GeneralInformation

Hostnames	cn-beijing.oss.aliyuncs.com
Domains	aliyuncs.com
Country	China
City	Beijing
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2024(2)

CVE-2024-25117

6.8php-svg-lib is a scalable vector graphics (SVG) file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP < 8.0, and doesn't validate if external references are allowed. This might leads to bypass of restrictions or RCE on projects that are using it, if they do not strictly revalidate the fontName that is passed by php-svg-lib. The `Style::fromAttributes(`), or the `Style::parseCssStyle()` should check the content of the `font-family` and prevents it to use a PHAR url, to avoid passing an invalid and dangerous `fontName` value to other libraries. The same check as done in the `Style::fromStyleSheets` might be reused. Libraries using this library as a dependency might be vulnerable to some bypass of restrictions, or even remote code execution, if they do not double check the value of the `fontName` that is passed by php-svg-lib. Version 0.5.2 contains a fix for this issue.

CVE-2024-6387

8.1A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2022(3)

CVE-2022-31629

6.5In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

CVE-2022-31628

2.3In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

CVE-2022-4900

6.2A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(3)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

CVE-2020-11579

7.5An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.

2019(8)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-9641

9.8An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.

CVE-2019-9639

7.5An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.

CVE-2019-9638

CVE-2019-9637

7.5An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(5)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-19396

7.5ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.

CVE-2018-19395

7.5ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM("WScript.Shell").

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

2017(4)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

CVE-2017-8923

9.8The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.

CVE-2017-7963

7.5The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings. NOTE: the vendor disputes this, stating "There is no security issue here, because GMP safely aborts in case of an OOM condition. The only attack vector here is denial of service. However, if you allow attacker-controlled, unbounded allocations you have a DoS vector regardless of GMP's OOM behavior.

CVE-2017-7272

7.4PHP through 7.1.11 enables potential SSRF in applications that accept an fsockopen or pfsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax is recognized, fsockopen will use the port number that is specified in the hostname argument, instead of the port number in the second argument of the function.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(5)

CVE-2015-9253

6.5An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility.

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2013(1)

CVE-2013-2220

7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(2)

CVE-2007-3205

5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 15 17 19 21 37 43 49 53 80 89 94 102 111 119 121 135 143 192 221 264 311 427 441 443 444 465 503 541 548 554 587 591 632 666 675 771 789 809 811 843 873 887 992 995 999 1002 1012 1023 1025 1153 1177 1200 1207 1234 1293 1337 1344 1377 1433 1515 1521 1599 1723 1800 1801 1883 1911 1926 1980 2000 2001 2002 2008 2010 2020 2052 2059 2061 2065 2067 2081 2083 2087 2091 2150 2156 2181 2202 2222 2233 2266 2323 2332 2376 2404 2423 2551 2558 2628 2806 3001 3018 3021 3050 3054 3057 3059 3060 3082 3086 3099 3106 3123 3134 3142 3149 3173 3188 3198 3260 3268 3269 3299 3306 3310 3365 3388 3406 3412 3523 3531 3559 3570 3590 3780 3790 3910 4000 4010 4022 4063 4064 4080 4101 4104 4150 4155 4157 4200 4321 4369 4431 4432 4443 4444 4455 4506 4531 4840 4899 4911 4949 5001 5006 5007 5009 5010 5025 5070 5090 5201 5222 5228 5231 5237 5248 5249 5254 5258 5262 5269 5432 5435 5446 5503 5543 5568 5600 5604 5858 5914 5984 5986 5993 6000 6001 6005 6010 6020 6262 6379 6512 6581 6633 6653 6661 6666 6668 6998 7007 7057 7070 7081 7084 7100 7171 7218 7373 7415 7434 7443 7634 7771 7777 7799 7822 8000 8009 8026 8055 8059 8076 8079 8083 8085 8087 8089 8099 8102 8106 8115 8120 8126 8127 8128 8129 8130 8132 8135 8139 8145 8150 8164 8165 8170 8177 8181 8184 8186 8200 8243 8291 8333 8384 8385 8404 8407 8418 8432 8444 8448 8457 8463 8465 8466 8473 8480 8545 8567 8575 8584 8599 8623 8630 8649 8728 8801 8805 8828 8850 8865 8870 8879 8899 9001 9017 9022 9042 9063 9076 9081 9092 9095 9099 9100 9104 9108 9141 9143 9145 9151 9160 9198 9200 9249 9256 9280 9306 9307 9309 9311 9312 9333 9387 9398 9400 9418 9443 9456 9600 9633 9711 9810 9876 9898 9922 9943 9994 9998 9999 10000 10001 10003 10011 10013 10047 10050 10051 10081 10087 10134 10201 10250 10909 10911 10933 11000 11082 11210 11288 11434 11601 11680 11681 12000 12088 12103 12108 12109 12110 12157 12161 12174 12190 12197 12198 12201 12224 12228 12230 12238 12241 12242 12248 12256 12266 12272 12282 12294 12304 12315 12320 12322 12323 12331 12337 12338 12345 12352 12371 12387 12389 12392 12393 12401 12405 12427 12428 12434 12437 12440 12465 12485 12490 12496 12511 12528 13000 13380 13443 14101 14147 14265 14344 14407 14443 14523 14897 14903 15002 15443 16005 16010 16014 16017 16021 16027 16028 16031 16033 16049 16069 16076 16080 16089 16093 16401 16888 16993 17000 17070 17773 18003 18007 18023 18026 18029 18041 18042 18053 18054 18058 18060 18062 18070 18080 18081 18094 18111 18245 18443 18553 19014 19080 19090 19200 19222 19776 19930 20000 20084 20090 20107 20151 20185 20256 20500 20512 20892 21001 21025 21027 21235 21241 21249 21251 21255 21266 21268 21280 21290 21297 21300 21302 21305 21326 21379 21381 21443 22000 22001 22067 22069 22070 22107 22206 22222 23023 24245 25001 25105 25565 25952 26656 26657 27015 27016 27017 27571 28017 30002 30003 30015 30022 30029 30122 30222 30301 30303 30422 30622 30822 30922 31022 31122 31222 31322 31337 31422 31443 31522 31722 32022 32080 32122 32222 32400 32422 32722 32746 33022 33060 33122 33338 33422 33622 33722 33922 34122 35000 35122 35822 36022 36622 36982 37122 37622 37777 37822 37922 38022 38122 38333 38922 39022 39222 39822 41794 41800 42194 42235 42443 44309 44310 44500 44510 44818 45666 45888 46000 46443 47808 48012 48899 49153 49694 50000 50003 50004 50006 50050 50070 50100 51106 51235 51434 52010 52536 52931 53200 53481 53805 54138 54444 55000 55442 55443 55553 55554 58378 58603 60001 60129 61613 61616 62078 62443 63210 63256 63257 63260 63443 64295 64738 65000

11 / tcp

1492413928 | 2025-04-09T22:01:27.145695

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

13 / tcp

-2023550675 | 2025-04-07T16:10:20.922943

\\x01\x0b=\\x01\xc3\x80\\x06\xc3\xbf\xc3\xbf?"<ZDECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\\x01\\x01

15 / tcp

819727972 | 2025-04-09T20:08:35.244387

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

17 / tcp

1662811133 | 2025-03-15T17:01:05.266910

MudNames 77 - (C) 1997-2001 Ragnar Hojland Espinosa <ragnar@ragnar-hojland.com>

19 / tcp

-1729629024 | 2025-03-13T01:51:23.520935

101 imqbroker =unV

21 / tcp

-731285715 | 2025-04-01T15:36:33.097044

220 (vsFTPd 1.2.2)

37 / tcp

1463575233 | 2025-04-04T04:29:30.759845

\\xe9XQg

43 / tcp

2087396567 | 2025-04-08T15:45:07.549350

kjnkjabhbanc283ubcsbhdc72

49 / tcp

-1056270173 | 2025-04-09T18:33:28.144179

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close

53 / tcp

1024248778 | 2025-03-15T02:05:00.727868

9
\x81\x80\x00\x01\x00\x02\x00\x00\x00\x00\x08clients1\x06google\x03com\x00\x00\x01\x00\x01\xc0\x00\x05\x00\x01\x00\x00\x00\xbd\x00\x07clients\x01l\xc0\x15\xc01\x00\x01\x00\x01\x00\x00\x00\xa2\x00\x04\xac٣.
\x00\x06\x85\x80\x00\x01\x00\x01\x00\x00\x00

80 / tcp

1572832718 | 2025-03-19T07:11:39.709851

Hashes

hash

-745226390

http.dom_hash

1799269922

http.html_hash

1572832718

http.server_hash

-498774968

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Wed, 19 Mar 2025 07:11:39 GMT
Content-Type: application/xml
Content-Length: 346
Connection: keep-alive
x-oss-request-id: 67DA6E2B5A53BB32399192B3
x-oss-server-time: 0
x-oss-ec: 0003-00001201

