GeneralInformation

Country	China
City	Zhangjiakou
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2024(1)

CVE-2024-6387

8.1A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(2)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

2019(4)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(3)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

2017(1)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(4)

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(1)

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

17 19 21 23 25 49 53 66 70 79 90 93 97 102 104 111 119 135 139 175 177 195 264 389 443 444 447 462 465 488 513 515 541 548 587 636 666 771 789 853 888 990 992 995 1000 1012 1023 1025 1026 1063 1099 1103 1153 1200 1234 1337 1414 1433 1443 1452 1515 1521 1599 1604 1723 1800 1801 1883 1926 1953 1981 2000 2003 2008 2066 2067 2077 2087 2090 2100 2222 2232 2271 2327 2332 2345 2352 2353 2376 2404 2455 2558 2563 2628 2762 2985 3001 3004 3015 3050 3052 3063 3097 3104 3124 3131 3135 3142 3159 3160 3167 3168 3179 3185 3186 3260 3268 3269 3299 3301 3306 3310 3402 3531 3549 3551 3580 3590 3780 3790 3910 4000 4021 4022 4040 4150 4157 4165 4242 4282 4321 4333 4401 4433 4434 4436 4443 4444 4459 4500 4505 4506 4523 4543 4786 4840 4899 4949 5001 5006 5009 5010 5025 5123 5201 5222 5235 5255 5268 5269 5435 5543 5602 5606 5672 5673 5905 5916 5920 5938 5986 6000 6001 6021 6070 6102 6379 6464 6503 6505 6556 6560 6600 6633 6666 6667 6688 6697 7016 7018 7071 7100 7331 7415 7434 7443 7473 7510 7548 7634 7777 7788 7878 7900 8001 8045 8051 8055 8057 8081 8083 8087 8089 8097 8099 8107 8115 8119 8131 8139 8140 8147 8148 8157 8158 8171 8172 8181 8192 8200 8238 8241 8250 8315 8333 8385 8388 8414 8445 8450 8454 8484 8500 8514 8521 8528 8545 8554 8560 8575 8600 8630 8702 8724 8728 8807 8820 8823 8825 8834 8845 8859 8867 8868 8875 8877 8880 8912 8969 8980 9000 9004 9010 9042 9047 9091 9092 9095 9100 9108 9110 9123 9126 9129 9155 9163 9182 9188 9189 9202 9205 9206 9214 9215 9305 9306 9307 9308 9333 9345 9376 9418 9443 9507 9600 9696 9700 9761 9779 9861 9876 9885 9898 9943 9997 9998 9999 10000 10003 10006 10009 10015 10023 10024 10033 10036 10051 10086 10093 10134 10205 10249 10250 10554 10894 10909 11000 11112 11288 11300 11401 11601 11602 12000 12101 12107 12134 12155 12156 12157 12163 12164 12168 12170 12172 12173 12175 12177 12184 12192 12210 12214 12216 12219 12228 12230 12231 12239 12255 12260 12267 12280 12311 12345 12346 12396 12425 12429 12444 12446 12451 12457 12463 12465 12471 12480 12490 12503 12504 12507 12513 12517 12534 12541 12546 12562 12582 12584 12585 12588 12589 12601 13380 14147 14330 14344 14407 14443 14523 14897 15001 15504 15831 16016 16024 16071 16074 16077 16103 16443 16464 16831 16993 17102 18028 18040 18042 18050 18057 18062 18066 18067 18081 18093 18096 18100 18107 18245 18443 18553 19776 19902 19930 20000 20440 20880 20894 21083 21244 21260 21272 21285 21289 21294 21295 21306 21319 22103 22206 22703 24245 25001 25002 25003 25005 25010 25565 26657 27015 27017 28015 28080 28443 28818 30002 30006 30009 30022 30101 30120 30122 30422 30522 30622 30701 30922 31443 31444 31522 31722 31822 32102 32122 32222 32322 32522 32622 32764 33022 33122 33322 33422 33522 33622 33722 33822 33922 34022 34222 34322 34422 34522 34622 34822 35122 35251 35422 35722 36122 36222 36622 37022 37122 37215 37222 37322 37622 37777 37822 38122 38222 38522 38622 38822 39222 39422 39622 39922 40022 40622 40722 41522 41800 41922 42235 42422 43322 43422 43622 44301 44310 44340 44520 44722 44818 44922 45222 45322 45522 45555 45622 45666 45888 45922 46122 46222 46322 46422 47222 47322 47522 47622 47822 47990 48002 48322 48422 48622 48722 48822 48889 48922 49121 49122 49443 49501 49688 49722 50000 50101 50112 50122 50522 50580 50622 50922 52010 52022 52822 53122 53490 53806 54984 55422 55442 55443 55553 55554 55622 55722 55822 57022 57522 57781 58222 58322 58422 58822 59322 59522 60001 60129 61613 61619 62078 63210 63256 63260 63443 64295 65004

17 / tcp

1944032451 | 2025-03-18T20:57:23.390890

K\\x02%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

19 / tcp

829384519 | 2025-03-13T21:07:28.589252

 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefg
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUV

21 / tcp

179309064 | 2025-03-10T05:09:24.151828

220 Microsoft FTP Service
530 User cannot log in.

23 / tcp

-2107996212 | 2025-03-20T18:34:50.030151

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

25 / tcp

1282941221 | 2025-03-14T00:00:36.724835

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

49 / tcp

-1101712668 | 2025-03-18T21:03:22.578875

\\x1e\xc3\x80\\x010\\x02\xc2\xa8\xc3\xa3

53 / tcp

1308081026 | 2025-03-20T16:23:10.720224

9
\x81\x80\x00\x01\x00\x02\x00\x00\x00\x00\x08clients1\x06google\x03com\x00\x00\x01\x00\x01\xc0\x00\x05\x00\x01\x00\x00\x00<\x00\x07clients\x01l\xc0\x15\xc01\x00\x01\x00\x01\x00\x00\x00R\x00\x04\xac٣.
\x00\x06\x81\x05\x00\x01\x00\x00\x00\x00\x00\x00\x

66 / tcp

-1888448627 | 2025-03-15T07:04:28.619578

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

70 / tcp

-1967791998 | 2025-03-15T07:08:21.061221

HTTP/1.1 401 Unauthorized
Server: mini_httpd/1.19 19dec2003
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=%s
Connection: close

79 / tcp

-1770051369 | 2025-03-05T04:31:59.763692

421 too many connections

90 / tcp

-1399940268 | 2025-03-13T21:23:14.914009

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

93 / tcp

1948301213 | 2025-03-17T06:25:26.541749

RFB 003.003
VNC:
  Protocol Version: 3.3

97 / tcp

1761482307 | 2025-02-27T21:44:35.093732

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

102 / tcp

-1399940268 | 2025-03-21T06:53:32.747701

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

104 / tcp

819727972 | 2025-03-18T15:41:48.380927

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

111 / tcp

1187188851 | 2025-03-20T21:57:33.041931

Portmap
Program	Version	Protocol	Port

119 / tcp

141730637 | 2025-03-09T21:59:55.232759

HTTP/1.0 200 OK
Server: Proxy

135 / tcp

-1729522695 | 2025-03-11T06:51:45.771264

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: DESKTOP-BFAHJ06\n IP2: 192.168.3.8\n IP3: 172.29.96.1\n IP4: 172.19.80.1\n\nNTLMSSP:\nTarget_Name: DESKTOP-BFAHJ06\nProduct_Version: 10.0.19041 Ntlm 15\nOS: Windows 10, Version 2004/Windows Server, Version 2004\nNetBIOS_Domain_Name: DESKTOP-BFAHJ06\nNetBIOS_Computer_Name: DESKTOP-BFAHJ06\nDNS_Domain_Name: DESKTOP-BFAHJ06\nDNS_Computer_Name: DESKTOP-BFAHJ06\nSystem_Time: 2024-01-22 04:05:47 +0000 UTC\n\nDCERP

139 / tcp

1067489153 | 2025-02-23T23:36:34.855988

Version: 6.1Build 0\nTarget Name : LYM-NAS\n

175 / tcp

-1428621233 | 2025-03-12T04:07:30.926013

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

177 / tcp

-1327660293 | 2025-03-09T23:35:30.248242

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

195 / tcp

-1399940268 | 2025-03-17T14:37:55.343794

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

264 / tcp

1672388472 | 2025-02-21T21:13:42.753190

CheckPoint\nFirewall Host: ADAPCN156FW02\nSmartCenter Host: adluprdfwmgt01..zjz4qa\\x00\n

389 / tcp

-1639129386 | 2025-03-05T17:47:42.017733

0%\\x02\\x01\\x01a \n\\x010\\x04\\x00\\x04\\x19anonymous bind disallowed

443 / tcp

187705409 | 2025-02-24T21:52:33.413786

Versions\xef\xbc\x9a39,43,46,50\nQUIC Protocol\t\\x89\\xc1\\x9c\\x1c*\\xff\\xfc\\xf1Q039Q043Q046Q050\\xff\\x00\\x00\\x1b\\xff\\x00\\x00\\x1d\\x00\\x00\\x00\\x01\\xfa\\xfa\\xfa\\xfa

444 / tcp

366084633 | 2025-03-18T03:34:55.402920

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

447 / tcp

580340387 | 2025-03-15T14:19:20.000147

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

462 / tcp

15018106 | 2025-03-12T19:08:11.048237

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

465 / tcp

897328069 | 2025-03-12T20:39:20.317834

220 mail.scott000.com ESMTP

488 / tcp

1911457608 | 2025-03-16T15:08:30.740132

\x00[\x00\x00\x00\x00\x00\x00

513 / tcp

1353260875 | 2025-03-06T09:22:23.251600

\x00[g\xc2\x95N\x7f\x00\x00

515 / tcp

539065883 | 2025-02-21T07:15:57.584161

541 / tcp

-269727450 | 2025-03-15T06:02:29.053130

\\x16\\x03\\x01\\x01K\\x01\\x00\\x01G\\x03\\x03\\xa1\\xb0\\xcf\\xc9\\xc2X\\x037P\\xe0\\x8d\\xd7\\x1d_N\\x87&\\xa7U.^\\x19_K\\x13\\xed\\xe9L|\n\\xec\\x9e -\\xc23\\x1e\\x94\\xb3\\xe6|\x0c\\xaco|\\xe1\xc6\xa5V\\xd0\\x1d\\xf7Uf<\\xabgV=)\\xf2\\x86\\xc4\\x18\x0c\\x00"\\x13\\x02\\x13\\x03\\x13\\x01\\x00k\\x00=\\xc00\\xc0,\\xc

548 / tcp

1445639302 | 2025-03-21T02:04:13.087948

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: DS218sikeer\nMachine Type: \\x0eNetatalk3.1.12\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: Cleartxt Passwrd\\x04,DHX2\t,DHCAST128\\x00\nServer Signature: 00000000008002000180030002800280

