp

1778988322 | 2025-03-23T22:16:05.132923

* OK GroupWise IMAP4rev1 Server Ready

49 / tcp

-359657882 | 2025-03-20T01:35:49.232241

GBPK\xc3\xbb\xc3\xb7n\\xc2\\x93W\xc2\xaf\\xc2\\x86\\xc2\\x93x@\xc2\xa9\\x0e\xc3\x8a*\\xc2\\x9bS

79 / tcp

-2029556872 | 2025-03-21T16:36:40.692550

HTTP/1.1 200 OK
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Accept-Ranges: bytes

89 / tcp

1911457608 | 2025-03-18T22:35:54.890875

\x00[\x00\x00\x00\x00\x00\x00

101 / tcp

-122096153 | 2025-04-05T06:24:45.042977

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

102 / tcp

-1399940268 | 2025-04-04T12:57:40.766845

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

110 / tcp

-1746074029 | 2025-03-31T17:56:16.841141

101 imqbroker =unV\r\n

111 / tcp

-1428621233 | 2025-03-24T22:54:00.378062

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

113 / tcp

-527005584 | 2025-03-20T03:46:22.564461

/0 0 L
/0 0 HUH

119 / tcp

141730637 | 2025-03-27T07:33:48.267348

HTTP/1.0 200 OK
Server: Proxy

121 / tcp

-1888448627 | 2025-03-28T17:25:18.631668

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

131 / tcp

-303199180 | 2025-03-17T16:24:18.711698

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

135 / tcp

-1729522695 | 2025-04-06T13:58:50.845409

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: DESKTOP-BFAHJ06\n IP2: 192.168.3.8\n IP3: 172.29.96.1\n IP4: 172.19.80.1\n\nNTLMSSP:\nTarget_Name: DESKTOP-BFAHJ06\nProduct_Version: 10.0.19041 Ntlm 15\nOS: Windows 10, Version 2004/Windows Server, Version 2004\nNetBIOS_Domain_Name: DESKTOP-BFAHJ06\nNetBIOS_Computer_Name: DESKTOP-BFAHJ06\nDNS_Domain_Name: DESKTOP-BFAHJ06\nDNS_Computer_Name: DESKTOP-BFAHJ06\nSystem_Time: 2024-01-22 04:05:47 +0000 UTC\n\nDCERP

175 / tcp

1911457608 | 2025-03-17T17:58:07.679373

\x00[\x00\x00\x00\x00\x00\x00

179 / tcp

-399606100 | 2025-03-24T05:53:07.400758

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

195 / tcp

2087396567 | 2025-04-02T12:54:34.456984

kjnkjabhbanc283ubcsbhdc72

443 / tcp

-904735457 | 2025-04-05T04:39:11.217172

HTTP/1.1 403 Forbidden
Server: Tengine
Content-Type: text/html
Connection: keep-alive
Via: cache9.cn2882[,0]

444 / tcp

-1715152554 | 2025-03-26T11:20:33.842062

Hashes

hash

386915687

http.dom_hash

1239617585

http.html_hash

-1715152554

http.server_hash

1727046647

http.title_hash

-1828380909

302 Found

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Wed, 26 Mar 2025 11:20:33 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://123.56.169.18:443/

447 / tcp

-832380282 | 2025-03-28T01:04:15.030393

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).\n

449 / tcp

1655023012 | 2025-04-01T20:51:32.987788

athinfod: invalid query.\n

452 / tcp

937756010 | 2025-03-18T17:49:03.411856

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x01\x00\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

485 / tcp

1911457608 | 2025-04-06T02:30:39.209175

\x00[\x00\x00\x00\x00\x00\x00

487 / tcp

493955023 | 2025-04-05T09:31:23.106378

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

503 / tcp

632542934 | 2025-03-25T02:08:15.041762

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

513 / tcp

1332894250 | 2025-03-21T08:22:47.372299

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

541 / tcp

-820381412 | 2025-03-17T16:37:27.556900

\\x16\\x03\\x01\\x01[\\x01\\x00\\x01W\\x03\\x03\\xf8\\x9dqe\\xf3\\x02\xd0\xa0\\x8c.M\x0bR\\xc9\\xeex\\x9d\\xb1)\\x07\\xe3\\x94\\x13z\\xfb\\x83xM\\x9a\\xcf9\\xad \r\\xb0%\\x01\\xb2\\xdb\\xf9%K7\\x99:\\xd9G\\xd2)\\xa7\\xab:\\x80\\xfd\\xfc\\x01\\x96BK\\xa1\\x83\\x0e\\xe8\\xa2b\\x002\\x13\\x02\\x13\\x03\\x13\\x01\\x009\\x0

554 / tcp

735639583 | 2025-04-06T19:27:10.081188

RTSP/1.0 200 OK
Server: H264DVR 1.0
Cseq: 1
Public: OPTIONS, DESCRIBE, SETUP, TEARDOWN, GET_PARAMETER, SET_PARAMETER, PLAY, PAUSE

555 / tcp

1991883981 | 2025-03-28T07:45:56.600996

B\x00\x00\x00\xc3\xbfn\x04Too many connections

636 / tcp

1650594030 | 2025-03-25T13:24:40.557213

HTTP/1.1 400 Bad Request
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 4-30654152-0 0NNN RT(1705911965960 176) q(-1 -1 -1 -1) r(0 -1) b1

666 / tcp

1300162323 | 2025-03-19T21:34:44.133931

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff

789 / tcp

709622286 | 2025-03-18T18:38:35.143721

OK Welcome <299685> on DirectUpdate server 7286\r\n

811 / tcp

-1399940268 | 2025-04-02T01:09:00.671976

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

833 / tcp

-122096153 | 2025-03-24T06:27:57.752753

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

873 / tcp

-1970692834 | 2025-04-06T05:33:42.274519

@RSYNCD: 31.0\n@RSYNCD: EXIT\n

993 / tcp

307999478 | 2025-03-27T23:10:08.424574

unknown command \r\nunknown command \r\n

1023 / tcp

191006234 | 2025-04-04T16:54:14.704781

[Ý

1080 / tcp

1362344524 | 2025-03-24T03:04:26.079055

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7

1099 / tcp

-1036370807 | 2025-03-21T09:51:38.230435

JDWP-Handshake

1177 / tcp

539065883 | 2025-04-06T03:38:20.897038

1200 / tcp

171352214 | 2025-03-31T11:20:10.874720

-ERR client ip is not in whitelist

1387 / tcp

1126993057 | 2025-03-26T10:54:38.659945

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

1414 / tcp

-1453516345 | 2025-04-06T01:02:16.440606

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

1443 / tcp

-1715152554 | 2025-03-25T20:04:46.768412

Hashes

hash

474300250

http.dom_hash

1239617585

http.html_hash

-1715152554

http.server_hash

1727046647

http.title_hash

-1828380909

302 Found

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Tue, 25 Mar 2025 20:04:46 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://123.56.169.18:443/

1515 / tcp

2087396567 | 2025-03-25T03:07:00.007660

kjnkjabhbanc283ubcsbhdc72

1521 / tcp

-186520940 | 2025-04-04T18:18:31.241000

HTTP/1.1

1599 / tcp

819727972 | 2025-04-09T22:57:49.481672

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1604 / tcp

-68075478 | 2025-03-18T11:36:39.596974

1650 / tcp

-122096153 | 2025-03-20T17:59:28.554482

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

1660 / tcp

-1399940268 | 2025-03-18T04:13:08.895843

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1800 / tcp

-1399940268 | 2025-04-06T18:50:46.115627

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1801 / tcp

-1299899661 | 2025-03-20T03:22:29.673747

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074\\x97W\\xcd[\\x98\\xc4\\x1aJ\\xa5\xd1\xbf\\xf9\\xbd\\xc7\\xce\\xfd92d3\\x10\\x01\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