89 / tcp

307999478 | 2025-03-12T07:49:46.668641

unknown command \r\nunknown command \r\n

94 / tcp

709622286 | 2025-03-24T17:25:33.419494

OK Welcome <299685> on DirectUpdate server 7286\r\n

102 / tcp

-792826324 | 2025-03-15T18:13:20.884525

220 FTP server ready - login please

111 / tcp

1187188851 | 2025-04-05T11:55:04.295234

Portmap
Program	Version	Protocol	Port

119 / tcp

141730637 | 2025-03-23T20:53:29.265338

HTTP/1.0 200 OK
Server: Proxy

121 / tcp

-1399940268 | 2025-03-15T21:49:54.175061

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

135 / tcp

1483120365 | 2025-03-14T17:36:22.877518

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: OP2\n IP2: 192.168.0.20\n IP3: 61.230.135.142\n IP4: 2001:b011:2006:c3ef:18c0:9e02:ef7:84c8\n\nNTLMSSP:\nTarget_Name: OP2\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: OP2\nNetBIOS_Computer_Name: OP2\nDNS_Domain_Name: OP2\nDNS_Computer_Name: OP2\nSystem_Time: 2024-01-22 07:10:42 +0000 UTC\n\nDCERPC Dump:\n4b112204-0e19-11d3-b42b-

143 / tcp

-1939513550 | 2025-03-22T13:33:09.912727

* OK The Microsoft Exchange IMAP4 service is ready.\r\n\nImap NTLM Info:\nTarget_Name: HEBEIHK\nProduct_Version: 6.0.6003 Ntlm 15\nOS: Windows Server 2008, Service Pack 2, Rollup KB4489887\nNetBIOS_Domain_Name: HEBEIHK\nNetBIOS_Computer_Name: MAILSERVER2\nDNS_Domain_Name: hebeihk.local\nDNS_Computer_Name: MAILSERVER2.hebeihk.local\nMsvAvDnsTreeName: hebeihk.local\nSystem_Time: 2024-01-22 08:26:31 +0000 UTC\n\n

192 / tcp

1911457608 | 2025-04-06T20:56:24.994017

\x00[\x00\x00\x00\x00\x00\x00

221 / tcp

819727972 | 2025-03-13T10:09:18.020361

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

264 / tcp

-1707068558 | 2025-03-18T14:33:56.095648

311 / tcp

749429829 | 2025-03-19T11:06:52.504275

\xc3\xa3\r\n\r\n\\x01KvInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

427 / tcp

-349937125 | 2025-03-29T09:20:11.850973

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://192.168.118.88\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:VMwareInfrastructure\nservice:wbem:https\n\nResponse of service:VMwareInfrastructure SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:VMwareInfrastructure://192.168.118.88\n\n\nResponse of service:VMwareInfrastructure AttrRqst:\nVersion: 2\nFunction: Attribute Reply (7)\nErrorCode: SUCCE

441 / tcp

1504401647 | 2025-03-14T22:18:15.197139

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

443 / tcp

1156496095 | 2025-04-08T20:24:20.125939

Hashes

hash

313490601

http.dom_hash

1799269922

http.html_hash

1156496095

http.server_hash

-498774968

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Tue, 08 Apr 2025 20:24:20 GMT
Content-Type: application/xml
Content-Length: 346
Connection: keep-alive
x-oss-request-id: 67F585F472AE9E35377AF635
x-oss-server-time: 0
x-oss-ec: 0003-00001201

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:6b:68:69:54:4a:81:bb:93:b4:d7:d1
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 OV TLS CA 2024
        Validity
            Not Before: Jan  2 06:32:06 2025 GMT
            Not After : Sep  4 00:00:00 2025 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=cn-beijing.oss.aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cb:fd:cb:7f:5f:49:ee:e8:d9:d0:d6:53:d0:a5:
                    88:fd:fc:56:3c:06:76:2d:ad:ee:c9:65:e1:8c:fd:
                    ee:ef:a1:a2:34:db:d3:65:1e:4a:9c:f7:9d:a6:ad:
                    fa:a7:b3:1a:8b:45:f7:13:2a:26:24:9c:50:28:92:
                    25:54:45:fc:d2:2e:17:7d:c1:47:45:a1:39:bf:ce:
                    7e:f2:8b:d7:69:2c:b6:94:3f:5c:fc:a9:6e:c3:bd:
                    a5:a9:f3:6e:65:55:50:ba:b2:8a:df:ee:e9:50:a7:
                    81:b5:5f:3a:96:f9:74:c3:8a:54:51:d7:eb:02:1c:
                    58:33:e6:a0:ea:12:10:52:63:c9:df:03:84:cf:a3:
                    15:9c:50:7b:5e:6e:42:0f:3d:bd:33:3c:f6:6a:eb:
                    be:30:24:30:72:cb:84:a8:e9:17:aa:6a:45:f8:12:
                    c2:a1:78:0d:31:f0:45:2b:32:2f:ff:98:a3:03:a2:
                    5a:b0:8d:e2:d5:ce:e1:35:56:0b:0a:f8:11:bf:18:
                    44:f7:b8:7b:a0:a0:eb:1d:8d:cf:e8:cc:cf:c4:c5:
                    54:69:59:53:e1:ee:51:79:04:67:86:cf:8b:e5:c6:
                    88:a8:cc:9e:61:75:91:90:b5:8a:af:4c:a2:8d:57:
                    14:8a:f6:54:fb:1e:71:e5:09:e3:0a:12:df:34:8d:
                    d5:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr3ovtlsca2024.crt
                OCSP - URI:http://ocsp.globalsign.com/gsgccr3ovtlsca2024
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                Policy: 1.3.6.1.4.1.4146.10.1.2
                  CPS: https://www.globalsign.com/repository/
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsgccr3ovtlsca2024.crl
            X509v3 Subject Alternative Name: 
                DNS:cn-beijing.oss.aliyuncs.com, DNS:*.cn-beijing.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-beijing.aliyuncs.com, DNS:*.s3.oss-cn-beijing-internal.aliyuncs.com, DNS:*.cn-beijing.mgw.aliyuncs.com, DNS:*.oss.cn-beijing.privatelink.aliyuncs.com, DNS:*.oss-cn-beijing.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-accesspoint.aliyuncs.com, DNS:*.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing.aliyuncs.com, DNS:*.img-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-internal-cross.aliyuncs.com, DNS:*.oss-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-cross.aliyuncs.com, DNS:*.img-cn-beijing.aliyuncs.com, DNS:*.vpc100-oss-cn-beijing.aliyuncs.com, DNS:*.cn-beijing.oss.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h-cross.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub.aliyuncs.com, DNS:*.cn-beijing-finance.oss.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1.aliyuncs.com, DNS:*.cn-beijing-finance-1.oss.aliyuncs.com, DNS:*.cn-beijing-vpc.oss.aliyuncs.com, DNS:*.oss-enet-cm.aliyuncs.com, DNS:*.oss-enet-cu.aliyuncs.com, DNS:*.oss-enet-ct.aliyuncs.com, DNS:*.oss-enet-cn-north.aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.oss-enet.aliyuncs.com, DNS:*.oss-internal.aliyuncs.com, DNS:*.oss-internal.aliyun-inc.com, DNS:*.oss-accelerate.aliyuncs.com, DNS:*.oss-accelerate-overseas.aliyuncs.com, DNS:*.s3.oss-accelerate.aliyuncs.com, DNS:*.s3.oss-accelerate-overseas.aliyuncs.com, DNS:*.cn-beijing-cross.mgw.aliyuncs.com, DNS:*.oss-vpc.aliyuncs.com, DNS:*.cn-beijing.oss-vpc.aliyuncs.com, DNS:*.oss.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                DA:D3:A8:08:48:0C:34:37:58:EE:E5:A7:75:2E:59:FC:D6:DC:3C:38
            X509v3 Subject Key Identifier: 
                C1:58:AC:32:69:71:BB:67:42:6C:42:FE:14:E5:57:72:91:C1:82:D6
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 1A:04:FF:49:D0:54:1D:40:AF:F6:A0:C3:BF:F1:D8:C4:
                                67:2F:4E:EC:EE:23:40:68:98:6B:17:40:2E:DC:89:7D
                    Timestamp : Jan  2 06:32:08.952 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:D4:22:D6:BD:85:6A:79:2B:66:0F:1F:
                                36:9C:87:35:37:A2:DA:91:B3:41:21:70:33:24:48:B8:
                                AC:01:B2:4F:8A:02:20:78:33:2F:5E:6C:72:6C:BA:8A:
                                2A:DB:4A:42:99:29:A1:0C:E4:7B:86:88:C2:7F:9F:BE:
                                CE:93:8F:5D:00:2F:8C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
                                F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
                    Timestamp : Jan  2 06:32:08.990 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:DE:60:8C:72:69:F8:ED:DD:B5:9B:2F:
                                88:2B:94:8E:C5:EA:A3:29:CF:5E:76:E1:32:5B:33:E9:
                                09:55:C0:9B:0A:02:20:72:4F:8B:E6:B3:1A:36:F6:61:
                                91:02:36:00:EA:76:E0:8C:5C:3C:8C:AF:C1:4A:F2:FD:
                                CA:7D:2B:6A:A6:5A:A7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
                                47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
                    Timestamp : Jan  2 06:32:08.695 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:82:E8:40:FB:D2:F4:C7:36:73:02:4A:
                                CD:8A:B4:A7:3D:E9:DC:7F:23:C7:17:0C:B1:8F:65:59:
                                3C:89:A5:E4:F0:02:20:2D:57:40:3F:AC:33:84:81:B8:
                                79:8C:CE:B4:F4:CC:44:29:AE:5A:FA:CD:66:FF:7A:69:
                                DA:8E:8E:6B:3D:C7:D7
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4e:88:42:e9:bd:d6:24:7a:b8:0b:08:70:28:8b:e3:90:92:79:
        25:1f:f9:ec:83:69:41:21:cb:3f:cc:c6:2c:76:54:44:09:81:
        c9:8b:a9:bc:32:e4:5e:d4:72:17:de:fd:a1:50:2b:58:ed:45:
        8e:ba:40:ee:f9:54:31:0e:56:0e:7f:9e:36:2d:98:8b:3a:21:
        ac:4c:f7:4b:e5:97:32:cd:c3:b4:9d:b7:99:07:f1:4f:bb:81:
        14:60:64:c2:01:bb:85:62:e5:8a:7e:84:86:9f:c9:0b:80:80:
        c3:95:a2:77:b8:d9:81:73:28:dc:14:f9:af:1b:22:8b:33:2a:
        b5:dd:34:fb:a6:90:3d:a1:37:b1:93:f5:d9:93:d0:3c:86:ac:
        28:04:f6:71:24:54:fd:0c:42:2d:48:d4:9c:a6:e5:fa:88:71:
        e3:dc:e1:a7:c7:8a:d5:39:43:29:5f:5d:2c:02:1a:72:08:e8:
        ce:86:a9:22:b1:ed:4f:4e:7f:e5:7d:ea:01:3b:7f:34:2c:e6:
        94:3c:5b:6c:64:09:c3:88:e5:08:64:91:8a:17:63:99:dc:0c:
        85:ee:6c:4a:67:f4:66:21:e9:7a:a3:95:8c:ed:6c:6f:af:92:
        f8:a3:49:8f:de:3b:85:de:68:56:95:f4:e7:e7:7b:1e:c2:0a:
        1f:12:b5:15