587 / tcp

-2064302381 | 2025-03-10T01:49:05.733298

220 JH0PR01CA0028.outlook.office365.com Microsoft ESMTP MAIL Service ready at Mon, 22 Jan 2024 06:31:27 +0000\r\n250-JH0PR01CA0028.outlook.office365.com Hello [*.*.*.*]\r\n250-SIZE 157286400\r\n250-PIPELINING\r\n250-DSN\r\n250-ENHANCEDSTATUSCODES\r\n250-STARTTLS\r\n250-8BITMIME\r\n250-BINARYMIME\r\n250-CHUNKING\r\n250 SMTPUTF8\r\n214-This server supports the following commands:\r\n214 HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH BDAT\r\n

636 / tcp

1239199743 | 2025-03-14T10:56:21.049840

HTTP/1.1 400 Bad Request
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 9-24676686-0 0NNN RT(1705910221170 116) q(-1 -1 -1 -1) r(0 -1) b1

666 / tcp

2098053533 | 2025-03-17T13:56:25.091242

HTTP/1.1 401 Unauthorized
Server: nginx/1.17.7
Content-Type: text/html
Connection: keep-alive

771 / tcp

897328069 | 2025-03-17T15:43:14.891029

220 mail.scott000.com ESMTP

789 / tcp

-1399940268 | 2025-03-18T21:04:18.387141

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

853 / tcp

1911457608 | 2025-03-11T21:30:56.865404

\x00[\x00\x00\x00\x00\x00\x00

888 / tcp

-972447056 | 2025-03-14T03:31:15.846793

HTTP/1.1 404 Not Found
Server: nginx
Content-Type: text/html
Connection: keep-alive

990 / tcp

-1644413930 | 2025-02-19T20:33:37.713050

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
Connection: close
Server: Nginx
Expires: 0
Pragma: no-cache
Cache-Control: no-cache
X-LANG: 1
X-Timezone: 0800
X-Timestamp: 1705910891
X-Arch: x86
X-Sysbit: x64
X-Enterprise: 0
X-Support-i18n: 0
X-Support-wifi: 0
Location: /login

992 / tcp

-936692830 | 2025-03-11T14:43:56.659026

HTTP/1.1 202 OK
Connection: Keep-Alive
Content-Type: text/html
Keep-Alive: timeout=15; max=19

995 / tcp

1685649979 | 2025-03-05T03:25:31.439979

+OK Dovecot ready.\r\n

1000 / tcp

-1399940268 | 2025-03-05T03:25:45.411547

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1012 / tcp

-339084706 | 2025-02-25T22:38:48.355385

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

1023 / tcp

-1461540015 | 2025-03-21T13:20:28.412996

audio 0 RTP/AVP 18 4 3 8 0 101
a

1025 / tcp

-2089734047 | 2025-02-26T13:22:17.332532

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1026 / tcp

-1399940268 | 2025-02-21T09:49:52.216606

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1063 / tcp

819727972 | 2025-03-17T00:07:15.371244

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1099 / tcp

-441419608 | 2025-03-14T07:40:38.563262

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

1103 / tcp

819727972 | 2025-02-23T09:39:06.564671

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1153 / tcp

1911457608 | 2025-03-14T14:24:58.285349

\x00[\x00\x00\x00\x00\x00\x00

1200 / tcp

1921398876 | 2025-03-10T05:39:12.935421

ÿý"
LinuxNode v06953 (ggfks)

login:

1234 / tcp

575925250 | 2025-03-17T16:54:58.455310

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

1337 / tcp

-222277909 | 2025-03-05T10:36:33.697364

0@@

1414 / tcp

819727972 | 2025-03-19T08:52:12.791382

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1433 / tcp

-325802316 | 2025-03-13T17:34:57.514572

MSSQL Server\nVersion: 134219767 (0x80007f7)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: PC-20150816MQOM\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: PC-20150816MQOM\nNetBIOS_Computer_Name: PC-20150816MQOM\nDNS_Domain_Name: PC-20150816MQOM\nDNS_Computer_Name: PC-20150816MQOM\nMsvAvFlags: 01000000\nSystem_Time: 2024-01-22 04:03:26 +0000 UTC\n\n

1443 / tcp

-1715152554 | 2025-03-10T11:41:28.339954

Hashes

hash

918336942

http.dom_hash

1239617585

http.html_hash

-1715152554

http.server_hash

1727046647

http.title_hash

-1828380909

302 Found

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Mon, 10 Mar 2025 11:41:28 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://39.103.172.104:443/

1452 / tcp

-801484042 | 2025-03-07T08:43:30.330366

ERR 27

1515 / tcp

-746114901 | 2025-03-20T13:54:23.812215

[KpU

1521 / tcp

-1184558916 | 2025-03-19T08:32:02.798128

Version:11.2.0.4.0\n"\\x00\\x00Y(DESCRIPTION=(TMP=)(VSNNUM=186647552)(ERR=1189)(ERROR_STACK=(ERROR=(CODE=1189)(EMFI=4))))

1599 / tcp

1690634669 | 2025-03-08T19:01:44.308364

1604 / tcp

1830697416 | 2025-03-10T17:39:17.444466

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

1723 / tcp

2064046231 | 2025-03-18T10:09:31.615268

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1c77_tb143_15913-45531

1800 / tcp

1332894250 | 2025-03-13T11:39:12.984175

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

1801 / tcp

-1299899661 | 2025-03-14T17:39:45.907904

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074\\x97W\\xcd[\\x98\\xc4\\x1aJ\\xa5\xd1\xbf\\xf9\\xbd\\xc7\\xce\\xfd92d3\\x10\\x01\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

1883 / tcp

722711397 | 2025-03-21T02:46:00.664299

\x00[M\xc3\xba\xc3\x9a\x7f\x00\x00

1926 / tcp

819727972 | 2025-02-22T04:14:20.494829

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1953 / tcp

1504401647 | 2025-03-21T00:19:19.694481

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

1981 / tcp

819727972 | 2025-03-19T12:10:56.655786

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2000 / tcp

-1399940268 | 2025-02-27T19:38:54.286981

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2003 / tcp

1911457608 | 2025-03-21T11:15:56.514426

\x00[\x00\x00\x00\x00\x00\x00

2008 / tcp

-971970408 | 2025-03-10T22:24:51.861862

2066 / tcp

504717326 | 2025-02-22T16:51:23.717280

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 5 1

2067 / tcp

1690634669 | 2025-03-18T17:56:04.788387

2077 / tcp

-2017887953 | 2025-03-16T15:49:41.851792

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

2087 / tcp

1690634669 | 2025-03-17T01:05:50.735981

2090 / tcp

366084633 | 2025-03-13T02:10:42.189671

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

2100 / tcp

632542934 | 2025-02-21T16:15:55.547368

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

2222 / tcp

-358801646 | 2025-03-18T16:29:45.612329

SSH-2.0-OpenSSH_6.6.1

2232 / tcp

-441419608 | 2025-02-28T01:06:45.027919

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

2271 / tcp

-1399940268 | 2025-03-16T18:24:58.942824

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2327 / tcp

-358801646 | 2025-03-18T10:56:05.208329

SSH-2.0-OpenSSH_6.6.1

2332 / tcp

1632932802 | 2025-03-04T14:17:26.415252

2345 / tcp

1911457608 | 2025-03-12T01:59:40.961778

\x00[\x00\x00\x00\x00\x00\x00

2352 / tcp

2143387245 | 2025-03-20T21:58:40.175304

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

2353 / tcp

-1399940268 | 2025-02-28T21:51:03.560210

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2376 / tcp

320677201 | 2025-02-27T16:13:38.344869

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

2404 / tcp

-1835475271 | 2025-03-06T16:55:48.115351

200 NOD32SS 99 (3318497116)\r\n

2455 / tcp

-314039103 | 2025-03-15T02:52:30.488040

Surnom.
Sorry, that nickname format is invalid.

2558 / tcp

1911457608 | 2025-03-21T04:32:51.922251

\x00[\x00\x00\x00\x00\x00\x00

2563 / tcp

1911457608 | 2025-03-12T01:43:06.162186

\x00[\x00\x00\x00\x00\x00\x00

2628 / tcp

2087396567 | 2025-03-12T14:43:02.783008

kjnkjabhbanc283ubcsbhdc72

2762 / tcp

740837454 | 2025-03-18T10:20:09.317498

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

2985 / tcp

103159425 | 2025-02-23T17:43:02.795771

SSH-1.99-RGOS_SSH

3001 / tcp

-2096652808 | 2025-03-18T20:44:07.648800

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

3004 / tcp

-1032713145 | 2025-02-25T18:50:21.161665

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

3015 / tcp

321971019 | 2025-02-24T20:26:36.808777

-ERR client ip is not in whitelist\r

3050 / tcp

1911457608 | 2025-03-20T12:32:27.236226

\x00[\x00\x00\x00\x00\x00\x00

3052 / tcp

-159371303 | 2025-03-12T21:30:18.196295

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae0811_zhyd34_13884-62039

3063 / tcp

-1059554316 | 2025-02-26T05:07:58.363780

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

3097 / tcp

-1399940268 | 2025-02-20T10:01:05.038344

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3104 / tcp

-1435414831 | 2025-02-20T17:50:23.238756

roku: ready\r\n

3124 / tcp

-2096652808 | 2025-02-26T19:20:04.260404

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

3131 / tcp

1911457608 | 2025-03-04T19:36:26.374032

\x00[\x00\x00\x00\x00\x00\x00

3135 / tcp

819727972 | 2025-02-19T17:37:49.543761

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

3142 / tcp

-2096652808 | 2025-02-20T17:14:15.793370

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

3159 / tcp

1308377066 | 2025-03-04T21:16:09.246485

ncacn_http/1.0

3160 / tcp

-1230049476 | 2025-03-08T22:10:22.522026

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

3167 / tcp

-122096153 | 2025-03-14T21:39:54.432821

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

3168 / tcp

-1227409554 | 2025-03-12T14:46:13.752830

HTTP/1.1 500 Internal Server Error
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

3179 / tcp

1308377066 | 2025-03-20T19:04:35.080127

ncacn_http/1.0

3185 / tcp

1911457608 | 2025-03-06T20:33:50.545433

\x00[\x00\x00\x00\x00\x00\x00

3186 / tcp

-1399940268 | 2025-03-20T07:35:14.749842

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3260 / tcp

-862070606 | 2025-02-25T17:07:15.243062

Login Response Success(0x0000)\nKey/Value Pairs\nAuthMethod=None\nTargetAlias=LIO Target\nTargetPortalGroupTag=1\n\n

3268 / tcp

198844676 | 2025-03-06T18:17:49.989402

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3269 / tcp

-1399940268 | 2025-03-17T03:35:15.444694

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3299 / tcp

1282941221 | 2025-03-19T12:17:42.859716

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

3301 / tcp

-1114821551 | 2025-03-10T18:26:55.356104

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

3306 / tcp

1047846045 | 2025-03-09T09:14:05.906201

H\\x00\\x00\\x01\\xffj\\x04Host \'*.*.*.*\' is not allowed to connect to this MariaDB server