1911 / tcp

819727972 | 2025-03-22T03:35:08.006336

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1926 / tcp

-1189269828 | 2025-03-18T20:18:15.504477

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1962 / tcp

410249975 | 2025-03-26T14:57:42.308551

LNS READY<>

1964 / tcp

1975288991 | 2025-04-01T21:09:33.792382

OPTI

1989 / tcp

-616720387 | 2025-04-04T21:35:29.107517

SSH-2.0-SSHD_0.7.6

2000 / tcp

-1888448627 | 2025-04-02T00:19:21.359767

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

2008 / tcp

2103111368 | 2025-03-20T02:05:49.278299

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

2067 / tcp

-971970408 | 2025-03-21T09:17:31.765746

2081 / tcp

-1399940268 | 2025-03-17T03:28:49.348034

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2087 / tcp

1261582754 | 2025-03-26T22:54:30.115477

unknown command 
unknown command

2259 / tcp

-339084706 | 2025-04-10T01:25:33.034693

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

2271 / tcp

-1399940268 | 2025-04-06T15:15:53.192819

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2345 / tcp

-1626979812 | 2025-03-21T14:09:21.165725

220 Service ready for new user.

2404 / tcp

165188539 | 2025-04-01T11:51:56.619902

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

2455 / tcp

1690634669 | 2025-03-29T01:36:40.067044

2548 / tcp

-303199180 | 2025-04-02T10:05:44.124992

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

2551 / tcp

398077695 | 2025-03-27T03:53:19.693676

2558 / tcp

321971019 | 2025-04-04T20:42:12.284048

-ERR client ip is not in whitelist\r

2761 / tcp

-1099385124 | 2025-04-04T19:22:32.517972

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

2762 / tcp

-653033013 | 2025-03-23T23:38:01.501015

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

3001 / tcp

-1399940268 | 2025-04-02T03:13:42.174932

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3006 / tcp

-1839934832 | 2025-04-06T21:16:33.304306

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

3010 / tcp

575925250 | 2025-03-23T09:52:53.489271

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

3017 / tcp

-1768187140 | 2025-03-25T12:06:56.251360

HTTP/1.1 403 Forbidden
Server: Microsoft-IIS/10.110
Content-Type: text/plain; charset=utf-8
Connection: close

3050 / tcp

-1888448627 | 2025-04-01T11:42:41.770644

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

3057 / tcp

-1888448627 | 2025-03-17T07:26:06.258080

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

3066 / tcp

-1399940268 | 2025-03-28T22:52:46.995541

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3071 / tcp

198844676 | 2025-04-10T01:19:03.328637

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3083 / tcp

-1986594217 | 2025-03-28T06:25:46.791987

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

3108 / tcp

1911457608 | 2025-04-02T20:19:25.534100

\x00[\x00\x00\x00\x00\x00\x00

3111 / tcp

1011407350 | 2025-04-04T14:40:41.477381

* OK GroupWise IMAP4rev1 Server Ready\r\n

3122 / tcp

-891714208 | 2025-03-28T18:22:50.974386

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

3123 / tcp

1011407350 | 2025-04-04T22:41:18.390704

* OK GroupWise IMAP4rev1 Server Ready\r\n

3131 / tcp

1308377066 | 2025-03-31T13:05:37.093230

ncacn_http/1.0

3134 / tcp

1911457608 | 2025-03-25T23:25:10.521718

\x00[\x00\x00\x00\x00\x00\x00

3136 / tcp

-146605374 | 2025-03-22T19:44:58.887027

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

3159 / tcp

-2089734047 | 2025-04-04T16:57:33.579308

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3165 / tcp

-2089734047 | 2025-03-24T18:04:37.958843

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3174 / tcp

504717326 | 2025-03-26T09:11:57.819839

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 6 1

3183 / tcp

1282941221 | 2025-03-26T23:30:52.091294

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

3186 / tcp

921225407 | 2025-04-09T10:30:58.101749

\x00\x00\x00\x04\x00\x00\x00\x00\x00

3190 / tcp

1948301213 | 2025-04-03T15:23:03.086369

RFB 003.003
VNC:
  Protocol Version: 3.3

3196 / tcp

1210754493 | 2025-03-22T05:31:25.854249

0\x0c\x02\x01\x01a\x07\n\x01\x00\x04\x00\x04\x00

3200 / tcp

410249975 | 2025-03-19T18:29:01.967322

LNS READY<>

3260 / tcp

1135752610 | 2025-04-05T01:53:23.332921

Login Response Success(0x0000)\nKey/Value Pairs\nAuthMethod=None

3268 / tcp

-879070264 | 2025-04-09T06:55:00.109796

\\xab\xca\xa5]\\x00\\x00\\x00\\x18\\xc0\\x00\\x00\\x01\\xff\\xff\\xff\\xff\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00

3270 / tcp

-358801646 | 2025-04-03T21:05:29.729920

SSH-2.0-OpenSSH_6.6.1

3299 / tcp

2087396567 | 2025-03-31T18:32:34.983278

kjnkjabhbanc283ubcsbhdc72

3301 / tcp

-653033013 | 2025-03-25T21:00:15.552117

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

3306 / tcp

1000685185 | 2025-04-08T20:47:30.897998

Mysql Version: 5.7.44-log \r\nN\\x00\\x00\\x00\n5.7.44-log\\x00r/\\x06\\x00u1Z3=}L\\x04\\x00\\xff\\xff-\\x02\\x00\\xff\\xc1\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00tKb,\\x0eS\\x19\\x7fD\\x15rQ\\x00mysql_native_password\\x00

3307 / tcp

-1032713145 | 2025-03-29T17:35:41.794056

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

3310 / tcp

1911457608 | 2025-03-27T00:54:15.211582

\x00[\x00\x00\x00\x00\x00\x00

3342 / tcp

165188539 | 2025-03-20T03:48:02.712391

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

3352 / tcp

-1189269828 | 2025-04-05T07:58:51.747055

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

3388 / tcp

321971019 | 2025-04-03T21:46:06.653716

-ERR client ip is not in whitelist\r

3389 / tcp

419073695 | 2025-03-27T21:18:44.565371

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x02\\x1f\\x08\\x00\\x08\\x00\\x00\\x00\n\nFlag: PROTOCOL_HYBRID_EX\nTarget_Name: 172_19_32_23\nProduct_Version: 10.0.20348 Ntlm 15\nOS: Windows Server 2022\nNetBIOS_Domain_Name: 172_19_32_23\nNetBIOS_Computer_Name: 172_19_32_23\nDNS_Domain_Name: 172_19_32_23\nDNS_Computer_Name: 172_19_32_23\nSystem_Time: 2024-01-22 08:40:52 +0000 UTC\n\n

3407 / tcp

1332894250 | 2025-04-02T10:49:11.478214

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

3410 / tcp

639175818 | 2025-04-03T19:02:52.457758

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

3500 / tcp

-1428621233 | 2025-03-17T07:38:46.555216

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

3503 / tcp

-1399940268 | 2025-04-02T02:31:28.929416

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3521 / tcp

632542934 | 2025-03-28T21:23:59.374432

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

3540 / tcp

1574088840 | 2025-03-25T07:15:49.662141

">Application and Content Networking Software 3.9</a>)\n</BODY><

3561 / tcp

740837454 | 2025-04-08T05:47:06.612108

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

3780 / tcp

2087396567 | 2025-03-17T10:24:00.023440

kjnkjabhbanc283ubcsbhdc72

3790 / tcp

1948301213 | 2025-03-20T05:21:03.774177

RFB 003.003
VNC:
  Protocol Version: 3.3

3910 / tcp

-1779118422 | 2025-03-27T21:59:14.854716

\x00[\xc2\xae\xc2\x8d{\x7f\x00\x00

3922 / tcp

-1399940268 | 2025-04-03T16:21:25.505805

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3951 / tcp

-2089734047 | 2025-03-22T02:56:38.930302

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3953 / tcp

1991883981 | 2025-04-03T19:43:36.434424

B\x00\x00\x00\xc3\xbfn\x04Too many connections

4000 / tcp

-1960639992 | 2025-04-02T17:03:47.922309

HTTP/1.1 401 Unauthorized

4063 / tcp

-1013082686 | 2025-04-06T16:00:34.565347

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

4064 / tcp

-457235091 | 2025-03-23T19:22:03.881042

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

4150 / tcp

-1839934832 | 2025-04-07T02:05:16.905437

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

4159 / tcp

-1399940268 | 2025-03-25T09:16:20.480699

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4190 / tcp

632542934 | 2025-03-21T04:38:06.086498

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

4321 / tcp

-1250504565 | 2025-03-20T02:17:10.253710

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

4369 / tcp

-1399940268 | 2025-03-24T08:56:03.554021

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4401 / tcp

-1329831334 | 2025-03-23T19:26:34.602927

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

4434 / tcp

-1114821551 | 2025-04-05T21:06:00.077526

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

4435 / tcp

819727972 | 2025-03-27T11:10:29.591095

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

4438 / tcp

-1730858130 | 2025-04-01T12:15:06.567512

RFB 003.008
VNC:
  Protocol Version: 3.8

4443 / tcp

141533638 | 2025-03-21T18:00:01.897771

HTTP/1.1 302 Found
Location: /index.html

4461 / tcp

-1248408558 | 2025-03-27T10:29:12.612447

220 MikroTik FTP server (MikroTik 6.44.3) ready

4500 / tcp

-1327660293 | 2025-04-05T22:09:52.612821

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

4506 / tcp

-1760806421 | 2025-04-04T00:15:23.725754

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected

4520 / tcp

819727972 | 2025-04-09T15:20:05.583442

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

4530 / tcp

1911457608 | 2025-04-06T15:07:47.088843

\x00[\x00\x00\x00\x00\x00\x00

4573 / tcp

-1399940268 | 2025-04-09T10:28:34.535541

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4700 / tcp

-438503381 | 2025-03-17T22:16:18.687956

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

4899 / tcp

660175493 | 2025-04-06T22:49:55.560390

4911 / tcp

-2096652808 | 2025-04-09T02:19:40.177762

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

4949 / tcp

-345718689 | 2025-04-09T00:41:57.085421

Vty password is not set.