444 / tcp

0 | 2025-03-22T16:22:52.104825

Hashes

hash

-2033157093

http.dom_hash

http.html_hash

http.server_hash

1673621694

HTTP/1.1 200 OK
Date: Sat, 22 Mar 2025 16:22:52 GMT
Content-Type: application/json
Content-Length: 110
Connection: keep-alive
Ali-Swift-Global-Savetime: 1742660572
Eagleeye-Traceid: e5873dbd23c88d7fba78680514
Eagleid: e5873dbd23c88d7fba78680514
S_group: tao-session
S_ip: 4e5601d8f760a23b8ae1a6c9cd00be40
S_status: STATUS_SYS_ERR
S_tag: 396800848797754|217524092^|^^
S_tid: e5873dbd23c88d7fba78680514
S_ucode: CN:CENTER
S_v: 5.0.1.6
Server: Tengine
Strict-Transport-Security: max-age=0
Timing-Allow-Origin: *, *
Location: https://pre-vvp.console.aliyun.com
Ufe-Result: A9
Via: vcache56.14vcache9[041,396,064-0,M], vcache53.vcache86[165,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-Cachetime: 0
X-Swift-Savetime: Sat, 22 Mar 2025 16:22:52 GMT

465 / tcp

897328069 | 2025-04-07T20:39:18.453151

220 mail.scott000.com ESMTP

503 / tcp

-616720387 | 2025-03-27T23:30:10.998739

SSH-2.0-SSHD_0.7.6

541 / tcp

1497273505 | 2025-03-17T22:54:28.718456

\\x16\\x03\\x01\\x01P\\x01\\x00\\x01L\\x03\\x03\\x84L\\xcf\\x00\\x0e\xc4\x96Q\\xf3\\xb1\\x9f\\x88\\x08\\x92\\xd7S\\xf1\\xb7\\xc9\\xc79\\xcc\\xf6Tk\\x1dj\\xc6`\\x89\\x86\\xeb \\xbc\\xef\\xc3<\\xe5g\\x96\\xa4L\\x1c\\x1b]ea\\x81$D\\x99\\x92eH\\x85\\x82\\x1b*\\xc2*\\xaeb9n9\\x002\\x13\\x02\\x13\\x03\\x13\\x01\\x009\\x0

548 / tcp

155249582 | 2025-03-31T15:01:36.722607

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: NGU\nMachine Type: \rNetatalk3.1.8\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: Cleartxt Passwrd\\x04,DHX2\t,DHCAST128\\x00\nServer Signature: 00000000008002000180030002800280

554 / tcp

285770450 | 2025-04-06T16:26:59.907758

RTSP/1.0 401 Unauthorized
CSeq: 1

587 / tcp

1072031226 | 2025-03-24T04:59:48.906828

220 ssqr.twhg.com.tw ESMTP Softmail New MTA Mon, 22 Jan 2024 15:56:07 +0800 (+08)\r\n250-ssqr.twhg.com.tw Hello [*.*.*.*], pleased to meet you\r\n250-ENHANCEDSTATUSCODES\r\n250-PIPELINING\r\n250-8BITMIME\r\n250-SIZE\r\n250-DSN\r\n250-ETRN\r\n250-AUTH LOGIN PLAIN\r\n250-STARTTLS\r\n250-DELIVERBY\r\n250 HELP\r\n214 2.0.0 End of HELP info\r\n

591 / tcp

455076604 | 2025-04-06T05:54:43.208407

!\x07version\x04bind7 t{RPowerDNS Recursor 410

632 / tcp

1282941221 | 2025-04-03T11:44:04.893759

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

666 / tcp

-1960639992 | 2025-03-15T18:03:55.479420

HTTP/1.1 401 Unauthorized

675 / tcp

-1428621233 | 2025-03-24T22:48:43.810970

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

771 / tcp

-1327660293 | 2025-04-07T06:15:20.107992

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

789 / tcp

921225407 | 2025-04-10T01:09:04.585954

\x00\x00\x00\x04\x00\x00\x00\x00\x00

809 / tcp

-1099385124 | 2025-04-10T20:20:18.215493

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

811 / tcp

-1099385124 | 2025-04-01T23:30:36.279903

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

843 / tcp

-2004989248 | 2025-03-24T13:43:11.871014

<cross-domain-policy>\n   <allow-access-from domain="*" to-po\nrts="*" />\n</cross-domain-policy>

873 / tcp

-1598265216 | 2025-03-28T15:27:48.321100

@RSYNCD: 31.0

887 / tcp

-1399940268 | 2025-03-17T06:55:56.532345

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

992 / tcp

-1718295362 | 2025-04-09T09:50:46.301907

HTTP/1.1 400 Bad Request
Content-Type: text/plain; charset=utf-8

995 / tcp

-740312032 | 2025-04-05T13:14:19.934731

+OK Dovecot (Ubuntu) ready.\r\n

999 / tcp

2061638597 | 2025-03-21T09:49:15.107020

HTTP/1.1 200 OK
Server: Apache/2.4.46 (Win32) OpenSSL/1.1.1g mod_fcgid/2.3.9 mod_jk/1.2.40
X-Powered-By: PHP/5.6.40
X-ob_mode: 1
X-Frame-Options: DENY
X-X-WebKit-CSP: default-src 'self' ;script-src 'self'  'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data:  *.tile.openstreetmap.org *.tile.opencyclemap.org;
Expires: Mon, 22 Jan 2024 16:09:12 +0800
Cache-Control: no-store, no-cache, must-revalidate,  pre-check=0, post-check=0, max-age=0
Pragma: no

Vulnerabilities

2 9 5 1

1002 / tcp

-1888448627 | 2025-03-19T08:42:48.232059

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1012 / tcp

-1399940268 | 2025-03-24T04:19:43.223384

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1023 / tcp

1231376952 | 2025-04-04T02:04:18.866941

1025 / tcp

-1399940268 | 2025-04-05T22:23:14.745210

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1153 / tcp

-2089734047 | 2025-03-25T04:37:42.170262

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1177 / tcp

1545917845 | 2025-03-26T05:22:28.290891

[gN

1200 / tcp

-1681927087 | 2025-03-24T01:12:02.751966

kjnkjabhbanc283ubcsbhdc72

1207 / tcp

-1399940268 | 2025-04-05T14:11:44.487134

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1234 / tcp

-1399940268 | 2025-04-05T06:54:32.454986

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1293 / tcp

1492413928 | 2025-03-28T04:46:47.188481

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

1337 / tcp

-971970408 | 2025-04-06T12:09:25.863198

1344 / tcp

-1779118422 | 2025-04-06T19:27:55.313465

\x00[\xc2\xae\xc2\x8d{\x7f\x00\x00

1377 / tcp

819727972 | 2025-03-23T11:57:07.347018

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1433 / tcp

-1781810481 | 2025-03-24T17:15:33.512912

MSSQL Server\nVersion: 150998979 (0x9000fc3)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: PULI\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: PULI\nNetBIOS_Computer_Name: CIXIAO\nDNS_Domain_Name: puli.gov.tw\nDNS_Computer_Name: cixiao.puli.gov.tw\nMsvAvDnsTreeName: puli.gov.tw\nSystem_Time: 2024-01-22 05:04:23 +0000 UTC\n\n

