GeneralInformation

Hostnames	cn-shanghai.oss-vpc.aliyuncs.com cn-shanghai.oss.aliyuncs.com
Domains	aliyuncs.com
Country	China
City	Shanghai
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(2)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

2019(4)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(3)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

2017(1)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(4)

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(1)

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 15 17 19 23 25 37 70 79 80 92 95 99 101 102 104 110 111 113 119 135 143 175 179 192 221 234 264 389 400 443 449 451 462 465 480 485 502 513 541 548 554 555 587 593 666 689 771 789 831 873 885 943 947 992 993 994 995 1025 1063 1080 1099 1177 1190 1207 1234 1337 1366 1388 1453 1515 1521 1554 1588 1599 1604 1800 1801 1926 1964 1966 1975 1976 1977 1981 1985 2000 2001 2002 2003 2008 2018 2054 2056 2059 2060 2064 2067 2081 2083 2087 2101 2103 2107 2181 2196 2200 2323 2332 2345 2352 2362 2404 2443 2453 2455 2548 2557 2628 2761 3001 3019 3030 3061 3062 3067 3070 3083 3089 3096 3100 3104 3107 3121 3123 3133 3135 3139 3143 3157 3161 3173 3177 3186 3191 3221 3260 3268 3269 3299 3306 3388 3389 3443 3524 3551 3790 3950 3954 4063 4064 4085 4147 4150 4157 4190 4200 4242 4282 4321 4369 4434 4443 4444 4457 4461 4500 4506 4531 4700 4840 4899 4949 4993 4999 5001 5007 5009 5051 5053 5150 5172 5201 5222 5245 5248 5250 5264 5269 5270 5274 5456 5494 5500 5503 5542 5590 5591 5594 5597 5608 5620 5672 5698 5858 5906 5938 5986 5988 6000 6001 6379 6514 6556 6565 6580 6603 6653 6666 6667 6697 6887 7001 7011 7020 7071 7171 7218 7415 7434 7443 7510 7548 7700 7777 7799 7801 7998 8001 8003 8004 8006 8009 8027 8030 8045 8047 8050 8058 8059 8066 8075 8081 8083 8085 8087 8089 8092 8096 8099 8101 8111 8124 8139 8152 8160 8161 8166 8169 8172 8173 8175 8177 8181 8182 8250 8285 8291 8333 8403 8409 8412 8414 8416 8435 8436 8457 8459 8465 8500 8505 8513 8519 8545 8554 8562 8567 8575 8580 8585 8592 8593 8595 8602 8649 8724 8728 8732 8808 8809 8814 8829 8834 8845 8855 8872 8880 8891 8908 8935 9000 9002 9026 9037 9042 9045 9046 9049 9051 9054 9055 9059 9065 9089 9092 9095 9098 9100 9103 9113 9118 9145 9151 9152 9160 9170 9176 9181 9188 9207 9219 9226 9249 9250 9273 9300 9306 9309 9333 9351 9383 9398 9418 9445 9456 9510 9527 9530 9600 9633 9761 9797 9800 9872 9876 9898 9943 9944 9977 9994 9998 9999 10000 10001 10003 10016 10025 10035 10038 10050 10052 10066 10080 10093 10210 10250 10256 10443 10554 11000 11027 11075 11112 11182 11210 11211 11288 11300 11681 11688 12000 12108 12111 12121 12124 12138 12145 12150 12153 12155 12157 12164 12174 12192 12199 12201 12202 12211 12223 12225 12239 12244 12245 12246 12247 12253 12259 12263 12266 12273 12277 12280 12284 12285 12289 12290 12293 12307 12317 12320 12322 12328 12330 12331 12335 12345 12359 12360 12362 12364 12370 12378 12381 12383 12387 12388 12396 12399 12400 12404 12409 12427 12429 12437 12440 12445 12452 12459 12472 12474 12487 12496 12503 12506 12519 12520 12522 12526 12533 12544 12549 12562 12563 12568 12569 12575 12576 12578 12582 12586 12587 12980 13047 14147 14265 14330 14344 14403 14909 15018 15672 16005 16006 16018 16021 16036 16037 16046 16048 16049 16050 16059 16065 16093 16094 16097 16100 17443 18007 18009 18012 18013 18021 18030 18044 18047 18055 18057 18062 18065 18077 18080 18081 18088 18091 18095 18097 18111 18182 18245 18765 18888 19016 19930 20000 20090 20110 20121 20151 20185 20208 20256 20547 20880 21001 21025 21237 21249 21250 21251 21262 21275 21276 21285 21286 21296 21308 21315 21357 21379 21443 22345 22380 22705 23023 24181 25002 25004 25565 25952 26657 27015 27017 28818 30002 30003 30008 30010 30013 30022 30113 30123 30222 30303 30422 30468 30522 30722 30922 31022 31210 31222 31322 31337 31422 31443 31722 31822 32080 32101 32122 32303 32322 32622 32764 33222 33422 33522 33622 33722 33822 33922 34422 34522 34622 34722 34822 35000 35002 35022 35100 35322 35422 35522 35531 35722 35822 35922 36022 36522 36822 36922 36983 37322 37422 37522 37622 37722 37777 37922 38122 38322 38522 38722 38822 38880 39222 39422 39522 39722 39822 40022 40099 40222 40892 41022 41122 41222 41522 41800 41822 42022 42222 42422 43222 43322 43622 43822 44021 44022 44158 44336 44345 44365 44444 44818 45022 45222 45322 45622 45666 45822 46022 46122 46222 46922 47080 47122 47222 47422 47622 47989 47990 48022 48522 48622 48722 48822 49122 49322 49501 49592 49694 49822 49922 50000 50009 50050 50073 50107 50122 50222 50522 50622 51003 51201 51322 51622 52311 52951 53022 54138 55000 55022 55055 55081 55222 55422 55443 55490 55522 55553 55554 55822 57722 57784 57786 57787 58122 58322 58422 58522 58722 58922 59222 60099 60129 61613 61616 62078 62237 63210 63256 63257 63260

11 / tcp

2087396567 | 2025-03-14T08:31:43.050719

kjnkjabhbanc283ubcsbhdc72

13 / tcp

1286504516 | 2025-03-14T01:56:24.699105

CP2E Control Console
Connected to Host: gZI

15 / tcp

1492413928 | 2025-03-18T18:15:16.173200

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

17 / tcp

-255236012 | 2025-03-15T23:38:46.127476

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN

19 / tcp

829384519 | 2025-03-17T02:51:49.625669

 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefg
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUV

23 / tcp

-1288412979 | 2025-03-18T23:18:01.939093

Connection refused

25 / tcp

-1399940268 | 2025-03-16T13:22:04.859988

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

37 / tcp

1092730853 | 2025-03-21T06:15:21.014540

/0 0 L\r\n

70 / tcp

-833941849 | 2025-03-18T01:44:54.913250

\x1e\x06\xc2\x81\x01\x07version\x04bind\x10\x03

79 / tcp

-1114094007 | 2025-03-16T02:41:23.799993

"Magic:ActiveMQ\nVersion:12\n\\x01<\\x01ActiveMQ\x0c\\x01\\x01*\x0c\\x11TcpNoDelayEnabled\\x01\\x01\\x12SizePrefixDisabled\\x01 CacheSize\\x05\\x04\x0cProviderName \\x08ActiveMQ\\x11StackTraceEnabled\\x01\\x01\\x0fPlatformDetails \\x04Java\x0cCacheEnabled\\x01\\x01\\x14TightEncodingEnabl

80 / tcp

1589382936 | 2025-03-18T20:41:31.160780

Hashes

hash

962480854

http.dom_hash

1799269922

http.html_hash

1589382936

http.server_hash

-498774968

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Tue, 18 Mar 2025 20:41:31 GMT
Content-Type: application/xml
Content-Length: 348
Connection: keep-alive
x-oss-request-id: 67D9DA7BC142563935388F91
x-oss-server-time: 0
x-oss-ec: 0003-00001201

92 / tcp

819727972 | 2025-02-27T04:16:53.677360

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

95 / tcp

819727972 | 2025-03-11T13:03:49.114800

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

99 / tcp

1713556628 | 2025-03-03T20:55:46.275369

HTTP/1.1 400 Bad Request
Server: Jdcloud-FE
Content-Type: text/html
Connection: keep-alive
Keep-Alive: timeout=20

101 / tcp

-792826324 | 2025-02-21T00:56:57.430931

220 FTP server ready - login please

102 / tcp

321971019 | 2025-03-20T23:14:21.412339

-ERR client ip is not in whitelist\r

104 / tcp

117101543 | 2025-03-14T08:48:36.054158

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

110 / tcp

1370263973 | 2025-02-24T20:46:31.434467

dubbo>

111 / tcp

2032042134 | 2025-03-15T18:02:54.787092

[¥	¾

113 / tcp

-1777894858 | 2025-03-14T16:42:30.643235

113 , 35054 : USERID : OTHER :99

119 / tcp

141730637 | 2025-02-28T07:29:13.963426

HTTP/1.0 200 OK
Server: Proxy

135 / tcp

96945398 | 2025-03-14T03:29:01.941178

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: WIN-UI6V5MAREEP\n IP2: 192.168.1.3\n\nNTLMSSP:\nTarget_Name: WIN-UI6V5MAREEP\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: WIN-UI6V5MAREEP\nNetBIOS_Computer_Name: WIN-UI6V5MAREEP\nDNS_Domain_Name: WIN-UI6V5MAREEP\nDNS_Computer_Name: WIN-UI6V5MAREEP\nSystem_Time: 2024-01-22 04:04:25 +0000 UTC\n\nDCERPC Dump:\n76f226c3-ec14-4325-

143 / tcp

-1939513550 | 2025-03-08T12:03:33.770956

* OK The Microsoft Exchange IMAP4 service is ready.\r\n\nImap NTLM Info:\nTarget_Name: HEBEIHK\nProduct_Version: 6.0.6003 Ntlm 15\nOS: Windows Server 2008, Service Pack 2, Rollup KB4489887\nNetBIOS_Domain_Name: HEBEIHK\nNetBIOS_Computer_Name: MAILSERVER2\nDNS_Domain_Name: hebeihk.local\nDNS_Computer_Name: MAILSERVER2.hebeihk.local\nMsvAvDnsTreeName: hebeihk.local\nSystem_Time: 2024-01-22 08:26:31 +0000 UTC\n\n

175 / tcp

819727972 | 2025-03-20T16:27:09.289139

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

179 / tcp

-399606100 | 2025-03-18T01:53:53.917204

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

192 / tcp

-1399940268 | 2025-03-13T06:59:14.938808

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

221 / tcp

1911457608 | 2025-03-09T07:45:04.634009

\x00[\x00\x00\x00\x00\x00\x00

234 / tcp

-1399940268 | 2025-03-11T09:24:16.861168

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

264 / tcp

1672388472 | 2025-03-20T19:21:29.609039

CheckPoint\nFirewall Host: ADAPCN156FW02\nSmartCenter Host: adluprdfwmgt01..zjz4qa\\x00\n

389 / tcp

-1743283776 | 2025-03-10T16:24:56.695792

0\x0c\\x02\\x01\\x01a\\x07\n\\x01\\x04\\x04

400 / tcp

-1626979812 | 2025-03-17T22:56:27.805399

220 Service ready for new user.

443 / tcp

1723190205 | 2025-03-04T10:28:12.369310

Hashes

hash

1808416614

http.dom_hash

1799269922

http.html_hash

1723190205

http.server_hash

-498774968

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Tue, 04 Mar 2025 10:28:12 GMT
Content-Type: application/xml
Content-Length: 348
Connection: keep-alive
x-oss-request-id: 67C6D5BCD2EA3E3137533917
x-oss-server-time: 0
x-oss-ec: 0003-00001201