3310 / tcp

1911457608 | 2025-03-20T07:05:49.450723

\x00[\x00\x00\x00\x00\x00\x00

3402 / tcp

-1733106930 | 2025-03-19T03:23:12.418283

Mysql Version: 5.6.50-log\nN\n5.6.50-log\x14(\nG5se"tGE\xc3\xbf\xc3\xb7-\x02\x7f\xc2\x80\x15cB^3$Zwh$wM[mysql_native_password

3531 / tcp

-653033013 | 2025-03-19T23:42:43.028380

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

3549 / tcp

1308377066 | 2025-03-15T15:18:53.969390

ncacn_http/1.0

3551 / tcp

198844676 | 2025-03-10T02:04:17.848644

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3580 / tcp

-1227409554 | 2025-03-10T17:38:58.077840

HTTP/1.1 500 Internal Server Error
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

3590 / tcp

50497985 | 2025-03-12T03:35:33.025241

\x00[\xc3\x88\xc3\x9dS\x7f\x00\x00

3780 / tcp

1690634669 | 2025-03-17T08:43:47.205025

3790 / tcp

-1248408558 | 2025-03-05T21:29:49.159494

220 MikroTik FTP server (MikroTik 6.44.3) ready

3910 / tcp

-1399940268 | 2025-02-20T20:52:42.271681

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4000 / tcp

-801484042 | 2025-03-06T06:42:30.691102

ERR 27

4021 / tcp

1911457608 | 2025-03-13T21:26:38.841233

\x00[\x00\x00\x00\x00\x00\x00

4022 / tcp

307999478 | 2025-03-17T08:01:43.753253

unknown command \r\nunknown command \r\n

4040 / tcp

-2118655245 | 2025-03-13T06:30:12.279478

Hashes

hash

1015654041

http.dom_hash

-2006505642

http.html_hash

-2118655245

HTTP/1.0 500 Internal Server Error
Content-Length: 20

4150 / tcp

-1888448627 | 2025-03-05T04:54:23.554306

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

4157 / tcp

599074451 | 2025-03-10T11:08:41.289441

msg

4165 / tcp

1911457608 | 2025-03-18T16:17:49.523451

\x00[\x00\x00\x00\x00\x00\x00

4242 / tcp

-1914158197 | 2025-03-16T10:09:48.297060

HTTP/1.1 500 Internal Server Error
Server: nginx/1.18.11011 (Ubuntu)
Content-Type: text/plain; charset=utf-8
Connection: close

4282 / tcp

-1872120160 | 2025-03-13T07:00:06.518889

">Application and Content Networking Software 3.9</a>)
</BODY><

4321 / tcp

-1250504565 | 2025-03-07T02:11:10.552672

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

4333 / tcp

-616720387 | 2025-03-11T19:06:10.495370

SSH-2.0-SSHD_0.7.6

4401 / tcp

669849225 | 2025-03-11T18:41:42.838247

SSH-98.60-SysaxSSH_81885..42\r\n

4433 / tcp

2087396567 | 2025-02-27T17:23:08.763211

kjnkjabhbanc283ubcsbhdc72

4434 / tcp

1741579575 | 2025-03-18T06:40:59.420457

4436 / tcp

819727972 | 2025-03-09T20:53:03.143734

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

4443 / tcp

-1060562267 | 2025-03-15T00:19:18.861725

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae29b6_PS-NKG-01Aqo82_2892-58968

4444 / tcp

89142341 | 2025-03-14T21:48:13.667046

\x05\x00\x00\x00\x0b\x08\x05\x1a\x00

4459 / tcp

1278527606 | 2025-03-08T15:36:17.583508

SSH-2.0-Teleport

4500 / tcp

-1399940268 | 2025-02-25T12:18:19.454692

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4505 / tcp

-1730858130 | 2025-02-28T22:06:57.901533

RFB 003.008
VNC:
  Protocol Version: 3.8

4506 / tcp

1996932384 | 2025-02-24T23:31:39.150668

"raop" nonce

4523 / tcp

165188539 | 2025-03-19T10:49:16.623889

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

4543 / tcp

-180163620 | 2025-03-20T14:34:35.790315

NPC Telnet permit one connection.\r\n But One connection() already keep alive.\r\nGood Bye !! \r\n

4786 / tcp

1011407350 | 2025-03-14T00:36:43.453766

* OK GroupWise IMAP4rev1 Server Ready\r\n

4840 / tcp

-2107996212 | 2025-03-13T08:56:33.185586

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

4899 / tcp

-1730858130 | 2025-03-14T09:42:34.657100

RFB 003.008
VNC:
  Protocol Version: 3.8

4949 / tcp

422524323 | 2025-03-20T22:09:51.657848

{
"Version": "3.4.18",
"VersionArray": [
3,
4,
18,
0
],
"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",
"OpenSSLVersion": "",
"SysInfo": "",
"Bits": 64,
"Debug": false,
"MaxObjectSize": 16777216
}

5001 / tcp

-971970408 | 2025-02-26T20:48:21.243547

5006 / tcp

-1900404274 | 2025-03-18T19:54:24.243423

Unknown command

5009 / tcp

1578202979 | 2025-03-20T21:04:48.141395

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1a4c_wdx37_19919-36152

5010 / tcp

819727972 | 2025-03-13T07:05:48.527695

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

5025 / tcp

-984990168 | 2025-02-23T23:06:39.980484


0ÿñ

5123 / tcp

-2089734047 | 2025-03-21T05:44:51.287417

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

5201 / tcp

-1329831334 | 2025-03-19T07:05:17.096758

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

5222 / tcp

819727972 | 2025-03-03T18:37:01.067243

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

5235 / tcp

1911457608 | 2025-03-17T10:38:51.584921

\x00[\x00\x00\x00\x00\x00\x00

5255 / tcp

-1327660293 | 2025-03-14T21:59:15.824111

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

5268 / tcp

-1399940268 | 2025-02-25T11:03:06.617340

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5269 / tcp

756886313 | 2025-02-19T19:55:56.429867

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html

5435 / tcp

-2096652808 | 2025-03-12T01:56:49.639412

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

5543 / tcp

-1399940268 | 2025-03-05T02:53:40.025056

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5602 / tcp

-1795027372 | 2025-03-17T15:43:42.029973

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

5606 / tcp

-1947777893 | 2025-03-19T01:05:06.349903

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

5672 / tcp

575925250 | 2025-03-16T02:05:54.584722

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

5673 / tcp

-1045760528 | 2025-02-24T05:12:23.197348

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

5905 / tcp

-1835475271 | 2025-02-24T05:52:06.144153

200 NOD32SS 99 (3318497116)\r\n

5916 / tcp

493955023 | 2025-02-26T19:03:03.621867

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

5920 / tcp

-1327660293 | 2025-02-26T16:31:54.211763

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

5938 / tcp

1911457608 | 2025-03-15T13:27:10.150091

\x00[\x00\x00\x00\x00\x00\x00

5986 / tcp

539065883 | 2025-03-19T20:38:12.845849

6000 / tcp

-2017887953 | 2025-03-06T05:58:18.966337

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 9 1

6001 / tcp

1615193817 | 2025-03-16T14:21:19.612769

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

6021 / tcp

-1399940268 | 2025-03-16T15:19:27.579092

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6070 / tcp

-1399940268 | 2025-03-10T21:36:33.888190

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6102 / tcp

-1746074029 | 2025-03-20T09:29:28.730823

101 imqbroker =unV\r\n

6379 / tcp

321971019 | 2025-03-18T17:35:50.456617

-ERR client ip is not in whitelist\r

6464 / tcp

-1399940268 | 2025-02-21T16:32:53.621631

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6503 / tcp

-122096153 | 2025-03-09T07:21:05.693021

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

6505 / tcp

-1329831334 | 2025-02-25T18:39:19.506949

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

6556 / tcp

1282941221 | 2025-02-24T17:49:09.440719

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

6560 / tcp

-1399940268 | 2025-02-19T19:20:39.418995

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6600 / tcp

819727972 | 2025-02-24T15:36:10.781273

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

6633 / tcp

1911457608 | 2025-03-19T23:25:43.215441

\x00[\x00\x00\x00\x00\x00\x00

6666 / tcp

4935895 | 2025-03-15T01:49:24.518131

HTTP/1.1 400 Bad Request
Server: CloudWAF

6667 / tcp

-1996280214 | 2025-03-07T16:55:07.174815

\x06\x04\x05@

6688 / tcp

921225407 | 2025-03-05T00:08:07.427062

\x00\x00\x00\x04\x00\x00\x00\x00\x00

6697 / tcp

819727972 | 2025-03-14T23:29:00.501235

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

7016 / tcp

1911457608 | 2025-03-04T21:37:56.866676

\x00[\x00\x00\x00\x00\x00\x00

7018 / tcp

-1230049476 | 2025-03-17T20:24:26.416957

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

7071 / tcp

745343730 | 2025-03-15T02:55:24.698161

220 smtp.qq.com Esmtp QQ Mail Server

7100 / tcp

1138325193 | 2025-03-19T14:32:26.829786

HTTP/1.1 400 Bad Request

7331 / tcp

740837454 | 2025-03-01T01:22:41.778889

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

7415 / tcp

1134517380 | 2025-03-15T12:32:23.560530

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

7434 / tcp

50497985 | 2025-03-17T23:33:54.110180

\x00[\xc3\x88\xc3\x9dS\x7f\x00\x00

7443 / tcp

1612309769 | 2025-03-15T21:32:08.279454

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae28e1_CS-000-01SZh112_7344-42222

7473 / tcp

-1611764932 | 2025-03-17T04:04:10.110444

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

7510 / tcp

-904840257 | 2025-03-18T20:26:59.762718

572 Relay not authorized\r\n

7548 / tcp

1842524259 | 2025-02-20T18:12:24.609322

7634 / tcp

104385780 | 2025-03-04T02:05:28.148090

ceph v2

7777 / tcp

1391945995 | 2025-03-15T06:29:38.117131

HTTP/1.1 403 Forbidden 
Content-Type: text/plain; charset=utf-8
Proxy-Authenticate: Basic realm=""

7788 / tcp

-441419608 | 2025-03-04T15:01:36.097881

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

7878 / tcp

1991883981 | 2025-02-24T18:04:46.119944

B\x00\x00\x00\xc3\xbfn\x04Too many connections

7900 / tcp

-303199180 | 2025-03-16T21:39:57.693274

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

8001 / tcp

2103111368 | 2025-03-16T18:19:05.958902

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8045 / tcp

671084391 | 2025-03-21T08:56:58.258972

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1700969050.361-w-waf06yzm

8051 / tcp

-358801646 | 2025-03-13T15:15:17.706923

SSH-2.0-OpenSSH_6.6.1

8055 / tcp

117101543 | 2025-03-15T21:21:59.835271

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

8057 / tcp

-345718689 | 2025-03-14T20:08:41.661172

Vty password is not set.