1515 / tcp

819727972 | 2025-03-27T13:20:57.606556

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1521 / tcp

-1337747449 | 2025-03-17T15:49:11.532648

Version:12.2.0.1.0\n"\\x00\\x00Y(DESCRIPTION=(TMP=)(VSNNUM=203424000)(ERR=1189)(ERROR_STACK=(ERROR=(CODE=1189)(EMFI=4))))

1599 / tcp

1208318993 | 2025-04-03T13:13:27.537419

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

1723 / tcp

1103582599 | 2025-04-06T05:40:16.882061

Firmware: 1\nHostname: Vigor\nVendor: DrayTek\n

1800 / tcp

-2089734047 | 2025-04-05T21:54:42.771238

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1801 / tcp

1535389866 | 2025-03-15T23:30:13.578735

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2157_PS-LHW-01jjk135_25164-48622

1883 / tcp

1911457608 | 2025-03-25T01:12:32.331048

\x00[\x00\x00\x00\x00\x00\x00

1911 / tcp

-2089734047 | 2025-03-31T15:13:25.017287

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1926 / tcp

819727972 | 2025-04-04T20:32:23.268796

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1980 / tcp

1541211644 | 2025-04-03T13:17:51.994093

[\xc2\xba\x7fs\x7f

2000 / tcp

1911457608 | 2025-04-08T15:54:06.679759

\x00[\x00\x00\x00\x00\x00\x00

2001 / tcp

820958131 | 2025-04-05T09:36:42.976522

kjnkjabhbanc283ubcsbhdc72\x02

2002 / tcp

-1125826364 | 2025-03-18T17:30:29.542258

[sÅÓ

2008 / tcp

819727972 | 2025-04-08T01:38:21.791105

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2010 / tcp

-1261090339 | 2025-03-26T04:20:55.946227

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

2020 / tcp

1230697277 | 2025-04-04T20:06:56.328257

HTTP/1.1 200 OK
Server: Monkey/1.7.0
Transfer-Encoding: chunked

2052 / tcp

114471724 | 2025-03-21T18:38:17.821785

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN
Server: NSX

2059 / tcp

-1476017887 | 2025-03-15T16:52:55.665469

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

2061 / tcp

1991883981 | 2025-04-02T16:57:14.816599

B\x00\x00\x00\xc3\xbfn\x04Too many connections

2065 / tcp

-42767839 | 2025-03-26T07:24:33.984588

RFB 005.000

VNC:
  Protocol Version: 5.0

2067 / tcp

1911457608 | 2025-04-06T22:58:55.185787

\x00[\x00\x00\x00\x00\x00\x00

2081 / tcp

-2031152423 | 2025-03-26T11:29:35.880004

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

2083 / tcp

-1026951088 | 2025-04-07T19:02:27.656854

erro ip

2087 / tcp

-1441741890 | 2025-04-06T10:37:22.332186

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2
0181212])

2091 / tcp

921225407 | 2025-03-16T20:29:05.215004

\x00\x00\x00\x04\x00\x00\x00\x00\x00

2150 / tcp

1282941221 | 2025-03-14T19:10:00.953512

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

2156 / tcp

1282941221 | 2025-03-26T21:42:49.377689

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

2181 / tcp

546151771 | 2025-03-27T22:17:41.266913

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

2202 / tcp

819727972 | 2025-04-06T08:29:30.537091

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2222 / tcp

372433470 | 2025-03-13T15:06:19.175701

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

2233 / tcp

671605376 | 2025-03-31T19:30:20.196590

SSH-2.0-OpenSSH_X.X

2266 / tcp

819727972 | 2025-03-23T12:40:15.695339

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2323 / tcp

1662205251 | 2025-03-17T21:09:48.679157

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

2332 / tcp

-2030182557 | 2025-03-23T17:00:49.661216



0
dø...

2376 / tcp

-1453516345 | 2025-04-01T16:49:13.121299

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

2404 / tcp

-2031152423 | 2025-04-10T18:16:15.449161

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

2423 / tcp

-1399940268 | 2025-04-05T13:34:43.349326

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2551 / tcp

-1399940268 | 2025-04-10T02:00:22.922054

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2558 / tcp

2143387245 | 2025-03-14T22:58:23.219234

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

2628 / tcp

-457235091 | 2025-03-27T01:56:30.382168

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

2806 / tcp

-1648456501 | 2025-04-05T14:06:22.869240

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

3001 / tcp

-1476017887 | 2025-03-27T21:39:20.672644

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

3018 / tcp

-1746074029 | 2025-03-20T03:57:23.169361

101 imqbroker =unV\r\n

3021 / tcp

-1648456501 | 2025-03-20T00:15:06.626729

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

3050 / tcp

-1888448627 | 2025-04-09T21:43:01.055381

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

3054 / tcp

1282941221 | 2025-03-16T18:41:36.459422

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

3057 / tcp

-1399940268 | 2025-03-16T02:40:22.627991

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3059 / tcp

398077695 | 2025-03-18T00:04:29.231985

3060 / tcp

1574088840 | 2025-04-01T11:26:21.023161

">Application and Content Networking Software 3.9</a>)\n</BODY><

3082 / tcp

632542934 | 2025-04-10T09:11:23.085399

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

3086 / tcp

-1189269828 | 2025-04-02T00:59:06.940338

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

3099 / tcp

819727972 | 2025-03-16T18:30:38.027852

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3106 / tcp

-1399940268 | 2025-03-25T16:40:54.588725

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3123 / tcp

-303199180 | 2025-04-03T21:10:39.081986

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

3134 / tcp

-2089734047 | 2025-03-14T05:01:39.494241

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3142 / tcp

15018106 | 2025-04-04T01:59:06.262104

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

3149 / tcp

1911457608 | 2025-04-02T17:49:03.536714

\x00[\x00\x00\x00\x00\x00\x00

3173 / tcp

1911457608 | 2025-03-31T21:06:12.295383

\x00[\x00\x00\x00\x00\x00\x00

3188 / tcp

-303199180 | 2025-03-28T16:59:13.754581

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

3198 / tcp

-1099385124 | 2025-03-14T01:30:21.687785

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

3260 / tcp

-862070606 | 2025-04-06T20:06:20.185393

Login Response Success(0x0000)\nKey/Value Pairs\nAuthMethod=None\nTargetAlias=LIO Target\nTargetPortalGroupTag=1\n\n

3268 / tcp

247702477 | 2025-03-17T13:23:28.427091

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 9-54370107-0 0NNN RT(1701565466051 0) q(0 -1 -1 -1) r(0 -1)

3269 / tcp

320677201 | 2025-03-28T04:35:01.231083

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

3299 / tcp

1723769361 | 2025-03-23T11:25:16.056654

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

3306 / tcp

292351399 | 2025-03-22T12:36:21.159804

Mysql Version: 5.5.24-log \r\nN\\x00\\x00\\x00\n5.5.24-log\\x00\\x87\\x00\\x00\\x00uF>E}hpx\\x00\\xff\\xf7!\\x02\\x00\\x0f\\x80\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00-rx$GyO\\aT]Z\\x00mysql_native_password\\x00

3310 / tcp

-1399940268 | 2025-03-23T11:03:00.439673

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3365 / tcp

-1399940268 | 2025-03-25T16:28:40.115056

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3388 / tcp

819727972 | 2025-03-28T19:26:39.881620

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3406 / tcp

-2140303521 | 2025-04-06T20:07:40.955766

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

3412 / tcp

-1327660293 | 2025-03-12T01:19:12.857608

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

3523 / tcp

-146605374 | 2025-04-08T15:41:47.038114

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

3531 / tcp

-1839934832 | 2025-04-06T20:46:44.123655

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

3559 / tcp

-375604792 | 2025-04-07T21:37:03.893249

220 Microsoft FTP Service

3570 / tcp

819727972 | 2025-03-17T21:20:14.686225

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3590 / tcp

165188539 | 2025-03-16T02:08:17.857905

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

3780 / tcp

-1900404274 | 2025-03-19T18:12:25.324367

Unknown command

3790 / tcp

971933601 | 2025-03-24T21:58:36.054291

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

3910 / tcp

-1399940268 | 2025-04-03T16:58:47.607940

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4000 / tcp

141533638 | 2025-03-17T03:20:16.181883

HTTP/1.1 302 Found
Location: /index.html

4010 / tcp

-1105333987 | 2025-03-12T20:59:12.335012

\x00[KpU\x7f\x00\x00

4022 / tcp

-1045760528 | 2025-04-02T11:06:00.982792

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

4063 / tcp

-1036370807 | 2025-04-09T10:26:11.554132

JDWP-Handshake

4064 / tcp

321971019 | 2025-03-17T17:14:02.500501

-ERR client ip is not in whitelist\r

4080 / tcp

-1399940268 | 2025-04-05T01:54:20.207538

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4101 / tcp

819727972 | 2025-03-17T17:08:35.471097

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

4104 / tcp

-1399940268 | 2025-03-23T18:07:33.479996

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4150 / tcp

-1399940268 | 2025-04-07T02:24:49.188048

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4155 / tcp

2103111368 | 2025-04-06T18:22:09.271952

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

4157 / tcp

2087396567 | 2025-04-03T08:25:59.521429

kjnkjabhbanc283ubcsbhdc72

4200 / tcp

1665283070 | 2025-03-15T06:55:19.766118

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x01\x00\x00\x10\x00\x00\n0\x03\x00\x00\x00\x01\x00\x05\x00\x00@\x00\x00\x06\x00\x00\x1f@