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:16:e8:0a:e2:57:df:7f:53:49:ff:48
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 OV TLS CA 2024
        Validity
            Not Before: Jan 13 06:51:17 2025 GMT
            Not After : Feb 14 06:51:16 2026 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=cn-shanghai.oss.aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bf:7d:9f:c7:ea:61:cc:2c:13:11:ec:32:85:ed:
                    85:b4:ed:71:62:c4:49:9e:e3:47:d3:13:5f:8b:44:
                    fe:bc:e7:64:27:a1:54:16:be:cd:2d:a1:f2:ef:46:
                    a9:81:b3:08:5a:03:44:ce:08:0a:a6:d0:f0:31:10:
                    61:32:f0:db:2e:5a:75:1f:c4:76:1c:02:00:26:2c:
                    b9:5b:1e:ca:86:a2:19:29:0e:16:e0:57:f5:b3:3d:
                    3c:04:90:5d:cc:34:0b:cc:e0:f4:03:9a:b8:51:68:
                    88:d9:61:3f:6b:f9:ef:01:59:f1:4a:b8:ff:92:70:
                    ce:0a:40:22:bd:58:21:d9:dd:91:0d:5f:6e:96:4d:
                    f5:bd:cb:96:8a:7c:f4:ef:67:e0:5e:30:ba:dd:bf:
                    b5:82:7c:d6:12:b4:6d:b7:67:93:c6:89:a9:57:af:
                    89:3d:4e:5c:96:50:ee:69:fb:dd:c2:b0:0c:c3:dc:
                    b4:1b:a5:03:f6:68:85:d7:c4:78:96:39:78:93:0a:
                    79:96:79:91:59:60:cc:33:5f:f9:53:73:55:02:3b:
                    b2:e8:5d:e4:7b:b5:89:bc:17:1a:38:9f:02:1e:58:
                    96:e1:10:c1:1b:24:86:dd:be:c1:06:6b:e2:37:5e:
                    1c:a0:2f:6e:e5:90:5a:13:c3:81:80:39:ee:27:0e:
                    7e:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr3ovtlsca2024.crt
                OCSP - URI:http://ocsp.globalsign.com/gsgccr3ovtlsca2024
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                Policy: 1.3.6.1.4.1.4146.10.1.2
                  CPS: https://www.globalsign.com/repository/
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsgccr3ovtlsca2024.crl
            X509v3 Subject Alternative Name: 
                DNS:cn-shanghai.oss.aliyuncs.com, DNS:*.oss-enet-cm.aliyuncs.com, DNS:*.oss-cn-shanghai-finance-1-pub.aliyuncs.com, DNS:*.oss-cache-cn-shanghai-g.aliyuncs.com, DNS:*.oss-internal.aliyuncs.com, DNS:*.cn-shanghai.oss.aliyuncs.com, DNS:*.img-cn-shanghai.aliyuncs.com, DNS:*.oss-accelerate.aliyuncs.com, DNS:*.oss-cn-shanghai-finance-1-pub-internal.aliyuncs.com, DNS:*.oss-accelerate-overseas.aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.oss.aliyuncs.com, DNS:*.img-cn-shanghai-internal.aliyuncs.com, DNS:*.oss-cn-shanghai-finance-1-internal.aliyuncs.com, DNS:*.oss-enet.aliyuncs.com, DNS:*.oss-enet-cu.aliyuncs.com, DNS:*.img-cn-shanghai-cross.aliyuncs.com, DNS:*.oss-enet-ct.aliyuncs.com, DNS:*.oss-cn-shanghai.aliyuncs.com, DNS:*.oss-cn-shanghai-internal.aliyuncs.com, DNS:*.oss-cn-shanghai-cross.aliyuncs.com, DNS:*.oss-cn-shanghai-finance-1.aliyuncs.com, DNS:*.vpc100-oss-cn-shanghai.aliyuncs.com, DNS:*.cn-shanghai-finance.oss.aliyuncs.com, DNS:*.oss-cache-cn-shanghai-g-cross.aliyuncs.com, DNS:*.cn-shanghai-dualstack.oss.aliyuncs.com, DNS:*.oss-enet-cn-east.aliyuncs.com, DNS:*.cn-shanghai-vpc.oss.aliyuncs.com, DNS:*.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-shanghai.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-shanghai-internal.oss-accesspoint.aliyuncs.com, DNS:*.cn-shanghai.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-shanghai.aliyuncs.com, DNS:*.s3.oss-cn-shanghai-internal.aliyuncs.com, DNS:*.cn-shanghai.mgw.aliyuncs.com, DNS:*.oss.cn-shanghai.privatelink.aliyuncs.com, DNS:*.oss-cn-shanghai.oss-object-process.aliyuncs.com, DNS:*.oss-cn-shanghai-internal.oss-object-process.aliyuncs.com, DNS:*.s3.oss-accelerate.aliyuncs.com, DNS:*.s3.oss-accelerate-overseas.aliyuncs.com, DNS:*.cn-shanghai-cross.mgw.aliyuncs.com, DNS:*.cn-shanghai.oss-vpc.aliyuncs.com, DNS:cn-shanghai.oss-vpc.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                DA:D3:A8:08:48:0C:34:37:58:EE:E5:A7:75:2E:59:FC:D6:DC:3C:38
            X509v3 Subject Key Identifier: 
                EE:74:11:C5:EF:61:1F:BA:AE:9F:F7:21:19:CC:8E:CC:7E:C2:0B:52
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 64:11:C4:6C:A4:12:EC:A7:89:1C:A2:02:2E:00:BC:AB:
                                4F:28:07:D4:1E:35:27:AB:EA:FE:D5:03:C9:7D:CD:F0
                    Timestamp : Jan 13 06:51:20.015 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:3E:2A:2D:3E:EC:96:50:4C:1A:C6:CA:16:
                                E2:B2:23:0F:5A:A4:F0:25:CC:BE:40:E6:FC:A2:D4:1F:
                                DA:91:7B:D1:02:21:00:A9:FC:D1:2A:36:DA:EA:3F:D1:
                                8F:31:22:16:9A:53:F7:DE:20:13:A9:6F:9B:40:01:C8:
                                AC:A8:91:20:AF:F1:39
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 0E:57:94:BC:F3:AE:A9:3E:33:1B:2C:99:07:B3:F7:90:
                                DF:9B:C2:3D:71:32:25:DD:21:A9:25:AC:61:C5:4E:21
                    Timestamp : Jan 13 06:51:19.998 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:71:A9:20:F6:06:42:7E:ED:23:B2:18:F8:
                                9F:FE:65:22:DE:5B:E0:FB:08:05:CA:25:D4:79:B2:B9:
                                BC:19:C7:8F:02:21:00:DE:D6:26:7A:B8:02:3B:C4:D8:
                                9B:E9:A7:C7:CD:56:41:35:C0:6C:A1:1B:A0:B4:97:CF:
                                EE:54:F9:14:71:3F:16
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 25:2F:94:C2:2B:29:E9:6E:9F:41:1A:72:07:2B:69:5C:
                                5B:52:FF:97:A9:0D:25:40:BB:FC:DC:51:EC:4D:EE:0B
                    Timestamp : Jan 13 06:51:20.043 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:14:80:AD:94:B3:BE:7B:9B:D9:A0:00:65:
                                A3:4F:2A:E4:4A:3F:D3:BE:F7:19:7F:EC:55:F6:AD:8D:
                                8B:21:A4:0C:02:20:07:4B:0E:C5:7D:13:45:D9:55:DF:
                                D0:17:4B:F3:EE:23:A5:AF:E9:4E:AB:E5:24:4D:CC:EE:
                                11:28:2A:94:F7:16
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        9f:af:bd:6e:7a:8e:c5:23:81:66:8f:76:9c:d6:b8:af:6b:c3:
        c6:de:56:de:6c:0b:61:93:0d:c3:04:24:ab:1c:f3:5b:71:b1:
        96:78:b4:b6:e4:47:75:d2:76:4e:a6:26:c5:e5:b6:e0:c0:0e:
        3b:89:de:0d:f6:47:7b:c8:b6:05:3d:94:b3:aa:15:3c:22:9c:
        f6:0a:b9:9c:00:a2:00:7a:4b:c2:d0:6c:09:81:e4:c3:15:c4:
        90:10:dd:fd:12:11:33:37:08:26:84:26:3a:8d:90:c1:95:8a:
        03:49:22:73:d2:4a:38:60:ed:66:85:fb:37:42:0e:fe:33:95:
        54:61:79:e1:35:ed:97:67:4d:2c:dc:5c:b2:52:6b:82:25:4c:
        37:0c:ee:02:37:aa:dc:bd:82:09:57:47:0c:71:a8:42:11:d5:
        e9:3e:32:d4:6c:3f:f3:8a:1f:ef:d5:46:15:00:66:ec:08:08:
        a8:1f:3d:f2:15:c3:e2:7e:e7:61:e2:36:68:0c:d3:85:d9:93:
        55:cf:7c:86:fc:4b:63:56:af:9b:0c:82:e5:c9:4d:b5:48:34:
        d3:15:3f:d4:4f:98:cf:f1:72:73:6a:95:5d:60:e9:a9:e7:81:
        75:9f:e0:6e:83:e6:71:46:ab:1c:bf:03:a8:c8:a5:a0:be:a4:
        4c:9d:35:32

449 / tcp

1911457608 | 2025-02-20T16:57:00.731540

\x00[\x00\x00\x00\x00\x00\x00

451 / tcp

-1399940268 | 2025-03-05T13:51:34.152828

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

462 / tcp

819727972 | 2025-02-27T13:41:26.982770

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

465 / tcp

897328069 | 2025-03-08T20:26:43.190800

220 mail.scott000.com ESMTP

480 / tcp

1370263973 | 2025-03-12T10:56:28.848497

dubbo>

485 / tcp

-1399940268 | 2025-03-04T20:08:11.408676

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

502 / tcp

1726594447 | 2025-03-12T05:03:40.167133

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

513 / tcp

-2096652808 | 2025-03-21T01:13:22.094160

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

541 / tcp

268285291 | 2025-03-05T20:22:51.120765

\\x16\\x03\\x01\\x01[\\x01\\x00\\x01W\\x03\\x03\\x86\\x12J\\xac\\xf6e\\xda\\x19A\\xcb\\x18qz\\x90\\xb2\\x89\\xfa\\xa2\\x83\\xf8\\xda\\xfe\xcd\x8d\\x89P\\xe96\\x93@\xcc\xbf E{@\\x8c\\xde\\xbf\\xf84x\x0c\\xb3\x0b\\x91\\x12\\xbc\\xa6\\xe5\\x17\\xe4\\xba\\xe2q\\x92\\xc7\\xdb\\x01\\x129L\\xc6ey\\x002\\x13\\x02\\x13\\x03\\x13\\x01\\x

548 / tcp

-969286897 | 2025-03-19T20:11:27.197996

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: TNAS-0E01\nMachine Type: \\x0eNetatalk3.1.12\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: No User Authent\\x04,DHX2\t,DHCAST128\\x00\nServer Signature: 00000000008002000180030002800280

554 / tcp

902688621 | 2025-02-20T14:46:27.417701

RTSP/1.0 200 OK\r\nCSeq: 1\r\nKeep-Alive: timeout=10, max=1000\r\nPublic: DESCRIBE, SETUP, TEARDOWN, PLAY, PAUSE, SET_PARAMETER, GET_PARAMETER\r\nConnection: Keep-Alive\r\n\r\n

555 / tcp

-1641514916 | 2025-03-12T21:30:36.731856

* OK Merak 1dFUa2 IMAP4rev1

587 / tcp

745343730 | 2025-03-16T03:56:44.633841

220 smtp.qq.com Esmtp QQ Mail Server

593 / tcp

1308377066 | 2025-03-07T18:15:10.452348

ncacn_http/1.0

666 / tcp

1300162323 | 2025-02-28T18:51:46.530674

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff

689 / tcp

-1399940268 | 2025-02-26T22:32:00.185075

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

771 / tcp

740837454 | 2025-03-14T03:39:40.878390

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

789 / tcp

165188539 | 2025-03-18T14:23:28.067705

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

831 / tcp

1911457608 | 2025-02-27T06:49:58.237412

\x00[\x00\x00\x00\x00\x00\x00

873 / tcp

-1598265216 | 2025-03-20T06:16:26.775076

@RSYNCD: 31.0

885 / tcp

-2096652808 | 2025-03-18T18:38:09.580338

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

943 / tcp

-1986594217 | 2025-03-16T16:35:04.891257

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

947 / tcp

1830697416 | 2025-03-16T10:51:21.145014

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

992 / tcp

-936692830 | 2025-03-16T02:54:43.801100

HTTP/1.1 202 OK
Connection: Keep-Alive
Content-Type: text/html
Keep-Alive: timeout=15; max=19

993 / tcp

-1888448627 | 2025-02-23T01:49:47.859938

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

994 / tcp

1543809371 | 2025-03-16T02:24:06.344609

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

995 / tcp

-1199842642 | 2025-02-27T20:11:29.963072

+OK Welcome to RaidenMAILD POP3 SSL service v4902, Mon, 22 Jan 2024 14:24:46 +0800, (C)2001-2023 <1044592421@raidenmaild>\r\n

1025 / tcp

-345718689 | 2025-03-20T02:51:37.464865

Vty password is not set.

1063 / tcp

-1399940268 | 2025-03-05T20:10:34.718193

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1080 / tcp

1362344524 | 2025-03-18T09:36:20.570511

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7

1099 / tcp

1911457608 | 2025-03-15T23:08:17.555090

\x00[\x00\x00\x00\x00\x00\x00

1177 / tcp

-1248408558 | 2025-03-14T15:58:28.315781

220 MikroTik FTP server (MikroTik 6.44.3) ready

1190 / tcp

820958131 | 2025-02-27T03:54:10.022356

kjnkjabhbanc283ubcsbhdc72\x02

1207 / tcp

-903067560 | 2025-03-20T09:00:10.048227

\x00[\x13)\xc2\x81\x7f\x00\x00

1234 / tcp

819727972 | 2025-03-18T00:49:30.786204

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1337 / tcp

1842524259 | 2025-03-17T16:27:52.341853

1366 / tcp

-1399940268 | 2025-03-19T16:26:51.488822

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1388 / tcp

1830697416 | 2025-02-25T01:32:48.209531

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

1453 / tcp

-249504111 | 2025-02-28T02:54:15.203191

\x00[xU-\x7f\x00\x00

1515 / tcp

-2031152423 | 2025-03-13T02:26:37.449410

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

1521 / tcp

2002686051 | 2025-03-13T02:13:03.794413

Version:11.1.0.6.0\n\\x016\\x00\\x01\\x08\\x00\\x7f\\xff\\x01\\x00\\x00-\\x00 \r\\x08\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00(DESCRIPTION=(TMP=)(VSNNUM=185599488)(ERR=0))

1554 / tcp

321971019 | 2025-03-04T05:18:55.722948

-ERR client ip is not in whitelist\r

1588 / tcp

1911457608 | 2025-03-04T22:27:26.642900

\x00[\x00\x00\x00\x00\x00\x00

1599 / tcp

-971970408 | 2025-02-22T04:19:15.538849

1604 / tcp

-154107716 | 2025-03-04T23:06:53.797593

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

1800 / tcp

1911457608 | 2025-03-15T09:13:19.668571

\x00[\x00\x00\x00\x00\x00\x00

1801 / tcp

1535389866 | 2025-03-17T21:59:18.160823

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2157_PS-LHW-01jjk135_25164-48622

1926 / tcp

-358801646 | 2025-03-12T08:42:31.027007

SSH-2.0-OpenSSH_6.6.1

1964 / tcp

45131230 | 2025-02-20T13:18:53.719565

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

1966 / tcp

-1399940268 | 2025-02-26T22:10:06.684830

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1975 / tcp

119860953 | 2025-03-11T09:36:16.049051

* OK ArGoSoft Mail Server IMAP Module v.YW at

1976 / tcp

320677201 | 2025-03-20T20:04:59.903595

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

1977 / tcp

-1105333987 | 2025-03-06T17:00:28.678200

\x00[KpU\x7f\x00\x00

1981 / tcp

1830187220 | 2025-03-13T23:06:13.296517

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

1985 / tcp

-1888448627 | 2025-02-23T05:37:43.762058

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

2000 / tcp

-653033013 | 2025-02-25T01:25:36.851093

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

2001 / tcp

1911457608 | 2025-03-06T06:54:58.564459

\x00[\x00\x00\x00\x00\x00\x00

2002 / tcp

-1681927087 | 2025-03-16T07:52:10.689367

kjnkjabhbanc283ubcsbhdc72

2003 / tcp

-2096652808 | 2025-03-17T18:59:48.079113

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

2008 / tcp

2087396567 | 2025-03-14T19:25:03.473524

kjnkjabhbanc283ubcsbhdc72

2018 / tcp

165188539 | 2025-02-21T19:05:00.023016

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

2054 / tcp

-180163620 | 2025-02-28T22:17:09.245545

NPC Telnet permit one connection.\r\n But One connection() already keep alive.\r\nGood Bye !! \r\n

2056 / tcp

1919228981 | 2025-03-09T19:07:30.215508

\x00\x1e\x00\x06\xc2\x81\xc2\x85\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

2059 / tcp

-345718689 | 2025-03-04T08:46:03.239635

Vty password is not set.

