GeneralInformation

Hostnames	ahengheahvongyi.1688.com right.arn.1688.com asjvbongjixie.1688.com baidabengye.1688.com diqian.1688.com jonghvogs.1688.com shog1429548421557.1688.com shog6241b045g3109.1688.com shog641o1n76057k9.1688.com shog6t37772q01486.1688.com shop0397112nnc805.1688.com ydbvtterfjy.1688.com yvonfon.1688.com ywlanlong.1688.com m.2cloo.com aliapp-open.9game.cn aontroat.ojibobo-ina.aon.alibaba-inc.com gre-jstroaker.ojibobo-ina.aon.alibaba-inc.com dtoolnlsql.alibaba-inc.com pai.dw.alibaba-inc.com filebroker.aliexpress.com baseus6.pt.aliexpress.com roundrinn.aliexpress.com esa.ojiyvn-ina.aon.aliyun-inc.com gde.ojiyvn-ina.aon.aliyun-inc.com gresto-gvbjia.ojiyvn-ina.aon.aliyun-inc.com ron-internoj.og-northeost-1.ojiyvn-ina.aon.aliyun-inc.com qt-stability-locate.aliyun-inc.com aliyun.com ais-delivery.aliyun.com alimail-cn.aliyun.com tn.aonsoje.aliyun.com vvg.aonsoje.aliyun.com yvndvn.aonsoje.aliyun.com apr.aliyun.com aurora2.aliyun.com bloan.aliyun.com eci-vpc.cn-shanghai.aliyun.com devops.aliyun.com djsz99.aliyun.com luxiaunt.aliyun.com serviae.an-beijing.noxaongvte.aliyun.com ojibobodood.aliyun.com p2p-msc.aliyun.com pop3.aliyun.com shop1443459323612.aliyun.com shop36825243.aliyun.com shop36912637.aliyun.com ververica-share.aliyun.com xy.aliyun.com eas-vga.an-shenzhen.aliyuncs.com eas.ne-eost-1.aliyuncs.com dofogenogi.og-sovtheost-1.aliyuncs.com adiu.amap.com apistore.amap.com m5-x.amap.com sns.amap.com tp-unify.cainiao-inc.com work.cainiao.com cainiaoyizhan.com bridge.dingtalk.com vip.dingtalk.com clairvoyant.ele.me wwwapp.faas.ele.me wwwservice.faas.ele.me nrshop.ele.me h5api.m.etao.com wwwcontrol.fl.fliggy.com guoguo-app.com acs-wapa.lazada.co.th prs.lazada.com affiliate.lazada.sg redmart.lazada.sg servicemarket.lazada.sg shop-alimebot.lazada.sg drive-pc.quark.cn 880629.taobao.com shog36735366.taobao.com zhooshong.taobao.com barn.taobao.org deb.san.tmall.com zhooshong.tmall.com apm.umeng.com msg.umeng.com www0.pamela.xixikf.cn www9.smt2.xixikf.cn mi.atm.youku.com mail.yuanzhou.com.cn
Domains	1688.com 2cloo.com 9game.cn alibaba-inc.com aliexpress.com aliyun-inc.com aliyun.com aliyuncs.com amap.com cainiao-inc.com cainiao.com cainiaoyizhan.com dingtalk.com ele.me etao.com fliggy.com guoguo-app.com lazada.co.th lazada.com lazada.sg quark.cn taobao.com taobao.org tmall.com umeng.com xixikf.cn youku.com yuanzhou.com.cn
Country	China
City	Zhangjiakou
Organization	Hangzhou Alibaba Advertising Co.,Ltd.
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2024(1)

CVE-2024-6387

8.1A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(2)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

2019(8)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

CVE-2019-2452

6.7Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebLogic Server accessible data as well as unauthorized read access to a subset of Oracle WebLogic Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server. CVSS 3.0 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H).

CVE-2019-2418

6.5Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. While the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data as well as unauthorized read access to a subset of Oracle WebLogic Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.0 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L).

CVE-2019-2398

4.3Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Deployment). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).

CVE-2019-2395

5.4Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected is 10.3.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebLogic Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.0 Base Score 5.4 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L).

2018(5)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

CVE-2018-3213

7.5Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Docker Images). The supported version that is affected is prior to Docker 12.2.1.3.20180913. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

CVE-2018-1258

8.8Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.

2017(1)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(4)

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(1)

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 15 17 23 25 26 43 49 53 80 92 102 104 113 119 135 179 180 195 211 221 263 264 311 385 389 443 444 513 515 548 554 593 602 646 666 689 771 832 833 888 902 992 993 995 1022 1023 1025 1099 1153 1177 1200 1234 1337 1366 1414 1433 1459 1460 1521 1599 1604 1650 1723 1800 1883 1911 1926 1952 1962 1964 1972 2000 2001 2002 2003 2008 2063 2067 2081 2083 2096 2121 2130 2154 2181 2222 2323 2332 2345 2362 2376 2404 2443 2455 2548 2563 2628 2761 2762 3001 3007 3008 3060 3072 3077 3090 3101 3111 3124 3131 3149 3158 3174 3182 3190 3260 3269 3299 3301 3310 3341 3388 3389 3407 3503 3522 3551 3557 3570 3590 3780 3790 3792 3910 4000 4022 4064 4118 4150 4160 4190 4242 4282 4300 4321 4433 4439 4440 4443 4444 4449 4500 4602 4786 4808 4821 4840 4899 4911 4949 5001 5007 5010 5025 5070 5083 5089 5100 5201 5222 5247 5249 5257 5262 5274 5280 5432 5435 5495 5557 5568 5597 5672 5858 5984 5986 5991 5993 6000 6002 6443 6503 6505 6581 6600 6605 6666 6667 6668 6688 6697 6799 7001 7010 7272 7348 7434 7443 7548 7634 7700 7778 7799 8000 8011 8034 8035 8054 8071 8072 8074 8078 8081 8083 8085 8087 8093 8099 8100 8113 8116 8129 8136 8139 8140 8150 8156 8161 8167 8177 8181 8185 8191 8200 8203 8239 8284 8381 8393 8421 8434 8442 8443 8453 8463 8480 8494 8514 8525 8545 8548 8549 8550 8554 8556 8582 8583 8586 8596 8599 8600 8621 8649 8709 8728 8767 8804 8823 8827 8828 8835 8839 8845 8857 8858 8868 8880 8883 8899 8905 8910 8915 9000 9001 9002 9004 9011 9018 9019 9028 9039 9040 9083 9085 9091 9092 9095 9107 9113 9128 9134 9148 9149 9150 9151 9158 9169 9206 9209 9210 9220 9222 9242 9249 9251 9306 9333 9383 9387 9433 9446 9447 9455 9480 9530 9532 9682 9761 9779 9797 9888 9898 9902 9939 9943 9944 9990 9998 9999 10000 10024 10030 10039 10043 10050 10051 10066 10134 10249 10250 10393 10443 10533 10909 11288 11300 11481 12000 12016 12101 12105 12107 12111 12116 12133 12134 12139 12140 12143 12146 12168 12176 12206 12213 12257 12258 12265 12271 12273 12297 12315 12326 12332 12336 12345 12347 12361 12363 12376 12405 12434 12437 12451 12473 12476 12483 12493 12500 12532 12533 12548 12566 12571 12572 12574 12575 12580 12587 13047 14147 14344 14443 14875 15038 15042 15443 16001 16013 16020 16021 16025 16044 16045 16058 16069 16097 16404 16464 16993 17773 17776 18028 18037 18080 18081 18082 18091 18096 18104 18108 18225 18245 18264 18443 19443 20053 20090 20150 20256 20547 21001 21002 21025 21084 21232 21246 21260 21284 21299 21301 21315 21319 21324 21357 21379 22000 22069 22556 22609 23023 23128 23424 24245 25001 25005 25105 25565 25782 27015 27016 27036 28015 28017 28080 29799 30003 30017 30022 30050 30122 30222 30322 30501 30522 30622 30700 30722 30822 31022 31122 31222 31322 31337 31380 31443 31522 31722 31822 31922 32102 32222 32322 32522 32764 32922 33222 33322 33422 33522 33622 33722 34122 34222 34225 34322 34622 34822 34922 35000 35022 35222 35322 35422 35522 35622 35722 35822 35922 36022 36122 36222 36422 36522 36622 36722 36822 37022 37122 37222 37322 37422 37522 37622 37722 37777 37922 38322 38333 38822 38880 38922 39022 39422 39722 39822 40022 40222 40322 40522 41022 41222 41443 41794 42222 42422 42922 44021 44320 45005 45668 45886 46001 47000 47922 47989 49080 49153 49501 50000 50010 50013 50070 50100 50103 50777 51004 51106 51443 52022 53400 54922 55000 55422 55442 55443 55553 55554 55722 57622 57722 57822 57922 58392 58422 58822 58922 59322 61616 61619 62078 63210 63256 63257 63260

11 / tcp

2087396567 | 2025-03-19T08:08:36.882551

kjnkjabhbanc283ubcsbhdc72

13 / tcp

1286504516 | 2025-03-12T10:58:56.929801

CP2E Control Console
Connected to Host: gZI

15 / tcp

1911457608 | 2025-03-09T22:44:28.275440

\x00[\x00\x00\x00\x00\x00\x00

17 / tcp

-1784271535 | 2025-03-24T18:42:13.004108

inv2W\x04\x0f\x01

23 / tcp

164764193 | 2025-03-15T07:14:01.846224

(none) login:

25 / tcp

669849225 | 2025-03-11T00:39:03.064275

SSH-98.60-SysaxSSH_81885..42\r\n

26 / tcp

-2017887953 | 2025-03-25T00:17:57.708787

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

43 / tcp

-971970408 | 2025-03-23T07:26:53.142050

49 / tcp

588096080 | 2025-03-29T07:41:54.639609

\\x00\\x00\\x01\\x00

53 / tcp

1369632081 | 2025-03-19T23:46:20.847679

9
\x81\x80\x00\x01\x00\x02\x00\x00\x00\x00\x08clients1\x06google\x03com\x00\x00\x01\x00\x01\xc0\x00\x05\x00\x01\x00\x00\x01\x03\x00\x07clients\x01l\xc0\x15\xc01\x00\x01\x00\x01\x00\x00\x01\x14\x00\x04\xac٠N
\x00\x06\x85\x80\x00\x01\x00\x01\x00\x00\x00

80 / tcp

-1613702026 | 2025-03-20T15:50:38.414243

Hashes

hash

-1681354962

http.dom_hash

497087211

http.html_hash

-1613702026

http.server_hash

-1363249092

http.title_hash

-1828380909

302 Found

HTTP/1.1 302 Moved Temporarily
Date: Thu, 20 Mar 2025 15:50:38 GMT
Content-Type: text/html
Content-Length: 337
Connection: keep-alive
Location: http://www.taobao.com/
Server: Tengine/Aserver
Via: aserver033080067159.center.na620[web,302]

92 / tcp

819727972 | 2025-03-13T16:13:54.103870

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

102 / tcp

-1019343788 | 2025-03-05T10:10:05.220826

W!\x00\x00\x00\x00

104 / tcp

820958131 | 2025-03-05T11:32:10.742058

kjnkjabhbanc283ubcsbhdc72\x02

113 / tcp

-1845554491 | 2025-03-10T09:28:47.706442

113 , 41358 : USERID : OTHER :99

119 / tcp

141730637 | 2025-03-28T10:25:36.992090

HTTP/1.0 200 OK
Server: Proxy

135 / tcp

1040118286 | 2025-03-11T02:34:19.681669

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: WIN-IG71DFESOT5\n IP2: 60.199.208.208\n IP3: 2001:0:2851:782c:38f3:5c2:c338:2f2f\n\nNTLMSSP:\nTarget_Name: WIN-IG71DFESOT5\nProduct_Version: 10.0.14393 Ntlm 15\nOS: Windows 10, Version 1607/Windows Server 2016, Version 1607\nNetBIOS_Domain_Name: WIN-IG71DFESOT5\nNetBIOS_Computer_Name: WIN-IG71DFESOT5\nDNS_Domain_Name: WIN-IG71DFESOT5\nDNS_Computer_Name: WIN-IG71DFESOT5\nSystem_Time: 2024-01-22 08:14:35 +0

179 / tcp

-399606100 | 2025-03-19T17:56:30.250750

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

180 / tcp

165188539 | 2025-03-13T01:34:23.317025

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

195 / tcp

-1881409212 | 2025-03-08T14:35:54.868681

[ò

211 / tcp

1623746877 | 2025-02-28T18:03:29.536880

500 Permission denied - closing connection.\r\n

221 / tcp

455076604 | 2025-03-22T11:58:28.052935

!\x07version\x04bind7 t{RPowerDNS Recursor 410

263 / tcp

1911457608 | 2025-03-23T20:10:12.516153

\x00[\x00\x00\x00\x00\x00\x00

264 / tcp

-1547821026 | 2025-03-10T23:16:26.423224

CheckPoint\nFirewall Host: CPFWVSX1A_Audi_ODP_S2S_vsfw\nSmartCenter Host: admin..afx8nn\\x00\n