5003 / tcp

632542934 | 2025-04-03T10:28:51.302360

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

5010 / tcp

-1810987450 | 2025-03-19T04:58:46.550360

\xc3\xbf

5130 / tcp

-2089734047 | 2025-03-24T16:35:18.096852

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

5172 / tcp

1690634669 | 2025-04-04T18:02:53.522757

5190 / tcp

-1902426733 | 2025-03-22T10:48:04.274199

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html
Expires: 0

5209 / tcp

-1399940268 | 2025-04-01T22:12:29.921867

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5222 / tcp

-1013082686 | 2025-04-06T23:52:47.575499

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

5223 / tcp

-122096153 | 2025-03-28T00:04:48.905619

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

5236 / tcp

819727972 | 2025-04-02T13:31:22.436967

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

5261 / tcp

-1399940268 | 2025-03-31T10:30:36.091265

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5266 / tcp

-1399940268 | 2025-04-02T04:43:32.770200

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5269 / tcp

-1854630806 | 2025-04-08T10:39:29.775597

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705937491.237-w-waf01tjgt

5271 / tcp

1911457608 | 2025-04-02T03:15:20.397833

\x00[\x00\x00\x00\x00\x00\x00

5400 / tcp

-2096652808 | 2025-03-19T00:53:14.403532

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

5432 / tcp

-1487943323 | 2025-03-22T07:09:40.015140

431 Unable to negotiate secure command connection.\r\n

5435 / tcp

321971019 | 2025-04-03T04:55:36.839314

-ERR client ip is not in whitelist\r

5495 / tcp

-1032713145 | 2025-04-05T08:56:44.330177

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

5605 / tcp

-1399940268 | 2025-03-29T02:18:20.007360

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5858 / tcp

-971970408 | 2025-04-06T10:10:24.364194

5938 / tcp

2098371729 | 2025-03-23T23:31:04.336738

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

5986 / tcp

-971970408 | 2025-04-06T23:51:38.599947

5987 / tcp

398822919 | 2025-03-24T22:42:39.672882

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 14-16556544-0 0NNN RT(1699949476148 7) q(0 -1 -1 -1) r(0 -1)

5992 / tcp

165188539 | 2025-04-02T10:17:43.828202

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

6000 / tcp

819727972 | 2025-03-17T14:31:38.517428

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

6001 / tcp

-303199180 | 2025-03-18T23:46:14.060083

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

6005 / tcp

-2140303521 | 2025-03-23T03:32:21.357517

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

6590 / tcp

1911457608 | 2025-03-20T20:17:58.014953

\x00[\x00\x00\x00\x00\x00\x00

6603 / tcp

-441419608 | 2025-03-25T06:45:31.166359

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

6605 / tcp

-904840257 | 2025-03-31T12:29:20.206057

572 Relay not authorized\r\n

6633 / tcp

-1059554316 | 2025-03-18T22:35:57.313268

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

6653 / tcp

-1996280214 | 2025-03-20T02:49:55.963574

\x06\x04\x05@

6661 / tcp

-1839934832 | 2025-03-19T12:05:06.662888

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

6666 / tcp

-365662216 | 2025-03-31T16:04:55.701524

\x05\xff

6667 / tcp

89282912 | 2025-03-26T08:03:51.171087

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto
col:SOAP, MKSDisplayProtocol:VNC , ,

6668 / tcp

165188539 | 2025-04-02T02:22:45.367049

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

6688 / tcp

-1428621233 | 2025-04-06T01:24:24.216836

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

6799 / tcp

-1297953727 | 2025-04-05T16:29:54.840908

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

7001 / tcp

641070437 | 2025-04-09T11:23:31.102025

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
Deny-Reason: hotload rechange server uri format error!!
Request-Id: 65ae2576b8dddc78c2c56b6d959693af

7083 / tcp

-1032713145 | 2025-03-17T23:15:49.586628

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

7373 / tcp

-1045760528 | 2025-03-31T07:38:51.973567

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

7415 / tcp

-653033013 | 2025-03-29T06:41:35.440963

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

7434 / tcp

660175493 | 2025-03-18T21:57:59.531668

7480 / tcp

1911457608 | 2025-03-25T19:22:26.630110

\x00[\x00\x00\x00\x00\x00\x00

7548 / tcp

819727972 | 2025-03-24T18:35:49.032403

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

7778 / tcp

1212285915 | 2025-04-02T10:52:30.576190

\x00K\x00\x00\x02\x00\x00\x00%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

8007 / tcp

-445955279 | 2025-03-25T17:59:10.013339

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
Deny-Reason: hotload rechange server uri format error!!
Request-Id: 65ae24c26ba0b56f242738cbb7d05b70

8009 / tcp

1620329124 | 2025-03-29T14:43:46.690302

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\x01\xc3\xbf\xc3\xbb\x03\xc3\xbf\xc3\xbd\x01\xc3\xbf\xc3\xbe\x01Username:

8012 / tcp

-1737707071 | 2025-03-26T08:40:07.562326

\x00b\x00\x01\x00\x00\x00\x00x\x0b\x00\x00\x00\x00z\x00437

8045 / tcp

2059642140 | 2025-04-06T03:24:16.571165

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 56-52314072-0 0NNN RT(1700786708752 0) q(0 -1 -1 -1) r(0 -1)

8047 / tcp

-1779118422 | 2025-03-17T09:34:32.142907

\x00[\xc2\xae\xc2\x8d{\x7f\x00\x00

8050 / tcp

165188539 | 2025-03-24T19:24:33.900723

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8051 / tcp

1642597142 | 2025-04-06T21:01:54.642508

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

8074 / tcp

-1399940268 | 2025-03-19T18:54:34.586609

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8081 / tcp

-971970408 | 2025-04-04T16:10:22.271328

8083 / tcp

233634112 | 2025-03-23T19:10:29.377672

SSH-98.60-SysaxSSH_81885..42

8084 / tcp

1426971893 | 2025-04-04T07:15:43.261065

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

8085 / tcp

472902042 | 2025-04-02T17:14:53.043782

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

8087 / tcp

-2107996212 | 2025-03-21T11:20:48.924274

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

8096 / tcp

-1730858130 | 2025-03-19T20:23:12.774887

RFB 003.008
VNC:
  Protocol Version: 3.8

8099 / tcp

1115736665 | 2025-03-28T09:30:15.882117

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
via: CHN-GDdongguan-AREACMCC2-CACHE15[8]
X-CCDN-FORBID-CODE: 040001

8109 / tcp

-1399940268 | 2025-03-22T17:21:21.027371

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8118 / tcp

-1399940268 | 2025-03-25T01:30:16.357336

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8120 / tcp

819727972 | 2025-04-06T00:03:32.497594

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8122 / tcp

-1538260461 | 2025-04-06T11:54:33.017246

\x01\x00\x00\x00

8137 / tcp

-1648456501 | 2025-04-02T19:30:14.213848

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

8140 / tcp

-1839934832 | 2025-03-18T09:38:17.420785

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8148 / tcp

-142686627 | 2025-03-25T17:28:49.968854

\x00[\xc2\xba\x7fs\x7f\x00\x00

8155 / tcp

1996932384 | 2025-03-20T20:56:02.521963

"raop" nonce

8175 / tcp

1911457608 | 2025-04-02T11:30:55.386465

\x00[\x00\x00\x00\x00\x00\x00

8176 / tcp

-1099385124 | 2025-03-23T06:24:42.438967

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

8200 / tcp

1320285193 | 2025-04-02T23:29:24.876592

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

8236 / tcp

-1327660293 | 2025-03-17T09:00:09.464862

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

8252 / tcp

-249504111 | 2025-03-31T07:13:03.655737

\x00[xU-\x7f\x00\x00

8291 / tcp

-1399940268 | 2025-03-28T23:45:55.597880

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8316 / tcp

1830697416 | 2025-04-03T10:44:39.716329

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

8333 / tcp

-1300025046 | 2025-04-09T11:51:55.947767

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705941025.555-waf01bjtp3

8401 / tcp

119860953 | 2025-03-26T20:49:49.612330

* OK ArGoSoft Mail Server IMAP Module v.YW at

8406 / tcp

-1399940268 | 2025-04-01T22:48:19.621479

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8425 / tcp

-1399940268 | 2025-03-27T05:32:33.092081

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8456 / tcp

321971019 | 2025-04-01T15:08:29.541021

-ERR client ip is not in whitelist\r

8467 / tcp

-1399940268 | 2025-04-01T21:52:46.964704

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8500 / tcp

1929293267 | 2025-03-28T23:46:08.059036

HTTP/1.1 404 Not Found
Server: nginx
Content-Type: text/html; charset=utf-8
Connection: keep-alive