2060 / tcp

-1399940268 | 2025-02-28T17:24:29.784847

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2064 / tcp

740837454 | 2025-03-17T09:45:46.562799

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

2067 / tcp

-441419608 | 2025-03-20T12:46:56.384213

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

2081 / tcp

1911457608 | 2025-02-28T05:57:26.096008

\x00[\x00\x00\x00\x00\x00\x00

2083 / tcp

819727972 | 2025-03-19T08:33:48.706131

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2087 / tcp

873425297 | 2025-03-21T08:56:36.818107

200 NOD32SS 99 (3318497116)

2101 / tcp

1077013874 | 2025-03-05T05:58:15.196110

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

2103 / tcp

826567260 | 2025-02-27T01:13:22.497911

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00

2107 / tcp

493955023 | 2025-02-28T09:47:09.332050

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

2181 / tcp

-122096153 | 2025-02-21T16:03:03.034579

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

2196 / tcp

455076604 | 2025-03-13T13:32:38.453071

!\x07version\x04bind7 t{RPowerDNS Recursor 410

2200 / tcp

1023953321 | 2025-03-03T23:20:35.580115

HTTP/1.0 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm="proxy"
Connection: close
Content-type: text/html; charset=utf-8

2323 / tcp

1051421500 | 2025-03-13T09:53:32.811599

H3C login: 

TELNET Negotiation:
will: Echo, Suppress Go Ahead
do: Echo, Negotiate About Window Size, Remote Flow Control

2332 / tcp

-1888448627 | 2025-02-20T15:00:35.635003

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

2345 / tcp

-1399940268 | 2025-03-18T12:25:00.037479

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2352 / tcp

-1626979812 | 2025-03-16T12:20:17.721903

220 Service ready for new user.

2362 / tcp

-136006866 | 2025-03-16T05:05:17.299467

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

2404 / tcp

1911457608 | 2025-03-18T19:34:13.513735

\x00[\x00\x00\x00\x00\x00\x00

2443 / tcp

-2096652808 | 2025-03-17T08:25:07.580861

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

2453 / tcp

165188539 | 2025-03-07T18:20:37.674011

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

2455 / tcp

1282941221 | 2025-03-17T09:09:41.556613

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

2548 / tcp

1911457608 | 2025-03-21T05:34:59.874856

\x00[\x00\x00\x00\x00\x00\x00

2557 / tcp

49012578 | 2025-02-26T11:21:59.341597

HTTP/1.1 401 Unauthorized
Server: hmhttpd/1.24-20160808
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=%s
Connection: close

2628 / tcp

1824169301 | 2025-03-13T07:59:50.051129

HÿjHost '101.133.140.114' is not allowed to 
connect to this MySQL server

2761 / tcp

1504401647 | 2025-02-20T20:44:52.159250

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

3001 / tcp

1370263973 | 2025-03-21T00:51:31.598628

dubbo>

3019 / tcp

709622286 | 2025-02-26T03:20:22.960361

OK Welcome <299685> on DirectUpdate server 7286\r\n

3030 / tcp

1869192275 | 2025-02-24T14:58:01.234668

\n

3061 / tcp

819727972 | 2025-03-17T01:31:07.484543

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3062 / tcp

819727972 | 2025-03-06T17:53:19.268238

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

3067 / tcp

2103111368 | 2025-03-12T09:52:04.707395

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

3070 / tcp

1911457608 | 2025-03-04T21:30:39.079808

\x00[\x00\x00\x00\x00\x00\x00

3083 / tcp

-747911285 | 2025-03-07T08:22:35.128038

\xc2\xaa

3089 / tcp

-1730858130 | 2025-03-08T20:46:33.416280

RFB 003.008
VNC:
  Protocol Version: 3.8

3096 / tcp

1134517380 | 2025-03-16T12:13:51.701182

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

3100 / tcp

-1399940268 | 2025-03-13T00:28:43.173775

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3104 / tcp

-1399940268 | 2025-03-15T05:38:58.519317

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3107 / tcp

-1399940268 | 2025-02-20T18:40:41.818843

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3121 / tcp

1989907056 | 2025-02-23T13:58:15.894961

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

3123 / tcp

-1329831334 | 2025-02-24T17:58:04.818444

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

3133 / tcp

-249504111 | 2025-03-17T00:33:52.419375

\x00[xU-\x7f\x00\x00

3135 / tcp

-2107996212 | 2025-03-12T19:26:20.257300

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

3139 / tcp

1381121983 | 2025-03-10T07:07:00.617408

Notify\r\n

3143 / tcp

-1399940268 | 2025-03-14T18:18:43.172942

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3157 / tcp

-1297953727 | 2025-03-10T18:12:48.606065

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

3161 / tcp

2103111368 | 2025-02-22T13:34:50.528900

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

3173 / tcp

945910976 | 2025-03-05T18:17:59.231763

* OK TeamXchange IMAP4rev1 server (otyUg) ready.\r\n

3177 / tcp

-1013082686 | 2025-03-04T10:56:19.393407

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

3186 / tcp

921225407 | 2025-02-21T00:07:22.040552

\x00\x00\x00\x04\x00\x00\x00\x00\x00

3191 / tcp

-1399940268 | 2025-02-28T07:10:45.312197

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3221 / tcp

1625292406 | 2025-03-14T09:40:29.442330

<?x

3260 / tcp

1135752610 | 2025-03-09T22:33:33.048987

Login Response Success(0x0000)\nKey/Value Pairs\nAuthMethod=None

3268 / tcp

-1688921933 | 2025-02-22T13:56:05.493227

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 12-14878276-0 0NNN RT(1705363841143 0) q(0 -1 -1 -1) r(0 -1)

3269 / tcp

-1477838366 | 2025-03-18T18:40:30.962399

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

3299 / tcp

1212921144 | 2025-03-11T11:18:50.697582

0@

3306 / tcp

369808347 | 2025-03-12T23:17:23.201333

Mysql Version: 5.7.31-log \r\nN\\x00\\x00\\x00\n5.7.31-log\\x00Ut_\\x02S|d0n0s \\x00\\xff\\xff-\\x02\\x00\\xff\\xc1\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\x0c\\x04&+MJX\n#in8\\x00mysql_native_password\\x00

3388 / tcp

632542934 | 2025-03-12T08:46:01.726319

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

3389 / tcp

848680996 | 2025-02-26T21:19:22.466434

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x02\t\\x08\\x00\\x02\\x00\\x00\\x00\n\nFlag: PROTOCOL_HYBRID\nTarget_Name: WINCTYU-KTI28LG\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: WINCTYU-KTI28LG\nNetBIOS_Computer_Name: WINCTYU-KTI28LG\nDNS_Domain_Name: WINCTYU-KTI28LG\nDNS_Computer_Name: WINCTYU-KTI28LG\nSystem_Time: 2024-01-22 08:43:05 +0000 UTC\n\n

3443 / tcp

-1329831334 | 2025-03-06T08:42:55.932471

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

3524 / tcp

-1327660293 | 2025-03-06T01:44:52.585039

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

3551 / tcp

198844676 | 2025-03-08T15:48:01.615183

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3790 / tcp

539065883 | 2025-03-05T16:14:33.916970

3950 / tcp

-1099385124 | 2025-03-17T18:10:53.096111

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

3954 / tcp

819727972 | 2025-03-17T22:53:15.878182

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

4063 / tcp

1880683805 | 2025-03-18T14:45:12.789196

ÿ

4064 / tcp

321971019 | 2025-03-12T12:43:08.347935

-ERR client ip is not in whitelist\r

4085 / tcp

1911457608 | 2025-03-16T16:23:47.517705

\x00[\x00\x00\x00\x00\x00\x00

4147 / tcp

1911457608 | 2025-03-06T21:35:28.863165

\x00[\x00\x00\x00\x00\x00\x00

4150 / tcp

-2089734047 | 2025-02-24T19:04:19.640787

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

4157 / tcp

-154107716 | 2025-03-11T05:14:31.518689

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

4190 / tcp

2121220663 | 2025-03-15T09:29:48.269032

SSH-58-Ingrian_SSH\r\n

4200 / tcp

-1399940268 | 2025-03-16T01:35:01.606839

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4242 / tcp

302222687 | 2025-03-18T20:54:52.441511

HTTP/1.1 301 Moved Permanently
Server: Apache/2.4.41 (Unix) OpenSSL/1.1.1d TST PHP/7.3.11
Content-Type: text/plain; charset=utf-8
Connection: close

4282 / tcp

-314039103 | 2025-03-14T01:33:56.709299

Surnom.
Sorry, that nickname format is invalid.

4321 / tcp

-1250504565 | 2025-02-24T18:35:13.200900

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

4369 / tcp

921225407 | 2025-03-06T16:44:30.088911

\x00\x00\x00\x04\x00\x00\x00\x00\x00

4434 / tcp

-746114901 | 2025-03-07T09:06:58.632126

[KpU

4443 / tcp

-1060562267 | 2025-02-20T13:36:31.788928

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae29b6_PS-NKG-01Aqo82_2892-58968

4444 / tcp

1332894250 | 2025-03-13T11:04:59.184303

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

4457 / tcp

1761482307 | 2025-03-08T21:56:32.026919

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

4461 / tcp

-2017887953 | 2025-03-15T04:21:54.362198

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

4500 / tcp

-1114821551 | 2025-03-04T06:03:14.690891

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

4506 / tcp

819727972 | 2025-03-21T13:28:13.400934

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

4531 / tcp

632542934 | 2025-02-26T23:19:33.579167

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

4700 / tcp

669849225 | 2025-03-05T02:53:18.467375

SSH-98.60-SysaxSSH_81885..42\r\n

4840 / tcp

819727972 | 2025-03-17T15:41:24.438210

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

4899 / tcp

550048729 | 2025-03-19T00:25:00.755186

ÿÿÿ
0 ...

4949 / tcp

-1839934832 | 2025-03-12T02:22:47.944714

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

4993 / tcp

1011407350 | 2025-03-04T21:28:54.155522

* OK GroupWise IMAP4rev1 Server Ready\r\n

4999 / tcp

-1399940268 | 2025-03-12T04:35:09.828791

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5001 / tcp

-971970408 | 2025-03-11T22:08:07.824741

5007 / tcp

-2033111675 | 2025-02-20T01:56:35.518636

~djb

5009 / tcp

567505242 | 2025-03-12T08:18:28.774323

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1a3c_wdx20_40557-6922

5051 / tcp

-1399940268 | 2025-03-16T23:03:34.594144

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5053 / tcp

-1795027372 | 2025-03-09T11:21:04.064677

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

5150 / tcp

819727972 | 2025-02-20T20:38:09.543725

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

5172 / tcp

988099889 | 2025-03-17T03:51:43.668844

[ºs

5201 / tcp

-653033013 | 2025-02-28T16:16:23.668134

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

5222 / tcp

971933601 | 2025-03-12T00:19:19.262704

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

5245 / tcp

-1399940268 | 2025-02-23T22:31:15.249296

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5248 / tcp

1541211644 | 2025-03-17T16:16:43.600500

[\xc2\xba\x7fs\x7f

5250 / tcp

1541211644 | 2025-03-06T06:57:35.482144

[\xc2\xba\x7fs\x7f

5264 / tcp

51259122 | 2025-03-08T16:13:59.053552

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

5269 / tcp

756886313 | 2025-03-16T07:26:42.640313

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html

5270 / tcp

-358801646 | 2025-02-26T11:39:04.096926

SSH-2.0-OpenSSH_6.6.1

5274 / tcp

-1399940268 | 2025-03-15T14:58:03.994666

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5456 / tcp

321971019 | 2025-02-22T11:43:57.458943

-ERR client ip is not in whitelist\r

5494 / tcp

-1730858130 | 2025-03-06T08:31:20.132831

RFB 003.008
VNC:
  Protocol Version: 3.8

5500 / tcp

1023953321 | 2025-03-16T15:39:42.182000

HTTP/1.0 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm="proxy"
Connection: close
Content-type: text/html; charset=utf-8