8081 / tcp

539065883 | 2025-03-15T01:51:56.835705

8083 / tcp

1996932384 | 2025-03-19T06:02:41.454651

"raop" nonce

8087 / tcp

398077695 | 2025-03-13T16:56:10.315984

8089 / tcp

-971970408 | 2025-03-12T01:00:42.991235

8097 / tcp

1308377066 | 2025-02-24T16:33:35.030217

ncacn_http/1.0

8099 / tcp

438715403 | 2025-03-18T17:28:47.224666

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2874_pingwangtong53_24882-28622

8107 / tcp

1363464823 | 2025-02-24T00:06:06.850126

\x00[|ox\x7f\x00\x00

8115 / tcp

-1399940268 | 2025-02-26T09:07:37.914088

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8119 / tcp

-1730858130 | 2025-03-12T05:54:51.123566

RFB 003.008
VNC:
  Protocol Version: 3.8

8131 / tcp

-2089734047 | 2025-02-25T18:30:07.182479

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8139 / tcp

2087396567 | 2025-03-14T00:15:49.026609

kjnkjabhbanc283ubcsbhdc72

8140 / tcp

2087396567 | 2025-03-16T21:17:07.736309

kjnkjabhbanc283ubcsbhdc72

8147 / tcp

-2107996212 | 2025-02-22T07:38:51.641622

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

8148 / tcp

-1399940268 | 2025-03-06T07:41:31.746658

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8157 / tcp

-1114821551 | 2025-03-11T17:28:09.389657

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

8158 / tcp

-1399940268 | 2025-03-15T15:34:40.760625

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8171 / tcp

-1399940268 | 2025-03-17T11:32:51.901370

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8172 / tcp

-1399940268 | 2025-03-09T06:58:26.460230

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8181 / tcp

-2096652808 | 2025-03-18T06:03:23.688900

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8192 / tcp

1317779273 | 2025-02-19T17:04:42.324232

HTTP/1.1 401 Unauthorized
Server: 2001639b-4d38-223a-b87-f9a82c7113c5
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=%s
Connection: close

8200 / tcp

618338916 | 2025-03-11T10:50:43.189685

HTTP/1.1 302 Found
Connection: Keep-Alive
Transfer-Encoding: chunked
Keep-Alive: timeout=20
Location: /cgi-bin/luci/

8238 / tcp

-1399940268 | 2025-03-20T10:32:45.496537

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8241 / tcp

1911457608 | 2025-03-12T13:30:08.550272

\x00[\x00\x00\x00\x00\x00\x00

8250 / tcp

-2089734047 | 2025-03-13T20:27:49.993555

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8315 / tcp

-441419608 | 2025-03-17T18:07:14.104684

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

8333 / tcp

-1300025046 | 2025-03-04T05:29:50.322612

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705941025.555-waf01bjtp3

8385 / tcp

-1399940268 | 2025-03-07T17:14:13.642365

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8388 / tcp

1308377066 | 2025-03-08T21:41:09.445756

ncacn_http/1.0

8414 / tcp

-1399940268 | 2025-02-28T08:21:29.794305

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8445 / tcp

819727972 | 2025-02-25T04:43:32.721249

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8450 / tcp

1623746877 | 2025-02-20T02:11:19.838023

500 Permission denied - closing connection.\r\n

8454 / tcp

1911457608 | 2025-03-11T20:45:42.535630

\x00[\x00\x00\x00\x00\x00\x00

8484 / tcp

819727972 | 2025-03-09T12:07:06.128237

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8500 / tcp

1529351907 | 2025-03-19T09:26:51.819883

HTTP/1.1 407 OK
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

please add white ip *.*.*.*

8514 / tcp

-1230049476 | 2025-03-11T09:04:16.225634

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

8521 / tcp

-1538260461 | 2025-03-14T02:15:21.634419

\x01\x00\x00\x00

8528 / tcp

2103111368 | 2025-03-06T08:13:13.522865

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8545 / tcp

819727972 | 2025-03-19T05:11:35.883766

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8554 / tcp

-1641514916 | 2025-03-18T05:53:06.986574

* OK Merak 1dFUa2 IMAP4rev1

8560 / tcp

-2107996212 | 2025-03-04T22:55:34.188473

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

8575 / tcp

-2107996212 | 2025-03-05T05:54:17.104561

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

8600 / tcp

589239353 | 2025-03-09T05:44:19.418280

HTTP/1.1 404 Not Found
Content-Type: text/html
Expires: 0
Cache-control: private

8630 / tcp

1911457608 | 2025-03-18T16:01:22.012933

\x00[\x00\x00\x00\x00\x00\x00

8702 / tcp

-122096153 | 2025-03-09T04:39:24.004939

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

8724 / tcp

-1399940268 | 2025-02-24T22:06:12.708053

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8728 / tcp

-2107996212 | 2025-03-08T12:57:55.528158

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

8807 / tcp

-358801646 | 2025-02-26T15:30:02.671515

SSH-2.0-OpenSSH_6.6.1

8820 / tcp

-2096652808 | 2025-03-14T19:30:12.528142

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8823 / tcp

-653033013 | 2025-03-13T17:05:14.607885

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

8825 / tcp

-1399940268 | 2025-02-21T05:10:36.748296

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8834 / tcp

-2107996212 | 2025-03-07T16:23:47.693180

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

8845 / tcp

1911457608 | 2025-03-06T20:21:25.610066

\x00[\x00\x00\x00\x00\x00\x00

8859 / tcp

119860953 | 2025-03-20T00:36:25.145829

* OK ArGoSoft Mail Server IMAP Module v.YW at

8867 / tcp

1623746877 | 2025-03-17T15:51:20.714080

500 Permission denied - closing connection.\r\n

8868 / tcp

1363464823 | 2025-03-08T12:06:23.299157

\x00[|ox\x7f\x00\x00

8875 / tcp

-2031152423 | 2025-02-21T21:08:13.526805

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

8877 / tcp

-1899074860 | 2025-03-16T22:23:23.929878

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

8880 / tcp

1996932384 | 2025-02-24T13:11:38.834113

"raop" nonce

8912 / tcp

-1399940268 | 2025-02-22T16:42:32.461397

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8969 / tcp

-1399940268 | 2025-03-12T05:34:04.292241

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8980 / tcp

-1019343788 | 2025-03-18T12:19:19.307293

W!\x00\x00\x00\x00

9000 / tcp

-2067028711 | 2025-02-28T11:31:03.569633

\x15\x03\x01\x00\x02\x02F

9004 / tcp

632542934 | 2025-03-13T05:26:14.547738

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

9010 / tcp

-1598265216 | 2025-03-12T17:44:17.863146

@RSYNCD: 31.0

9042 / tcp

819727972 | 2025-03-19T04:56:43.883820

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9047 / tcp

-1399940268 | 2025-02-20T16:24:37.624943

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9091 / tcp

1282941221 | 2025-03-21T11:27:59.437604

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

9092 / tcp

819727972 | 2025-03-17T03:50:13.455998

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9095 / tcp

-319440554 | 2025-03-18T03:07:14.923969

9100 / tcp

-1329831334 | 2025-03-19T14:53:56.545997

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

9108 / tcp

-1327660293 | 2025-03-19T19:59:29.765016

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

9110 / tcp

81614701 | 2025-03-19T10:09:15.041226

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

9123 / tcp

165188539 | 2025-03-21T06:01:24.536079

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9126 / tcp

-1428621233 | 2025-02-27T02:02:23.194545

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

9129 / tcp

1911457608 | 2025-03-15T22:54:09.032908

\x00[\x00\x00\x00\x00\x00\x00

9155 / tcp

-2096652808 | 2025-02-27T03:17:58.085728

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

9163 / tcp

819727972 | 2025-03-09T21:37:43.872208

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9182 / tcp

-1839934832 | 2025-03-05T22:23:30.069976

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

9188 / tcp

1541211644 | 2025-03-18T10:58:35.866890

[\xc2\xba\x7fs\x7f

9189 / tcp

1911457608 | 2025-03-14T13:40:41.501128

\x00[\x00\x00\x00\x00\x00\x00

9202 / tcp

-122096153 | 2025-03-14T20:14:41.263393

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

9205 / tcp

1504401647 | 2025-02-26T23:26:26.999059

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

9206 / tcp

401555314 | 2025-02-21T05:47:16.414472

NB[GFXjA^R

9214 / tcp

-616720387 | 2025-03-11T18:46:27.667787

SSH-2.0-SSHD_0.7.6

9215 / tcp

-616720387 | 2025-03-07T16:59:11.754788

SSH-2.0-SSHD_0.7.6

9305 / tcp

-441419608 | 2025-02-23T18:35:54.143637

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

9306 / tcp

-445721795 | 2025-03-15T23:01:46.708603

\x00[\xc3\xaed\x1a\x7f\x00\x00

9307 / tcp

-1248408558 | 2025-03-14T05:58:41.948839

220 MikroTik FTP server (MikroTik 6.44.3) ready

9308 / tcp

-1399940268 | 2025-03-16T05:05:06.293040

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9333 / tcp

401555314 | 2025-03-18T07:40:58.683934

NB[GFXjA^R

9345 / tcp

-784071826 | 2025-02-28T01:49:26.706506

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 5 1

9376 / tcp

-345718689 | 2025-03-20T09:50:00.949884

Vty password is not set.