8510 / tcp

-1399940268 | 2025-03-28T11:33:05.427841

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8515 / tcp

1077013874 | 2025-03-19T02:44:56.350012

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

8544 / tcp

-1399940268 | 2025-03-26T07:31:42.571239

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8545 / tcp

307999478 | 2025-04-06T03:18:56.239657

unknown command \r\nunknown command \r\n

8567 / tcp

-653033013 | 2025-03-31T18:04:52.017169

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

8568 / tcp

1911457608 | 2025-04-05T19:02:24.404513

\x00[\x00\x00\x00\x00\x00\x00

8571 / tcp

-2096652808 | 2025-03-24T21:26:42.617356

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8573 / tcp

1911457608 | 2025-03-17T20:48:08.324626

\x00[\x00\x00\x00\x00\x00\x00

8580 / tcp

-616720387 | 2025-03-25T02:07:10.944221

SSH-2.0-SSHD_0.7.6

8598 / tcp

-441419608 | 2025-03-18T18:59:48.864972

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

8623 / tcp

1655023012 | 2025-03-23T05:57:27.845057

athinfod: invalid query.\n

8702 / tcp

-2033111675 | 2025-03-18T23:11:19.047708

~djb

8728 / tcp

819727972 | 2025-04-03T23:16:10.036374

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8803 / tcp

1911457608 | 2025-03-24T16:03:07.639784

\x00[\x00\x00\x00\x00\x00\x00

8817 / tcp

1911457608 | 2025-03-25T16:11:14.655747

\x00[\x00\x00\x00\x00\x00\x00

8818 / tcp

1911457608 | 2025-03-25T22:46:45.890952

\x00[\x00\x00\x00\x00\x00\x00

8821 / tcp

-2089734047 | 2025-03-19T07:12:31.115881

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8825 / tcp

-2089734047 | 2025-04-02T21:57:57.967901

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8828 / tcp

-1399940268 | 2025-03-19T19:28:53.034091

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8835 / tcp

1911457608 | 2025-04-09T10:49:52.807143

\x00[\x00\x00\x00\x00\x00\x00

8871 / tcp

639175818 | 2025-03-26T20:43:50.553188

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

8874 / tcp

-2107996212 | 2025-03-24T16:40:46.396483

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

8875 / tcp

-1888448627 | 2025-03-19T14:01:45.883491

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8878 / tcp

-2089734047 | 2025-04-09T10:00:35.126798

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8881 / tcp

165188539 | 2025-03-22T13:16:26.093435

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8889 / tcp

2087396567 | 2025-04-03T03:46:47.814858

kjnkjabhbanc283ubcsbhdc72

8906 / tcp

937756010 | 2025-03-22T22:51:52.014724

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x01\x00\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8911 / tcp

-1399940268 | 2025-04-09T23:05:53.710623

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9000 / tcp

-2067028711 | 2025-04-08T17:05:15.242651

\x15\x03\x01\x00\x02\x02F

9001 / tcp

-1026951088 | 2025-03-21T02:04:40.793291

erro ip

9002 / tcp

819727972 | 2025-04-07T03:41:58.841986

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9005 / tcp

165188539 | 2025-03-27T04:59:13.204048

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9014 / tcp

-1399940268 | 2025-03-24T23:41:30.129636

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9042 / tcp

1282941221 | 2025-04-03T19:50:58.596470

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

9062 / tcp

-1888448627 | 2025-03-23T03:15:14.863951

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9063 / tcp

-146605374 | 2025-03-24T22:08:59.231832

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

9065 / tcp

-2080784861 | 2025-04-09T13:37:19.253457

GBPK\xc3\xbb\xc3\xb7n\xc2\x93W\xc2\xaf\xc2\x86\xc2\x93x@\xc2\xa9\x0e\xc3\x8a*\xc2\x9bS\x00

9068 / tcp

-1105333987 | 2025-04-06T11:54:12.878911

\x00[KpU\x7f\x00\x00

9087 / tcp

-1399940268 | 2025-04-02T20:04:24.665595

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9089 / tcp

819727972 | 2025-04-01T15:13:20.482464

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9100 / tcp

921225407 | 2025-04-03T19:24:01.523255

\x00\x00\x00\x04\x00\x00\x00\x00\x00

9120 / tcp

-1327660293 | 2025-03-22T05:29:57.642090

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

9144 / tcp

1282941221 | 2025-04-07T00:33:02.924865

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

9151 / tcp

-1316491703 | 2025-04-09T13:09:06.251491

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready

9153 / tcp

-2089734047 | 2025-04-04T08:47:13.532399

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9155 / tcp

-585940771 | 2025-04-02T23:07:29.366629

Unknown command\r\n

9160 / tcp

632542934 | 2025-04-10T01:34:16.642876

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

9166 / tcp

-1399940268 | 2025-04-01T10:32:27.531013

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9177 / tcp

819727972 | 2025-03-26T09:03:37.802318

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9201 / tcp

819727972 | 2025-04-09T19:23:23.619550

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9221 / tcp

1911457608 | 2025-03-29T19:02:22.753605

\x00[\x00\x00\x00\x00\x00\x00

9283 / tcp

-1399940268 | 2025-04-05T10:33:36.409373

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9289 / tcp

639175818 | 2025-04-03T00:05:20.595786

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

9299 / tcp

205347087 | 2025-03-27T09:34:41.246670

SSH-25453-Cisco-3524665.35\n

9306 / tcp

2098371729 | 2025-04-08T16:21:25.124091

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

9333 / tcp

921225407 | 2025-04-01T02:21:32.933946

\x00\x00\x00\x04\x00\x00\x00\x00\x00

9398 / tcp

-1900404274 | 2025-03-23T23:02:51.825337

Unknown command

9441 / tcp

-441419608 | 2025-03-25T17:18:50.334014

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

9600 / tcp

820958131 | 2025-03-22T08:53:00.582009

kjnkjabhbanc283ubcsbhdc72\x02

9606 / tcp

-1888448627 | 2025-03-27T19:04:27.888724

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9633 / tcp

819727972 | 2025-03-28T11:29:20.229776

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9804 / tcp

-1399940268 | 2025-03-25T23:36:51.015248

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9876 / tcp

-1451615933 | 2025-04-02T02:31:55.735985

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705941912.469-s5jhg

9943 / tcp

1712606111 | 2025-03-23T02:31:19.264455

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1282_PSzqstdxyw34_8689-21922

9944 / tcp

1842524259 | 2025-04-08T07:57:08.266117

9998 / tcp

1969772007 | 2025-04-09T00:42:07.363535

HTTP/1.1 400 Bad Request
Connection: keep-alive
Connection: close
X-Via-JSL: c973153,-
X-Cache: error