5503 / tcp

-1399940268 | 2025-02-27T09:37:01.009757

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5542 / tcp

1332894250 | 2025-02-26T04:59:32.916654

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

5590 / tcp

-2096652808 | 2025-03-05T16:19:47.979196

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

5591 / tcp

-1399940268 | 2025-03-10T04:36:47.129915

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5594 / tcp

-1399940268 | 2025-03-19T18:13:59.047900

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5597 / tcp

-2107996212 | 2025-03-07T15:43:54.029915

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

5608 / tcp

819727972 | 2025-03-18T22:05:08.197404

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

5620 / tcp

819727972 | 2025-02-28T01:12:03.750423

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

5672 / tcp

575925250 | 2025-02-25T18:40:37.807148

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

5698 / tcp

321971019 | 2025-03-16T05:42:20.339742

-ERR client ip is not in whitelist\r

5858 / tcp

988099889 | 2025-03-13T14:45:22.363532

[ºs

5906 / tcp

-1249500036 | 2025-03-16T23:21:51.460375

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes

5938 / tcp

1991883981 | 2025-03-09T07:29:59.841011

B\x00\x00\x00\xc3\xbfn\x04Too many connections

5986 / tcp

117101543 | 2025-03-21T01:31:11.255798

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

5988 / tcp

1282941221 | 2025-03-20T03:57:30.065920

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

6000 / tcp

-1399940268 | 2025-02-25T00:54:27.244094

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6001 / tcp

-1477838366 | 2025-03-18T10:29:24.150946

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

6379 / tcp

321971019 | 2025-03-17T20:41:20.260317

-ERR client ip is not in whitelist\r

6514 / tcp

-1839934832 | 2025-03-12T22:48:51.167171

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

6556 / tcp

-801484042 | 2025-03-05T20:31:39.922416

ERR 27

6565 / tcp

-367607324 | 2025-03-10T04:39:16.726612

\\x12\\x04\\x03\\x7f\xc3\xbf\xc3\xbf\xc3\xbf\n0\\x04\\x10\\x06 \\x04\\x08...\n

6580 / tcp

-776709531 | 2025-03-04T19:46:46.931248

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 13-202210762-0 0NNN RT(1700908507511 171) q(0 -1 -1 -1) r(0 -1)

6603 / tcp

-1399940268 | 2025-02-25T17:59:28.929807

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6653 / tcp

1911457608 | 2025-02-27T17:09:12.127759

\x00[\x00\x00\x00\x00\x00\x00

6666 / tcp

4935895 | 2025-02-22T05:48:20.552241

HTTP/1.1 400 Bad Request
Server: CloudWAF

6667 / tcp

660175493 | 2025-02-24T00:04:26.077953

6697 / tcp

1396488228 | 2025-02-26T06:37:47.230699

HTTP/1.1 200 OK
Content-Length: 2037
Cache-Control: private, max-age=300
Content-Type: text/html

6887 / tcp

1308377066 | 2025-03-12T04:26:08.025926

ncacn_http/1.0

7001 / tcp

1220127183 | 2025-03-18T00:06:05.264857

HTTP/1.1 400 Bad Request
Connection: keep-alive
Connection: close
X-Via-JSL: 6958812,-
X-Cache: error

7011 / tcp

819727972 | 2025-02-26T23:59:50.656259

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

7020 / tcp

51259122 | 2025-03-10T05:03:53.646480

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

7071 / tcp

2087396567 | 2025-02-22T15:12:16.758371

kjnkjabhbanc283ubcsbhdc72

7171 / tcp

-1810987450 | 2025-03-14T01:17:29.907842

\xc3\xbf

7218 / tcp

1632932802 | 2025-03-19T22:08:03.783763

7415 / tcp

-1947777893 | 2025-03-20T23:49:35.159410

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

7434 / tcp

1850902677 | 2025-02-22T11:09:44.087104

W!

7443 / tcp

-584993230 | 2025-03-06T09:22:28.641991

HTTP/1.1 400 Bad Request
Server:  
Content-Type: text/html
Connection: close

7510 / tcp

-136006866 | 2025-02-25T10:29:38.055635

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

7548 / tcp

-971970408 | 2025-03-15T08:44:55.894922

7700 / tcp

-653033013 | 2025-03-16T16:00:50.510357

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

7777 / tcp

1391945995 | 2025-03-15T05:25:34.716064

HTTP/1.1 403 Forbidden 
Content-Type: text/plain; charset=utf-8
Proxy-Authenticate: Basic realm=""

7799 / tcp

-1399940268 | 2025-03-12T21:06:49.769209

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7801 / tcp

-1036370807 | 2025-03-05T02:21:40.200685

JDWP-Handshake

7998 / tcp

165188539 | 2025-02-21T17:35:47.568633

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8001 / tcp

2103111368 | 2025-03-10T17:16:05.482353

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8003 / tcp

1911457608 | 2025-03-10T08:19:33.451176

\x00[\x00\x00\x00\x00\x00\x00

8004 / tcp

-1428621233 | 2025-03-16T16:06:51.090502

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

8006 / tcp

-747911285 | 2025-02-20T05:58:10.527201

\xc2\xaa

8009 / tcp

321971019 | 2025-03-16T12:47:23.587989

-ERR client ip is not in whitelist\r

8027 / tcp

-653033013 | 2025-02-20T22:13:17.855626

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

8030 / tcp

1911457608 | 2025-03-20T16:29:41.864349

\x00[\x00\x00\x00\x00\x00\x00

8045 / tcp

-42767839 | 2025-03-20T07:04:23.333721

RFB 005.000

VNC:
  Protocol Version: 5.0

8047 / tcp

1308377066 | 2025-02-26T03:44:20.077353

ncacn_http/1.0

8050 / tcp

1332894250 | 2025-03-17T02:49:34.908170

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

8058 / tcp

-1399940268 | 2025-03-12T08:59:50.778594

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8059 / tcp

669849225 | 2025-03-05T19:13:11.839423

SSH-98.60-SysaxSSH_81885..42\r\n

8066 / tcp

2063598737 | 2025-03-12T23:48:04.002487

/0 0 L\r\n/0 0 HUH\r\n

8075 / tcp

1381121983 | 2025-03-19T06:17:21.908955

Notify\r\n

8081 / tcp

-358801646 | 2025-03-14T04:11:34.221298

SSH-2.0-OpenSSH_6.6.1

8083 / tcp

1308377066 | 2025-03-16T02:26:08.620546

ncacn_http/1.0

8085 / tcp

-68075478 | 2025-03-21T06:41:11.739213

8087 / tcp

-1399940268 | 2025-03-10T00:26:34.698753

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8089 / tcp

2087396567 | 2025-03-06T17:47:49.887613

kjnkjabhbanc283ubcsbhdc72

8092 / tcp

1126993057 | 2025-03-15T20:20:24.426545

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

8096 / tcp

165188539 | 2025-03-14T01:40:27.457503

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8099 / tcp

648174097 | 2025-03-11T15:23:20.903467

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

8101 / tcp

401555314 | 2025-03-09T18:24:26.564332

NB[GFXjA^R

8111 / tcp

-1810987450 | 2025-03-16T11:33:13.781352

\xc3\xbf

8124 / tcp

-441419608 | 2025-03-10T10:26:28.320629

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

8139 / tcp

1842524259 | 2025-03-10T01:25:20.283349

8152 / tcp

-1032713145 | 2025-03-11T08:21:36.381423

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

8160 / tcp

819727972 | 2025-02-23T09:51:22.423450

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8161 / tcp

-2089734047 | 2025-03-20T20:11:29.147310

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8166 / tcp

745343730 | 2025-03-18T15:04:52.072893

220 smtp.qq.com Esmtp QQ Mail Server

8169 / tcp

632542934 | 2025-02-27T20:45:51.079538

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8172 / tcp

-1428621233 | 2025-03-16T11:06:32.986734

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

8173 / tcp

-1810987450 | 2025-03-17T04:17:55.131685

\xc3\xbf

8175 / tcp

819727972 | 2025-03-10T19:37:34.951727

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8177 / tcp

-1428621233 | 2025-02-27T12:11:56.145660

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

8181 / tcp

539065883 | 2025-03-19T02:43:40.688054

8182 / tcp

1212285915 | 2025-02-23T18:19:53.958980

\x00K\x00\x00\x02\x00\x00\x00%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

8250 / tcp

-1399940268 | 2025-03-09T13:48:07.966460

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8285 / tcp

1761482307 | 2025-03-21T07:58:04.499451

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

8291 / tcp

1911457608 | 2025-03-06T09:26:22.558125

\x00[\x00\x00\x00\x00\x00\x00

8333 / tcp

-1300025046 | 2025-03-19T12:16:23.575734

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705941025.555-waf01bjtp3

8403 / tcp

-1399940268 | 2025-03-13T12:35:49.946634

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8409 / tcp

-904840257 | 2025-02-25T15:53:09.333253

572 Relay not authorized\r\n

8412 / tcp

-1399940268 | 2025-03-10T00:15:42.165583

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8414 / tcp

-1375131644 | 2025-03-14T17:25:17.320456

\x00[v\xc3\xbdC\x7f\x00\x00

8416 / tcp

1911457608 | 2025-03-18T02:05:32.998532

\x00[\x00\x00\x00\x00\x00\x00

8435 / tcp

-445721795 | 2025-03-17T19:09:53.682468

\x00[\xc3\xaed\x1a\x7f\x00\x00

8436 / tcp

-1888448627 | 2025-03-21T09:59:33.739319

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8457 / tcp

1911457608 | 2025-02-27T19:53:03.877523

\x00[\x00\x00\x00\x00\x00\x00

8459 / tcp

-1099385124 | 2025-03-16T22:49:24.512681

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

8465 / tcp

1911457608 | 2025-03-13T05:38:43.094937

\x00[\x00\x00\x00\x00\x00\x00

8500 / tcp

-1455149952 | 2025-03-17T03:54:41.788679

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1e27_PS-000-01sNY99_31294-28028

8505 / tcp

819727972 | 2025-02-27T07:36:01.971017

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8513 / tcp

1332894250 | 2025-03-05T02:50:33.150070

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

8519 / tcp

-1013082686 | 2025-02-24T23:45:22.402009

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

8545 / tcp

2087396567 | 2025-03-19T03:44:27.213575

kjnkjabhbanc283ubcsbhdc72

8554 / tcp

2087396567 | 2025-03-15T07:56:37.683357

kjnkjabhbanc283ubcsbhdc72

8562 / tcp

-1730858130 | 2025-03-17T22:36:30.687431

RFB 003.008
VNC:
  Protocol Version: 3.8

8567 / tcp

117101543 | 2025-02-28T01:17:18.644201

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

8575 / tcp

51259122 | 2025-03-13T23:52:13.925697

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

8580 / tcp

819727972 | 2025-03-13T17:11:49.209240

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8585 / tcp

1911457608 | 2025-02-19T18:43:50.556124

\x00[\x00\x00\x00\x00\x00\x00

8592 / tcp

-1399940268 | 2025-03-19T04:06:11.258584

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8593 / tcp

165188539 | 2025-02-22T18:17:36.758837

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8595 / tcp

165188539 | 2025-03-20T05:54:32.090212

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8602 / tcp

-1487943323 | 2025-03-21T10:33:40.785495

431 Unable to negotiate secure command connection.\r\n

8649 / tcp

1489954473 | 2025-03-05T12:28:34.609967

HTTP/1.1 410 Gone
Server: openresty
Transfer-Encoding: chunked
Connection: keep-alive
Via: 1.1 google

8724 / tcp

-2017887953 | 2025-03-18T16:16:05.790868

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

8728 / tcp

-1265999252 | 2025-03-18T17:49:02.300779

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

8732 / tcp

-1399940268 | 2025-03-13T16:43:49.680478

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8808 / tcp

1574088840 | 2025-02-22T01:54:05.046003

">Application and Content Networking Software 3.9</a>)\n</BODY><

8809 / tcp

114471724 | 2025-03-15T12:34:23.632348

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN
Server: NSX

8814 / tcp

-1779118422 | 2025-03-19T14:35:02.125342

\x00[\xc2\xae\xc2\x8d{\x7f\x00\x00

8829 / tcp

632542934 | 2025-03-06T22:10:59.048677

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8834 / tcp

1261582754 | 2025-03-19T04:32:18.772159

unknown command 
unknown command

8845 / tcp

1278527606 | 2025-02-23T18:27:15.331874

SSH-2.0-Teleport

8855 / tcp

-288825733 | 2025-03-18T01:38:37.826985

HTTP/1.1 200 OK
Connection: close
Content-Length: 2619
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE
Content-Type: text/html
Server: Jetty(9.4.14.v20181114)
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