311 / tcp

1975288991 | 2025-03-16T18:03:18.246687

OPTI

385 / tcp

-1888448627 | 2025-03-23T16:33:49.864152

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

389 / tcp

-1743283776 | 2025-03-24T12:27:02.492964

0\x0c\\x02\\x01\\x01a\\x07\n\\x01\\x04\\x04

443 / tcp

-1898805192 | 2025-03-25T16:35:05.046651

Hashes

hash

-589130236

http.dom_hash

-1102273324

http.html_hash

-1898805192

http.server_hash

-1363249092

http.title_hash

-1828380909

302 Found

HTTP/1.1 302 Found
Date: Tue, 25 Mar 2025 16:35:04 GMT
Content-Type: text/html
Content-Length: 258
Connection: keep-alive
Location: http://err.taobao.com/error1.html
Server: Tengine/Aserver
EagleEye-TraceId: 215043b617429205047174842ed29d
Strict-Transport-Security: max-age=0
Timing-Allow-Origin: *

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:9c:16:53:5f:c3:a3:c5:70:da:20
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 OV TLS CA 2024
        Validity
            Not Before: Dec  6 05:57:01 2024 GMT
            Not After : Jun  8 02:56:01 2025 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.work.cainiao.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:9c:57:29:b8:5b:62:0d:96:8b:86:cd:b0:60:88:
                    54:9d:ae:fc:03:18:f2:9b:fc:f4:95:09:d3:26:f7:
                    63:0c:2a:5e:d4:7f:3c:a5:9a:f4:b2:99:a4:73:f1:
                    b5:e1:4d:5a:79:a6:3c:50:27:29:57:39:fe:e8:f5:
                    b7:52:4a:0e:cd
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr3ovtlsca2024.crt
                OCSP - URI:http://ocsp.globalsign.com/gsgccr3ovtlsca2024
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                Policy: 1.3.6.1.4.1.4146.10.1.2
                  CPS: https://www.globalsign.com/repository/
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsgccr3ovtlsca2024.crl
            X509v3 Subject Alternative Name: 
                DNS:*.work.cainiao.com, DNS:*.cainiaoyizhan.com, DNS:*.cnyz.guoguo-app.com, DNS:*.dms.cainiao.com, DNS:*.express.cainiao.com, DNS:*.global.cainiao.com, DNS:*.guoguo-app.com, DNS:*.m.cainiaoyizhan.com, DNS:*.m.guoguo-app.com, DNS:*.park.cainiao.com, DNS:*.scm.cainiao.com, DNS:*.sec.cainiao.com, DNS:*.wapa.cainiaoyizhan.com, DNS:*.wapa.guoguo-app.com, DNS:*.wms.cainiao.com, DNS:cainiaoyizhan.com, DNS:guoguo-app.com, DNS:work.cainiao.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                DA:D3:A8:08:48:0C:34:37:58:EE:E5:A7:75:2E:59:FC:D6:DC:3C:38
            X509v3 Subject Key Identifier: 
                37:94:95:3F:62:23:EC:D9:7E:F4:91:A9:8B:05:3E:19:C0:42:E7:5D
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Dec  6 05:57:04.214 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:EF:C7:09:24:B8:1E:56:98:B2:1C:50:
                                32:36:20:05:91:1F:AC:BA:69:8F:0E:83:F5:7D:C8:33:
                                20:62:EE:D4:42:02:21:00:E4:59:8F:F3:B4:04:18:1C:
                                40:15:0C:CD:ED:22:16:17:03:CE:EE:11:FD:00:13:6A:
                                79:3F:88:C7:B0:07:3D:D0
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Dec  6 05:57:04.516 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:81:B5:9F:BE:E9:A0:F2:D5:5C:4F:D8:
                                9C:3E:2E:B0:3A:73:13:86:91:6D:25:F6:86:54:19:8A:
                                95:61:96:8A:24:02:21:00:F0:FA:2E:F4:9A:B0:A7:87:
                                8D:2A:47:C4:E9:F3:E9:AE:EF:84:35:A9:67:51:B7:92:
                                55:F8:D1:BC:AF:7B:F8:84
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E0:92:B3:FC:0C:1D:C8:E7:68:36:1F:DE:61:B9:96:4D:
                                0A:52:78:19:8A:72:D6:72:C4:B0:4D:A5:6D:6F:54:04
                    Timestamp : Dec  6 05:57:04.499 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:24:A2:5F:C3:74:70:1F:1B:7F:9A:61:71:
                                99:E1:96:00:AD:7D:BF:BB:80:B0:67:EA:E9:95:22:55:
                                A3:80:EF:15:02:21:00:BF:4E:23:05:06:BD:94:95:EF:
                                3B:4F:B3:D1:FD:6E:6E:3C:C4:17:95:24:C0:05:B4:30:
                                88:EA:F3:7D:84:B1:7F
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        b5:1c:a9:f2:75:53:ee:31:4d:e7:07:bd:36:50:1b:70:cc:95:
        12:55:0e:2d:a2:72:f2:e5:65:a1:06:25:fc:13:16:67:05:65:
        cd:7b:39:d5:2c:79:ce:2e:83:84:a9:19:25:97:be:17:35:85:
        73:8d:2d:60:41:c7:e5:72:bc:d3:e5:b3:27:34:12:93:4f:2d:
        9f:cb:d7:05:b6:d2:85:cf:94:af:a8:ea:e6:7b:f8:52:7c:17:
        13:e1:35:9a:91:9a:29:91:97:17:3b:06:18:fb:a8:24:df:b4:
        bd:ac:fa:c1:b7:3a:44:99:3a:c0:f4:f4:c2:e8:1b:34:72:8e:
        19:44:66:d9:c2:62:23:32:21:4e:76:3c:fb:c6:87:8f:72:27:
        b1:54:8c:8c:c1:cc:89:aa:44:89:b4:58:e9:eb:b5:e0:ae:f8:
        73:77:e5:ce:4e:b4:0b:e0:4a:d9:18:89:bc:86:23:60:26:61:
        f4:0b:1d:69:38:e6:b9:ec:f1:8d:c6:78:77:bd:d4:05:ac:16:
        c7:4a:8b:3f:ff:68:ee:33:4f:78:e3:4f:c0:6d:51:82:c0:79:
        9d:fa:e5:55:c9:8c:28:81:40:8c:f6:44:20:47:5b:00:30:47:
        da:6e:b6:27:d9:1f:6a:fe:91:71:5d:f9:dc:ab:b9:14:ad:51:
        5c:99:96:76

444 / tcp

819727972 | 2025-03-28T20:39:42.266966

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

513 / tcp

819727972 | 2025-03-22T18:07:41.716529

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

515 / tcp

-1013082686 | 2025-03-11T20:06:35.353386

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

548 / tcp

-1769206458 | 2025-03-18T23:40:41.520685

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: NASDF59D2\nMachine Type: \\x10Netatalk3.1.9.q2\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: DHX2\\x0f,No User Authent\\x10,Cleartxt Passwrd\\x00\nServer Signature: 00000000008002000180030002800280

554 / tcp

378628610 | 2025-03-23T18:14:46.487580

RTSP/1.0 401 Unauthorized\r\nCSeq: 0\r\n\r\n

593 / tcp

-1407711311 | 2025-03-09T16:30:28.087687

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /login.html?gotourl=default.aspx
X-Powered-By: JunFei
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
X-Download-Options: SAMEORIGIN
Access-Control-Allow-Headers: Content-Type
X-Frame-Options: SAMEORIGIN

602 / tcp

-1059554316 | 2025-03-22T21:35:22.936623

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

646 / tcp

-1600864159 | 2025-03-17T15:10:54.699716

\\x00\\x01\\x00\\x1c\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\x00\\x12\\x00<\xce\x89\\x03\\x00\\x00\n\\x80\\x00\\x00\\x03\\x00\\x00\\x00\\x00\\x00\\x00

666 / tcp

1300162323 | 2025-03-28T15:09:47.697391

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff

689 / tcp

-1487943323 | 2025-03-19T18:40:43.917953

431 Unable to negotiate secure command connection.\r\n

771 / tcp

1332894250 | 2025-03-23T14:58:26.170018

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

832 / tcp

321971019 | 2025-03-03T21:35:44.048293

-ERR client ip is not in whitelist\r

833 / tcp

-1399940268 | 2025-03-08T22:40:14.379467

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

888 / tcp

-262532376 | 2025-03-11T22:16:28.401224

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: keep-alive

902 / tcp

1956828827 | 2025-03-20T13:02:53.788878

220 VMware Authentication Daemon Version 1.10: SSL Required, Se
rverDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t

992 / tcp

-936692830 | 2025-03-05T17:52:32.665170

HTTP/1.1 202 OK
Connection: Keep-Alive
Content-Type: text/html
Keep-Alive: timeout=15; max=19

993 / tcp

-1899074860 | 2025-03-27T21:18:19.475005

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

995 / tcp

689999346 | 2025-03-06T04:05:11.660581

+OK The Microsoft Exchange POP3 service is ready. [SgBIADAAUABSADAAMQBDAEEAMAAwADUAMgAuAGEAcABjAHAAcgBkADAAMQAuAHAAcgBvAGQALgBlAHgAYwBoAGEAbgBnAGUAbABhAGIAcwAuAGMAbwBtAA==]\r\n

1022 / tcp

819727972 | 2025-03-09T09:54:21.439870

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1023 / tcp

-1681927087 | 2025-03-23T17:33:05.877992

kjnkjabhbanc283ubcsbhdc72

1025 / tcp

-345718689 | 2025-03-18T02:19:28.874788

Vty password is not set.

1099 / tcp

2063598737 | 2025-03-22T08:29:54.371289

/0 0 L\r\n/0 0 HUH\r\n

1153 / tcp

819727972 | 2025-03-24T18:28:20.831765

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1177 / tcp

339872247 | 2025-03-18T13:26:39.365449


0 ...

1200 / tcp

819727972 | 2025-03-05T00:37:19.578411

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1234 / tcp

1015654041 | 2025-03-27T02:17:40.607593

HTTP/1.0 500 Internal Server Error
Content-Length: 20

1337 / tcp

1842524259 | 2025-03-12T16:04:15.453097

1366 / tcp

-980525298 | 2025-03-24T21:37:11.171699

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1414 / tcp

-1399940268 | 2025-03-20T21:41:36.105188

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1433 / tcp

637263328 | 2025-02-28T18:48:20.349883

MSSQL Server\nVersion: 171050560 (0xa320640)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: SERVER\nProduct_Version: 10.0.19041 Ntlm 15\nOS: Windows 10, Version 2004/Windows Server, Version 2004\nNetBIOS_Domain_Name: SERVER\nNetBIOS_Computer_Name: SERVER\nDNS_Domain_Name: server\nDNS_Computer_Name: server\nSystem_Time: 2024-01-22 01:21:33 +0000 UTC\n\n

1459 / tcp

-1399940268 | 2025-03-29T13:33:50.156205

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1460 / tcp

1543809371 | 2025-03-24T18:41:08.268285

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

1521 / tcp

-1184558916 | 2025-03-20T01:56:06.192801

Version:11.2.0.4.0\n"\\x00\\x00Y(DESCRIPTION=(TMP=)(VSNNUM=186647552)(ERR=1189)(ERROR_STACK=(ERROR=(CODE=1189)(EMFI=4))))

1599 / tcp

2087396567 | 2025-03-13T15:15:47.755570

kjnkjabhbanc283ubcsbhdc72

1604 / tcp

1880683805 | 2025-03-18T23:51:38.925588

ÿ

1650 / tcp

1308377066 | 2025-03-25T17:24:30.320382

ncacn_http/1.0

1723 / tcp

-1608241410 | 2025-03-26T00:41:46.596964

Firmware: 1\nHostname: local\nVendor: linux\n

1800 / tcp

2063598737 | 2025-03-12T02:36:04.979955

/0 0 L\r\n/0 0 HUH\r\n

1883 / tcp

1636811864 | 2025-03-15T00:20:26.801052

1911 / tcp

-2031152423 | 2025-03-11T14:37:52.618476

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

1926 / tcp

339872247 | 2025-03-17T16:49:04.217949


0 ...