9999 / tcp

1161309183 | 2025-04-03T17:09:25.295915

ProxyServer is ready

10023 / tcp

-274082663 | 2025-03-20T06:41:18.968584

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

10031 / tcp

205347087 | 2025-03-26T14:48:13.269303

SSH-25453-Cisco-3524665.35\n

10032 / tcp

819727972 | 2025-03-23T05:41:46.967935

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

10036 / tcp

-1399940268 | 2025-04-01T16:50:40.146391

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10050 / tcp

171352214 | 2025-04-06T14:41:49.276933

-ERR client ip is not in whitelist

10051 / tcp

-1059554316 | 2025-04-06T11:46:20.865533

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

10134 / tcp

-1032713145 | 2025-04-03T18:38:27.075538

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

10225 / tcp

-1399940268 | 2025-04-03T07:47:36.941192

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10393 / tcp

2098371729 | 2025-03-18T15:20:16.822763

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

10909 / tcp

-2096652808 | 2025-03-21T21:41:36.245929

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

10911 / tcp

-2096652808 | 2025-03-21T08:41:59.834259

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

10933 / tcp

-2089734047 | 2025-03-17T06:26:21.148095

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

11112 / tcp

307999478 | 2025-03-19T04:17:46.003439

unknown command \r\nunknown command \r\n

11288 / tcp

1948301213 | 2025-04-08T19:05:49.876392

RFB 003.003
VNC:
  Protocol Version: 3.3

11300 / tcp

-1626979812 | 2025-04-03T22:40:02.471897

220 Service ready for new user.

11480 / tcp

-1399940268 | 2025-03-17T17:05:45.811818

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

11601 / tcp

321971019 | 2025-04-06T08:59:59.397126

-ERR client ip is not in whitelist\r

12000 / tcp

-142852466 | 2025-04-06T07:34:36.525913

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11\r\n

12101 / tcp

632542934 | 2025-03-19T17:12:40.064999

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

12105 / tcp

-1746074029 | 2025-04-06T07:54:22.049043

101 imqbroker =unV\r\n

12114 / tcp

669849225 | 2025-03-20T03:40:42.905381

SSH-98.60-SysaxSSH_81885..42\r\n

12124 / tcp

-1399940268 | 2025-04-06T08:03:58.599324

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12135 / tcp

-1329831334 | 2025-03-21T19:03:26.911385

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

12141 / tcp

1948301213 | 2025-04-05T23:04:51.482497

RFB 003.003
VNC:
  Protocol Version: 3.3

12148 / tcp

-1399940268 | 2025-03-26T05:26:40.447190

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12152 / tcp

-1399940268 | 2025-03-17T14:55:09.973967

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12177 / tcp

-1373613804 | 2025-04-03T21:33:15.063313

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

12182 / tcp

-136006866 | 2025-03-27T06:55:08.326318

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

12185 / tcp

819727972 | 2025-03-27T00:51:38.395910

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12192 / tcp

-1399940268 | 2025-04-06T08:40:27.853275

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12194 / tcp

-1641514916 | 2025-03-22T20:15:47.036858

* OK Merak 1dFUa2 IMAP4rev1

12213 / tcp

1911457608 | 2025-03-23T11:23:10.909958

\x00[\x00\x00\x00\x00\x00\x00

12240 / tcp

15018106 | 2025-03-25T06:23:26.618794

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

12253 / tcp

-2089734047 | 2025-03-24T08:23:15.359811

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12261 / tcp

1911457608 | 2025-03-19T12:13:20.802776

\x00[\x00\x00\x00\x00\x00\x00

12265 / tcp

1869192275 | 2025-03-24T10:20:06.722378

\n

12286 / tcp

-1399940268 | 2025-03-18T23:40:17.597261

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12295 / tcp

-1399940268 | 2025-04-02T12:48:54.637564

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12312 / tcp

819727972 | 2025-03-24T17:20:38.566318

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12338 / tcp

1353260875 | 2025-04-08T20:40:05.693231

\x00[g\xc2\x95N\x7f\x00\x00

12340 / tcp

1615193817 | 2025-04-08T23:57:31.306197

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

12343 / tcp

307999478 | 2025-03-29T20:42:37.552417

unknown command \r\nunknown command \r\n

12345 / tcp

878900329 | 2025-04-06T01:47:19.867120

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae24ba_PStjkgwtss75_22411-43255

12348 / tcp

-1399940268 | 2025-03-28T14:12:32.225584

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12361 / tcp

-1013082686 | 2025-03-19T00:42:20.054568

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

12366 / tcp

-146605374 | 2025-04-09T14:19:07.865185

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

12383 / tcp

-1399940268 | 2025-04-01T14:30:55.005123

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12401 / tcp

-1059554316 | 2025-03-19T19:13:28.082156

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

12418 / tcp

819727972 | 2025-03-31T10:23:49.570659

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12419 / tcp

-1399940268 | 2025-04-08T11:26:35.934088

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12445 / tcp

-653033013 | 2025-04-03T02:41:38.195496

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

12461 / tcp

-1399940268 | 2025-03-27T14:42:03.810931

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12477 / tcp

-1730858130 | 2025-03-25T06:29:50.089918

RFB 003.008
VNC:
  Protocol Version: 3.8

12506 / tcp

-1713437100 | 2025-04-09T22:36:22.185411

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

12507 / tcp

-2089734047 | 2025-04-09T20:39:24.428673

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12525 / tcp

-1399940268 | 2025-04-05T12:02:26.969256

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12539 / tcp

1761482307 | 2025-04-08T16:50:29.714093

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

12556 / tcp

408230060 | 2025-03-27T16:33:52.881660

\r\nSorry, that nickname format is invalid.\r\n

12563 / tcp

2098371729 | 2025-03-23T17:44:41.196457

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

12568 / tcp

-2089734047 | 2025-03-23T16:03:04.711115

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12576 / tcp

-1399940268 | 2025-04-08T12:04:58.541826

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12587 / tcp

-1699556818 | 2025-03-17T06:34:36.190901

\x01remshd: Kerberos Authentication not enabled.\n

12615 / tcp

-1399940268 | 2025-03-21T22:09:40.559168

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

13047 / tcp

1842524259 | 2025-04-06T18:56:38.283721

14084 / tcp

819727972 | 2025-03-22T11:24:13.990124

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

14147 / tcp

-1399940268 | 2025-03-23T17:02:28.333211

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14265 / tcp

2065825433 | 2025-04-04T15:35:45.843798

220 Microsoft FTP Service

14344 / tcp

-1611764932 | 2025-03-31T13:51:46.966981

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

14403 / tcp

165188539 | 2025-03-18T03:15:51.334189

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

14873 / tcp

-1399940268 | 2025-03-20T11:13:55.322100

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14896 / tcp

401555314 | 2025-04-06T05:14:32.928767

NB[GFXjA^R

14903 / tcp

1830697416 | 2025-03-26T09:10:17.967596

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

15018 / tcp

165188539 | 2025-03-26T05:21:08.008935

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

15588 / tcp

1911457608 | 2025-03-31T07:15:09.063835

\x00[\x00\x00\x00\x00\x00\x00

16010 / tcp

-971970408 | 2025-03-21T02:28:08.518963

16015 / tcp

632542934 | 2025-04-02T14:45:55.375415

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

16035 / tcp

-1399940268 | 2025-04-01T01:16:28.038154

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16039 / tcp

819727972 | 2025-03-28T11:09:10.576067

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

16043 / tcp

1911457608 | 2025-03-18T20:13:47.046970

\x00[\x00\x00\x00\x00\x00\x00

16055 / tcp

1911457608 | 2025-04-04T00:16:58.326485

\x00[\x00\x00\x00\x00\x00\x00

16058 / tcp

819727972 | 2025-04-03T21:45:15.160422

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

16061 / tcp

-1399940268 | 2025-03-23T07:00:04.347628

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16063 / tcp

307999478 | 2025-03-23T14:17:19.297130

unknown command \r\nunknown command \r\n

16072 / tcp

1911457608 | 2025-04-03T19:08:50.140800

\x00[\x00\x00\x00\x00\x00\x00

16075 / tcp

1911457608 | 2025-03-25T07:35:07.187747

\x00[\x00\x00\x00\x00\x00\x00

16080 / tcp

1177566594 | 2025-04-08T16:19:11.267580

HTTP/1.0 400 Bad Request
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Expires: Sat, 02 Dec 2023 07:00:51 GMT
Connection: close

16091 / tcp

2103111368 | 2025-04-03T19:34:51.035019

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

16099 / tcp

-2140303521 | 2025-03-24T11:35:03.285275

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

16992 / tcp

-147424911 | 2025-03-22T17:27:39.869142

HTTP/1.1 404 Not Found
Content Length: 0

16993 / tcp

-971970408 | 2025-04-02T15:01:54.431303

17000 / tcp

-1810987450 | 2025-04-03T19:11:58.318045

\xc3\xbf

17020 / tcp

1991883981 | 2025-03-27T19:24:52.218594

B\x00\x00\x00\xc3\xbfn\x04Too many connections

17778 / tcp

1665283070 | 2025-04-01T14:36:34.517609

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x01\x00\x00\x10\x00\x00\n0\x03\x00\x00\x00\x01\x00\x05\x00\x00@\x00\x00\x06\x00\x00\x1f@