8872 / tcp

819727972 | 2025-02-25T20:04:42.159169

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8880 / tcp

398077695 | 2025-03-18T09:23:47.849328

8891 / tcp

-1327660293 | 2025-03-10T19:06:16.359196

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

8908 / tcp

599074451 | 2025-03-15T10:17:09.841939

msg

8935 / tcp

-454087041 | 2025-02-26T17:24:41.423426

\x1e\xc3\x80\x010\x02\x00\xc2\xa8\xc3\xa3\x00\x00\x00\x00

9000 / tcp

-2067028711 | 2025-03-19T03:01:02.482743

\x15\x03\x01\x00\x02\x02F

9002 / tcp

1082732927 | 2025-02-24T19:27:17.106512

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

9026 / tcp

819727972 | 2025-03-14T17:06:41.749759

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9037 / tcp

819727972 | 2025-03-16T19:55:09.969687

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9042 / tcp

1842524259 | 2025-03-06T20:09:07.773739

9045 / tcp

1911457608 | 2025-03-15T04:04:49.728251

\x00[\x00\x00\x00\x00\x00\x00

9046 / tcp

-1947777893 | 2025-03-21T04:27:50.274914

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

9049 / tcp

1134517380 | 2025-03-07T11:23:34.042206

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

9051 / tcp

1741579575 | 2025-03-10T11:53:45.159920

9054 / tcp

632542934 | 2025-02-27T15:24:38.876671

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

9055 / tcp

632542934 | 2025-03-13T08:00:46.709721

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

9059 / tcp

1543809371 | 2025-02-21T20:10:06.157945

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

9065 / tcp

-2089734047 | 2025-03-20T22:31:56.795453

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9089 / tcp

-2089734047 | 2025-03-13T21:16:41.883199

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9092 / tcp

1911457608 | 2025-03-14T00:52:22.031707

\x00[\x00\x00\x00\x00\x00\x00

9095 / tcp

2087396567 | 2025-03-21T04:19:09.222510

kjnkjabhbanc283ubcsbhdc72

9098 / tcp

-1097188123 | 2025-03-13T12:36:13.374945

[g\xc2\x95N\x7f

9100 / tcp

-1888448627 | 2025-03-16T12:52:44.348850

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9103 / tcp

1761482307 | 2025-03-17T17:38:45.749755

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

9113 / tcp

1911457608 | 2025-03-13T09:16:23.464156

\x00[\x00\x00\x00\x00\x00\x00

9118 / tcp

-1399940268 | 2025-03-10T10:35:07.410052

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9145 / tcp

1492413928 | 2025-03-14T18:49:26.751749

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

9151 / tcp

-1031019485 | 2025-03-20T05:18:58.602095

[l¶Ð

9152 / tcp

165188539 | 2025-03-16T15:01:44.508371

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9160 / tcp

-2089734047 | 2025-03-20T13:07:02.506783

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9170 / tcp

819727972 | 2025-02-22T19:49:26.726290

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9176 / tcp

-1899074860 | 2025-03-20T21:15:49.663337

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

9181 / tcp

-1399940268 | 2025-03-08T21:49:16.228356

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9188 / tcp

-1810987450 | 2025-03-13T09:53:10.369866

\xc3\xbf

9207 / tcp

-445721795 | 2025-03-06T08:35:46.749157

\x00[\xc3\xaed\x1a\x7f\x00\x00

9219 / tcp

-1399940268 | 2025-03-18T19:37:59.175437

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9226 / tcp

1911457608 | 2025-02-28T12:29:19.772453

\x00[\x00\x00\x00\x00\x00\x00

9249 / tcp

-288825733 | 2025-03-07T10:51:45.697197

HTTP/1.1 200 OK
Connection: close
Content-Length: 2619
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE
Content-Type: text/html
Server: Jetty(9.4.14.v20181114)
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

9250 / tcp

819727972 | 2025-03-18T15:38:34.528856

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9273 / tcp

-1888448627 | 2025-03-18T15:58:12.496275

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9300 / tcp

-1399940268 | 2025-02-20T11:52:01.499453

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9306 / tcp

-1327660293 | 2025-03-20T08:34:00.677574

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

9309 / tcp

-1399940268 | 2025-03-12T01:34:28.665745

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9333 / tcp

103159425 | 2025-02-25T04:49:33.855818

SSH-1.99-RGOS_SSH

9351 / tcp

1996932384 | 2025-03-04T17:39:33.818280

"raop" nonce

9383 / tcp

819727972 | 2025-03-05T08:42:32.112702

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9398 / tcp

671605376 | 2025-03-04T22:50:36.409438

SSH-2.0-OpenSSH_X.X

9418 / tcp

1529351907 | 2025-03-18T19:40:29.776816

HTTP/1.1 407 OK
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

please add white ip *.*.*.*

9445 / tcp

1632932802 | 2025-03-11T20:08:03.838013

9456 / tcp

-2089734047 | 2025-02-22T02:11:14.898366

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9510 / tcp

-2089734047 | 2025-03-06T23:36:43.557368

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9527 / tcp

2121220663 | 2025-03-19T16:21:08.126804

SSH-58-Ingrian_SSH\r\n

9530 / tcp

-345718689 | 2025-03-18T10:16:12.433010

Vty password is not set.

9600 / tcp

1911457608 | 2025-03-21T02:30:57.370415

\x00[\x00\x00\x00\x00\x00\x00

9633 / tcp

-971970408 | 2025-03-21T00:43:34.154592

9761 / tcp

580340387 | 2025-03-15T10:36:41.244928

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

9797 / tcp

1911457608 | 2025-03-21T15:41:44.117880

\x00[\x00\x00\x00\x00\x00\x00

9800 / tcp

-2118655245 | 2025-03-07T10:39:04.421846

Hashes

hash

1015654041

http.dom_hash

-2006505642

http.html_hash

-2118655245

HTTP/1.0 500 Internal Server Error
Content-Length: 20

9872 / tcp

-784071826 | 2025-03-15T12:13:45.268025

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

9876 / tcp

1721921834 | 2025-03-10T00:00:08.644840

\\x00\\x00\\x01+\\x00\\x00\\x00_{"code":0,"flag":1,"language":"JAVA","opaque":0,"serializeTypeCurrentRPC":"JSON","version":433}{"brokerAddrTable":{"broker-a":{"brokerAddrs":{0:"180.116.172.66:10911"},"brokerName":"broker-a","cluster":"DefaultCluster","enableActingMaster":false}},"clusterAddrTable":{"DefaultCluster":["broker-a"]}}

9898 / tcp

1320285193 | 2025-03-21T01:35:04.465426

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

9943 / tcp

1833368189 | 2025-03-08T19:54:26.589452

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae18b9_dong118_31397-16667

9944 / tcp

1492413928 | 2025-03-18T05:05:37.498435

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

9977 / tcp

-1373613804 | 2025-03-09T09:19:17.486202

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

9994 / tcp

-1399940268 | 2025-03-18T19:50:51.887227

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9998 / tcp

-1223770960 | 2025-03-13T13:31:45.061763

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae28e5_PS-PEK-01Whk40_31773-63705

9999 / tcp

1161309183 | 2025-03-19T21:33:30.583396

ProxyServer is ready

10000 / tcp

819727972 | 2025-03-06T00:47:46.990981

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

10001 / tcp

1492413928 | 2025-03-17T16:44:11.467526

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

10003 / tcp

-1888448627 | 2025-02-25T10:00:51.817704

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

10016 / tcp

455076604 | 2025-02-27T21:03:48.350828

!\x07version\x04bind7 t{RPowerDNS Recursor 410

10025 / tcp

-2107996212 | 2025-02-23T16:08:54.592575

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

10035 / tcp

-1399940268 | 2025-03-14T22:07:14.567653

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10038 / tcp

-2089734047 | 2025-03-04T11:23:42.904246

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

10050 / tcp

819727972 | 2025-03-12T11:38:11.072966

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

10052 / tcp

1911457608 | 2025-03-20T20:29:14.615026

\x00[\x00\x00\x00\x00\x00\x00

10066 / tcp

-1189269828 | 2025-03-16T03:38:38.702566

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

10080 / tcp

-303199180 | 2025-03-06T14:19:03.173521

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

10093 / tcp

1948301213 | 2025-03-19T16:41:48.974766

RFB 003.003
VNC:
  Protocol Version: 3.3

10210 / tcp

-1019343788 | 2025-02-28T23:07:19.919267

W!\x00\x00\x00\x00

10250 / tcp

1282941221 | 2025-03-16T00:38:18.485995

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

10256 / tcp

-2089734047 | 2025-03-04T18:58:26.833234

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

10443 / tcp

2087396567 | 2025-03-21T17:15:28.463327

kjnkjabhbanc283ubcsbhdc72

10554 / tcp

-1872120160 | 2025-03-04T19:28:28.142687

">Application and Content Networking Software 3.9</a>)
</BODY><

11000 / tcp

-653033013 | 2025-03-04T15:24:01.623702

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

11027 / tcp

-1399940268 | 2025-02-25T03:32:11.207036

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

11075 / tcp

-1399940268 | 2025-02-28T14:33:29.179602

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

11112 / tcp

-2089734047 | 2025-03-16T02:28:55.221478

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

11182 / tcp

1543809371 | 2025-02-22T09:16:37.846909

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

11210 / tcp

-653033013 | 2025-02-28T17:28:33.007884

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

11211 / tcp

-136006866 | 2025-03-11T19:04:42.130734

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

11288 / tcp

671605376 | 2025-03-20T06:20:55.444958

SSH-2.0-OpenSSH_X.X

11300 / tcp

-801484042 | 2025-03-14T10:47:52.314420

ERR 27

11681 / tcp

819727972 | 2025-03-04T12:56:26.156286

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

11688 / tcp

-1399940268 | 2025-03-14T13:50:11.610116

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12000 / tcp

-1368104760 | 2025-03-21T02:02:52.373298

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1d31_PS-TNA-01mQW36_7416-41955

12108 / tcp

1911457608 | 2025-02-25T18:05:39.818925

\x00[\x00\x00\x00\x00\x00\x00

12111 / tcp

1911457608 | 2025-02-25T09:54:27.899639

\x00[\x00\x00\x00\x00\x00\x00

12121 / tcp

-1399940268 | 2025-02-25T15:08:52.028019

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12124 / tcp

1975288991 | 2025-02-23T13:07:35.504198

OPTI

12138 / tcp

1911457608 | 2025-03-20T01:26:38.796254

\x00[\x00\x00\x00\x00\x00\x00

12145 / tcp

-1428621233 | 2025-02-23T13:27:50.844060

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

12150 / tcp

1911457608 | 2025-03-21T06:23:36.055756

\x00[\x00\x00\x00\x00\x00\x00

12153 / tcp

-1399940268 | 2025-03-12T05:43:02.960552

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12155 / tcp

-1888448627 | 2025-03-19T19:32:49.673304

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12157 / tcp

-1327660293 | 2025-03-12T15:49:21.535826

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12164 / tcp

307999478 | 2025-03-07T12:34:30.959939

unknown command \r\nunknown command \r\n

12174 / tcp

314154374 | 2025-02-21T07:37:59.185725

HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Permissions-Policy: camera=(), geolocation=()
Pragma: no-cache
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

12192 / tcp

-1399940268 | 2025-02-20T17:31:36.289118

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12199 / tcp

401555314 | 2025-03-19T16:48:25.944716

NB[GFXjA^R

12201 / tcp

1134517380 | 2025-02-27T13:25:43.074806

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

12202 / tcp

-891714208 | 2025-02-25T09:33:09.271097

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

12211 / tcp

1761482307 | 2025-03-07T07:59:05.646756

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

12223 / tcp

-1795027372 | 2025-02-24T10:58:55.602812

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

12225 / tcp

819727972 | 2025-02-20T01:21:16.947458

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12239 / tcp

-2033111675 | 2025-03-06T12:04:33.386067

~djb

12244 / tcp

-1476017887 | 2025-03-14T17:44:04.460480

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

12245 / tcp

921225407 | 2025-03-05T09:23:19.484205

\x00\x00\x00\x04\x00\x00\x00\x00\x00

12246 / tcp

-1329831334 | 2025-03-04T15:38:38.626089

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

12247 / tcp

-1476017887 | 2025-03-09T12:56:41.405987

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

12253 / tcp

-1476017887 | 2025-03-17T07:53:44.028604

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

12259 / tcp

1911457608 | 2025-03-10T11:12:51.387376

\x00[\x00\x00\x00\x00\x00\x00

12263 / tcp

722711397 | 2025-03-13T12:22:30.454472

\x00[M\xc3\xba\xc3\x9a\x7f\x00\x00

12266 / tcp

-1399940268 | 2025-02-22T18:51:40.098574

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12273 / tcp

-1032713145 | 2025-03-05T18:01:51.989472

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

12277 / tcp

-1399940268 | 2025-03-20T16:41:05.628048

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12280 / tcp

-1487943323 | 2025-03-15T22:06:44.254989

431 Unable to negotiate secure command connection.\r\n

12284 / tcp

-1059554316 | 2025-03-12T20:24:05.029018

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

12285 / tcp

410249975 | 2025-03-20T22:02:06.668606

LNS READY<>

12289 / tcp

-1888448627 | 2025-03-12T09:37:52.254431

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12290 / tcp

-1888448627 | 2025-03-17T15:42:00.698462

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12293 / tcp

820958131 | 2025-03-20T21:14:57.790235

kjnkjabhbanc283ubcsbhdc72\x02

12307 / tcp

410249975 | 2025-02-28T14:02:10.687769

LNS READY<>

12317 / tcp

819727972 | 2025-03-21T14:32:47.948682

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12320 / tcp

-1399940268 | 2025-02-24T22:01:49.539293

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12322 / tcp

819727972 | 2025-03-12T17:24:48.970863

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12328 / tcp

819727972 | 2025-03-10T12:26:01.185480

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12330 / tcp

1911457608 | 2025-03-14T23:49:38.876975

\x00[\x00\x00\x00\x00\x00\x00

12331 / tcp

-1730858130 | 2025-03-09T21:20:54.783476

RFB 003.008
VNC:
  Protocol Version: 3.8

12335 / tcp

-2096652808 | 2025-02-25T17:08:18.220195

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12345 / tcp

878900329 | 2025-02-27T04:08:41.407151

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae24ba_PStjkgwtss75_22411-43255