1952 / tcp

-1399940268 | 2025-03-18T17:11:25.689317

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1962 / tcp

-1327660293 | 2025-03-28T23:31:58.777715

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

1964 / tcp

632542934 | 2025-03-18T12:31:01.032433

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

1972 / tcp

-1641514916 | 2025-03-14T10:47:43.699018

* OK Merak 1dFUa2 IMAP4rev1

2000 / tcp

-1399940268 | 2025-03-19T17:39:23.616094

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2001 / tcp

1911457608 | 2025-03-27T06:22:27.797807

\x00[\x00\x00\x00\x00\x00\x00

2002 / tcp

819727972 | 2025-03-18T03:59:23.092384

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2003 / tcp

819727972 | 2025-03-27T04:53:57.983374

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2008 / tcp

-952165951 | 2025-03-24T01:10:50.941673

AB

2063 / tcp

709622286 | 2025-03-20T03:49:45.012556

OK Welcome <299685> on DirectUpdate server 7286\r\n

2067 / tcp

-1399940268 | 2025-03-17T22:45:20.930512

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2081 / tcp

-2017887953 | 2025-03-16T00:16:22.318889

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

2083 / tcp

-2031152423 | 2025-03-14T06:02:26.674544

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

2096 / tcp

819727972 | 2025-03-15T08:54:28.157352

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2121 / tcp

141730637 | 2025-03-14T08:46:29.205106

HTTP/1.0 200 OK
Server: Proxy

2130 / tcp

-1327660293 | 2025-03-18T15:15:38.589793

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

2154 / tcp

-971970408 | 2025-03-28T05:27:42.053352

2181 / tcp

546151771 | 2025-03-25T09:55:32.151003

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

2222 / tcp

-358801646 | 2025-03-16T08:59:20.075828

SSH-2.0-OpenSSH_6.6.1

2323 / tcp

1662205251 | 2025-03-25T00:14:27.674746

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

2332 / tcp

1231376952 | 2025-03-11T23:08:38.660501

2345 / tcp

740837454 | 2025-03-12T06:08:28.264563

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

2362 / tcp

-1839934832 | 2025-03-13T18:41:14.096288

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

2376 / tcp

2087396567 | 2025-03-29T02:24:15.364810

kjnkjabhbanc283ubcsbhdc72

2404 / tcp

-2089734047 | 2025-03-16T06:34:52.810179

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

2443 / tcp

165188539 | 2025-03-23T16:42:10.718697

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

2455 / tcp

740837454 | 2025-03-14T03:31:55.159556

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

2548 / tcp

398077695 | 2025-03-10T19:22:30.109417

2563 / tcp

820958131 | 2025-03-10T14:36:45.187325

kjnkjabhbanc283ubcsbhdc72\x02

2628 / tcp

660175493 | 2025-03-06T20:15:42.873484

2761 / tcp

1996932384 | 2025-03-25T17:47:26.664778

"raop" nonce

2762 / tcp

165188539 | 2025-03-24T23:25:58.820167

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

3001 / tcp

1911457608 | 2025-03-13T11:21:18.955059

\x00[\x00\x00\x00\x00\x00\x00

3007 / tcp

-1399940268 | 2025-03-12T17:53:47.936525

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3008 / tcp

-1477838366 | 2025-03-19T06:02:40.174910

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

3060 / tcp

-2046514463 | 2025-03-20T22:55:47.927168

AB\x01\t

3072 / tcp

632542934 | 2025-03-23T07:19:20.916365

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

3077 / tcp

198844676 | 2025-03-16T17:27:54.485730

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3090 / tcp

1911457608 | 2025-03-24T13:30:51.291933

\x00[\x00\x00\x00\x00\x00\x00

3101 / tcp

-2089734047 | 2025-03-18T12:16:19.640007

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3111 / tcp

1911457608 | 2025-03-09T13:51:34.369425

\x00[\x00\x00\x00\x00\x00\x00

3124 / tcp

-1399940268 | 2025-02-27T22:49:31.255616

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3131 / tcp

165188539 | 2025-03-26T15:32:23.796282

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

3149 / tcp

677934968 | 2025-03-21T15:51:55.635223

lm^)Q

3158 / tcp

1282941221 | 2025-03-05T18:45:30.078186

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

3174 / tcp

921225407 | 2025-03-18T17:51:29.271083

\x00\x00\x00\x04\x00\x00\x00\x00\x00

3182 / tcp

-303199180 | 2025-03-14T04:47:44.455154

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

3190 / tcp

-1730858130 | 2025-03-16T06:47:21.387660

RFB 003.008
VNC:
  Protocol Version: 3.8

3260 / tcp

175679309 | 2025-03-26T03:07:24.332801

Login Response Success(0x0000)\nKey/Value Pairs\nAuthMethod=None\nTargetAlias=QNAP Target\nTargetPortalGroupTag=1\n

3269 / tcp

-1399940268 | 2025-03-13T00:16:51.683997

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3299 / tcp

-971970408 | 2025-03-21T08:25:06.781497

3301 / tcp

1011407350 | 2025-03-04T23:36:57.388292

* OK GroupWise IMAP4rev1 Server Ready\r\n

3310 / tcp

-303199180 | 2025-03-20T19:23:01.163992

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

3341 / tcp

-1327660293 | 2025-03-11T04:46:05.458017

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

3388 / tcp

1308377066 | 2025-03-04T18:27:25.443363

ncacn_http/1.0

3389 / tcp

-6645672 | 2025-03-25T03:00:08.954648

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x02\\x0f\\x08\\x00\\x08\\x00\\x00\\x00\n\nFlag: PROTOCOL_HYBRID_EX\nTarget_Name: 172_16_0_11\nProduct_Version: 6.3.9600 Ntlm 15\nOS: Windows 8.1/Windows Server 2012 R2\nNetBIOS_Domain_Name: 172_16_0_11\nNetBIOS_Computer_Name: 172_16_0_11\nDNS_Domain_Name: 172_16_0_11\nDNS_Computer_Name: 172_16_0_11\nSystem_Time: 2024-01-22 08:42:27 +0000 UTC\n\n

3407 / tcp

-1265999252 | 2025-03-21T15:19:31.121055

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

3503 / tcp

1623746877 | 2025-03-27T18:43:33.739979

500 Permission denied - closing connection.\r\n

3522 / tcp

-1888448627 | 2025-03-26T23:45:28.256149

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

3551 / tcp

198844676 | 2025-03-05T18:11:17.893719

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3557 / tcp

-1399940268 | 2025-03-21T12:25:25.844436

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3570 / tcp

-2089734047 | 2025-03-04T04:26:16.259337

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3590 / tcp

-1648456501 | 2025-03-19T10:44:44.011371

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

3780 / tcp

-358801646 | 2025-03-19T21:32:34.701996

SSH-2.0-OpenSSH_6.6.1

3790 / tcp

-971970408 | 2025-03-25T17:58:53.867318

3792 / tcp

320677201 | 2025-03-05T13:03:45.032173

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

3910 / tcp

2121220663 | 2025-03-26T00:06:01.832277

SSH-58-Ingrian_SSH\r\n

4000 / tcp

1300162323 | 2025-03-14T07:23:16.249644

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff

4022 / tcp

1541211644 | 2025-03-14T16:22:38.462950

[\xc2\xba\x7fs\x7f

4064 / tcp

-1746074029 | 2025-03-16T23:24:24.466501

101 imqbroker =unV\r\n

4118 / tcp

-1327660293 | 2025-03-10T18:45:49.883636

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

4150 / tcp

1615193817 | 2025-03-18T01:45:17.983305

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

4160 / tcp

-1699556818 | 2025-03-05T19:55:21.197865

\x01remshd: Kerberos Authentication not enabled.\n

4190 / tcp

119860953 | 2025-03-24T18:28:49.118242

* OK ArGoSoft Mail Server IMAP Module v.YW at

4242 / tcp

302222687 | 2025-03-12T09:44:58.011535

HTTP/1.1 301 Moved Permanently
Server: Apache/2.4.41 (Unix) OpenSSL/1.1.1d TST PHP/7.3.11
Content-Type: text/plain; charset=utf-8
Connection: close

4282 / tcp

819727972 | 2025-03-27T23:48:12.645013

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

4300 / tcp

-1399940268 | 2025-03-18T22:15:17.784513

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4321 / tcp

-1250504565 | 2025-03-10T11:59:12.805222

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

4433 / tcp

1984588611 | 2025-03-08T14:07:43.899559

4439 / tcp

1911457608 | 2025-03-11T17:23:16.257057

\x00[\x00\x00\x00\x00\x00\x00

4440 / tcp

-1399940268 | 2025-03-12T18:19:53.242352

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4443 / tcp

285437346 | 2025-03-18T15:21:53.225249

HTTP/1.1 200 OK
Content-Type: text/xml
X-Transcend-Version: 1
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Frame-Options: deny
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
Clear-Site-Data: "cache","cookies","storage"
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
X-XSS-Protection: 0

4444 / tcp

-1099385124 | 2025-03-04T01:32:08.479545

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

4449 / tcp

198844676 | 2025-03-27T19:05:21.998664

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

4500 / tcp

1363464823 | 2025-03-06T08:25:15.629973

\x00[|ox\x7f\x00\x00

4602 / tcp

-1375131644 | 2025-03-18T07:23:21.121477

\x00[v\xc3\xbdC\x7f\x00\x00

4786 / tcp

-1399940268 | 2025-03-29T15:54:34.233025

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4808 / tcp

1911457608 | 2025-03-05T06:23:29.429424

\x00[\x00\x00\x00\x00\x00\x00

4821 / tcp

-1746074029 | 2025-03-27T15:37:39.626947

101 imqbroker =unV\r\n

4840 / tcp

921225407 | 2025-03-13T02:37:04.249783

\x00\x00\x00\x04\x00\x00\x00\x00\x00

4899 / tcp

1308377066 | 2025-03-19T15:28:45.144575

ncacn_http/1.0

4911 / tcp

1991883981 | 2025-03-08T13:01:38.519351

B\x00\x00\x00\xc3\xbfn\x04Too many connections

4949 / tcp

2087396567 | 2025-03-25T14:25:56.201821

kjnkjabhbanc283ubcsbhdc72

5001 / tcp

-146605374 | 2025-03-26T06:49:37.042156

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

5007 / tcp

1189133115 | 2025-03-19T21:22:37.489399

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

5010 / tcp

-2096652808 | 2025-03-25T04:12:18.044479

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

5025 / tcp

2087396567 | 2025-03-25T03:09:46.547613

kjnkjabhbanc283ubcsbhdc72

5070 / tcp

165188539 | 2025-03-29T02:56:31.897491

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

5083 / tcp

-2089734047 | 2025-03-01T00:03:42.211950

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

5089 / tcp

1996932384 | 2025-03-19T15:51:42.415558

"raop" nonce

5100 / tcp

1492413928 | 2025-03-22T13:54:33.550487

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

5201 / tcp

-339084706 | 2025-03-27T08:24:59.657807

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

5222 / tcp

323676348 | 2025-03-09T18:19:42.206909

}â

5247 / tcp

1911457608 | 2025-03-08T17:01:12.717497

\x00[\x00\x00\x00\x00\x00\x00

5249 / tcp

819727972 | 2025-03-18T11:27:47.596721

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

5257 / tcp

205347087 | 2025-03-26T18:26:52.553511

SSH-25453-Cisco-3524665.35\n

5262 / tcp

-1399940268 | 2025-03-23T21:14:08.493718

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5274 / tcp

-375604792 | 2025-03-03T22:57:47.213385

220 Microsoft FTP Service

5280 / tcp

-198546083 | 2025-03-04T08:51:22.270738

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2049_PS-WNZ-01STm32_6466-3339

5432 / tcp

632542934 | 2025-03-11T17:19:32.067818

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

5435 / tcp

819727972 | 2025-03-29T03:21:26.112190

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

5495 / tcp

632542934 | 2025-02-28T20:54:27.938534

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

5557 / tcp

819727972 | 2025-03-06T03:26:08.585839

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

5568 / tcp

-358801646 | 2025-03-01T01:09:27.807425

SSH-2.0-OpenSSH_6.6.1

5597 / tcp

-1399940268 | 2025-03-11T02:22:58.049418

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5672 / tcp

575925250 | 2025-03-10T16:21:29.416924

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

5858 / tcp

-1899074860 | 2025-03-20T00:24:07.504273

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

5984 / tcp

1999272906 | 2025-03-27T06:46:23.533085

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

5986 / tcp

-445721795 | 2025-03-17T02:55:01.590215

\x00[\xc3\xaed\x1a\x7f\x00\x00

5991 / tcp

819727972 | 2025-03-23T22:55:09.388931

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

5993 / tcp

-2089734047 | 2025-03-21T15:38:07.294710

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

6000 / tcp

-585940771 | 2025-03-12T20:17:05.490559

Unknown command\r\n

6002 / tcp

1278527606 | 2025-03-28T21:01:45.181904

SSH-2.0-Teleport

6443 / tcp

-1063555904 | 2025-03-12T05:55:19.581938

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Wed, 12 Mar 2025 05:55:19 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://203.119.175.229:443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