4321 / tcp

-1250504565 | 2025-03-17T16:23:17.413555

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

4369 / tcp

-1105333987 | 2025-04-01T20:48:32.135943

\x00[KpU\x7f\x00\x00

4431 / tcp

-1261090339 | 2025-04-08T11:00:49.054429

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

4432 / tcp

-1888448627 | 2025-03-23T23:50:30.039350

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

4443 / tcp

751161953 | 2025-04-03T19:18:51.667678

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
Deny-Reason: hotload rechange server uri format error!!
Request-Id: 65ae295529c967ad650ec3304d944abd

4444 / tcp

-1399940268 | 2025-04-07T13:33:36.089576

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4455 / tcp

1911457608 | 2025-04-01T20:59:50.993099

\x00[\x00\x00\x00\x00\x00\x00

4506 / tcp

171352214 | 2025-04-06T15:14:54.022977

-ERR client ip is not in whitelist

4531 / tcp

-2033111675 | 2025-04-07T23:33:07.684365

~djb

4840 / tcp

-1888448627 | 2025-03-24T17:02:09.033730

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

4899 / tcp

-358801646 | 2025-04-01T21:14:17.340034

SSH-2.0-OpenSSH_6.6.1

4911 / tcp

-2089734047 | 2025-03-23T16:16:28.875250

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

4949 / tcp

1308377066 | 2025-04-06T10:29:20.991137

ncacn_http/1.0

5001 / tcp

-971970408 | 2025-04-03T20:27:37.859697

5006 / tcp

1741579575 | 2025-04-05T04:40:37.809933

5007 / tcp

2121220663 | 2025-03-21T03:13:06.754142

SSH-58-Ingrian_SSH\r\n

5009 / tcp

-1338936697 | 2025-04-07T09:40:44.949236

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2109_PStjdxtk16_38957-48596

5010 / tcp

-274082663 | 2025-04-10T16:06:44.725303

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

5025 / tcp

1842524259 | 2025-03-28T11:39:22.061961

5070 / tcp

1615193817 | 2025-03-25T14:33:26.774419

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

5090 / tcp

-1059554316 | 2025-03-12T22:08:01.200766

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

5201 / tcp

-1399940268 | 2025-03-29T20:12:26.019106

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5222 / tcp

-1019343788 | 2025-03-28T00:09:46.043212

W!\x00\x00\x00\x00

5228 / tcp

-1399940268 | 2025-03-26T19:21:23.602118

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5231 / tcp

-1399940268 | 2025-04-09T03:33:31.872974

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5237 / tcp

-1399940268 | 2025-03-24T06:51:55.717037

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5248 / tcp

-1399940268 | 2025-03-28T19:17:41.599491

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5249 / tcp

1011407350 | 2025-03-21T01:25:27.908470

* OK GroupWise IMAP4rev1 Server Ready\r\n

5254 / tcp

1911457608 | 2025-03-12T16:29:21.885745

\x00[\x00\x00\x00\x00\x00\x00

5258 / tcp

-747911285 | 2025-03-14T04:48:09.128354

\xc2\xaa

5262 / tcp

-1399940268 | 2025-04-09T16:08:24.035092

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5269 / tcp

-1165098486 | 2025-03-22T12:55:16.436446

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705938487.609-w-waf02tjgt

5432 / tcp

-2089734047 | 2025-03-15T16:58:24.031326

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

5435 / tcp

398077695 | 2025-03-24T09:52:55.871412

5446 / tcp

455076604 | 2025-03-19T22:23:27.989498

!\x07version\x04bind7 t{RPowerDNS Recursor 410

5503 / tcp

2063598737 | 2025-03-14T06:51:15.356806

/0 0 L\r\n/0 0 HUH\r\n

5543 / tcp

-653033013 | 2025-03-26T11:00:55.052574

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

5568 / tcp

1991883981 | 2025-03-18T02:26:50.304679

B\x00\x00\x00\xc3\xbfn\x04Too many connections

5600 / tcp

-1099385124 | 2025-03-20T06:35:49.757485

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

5604 / tcp

-1399940268 | 2025-04-05T08:26:21.004465

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5858 / tcp

1286504516 | 2025-03-31T20:58:13.708356

CP2E Control Console
Connected to Host: gZI

5914 / tcp

-1036370807 | 2025-04-06T09:53:04.518473

JDWP-Handshake

5984 / tcp

1999272906 | 2025-03-18T21:04:45.956055

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

5986 / tcp

-971970408 | 2025-03-20T23:49:55.159289

5993 / tcp

-1399940268 | 2025-03-22T09:05:47.364830

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6000 / tcp

-1045760528 | 2025-04-08T03:37:40.914756

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

6001 / tcp

1911457608 | 2025-04-06T20:03:01.048761

\x00[\x00\x00\x00\x00\x00\x00

6005 / tcp

-1713437100 | 2025-03-16T20:13:50.633438

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

6010 / tcp

165188539 | 2025-03-13T17:29:57.336308

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

6020 / tcp

1911457608 | 2025-04-03T01:39:25.831607

\x00[\x00\x00\x00\x00\x00\x00

6262 / tcp

1126993057 | 2025-04-03T17:40:14.672031

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

6379 / tcp

321971019 | 2025-03-24T22:13:35.476783

-ERR client ip is not in whitelist\r

6512 / tcp

1991883981 | 2025-03-25T20:44:17.915119

B\x00\x00\x00\xc3\xbfn\x04Too many connections

6581 / tcp

-445721795 | 2025-03-19T21:41:00.812942

\x00[\xc3\xaed\x1a\x7f\x00\x00

6633 / tcp

-1399940268 | 2025-03-27T09:08:39.547799

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6653 / tcp

1911457608 | 2025-03-12T19:48:07.670045

\x00[\x00\x00\x00\x00\x00\x00

6661 / tcp

-1839934832 | 2025-04-08T17:53:25.320111

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

6666 / tcp

-365662216 | 2025-03-23T09:27:28.154156

\x05\xff

6668 / tcp

1911457608 | 2025-03-20T18:10:50.577469

\x00[\x00\x00\x00\x00\x00\x00

6998 / tcp

-1375131644 | 2025-04-01T02:49:02.744479

\x00[v\xc3\xbdC\x7f\x00\x00

7007 / tcp

1270813432 | 2025-03-15T03:14:13.543912

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2043_PS-HFE-01b0m76_52543-12195

7057 / tcp

-1399940268 | 2025-03-19T21:51:47.142179

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7070 / tcp

-1422832653 | 2025-03-22T11:48:53.873816

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae270b_PSfjfzdx3dl29_15414-4119

7081 / tcp

-358801646 | 2025-03-19T02:41:12.122390

SSH-2.0-OpenSSH_6.6.1

7084 / tcp

-1888448627 | 2025-04-07T09:26:09.545438

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

7100 / tcp

2107474833 | 2025-04-03T16:40:02.247324

HTTP/1.1 200 OK
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache

7171 / tcp

-1888448627 | 2025-04-05T05:26:50.415812

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

7218 / tcp

-1681927087 | 2025-04-04T11:20:49.733876

kjnkjabhbanc283ubcsbhdc72

7373 / tcp

1911457608 | 2025-04-06T19:44:10.019130

\x00[\x00\x00\x00\x00\x00\x00

7415 / tcp

1726594447 | 2025-04-06T13:48:23.634949

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

7434 / tcp

-409020351 | 2025-03-21T01:26:23.085374

NPC Telnet permit one connection.
 But One connection() already keep alive.
Good Bye !!