9418 / tcp

1529351907 | 2025-02-24T09:16:27.229284

HTTP/1.1 407 OK
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

please add white ip *.*.*.*

9443 / tcp

2087396567 | 2025-02-26T15:58:09.433796

kjnkjabhbanc283ubcsbhdc72

9507 / tcp

-2017887953 | 2025-03-05T10:47:30.665467

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 9 1

9600 / tcp

-1730858130 | 2025-03-18T22:02:58.018610

RFB 003.008
VNC:
  Protocol Version: 3.8

9696 / tcp

1911457608 | 2025-03-11T16:44:41.330078

\x00[\x00\x00\x00\x00\x00\x00

9700 / tcp

-1148066627 | 2025-03-18T09:47:42.784905

\x00[\xc2\x84\xc2\x86\xc3\xb2\x7f\x00\x00

9761 / tcp

-2089734047 | 2025-02-27T07:35:59.496179

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9779 / tcp

165188539 | 2025-03-17T22:19:12.617210

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9861 / tcp

-2046514463 | 2025-02-25T20:16:16.098830

AB\x01\t

9876 / tcp

1127011450 | 2025-03-14T14:43:42.076526

HTTP/1.1 200 
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Accept-Ranges: bytes
Content-Type: text/html;charset=utf-8
Content-Language: en

9885 / tcp

1975288991 | 2025-03-16T21:28:29.376821

OPTI

9898 / tcp

1304012963 | 2025-02-25T19:50:39.263874

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: close

9943 / tcp

49504708 | 2025-02-28T10:31:58.234121

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705934624.751-s5jhg

9997 / tcp

669849225 | 2025-03-12T09:08:52.555378

SSH-98.60-SysaxSSH_81885..42\r\n

9998 / tcp

-328903379 | 2025-03-12T14:49:51.404586

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2516_PStwtbTPE1rg71_39907-39996

9999 / tcp

1161309183 | 2025-03-16T16:24:38.981257

ProxyServer is ready

10000 / tcp

2087396567 | 2025-02-19T21:41:24.483032

kjnkjabhbanc283ubcsbhdc72

10003 / tcp

-438503381 | 2025-03-05T03:09:35.330039

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

10006 / tcp

1426971893 | 2025-03-14T23:26:00.130057

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

10009 / tcp

-709267009 | 2025-02-25T22:47:42.680923

\\x00[\'\\x19\\xc0\\xa8X\\xfd

10015 / tcp

-1839934832 | 2025-02-20T17:28:55.283840

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

10023 / tcp

-2089734047 | 2025-03-12T00:44:41.425383

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

10024 / tcp

-1473669891 | 2025-03-20T02:35:42.774319

\\x00[\'(\\xc0\\xa8X\\xfd

10033 / tcp

1574088840 | 2025-02-23T13:28:46.995513

">Application and Content Networking Software 3.9</a>)\n</BODY><

10036 / tcp

1911457608 | 2025-03-19T20:42:18.744341

\x00[\x00\x00\x00\x00\x00\x00

10051 / tcp

1852418385 | 2025-03-14T15:38:53.001624

RTSP/1.0 453 Not Enough Bandwidth
Server: AirTunes/7l_wZ

10086 / tcp

-1399940268 | 2025-03-13T16:26:52.738430

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10093 / tcp

-1399940268 | 2025-03-08T13:38:55.626396

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10134 / tcp

-457235091 | 2025-03-19T16:01:09.298994

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

10205 / tcp

1911457608 | 2025-03-13T15:22:34.164151

\x00[\x00\x00\x00\x00\x00\x00

10249 / tcp

-2031152423 | 2025-03-05T22:41:15.224624

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

10250 / tcp

-1810987450 | 2025-03-21T13:32:18.840942

\xc3\xbf

10554 / tcp

-1681927087 | 2025-03-10T16:18:47.838806

kjnkjabhbanc283ubcsbhdc72

10894 / tcp

819727972 | 2025-03-09T21:59:54.963014

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

10909 / tcp

819727972 | 2025-03-20T00:16:25.792876

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

11000 / tcp

-146605374 | 2025-02-22T05:20:30.763510

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

11112 / tcp

-303199180 | 2025-03-08T19:33:28.427088

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

11288 / tcp

-1428621233 | 2025-03-04T01:40:41.215784

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

11300 / tcp

401555314 | 2025-03-05T20:48:24.012841

NB[GFXjA^R

11401 / tcp

580340387 | 2025-02-21T19:06:09.439270

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

11601 / tcp

45131230 | 2025-03-04T21:22:33.625880

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

11602 / tcp

1996932384 | 2025-03-17T21:45:34.936082

"raop" nonce

12000 / tcp

298695200 | 2025-03-13T13:46:27.164166

220 welcome to connecting FTP server\r\n

12101 / tcp

-1399940268 | 2025-03-11T18:07:24.784588

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12107 / tcp

-2096652808 | 2025-03-15T16:12:40.596766

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12134 / tcp

-1888448627 | 2025-03-16T10:00:04.288613

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12155 / tcp

819727972 | 2025-03-19T03:03:29.933596

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12156 / tcp

-1399940268 | 2025-02-25T10:04:11.464500

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12157 / tcp

1623746877 | 2025-03-11T23:46:23.933414

500 Permission denied - closing connection.\r\n

12163 / tcp

-1399940268 | 2025-03-17T17:34:42.004254

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12164 / tcp

-2033111675 | 2025-03-15T21:04:20.996905

~djb

12168 / tcp

1543809371 | 2025-03-12T12:31:55.703801

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

12170 / tcp

677934968 | 2025-02-28T08:42:11.306033

lm^)Q

12172 / tcp

-1399940268 | 2025-03-15T19:29:27.095212

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12173 / tcp

-146605374 | 2025-02-28T19:01:57.619807

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

12175 / tcp

-1399940268 | 2025-02-25T13:03:32.382738

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12177 / tcp

1492413928 | 2025-03-16T21:30:54.407269

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

12184 / tcp

-407828767 | 2025-03-16T04:52:07.084329

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

12192 / tcp

1911457608 | 2025-03-06T23:49:35.806648

\x00[\x00\x00\x00\x00\x00\x00

12210 / tcp

-2096652808 | 2025-03-04T19:09:45.418250

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12214 / tcp

-1399940268 | 2025-03-19T02:42:29.029016

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12216 / tcp

1911457608 | 2025-03-05T02:21:29.298443

\x00[\x00\x00\x00\x00\x00\x00

12219 / tcp

165188539 | 2025-02-28T03:56:58.856135

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12228 / tcp

-1327660293 | 2025-03-07T12:40:11.778590

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12230 / tcp

-2107996212 | 2025-02-28T15:31:13.037837

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

12231 / tcp

1911457608 | 2025-03-18T16:43:31.857031

\x00[\x00\x00\x00\x00\x00\x00

12239 / tcp

-1399940268 | 2025-02-26T13:16:45.356180

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12255 / tcp

1975288991 | 2025-03-17T17:48:10.437936

OPTI

12260 / tcp

-1986594217 | 2025-03-15T18:21:34.981506

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

12267 / tcp

1282941221 | 2025-02-20T17:02:07.502278

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

12280 / tcp

-1399940268 | 2025-03-08T16:27:09.391941

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12311 / tcp

320677201 | 2025-03-07T17:43:31.635075

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

12345 / tcp

296364507 | 2025-03-15T16:16:37.500354

HTTP/1.1 500 Internal Server Error
SERVER: Trend Chip UPnP/1.0 DMS
CONNECTION: close
CONTENT-LENGTH: 60
CONTENT-TYPE: text/html

12346 / tcp

-1261090339 | 2025-03-13T00:24:52.652087

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

12396 / tcp

-2033111675 | 2025-03-04T19:01:44.633570

~djb

12425 / tcp

819727972 | 2025-03-20T07:12:15.702713

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12429 / tcp

921225407 | 2025-02-25T22:37:26.295829

\x00\x00\x00\x04\x00\x00\x00\x00\x00

12444 / tcp

-445721795 | 2025-03-03T23:09:58.993330

\x00[\xc3\xaed\x1a\x7f\x00\x00

12446 / tcp

-288825733 | 2025-03-07T04:31:31.226878

HTTP/1.1 200 OK
Connection: close
Content-Length: 2619
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE
Content-Type: text/html
Server: Jetty(9.4.14.v20181114)
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

12451 / tcp

1911457608 | 2025-02-20T19:42:27.136827

\x00[\x00\x00\x00\x00\x00\x00

12457 / tcp

-2089734047 | 2025-02-24T01:02:28.418894

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12463 / tcp

1278527606 | 2025-03-21T12:33:01.901136

SSH-2.0-Teleport

12465 / tcp

493955023 | 2025-02-27T11:34:12.730889

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

12471 / tcp

165188539 | 2025-03-17T16:59:29.776266

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12480 / tcp

1911457608 | 2025-02-28T22:34:03.258668

\x00[\x00\x00\x00\x00\x00\x00

12490 / tcp

1911457608 | 2025-03-20T10:20:47.967398

\x00[\x00\x00\x00\x00\x00\x00

12503 / tcp

1282941221 | 2025-02-27T06:38:38.230562

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

12504 / tcp

1911457608 | 2025-02-24T06:35:09.937511

\x00[\x00\x00\x00\x00\x00\x00

12507 / tcp

-2046514463 | 2025-03-09T12:31:55.504474

AB\x01\t

12513 / tcp

1213931722 | 2025-03-05T19:45:02.775873

ICAP/1.0 501 Other\r\nServer: Traffic Spicer 7788179225\r\n

12517 / tcp

-1399940268 | 2025-03-19T01:38:48.965812

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12534 / tcp

-1730858130 | 2025-03-17T11:23:59.721645

RFB 003.008
VNC:
  Protocol Version: 3.8

12541 / tcp

-1626979812 | 2025-02-20T08:04:50.372591

220 Service ready for new user.

12546 / tcp

-303199180 | 2025-02-26T09:50:55.327034

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

12562 / tcp

-1810987450 | 2025-03-19T15:11:45.683927

\xc3\xbf

12582 / tcp

1948301213 | 2025-02-20T05:18:02.206556

RFB 003.003
VNC:
  Protocol Version: 3.3

12584 / tcp

819727972 | 2025-03-08T13:47:11.456728

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12585 / tcp

-1888448627 | 2025-02-22T23:07:26.560616

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12588 / tcp

-1013082686 | 2025-02-23T17:36:40.207524

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

12589 / tcp

597764502 | 2025-03-16T12:38:22.638323

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

12601 / tcp

-1230049476 | 2025-03-21T05:00:44.274577

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

13380 / tcp

819727972 | 2025-03-13T09:52:41.515291

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

14147 / tcp

165188539 | 2025-03-04T13:24:59.730217

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

14330 / tcp

632542934 | 2025-02-22T19:54:45.930125

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

14344 / tcp

165188539 | 2025-03-04T13:26:47.754312

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

14407 / tcp

-345718689 | 2025-03-09T16:36:25.066990

Vty password is not set.