6503 / tcp

-2089734047 | 2025-03-06T22:44:03.058425

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

6505 / tcp

-2089734047 | 2025-03-21T18:19:14.965471

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

6581 / tcp

165188539 | 2025-03-17T19:32:21.870704

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

6600 / tcp

-2089734047 | 2025-03-14T17:14:04.063559

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

6605 / tcp

-1399940268 | 2025-03-27T01:38:56.315673

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6666 / tcp

4935895 | 2025-03-21T07:36:18.634207

HTTP/1.1 400 Bad Request
Server: CloudWAF

6667 / tcp

819727972 | 2025-03-28T11:55:03.788896

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

6668 / tcp

1911457608 | 2025-03-21T18:11:37.072542

\x00[\x00\x00\x00\x00\x00\x00

6688 / tcp

-1888448627 | 2025-03-23T17:23:23.978668

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

6697 / tcp

-2096652808 | 2025-03-29T00:28:04.222309

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

6799 / tcp

-1399940268 | 2025-03-06T08:20:26.612418

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7001 / tcp

1624217396 | 2025-03-27T14:34:11.047906

HELO:10.3.6.0.false\nAS:2048\nHL:19

Vulnerabilities

2 4

7010 / tcp

1726594447 | 2025-03-24T22:07:59.703666

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

7272 / tcp

-904840257 | 2025-03-04T20:02:54.420301

572 Relay not authorized\r\n

7348 / tcp

-1888448627 | 2025-03-24T07:06:22.216535

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

7434 / tcp

1761482307 | 2025-03-05T14:12:25.548459

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

7443 / tcp

1342763855 | 2025-03-23T14:31:31.746898

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
Connection: close
Server: Nginx
Expires: 0
Pragma: no-cache
Cache-Control: no-cache
X-LANG: 1
X-Timezone: 0800
X-Timestamp: 1705912071
X-Arch: x86
X-Sysbit: x64
X-Enterprise: 0
X-Support-i18n: 0
X-Support-wifi: 0
Location: /login

7548 / tcp

2087396567 | 2025-03-29T07:23:15.670648

kjnkjabhbanc283ubcsbhdc72

7634 / tcp

1469043098 | 2025-03-17T11:02:34.310871

hddtemp
	: :  
	: :

7700 / tcp

-1399940268 | 2025-03-20T15:04:40.842674

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7778 / tcp

1519486042 | 2025-03-24T04:10:07.582243

<KU_goodbye>Protocol Error: XML data is not well-formed.</KU_goodbye>

7799 / tcp

1911457608 | 2025-03-06T20:43:44.450112

\x00[\x00\x00\x00\x00\x00\x00

8000 / tcp

-1036370807 | 2025-03-16T02:59:55.432658

JDWP-Handshake

8011 / tcp

677934968 | 2025-03-21T01:42:27.532601

lm^)Q

8034 / tcp

-1399940268 | 2025-03-18T20:15:13.288338

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8035 / tcp

-1139539254 | 2025-03-17T04:58:29.799735

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

8054 / tcp

-1899074860 | 2025-03-06T00:43:09.051457

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

8071 / tcp

632542934 | 2025-03-05T21:37:13.156155

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8072 / tcp

-1538260461 | 2025-03-11T18:41:40.368962

\x01\x00\x00\x00

8074 / tcp

1911457608 | 2025-03-16T15:21:56.012994

\x00[\x00\x00\x00\x00\x00\x00

8078 / tcp

-1013082686 | 2025-03-24T04:42:21.137866

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

8081 / tcp

819727972 | 2025-03-15T01:37:39.739216

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8083 / tcp

1842524259 | 2025-03-18T17:15:51.876932

8085 / tcp

1261582754 | 2025-03-11T22:14:56.639388

unknown command 
unknown command

8087 / tcp

1161309183 | 2025-03-20T10:32:12.320092

ProxyServer is ready

8093 / tcp

-331387241 | 2025-03-07T17:44:45.042866

HTTP/1.1 200 OK
Server: nginx/1.14.2
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type,*
Accept-Ranges: bytes

8099 / tcp

-1249500036 | 2025-03-24T21:28:15.591860

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes

8100 / tcp

1975288991 | 2025-03-23T02:04:05.663025

OPTI

8113 / tcp

-2140303521 | 2025-03-26T23:22:06.820591

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

8116 / tcp

205347087 | 2025-03-19T21:30:01.646387

SSH-25453-Cisco-3524665.35\n

8129 / tcp

-1399940268 | 2025-03-12T07:43:23.027653

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8136 / tcp

1134517380 | 2025-03-19T16:37:06.233272

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

8139 / tcp

2087396567 | 2025-03-26T04:58:51.955027

kjnkjabhbanc283ubcsbhdc72

8140 / tcp

1741579575 | 2025-03-29T20:40:38.348049

8150 / tcp

-784071826 | 2025-03-10T19:43:34.225973

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 5 1

8156 / tcp

-358801646 | 2025-03-03T22:42:01.732350

SSH-2.0-OpenSSH_6.6.1

8161 / tcp

-2089734047 | 2025-03-21T08:54:44.656406

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8167 / tcp

-1399940268 | 2025-03-11T14:51:07.280864

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8177 / tcp

-1888448627 | 2025-03-08T17:25:23.032558

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8181 / tcp

171352214 | 2025-03-10T03:52:35.267080

-ERR client ip is not in whitelist

8185 / tcp

-1399940268 | 2025-03-20T03:44:23.721411

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8191 / tcp

819727972 | 2025-03-18T05:44:09.655230

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8200 / tcp

-877598700 | 2025-03-24T19:55:43.295205

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\\x01\xc3\xbf\xc3\xbb\\x03\xc3\xbf\xc3\xbd\\x01\xc3\xbf\xc3\xbe\\x01Username:

8203 / tcp

-1399940268 | 2025-03-08T19:43:40.913704

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8239 / tcp

-2089734047 | 2025-03-10T07:31:28.440004

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8284 / tcp

-2096652808 | 2025-03-10T19:04:17.358063

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8381 / tcp

-980525298 | 2025-03-29T17:31:32.479177

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8393 / tcp

-345718689 | 2025-03-06T14:12:15.617324

Vty password is not set.

8421 / tcp

-1399940268 | 2025-03-18T15:42:32.301341

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8434 / tcp

-1139539254 | 2025-03-26T23:09:00.186165

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

8442 / tcp

1282941221 | 2025-03-27T10:23:07.393360

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

8443 / tcp

0 | 2025-03-04T19:19:30.921297

Hashes

hash

-1543316213

http.dom_hash

http.html_hash

http.server_hash

1673621694

HTTP/1.1 200 OK
Date: Tue, 04 Mar 2025 19:19:30 GMT
Content-Type: text/html
Content-Length: 187
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: no-cache, no-store
Etag: "00a460f7-013"
Server: Tengine
Set-Cookie: SERVERID=fbbf540608b8e70262b32cbbf280c39b|1741115970|1741115970;Path=/
Vary: Accept-Encoding
Location: htps://open-living-sg.aliyuncs.com

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:49:b2:86:90:3c:9b:46:7a:60:5b:87
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: May  5 06:21:16 2023 GMT
            Not After : Jun  5 06:21:15 2024 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.aliyun.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cb:86:52:47:92:e4:5e:da:f6:9d:1c:f4:69:be:
                    9f:65:73:c6:54:11:a9:aa:9b:9e:5e:f7:07:bf:18:
                    47:ac:70:22:0c:72:ef:61:13:c7:39:6f:d7:45:23:
                    25:f2:74:42:33:a0:29:37:97:85:8d:e6:71:fa:0d:
                    55:fb:d3:b9:5e:b9:b3:67:66:83:41:50:1c:1f:b3:
                    dd:28:fa:ca:d2:b6:7b:db:49:9a:1f:5f:50:56:83:
                    0b:be:aa:15:dd:13:46:c8:0a:72:07:00:5a:23:87:
                    d0:46:3a:8c:77:33:24:00:f4:ef:c0:e6:bc:c8:45:
                    3f:cc:4c:5d:c5:9e:53:1e:05:57:8c:75:e2:a6:ee:
                    e9:35:95:55:a4:46:71:34:30:bc:c2:f0:29:2c:01:
                    89:3d:45:1e:1b:44:99:ac:1d:81:87:73:a4:80:07:
                    8f:c3:fb:29:1e:99:f9:2c:08:bd:74:3a:2d:66:d0:
                    4f:00:c9:37:f5:eb:72:c9:0d:40:ac:d4:4e:f8:45:
                    3b:e4:8f:21:1c:8a:40:88:23:73:bf:54:42:ed:75:
                    de:fa:f6:d1:83:50:4e:9d:27:de:34:c6:cb:77:42:
                    d4:d0:9a:89:e5:aa:67:8b:8f:84:f2:a6:13:2b:2c:
                    d9:8c:16:e0:b2:99:b2:ae:e6:78:a6:f9:3a:f8:b0:
                    e0:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FB:43:61:72:DB:90:9F:67:07:2E:AE:74:FB:66:90:A2:E9:C4:FC:15
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            Authority Information Access: 
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
            X509v3 Subject Alternative Name: 
                DNS:*.aliyun.com, DNS:aliyun.com, DNS:eci-vpc.cn-shanghai.aliyun.com, DNS:mi.atm.youku.com, DNS:nrshop.ele.me, DNS:apm.umeng.com, DNS:devops.aliyun.com, DNS:tp-unify.cainiao-inc.com, DNS:wwwservice.faas.ele.me, DNS:servicemarket.lazada.sg, DNS:ywlanlong.1688.com, DNS:vip.dingtalk.com, DNS:gde.ojiyvn-ina.aon.aliyun-inc.com, DNS:ais-delivery.aliyun.com, DNS:eas.ne-eost-1.aliyuncs.com, DNS:deb.san.tmall.com, DNS:zhooshong.tmall.com, DNS:ydbvtterfjy.1688.com, DNS:www0.pamela.xixikf.cn, DNS:redmart.lazada.sg, DNS:alimail-cn.aliyun.com, DNS:h5api.m.etao.com, DNS:aliapp-open.9game.cn, DNS:luxiaunt.aliyun.com, DNS:shop-alimebot.lazada.sg, DNS:djsz99.aliyun.com, DNS:apr.aliyun.com, DNS:shop36825243.aliyun.com, DNS:wwwcontrol.fl.fliggy.com, DNS:mail.yuanzhou.com.cn, DNS:dofogenogi.og-sovtheost-1.aliyuncs.com, DNS:shog6241b045g3109.1688.com, DNS:pop3.aliyun.com, DNS:xy.aliyun.com, DNS:pai.dw.alibaba-inc.com, DNS:shop36912637.aliyun.com, DNS:jonghvogs.1688.com, DNS:baidabengye.1688.com, DNS:m.2cloo.com, DNS:zhooshong.taobao.com, DNS:shop0397112nnc805.1688.com, DNS:yvndvn.aonsoje.aliyun.com, DNS:affiliate.lazada.sg, DNS:clairvoyant.ele.me, DNS:baseus6.pt.aliexpress.com, DNS:adiu.amap.com, DNS:ververica-share.aliyun.com, DNS:ojibobodood.aliyun.com, DNS:msg.umeng.com, DNS:880629.taobao.com, DNS:dtoolnlsql.alibaba-inc.com, DNS:tn.aonsoje.aliyun.com, DNS:shog641o1n76057k9.1688.com, DNS:p2p-msc.aliyun.com, DNS:shog1429548421557.1688.com, DNS:barn.taobao.org, DNS:sns.amap.com, DNS:aurora2.aliyun.com, DNS:qt-stability-locate.aliyun-inc.com, DNS:bloan.aliyun.com, DNS:m5-x.amap.com, DNS:gresto-gvbjia.ojiyvn-ina.aon.aliyun-inc.com, DNS:shop1443459323612.aliyun.com, DNS:asjvbongjixie.1688.com, DNS:filebroker.aliexpress.com, DNS:shog36735366.taobao.com, DNS:yvonfon.1688.com, DNS:drive-pc.quark.cn, DNS:roundrinn.aliexpress.com, DNS:apistore.amap.com, DNS:aontroat.ojibobo-ina.aon.alibaba-inc.com, DNS:bridge.dingtalk.com, DNS:esa.ojiyvn-ina.aon.aliyun-inc.com, DNS:www9.smt2.xixikf.cn, DNS:shog6t37772q01486.1688.com, DNS:gre-jstroaker.ojibobo-ina.aon.alibaba-inc.com, DNS:wwwapp.faas.ele.me, DNS:acs-wapa.lazada.co.th, DNS:diqian.1688.com, DNS:eas-vga.an-shenzhen.aliyuncs.com, DNS:right.arn.1688.com, DNS:ahengheahvongyi.1688.com, DNS:prs.lazada.com, DNS:vvg.aonsoje.aliyun.com, DNS:serviae.an-beijing.noxaongvte.aliyun.com, DNS:ron-internoj.og-northeost-1.ojiyvn-ina.aon.aliyun-inc.com
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        00:20:9a:4a:31:17:fc:e4:3c:12:ad:c6:0a:b2:84:03:79:bc:
        2d:13:7e:d6:92:ff:76:4d:9f:85:a7:f6:78:8a:ea:71:47:60:
        9d:59:59:bc:3e:78:87:db:36:b1:76:fe:46:a9:b7:9f:ce:2d:
        10:cc:72:db:db:67:1e:7e:5c:dd:c3:63:3e:48:f5:98:13:89:
        5d:49:53:eb:80:db:33:3b:bc:01:45:d9:79:4e:53:30:53:2e:
        26:60:61:29:9d:68:f7:d2:0f:e5:c6:28:30:87:87:72:0b:e8:
        27:90:16:6b:48:9e:0f:3d:ce:90:1b:f5:e6:af:7b:80:e6:db:
        77:83:c9:41:a5:6b:4d:31:1c:e9:62:b2:3a:ad:e4:1c:8b:9f:
        43:ed:ff:14:b2:20:7f:49:f1:23:ea:1c:62:3c:c5:8f:0a:67:
        96:c3:79:4e:dd:44:7f:d2:41:cf:31:50:5d:20:b5:46:a3:56:
        68:c5:f8:f2:0d:4c:8a:0c:d3:67:07:e4:8d:e4:fd:66:c2:90:
        e7:16:f9:f9:0f:7c:da:a2:b3:0c:dc:56:09:88:e4:6f:72:15:
        87:9a:55:e8:9b:86:c7:94:90:e0:df:9f:4d:bd:44:0b:ba:46:
        ea:15:2b:83:31:5c:01:75:29:27:cd:90:cf:0e:ac:95:ce:23:
        e3:68:51:8e