7443 / tcp

1612309769 | 2025-04-10T11:39:30.468940

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae28e1_CS-000-01SZh112_7344-42222

7634 / tcp

-441419608 | 2025-04-08T04:50:45.272874

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

7771 / tcp

-1810987450 | 2025-04-10T16:11:31.578088

\xc3\xbf

7777 / tcp

1391945995 | 2025-03-15T06:30:51.885814

HTTP/1.1 403 Forbidden 
Content-Type: text/plain; charset=utf-8
Proxy-Authenticate: Basic realm=""

7799 / tcp

1504401647 | 2025-03-28T14:02:16.424909

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

7822 / tcp

1370263973 | 2025-03-17T23:49:21.824345

dubbo>

8000 / tcp

-1036370807 | 2025-03-16T04:58:30.720606

JDWP-Handshake

8009 / tcp

-2031152423 | 2025-03-15T04:56:43.384565

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

8026 / tcp

-1019343788 | 2025-03-18T19:30:07.581522

W!\x00\x00\x00\x00

8055 / tcp

575925250 | 2025-03-21T22:39:30.652536

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

8059 / tcp

-1248408558 | 2025-03-27T19:49:02.939882

220 MikroTik FTP server (MikroTik 6.44.3) ready

8076 / tcp

1911457608 | 2025-04-06T19:38:53.432761

\x00[\x00\x00\x00\x00\x00\x00

8079 / tcp

1615193817 | 2025-03-20T18:46:07.803839

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

8083 / tcp

-1681927087 | 2025-03-17T21:24:45.638867

kjnkjabhbanc283ubcsbhdc72

8085 / tcp

1353260875 | 2025-03-20T19:56:17.058162

\x00[g\xc2\x95N\x7f\x00\x00

8087 / tcp

165188539 | 2025-03-16T17:06:13.281841

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8089 / tcp

-971970408 | 2025-03-18T09:14:19.657755

8099 / tcp

1115736665 | 2025-03-23T00:11:52.612094

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
via: CHN-GDdongguan-AREACMCC2-CACHE15[8]
X-CCDN-FORBID-CODE: 040001

8102 / tcp

-2089734047 | 2025-03-20T10:20:23.425518

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8106 / tcp

165188539 | 2025-03-22T12:45:43.602875

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8115 / tcp

-1839934832 | 2025-04-05T09:13:09.311872

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8120 / tcp

-1476017887 | 2025-03-13T03:16:12.390868

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

8126 / tcp

233634112 | 2025-03-27T23:42:28.894130

SSH-98.60-SysaxSSH_81885..42

8127 / tcp

-1476017887 | 2025-03-15T02:24:41.405893

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

8128 / tcp

-1248408558 | 2025-04-10T19:42:27.892216

220 MikroTik FTP server (MikroTik 6.44.3) ready

8129 / tcp

819727972 | 2025-04-06T01:46:48.249844

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8130 / tcp

-445721795 | 2025-04-01T22:21:31.946611

\x00[\xc3\xaed\x1a\x7f\x00\x00

8132 / tcp

-2031152423 | 2025-03-19T11:27:39.813864

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

8135 / tcp

971933601 | 2025-04-03T12:43:12.060566

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

8139 / tcp

-154107716 | 2025-04-03T12:23:09.628216

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

8145 / tcp

1761482307 | 2025-04-03T02:55:56.295873

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

8150 / tcp

-1327660293 | 2025-04-07T03:05:29.884200

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

8164 / tcp

-1189269828 | 2025-04-03T22:55:17.093682

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8165 / tcp

575925250 | 2025-03-14T11:57:54.213953

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

8170 / tcp

632542934 | 2025-03-21T17:52:42.645572

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8177 / tcp

722711397 | 2025-04-09T19:01:23.862835

\x00[M\xc3\xba\xc3\x9a\x7f\x00\x00

8181 / tcp

-971970408 | 2025-03-25T08:51:32.646652

8184 / tcp

1911457608 | 2025-04-03T19:45:32.803357

\x00[\x00\x00\x00\x00\x00\x00

8186 / tcp

504717326 | 2025-04-02T02:42:08.346115

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 6 1

8200 / tcp

1320285193 | 2025-03-29T21:19:53.429055

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

8243 / tcp

321971019 | 2025-04-09T23:53:12.203426

-ERR client ip is not in whitelist\r

8291 / tcp

-1453516345 | 2025-04-06T19:24:10.985132

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

8333 / tcp

134472555 | 2025-04-01T03:40:33.099388

K\x02%~)J/\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

8384 / tcp

1282941221 | 2025-04-04T06:22:50.008928

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

8385 / tcp

921225407 | 2025-03-15T13:23:20.845221

\x00\x00\x00\x04\x00\x00\x00\x00\x00

8404 / tcp

1574088840 | 2025-03-25T04:44:44.661682

">Application and Content Networking Software 3.9</a>)\n</BODY><

8407 / tcp

921225407 | 2025-03-14T07:17:53.323021

\x00\x00\x00\x04\x00\x00\x00\x00\x00

8418 / tcp

-457235091 | 2025-03-26T07:51:57.580156

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

8432 / tcp

1911457608 | 2025-04-10T03:18:21.020332

\x00[\x00\x00\x00\x00\x00\x00

8444 / tcp

-1730858130 | 2025-03-27T18:43:15.305940

RFB 003.008
VNC:
  Protocol Version: 3.8

8448 / tcp

-1996280214 | 2025-04-08T03:39:34.356446

\x06\x04\x05@

8457 / tcp

819727972 | 2025-04-07T11:31:08.998019

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8463 / tcp

-1399940268 | 2025-04-03T14:23:12.427777

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8465 / tcp

-1839934832 | 2025-03-26T08:27:26.774746

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8466 / tcp

-1399940268 | 2025-03-20T06:53:53.948380

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8473 / tcp

-1261090339 | 2025-03-22T03:25:23.623225

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

8480 / tcp

1210754493 | 2025-04-05T18:35:05.415991

0\x0c\x02\x01\x01a\x07\n\x01\x00\x04\x00\x04\x00

8545 / tcp

2087396567 | 2025-04-09T04:24:01.511836

kjnkjabhbanc283ubcsbhdc72

8567 / tcp

740837454 | 2025-03-24T01:12:37.295063

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

8575 / tcp

-1099385124 | 2025-04-05T12:47:25.594451

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

8584 / tcp

-1399940268 | 2025-03-16T06:32:36.953932

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8599 / tcp

-358801646 | 2025-03-12T01:52:50.170429

SSH-2.0-OpenSSH_6.6.1

8623 / tcp

-1399940268 | 2025-04-06T20:21:12.909780

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8630 / tcp

-1839934832 | 2025-03-15T05:39:28.930812

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8649 / tcp

842535728 | 2025-03-21T00:29:36.460476

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

8728 / tcp

-1399940268 | 2025-03-20T23:04:48.651231

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8801 / tcp

-891714208 | 2025-04-02T22:43:12.473697

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

8805 / tcp

-1032713145 | 2025-04-06T19:28:00.065418

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

8828 / tcp

-1399940268 | 2025-03-27T05:40:25.857282

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8850 / tcp

693973426 | 2025-03-19T06:58:59.911708

220 VMware Authentication Daemon Version 1.10: SSL Required, Se\nrverDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t

8865 / tcp

1911457608 | 2025-04-09T15:50:07.316223

\x00[\x00\x00\x00\x00\x00\x00

8870 / tcp

1911457608 | 2025-03-14T01:35:59.720473

\x00[\x00\x00\x00\x00\x00\x00

8879 / tcp

2098371729 | 2025-03-14T20:35:08.209247

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

8899 / tcp

372433470 | 2025-03-15T15:53:40.865652

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

9001 / tcp

-1026951088 | 2025-03-13T08:14:37.548294

erro ip

9017 / tcp

-1476017887 | 2025-03-23T12:34:15.143393

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

9022 / tcp

1577475130 | 2025-03-25T23:12:12.811019

HTTP/1.1 200 OK
Content-Type:text/html; charset=UTF-8
Ext:
Server: RomPager/4.07 UPnP/1.0

9042 / tcp

-1810987450 | 2025-03-19T15:16:58.011622

\xc3\xbf

9063 / tcp

1208318993 | 2025-04-04T18:14:48.314109

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

9076 / tcp

-2017887953 | 2025-03-13T10:01:36.790508

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

9081 / tcp

-1399940268 | 2025-04-07T06:43:33.538642

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9092 / tcp

165188539 | 2025-04-05T13:10:10.794292

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9095 / tcp

-441419608 | 2025-03-12T18:36:23.876040

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

9099 / tcp

638001051 | 2025-03-18T06:34:46.046823

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2311_PS-000-013Ry57_7584-47162

9100 / tcp

-1399940268 | 2025-03-26T11:40:45.769224

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9104 / tcp

1911457608 | 2025-04-04T08:55:17.126552

\x00[\x00\x00\x00\x00\x00\x00

9108 / tcp

1396488228 | 2025-04-02T16:30:06.934174

HTTP/1.1 200 OK
Content-Length: 2037
Cache-Control: private, max-age=300
Content-Type: text/html