18003 / tcp

-2089734047 | 2025-04-02T22:20:33.440185

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

18013 / tcp

897328069 | 2025-03-20T10:28:04.694799

220 mail.scott000.com ESMTP

18018 / tcp

-2089734047 | 2025-04-06T18:07:10.789974

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

18033 / tcp

1208318993 | 2025-04-09T10:02:59.872524

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

18036 / tcp

-1453516345 | 2025-04-08T15:15:20.956190

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

18062 / tcp

1911457608 | 2025-04-02T16:43:40.238235

\x00[\x00\x00\x00\x00\x00\x00

18066 / tcp

-1888448627 | 2025-04-04T12:36:14.145479

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

18073 / tcp

-1399940268 | 2025-04-09T19:56:10.057717

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18080 / tcp

1332894250 | 2025-04-08T21:10:51.364066

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

18081 / tcp

819727972 | 2025-03-31T15:21:56.643017

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

18082 / tcp

-1699556818 | 2025-04-03T17:11:03.667231

\x01remshd: Kerberos Authentication not enabled.\n

18104 / tcp

1996932384 | 2025-03-21T18:35:18.447347

"raop" nonce

18245 / tcp

-1730858130 | 2025-03-19T18:55:14.384619

RFB 003.008
VNC:
  Protocol Version: 3.8

18553 / tcp

2087396567 | 2025-04-06T20:45:16.576026

kjnkjabhbanc283ubcsbhdc72

19000 / tcp

-992671574 | 2025-04-01T16:23:19.790121

@RSYNCD: 26

19016 / tcp

-1399940268 | 2025-04-04T21:51:39.971519

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

19080 / tcp

819727972 | 2025-04-05T21:25:21.387163

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

19200 / tcp

1723769361 | 2025-04-04T06:01:50.513348

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

19930 / tcp

819727972 | 2025-04-06T15:26:53.554582

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

20000 / tcp

1900503736 | 2025-04-03T22:01:01.631585

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

20087 / tcp

-2096652808 | 2025-03-26T11:48:20.218953

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

20150 / tcp

-1248408558 | 2025-03-25T23:29:54.490504

220 MikroTik FTP server (MikroTik 6.44.3) ready

20256 / tcp

-1399940268 | 2025-04-09T10:48:31.247771

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20547 / tcp

-1681927087 | 2025-04-03T15:11:26.297278

kjnkjabhbanc283ubcsbhdc72

20880 / tcp

1370263973 | 2025-03-17T13:37:41.435372

dubbo>

21002 / tcp

-2096652808 | 2025-04-03T21:44:48.351728

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

21025 / tcp

422524323 | 2025-04-03T13:01:59.086038

{
"Version": "3.4.18",
"VersionArray": [
3,
4,
18,
0
],
"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",
"OpenSSLVersion": "",
"SysInfo": "",
"Bits": 64,
"Debug": false,
"MaxObjectSize": 16777216
}

21242 / tcp

-1648456501 | 2025-03-24T06:39:15.361443

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

21272 / tcp

-303199180 | 2025-03-26T09:00:33.519178

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

21276 / tcp

165188539 | 2025-03-31T09:57:58.980429

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

21280 / tcp

-1795027372 | 2025-03-25T00:51:01.804621

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

21293 / tcp

-1986594217 | 2025-04-09T11:51:00.683069

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

21298 / tcp

-1399940268 | 2025-03-22T02:04:42.320570

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21304 / tcp

1911457608 | 2025-03-18T17:01:47.990092

\x00[\x00\x00\x00\x00\x00\x00

21307 / tcp

-358801646 | 2025-03-20T18:47:44.910845

SSH-2.0-OpenSSH_6.6.1

21379 / tcp

-971970408 | 2025-04-03T12:31:11.231644

22000 / tcp

1741579575 | 2025-04-01T18:06:31.016589

22001 / tcp

401555314 | 2025-03-27T21:41:57.335562

NB[GFXjA^R

22069 / tcp

-1230049476 | 2025-04-01T06:00:18.927977

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

22070 / tcp

740837454 | 2025-04-04T01:58:07.802771

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

22556 / tcp

-1189269828 | 2025-04-09T16:55:21.975483

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

23128 / tcp

1353260875 | 2025-03-19T18:17:23.705622

\x00[g\xc2\x95N\x7f\x00\x00

23424 / tcp

171352214 | 2025-04-03T07:44:46.158457

-ERR client ip is not in whitelist

24245 / tcp

1308377066 | 2025-04-06T07:45:53.852065

ncacn_http/1.0

25001 / tcp

1492413928 | 2025-04-05T23:46:35.165374

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

25105 / tcp

819727972 | 2025-04-03T06:01:43.216263

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

25565 / tcp

1189133115 | 2025-04-03T05:40:20.507950

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

26657 / tcp

-1261090339 | 2025-03-28T03:09:48.794955

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

27015 / tcp

-1588385920 | 2025-03-27T17:15:55.546743

Command: None
Size: 540029490
ID: 1987208531
Type: 543515497

27016 / tcp

-2107996212 | 2025-03-25T14:38:39.805312

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

27017 / tcp

1763259671 | 2025-03-23T09:19:24.013046

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

28015 / tcp

-1399940268 | 2025-04-03T23:50:29.416806

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

30002 / tcp

1632932802 | 2025-03-26T21:55:23.562179

30008 / tcp

819727972 | 2025-04-03T21:50:03.671952

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

30011 / tcp

-1140468363 | 2025-03-19T18:19:34.483110

\x02\t\x01

30019 / tcp

-1399940268 | 2025-03-24T20:16:28.271106

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

30022 / tcp

1741579575 | 2025-04-06T00:45:30.856335

30122 / tcp

539065883 | 2025-03-19T21:42:29.426727

30222 / tcp

841014058 | 2025-04-05T19:31:44.277728

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

30322 / tcp

2087396567 | 2025-03-24T14:36:47.847250

kjnkjabhbanc283ubcsbhdc72

30422 / tcp

1690634669 | 2025-04-05T21:56:38.998141

30473 / tcp

819727972 | 2025-04-05T17:44:11.895477

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

30622 / tcp

366084633 | 2025-03-26T03:02:15.258296

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

30701 / tcp

-1399940268 | 2025-04-03T16:11:57.336144

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

30718 / tcp

1974928000 | 2025-03-22T11:59:41.985120

LH\xdb\xc6\xdd\xf6g\x10\x19\x00\x00\x00\x18\x00\x01\x02\x00\x10\x00\x04\x00\x00\x00\x016\x8a\xc3\xd3#=)D\xef\x8f\x82\x8b<\x7f*