8453 / tcp

-2096652808 | 2025-03-10T05:02:26.693164

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8463 / tcp

-1399940268 | 2025-03-11T06:36:21.832384

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8480 / tcp

-891714208 | 2025-03-01T01:15:51.466347

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

8494 / tcp

-2031152423 | 2025-03-28T22:52:35.424985

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

8514 / tcp

580340387 | 2025-03-14T00:54:19.443924

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

8525 / tcp

-358801646 | 2025-03-09T18:15:28.773741

SSH-2.0-OpenSSH_6.6.1

8545 / tcp

2087396567 | 2025-03-19T04:01:27.226021

kjnkjabhbanc283ubcsbhdc72

8548 / tcp

-1114821551 | 2025-03-17T17:55:48.428955

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

8549 / tcp

1189133115 | 2025-03-20T21:14:23.624629

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

8550 / tcp

1189133115 | 2025-03-26T11:53:39.502185

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

8554 / tcp

1741579575 | 2025-03-21T01:39:04.897470

8556 / tcp

-1327660293 | 2025-03-19T16:38:22.281105

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

8582 / tcp

-1059554316 | 2025-03-18T06:08:46.037054

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

8583 / tcp

-2140303521 | 2025-03-16T15:25:20.467027

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

8586 / tcp

1911457608 | 2025-03-15T01:12:26.843985

\x00[\x00\x00\x00\x00\x00\x00

8596 / tcp

-1435414831 | 2025-03-13T10:58:14.599667

roku: ready\r\n

8599 / tcp

-653033013 | 2025-03-15T11:23:34.118814

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

8600 / tcp

527766507 | 2025-03-25T10:23:17.358619

\\x0e\\x00O\\x00\\x01\\x001\\xfez$\\xaf^\\x01\t\\x05\\x04

8621 / tcp

-747911285 | 2025-03-06T04:52:24.587987

\xc2\xaa

8649 / tcp

842535728 | 2025-03-26T12:16:37.272097

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

8709 / tcp

-1399940268 | 2025-03-13T22:57:11.341203

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8728 / tcp

307999478 | 2025-03-14T16:31:44.750193

unknown command \r\nunknown command \r\n

8767 / tcp

971933601 | 2025-03-14T22:59:45.958006

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

8804 / tcp

819727972 | 2025-03-04T14:08:42.835312

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8823 / tcp

-616720387 | 2025-03-14T08:03:18.463264

SSH-2.0-SSHD_0.7.6

8827 / tcp

-2089734047 | 2025-03-15T12:08:53.200811

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8828 / tcp

580340387 | 2025-03-24T07:47:44.199142

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

8835 / tcp

921225407 | 2025-03-18T06:38:09.676209

\x00\x00\x00\x04\x00\x00\x00\x00\x00

8839 / tcp

493955023 | 2025-03-25T01:47:51.437921

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

8845 / tcp

-2031152423 | 2025-03-10T14:18:48.902785

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

8857 / tcp

493955023 | 2025-02-28T18:44:26.117619

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

8858 / tcp

1077013874 | 2025-03-27T04:16:43.724479

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

8868 / tcp

-1399940268 | 2025-03-18T19:58:33.986128

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8880 / tcp

-438503381 | 2025-03-18T00:31:35.162986

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

8883 / tcp

1911457608 | 2025-03-20T21:52:43.419576

\x00[\x00\x00\x00\x00\x00\x00

8899 / tcp

-1885525731 | 2025-03-15T14:59:35.004447

\\xab\xca\xa5]\\x00\\x00\\x00\\x18\\xc0\\x00\\x00\\x01\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xab\xca\xa5]\\x00\\x00\\x00\\x18\\xc0\\x00\\x00\\x04\\xff\\xff\\xff\\xb9\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00

8905 / tcp

-1399940268 | 2025-03-28T21:02:28.353965

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8910 / tcp

597764502 | 2025-03-27T08:55:45.918552

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

8915 / tcp

-1013082686 | 2025-03-17T00:19:36.833830

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

9000 / tcp

-2067028711 | 2025-03-07T06:24:52.390614

\x15\x03\x01\x00\x02\x02F

9001 / tcp

-1026951088 | 2025-03-25T18:50:09.241573

erro ip

9002 / tcp

-971970408 | 2025-03-18T15:52:22.693346

9004 / tcp

1911457608 | 2025-03-22T01:08:26.465317

\x00[\x00\x00\x00\x00\x00\x00

9011 / tcp

-2089734047 | 2025-02-28T10:28:18.889190

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9018 / tcp

-1399940268 | 2025-03-21T20:46:52.899001

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9019 / tcp

819727972 | 2025-03-21T01:01:02.601638

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9028 / tcp

1011407350 | 2025-03-26T18:13:00.706893

* OK GroupWise IMAP4rev1 Server Ready\r\n

9039 / tcp

921225407 | 2025-03-16T09:11:11.167804

\x00\x00\x00\x04\x00\x00\x00\x00\x00

9040 / tcp

1130179067 | 2025-03-19T01:08:29.894551

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65aa15a9_PS-000-01k7g70_22621-61633

9083 / tcp

1282941221 | 2025-03-09T07:14:30.941133

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

9085 / tcp

-1399940268 | 2025-03-13T14:28:04.635436

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9091 / tcp

2087396567 | 2025-03-11T09:29:08.134663

kjnkjabhbanc283ubcsbhdc72

9092 / tcp

-2089734047 | 2025-03-28T07:44:30.493529

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9095 / tcp

1690634669 | 2025-03-20T19:06:10.444350

9107 / tcp

819727972 | 2025-03-10T03:31:26.661666

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9113 / tcp

-1399940268 | 2025-03-26T23:07:04.460272

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9128 / tcp

-1399940268 | 2025-03-25T18:36:26.910039

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9134 / tcp

1911457608 | 2025-03-15T11:50:23.935960

\x00[\x00\x00\x00\x00\x00\x00

9148 / tcp

819727972 | 2025-03-11T10:50:49.950500

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9149 / tcp

-2080784861 | 2025-03-05T21:47:01.588543

GBPK\xc3\xbb\xc3\xb7n\xc2\x93W\xc2\xaf\xc2\x86\xc2\x93x@\xc2\xa9\x0e\xc3\x8a*\xc2\x9bS\x00

9150 / tcp

-1105333987 | 2025-03-27T20:32:23.228757

\x00[KpU\x7f\x00\x00

9151 / tcp

799468586 | 2025-03-13T20:30:00.979448

ICA

9158 / tcp

-1097188123 | 2025-03-03T21:24:13.532766

[g\xc2\x95N\x7f

9169 / tcp

-1097188123 | 2025-03-08T11:45:22.590302

[g\xc2\x95N\x7f

9206 / tcp

-1947777893 | 2025-03-15T18:40:37.836984

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

9209 / tcp

-1453516345 | 2025-03-25T06:28:53.190417

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

9210 / tcp

819727972 | 2025-03-13T19:47:40.251735

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9220 / tcp

740837454 | 2025-03-13T14:40:17.769214

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

9222 / tcp

-2089734047 | 2025-03-17T02:24:33.274519

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9242 / tcp

632542934 | 2025-03-23T13:46:11.795037

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

9249 / tcp

740837454 | 2025-03-09T20:06:51.991834

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

9251 / tcp

897328069 | 2025-03-23T13:47:26.026087

220 mail.scott000.com ESMTP

9306 / tcp

1996932384 | 2025-03-28T01:47:27.539197

"raop" nonce

9333 / tcp

2087396567 | 2025-03-29T12:39:02.658395

kjnkjabhbanc283ubcsbhdc72

9383 / tcp

-1746074029 | 2025-03-29T13:59:29.100209

101 imqbroker =unV\r\n

9387 / tcp

1911457608 | 2025-03-13T21:06:35.804409

\x00[\x00\x00\x00\x00\x00\x00

9433 / tcp

-1399940268 | 2025-03-10T10:20:44.883532

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9446 / tcp

-1737707071 | 2025-03-18T17:09:54.826685

\x00b\x00\x01\x00\x00\x00\x00x\x0b\x00\x00\x00\x00z\x00437

9447 / tcp

1504401647 | 2025-03-29T19:06:50.910424

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

9455 / tcp

639175818 | 2025-03-28T11:46:20.638652

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

9480 / tcp

-1737707071 | 2025-03-15T01:03:16.135889

\x00b\x00\x01\x00\x00\x00\x00x\x0b\x00\x00\x00\x00z\x00437

9530 / tcp

1911457608 | 2025-03-27T13:58:21.195397

\x00[\x00\x00\x00\x00\x00\x00

9532 / tcp

819727972 | 2025-03-28T00:03:03.843234

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9682 / tcp

-1399940268 | 2025-03-25T01:21:53.640430

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9761 / tcp

-1399940268 | 2025-03-04T07:18:19.835201

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9779 / tcp

819727972 | 2025-03-25T17:10:57.546322

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9797 / tcp

165188539 | 2025-03-20T16:39:51.824060

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9888 / tcp

-441419608 | 2025-03-03T20:24:14.279316

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

9898 / tcp

1320285193 | 2025-03-13T22:00:26.484132

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

9902 / tcp

-1297953727 | 2025-03-10T12:05:44.402257

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

9939 / tcp

2143387245 | 2025-03-10T16:10:59.756498

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

9943 / tcp

1712606111 | 2025-03-19T09:47:39.434496

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1282_PSzqstdxyw34_8689-21922

9944 / tcp

2087396567 | 2025-03-18T06:41:47.254251

kjnkjabhbanc283ubcsbhdc72

9990 / tcp

504717326 | 2025-03-11T05:20:57.878475

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 5 1

9998 / tcp

-328903379 | 2025-03-14T01:14:21.398984

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2516_PStwtbTPE1rg71_39907-39996

9999 / tcp

1161309183 | 2025-03-26T17:33:51.833249

ProxyServer is ready

10000 / tcp

-971970408 | 2025-03-13T01:22:41.359837

10024 / tcp

-1473669891 | 2025-03-12T16:22:04.411441

\\x00[\'(\\xc0\\xa8X\\xfd

10030 / tcp

-1730858130 | 2025-03-15T18:40:42.901223

RFB 003.008
VNC:
  Protocol Version: 3.8

10039 / tcp

-1399940268 | 2025-03-18T10:26:57.602909

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10043 / tcp

-1399940268 | 2025-03-20T18:38:22.718293

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10050 / tcp

-971970408 | 2025-03-12T11:35:10.952539

10051 / tcp

-1261090339 | 2025-03-14T15:00:06.865961

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

10066 / tcp

819727972 | 2025-03-17T18:10:09.756994

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

10134 / tcp

1519486042 | 2025-03-05T07:42:12.569736

<KU_goodbye>Protocol Error: XML data is not well-formed.</KU_goodbye>

10249 / tcp

1911457608 | 2025-03-19T21:52:15.853442

\x00[\x00\x00\x00\x00\x00\x00

10250 / tcp

398077695 | 2025-03-19T17:06:30.862185

10393 / tcp

1911457608 | 2025-03-18T04:03:00.770975

\x00[\x00\x00\x00\x00\x00\x00

10443 / tcp

1346577425 | 2025-03-15T02:10:18.207986

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Sat, 15 Mar 2025 02:10:18 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://203.119.175.229:443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