9141 / tcp

380146262 | 2025-04-02T16:46:13.301456

@RSYNCD: 30.0

9143 / tcp

-992671574 | 2025-03-12T05:24:31.151117

@RSYNCD: 26

9145 / tcp

-1399940268 | 2025-03-26T00:44:39.169909

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9151 / tcp

2087396567 | 2025-04-08T09:49:24.629290

kjnkjabhbanc283ubcsbhdc72

9160 / tcp

677934968 | 2025-04-03T06:19:43.054846

lm^)Q

9198 / tcp

-1329831334 | 2025-04-07T01:32:21.404100

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

9200 / tcp

-1163346640 | 2025-04-02T19:30:09.959110

Hashes

hash

-997913363

http.dom_hash

-2006505642

http.html_hash

-1163346640

HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
content-length: 215

9249 / tcp

165188539 | 2025-03-23T22:18:53.244105

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9256 / tcp

-2089734047 | 2025-04-06T21:31:55.440777

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9280 / tcp

-1888448627 | 2025-04-01T22:13:15.489235

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9306 / tcp

-1730858130 | 2025-03-22T18:16:25.778503

RFB 003.008
VNC:
  Protocol Version: 3.8

9307 / tcp

1911457608 | 2025-03-26T22:21:45.049139

\x00[\x00\x00\x00\x00\x00\x00

9309 / tcp

-616720387 | 2025-03-29T17:48:07.791680

SSH-2.0-SSHD_0.7.6

9311 / tcp

819727972 | 2025-03-17T21:23:15.500738

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9312 / tcp

-1139539254 | 2025-03-17T23:05:27.678777

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

9333 / tcp

-2096652808 | 2025-03-29T13:06:32.272755

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

9387 / tcp

1763259671 | 2025-03-25T19:39:18.621834

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

9398 / tcp

-971970408 | 2025-03-19T05:12:45.788982

9400 / tcp

119860953 | 2025-04-08T17:31:46.538647

* OK ArGoSoft Mail Server IMAP Module v.YW at

9418 / tcp

694512854 | 2025-03-31T18:52:09.622870

220-FileZilla Server 中文版 0.9.60 beta
220-written by Tim Kosse (tim.kosse@filezilla-project.org)
220 Please visit https://filezilla-project.org/

9443 / tcp

691293795 | 2025-03-26T19:02:36.211474

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Wed, 26 Mar 2025 19:02:36 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://39.103.20.103:443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

9456 / tcp

819727972 | 2025-03-20T04:10:54.339829

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9600 / tcp

2098371729 | 2025-04-02T00:25:25.482394

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

9633 / tcp

-1839934832 | 2025-04-02T02:06:35.307667

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

9711 / tcp

1161309183 | 2025-04-06T17:56:33.103159

ProxyServer is ready

9810 / tcp

819727972 | 2025-03-18T19:16:21.133380

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9876 / tcp

1977569953 | 2025-03-23T23:26:01.091466

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2987_PS-SHA-01Jtm19_12756-43634

9898 / tcp

1320285193 | 2025-04-05T22:18:59.932908

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

9922 / tcp

819727972 | 2025-04-07T18:26:31.187069

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9943 / tcp

-1839864261 | 2025-03-31T21:23:28.144633

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae25a5_PS-TNH-01Vm9154_3387-14536

9994 / tcp

1761482307 | 2025-04-05T03:58:57.114256

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

9998 / tcp

1969772007 | 2025-04-07T20:34:36.801865

HTTP/1.1 400 Bad Request
Connection: keep-alive
Connection: close
X-Via-JSL: c973153,-
X-Cache: error

9999 / tcp

1161309183 | 2025-04-10T11:06:21.326928

ProxyServer is ready

10000 / tcp

1161309183 | 2025-04-07T13:23:03.053468

ProxyServer is ready

10001 / tcp

1492413928 | 2025-03-24T10:21:56.834653

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

10003 / tcp

-1839934832 | 2025-03-15T16:51:15.877668

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

10011 / tcp

-2096652808 | 2025-03-16T02:15:55.648091

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

10013 / tcp

1911457608 | 2025-03-21T22:17:16.837303

\x00[\x00\x00\x00\x00\x00\x00

10047 / tcp

1492413928 | 2025-03-15T02:47:35.416457

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

10050 / tcp

-321444299 | 2025-03-27T03:59:52.952695

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

10051 / tcp

1778988322 | 2025-03-25T19:16:32.848025

* OK GroupWise IMAP4rev1 Server Ready

10081 / tcp

-2096652808 | 2025-03-26T10:24:21.856826

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

10087 / tcp

-1399940268 | 2025-03-17T21:26:18.835481

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10134 / tcp

745343730 | 2025-03-25T13:35:52.973209

220 smtp.qq.com Esmtp QQ Mail Server

10201 / tcp

-1947777893 | 2025-03-19T10:47:17.213470

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

10250 / tcp

-971970408 | 2025-03-25T12:05:21.151389

10909 / tcp

-1733106930 | 2025-03-28T07:51:09.713491

Mysql Version: 5.6.50-log\nN\n5.6.50-log\x14(\nG5se"tGE\xc3\xbf\xc3\xb7-\x02\x7f\xc2\x80\x15cB^3$Zwh$wM[mysql_native_password

10911 / tcp

677934968 | 2025-04-07T19:20:56.204577

lm^)Q

10933 / tcp

1948301213 | 2025-03-12T23:54:47.512152

RFB 003.003
VNC:
  Protocol Version: 3.3

11000 / tcp

819727972 | 2025-04-05T18:12:53.868002

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

11082 / tcp

1911457608 | 2025-03-22T20:01:45.991994

\x00[\x00\x00\x00\x00\x00\x00

11210 / tcp

1991883981 | 2025-04-01T10:15:10.882379

B\x00\x00\x00\xc3\xbfn\x04Too many connections

11288 / tcp

669849225 | 2025-03-17T18:16:05.044456

SSH-98.60-SysaxSSH_81885..42\r\n

11434 / tcp

0 | 2025-03-13T13:51:28.156142

Hashes

hash

-119996482

http.dom_hash

http.html_hash

HTTP/1.1 408 Request Timeout
Content-Length: 0

11601 / tcp

-1329831334 | 2025-04-05T21:54:41.390096

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

11680 / tcp

-136006866 | 2025-03-23T16:24:25.441989

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

11681 / tcp

-2096652808 | 2025-04-05T15:16:14.644106

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12000 / tcp

-2046909074 | 2025-03-14T06:58:39.884651

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae217c_PS-000-01mL925_24271-10054

12088 / tcp

-1399940268 | 2025-03-19T21:03:35.252982

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12103 / tcp

709622286 | 2025-03-19T10:43:53.390274

OK Welcome <299685> on DirectUpdate server 7286\r\n

12108 / tcp

366084633 | 2025-03-28T02:08:30.800976

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

12109 / tcp

-1327660293 | 2025-03-25T16:13:09.935473

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12110 / tcp

819727972 | 2025-03-15T16:51:37.708130

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12157 / tcp

1911457608 | 2025-03-16T21:16:32.499156

\x00[\x00\x00\x00\x00\x00\x00

12161 / tcp

-1730858130 | 2025-03-19T05:24:09.150060

RFB 003.008
VNC:
  Protocol Version: 3.8

12174 / tcp

467951499 | 2025-03-22T04:56:51.789671

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 13-97851760-0 0NNN RT(1700967379208 1) q(0 -1 -1 -1) r(0 -1)

12190 / tcp

1911457608 | 2025-04-07T18:50:36.437291

\x00[\x00\x00\x00\x00\x00\x00

12197 / tcp

504717326 | 2025-04-09T18:58:13.352383

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 6 1

12198 / tcp

1655023012 | 2025-04-02T19:36:12.623680

athinfod: invalid query.\n

12201 / tcp

1134517380 | 2025-03-17T23:22:53.027373

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

12224 / tcp

1282941221 | 2025-03-13T02:47:53.306262

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

12228 / tcp

-441419608 | 2025-03-28T15:33:02.251890

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

12230 / tcp

1911457608 | 2025-03-12T01:34:51.315857

\x00[\x00\x00\x00\x00\x00\x00

12238 / tcp

-1428621233 | 2025-04-06T15:32:36.726944

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

12241 / tcp

580340387 | 2025-04-08T20:26:30.148334

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

12242 / tcp

-1899074860 | 2025-03-29T10:04:13.446883

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

12248 / tcp

639175818 | 2025-03-20T23:02:21.125019

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

12256 / tcp

921225407 | 2025-03-21T23:12:36.557197

\x00\x00\x00\x04\x00\x00\x00\x00\x00

12266 / tcp

165188539 | 2025-03-22T12:13:56.150605

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12272 / tcp

921225407 | 2025-03-19T05:53:50.509792

\x00\x00\x00\x04\x00\x00\x00\x00\x00

12282 / tcp

-2096652808 | 2025-04-05T00:26:48.483165

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12294 / tcp

1911457608 | 2025-04-01T14:31:29.460009

\x00[\x00\x00\x00\x00\x00\x00

12304 / tcp

-801484042 | 2025-03-12T19:00:18.462452

ERR 27

12315 / tcp

1911457608 | 2025-03-18T22:54:15.496599

\x00[\x00\x00\x00\x00\x00\x00

12320 / tcp

819727972 | 2025-04-10T11:52:00.962751

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12322 / tcp

819727972 | 2025-04-08T23:01:35.956689

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12323 / tcp

1504401647 | 2025-03-25T00:00:08.526618

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

12331 / tcp

-801484042 | 2025-03-15T15:16:36.472289

ERR 27

12337 / tcp

-653033013 | 2025-04-10T03:36:14.463908

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

12338 / tcp

-249504111 | 2025-03-23T09:01:50.312725

\x00[xU-\x7f\x00\x00

12345 / tcp

296364507 | 2025-03-19T19:22:25.666563

HTTP/1.1 500 Internal Server Error
SERVER: Trend Chip UPnP/1.0 DMS
CONNECTION: close
CONTENT-LENGTH: 60
CONTENT-TYPE: text/html