14443 / tcp

51259122 | 2025-03-07T01:06:19.750193

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

14523 / tcp

-1099385124 | 2025-03-01T00:18:01.638988

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

14897 / tcp

-1888448627 | 2025-03-15T23:24:22.307476

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

15001 / tcp

-142686627 | 2025-03-10T18:26:53.407868

\x00[\xc2\xba\x7fs\x7f\x00\x00

15504 / tcp

-1399940268 | 2025-03-11T21:49:38.227707

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

15831 / tcp

1911457608 | 2025-03-06T20:03:01.511766

\x00[\x00\x00\x00\x00\x00\x00

16016 / tcp

-207478101 | 2025-03-07T16:53:59.740183

HTTP/1.0 400 Bad Request
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Expires: Sun, 26 Nov 2023 17:49:52 GMT
Connection: close

16024 / tcp

-2089734047 | 2025-03-12T19:47:33.877010

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

16071 / tcp

504717326 | 2025-03-06T07:15:31.352262

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 5 1

16074 / tcp

1615193817 | 2025-03-04T23:23:46.228677

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

16077 / tcp

1911457608 | 2025-02-23T10:12:05.590398

\x00[\x00\x00\x00\x00\x00\x00

16103 / tcp

-1399940268 | 2025-03-18T05:33:08.214702

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16443 / tcp

-1399940268 | 2025-02-28T17:09:14.285126

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16464 / tcp

-1839934832 | 2025-03-21T00:04:28.875231

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

16831 / tcp

165188539 | 2025-03-16T23:23:34.118631

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

16993 / tcp

-653033013 | 2025-02-20T00:42:41.975286

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

17102 / tcp

599074451 | 2025-02-27T03:01:51.632128

msg

18028 / tcp

-1399940268 | 2025-03-11T19:03:11.738223

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18040 / tcp

-1499459680 | 2025-02-22T20:57:15.161330

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65a1140c_PSfjfzdx2jw87_31669-32056

18042 / tcp

-445721795 | 2025-03-20T07:21:31.664259

\x00[\xc3\xaed\x1a\x7f\x00\x00

18050 / tcp

-358801646 | 2025-03-16T04:26:14.137699

SSH-2.0-OpenSSH_6.6.1

18057 / tcp

-2089734047 | 2025-03-15T02:30:07.709352

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

18062 / tcp

-1139539254 | 2025-03-16T05:41:42.190328

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

18066 / tcp

-1399940268 | 2025-03-09T09:25:55.108896

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18067 / tcp

632542934 | 2025-02-21T01:57:33.065839

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

18081 / tcp

819727972 | 2025-03-17T06:45:09.366936

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

18093 / tcp

-1399940268 | 2025-03-03T19:14:47.715975

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18096 / tcp

-1399940268 | 2025-03-16T12:21:08.610211

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18100 / tcp

740837454 | 2025-02-23T04:16:12.598292

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

18107 / tcp

-1399940268 | 2025-02-26T03:15:39.781924

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18245 / tcp

945910976 | 2025-02-25T07:35:52.759139

* OK TeamXchange IMAP4rev1 server (otyUg) ready.\r\n

18443 / tcp

-1399940268 | 2025-03-16T14:31:39.817614

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18553 / tcp

819727972 | 2025-03-14T13:29:13.334445

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

19776 / tcp

819727972 | 2025-03-17T03:57:21.113919

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

19902 / tcp

-1032713145 | 2025-03-13T06:31:15.920139

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

19930 / tcp

2087396567 | 2025-03-14T10:24:52.904398

kjnkjabhbanc283ubcsbhdc72

20000 / tcp

1900503736 | 2025-02-19T23:41:19.177087

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

20440 / tcp

-1279886438 | 2025-03-15T07:41:16.941330

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

20880 / tcp

1370263973 | 2025-03-16T19:58:46.827093

dubbo>

20894 / tcp

-1648456501 | 2025-02-20T18:47:00.687671

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

21083 / tcp

165188539 | 2025-02-26T09:24:56.042530

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

21244 / tcp

-1248408558 | 2025-03-19T22:37:24.848847

220 MikroTik FTP server (MikroTik 6.44.3) ready

21260 / tcp

-1399940268 | 2025-03-09T04:42:15.575642

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21272 / tcp

1989907056 | 2025-03-19T15:12:26.374693

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

21285 / tcp

-2089734047 | 2025-02-23T12:01:46.965914

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

21289 / tcp

-1013082686 | 2025-03-05T15:44:41.141894

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

21294 / tcp

-1399940268 | 2025-03-16T20:08:07.856712

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21295 / tcp

-1538260461 | 2025-02-27T11:46:50.894872

\x01\x00\x00\x00

21306 / tcp

1308377066 | 2025-03-16T06:55:45.034691

ncacn_http/1.0

21319 / tcp

1189133115 | 2025-02-21T03:14:56.242946

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

22103 / tcp

-1327660293 | 2025-02-28T23:52:34.026243

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

22206 / tcp

-2089734047 | 2025-03-19T15:19:19.255982

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

22703 / tcp

-1265999252 | 2025-02-19T15:32:11.397675

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

24245 / tcp

-1059554316 | 2025-03-14T13:46:21.541973

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

25001 / tcp

1911457608 | 2025-03-20T12:51:12.455694

\x00[\x00\x00\x00\x00\x00\x00

25002 / tcp

-1399940268 | 2025-03-15T16:02:33.955177

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

25003 / tcp

-2089734047 | 2025-03-06T16:55:45.870782

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

25005 / tcp

819727972 | 2025-03-16T20:45:44.992001

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

25010 / tcp

-358801646 | 2025-03-16T19:35:33.766585

SSH-2.0-OpenSSH_6.6.1

25565 / tcp

-1996280214 | 2025-02-22T21:19:23.937817

\x06\x04\x05@

26657 / tcp

-1730858130 | 2025-03-12T02:20:03.336538

RFB 003.008
VNC:
  Protocol Version: 3.8

27015 / tcp

-80321085 | 2025-03-19T02:59:36.430543

Command: None
Size: 1802398315
ID: 1751277930
Type: 1668178274

27017 / tcp

1763259671 | 2025-02-28T17:53:10.798807

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

28015 / tcp

1948301213 | 2025-03-21T12:10:17.004551

RFB 003.003
VNC:
  Protocol Version: 3.3

28080 / tcp

89282912 | 2025-03-11T00:27:20.270648

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto
col:SOAP, MKSDisplayProtocol:VNC , ,

28443 / tcp

-1888448627 | 2025-03-12T03:52:34.541714

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

28818 / tcp

1975288991 | 2025-03-13T11:12:16.101301

OPTI

30002 / tcp

-737567094 | 2025-02-22T00:56:41.432242

N
5.6.40-logÅTUNEgVX2
¢!xlB...

30006 / tcp

165188539 | 2025-02-24T22:00:20.683783

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

30009 / tcp

-1428621233 | 2025-02-24T13:43:50.726592

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

30022 / tcp

-971970408 | 2025-03-18T21:27:57.809514

30101 / tcp

632542934 | 2025-02-20T17:56:19.466726

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

30120 / tcp

2063598737 | 2025-03-19T04:10:18.303764

/0 0 L\r\n/0 0 HUH\r\n

30122 / tcp

2087396567 | 2025-03-19T20:26:48.520969

kjnkjabhbanc283ubcsbhdc72

30422 / tcp

-786044033 | 2025-03-13T11:37:27.450110

OK Welcome <299685> on DirectUpdate server 7286

30522 / tcp

2087396567 | 2025-03-12T16:48:57.371971

kjnkjabhbanc283ubcsbhdc72

30622 / tcp

-1097188123 | 2025-03-12T10:48:14.945779

[g\xc2\x95N\x7f

30701 / tcp

-1399940268 | 2025-03-14T03:19:50.385237

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

30922 / tcp

539065883 | 2025-03-12T09:30:06.963833

31443 / tcp

1911457608 | 2025-03-19T18:27:00.680223

\x00[\x00\x00\x00\x00\x00\x00

31444 / tcp

632542934 | 2025-03-09T10:11:20.491717

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

31522 / tcp

1996932384 | 2025-03-13T00:55:22.932006

"raop" nonce

31722 / tcp

1741579575 | 2025-03-12T21:37:33.936747

31822 / tcp

2087396567 | 2025-03-20T20:08:03.059317

kjnkjabhbanc283ubcsbhdc72

32102 / tcp

119860953 | 2025-03-09T13:23:02.103976

* OK ArGoSoft Mail Server IMAP Module v.YW at

32122 / tcp

-1441741890 | 2025-03-09T20:55:16.124267

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2
0181212])

32222 / tcp

-971970408 | 2025-03-09T07:23:13.998264

32322 / tcp

-1730858130 | 2025-03-09T18:27:46.436378

RFB 003.008
VNC:
  Protocol Version: 3.8

32522 / tcp

819727972 | 2025-03-08T17:07:44.451812

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

32622 / tcp

-2096652808 | 2025-03-11T19:23:54.616413

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

32764 / tcp

539065883 | 2025-03-18T11:33:19.121876

33022 / tcp

1541211644 | 2025-02-27T16:52:16.930381

[\xc2\xba\x7fs\x7f

33122 / tcp

60948681 | 2025-03-04T14:10:28.060935

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).

33322 / tcp

-1477838366 | 2025-02-23T17:27:59.344811

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

33422 / tcp

-893477759 | 2025-03-19T16:43:22.183035

!versionbind7 t{RPowerDNS Recursor 410

33522 / tcp

1082732927 | 2025-02-26T15:28:20.667248

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

33622 / tcp

1741579575 | 2025-03-08T19:28:29.729150

33722 / tcp

1542849631 | 2025-03-18T06:00:20.737819

* OK [CAPABILITY a2,M\] nBwXk2pPP IMAP4rev1 20qx at

33822 / tcp

2067064333 | 2025-03-18T11:07:53.826603

athinfod: invalid query.