10533 / tcp

-375604792 | 2025-03-11T00:40:26.702990

220 Microsoft FTP Service

10909 / tcp

1492413928 | 2025-03-19T13:13:16.293688

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

11288 / tcp

1741579575 | 2025-03-28T08:53:34.716692

11300 / tcp

-2033111675 | 2025-03-23T07:19:39.430847

~djb

11481 / tcp

1396488228 | 2025-03-21T15:56:46.705662

HTTP/1.1 200 OK
Content-Length: 2037
Cache-Control: private, max-age=300
Content-Type: text/html

12000 / tcp

-446385447 | 2025-03-15T08:59:12.569100

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1efa_PS-CKG-01vQy48_16235-38870

12016 / tcp

-1399940268 | 2025-03-04T07:27:52.355644

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12101 / tcp

-1399940268 | 2025-03-25T09:18:58.232529

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12105 / tcp

-1139539254 | 2025-03-19T14:40:10.612272

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

12107 / tcp

-1839934832 | 2025-03-22T08:38:42.782945

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

12111 / tcp

1282941221 | 2025-03-04T13:32:58.542838

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

12116 / tcp

-1996280214 | 2025-03-16T22:17:39.967246

\x06\x04\x05@

12133 / tcp

-1399940268 | 2025-03-23T17:54:39.815284

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12134 / tcp

-1327660293 | 2025-03-17T23:16:11.039622

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12139 / tcp

1911457608 | 2025-03-15T14:08:44.569516

\x00[\x00\x00\x00\x00\x00\x00

12140 / tcp

1911457608 | 2025-03-18T22:01:16.858311

\x00[\x00\x00\x00\x00\x00\x00

12143 / tcp

819727972 | 2025-03-27T16:22:02.325760

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12146 / tcp

2121220663 | 2025-03-24T04:21:18.333143

SSH-58-Ingrian_SSH\r\n

12168 / tcp

1543809371 | 2025-03-03T20:55:01.285605

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

12176 / tcp

-375604792 | 2025-03-10T02:59:40.696112

220 Microsoft FTP Service

12206 / tcp

-2031152423 | 2025-03-18T20:34:14.098218

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

12213 / tcp

-1399940268 | 2025-03-14T23:29:14.452112

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12257 / tcp

205347087 | 2025-02-28T19:41:39.849644

SSH-25453-Cisco-3524665.35\n

12258 / tcp

205347087 | 2025-03-14T00:20:08.869968

SSH-25453-Cisco-3524665.35\n

12265 / tcp

-147424911 | 2025-03-10T23:11:39.342870

HTTP/1.1 404 Not Found
Content Length: 0

12271 / tcp

-653033013 | 2025-03-18T19:35:56.177229

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

12273 / tcp

-457235091 | 2025-03-05T16:25:31.900340

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

12297 / tcp

165188539 | 2025-03-09T13:12:00.959503

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12315 / tcp

-358801646 | 2025-03-12T11:18:51.527190

SSH-2.0-OpenSSH_6.6.1

12326 / tcp

165188539 | 2025-03-12T03:00:01.460947

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12332 / tcp

-2017887953 | 2025-03-16T20:19:23.851603

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

12336 / tcp

1426971893 | 2025-03-25T07:57:05.911396

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

12345 / tcp

296364507 | 2025-03-23T10:02:50.905577

HTTP/1.1 500 Internal Server Error
SERVER: Trend Chip UPnP/1.0 DMS
CONNECTION: close
CONTENT-LENGTH: 60
CONTENT-TYPE: text/html

12347 / tcp

819727972 | 2025-03-22T18:38:37.095259

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12361 / tcp

1911457608 | 2025-03-26T12:09:04.152829

\x00[\x00\x00\x00\x00\x00\x00

12363 / tcp

-1428621233 | 2025-03-27T18:55:12.948399

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

12376 / tcp

819727972 | 2025-03-20T03:13:34.166844

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12405 / tcp

1763259671 | 2025-03-21T22:56:16.838506

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

12434 / tcp

632542934 | 2025-03-03T19:45:35.694215

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

12437 / tcp

820958131 | 2025-03-28T05:35:41.858451

kjnkjabhbanc283ubcsbhdc72\x02

12451 / tcp

1632932802 | 2025-03-15T17:59:04.419910

12473 / tcp

-904840257 | 2025-03-16T22:21:26.241538

572 Relay not authorized\r\n

12476 / tcp

-2096652808 | 2025-03-10T18:13:53.788025

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12483 / tcp

-1399940268 | 2025-03-12T02:29:33.938374

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12493 / tcp

-1399940268 | 2025-03-19T20:10:56.460275

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12500 / tcp

-2089734047 | 2025-03-24T17:51:44.190885

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12532 / tcp

-1399940268 | 2025-03-08T18:39:04.011478

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12533 / tcp

819727972 | 2025-03-16T18:03:33.050385

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12548 / tcp

-1713437100 | 2025-03-26T06:30:58.220338

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

12566 / tcp

1975288991 | 2025-03-16T22:29:47.151584

OPTI

12571 / tcp

1911457608 | 2025-03-24T21:50:55.746840

\x00[\x00\x00\x00\x00\x00\x00

12572 / tcp

-980525298 | 2025-03-27T23:51:49.624351

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12574 / tcp

-1327660293 | 2025-03-08T21:39:53.186940

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12575 / tcp

819727972 | 2025-03-28T02:23:54.720367

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12580 / tcp

-784071826 | 2025-03-19T20:29:12.096540

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

12587 / tcp

-1399940268 | 2025-03-26T22:33:56.342860

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

13047 / tcp

-1839934832 | 2025-03-11T22:15:45.154576

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

14147 / tcp

1911457608 | 2025-03-08T19:27:07.514720

\x00[\x00\x00\x00\x00\x00\x00

14344 / tcp

1911457608 | 2025-03-16T00:47:01.484367

\x00[\x00\x00\x00\x00\x00\x00

14443 / tcp

819727972 | 2025-03-18T06:05:10.084402

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

14875 / tcp

-1699556818 | 2025-03-18T04:14:29.135512

\x01remshd: Kerberos Authentication not enabled.\n

15038 / tcp

165188539 | 2025-02-28T23:25:27.146553

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

15042 / tcp

1308377066 | 2025-03-14T10:33:07.419773

ncacn_http/1.0

15443 / tcp

2087396567 | 2025-03-14T04:11:24.491137

kjnkjabhbanc283ubcsbhdc72

16001 / tcp

-1428621233 | 2025-02-28T05:14:10.696487

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

16013 / tcp

1282941221 | 2025-03-08T16:22:39.152757

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

16020 / tcp

-653033013 | 2025-03-19T15:45:23.612835

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

16021 / tcp

1519486042 | 2025-03-11T17:07:51.995508

<KU_goodbye>Protocol Error: XML data is not well-formed.</KU_goodbye>

16025 / tcp

321971019 | 2025-03-03T21:31:56.892889

-ERR client ip is not in whitelist\r

16044 / tcp

819727972 | 2025-03-14T21:49:23.810294

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

16045 / tcp

1911457608 | 2025-03-27T06:02:46.095385

\x00[\x00\x00\x00\x00\x00\x00

16058 / tcp

-2046514463 | 2025-03-04T21:35:56.219600

AB\x01\t

16069 / tcp

-146605374 | 2025-03-29T02:02:11.473341

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

16097 / tcp

820958131 | 2025-03-26T03:16:41.696490

kjnkjabhbanc283ubcsbhdc72\x02

16404 / tcp

1830187220 | 2025-03-11T12:07:16.835646

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

16464 / tcp

1830187220 | 2025-03-20T23:09:35.568071

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

16993 / tcp

1996932384 | 2025-03-22T12:44:41.987492

"raop" nonce

17773 / tcp

-1713437100 | 2025-03-19T03:23:29.627374

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

17776 / tcp

-1399940268 | 2025-03-24T03:11:19.087051

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18028 / tcp

-1032713145 | 2025-03-25T18:27:48.443946

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

18037 / tcp

117101543 | 2025-03-19T16:55:00.981170

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

18080 / tcp

-358801646 | 2025-03-29T01:05:31.425662

SSH-2.0-OpenSSH_6.6.1

18081 / tcp

-971970408 | 2025-03-26T20:00:52.314031

18082 / tcp

1991883981 | 2025-03-27T17:42:21.413982

B\x00\x00\x00\xc3\xbfn\x04Too many connections

18091 / tcp

937756010 | 2025-03-23T18:28:29.422678

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x01\x00\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

18096 / tcp

1208318993 | 2025-03-28T11:36:21.780463

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

18104 / tcp

1615193817 | 2025-03-29T03:35:55.782959

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

18108 / tcp

366084633 | 2025-03-12T19:56:36.843052

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

18225 / tcp

-339084706 | 2025-03-16T15:41:54.833919

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

18245 / tcp

707919486 | 2025-03-25T03:00:40.772138

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

18264 / tcp

-1746074029 | 2025-03-29T03:44:00.332465

101 imqbroker =unV\r\n

18443 / tcp

-2096652808 | 2025-03-28T19:44:10.161545

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

19443 / tcp

1370263973 | 2025-03-11T03:37:31.471910

dubbo>

20053 / tcp

1996932384 | 2025-03-20T11:18:30.277194

"raop" nonce

20090 / tcp

-904840257 | 2025-03-24T02:32:49.440708

572 Relay not authorized\r\n

20150 / tcp

-1810987450 | 2025-03-14T04:18:28.860201

\xc3\xbf

20256 / tcp

103159425 | 2025-03-25T00:49:52.278832

SSH-1.99-RGOS_SSH

20547 / tcp

-971970408 | 2025-03-23T23:32:02.577836

21001 / tcp

1911457608 | 2025-03-12T19:46:46.806402

\x00[\x00\x00\x00\x00\x00\x00

21002 / tcp

819727972 | 2025-03-21T17:14:48.791199

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

21025 / tcp

2087396567 | 2025-03-25T06:06:23.549071

kjnkjabhbanc283ubcsbhdc72

21084 / tcp

-2089734047 | 2025-03-25T15:59:00.392382

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

21232 / tcp

-2046514463 | 2025-03-20T19:21:30.273639

AB\x01\t

21246 / tcp

1975288991 | 2025-03-09T12:00:46.967042

OPTI

21260 / tcp

-1399940268 | 2025-03-10T08:49:51.417920

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21284 / tcp

-616720387 | 2025-03-16T07:51:17.331054

SSH-2.0-SSHD_0.7.6

21299 / tcp

398077695 | 2025-03-08T19:56:18.331336

21301 / tcp

-146605374 | 2025-03-05T13:28:05.188320

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

21315 / tcp

-1888448627 | 2025-03-23T22:28:20.957825

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

21319 / tcp

-1839934832 | 2025-03-22T17:18:50.624580

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

21324 / tcp

1189133115 | 2025-03-12T12:22:54.343855

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

21357 / tcp

-2089734047 | 2025-03-09T13:31:08.159892

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

21379 / tcp

-1114821551 | 2025-03-27T11:45:18.780915

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

22000 / tcp

-1013082686 | 2025-03-26T00:04:57.632444

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

22069 / tcp

2087396567 | 2025-03-25T00:48:31.176599

kjnkjabhbanc283ubcsbhdc72

22556 / tcp

-1399940268 | 2025-03-23T01:33:13.154895

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

22609 / tcp

-1329831334 | 2025-03-29T05:39:30.919601

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

23023 / tcp

-1059554316 | 2025-03-21T23:21:15.058380

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

23128 / tcp

-1888448627 | 2025-03-17T20:24:31.025469

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

23424 / tcp

-2107996212 | 2025-03-24T21:23:44.620574

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

24245 / tcp

1690634669 | 2025-03-14T13:18:41.757174

25001 / tcp

-1375131644 | 2025-03-28T00:15:18.182665

\x00[v\xc3\xbdC\x7f\x00\x00

25005 / tcp

-784071826 | 2025-03-16T20:49:11.011897

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

25105 / tcp

-2096652808 | 2025-03-22T19:33:57.520121

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

25565 / tcp

-1810987450 | 2025-03-28T10:55:37.385488

\xc3\xbf

25782 / tcp

-1327660293 | 2025-03-10T13:56:09.242885

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

27015 / tcp

-1036370807 | 2025-03-25T11:29:18.684986

JDWP-Handshake

27016 / tcp

751496153 | 2025-03-29T09:09:59.135545

* OK TeamXchange IMAP4rev1 server (otyUg) ready.