12359 / tcp

740837454 | 2025-03-17T15:00:35.113030

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

12360 / tcp

-358801646 | 2025-03-17T02:40:02.381196

SSH-2.0-OpenSSH_6.6.1

12362 / tcp

1911457608 | 2025-03-19T14:39:48.391793

\x00[\x00\x00\x00\x00\x00\x00

12364 / tcp

-1399940268 | 2025-03-10T10:00:34.595368

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12370 / tcp

1543809371 | 2025-03-10T10:52:55.212725

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

12378 / tcp

-1888448627 | 2025-03-19T05:29:32.244445

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12381 / tcp

-358801646 | 2025-03-04T23:24:59.529411

SSH-2.0-OpenSSH_6.6.1

12383 / tcp

-1399940268 | 2025-02-27T05:36:20.897195

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12387 / tcp

-2096652808 | 2025-03-17T16:26:32.785250

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12388 / tcp

-2107996212 | 2025-03-21T11:51:04.452651

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

12396 / tcp

1911457608 | 2025-03-13T05:23:29.190715

\x00[\x00\x00\x00\x00\x00\x00

12399 / tcp

1308377066 | 2025-03-17T04:23:34.086920

ncacn_http/1.0

12400 / tcp

671605376 | 2025-03-09T10:48:47.090385

SSH-2.0-OpenSSH_X.X

12404 / tcp

-2089734047 | 2025-03-18T22:05:16.208694

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12409 / tcp

819727972 | 2025-02-28T23:49:50.722207

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12427 / tcp

119860953 | 2025-03-21T09:01:55.486287

* OK ArGoSoft Mail Server IMAP Module v.YW at

12429 / tcp

-2089734047 | 2025-02-27T18:22:25.693832

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12437 / tcp

119860953 | 2025-03-04T05:49:32.429421

* OK ArGoSoft Mail Server IMAP Module v.YW at

12440 / tcp

1911457608 | 2025-02-20T10:36:22.776139

\x00[\x00\x00\x00\x00\x00\x00

12445 / tcp

1011407350 | 2025-03-07T16:48:19.319992

* OK GroupWise IMAP4rev1 Server Ready\r\n

12452 / tcp

-784071826 | 2025-03-20T22:21:05.289801

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

12459 / tcp

580340387 | 2025-03-18T06:25:19.821878

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

12472 / tcp

-1399940268 | 2025-03-11T22:41:19.052625

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12474 / tcp

-2031152423 | 2025-03-09T09:39:28.337281

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

12487 / tcp

819727972 | 2025-02-21T18:54:45.256396

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12496 / tcp

165188539 | 2025-03-12T00:35:27.345469

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12503 / tcp

-303199180 | 2025-03-05T17:37:42.006026

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

12506 / tcp

-249504111 | 2025-02-26T23:10:02.904202

\x00[xU-\x7f\x00\x00

12519 / tcp

-1279886438 | 2025-03-19T13:24:30.897304

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

12520 / tcp

2103111368 | 2025-03-15T08:16:25.721774

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

12522 / tcp

-274082663 | 2025-03-11T19:50:38.057215

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

12526 / tcp

-2096652808 | 2025-03-19T21:02:32.908667

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12533 / tcp

1282941221 | 2025-03-09T11:04:50.817282

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

12544 / tcp

-801484042 | 2025-02-25T11:04:09.417640

ERR 27

12549 / tcp

-1399940268 | 2025-02-28T23:10:57.761662

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12562 / tcp

-1888448627 | 2025-03-17T21:16:39.736302

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12563 / tcp

-1888448627 | 2025-03-16T09:22:31.412521

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12568 / tcp

-1810987450 | 2025-02-23T16:16:27.878886

\xc3\xbf

12569 / tcp

-1327660293 | 2025-03-20T19:21:19.408159

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12575 / tcp

-1399940268 | 2025-03-08T20:09:26.778938

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12576 / tcp

-2107996212 | 2025-02-23T02:02:47.831690

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

12578 / tcp

1911457608 | 2025-03-19T03:22:24.416174

\x00[\x00\x00\x00\x00\x00\x00

12582 / tcp

-1148066627 | 2025-02-28T20:17:20.195565

\x00[\xc2\x84\xc2\x86\xc3\xb2\x7f\x00\x00

12586 / tcp

-1888448627 | 2025-03-05T10:15:59.416496

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12587 / tcp

1911457608 | 2025-02-24T23:56:53.396759

\x00[\x00\x00\x00\x00\x00\x00

12980 / tcp

1504401647 | 2025-03-07T05:34:34.424961

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

13047 / tcp

2087396567 | 2025-03-11T21:58:39.416545

kjnkjabhbanc283ubcsbhdc72

14147 / tcp

-1399940268 | 2025-02-25T02:42:07.020631

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14265 / tcp

526659200 | 2025-03-06T03:42:37.425680

ÿÿÿ

14330 / tcp

45131230 | 2025-02-22T22:03:21.146002

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

14344 / tcp

-2031152423 | 2025-03-06T04:55:06.001529

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

14403 / tcp

819727972 | 2025-02-24T05:08:13.900714

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

14909 / tcp

819727972 | 2025-02-28T12:27:55.636808

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

15018 / tcp

-1399940268 | 2025-03-09T08:02:25.342547

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

15672 / tcp

-358801646 | 2025-02-25T00:43:58.611760

SSH-2.0-OpenSSH_6.6.1

16005 / tcp

-980525298 | 2025-03-20T18:01:11.654806

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

16006 / tcp

-1140468363 | 2025-03-12T17:43:26.444309

\x02\t\x01

16018 / tcp

-147424911 | 2025-03-14T22:11:06.452544

HTTP/1.1 404 Not Found
Content Length: 0

16021 / tcp

-2096652808 | 2025-02-28T16:57:27.026378

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

16036 / tcp

-358801646 | 2025-02-28T04:59:21.099107

SSH-2.0-OpenSSH_6.6.1

16037 / tcp

-904840257 | 2025-02-28T02:44:35.797471

572 Relay not authorized\r\n

16046 / tcp

-358801646 | 2025-03-20T07:18:01.793673

SSH-2.0-OpenSSH_6.6.1

16048 / tcp

-1888448627 | 2025-03-13T16:30:39.062269

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

16049 / tcp

-1730858130 | 2025-03-16T20:05:08.587208

RFB 003.008
VNC:
  Protocol Version: 3.8

16050 / tcp

-1730858130 | 2025-03-08T23:03:42.258213

RFB 003.008
VNC:
  Protocol Version: 3.8

16059 / tcp

-1399940268 | 2025-02-23T14:47:45.187357

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16065 / tcp

-1399940268 | 2025-02-26T08:30:58.606925

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16093 / tcp

-1399940268 | 2025-02-21T14:52:56.944369

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16094 / tcp

-1839934832 | 2025-03-05T07:57:37.635455

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

16097 / tcp

119860953 | 2025-03-14T17:04:15.764583

* OK ArGoSoft Mail Server IMAP Module v.YW at

16100 / tcp

-1327660293 | 2025-02-25T22:10:21.227932

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

17443 / tcp

709622286 | 2025-03-04T05:32:55.676977

OK Welcome <299685> on DirectUpdate server 7286\r\n

18007 / tcp

45131230 | 2025-03-04T19:58:46.275963

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

18009 / tcp

-1399940268 | 2025-03-21T05:07:56.542604

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18012 / tcp

-1105333987 | 2025-03-10T19:04:01.504162

\x00[KpU\x7f\x00\x00

18013 / tcp

-1105333987 | 2025-03-03T23:15:27.357890

\x00[KpU\x7f\x00\x00

18021 / tcp

1126993057 | 2025-03-12T00:50:31.790920

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

18030 / tcp

921225407 | 2025-03-10T20:56:36.815159

\x00\x00\x00\x04\x00\x00\x00\x00\x00

18044 / tcp

-1399940268 | 2025-03-12T13:50:17.179734

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18047 / tcp

-345718689 | 2025-03-16T23:26:19.887324

Vty password is not set.

18055 / tcp

1911457608 | 2025-02-21T06:30:41.665529

\x00[\x00\x00\x00\x00\x00\x00

18057 / tcp

-1189269828 | 2025-03-16T07:05:29.887065

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

18062 / tcp

1212285915 | 2025-03-16T00:57:33.165841

\x00K\x00\x00\x02\x00\x00\x00%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