33922 / tcp

398077695 | 2025-03-08T11:08:49.319270

34022 / tcp

1741579575 | 2025-03-20T17:26:02.304369

34222 / tcp

819727972 | 2025-03-20T02:03:33.259695

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

34322 / tcp

1286504516 | 2025-03-19T18:24:19.455666

CP2E Control Console
Connected to Host: gZI

34422 / tcp

-1900404274 | 2025-03-15T00:44:20.056879

Unknown command

34522 / tcp

1830187220 | 2025-03-19T11:21:34.384297

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

34622 / tcp

-1316491703 | 2025-03-19T09:43:33.684460

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready

34822 / tcp

842535728 | 2025-03-03T23:26:17.452402

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

35122 / tcp

819727972 | 2025-03-04T08:52:09.888449

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

35251 / tcp

-2089734047 | 2025-03-16T05:38:15.318222

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

35422 / tcp

819727972 | 2025-02-28T08:59:50.119082

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

35722 / tcp

50497985 | 2025-03-17T10:53:22.814472

\x00[\xc3\x88\xc3\x9dS\x7f\x00\x00

36122 / tcp

-1375131644 | 2025-03-13T09:53:26.931556

\x00[v\xc3\xbdC\x7f\x00\x00

36222 / tcp

233634112 | 2025-03-17T19:24:21.168996

SSH-98.60-SysaxSSH_81885..42

36622 / tcp

671605376 | 2025-03-16T08:01:33.228788

SSH-2.0-OpenSSH_X.X

37022 / tcp

-971970408 | 2025-03-16T19:26:03.389183

37122 / tcp

842535728 | 2025-03-16T23:05:06.620106

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

37215 / tcp

0 | 2025-03-19T05:44:32.039027

Hashes

hash

-119996482

http.dom_hash

http.html_hash

HTTP/1.1 408 Request Timeout
Content-Length: 0

37222 / tcp

-971970408 | 2025-03-14T20:27:55.205038

37322 / tcp

2087396567 | 2025-03-16T11:13:59.443811

kjnkjabhbanc283ubcsbhdc72

37622 / tcp

-971970408 | 2025-03-16T02:32:33.876963

37777 / tcp

-2089734047 | 2025-02-22T06:17:23.275691

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

37822 / tcp

2087396567 | 2025-03-14T02:44:53.008918

kjnkjabhbanc283ubcsbhdc72

38122 / tcp

539065883 | 2025-03-15T18:41:06.367334

38222 / tcp

2087396567 | 2025-03-11T17:54:30.110366

kjnkjabhbanc283ubcsbhdc72

38522 / tcp

-2031152423 | 2025-02-21T17:08:51.536056

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

38622 / tcp

-801484042 | 2025-03-14T09:46:41.600762

ERR 27

38822 / tcp

-1730858130 | 2025-03-03T20:34:35.557679

RFB 003.008
VNC:
  Protocol Version: 3.8

39222 / tcp

-1026951088 | 2025-03-13T16:51:44.885233

erro ip

39422 / tcp

2087396567 | 2025-02-20T18:04:34.324902

kjnkjabhbanc283ubcsbhdc72

39622 / tcp

104385780 | 2025-03-11T07:30:43.079521

ceph v2

39922 / tcp

1741579575 | 2025-02-26T17:12:04.929317

40022 / tcp

-746114901 | 2025-03-09T10:42:39.032041

[KpU

40622 / tcp

1741579575 | 2025-02-26T12:03:02.851172

40722 / tcp

-971970408 | 2025-03-08T15:08:23.109607

41522 / tcp

842535728 | 2025-03-04T21:12:14.937364

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

41800 / tcp

819727972 | 2025-03-05T17:52:24.028774

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

41922 / tcp

2087396567 | 2025-03-07T15:58:28.986249

kjnkjabhbanc283ubcsbhdc72

42235 / tcp

1911457608 | 2025-02-23T21:17:14.822146

\x00[\x00\x00\x00\x00\x00\x00

42422 / tcp

-1428621233 | 2025-03-04T19:53:09.138906

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

43322 / tcp

1282941221 | 2025-02-27T21:58:04.908248

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

43422 / tcp

-905685638 | 2025-02-27T20:36:54.191810

bxz437

43622 / tcp

957278843 | 2025-02-27T00:02:37.332687

[|ox

44301 / tcp

-1399940268 | 2025-03-11T19:16:35.382152

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

44310 / tcp

1996932384 | 2025-03-12T03:19:01.489787

"raop" nonce

44340 / tcp

408230060 | 2025-03-20T15:44:45.618561

\r\nSorry, that nickname format is invalid.\r\n

44520 / tcp

-1428621233 | 2025-03-16T00:05:32.945848

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

44722 / tcp

740837454 | 2025-02-26T05:13:21.943582

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

44818 / tcp

819727972 | 2025-03-14T10:10:55.706036

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

44922 / tcp

-1611764932 | 2025-02-26T04:12:30.650642

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

45222 / tcp

2087396567 | 2025-02-25T19:28:31.984935

kjnkjabhbanc283ubcsbhdc72

45322 / tcp

819727972 | 2025-02-25T17:41:31.283547

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

45522 / tcp

1620329124 | 2025-02-25T16:08:09.013803

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\x01\xc3\xbf\xc3\xbb\x03\xc3\xbf\xc3\xbd\x01\xc3\xbf\xc3\xbe\x01Username:

45555 / tcp

401555314 | 2025-03-20T02:41:29.840837

NB[GFXjA^R

45622 / tcp

819727972 | 2025-02-25T15:10:51.140966

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

45666 / tcp

1911457608 | 2025-03-20T21:28:57.975792

\x00[\x00\x00\x00\x00\x00\x00

45888 / tcp

-1730858130 | 2025-02-22T21:27:10.324536

RFB 003.008
VNC:
  Protocol Version: 3.8

45922 / tcp

660175493 | 2025-03-10T14:11:32.862233

46122 / tcp

-971970408 | 2025-02-24T13:54:55.680161

46222 / tcp

-2096652808 | 2025-02-24T22:51:44.797776

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

46322 / tcp

-154107716 | 2025-02-24T21:05:52.019678

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

46422 / tcp

-1230049476 | 2025-02-24T09:01:46.511261

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

47222 / tcp

-971970408 | 2025-02-23T20:53:45.669577

47322 / tcp

1741579575 | 2025-02-25T04:28:11.814811

47522 / tcp

2087396567 | 2025-02-25T10:02:07.225239

kjnkjabhbanc283ubcsbhdc72

47622 / tcp

-2096652808 | 2025-02-23T14:32:15.148375

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

47822 / tcp

2087396567 | 2025-03-10T09:04:23.513487

kjnkjabhbanc283ubcsbhdc72

47990 / tcp

-1559123399 | 2025-03-17T15:50:12.374319

500 Permission denied - closing connection.

48002 / tcp

-1399940268 | 2025-03-19T02:24:49.363249

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

48322 / tcp

1741579575 | 2025-03-10T03:24:28.735949

48422 / tcp

539065883 | 2025-03-10T00:20:32.590093

48622 / tcp

1308377066 | 2025-02-24T20:47:38.405641

ncacn_http/1.0

48722 / tcp

2087396567 | 2025-02-24T15:49:58.366316

kjnkjabhbanc283ubcsbhdc72

48822 / tcp

1842524259 | 2025-02-24T17:35:15.407390

48889 / tcp

103159425 | 2025-02-26T19:10:22.529227

SSH-1.99-RGOS_SSH

48922 / tcp

819727972 | 2025-02-24T14:08:58.585869

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

49121 / tcp

-904840257 | 2025-03-18T22:18:30.015543

572 Relay not authorized\r\n

49122 / tcp

-971970408 | 2025-02-21T06:21:36.145728

49443 / tcp

-1399940268 | 2025-02-21T03:57:30.254984

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

49501 / tcp

819727972 | 2025-02-26T19:09:11.140073

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

49688 / tcp

819727972 | 2025-03-16T23:44:47.445513

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

49722 / tcp

-1730858130 | 2025-02-22T22:13:37.688667

RFB 003.008
VNC:
  Protocol Version: 3.8

50000 / tcp

1463575827 | 2025-03-20T07:43:05.709554

[ÈÝS

50101 / tcp

-2089734047 | 2025-02-25T19:47:49.172623

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

50112 / tcp

-2089734047 | 2025-03-17T13:04:07.238346

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

50122 / tcp

-653033013 | 2025-02-20T02:56:42.470577

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

50522 / tcp

671605376 | 2025-02-21T23:27:19.541563

SSH-2.0-OpenSSH_X.X

50580 / tcp

-375604792 | 2025-03-16T04:58:31.634464

220 Microsoft FTP Service

50622 / tcp

539065883 | 2025-02-21T19:36:16.155387

50922 / tcp

1208318993 | 2025-02-21T16:12:12.310838

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

52010 / tcp

575925250 | 2025-03-10T16:10:03.965408

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

52022 / tcp

-786044033 | 2025-03-07T00:38:08.446144

OK Welcome <299685> on DirectUpdate server 7286

52822 / tcp

-485307777 | 2025-02-19T21:00:55.982462

HTTP/1.0 200 OK
Server: BigIP
Connection: Keep-Alive

53122 / tcp

660175493 | 2025-02-19T17:29:37.589071

53490 / tcp

1911457608 | 2025-03-18T17:01:44.938243

\x00[\x00\x00\x00\x00\x00\x00

53806 / tcp

-1399940268 | 2025-02-25T23:45:57.048069

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

54984 / tcp

660175493 | 2025-03-21T07:00:48.706895

55422 / tcp

1948301213 | 2025-03-06T17:44:46.507242

RFB 003.003
VNC:
  Protocol Version: 3.3

55442 / tcp

-971970408 | 2025-03-20T20:57:00.467194

55443 / tcp

291723434 | 2025-03-09T16:25:02.920390

Lantronix MSS100 Version V118/523(045538937)

Type HELP at the 'Local_61349> ' prompt for assistance.



Username>

55553 / tcp

104385780 | 2025-02-20T09:30:46.515103

ceph v2

55554 / tcp

-1032713145 | 2025-03-20T08:50:34.535357

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

55622 / tcp

-805362002 | 2025-03-06T16:01:19.561085

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

55722 / tcp

-358801646 | 2025-03-06T19:29:41.619000

SSH-2.0-OpenSSH_6.6.1

55822 / tcp

-1810987450 | 2025-03-06T21:35:08.550017

\xc3\xbf

57022 / tcp

1632932802 | 2025-03-06T14:24:17.683970

57522 / tcp

-1013082686 | 2025-03-06T13:00:23.817142

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

57781 / tcp

819727972 | 2025-03-17T17:25:18.869878

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

58222 / tcp

1282941221 | 2025-03-06T01:13:13.212744

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

58322 / tcp

-971970408 | 2025-03-05T23:13:43.256746

58422 / tcp

-409020351 | 2025-03-05T21:45:35.833193

NPC Telnet permit one connection.
 But One connection() already keep alive.
Good Bye !!

58822 / tcp

-1032713145 | 2025-03-05T16:21:50.348460

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

59322 / tcp

2143387245 | 2025-03-05T07:41:51.370475

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

59522 / tcp

103159425 | 2025-03-03T18:35:34.704280

SSH-1.99-RGOS_SSH

60001 / tcp

2087396567 | 2025-03-15T03:16:44.096311

kjnkjabhbanc283ubcsbhdc72

60129 / tcp

819727972 | 2025-03-16T20:18:29.769479

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

61613 / tcp

-122096153 | 2025-03-10T21:57:28.761440

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

61619 / tcp

1911457608 | 2025-03-12T13:45:31.445774

\x00[\x00\x00\x00\x00\x00\x00

62078 / tcp

-1113435755 | 2025-03-15T19:48:38.513319

/1.1 404 Not Found
Content Length: 0

63210 / tcp

1887224352 | 2025-03-16T09:22:09.060037

63256 / tcp

1632932802 | 2025-03-06T20:59:40.021038

63260 / tcp

-1013082686 | 2025-03-08T14:58:25.157957

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

63443 / tcp

819727972 | 2025-02-20T08:21:39.980319

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

64295 / tcp

-1598265216 | 2025-03-18T21:17:01.982186

@RSYNCD: 31.0

65004 / tcp

1642597142 | 2025-03-04T15:57:36.133737

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

39.103.172.104

Last Seen: 2025-03-21

Tags:

GeneralInformation

OpenPorts

17 / tcp 1944032451 | 2025-03-18T20:57:23.390890

19 / tcp 829384519 | 2025-03-13T21:07:28.589252

21 / tcp 179309064 | 2025-03-10T05:09:24.151828

23 / tcp -2107996212 | 2025-03-20T18:34:50.030151

25 / tcp 1282941221 | 2025-03-14T00:00:36.724835

49 / tcp -1101712668 | 2025-03-18T21:03:22.578875

53 / tcp 1308081026 | 2025-03-20T16:23:10.720224

66 / tcp -1888448627 | 2025-03-15T07:04:28.619578

70 / tcp -1967791998 | 2025-03-15T07:08:21.061221

79 / tcp -1770051369 | 2025-03-05T04:31:59.763692

90 / tcp -1399940268 | 2025-03-13T21:23:14.914009

93 / tcp 1948301213 | 2025-03-17T06:25:26.541749

97 / tcp 1761482307 | 2025-02-27T21:44:35.093732

102 / tcp -1399940268 | 2025-03-21T06:53:32.747701

104 / tcp 819727972 | 2025-03-18T15:41:48.380927

111 / tcp 1187188851 | 2025-03-20T21:57:33.041931

119 / tcp 141730637 | 2025-03-09T21:59:55.232759

135 / tcp -1729522695 | 2025-03-11T06:51:45.771264

139 / tcp 1067489153 | 2025-02-23T23:36:34.855988

175 / tcp -1428621233 | 2025-03-12T04:07:30.926013

177 / tcp -1327660293 | 2025-03-09T23:35:30.248242

195 / tcp -1399940268 | 2025-03-17T14:37:55.343794

264 / tcp 1672388472 | 2025-02-21T21:13:42.753190

389 / tcp -1639129386 | 2025-03-05T17:47:42.017733

443 / tcp 187705409 | 2025-02-24T21:52:33.413786

444 / tcp 366084633 | 2025-03-18T03:34:55.402920

447 / tcp 580340387 | 2025-03-15T14:19:20.000147

462 / tcp 15018106 | 2025-03-12T19:08:11.048237

465 / tcp 897328069 | 2025-03-12T20:39:20.317834

488 / tcp 1911457608 | 2025-03-16T15:08:30.740132

513 / tcp 1353260875 | 2025-03-06T09:22:23.251600

515 / tcp 539065883 | 2025-02-21T07:15:57.584161

541 / tcp -269727450 | 2025-03-15T06:02:29.053130

548 / tcp 1445639302 | 2025-03-21T02:04:13.087948

587 / tcp -2064302381 | 2025-03-10T01:49:05.733298

636 / tcp 1239199743 | 2025-03-14T10:56:21.049840

666 / tcp 2098053533 | 2025-03-17T13:56:25.091242

771 / tcp 897328069 | 2025-03-17T15:43:14.891029

789 / tcp -1399940268 | 2025-03-18T21:04:18.387141

853 / tcp 1911457608 | 2025-03-11T21:30:56.865404

888 / tcp -972447056 | 2025-03-14T03:31:15.846793

990 / tcp -1644413930 | 2025-02-19T20:33:37.713050

992 / tcp -936692830 | 2025-03-11T14:43:56.659026

995 / tcp 1685649979 | 2025-03-05T03:25:31.439979

1000 / tcp -1399940268 | 2025-03-05T03:25:45.411547

1012 / tcp -339084706 | 2025-02-25T22:38:48.355385

1023 / tcp -1461540015 | 2025-03-21T13:20:28.412996

1025 / tcp -2089734047 | 2025-02-26T13:22:17.332532

1026 / tcp -1399940268 | 2025-02-21T09:49:52.216606

1063 / tcp 819727972 | 2025-03-17T00:07:15.371244

1099 / tcp -441419608 | 2025-03-14T07:40:38.563262

1103 / tcp 819727972 | 2025-02-23T09:39:06.564671

1153 / tcp 1911457608 | 2025-03-14T14:24:58.285349

1200 / tcp 1921398876 | 2025-03-10T05:39:12.935421

1234 / tcp 575925250 | 2025-03-17T16:54:58.455310

1337 / tcp -222277909 | 2025-03-05T10:36:33.697364

1414 / tcp 819727972 | 2025-03-19T08:52:12.791382

1433 / tcp -325802316 | 2025-03-13T17:34:57.514572

1443 / tcp -1715152554 | 2025-03-10T11:41:28.339954

Hashes

1452 / tcp -801484042 | 2025-03-07T08:43:30.330366

1515 / tcp -746114901 | 2025-03-20T13:54:23.812215

1521 / tcp -1184558916 | 2025-03-19T08:32:02.798128

1599 / tcp 1690634669 | 2025-03-08T19:01:44.308364

1604 / tcp 1830697416 | 2025-03-10T17:39:17.444466

1723 / tcp 2064046231 | 2025-03-18T10:09:31.615268

1800 / tcp 1332894250 | 2025-03-13T11:39:12.984175

1801 / tcp -1299899661 | 2025-03-14T17:39:45.907904

1883 / tcp 722711397 | 2025-03-21T02:46:00.664299

1926 / tcp 819727972 | 2025-02-22T04:14:20.494829

1953 / tcp 1504401647 | 2025-03-21T00:19:19.694481

1981 / tcp 819727972 | 2025-03-19T12:10:56.655786

2000 / tcp -1399940268 | 2025-02-27T19:38:54.286981

2003 / tcp 1911457608 | 2025-03-21T11:15:56.514426

2008 / tcp -971970408 | 2025-03-10T22:24:51.861862

17 / tcp

1944032451 | 2025-03-18T20:57:23.390890

19 / tcp

829384519 | 2025-03-13T21:07:28.589252

21 / tcp

179309064 | 2025-03-10T05:09:24.151828

23 / tcp

-2107996212 | 2025-03-20T18:34:50.030151

25 / tcp

1282941221 | 2025-03-14T00:00:36.724835

49 / tcp

-1101712668 | 2025-03-18T21:03:22.578875

53 / tcp

1308081026 | 2025-03-20T16:23:10.720224

66 / tcp

-1888448627 | 2025-03-15T07:04:28.619578

70 / tcp

-1967791998 | 2025-03-15T07:08:21.061221

79 / tcp

-1770051369 | 2025-03-05T04:31:59.763692

90 / tcp

-1399940268 | 2025-03-13T21:23:14.914009

93 / tcp

1948301213 | 2025-03-17T06:25:26.541749

97 / tcp

1761482307 | 2025-02-27T21:44:35.093732

102 / tcp

-1399940268 | 2025-03-21T06:53:32.747701

104 / tcp

819727972 | 2025-03-18T15:41:48.380927

111 / tcp

1187188851 | 2025-03-20T21:57:33.041931

119 / tcp

141730637 | 2025-03-09T21:59:55.232759

135 / tcp

-1729522695 | 2025-03-11T06:51:45.771264

139 / tcp

1067489153 | 2025-02-23T23:36:34.855988

175 / tcp

-1428621233 | 2025-03-12T04:07:30.926013

177 / tcp

-1327660293 | 2025-03-09T23:35:30.248242

195 / tcp

-1399940268 | 2025-03-17T14:37:55.343794

264 / tcp

1672388472 | 2025-02-21T21:13:42.753190

389 / tcp

-1639129386 | 2025-03-05T17:47:42.017733

443 / tcp

187705409 | 2025-02-24T21:52:33.413786

444 / tcp

366084633 | 2025-03-18T03:34:55.402920

447 / tcp

580340387 | 2025-03-15T14:19:20.000147

462 / tcp

15018106 | 2025-03-12T19:08:11.048237

465 / tcp

897328069 | 2025-03-12T20:39:20.317834

488 / tcp

1911457608 | 2025-03-16T15:08:30.740132

513 / tcp

1353260875 | 2025-03-06T09:22:23.251600

515 / tcp

539065883 | 2025-02-21T07:15:57.584161

541 / tcp

-269727450 | 2025-03-15T06:02:29.053130

548 / tcp

1445639302 | 2025-03-21T02:04:13.087948

587 / tcp

-2064302381 | 2025-03-10T01:49:05.733298

636 / tcp

1239199743 | 2025-03-14T10:56:21.049840

666 / tcp

2098053533 | 2025-03-17T13:56:25.091242

771 / tcp

897328069 | 2025-03-17T15:43:14.891029

789 / tcp

-1399940268 | 2025-03-18T21:04:18.387141

853 / tcp

1911457608 | 2025-03-11T21:30:56.865404

888 / tcp

-972447056 | 2025-03-14T03:31:15.846793

990 / tcp

-1644413930 | 2025-02-19T20:33:37.713050

992 / tcp

-936692830 | 2025-03-11T14:43:56.659026

995 / tcp

1685649979 | 2025-03-05T03:25:31.439979

1000 / tcp

-1399940268 | 2025-03-05T03:25:45.411547

1012 / tcp

-339084706 | 2025-02-25T22:38:48.355385

1023 / tcp

-1461540015 | 2025-03-21T13:20:28.412996

1025 / tcp

-2089734047 | 2025-02-26T13:22:17.332532

1026 / tcp

-1399940268 | 2025-02-21T09:49:52.216606

1063 / tcp

819727972 | 2025-03-17T00:07:15.371244

1099 / tcp

-441419608 | 2025-03-14T07:40:38.563262

1103 / tcp

819727972 | 2025-02-23T09:39:06.564671

1153 / tcp

1911457608 | 2025-03-14T14:24:58.285349

1200 / tcp

1921398876 | 2025-03-10T05:39:12.935421

1234 / tcp

575925250 | 2025-03-17T16:54:58.455310

1337 / tcp

-222277909 | 2025-03-05T10:36:33.697364

1414 / tcp

819727972 | 2025-03-19T08:52:12.791382

1433 / tcp

-325802316 | 2025-03-13T17:34:57.514572

1443 / tcp

-1715152554 | 2025-03-10T11:41:28.339954

1452 / tcp

-801484042 | 2025-03-07T08:43:30.330366

1515 / tcp

-746114901 | 2025-03-20T13:54:23.812215

1521 / tcp

-1184558916 | 2025-03-19T08:32:02.798128

1599 / tcp

1690634669 | 2025-03-08T19:01:44.308364

1604 / tcp

1830697416 | 2025-03-10T17:39:17.444466

1723 / tcp

2064046231 | 2025-03-18T10:09:31.615268

1800 / tcp

1332894250 | 2025-03-13T11:39:12.984175

1801 / tcp

-1299899661 | 2025-03-14T17:39:45.907904

1883 / tcp

722711397 | 2025-03-21T02:46:00.664299

1926 / tcp

819727972 | 2025-02-22T04:14:20.494829

1953 / tcp

1504401647 | 2025-03-21T00:19:19.694481

1981 / tcp

819727972 | 2025-03-19T12:10:56.655786

2000 / tcp

-1399940268 | 2025-02-27T19:38:54.286981

2003 / tcp

1911457608 | 2025-03-21T11:15:56.514426

2008 / tcp

-971970408 | 2025-03-10T22:24:51.861862

2066 / tcp

504717326 | 2025-02-22T16:51:23.717280

2067 / tcp

1690634669 | 2025-03-18T17:56:04.788387

2077 / tcp

-2017887953 | 2025-03-16T15:49:41.851792

2087 / tcp

1690634669 | 2025-03-17T01:05:50.735981

2090 / tcp

366084633 | 2025-03-13T02:10:42.189671

2100 / tcp

632542934 | 2025-02-21T16:15:55.547368