27036 / tcp

-527005584 | 2025-03-25T08:42:05.049384

/0 0 L
/0 0 HUH

28015 / tcp

1911457608 | 2025-03-26T02:59:19.290399

\x00[\x00\x00\x00\x00\x00\x00

28017 / tcp

2087396567 | 2025-03-24T14:55:57.493900

kjnkjabhbanc283ubcsbhdc72

28080 / tcp

-1428621233 | 2025-03-28T03:45:36.546173

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

29799 / tcp

1911457608 | 2025-03-11T23:43:14.072205

\x00[\x00\x00\x00\x00\x00\x00

30003 / tcp

1231376952 | 2025-03-11T12:13:50.821132

30017 / tcp

819727972 | 2025-03-20T00:57:14.670441

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

30022 / tcp

-438503381 | 2025-03-14T20:23:37.876233

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

30050 / tcp

1911457608 | 2025-03-20T23:15:11.745656

\x00[\x00\x00\x00\x00\x00\x00

30122 / tcp

-321444299 | 2025-03-11T03:05:53.177800

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

30222 / tcp

-971970408 | 2025-03-25T16:02:48.110365

30322 / tcp

-641479109 | 2025-03-24T12:46:34.294050

[xU-

30501 / tcp

-2089734047 | 2025-03-12T13:27:49.918212

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

30522 / tcp

1077013874 | 2025-03-26T05:05:43.920662

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

30622 / tcp

1996932384 | 2025-03-12T10:01:05.315805

"raop" nonce

30700 / tcp

1911457608 | 2025-03-21T20:25:48.527527

\x00[\x00\x00\x00\x00\x00\x00

30722 / tcp

841014058 | 2025-03-24T23:02:19.117651

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

30822 / tcp

819727972 | 2025-03-25T20:25:49.619816

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

31022 / tcp

1850902677 | 2025-03-24T11:47:36.670121

W!

31122 / tcp

-971970408 | 2025-03-25T16:41:26.085262

31222 / tcp

1690634669 | 2025-03-24T01:43:13.463211

31322 / tcp

2087396567 | 2025-03-09T15:19:50.811602

kjnkjabhbanc283ubcsbhdc72

31337 / tcp

-147424911 | 2025-03-24T21:54:55.787750

HTTP/1.1 404 Not Found
Content Length: 0

31380 / tcp

165188539 | 2025-03-08T20:30:44.554997

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

31443 / tcp

2087396567 | 2025-03-12T16:55:13.669427

kjnkjabhbanc283ubcsbhdc72

31522 / tcp

1741579575 | 2025-03-13T00:18:09.761222

31722 / tcp

2033888749 | 2025-03-12T20:29:47.927897

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

31822 / tcp

819727972 | 2025-03-12T07:19:45.106377

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

31922 / tcp

-746114901 | 2025-03-24T04:55:54.359297

[KpU

32102 / tcp

-1327660293 | 2025-03-22T07:53:11.206107

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

32222 / tcp

1850902677 | 2025-03-23T16:28:21.236867

W!

32322 / tcp

-2096652808 | 2025-03-16T13:55:55.102121

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

32522 / tcp

89282912 | 2025-03-22T04:15:04.212286

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto
col:SOAP, MKSDisplayProtocol:VNC , ,

32764 / tcp

1921398876 | 2025-03-21T22:32:32.565309

ÿý"
LinuxNode v06953 (ggfks)

login:

32922 / tcp

1975288991 | 2025-03-23T00:54:31.438950

OPTI

33222 / tcp

819727972 | 2025-03-19T23:15:01.564546

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

33322 / tcp

-1477838366 | 2025-03-22T06:58:06.604838

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

33422 / tcp

-1681927087 | 2025-03-19T16:07:09.304271

kjnkjabhbanc283ubcsbhdc72

33522 / tcp

1991883981 | 2025-03-20T12:54:12.239930

B\x00\x00\x00\xc3\xbfn\x04Too many connections

33622 / tcp

-2096652808 | 2025-03-21T04:51:17.466283

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

33722 / tcp

539065883 | 2025-03-18T03:16:51.123291

34122 / tcp

2087396567 | 2025-03-20T14:35:41.265359

kjnkjabhbanc283ubcsbhdc72

34222 / tcp

-1045760528 | 2025-03-20T00:33:34.821445

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

34225 / tcp

-1399940268 | 2025-03-09T21:39:28.475730

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

34322 / tcp

-314039103 | 2025-03-19T17:56:53.774661

Surnom.
Sorry, that nickname format is invalid.

34622 / tcp

366084633 | 2025-03-19T10:28:54.613205

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

34822 / tcp

320677201 | 2025-03-19T05:24:39.828732

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

34922 / tcp

1842524259 | 2025-03-18T18:54:43.683343

35000 / tcp

1308377066 | 2025-03-22T10:30:15.380489

ncacn_http/1.0

35022 / tcp

1741579575 | 2025-03-19T02:31:51.975410

35222 / tcp

-1641514916 | 2025-03-18T08:54:30.174665

* OK Merak 1dFUa2 IMAP4rev1

35322 / tcp

819727972 | 2025-03-04T04:28:53.153086

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

35422 / tcp

819727972 | 2025-03-18T22:20:52.741016

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

35522 / tcp

-375604792 | 2025-03-17T00:05:45.529261

220 Microsoft FTP Service

35622 / tcp

-2096652808 | 2025-03-04T11:30:31.161148

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

35722 / tcp

-319440554 | 2025-03-17T09:25:36.633850

35822 / tcp

-222277909 | 2025-03-17T16:50:11.961036

0@@

35922 / tcp

-2096652808 | 2025-03-16T20:22:54.460580

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

36022 / tcp

1208318993 | 2025-03-17T20:18:39.219134

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

36122 / tcp

-441419608 | 2025-03-13T08:58:11.209887

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

36222 / tcp

-1648456501 | 2025-03-17T18:33:52.597824

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

36422 / tcp

1082732927 | 2025-03-15T07:34:24.560306

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

36522 / tcp

1741579575 | 2025-02-28T20:16:42.305357

36622 / tcp

1332894250 | 2025-03-16T06:45:45.990742

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

36722 / tcp

-1760806421 | 2025-03-17T03:59:37.059695

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected

36822 / tcp

2087396567 | 2025-03-18T13:43:14.615133

kjnkjabhbanc283ubcsbhdc72

37022 / tcp

-971970408 | 2025-03-16T18:30:51.280353

37122 / tcp

-1729629024 | 2025-03-16T22:13:25.295759

101 imqbroker =unV

37222 / tcp

-1598265216 | 2025-03-14T18:35:45.742002

@RSYNCD: 31.0

37322 / tcp

-527005584 | 2025-03-16T11:46:32.591721

/0 0 L
/0 0 HUH

37422 / tcp

-1032713145 | 2025-03-15T11:41:27.275573

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

37522 / tcp

-971970408 | 2025-02-28T16:18:47.395046

37622 / tcp

2087396567 | 2025-03-16T01:06:58.279660

kjnkjabhbanc283ubcsbhdc72

37722 / tcp

2087396567 | 2025-03-16T00:01:49.377754

kjnkjabhbanc283ubcsbhdc72

37777 / tcp

-1399940268 | 2025-03-12T13:38:42.947814

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

37922 / tcp

-345718689 | 2025-03-18T00:44:05.858793

Vty password is not set.

38322 / tcp

-971970408 | 2025-03-15T12:53:39.698047

38333 / tcp

2087396567 | 2025-03-28T17:42:04.897321

kjnkjabhbanc283ubcsbhdc72

38822 / tcp

-971970408 | 2025-03-03T19:28:22.088955

38880 / tcp

-1888448627 | 2025-03-09T21:50:18.795509

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

38922 / tcp

-971970408 | 2025-03-13T14:14:18.419717

39022 / tcp

-1428621233 | 2025-03-13T19:51:57.833808

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

39422 / tcp

2087396567 | 2025-03-11T11:53:02.006276

kjnkjabhbanc283ubcsbhdc72

39722 / tcp

-1477838366 | 2025-03-05T03:44:28.997243

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

39822 / tcp

-438503381 | 2025-03-12T04:53:04.761968

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

40022 / tcp

2087396567 | 2025-03-09T09:54:09.416641

kjnkjabhbanc283ubcsbhdc72

40222 / tcp

2087396567 | 2025-03-04T09:45:43.979550

kjnkjabhbanc283ubcsbhdc72

40322 / tcp

1082732927 | 2025-03-08T20:21:34.203099

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

40522 / tcp

819727972 | 2025-03-04T06:13:17.305135

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

41022 / tcp

808560482 | 2025-03-08T22:04:36.324312

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP
 : USERID : UNIX : Cr8

41222 / tcp

-1839934832 | 2025-03-04T23:53:02.873340

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

41443 / tcp

-358801646 | 2025-03-28T05:25:01.221560

SSH-2.0-OpenSSH_6.6.1

41794 / tcp

-2096652808 | 2025-03-23T19:57:18.331253

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

42222 / tcp

660175493 | 2025-03-04T22:08:17.295408

42422 / tcp

-1900404274 | 2025-03-04T19:20:00.079321

Unknown command

42922 / tcp

-1648456501 | 2025-02-28T14:26:10.679462

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

44021 / tcp

307999478 | 2025-03-24T12:23:15.491524

unknown command \r\nunknown command \r\n

44320 / tcp

-1399940268 | 2025-03-28T17:31:35.361369

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

45005 / tcp

819727972 | 2025-03-16T14:18:01.992278

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

45668 / tcp

321971019 | 2025-03-06T09:31:44.238712

-ERR client ip is not in whitelist\r

45886 / tcp

-1399940268 | 2025-03-25T08:23:10.961866

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

46001 / tcp

165188539 | 2025-03-14T10:57:00.871701

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

47000 / tcp

321971019 | 2025-03-06T15:44:40.485533

-ERR client ip is not in whitelist\r

47922 / tcp

2087396567 | 2025-03-10T06:25:35.295037

kjnkjabhbanc283ubcsbhdc72

47989 / tcp

-1399940268 | 2025-03-26T22:37:25.807069

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

49080 / tcp

165188539 | 2025-03-28T20:05:13.306214

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

49153 / tcp

2087396567 | 2025-03-22T12:18:53.605156

kjnkjabhbanc283ubcsbhdc72

49501 / tcp

1911457608 | 2025-03-10T11:20:42.251191

\x00[\x00\x00\x00\x00\x00\x00

50000 / tcp

1794594071 | 2025-03-21T07:56:28.074619

[sÅÓ

50010 / tcp

819727972 | 2025-03-10T00:32:14.100133

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

50013 / tcp

819727972 | 2025-03-14T04:04:23.501795

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

50070 / tcp

2087396567 | 2025-03-28T10:40:38.721996

kjnkjabhbanc283ubcsbhdc72

50100 / tcp

819727972 | 2025-03-27T10:17:32.280148

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

50103 / tcp

1426971893 | 2025-03-05T04:59:51.923704

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

50777 / tcp

321971019 | 2025-03-19T05:32:24.731625

-ERR client ip is not in whitelist\r

51004 / tcp

-1399940268 | 2025-03-11T06:44:50.900664

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

51106 / tcp

-154107716 | 2025-03-29T20:40:26.654368

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

51443 / tcp

-952165951 | 2025-03-28T14:12:59.309823

AB

52022 / tcp

2087396567 | 2025-03-06T23:49:41.429368

kjnkjabhbanc283ubcsbhdc72

53400 / tcp

-1399940268 | 2025-03-24T20:26:27.708139

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

54922 / tcp

819727972 | 2025-03-07T10:10:22.751221

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

55000 / tcp

632542934 | 2025-03-25T14:11:09.896717

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

55422 / tcp

1741579575 | 2025-03-06T16:54:42.784001

55442 / tcp

897328069 | 2025-03-20T19:42:33.502530

220 mail.scott000.com ESMTP

55443 / tcp

2087396567 | 2025-03-15T23:19:04.039195

kjnkjabhbanc283ubcsbhdc72

55553 / tcp

1082732927 | 2025-03-18T18:22:01.781124

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

55554 / tcp

632542934 | 2025-03-22T00:25:56.152894

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

55722 / tcp

1741579575 | 2025-03-06T18:37:36.359633

57622 / tcp

-321444299 | 2025-03-06T08:46:13.468681

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

57722 / tcp

-1611764932 | 2025-03-06T07:10:35.426273

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

57822 / tcp

-971970408 | 2025-03-06T05:21:25.793356

57922 / tcp

2087396567 | 2025-03-06T03:37:25.274954

kjnkjabhbanc283ubcsbhdc72

58392 / tcp

321971019 | 2025-03-22T16:58:52.551895

-ERR client ip is not in whitelist\r

58422 / tcp

-971970408 | 2025-03-05T20:39:49.171901

58822 / tcp

-1476017887 | 2025-03-05T15:55:01.148030

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

58922 / tcp

1991883981 | 2025-03-05T14:56:13.049617

B\x00\x00\x00\xc3\xbfn\x04Too many connections

59322 / tcp

2087396567 | 2025-03-05T06:53:57.532476

kjnkjabhbanc283ubcsbhdc72

61616 / tcp

504717326 | 2025-03-13T18:20:12.208216

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 6 1

61619 / tcp

1911457608 | 2025-03-22T16:45:50.721319

\x00[\x00\x00\x00\x00\x00\x00

62078 / tcp

-860824904 | 2025-03-28T19:37:31.652563

\x00\x01)

63210 / tcp

819727972 | 2025-03-24T17:55:45.058012

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

63256 / tcp

751496153 | 2025-03-25T02:01:22.067699

* OK TeamXchange IMAP4rev1 server (otyUg) ready.