30822 / tcp

1741579575 | 2025-04-05T16:03:13.330158

30922 / tcp

819727972 | 2025-04-05T22:59:51.146884

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

31022 / tcp

-1032713145 | 2025-04-05T17:54:57.446865

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

31122 / tcp

-971970408 | 2025-04-05T15:02:56.868653

31222 / tcp

-1261090339 | 2025-04-05T09:54:36.817927

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

31322 / tcp

366084633 | 2025-04-05T10:54:47.478307

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

31422 / tcp

-971970408 | 2025-04-05T07:28:38.727487

31622 / tcp

-1013082686 | 2025-04-04T15:52:20.404998

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

31722 / tcp

104385780 | 2025-04-05T00:26:48.137334

ceph v2

31822 / tcp

539065883 | 2025-03-20T21:05:51.672858

31922 / tcp

-2096652808 | 2025-03-24T08:52:50.274685

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

32122 / tcp

539065883 | 2025-04-04T17:22:15.133946

32222 / tcp

2087396567 | 2025-03-23T18:14:39.829952

kjnkjabhbanc283ubcsbhdc72

32622 / tcp

1842524259 | 2025-04-04T12:11:07.808252

32764 / tcp

819727972 | 2025-04-11T17:08:08.727069

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

32822 / tcp

2033888749 | 2025-03-23T04:07:57.387527

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

33022 / tcp

171352214 | 2025-03-23T00:35:53.509578

-ERR client ip is not in whitelist

33060 / tcp

-1471513798 | 2025-04-09T19:11:23.064324

[gN

33122 / tcp

819727972 | 2025-03-22T23:43:29.293456

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

33322 / tcp

-1477838366 | 2025-03-22T08:12:19.735076

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

33338 / tcp

-971970408 | 2025-04-02T17:48:47.534297

33722 / tcp

539065883 | 2025-03-18T04:46:12.691386

33922 / tcp

2087396567 | 2025-03-18T02:58:34.961634

kjnkjabhbanc283ubcsbhdc72

34122 / tcp

539065883 | 2025-03-20T16:00:34.500819

34522 / tcp

1887224352 | 2025-03-19T12:10:26.283215

34722 / tcp

2087396567 | 2025-03-19T08:31:33.081679

kjnkjabhbanc283ubcsbhdc72

34822 / tcp

-792826324 | 2025-03-19T07:35:31.724640

220 FTP server ready - login please

35000 / tcp

1911457608 | 2025-03-26T21:31:37.163166

\x00[\x00\x00\x00\x00\x00\x00

35022 / tcp

819727972 | 2025-03-19T03:28:49.689457

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

35222 / tcp

-653033013 | 2025-03-18T10:17:19.308954

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

35422 / tcp

-1189269828 | 2025-03-19T00:32:21.482506

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

36022 / tcp

1741579575 | 2025-03-17T22:25:19.955986

36922 / tcp

-971970408 | 2025-03-18T13:55:31.798279

37443 / tcp

740837454 | 2025-04-02T01:35:20.051701

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

38022 / tcp

-445721795 | 2025-03-17T23:37:35.946534

\x00[\xc3\xaed\x1a\x7f\x00\x00

40070 / tcp

165188539 | 2025-03-18T22:19:44.664819

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

41800 / tcp

-1373613804 | 2025-04-05T23:31:36.867071

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

42194 / tcp

-1399940268 | 2025-04-08T18:47:02.476063

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

43221 / tcp

-2089734047 | 2025-04-08T09:37:46.755075

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

44158 / tcp

-433302150 | 2025-03-17T21:17:40.901672

/multistream/1.0.0

44306 / tcp

-303199180 | 2025-03-27T02:00:28.531992

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

44818 / tcp

1426971893 | 2025-03-27T19:26:10.351736

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

45667 / tcp

-441419608 | 2025-03-24T21:44:57.214114

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

45677 / tcp

1911457608 | 2025-04-04T16:40:03.501179

\x00[\x00\x00\x00\x00\x00\x00

47808 / tcp

1690634669 | 2025-03-31T12:47:58.299378

47990 / tcp

2087396567 | 2025-04-04T06:26:22.359410

kjnkjabhbanc283ubcsbhdc72

48899 / tcp

1741579575 | 2025-03-31T09:37:25.326663

49152 / tcp

1686199642 | 2025-03-31T22:00:56.734878

HTTP/1.1 404 
SERVER: Linux/4.9.44, UPnP/1.0, Portable SDK for UPnP devices/1.6.20
CONNECTION: close
CONTENT-LENGTH: 48
Accept-Ranges: bytes
CONTENT-TYPE: text/html

50000 / tcp

-971970408 | 2025-04-01T17:54:18.990506

50014 / tcp

-1105333987 | 2025-03-17T20:15:04.653570

\x00[KpU\x7f\x00\x00

50022 / tcp

819727972 | 2025-03-23T04:02:14.743831

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

50103 / tcp

-1399940268 | 2025-04-05T04:06:40.743602

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

51000 / tcp

-1327660293 | 2025-03-24T03:41:23.679066

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

51002 / tcp

580340387 | 2025-04-04T13:16:08.652392

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

51106 / tcp

-1733106930 | 2025-03-29T20:57:12.483302

Mysql Version: 5.6.50-log\nN\n5.6.50-log\x14(\nG5se"tGE\xc3\xbf\xc3\xb7-\x02\x7f\xc2\x80\x15cB^3$Zwh$wM[mysql_native_password

51235 / tcp

819727972 | 2025-03-21T17:54:57.328037

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

51434 / tcp

1991883981 | 2025-03-28T03:54:34.374622

B\x00\x00\x00\xc3\xbfn\x04Too many connections

52200 / tcp

-1329831334 | 2025-03-31T16:53:59.244262

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

52869 / tcp

-1840324437 | 2025-03-21T14:27:45.169844

53200 / tcp

-1399940268 | 2025-03-23T00:37:07.268199

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

53482 / tcp

819727972 | 2025-04-07T00:57:43.795813

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

54138 / tcp

819727972 | 2025-04-09T20:39:05.910655

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

54984 / tcp

819727972 | 2025-03-28T23:18:48.352373

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

55443 / tcp

103159425 | 2025-04-06T13:35:34.279894

SSH-1.99-RGOS_SSH

55553 / tcp

117101543 | 2025-04-01T13:07:21.214249

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

55554 / tcp

819727972 | 2025-04-10T00:08:45.171110

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

57785 / tcp

2103111368 | 2025-03-27T12:49:50.599154

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

60129 / tcp

1956828827 | 2025-04-09T15:17:40.161619

220 VMware Authentication Daemon Version 1.10: SSL Required, Se
rverDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t

61613 / tcp

-1737707071 | 2025-03-29T22:01:47.760481

\x00b\x00\x01\x00\x00\x00\x00x\x0b\x00\x00\x00\x00z\x00437

62016 / tcp

-1399940268 | 2025-03-20T04:52:24.225984

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

62078 / tcp

-583302436 | 2025-04-09T17:00:10.151058

HTTP/1.1 400 Bad Request
Server: nginx/1.13.0
Content-Type: text/html
Connection: close

63210 / tcp

320677201 | 2025-03-24T19:15:44.634404

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

63256 / tcp

-1839934832 | 2025-03-21T21:46:11.592104

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

63260 / tcp

677934968 | 2025-04-09T14:04:50.709543

lm^)Q

64295 / tcp

1996932384 | 2025-03-28T23:46:28.281845

"raop" nonce

64477 / tcp

1911457608 | 2025-04-03T14:12:48.738778

\x00[\x00\x00\x00\x00\x00\x00

123.56.169.18

Last Seen: 2025-04-11

Tags:

GeneralInformation

OpenPorts

11 / tcp 2087396567 | 2025-03-25T09:44:43.494131

15 / tcp -2089734047 | 2025-04-05T17:56:28.911758

20 / tcp 1911457608 | 2025-03-22T03:29:58.458580

25 / tcp -2089734047 | 2025-03-28T10:11:22.624913

37 / tcp 387930190 | 2025-04-02T21:15:44.692657

43 / tcp 1778988322 | 2025-03-23T22:16:05.132923

49 / tcp -359657882 | 2025-03-20T01:35:49.232241

79 / tcp -2029556872 | 2025-03-21T16:36:40.692550

89 / tcp 1911457608 | 2025-03-18T22:35:54.890875

101 / tcp -122096153 | 2025-04-05T06:24:45.042977

102 / tcp -1399940268 | 2025-04-04T12:57:40.766845

110 / tcp -1746074029 | 2025-03-31T17:56:16.841141

111 / tcp -1428621233 | 2025-03-24T22:54:00.378062

113 / tcp -527005584 | 2025-03-20T03:46:22.564461

119 / tcp 141730637 | 2025-03-27T07:33:48.267348

121 / tcp -1888448627 | 2025-03-28T17:25:18.631668

131 / tcp -303199180 | 2025-03-17T16:24:18.711698

135 / tcp -1729522695 | 2025-04-06T13:58:50.845409

175 / tcp 1911457608 | 2025-03-17T17:58:07.679373

179 / tcp -399606100 | 2025-03-24T05:53:07.400758

195 / tcp 2087396567 | 2025-04-02T12:54:34.456984

443 / tcp -904735457 | 2025-04-05T04:39:11.217172

444 / tcp -1715152554 | 2025-03-26T11:20:33.842062

Hashes

447 / tcp -832380282 | 2025-03-28T01:04:15.030393

449 / tcp 1655023012 | 2025-04-01T20:51:32.987788

452 / tcp 937756010 | 2025-03-18T17:49:03.411856

485 / tcp 1911457608 | 2025-04-06T02:30:39.209175

487 / tcp 493955023 | 2025-04-05T09:31:23.106378

503 / tcp 632542934 | 2025-03-25T02:08:15.041762

513 / tcp 1332894250 | 2025-03-21T08:22:47.372299

541 / tcp -820381412 | 2025-03-17T16:37:27.556900

554 / tcp 735639583 | 2025-04-06T19:27:10.081188

555 / tcp 1991883981 | 2025-03-28T07:45:56.600996

636 / tcp 1650594030 | 2025-03-25T13:24:40.557213

666 / tcp 1300162323 | 2025-03-19T21:34:44.133931

789 / tcp 709622286 | 2025-03-18T18:38:35.143721

811 / tcp -1399940268 | 2025-04-02T01:09:00.671976

833 / tcp -122096153 | 2025-03-24T06:27:57.752753

873 / tcp -1970692834 | 2025-04-06T05:33:42.274519

993 / tcp 307999478 | 2025-03-27T23:10:08.424574

1023 / tcp 191006234 | 2025-04-04T16:54:14.704781

1080 / tcp 1362344524 | 2025-03-24T03:04:26.079055

1099 / tcp -1036370807 | 2025-03-21T09:51:38.230435

1177 / tcp 539065883 | 2025-04-06T03:38:20.897038

1200 / tcp 171352214 | 2025-03-31T11:20:10.874720

1387 / tcp 1126993057 | 2025-03-26T10:54:38.659945

1414 / tcp -1453516345 | 2025-04-06T01:02:16.440606

1443 / tcp -1715152554 | 2025-03-25T20:04:46.768412

Hashes

1515 / tcp 2087396567 | 2025-03-25T03:07:00.007660

1521 / tcp -186520940 | 2025-04-04T18:18:31.241000

1599 / tcp 819727972 | 2025-04-09T22:57:49.481672

1604 / tcp -68075478 | 2025-03-18T11:36:39.596974

1650 / tcp -122096153 | 2025-03-20T17:59:28.554482

1660 / tcp -1399940268 | 2025-03-18T04:13:08.895843

1800 / tcp -1399940268 | 2025-04-06T18:50:46.115627

1801 / tcp -1299899661 | 2025-03-20T03:22:29.673747

1911 / tcp 819727972 | 2025-03-22T03:35:08.006336

1926 / tcp -1189269828 | 2025-03-18T20:18:15.504477

1962 / tcp 410249975 | 2025-03-26T14:57:42.308551

1964 / tcp 1975288991 | 2025-04-01T21:09:33.792382

1989 / tcp -616720387 | 2025-04-04T21:35:29.107517

2000 / tcp -1888448627 | 2025-04-02T00:19:21.359767

2008 / tcp 2103111368 | 2025-03-20T02:05:49.278299

2067 / tcp -971970408 | 2025-03-21T09:17:31.765746

2081 / tcp -1399940268 | 2025-03-17T03:28:49.348034

2087 / tcp 1261582754 | 2025-03-26T22:54:30.115477

2259 / tcp -339084706 | 2025-04-10T01:25:33.034693

2271 / tcp -1399940268 | 2025-04-06T15:15:53.192819

2345 / tcp -1626979812 | 2025-03-21T14:09:21.165725

2404 / tcp 165188539 | 2025-04-01T11:51:56.619902

2455 / tcp 1690634669 | 2025-03-29T01:36:40.067044

2548 / tcp -303199180 | 2025-04-02T10:05:44.124992

2551 / tcp 398077695 | 2025-03-27T03:53:19.693676

11 / tcp

2087396567 | 2025-03-25T09:44:43.494131

15 / tcp

-2089734047 | 2025-04-05T17:56:28.911758

20 / tcp

1911457608 | 2025-03-22T03:29:58.458580

25 / tcp

-2089734047 | 2025-03-28T10:11:22.624913

37 / tcp

387930190 | 2025-04-02T21:15:44.692657

43 / tcp

1778988322 | 2025-03-23T22:16:05.132923

49 / tcp

-359657882 | 2025-03-20T01:35:49.232241

79 / tcp

-2029556872 | 2025-03-21T16:36:40.692550

89 / tcp

1911457608 | 2025-03-18T22:35:54.890875

101 / tcp

-122096153 | 2025-04-05T06:24:45.042977

102 / tcp

-1399940268 | 2025-04-04T12:57:40.766845

110 / tcp

-1746074029 | 2025-03-31T17:56:16.841141

111 / tcp

-1428621233 | 2025-03-24T22:54:00.378062

113 / tcp

-527005584 | 2025-03-20T03:46:22.564461

119 / tcp

141730637 | 2025-03-27T07:33:48.267348

121 / tcp

-1888448627 | 2025-03-28T17:25:18.631668

131 / tcp

-303199180 | 2025-03-17T16:24:18.711698

135 / tcp

-1729522695 | 2025-04-06T13:58:50.845409

175 / tcp

1911457608 | 2025-03-17T17:58:07.679373

179 / tcp

-399606100 | 2025-03-24T05:53:07.400758

195 / tcp

2087396567 | 2025-04-02T12:54:34.456984

443 / tcp

-904735457 | 2025-04-05T04:39:11.217172

444 / tcp

-1715152554 | 2025-03-26T11:20:33.842062

447 / tcp

-832380282 | 2025-03-28T01:04:15.030393

449 / tcp

1655023012 | 2025-04-01T20:51:32.987788

452 / tcp

937756010 | 2025-03-18T17:49:03.411856

485 / tcp

1911457608 | 2025-04-06T02:30:39.209175

487 / tcp

493955023 | 2025-04-05T09:31:23.106378

503 / tcp

632542934 | 2025-03-25T02:08:15.041762

513 / tcp

1332894250 | 2025-03-21T08:22:47.372299

541 / tcp

-820381412 | 2025-03-17T16:37:27.556900

554 / tcp

735639583 | 2025-04-06T19:27:10.081188

555 / tcp

1991883981 | 2025-03-28T07:45:56.600996

636 / tcp

1650594030 | 2025-03-25T13:24:40.557213

666 / tcp

1300162323 | 2025-03-19T21:34:44.133931

789 / tcp

709622286 | 2025-03-18T18:38:35.143721

811 / tcp

-1399940268 | 2025-04-02T01:09:00.671976

833 / tcp

-122096153 | 2025-03-24T06:27:57.752753

873 / tcp

-1970692834 | 2025-04-06T05:33:42.274519

993 / tcp

307999478 | 2025-03-27T23:10:08.424574

1023 / tcp

191006234 | 2025-04-04T16:54:14.704781

1080 / tcp

1362344524 | 2025-03-24T03:04:26.079055

1099 / tcp

-1036370807 | 2025-03-21T09:51:38.230435

1177 / tcp

539065883 | 2025-04-06T03:38:20.897038

1200 / tcp

171352214 | 2025-03-31T11:20:10.874720

1387 / tcp

1126993057 | 2025-03-26T10:54:38.659945

1414 / tcp

-1453516345 | 2025-04-06T01:02:16.440606

1443 / tcp

-1715152554 | 2025-03-25T20:04:46.768412

1515 / tcp

2087396567 | 2025-03-25T03:07:00.007660

1521 / tcp

-186520940 | 2025-04-04T18:18:31.241000

1599 / tcp

819727972 | 2025-04-09T22:57:49.481672

1604 / tcp

-68075478 | 2025-03-18T11:36:39.596974

1650 / tcp

-122096153 | 2025-03-20T17:59:28.554482

1660 / tcp

-1399940268 | 2025-03-18T04:13:08.895843

1800 / tcp

-1399940268 | 2025-04-06T18:50:46.115627

1801 / tcp

-1299899661 | 2025-03-20T03:22:29.673747

1911 / tcp

819727972 | 2025-03-22T03:35:08.006336

1926 / tcp

-1189269828 | 2025-03-18T20:18:15.504477

1962 / tcp

410249975 | 2025-03-26T14:57:42.308551

1964 / tcp

1975288991 | 2025-04-01T21:09:33.792382

1989 / tcp

-616720387 | 2025-04-04T21:35:29.107517

2000 / tcp

-1888448627 | 2025-04-02T00:19:21.359767

2008 / tcp

2103111368 | 2025-03-20T02:05:49.278299

2067 / tcp

-971970408 | 2025-03-21T09:17:31.765746

2081 / tcp

-1399940268 | 2025-03-17T03:28:49.348034

2087 / tcp

1261582754 | 2025-03-26T22:54:30.115477

2259 / tcp

-339084706 | 2025-04-10T01:25:33.034693

2271 / tcp

-1399940268 | 2025-04-06T15:15:53.192819

2345 / tcp

-1626979812 | 2025-03-21T14:09:21.165725

2404 / tcp

165188539 | 2025-04-01T11:51:56.619902

2455 / tcp

1690634669 | 2025-03-29T01:36:40.067044

2548 / tcp

-303199180 | 2025-04-02T10:05:44.124992

2551 / tcp

398077695 | 2025-03-27T03:53:19.693676

2558 / tcp

321971019 | 2025-04-04T20:42:12.284048

2761 / tcp

-1099385124 | 2025-04-04T19:22:32.517972

2762 / tcp

-653033013 | 2025-03-23T23:38:01.501015

3001 / tcp

-1399940268 | 2025-04-02T03:13:42.174932

3006 / tcp

-1839934832 | 2025-04-06T21:16:33.304306

3010 / tcp

575925250 | 2025-03-23T09:52:53.489271

3017 / tcp

-1768187140 | 2025-03-25T12:06:56.251360