18065 / tcp

1353260875 | 2025-03-14T13:01:45.895292

\x00[g\xc2\x95N\x7f\x00\x00

18077 / tcp

745343730 | 2025-02-28T20:04:24.972538

220 smtp.qq.com Esmtp QQ Mail Server

18080 / tcp

1778988322 | 2025-03-17T15:24:43.963991

* OK GroupWise IMAP4rev1 Server Ready

18081 / tcp

539065883 | 2025-03-17T05:48:12.586407

18088 / tcp

1615193817 | 2025-03-16T23:49:26.262791

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

18091 / tcp

1911457608 | 2025-03-12T23:11:22.500836

\x00[\x00\x00\x00\x00\x00\x00

18095 / tcp

-1477838366 | 2025-03-03T18:42:03.716960

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

18097 / tcp

1282941221 | 2025-03-13T22:35:24.584317

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

18111 / tcp

-274082663 | 2025-02-25T11:23:02.458443

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

18182 / tcp

-1399940268 | 2025-03-05T08:13:34.577397

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18245 / tcp

1574088840 | 2025-02-25T08:31:32.701899

">Application and Content Networking Software 3.9</a>)\n</BODY><

18765 / tcp

1011407350 | 2025-02-28T09:11:37.179411

* OK GroupWise IMAP4rev1 Server Ready\r\n

18888 / tcp

410249975 | 2025-03-10T01:59:45.833463

LNS READY<>

19016 / tcp

-1399940268 | 2025-03-05T01:15:50.730470

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

19930 / tcp

-1032713145 | 2025-03-14T10:14:33.450917

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

20000 / tcp

1900503736 | 2025-03-05T07:42:48.190078

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

20090 / tcp

1504401647 | 2025-03-05T23:02:30.736051

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

20110 / tcp

-1428621233 | 2025-02-26T12:54:27.844677

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

20121 / tcp

820958131 | 2025-02-27T06:28:41.259942

kjnkjabhbanc283ubcsbhdc72\x02

20151 / tcp

-1996280214 | 2025-02-24T09:51:34.660110

\x06\x04\x05@

20185 / tcp

-2089734047 | 2025-03-08T21:41:23.093621

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

20208 / tcp

-1399940268 | 2025-02-22T21:21:47.696986

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20256 / tcp

-2107996212 | 2025-03-20T22:05:52.153639

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

20547 / tcp

-1737707071 | 2025-03-07T17:16:54.685507

\x00b\x00\x01\x00\x00\x00\x00x\x0b\x00\x00\x00\x00z\x00437

20880 / tcp

1370263973 | 2025-03-20T19:20:28.651301

dubbo>

21001 / tcp

-1399940268 | 2025-03-17T09:18:18.164919

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21025 / tcp

819727972 | 2025-03-21T13:31:30.486302

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

21237 / tcp

819727972 | 2025-03-16T11:41:53.386972

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

21249 / tcp

1975288991 | 2025-03-12T21:15:06.766975

OPTI

21250 / tcp

-1835475271 | 2025-03-04T00:44:59.704411

200 NOD32SS 99 (3318497116)\r\n

21251 / tcp

1519486042 | 2025-02-27T01:22:26.253096

<KU_goodbye>Protocol Error: XML data is not well-formed.</KU_goodbye>

21262 / tcp

-1399940268 | 2025-03-20T01:07:32.736255

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21275 / tcp

-1888448627 | 2025-03-19T22:20:51.512088

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

21276 / tcp

165188539 | 2025-03-18T14:54:28.860121

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

21285 / tcp

307999478 | 2025-03-16T10:44:33.733095

unknown command \r\nunknown command \r\n

21286 / tcp

-1399940268 | 2025-03-06T08:50:43.248182

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21296 / tcp

-358801646 | 2025-03-12T02:20:26.856588

SSH-2.0-OpenSSH_6.6.1

21308 / tcp

-454087041 | 2025-03-17T10:39:13.095873

\x1e\xc3\x80\x010\x02\x00\xc2\xa8\xc3\xa3\x00\x00\x00\x00

21315 / tcp

632542934 | 2025-03-05T11:51:42.277552

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

21357 / tcp

-1810987450 | 2025-03-16T06:46:03.658471

\xc3\xbf

21379 / tcp

-1013082686 | 2025-03-20T01:41:55.087782

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

21443 / tcp

-1327660293 | 2025-02-28T08:34:21.387699

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

22345 / tcp

-1538260461 | 2025-02-27T07:20:30.891169

\x01\x00\x00\x00

22380 / tcp

205347087 | 2025-02-27T07:06:23.585000

SSH-25453-Cisco-3524665.35\n

22705 / tcp

1911457608 | 2025-03-10T19:39:54.774975

\x00[\x00\x00\x00\x00\x00\x00

23023 / tcp

1887224352 | 2025-02-28T09:32:22.743933

24181 / tcp

1911457608 | 2025-02-26T19:33:29.084939

\x00[\x00\x00\x00\x00\x00\x00

25002 / tcp

-1476017887 | 2025-03-20T18:58:14.531060

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

25004 / tcp

-1114821551 | 2025-03-17T10:10:20.324784

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

25565 / tcp

1911457608 | 2025-03-21T13:50:31.869031

\x00[\x00\x00\x00\x00\x00\x00

25952 / tcp

632542934 | 2025-03-07T05:05:51.859417

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

26657 / tcp

819727972 | 2025-03-12T01:38:04.258802

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

27015 / tcp

-232716176 | 2025-03-13T10:59:00.887742

Command: None
Size: 759714643
ID: 758132274
Type: 1852141647

27017 / tcp

1763259671 | 2025-02-23T21:55:52.008474

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

28818 / tcp

-1888448627 | 2025-03-18T04:31:03.829952

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

30002 / tcp

-1839934832 | 2025-03-12T16:33:48.945085

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

30003 / tcp

1261582754 | 2025-02-25T00:57:59.552371

unknown command 
unknown command

30008 / tcp

-1019343788 | 2025-03-20T11:44:16.898632

W!\x00\x00\x00\x00

30010 / tcp

-2096652808 | 2025-03-13T21:02:12.271541

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

30013 / tcp

1911457608 | 2025-03-08T11:51:48.872063

\x00[\x00\x00\x00\x00\x00\x00

30022 / tcp

-1872120160 | 2025-03-18T21:01:15.443530

">Application and Content Networking Software 3.9</a>)
</BODY><

30113 / tcp

819727972 | 2025-03-13T18:43:59.163396

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

30123 / tcp

165188539 | 2025-03-06T22:20:36.963555

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

30222 / tcp

-2107996212 | 2025-03-09T05:29:46.557194

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

30303 / tcp

1842524259 | 2025-03-19T21:08:00.641648

30422 / tcp

-1013082686 | 2025-03-13T10:47:01.917102

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

30468 / tcp

-1329831334 | 2025-03-14T16:56:24.433054

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

30522 / tcp

-1681927087 | 2025-03-12T13:35:57.407654

kjnkjabhbanc283ubcsbhdc72

30722 / tcp

1975288991 | 2025-03-13T12:31:33.615617

OPTI

30922 / tcp

1690634669 | 2025-03-20T21:27:32.948806

31022 / tcp

1286504516 | 2025-03-13T07:08:15.994090

CP2E Control Console
Connected to Host: gZI

31210 / tcp

165188539 | 2025-03-10T18:55:03.060060

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

31222 / tcp

1308377066 | 2025-03-13T03:29:05.335295

ncacn_http/1.0

31322 / tcp

-2033111675 | 2025-03-09T15:04:07.698048

~djb

31337 / tcp

-147424911 | 2025-02-28T14:06:45.661506

HTTP/1.1 404 Not Found
Content Length: 0

31422 / tcp

-971970408 | 2025-03-13T01:43:13.867003

31443 / tcp

-971970408 | 2025-03-12T17:32:57.862944

31722 / tcp

819727972 | 2025-03-12T20:54:26.908070

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

31822 / tcp

-441419608 | 2025-03-20T18:33:15.636433

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

32080 / tcp

-1399940268 | 2025-03-19T13:02:21.847537

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

32101 / tcp

-1399940268 | 2025-03-04T05:49:15.615865

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

32122 / tcp

819727972 | 2025-03-20T02:59:36.762648

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

32303 / tcp

-2089734047 | 2025-03-13T09:27:54.050533

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

32322 / tcp

1261582754 | 2025-03-16T13:57:57.976752

unknown command 
unknown command

32622 / tcp

1842524259 | 2025-03-21T02:42:25.293155

32764 / tcp

2087396567 | 2025-03-19T19:38:21.002144

kjnkjabhbanc283ubcsbhdc72

33222 / tcp

-971970408 | 2025-03-19T23:28:54.472261

33422 / tcp

-653033013 | 2025-03-19T16:20:57.317184

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

33522 / tcp

-1453516345 | 2025-03-20T14:22:52.332966

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

33622 / tcp

-1392039491 | 2025-03-21T04:22:48.967668

"Broadband Router"

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

33722 / tcp

-1230049476 | 2025-03-18T03:17:46.868414

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

33822 / tcp

-319440554 | 2025-03-18T10:29:09.756768

33922 / tcp

819727972 | 2025-03-18T01:28:38.072813

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

34422 / tcp

-971970408 | 2025-02-28T03:51:03.744262

34522 / tcp

819727972 | 2025-03-05T05:09:41.863166

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

34622 / tcp

-971970408 | 2025-03-19T08:49:52.782227

34722 / tcp

2087396567 | 2025-03-03T23:07:20.023182

kjnkjabhbanc283ubcsbhdc72

34822 / tcp

819727972 | 2025-03-19T05:25:56.673477

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

35000 / tcp

-1327660293 | 2025-02-25T02:20:36.753894

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

35002 / tcp

1504401647 | 2025-03-03T22:06:41.293246

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

35022 / tcp

819727972 | 2025-03-19T01:50:35.543080

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

35100 / tcp

1492413928 | 2025-03-03T18:39:06.610497

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

35322 / tcp

2087396567 | 2025-03-17T07:44:43.022498

kjnkjabhbanc283ubcsbhdc72

35422 / tcp

-971970408 | 2025-03-18T22:27:19.021407

35522 / tcp

819727972 | 2025-03-04T03:29:30.447182

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

35531 / tcp

1911457608 | 2025-03-19T21:08:08.583252

\x00[\x00\x00\x00\x00\x00\x00

35722 / tcp

380146262 | 2025-02-28T05:34:48.628785

@RSYNCD: 30.0

35822 / tcp

-2033111675 | 2025-03-17T16:57:44.252527

~djb

35922 / tcp

2087396567 | 2025-03-16T20:33:18.496775

kjnkjabhbanc283ubcsbhdc72

36022 / tcp

-441419608 | 2025-03-17T20:29:28.222930

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

36522 / tcp

1231376952 | 2025-02-28T19:43:21.184504

36822 / tcp

-1428621233 | 2025-03-18T13:57:21.771083

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

36922 / tcp

-952165951 | 2025-03-01T01:02:07.702586

AB

36983 / tcp

-1399940268 | 2025-03-13T13:03:39.123459

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

37322 / tcp

-2096652808 | 2025-02-28T21:57:04.416177

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

37422 / tcp

-971970408 | 2025-03-15T11:40:52.330120

37522 / tcp

-1611764932 | 2025-03-16T08:43:29.012391

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

37622 / tcp

2087396567 | 2025-02-28T10:37:27.119514

kjnkjabhbanc283ubcsbhdc72

37722 / tcp

1308377066 | 2025-03-15T23:25:35.528646

ncacn_http/1.0

37777 / tcp

-1399940268 | 2025-03-06T21:17:03.943400

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

37922 / tcp

2087396567 | 2025-03-18T00:07:16.108936

kjnkjabhbanc283ubcsbhdc72

38122 / tcp

2087396567 | 2025-03-15T18:23:59.529827

kjnkjabhbanc283ubcsbhdc72

38322 / tcp

-1148066627 | 2025-03-15T12:49:50.030912

\x00[\xc2\x84\xc2\x86\xc3\xb2\x7f\x00\x00

38522 / tcp

104385780 | 2025-03-13T23:03:07.458396

ceph v2

38722 / tcp

2087396567 | 2025-03-13T21:14:03.401586

kjnkjabhbanc283ubcsbhdc72

38822 / tcp

2087396567 | 2025-03-12T15:13:35.575221

kjnkjabhbanc283ubcsbhdc72

38880 / tcp

-1730858130 | 2025-03-10T10:58:53.786628

RFB 003.008
VNC:
  Protocol Version: 3.8

39222 / tcp

-1900404274 | 2025-03-13T15:59:53.959029

Unknown command

39422 / tcp

104385780 | 2025-02-20T19:12:38.427793

ceph v2

39522 / tcp

-441419608 | 2025-03-11T08:23:08.286197

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

39722 / tcp

-1611764932 | 2025-03-05T03:24:42.405491

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

39822 / tcp

1690634669 | 2025-03-12T04:53:54.722591

40022 / tcp

1690634669 | 2025-03-09T10:45:14.269580

40099 / tcp

597764502 | 2025-03-06T01:07:49.354121

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

40222 / tcp

-971970408 | 2025-03-04T09:46:44.151549

40892 / tcp

-2089734047 | 2025-03-14T05:15:32.103928

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

41022 / tcp

1741579575 | 2025-03-08T22:05:40.677466

41122 / tcp

-971970408 | 2025-02-27T15:14:47.927039

41222 / tcp

2087396567 | 2025-03-05T01:06:00.447239

kjnkjabhbanc283ubcsbhdc72

41522 / tcp

-1189269828 | 2025-03-04T20:22:52.114184

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

41800 / tcp

1975288991 | 2025-03-05T03:32:53.804168

OPTI

41822 / tcp

171352214 | 2025-03-07T16:54:14.814468

-ERR client ip is not in whitelist

42022 / tcp

-2033111675 | 2025-03-04T15:08:58.303955

~djb

42222 / tcp

-1045760528 | 2025-03-04T22:09:16.853684

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

42422 / tcp

2087396567 | 2025-03-04T18:39:38.678757

kjnkjabhbanc283ubcsbhdc72

43222 / tcp

-2107996212 | 2025-02-28T23:25:05.710835

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

43322 / tcp

-1013082686 | 2025-02-27T20:52:45.809327

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

43622 / tcp

2103111368 | 2025-02-26T23:17:43.367274

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

43822 / tcp

2087396567 | 2025-02-27T00:56:40.330523

kjnkjabhbanc283ubcsbhdc72

44021 / tcp

-1399940268 | 2025-03-12T07:48:21.230194

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

44022 / tcp

-319440554 | 2025-02-26T20:29:50.016777

44158 / tcp

-433302150 | 2025-03-19T18:15:30.406167

/multistream/1.0.0

44336 / tcp

-1399940268 | 2025-02-25T21:04:28.351221

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

44345 / tcp

380146262 | 2025-02-27T18:28:36.158555

@RSYNCD: 30.0

44365 / tcp

1011407350 | 2025-02-21T18:28:47.176206

* OK GroupWise IMAP4rev1 Server Ready\r\n

44444 / tcp

51259122 | 2025-03-11T17:25:31.808778

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

44818 / tcp

-1399940268 | 2025-03-10T02:59:22.309720

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

45022 / tcp

819727972 | 2025-03-10T15:11:28.963365

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

45222 / tcp

539065883 | 2025-02-25T18:50:12.990306

45322 / tcp

-358801646 | 2025-02-25T17:03:14.112391

SSH-2.0-OpenSSH_6.6.1

45622 / tcp

-1648456501 | 2025-02-25T13:35:46.436628

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

45666 / tcp

1541211644 | 2025-03-19T17:02:44.033409

[\xc2\xba\x7fs\x7f

45822 / tcp

-801484042 | 2025-03-10T11:38:48.194641

ERR 27

46022 / tcp

539065883 | 2025-02-25T07:16:44.997967

46122 / tcp

-79865617 | 2025-02-25T04:58:35.336515

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com
mit-revprops depth log-revprops partial-replay ) ) )

46222 / tcp

-1392039491 | 2025-02-24T09:56:09.615847

"Broadband Router"

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

46922 / tcp

1852418385 | 2025-02-23T23:55:13.640908

RTSP/1.0 453 Not Enough Bandwidth
Server: AirTunes/7l_wZ

47080 / tcp

-891714208 | 2025-03-05T08:32:10.192881

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

47122 / tcp

-1428621233 | 2025-02-23T21:45:57.244837

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

47222 / tcp

819727972 | 2025-02-23T20:10:24.916036

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

47422 / tcp

-2031152423 | 2025-02-25T00:06:12.861367

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

47622 / tcp

-154107716 | 2025-02-25T01:31:38.250318

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

47989 / tcp

-2096652808 | 2025-03-10T15:38:35.838130

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

47990 / tcp

660175493 | 2025-03-11T06:57:22.549951

48022 / tcp

1082732927 | 2025-03-07T10:04:39.550799

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

48522 / tcp

2087396567 | 2025-03-09T21:49:13.148786

kjnkjabhbanc283ubcsbhdc72

48622 / tcp

-1611764932 | 2025-02-24T18:42:55.846414

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

48722 / tcp

539065883 | 2025-02-23T09:41:30.738608

48822 / tcp

-1990350878 | 2025-02-24T16:45:19.622747

 
04 \...

49122 / tcp

1690634669 | 2025-02-21T05:26:03.014216

49322 / tcp

819727972 | 2025-02-20T21:03:57.473033

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

49501 / tcp

-2089734047 | 2025-03-19T22:06:02.887228

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

49592 / tcp

-1399940268 | 2025-03-06T16:11:35.190390

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

49694 / tcp

819727972 | 2025-03-06T22:21:39.535733

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

49822 / tcp

-68075478 | 2025-02-22T19:37:24.552578

49922 / tcp

819727972 | 2025-02-22T18:09:31.155759

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

50000 / tcp

-971970408 | 2025-03-18T14:18:46.649055

50009 / tcp

897328069 | 2025-03-18T06:27:05.418405

220 mail.scott000.com ESMTP

50050 / tcp

401555314 | 2025-03-16T12:06:45.102738

NB[GFXjA^R

50073 / tcp

-1907909544 | 2025-03-19T16:43:30.256252

\r\nHello, this is Quagga (version 0T).\r\nCopyright 1996-200

50107 / tcp

321971019 | 2025-03-06T06:06:36.448469

-ERR client ip is not in whitelist\r

50122 / tcp

819727972 | 2025-03-15T05:47:27.600161

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

50222 / tcp

740837454 | 2025-02-22T06:29:15.674787

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

50522 / tcp

-1839934832 | 2025-02-21T22:18:22.707551

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

50622 / tcp

-971970408 | 2025-02-21T19:22:38.373175

51003 / tcp

1911457608 | 2025-02-26T20:18:53.056725

\x00[\x00\x00\x00\x00\x00\x00

51201 / tcp

1911457608 | 2025-03-18T02:11:51.708194

\x00[\x00\x00\x00\x00\x00\x00

51322 / tcp

1690634669 | 2025-02-21T09:16:54.672569

51622 / tcp

539065883 | 2025-02-21T01:58:14.342198

52311 / tcp

321971019 | 2025-03-19T03:04:31.616960

-ERR client ip is not in whitelist\r

52951 / tcp

1911457608 | 2025-02-23T22:22:57.834933

\x00[\x00\x00\x00\x00\x00\x00

53022 / tcp

-805362002 | 2025-03-07T06:36:03.825679

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

54138 / tcp

819727972 | 2025-03-16T01:59:08.266623

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

55000 / tcp

-801484042 | 2025-03-19T23:26:31.975986

ERR 27

55022 / tcp

1842524259 | 2025-03-07T03:08:31.028828

55055 / tcp

-1373613804 | 2025-02-24T01:08:07.521903

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

55081 / tcp

632542934 | 2025-03-13T16:00:00.836460

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

55222 / tcp

171352214 | 2025-03-07T01:52:21.992531

-ERR client ip is not in whitelist

55422 / tcp

-1373613804 | 2025-03-06T16:56:20.128270

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

55443 / tcp

2087396567 | 2025-03-19T14:06:18.753777

kjnkjabhbanc283ubcsbhdc72

55490 / tcp

165188539 | 2025-02-26T15:48:35.027631

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

55522 / tcp

-154107716 | 2025-03-06T22:04:19.947019

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

55553 / tcp

819727972 | 2025-03-18T18:21:18.489639

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

55554 / tcp

-1399940268 | 2025-03-06T19:11:23.112296

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

55822 / tcp

-314039103 | 2025-03-06T21:12:49.082957

Surnom.
Sorry, that nickname format is invalid.