63257 / tcp

-358801646 | 2025-03-11T14:01:44.817826

SSH-2.0-OpenSSH_6.6.1

63260 / tcp

1911457608 | 2025-03-28T22:24:24.545667

\x00[\x00\x00\x00\x00\x00\x00

203.119.175.229

Last Seen: 2025-03-29

Tags:

GeneralInformation

OpenPorts

11 / tcp 2087396567 | 2025-03-19T08:08:36.882551

13 / tcp 1286504516 | 2025-03-12T10:58:56.929801

15 / tcp 1911457608 | 2025-03-09T22:44:28.275440

17 / tcp -1784271535 | 2025-03-24T18:42:13.004108

23 / tcp 164764193 | 2025-03-15T07:14:01.846224

25 / tcp 669849225 | 2025-03-11T00:39:03.064275

26 / tcp -2017887953 | 2025-03-25T00:17:57.708787

43 / tcp -971970408 | 2025-03-23T07:26:53.142050

49 / tcp 588096080 | 2025-03-29T07:41:54.639609

53 / tcp 1369632081 | 2025-03-19T23:46:20.847679

80 / tcp -1613702026 | 2025-03-20T15:50:38.414243

Hashes

92 / tcp 819727972 | 2025-03-13T16:13:54.103870

102 / tcp -1019343788 | 2025-03-05T10:10:05.220826

104 / tcp 820958131 | 2025-03-05T11:32:10.742058

113 / tcp -1845554491 | 2025-03-10T09:28:47.706442

119 / tcp 141730637 | 2025-03-28T10:25:36.992090

135 / tcp 1040118286 | 2025-03-11T02:34:19.681669

179 / tcp -399606100 | 2025-03-19T17:56:30.250750

180 / tcp 165188539 | 2025-03-13T01:34:23.317025

195 / tcp -1881409212 | 2025-03-08T14:35:54.868681

211 / tcp 1623746877 | 2025-02-28T18:03:29.536880

221 / tcp 455076604 | 2025-03-22T11:58:28.052935

263 / tcp 1911457608 | 2025-03-23T20:10:12.516153

264 / tcp -1547821026 | 2025-03-10T23:16:26.423224

311 / tcp 1975288991 | 2025-03-16T18:03:18.246687

385 / tcp -1888448627 | 2025-03-23T16:33:49.864152

389 / tcp -1743283776 | 2025-03-24T12:27:02.492964

443 / tcp -1898805192 | 2025-03-25T16:35:05.046651

Hashes

444 / tcp 819727972 | 2025-03-28T20:39:42.266966

513 / tcp 819727972 | 2025-03-22T18:07:41.716529

515 / tcp -1013082686 | 2025-03-11T20:06:35.353386

548 / tcp -1769206458 | 2025-03-18T23:40:41.520685

554 / tcp 378628610 | 2025-03-23T18:14:46.487580

593 / tcp -1407711311 | 2025-03-09T16:30:28.087687

602 / tcp -1059554316 | 2025-03-22T21:35:22.936623

646 / tcp -1600864159 | 2025-03-17T15:10:54.699716

666 / tcp 1300162323 | 2025-03-28T15:09:47.697391

689 / tcp -1487943323 | 2025-03-19T18:40:43.917953

771 / tcp 1332894250 | 2025-03-23T14:58:26.170018

832 / tcp 321971019 | 2025-03-03T21:35:44.048293

833 / tcp -1399940268 | 2025-03-08T22:40:14.379467

888 / tcp -262532376 | 2025-03-11T22:16:28.401224

902 / tcp 1956828827 | 2025-03-20T13:02:53.788878

992 / tcp -936692830 | 2025-03-05T17:52:32.665170

993 / tcp -1899074860 | 2025-03-27T21:18:19.475005

995 / tcp 689999346 | 2025-03-06T04:05:11.660581

1022 / tcp 819727972 | 2025-03-09T09:54:21.439870

1023 / tcp -1681927087 | 2025-03-23T17:33:05.877992

1025 / tcp -345718689 | 2025-03-18T02:19:28.874788

1099 / tcp 2063598737 | 2025-03-22T08:29:54.371289

1153 / tcp 819727972 | 2025-03-24T18:28:20.831765

1177 / tcp 339872247 | 2025-03-18T13:26:39.365449

1200 / tcp 819727972 | 2025-03-05T00:37:19.578411

1234 / tcp 1015654041 | 2025-03-27T02:17:40.607593

1337 / tcp 1842524259 | 2025-03-12T16:04:15.453097

1366 / tcp -980525298 | 2025-03-24T21:37:11.171699

1414 / tcp -1399940268 | 2025-03-20T21:41:36.105188

1433 / tcp 637263328 | 2025-02-28T18:48:20.349883

1459 / tcp -1399940268 | 2025-03-29T13:33:50.156205

1460 / tcp 1543809371 | 2025-03-24T18:41:08.268285

1521 / tcp -1184558916 | 2025-03-20T01:56:06.192801

1599 / tcp 2087396567 | 2025-03-13T15:15:47.755570

1604 / tcp 1880683805 | 2025-03-18T23:51:38.925588

1650 / tcp 1308377066 | 2025-03-25T17:24:30.320382

1723 / tcp -1608241410 | 2025-03-26T00:41:46.596964

1800 / tcp 2063598737 | 2025-03-12T02:36:04.979955

1883 / tcp 1636811864 | 2025-03-15T00:20:26.801052

1911 / tcp -2031152423 | 2025-03-11T14:37:52.618476

1926 / tcp 339872247 | 2025-03-17T16:49:04.217949

1952 / tcp -1399940268 | 2025-03-18T17:11:25.689317

1962 / tcp -1327660293 | 2025-03-28T23:31:58.777715

1964 / tcp 632542934 | 2025-03-18T12:31:01.032433

1972 / tcp -1641514916 | 2025-03-14T10:47:43.699018

11 / tcp

2087396567 | 2025-03-19T08:08:36.882551

13 / tcp

1286504516 | 2025-03-12T10:58:56.929801

15 / tcp

1911457608 | 2025-03-09T22:44:28.275440

17 / tcp

-1784271535 | 2025-03-24T18:42:13.004108

23 / tcp

164764193 | 2025-03-15T07:14:01.846224

25 / tcp

669849225 | 2025-03-11T00:39:03.064275

26 / tcp

-2017887953 | 2025-03-25T00:17:57.708787

43 / tcp

-971970408 | 2025-03-23T07:26:53.142050

49 / tcp

588096080 | 2025-03-29T07:41:54.639609

53 / tcp

1369632081 | 2025-03-19T23:46:20.847679

80 / tcp

-1613702026 | 2025-03-20T15:50:38.414243

92 / tcp

819727972 | 2025-03-13T16:13:54.103870

102 / tcp

-1019343788 | 2025-03-05T10:10:05.220826

104 / tcp

820958131 | 2025-03-05T11:32:10.742058

113 / tcp

-1845554491 | 2025-03-10T09:28:47.706442

119 / tcp

141730637 | 2025-03-28T10:25:36.992090

135 / tcp

1040118286 | 2025-03-11T02:34:19.681669

179 / tcp

-399606100 | 2025-03-19T17:56:30.250750

180 / tcp

165188539 | 2025-03-13T01:34:23.317025

195 / tcp

-1881409212 | 2025-03-08T14:35:54.868681

211 / tcp

1623746877 | 2025-02-28T18:03:29.536880

221 / tcp

455076604 | 2025-03-22T11:58:28.052935

263 / tcp

1911457608 | 2025-03-23T20:10:12.516153

264 / tcp

-1547821026 | 2025-03-10T23:16:26.423224

311 / tcp

1975288991 | 2025-03-16T18:03:18.246687

385 / tcp

-1888448627 | 2025-03-23T16:33:49.864152

389 / tcp

-1743283776 | 2025-03-24T12:27:02.492964

443 / tcp

-1898805192 | 2025-03-25T16:35:05.046651

444 / tcp

819727972 | 2025-03-28T20:39:42.266966

513 / tcp

819727972 | 2025-03-22T18:07:41.716529

515 / tcp

-1013082686 | 2025-03-11T20:06:35.353386

548 / tcp

-1769206458 | 2025-03-18T23:40:41.520685

554 / tcp

378628610 | 2025-03-23T18:14:46.487580

593 / tcp

-1407711311 | 2025-03-09T16:30:28.087687

602 / tcp

-1059554316 | 2025-03-22T21:35:22.936623

646 / tcp

-1600864159 | 2025-03-17T15:10:54.699716

666 / tcp

1300162323 | 2025-03-28T15:09:47.697391

689 / tcp

-1487943323 | 2025-03-19T18:40:43.917953

771 / tcp

1332894250 | 2025-03-23T14:58:26.170018

832 / tcp

321971019 | 2025-03-03T21:35:44.048293

833 / tcp

-1399940268 | 2025-03-08T22:40:14.379467

888 / tcp

-262532376 | 2025-03-11T22:16:28.401224

902 / tcp

1956828827 | 2025-03-20T13:02:53.788878

992 / tcp

-936692830 | 2025-03-05T17:52:32.665170

993 / tcp

-1899074860 | 2025-03-27T21:18:19.475005

995 / tcp

689999346 | 2025-03-06T04:05:11.660581

1022 / tcp

819727972 | 2025-03-09T09:54:21.439870

1023 / tcp

-1681927087 | 2025-03-23T17:33:05.877992

1025 / tcp

-345718689 | 2025-03-18T02:19:28.874788

1099 / tcp

2063598737 | 2025-03-22T08:29:54.371289

1153 / tcp

819727972 | 2025-03-24T18:28:20.831765

1177 / tcp

339872247 | 2025-03-18T13:26:39.365449

1200 / tcp

819727972 | 2025-03-05T00:37:19.578411

1234 / tcp

1015654041 | 2025-03-27T02:17:40.607593

1337 / tcp

1842524259 | 2025-03-12T16:04:15.453097

1366 / tcp

-980525298 | 2025-03-24T21:37:11.171699

1414 / tcp

-1399940268 | 2025-03-20T21:41:36.105188

1433 / tcp

637263328 | 2025-02-28T18:48:20.349883

1459 / tcp

-1399940268 | 2025-03-29T13:33:50.156205

1460 / tcp

1543809371 | 2025-03-24T18:41:08.268285

1521 / tcp

-1184558916 | 2025-03-20T01:56:06.192801

1599 / tcp

2087396567 | 2025-03-13T15:15:47.755570

1604 / tcp

1880683805 | 2025-03-18T23:51:38.925588

1650 / tcp

1308377066 | 2025-03-25T17:24:30.320382

1723 / tcp

-1608241410 | 2025-03-26T00:41:46.596964

1800 / tcp

2063598737 | 2025-03-12T02:36:04.979955

1883 / tcp

1636811864 | 2025-03-15T00:20:26.801052

1911 / tcp

-2031152423 | 2025-03-11T14:37:52.618476

1926 / tcp

339872247 | 2025-03-17T16:49:04.217949

1952 / tcp

-1399940268 | 2025-03-18T17:11:25.689317

1962 / tcp

-1327660293 | 2025-03-28T23:31:58.777715

1964 / tcp

632542934 | 2025-03-18T12:31:01.032433

1972 / tcp

-1641514916 | 2025-03-14T10:47:43.699018

2000 / tcp

-1399940268 | 2025-03-19T17:39:23.616094

2001 / tcp

1911457608 | 2025-03-27T06:22:27.797807

2002 / tcp

819727972 | 2025-03-18T03:59:23.092384

2003 / tcp

819727972 | 2025-03-27T04:53:57.983374

2008 / tcp

-952165951 | 2025-03-24T01:10:50.941673

2063 / tcp

709622286 | 2025-03-20T03:49:45.012556

2067 / tcp

-1399940268 | 2025-03-17T22:45:20.930512