57722 / tcp

472902042 | 2025-03-06T07:03:36.065945

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

57784 / tcp

1911457608 | 2025-03-18T04:55:55.813367

\x00[\x00\x00\x00\x00\x00\x00

57786 / tcp

819727972 | 2025-02-24T18:41:58.885947

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

57787 / tcp

1911457608 | 2025-03-10T16:52:50.810090

\x00[\x00\x00\x00\x00\x00\x00

58122 / tcp

-441419608 | 2025-03-06T01:53:29.233383

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

58322 / tcp

1690634669 | 2025-03-05T22:24:48.081353

58422 / tcp

819727972 | 2025-03-05T20:41:09.473137

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

58522 / tcp

819727972 | 2025-03-05T18:57:51.309740

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

58722 / tcp

-1810987450 | 2025-03-05T18:59:55.104734

\xc3\xbf

58922 / tcp

-971970408 | 2025-03-05T13:48:03.106134

59222 / tcp

1741579575 | 2025-03-05T08:38:13.174033

60099 / tcp

722711397 | 2025-03-05T10:53:20.161958

\x00[M\xc3\xba\xc3\x9a\x7f\x00\x00

60129 / tcp

2087396567 | 2025-03-20T04:56:25.525171

kjnkjabhbanc283ubcsbhdc72

61613 / tcp

1911457608 | 2025-03-05T04:52:50.374826

\x00[\x00\x00\x00\x00\x00\x00

61616 / tcp

539065883 | 2025-02-28T07:50:07.070970

62078 / tcp

-575085326 | 2025-03-20T11:12:59.555805

\x00\x00\x01)

62237 / tcp

-1399940268 | 2025-03-13T17:28:39.986557

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

63210 / tcp

1741579575 | 2025-03-14T22:09:27.396160

63256 / tcp

1231376952 | 2025-03-19T08:20:13.686604

63257 / tcp

-1648456501 | 2025-03-11T13:40:50.484930

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

63260 / tcp

-303199180 | 2025-03-21T01:30:50.617695

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

139.196.119.226

Last Seen: 2025-03-21

Tags:

GeneralInformation

WebTechnologies

OpenPorts

11 / tcp 2087396567 | 2025-03-14T08:31:43.050719

13 / tcp 1286504516 | 2025-03-14T01:56:24.699105

15 / tcp 1492413928 | 2025-03-18T18:15:16.173200

17 / tcp -255236012 | 2025-03-15T23:38:46.127476

19 / tcp 829384519 | 2025-03-17T02:51:49.625669

23 / tcp -1288412979 | 2025-03-18T23:18:01.939093

25 / tcp -1399940268 | 2025-03-16T13:22:04.859988

37 / tcp 1092730853 | 2025-03-21T06:15:21.014540

70 / tcp -833941849 | 2025-03-18T01:44:54.913250

79 / tcp -1114094007 | 2025-03-16T02:41:23.799993

80 / tcp 1589382936 | 2025-03-18T20:41:31.160780

Hashes

92 / tcp 819727972 | 2025-02-27T04:16:53.677360

95 / tcp 819727972 | 2025-03-11T13:03:49.114800

99 / tcp 1713556628 | 2025-03-03T20:55:46.275369

101 / tcp -792826324 | 2025-02-21T00:56:57.430931

102 / tcp 321971019 | 2025-03-20T23:14:21.412339

104 / tcp 117101543 | 2025-03-14T08:48:36.054158

110 / tcp 1370263973 | 2025-02-24T20:46:31.434467

111 / tcp 2032042134 | 2025-03-15T18:02:54.787092

113 / tcp -1777894858 | 2025-03-14T16:42:30.643235

119 / tcp 141730637 | 2025-02-28T07:29:13.963426

135 / tcp 96945398 | 2025-03-14T03:29:01.941178

143 / tcp -1939513550 | 2025-03-08T12:03:33.770956

175 / tcp 819727972 | 2025-03-20T16:27:09.289139

179 / tcp -399606100 | 2025-03-18T01:53:53.917204

192 / tcp -1399940268 | 2025-03-13T06:59:14.938808

221 / tcp 1911457608 | 2025-03-09T07:45:04.634009

234 / tcp -1399940268 | 2025-03-11T09:24:16.861168

264 / tcp 1672388472 | 2025-03-20T19:21:29.609039

389 / tcp -1743283776 | 2025-03-10T16:24:56.695792

400 / tcp -1626979812 | 2025-03-17T22:56:27.805399

443 / tcp 1723190205 | 2025-03-04T10:28:12.369310

Hashes

449 / tcp 1911457608 | 2025-02-20T16:57:00.731540

451 / tcp -1399940268 | 2025-03-05T13:51:34.152828

462 / tcp 819727972 | 2025-02-27T13:41:26.982770

465 / tcp 897328069 | 2025-03-08T20:26:43.190800

480 / tcp 1370263973 | 2025-03-12T10:56:28.848497

485 / tcp -1399940268 | 2025-03-04T20:08:11.408676

502 / tcp 1726594447 | 2025-03-12T05:03:40.167133

513 / tcp -2096652808 | 2025-03-21T01:13:22.094160

541 / tcp 268285291 | 2025-03-05T20:22:51.120765

548 / tcp -969286897 | 2025-03-19T20:11:27.197996

554 / tcp 902688621 | 2025-02-20T14:46:27.417701

555 / tcp -1641514916 | 2025-03-12T21:30:36.731856

587 / tcp 745343730 | 2025-03-16T03:56:44.633841

593 / tcp 1308377066 | 2025-03-07T18:15:10.452348

666 / tcp 1300162323 | 2025-02-28T18:51:46.530674

689 / tcp -1399940268 | 2025-02-26T22:32:00.185075

771 / tcp 740837454 | 2025-03-14T03:39:40.878390

789 / tcp 165188539 | 2025-03-18T14:23:28.067705

831 / tcp 1911457608 | 2025-02-27T06:49:58.237412

873 / tcp -1598265216 | 2025-03-20T06:16:26.775076

885 / tcp -2096652808 | 2025-03-18T18:38:09.580338

943 / tcp -1986594217 | 2025-03-16T16:35:04.891257

947 / tcp 1830697416 | 2025-03-16T10:51:21.145014

992 / tcp -936692830 | 2025-03-16T02:54:43.801100

993 / tcp -1888448627 | 2025-02-23T01:49:47.859938

994 / tcp 1543809371 | 2025-03-16T02:24:06.344609

995 / tcp -1199842642 | 2025-02-27T20:11:29.963072

1025 / tcp -345718689 | 2025-03-20T02:51:37.464865

1063 / tcp -1399940268 | 2025-03-05T20:10:34.718193

1080 / tcp 1362344524 | 2025-03-18T09:36:20.570511

1099 / tcp 1911457608 | 2025-03-15T23:08:17.555090

1177 / tcp -1248408558 | 2025-03-14T15:58:28.315781

1190 / tcp 820958131 | 2025-02-27T03:54:10.022356

1207 / tcp -903067560 | 2025-03-20T09:00:10.048227

1234 / tcp 819727972 | 2025-03-18T00:49:30.786204

1337 / tcp 1842524259 | 2025-03-17T16:27:52.341853

1366 / tcp -1399940268 | 2025-03-19T16:26:51.488822

1388 / tcp 1830697416 | 2025-02-25T01:32:48.209531

1453 / tcp -249504111 | 2025-02-28T02:54:15.203191

1515 / tcp -2031152423 | 2025-03-13T02:26:37.449410

11 / tcp

2087396567 | 2025-03-14T08:31:43.050719

13 / tcp

1286504516 | 2025-03-14T01:56:24.699105

15 / tcp

1492413928 | 2025-03-18T18:15:16.173200

17 / tcp

-255236012 | 2025-03-15T23:38:46.127476

19 / tcp

829384519 | 2025-03-17T02:51:49.625669

23 / tcp

-1288412979 | 2025-03-18T23:18:01.939093

25 / tcp

-1399940268 | 2025-03-16T13:22:04.859988

37 / tcp

1092730853 | 2025-03-21T06:15:21.014540

70 / tcp

-833941849 | 2025-03-18T01:44:54.913250

79 / tcp

-1114094007 | 2025-03-16T02:41:23.799993

80 / tcp

1589382936 | 2025-03-18T20:41:31.160780

92 / tcp

819727972 | 2025-02-27T04:16:53.677360

95 / tcp

819727972 | 2025-03-11T13:03:49.114800

99 / tcp

1713556628 | 2025-03-03T20:55:46.275369

101 / tcp

-792826324 | 2025-02-21T00:56:57.430931

102 / tcp

321971019 | 2025-03-20T23:14:21.412339

104 / tcp

117101543 | 2025-03-14T08:48:36.054158

110 / tcp

1370263973 | 2025-02-24T20:46:31.434467

111 / tcp

2032042134 | 2025-03-15T18:02:54.787092

113 / tcp

-1777894858 | 2025-03-14T16:42:30.643235

119 / tcp

141730637 | 2025-02-28T07:29:13.963426

135 / tcp

96945398 | 2025-03-14T03:29:01.941178

143 / tcp

-1939513550 | 2025-03-08T12:03:33.770956

175 / tcp

819727972 | 2025-03-20T16:27:09.289139

179 / tcp

-399606100 | 2025-03-18T01:53:53.917204

192 / tcp

-1399940268 | 2025-03-13T06:59:14.938808

221 / tcp

1911457608 | 2025-03-09T07:45:04.634009

234 / tcp

-1399940268 | 2025-03-11T09:24:16.861168

264 / tcp

1672388472 | 2025-03-20T19:21:29.609039

389 / tcp

-1743283776 | 2025-03-10T16:24:56.695792

400 / tcp

-1626979812 | 2025-03-17T22:56:27.805399

443 / tcp

1723190205 | 2025-03-04T10:28:12.369310

449 / tcp

1911457608 | 2025-02-20T16:57:00.731540

451 / tcp

-1399940268 | 2025-03-05T13:51:34.152828

462 / tcp

819727972 | 2025-02-27T13:41:26.982770

465 / tcp

897328069 | 2025-03-08T20:26:43.190800

480 / tcp

1370263973 | 2025-03-12T10:56:28.848497

485 / tcp

-1399940268 | 2025-03-04T20:08:11.408676

502 / tcp

1726594447 | 2025-03-12T05:03:40.167133

513 / tcp

-2096652808 | 2025-03-21T01:13:22.094160

541 / tcp

268285291 | 2025-03-05T20:22:51.120765

548 / tcp

-969286897 | 2025-03-19T20:11:27.197996

554 / tcp

902688621 | 2025-02-20T14:46:27.417701

555 / tcp

-1641514916 | 2025-03-12T21:30:36.731856

587 / tcp

745343730 | 2025-03-16T03:56:44.633841

593 / tcp

1308377066 | 2025-03-07T18:15:10.452348

666 / tcp

1300162323 | 2025-02-28T18:51:46.530674

689 / tcp

-1399940268 | 2025-02-26T22:32:00.185075

771 / tcp

740837454 | 2025-03-14T03:39:40.878390

789 / tcp

165188539 | 2025-03-18T14:23:28.067705

831 / tcp

1911457608 | 2025-02-27T06:49:58.237412

873 / tcp

-1598265216 | 2025-03-20T06:16:26.775076

885 / tcp

-2096652808 | 2025-03-18T18:38:09.580338

943 / tcp

-1986594217 | 2025-03-16T16:35:04.891257

947 / tcp

1830697416 | 2025-03-16T10:51:21.145014

992 / tcp

-936692830 | 2025-03-16T02:54:43.801100

993 / tcp

-1888448627 | 2025-02-23T01:49:47.859938

994 / tcp

1543809371 | 2025-03-16T02:24:06.344609

995 / tcp

-1199842642 | 2025-02-27T20:11:29.963072

1025 / tcp

-345718689 | 2025-03-20T02:51:37.464865

1063 / tcp

-1399940268 | 2025-03-05T20:10:34.718193

1080 / tcp

1362344524 | 2025-03-18T09:36:20.570511

1099 / tcp

1911457608 | 2025-03-15T23:08:17.555090

1177 / tcp

-1248408558 | 2025-03-14T15:58:28.315781

1190 / tcp

820958131 | 2025-02-27T03:54:10.022356

1207 / tcp

-903067560 | 2025-03-20T09:00:10.048227

1234 / tcp

819727972 | 2025-03-18T00:49:30.786204

1337 / tcp

1842524259 | 2025-03-17T16:27:52.341853

1366 / tcp

-1399940268 | 2025-03-19T16:26:51.488822

1388 / tcp

1830697416 | 2025-02-25T01:32:48.209531

1453 / tcp

-249504111 | 2025-02-28T02:54:15.203191

1515 / tcp

-2031152423 | 2025-03-13T02:26:37.449410

1521 / tcp

2002686051 | 2025-03-13T02:13:03.794413

1554 / tcp

321971019 | 2025-03-04T05:18:55.722948

1588 / tcp

1911457608 | 2025-03-04T22:27:26.642900

1599 / tcp

-971970408 | 2025-02-22T04:19:15.538849

1604 / tcp

-154107716 | 2025-03-04T23:06:53.797593

1800 / tcp

1911457608 | 2025-03-15T09:13:19.668571

1801 / tcp

1535389866 | 2025-03-17T21:59:18.160823

1926 / tcp

-358801646 | 2025-03-12T08:42:31.027007