12352 / tcp

-2033111675 | 2025-03-14T23:43:22.091595

~djb

12371 / tcp

-1399940268 | 2025-04-08T14:57:15.421876

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12387 / tcp

-653033013 | 2025-03-23T20:41:50.268051

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

12389 / tcp

401555314 | 2025-03-14T19:25:50.974391

NB[GFXjA^R

12392 / tcp

117101543 | 2025-04-05T18:10:32.600654

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

12393 / tcp

-784071826 | 2025-04-02T01:57:16.906347

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

12401 / tcp

819727972 | 2025-04-03T12:21:58.984222

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12405 / tcp

165188539 | 2025-03-27T01:29:20.164949

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12427 / tcp

-1399940268 | 2025-04-10T19:51:43.408677

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12428 / tcp

-1399940268 | 2025-04-03T09:18:56.235734

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12434 / tcp

1911457608 | 2025-04-05T17:34:41.135281

\x00[\x00\x00\x00\x00\x00\x00

12437 / tcp

1492413928 | 2025-04-01T23:01:48.679305

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

12440 / tcp

819727972 | 2025-04-05T17:29:18.021193

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12465 / tcp

-1399940268 | 2025-04-05T22:21:56.068827

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12485 / tcp

-1888448627 | 2025-04-07T08:56:55.615491

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12490 / tcp

-1810987450 | 2025-04-05T02:28:52.338043

\xc3\xbf

12496 / tcp

-2089734047 | 2025-03-16T07:36:54.014446

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12511 / tcp

580340387 | 2025-04-09T11:54:02.395714

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

12528 / tcp

1353260875 | 2025-03-23T20:11:09.843772

\x00[g\xc2\x95N\x7f\x00\x00

13000 / tcp

-122096153 | 2025-04-03T09:27:07.546842

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

13380 / tcp

1767345577 | 2025-03-18T08:14:32.731904

Hello, this is Quagga (version 0T).
Copyright 1996-200

13443 / tcp

-2046514463 | 2025-04-08T19:45:59.514924

AB\x01\t

14101 / tcp

-1032713145 | 2025-03-13T22:04:01.600665

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

14147 / tcp

2063598737 | 2025-03-26T22:24:26.466080

/0 0 L\r\n/0 0 HUH\r\n

14265 / tcp

1919228981 | 2025-03-12T22:41:14.667026

\x00\x1e\x00\x06\xc2\x81\xc2\x85\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

14344 / tcp

165188539 | 2025-03-22T04:41:08.609058

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

14407 / tcp

1282941221 | 2025-03-13T02:15:43.284188

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

14443 / tcp

1911457608 | 2025-03-15T13:03:30.656585

\x00[\x00\x00\x00\x00\x00\x00

14523 / tcp

1543809371 | 2025-03-15T21:06:24.518497

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

14897 / tcp

-1399940268 | 2025-04-10T06:50:20.763116

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14903 / tcp

-358801646 | 2025-04-02T10:07:37.349635

SSH-2.0-OpenSSH_6.6.1

15002 / tcp

-147424911 | 2025-04-02T06:01:19.054675

HTTP/1.1 404 Not Found
Content Length: 0

15443 / tcp

1077013874 | 2025-04-09T06:58:51.667792

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

16005 / tcp

632542934 | 2025-03-21T19:05:50.100363

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

16010 / tcp

-971970408 | 2025-03-21T02:36:55.779263

16014 / tcp

1911457608 | 2025-04-09T23:30:22.184388

\x00[\x00\x00\x00\x00\x00\x00

16017 / tcp

-1399940268 | 2025-03-17T10:58:22.722979

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16021 / tcp

114471724 | 2025-03-27T15:31:44.185749

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN
Server: NSX

16027 / tcp

-438503381 | 2025-04-01T10:17:29.958929

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

16028 / tcp

1911457608 | 2025-04-06T22:35:25.784355

\x00[\x00\x00\x00\x00\x00\x00

16031 / tcp

-1399940268 | 2025-03-18T20:05:17.901675

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16033 / tcp

2063598737 | 2025-03-17T18:42:34.005774

/0 0 L\r\n/0 0 HUH\r\n

16049 / tcp

-1888448627 | 2025-04-03T12:36:37.511444

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

16069 / tcp

819727972 | 2025-04-04T21:59:31.935826

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

16076 / tcp

819727972 | 2025-03-17T10:14:42.776315

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

16080 / tcp

-147424911 | 2025-03-25T20:26:28.259642

HTTP/1.1 404 Not Found
Content Length: 0

16089 / tcp

-1399940268 | 2025-03-16T21:58:27.159617

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16093 / tcp

740837454 | 2025-03-12T10:27:13.896043

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

16401 / tcp

-1399940268 | 2025-03-28T22:53:43.237943

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16888 / tcp

819727972 | 2025-03-15T20:28:56.092219

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

16993 / tcp

2087396567 | 2025-03-17T22:56:10.288820

kjnkjabhbanc283ubcsbhdc72

17000 / tcp

-1810987450 | 2025-04-03T18:38:57.804790

\xc3\xbf

17070 / tcp

-2089734047 | 2025-04-01T05:11:18.626367

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

17773 / tcp

599074451 | 2025-04-04T03:56:43.463088

msg

18003 / tcp

740837454 | 2025-03-25T12:19:17.540909

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

18007 / tcp

632542934 | 2025-03-11T22:37:01.077332

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

18023 / tcp

51259122 | 2025-03-14T07:12:44.531506

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

18026 / tcp

2098371729 | 2025-03-19T21:45:45.753794

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

18029 / tcp

-1327660293 | 2025-04-02T02:06:49.133258

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

18041 / tcp

-1399940268 | 2025-03-31T13:11:43.979013

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18042 / tcp

819727972 | 2025-03-24T16:07:53.900454

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

18053 / tcp

-2096652808 | 2025-03-12T21:21:10.902361

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

18054 / tcp

-1148066627 | 2025-03-31T18:17:58.455603

\x00[\xc2\x84\xc2\x86\xc3\xb2\x7f\x00\x00

18058 / tcp

307999478 | 2025-03-31T21:21:17.002858

unknown command \r\nunknown command \r\n

18060 / tcp

-249504111 | 2025-03-13T14:58:54.474155

\x00[xU-\x7f\x00\x00

18062 / tcp

-747911285 | 2025-04-03T06:38:56.575953

\xc2\xaa

18070 / tcp

-1279886438 | 2025-03-21T10:32:50.377851

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

18080 / tcp

819727972 | 2025-03-29T01:55:31.333997

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

18081 / tcp

-445721795 | 2025-03-31T14:43:29.779621

\x00[\xc3\xaed\x1a\x7f\x00\x00

18094 / tcp

-2140303521 | 2025-04-03T18:48:02.648124

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

18111 / tcp

2063598737 | 2025-03-23T22:37:45.659123

/0 0 L\r\n/0 0 HUH\r\n

18245 / tcp

1911457608 | 2025-04-10T16:25:01.468218

\x00[\x00\x00\x00\x00\x00\x00

18443 / tcp

104385780 | 2025-03-28T20:24:40.195332

ceph v2

18553 / tcp

-971970408 | 2025-04-06T20:41:49.289314

19014 / tcp

-1399940268 | 2025-03-24T22:59:29.965663

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

19080 / tcp

1210754493 | 2025-03-31T15:43:08.373705

0\x0c\x02\x01\x01a\x07\n\x01\x00\x04\x00\x04\x00

19090 / tcp

921225407 | 2025-03-18T15:04:47.198511

\x00\x00\x00\x04\x00\x00\x00\x00\x00

19200 / tcp

546151771 | 2025-04-04T03:42:28.852790

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

19222 / tcp

1911457608 | 2025-03-13T20:49:00.349297

\x00[\x00\x00\x00\x00\x00\x00

19776 / tcp

2063598737 | 2025-03-21T20:25:45.458093

/0 0 L\r\n/0 0 HUH\r\n

19930 / tcp

-971970408 | 2025-04-06T14:52:59.577883

20000 / tcp

1900503736 | 2025-04-03T21:15:26.409236

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

20084 / tcp

-1399940268 | 2025-04-06T16:27:51.821968

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20090 / tcp

819727972 | 2025-03-27T17:59:25.012051

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

20107 / tcp

1011407350 | 2025-04-03T08:36:10.243192

* OK GroupWise IMAP4rev1 Server Ready\r\n

20151 / tcp

-1598265216 | 2025-04-01T07:25:52.248569

@RSYNCD: 31.0

20185 / tcp

-1399940268 | 2025-03-12T03:18:21.542201

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20256 / tcp

-1888448627 | 2025-04-04T10:59:53.494521

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

20500 / tcp

-1399940268 | 2025-04-02T10:02:35.178052

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20512 / tcp

599074451 | 2025-04-07T16:18:52.855050

msg

20892 / tcp

1426971893 | 2025-03-12T17:57:35.999925

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

21001 / tcp

819727972 | 2025-03-14T21:35:04.765678

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

21025 / tcp

-2089734047 | 2025-03-21T20:01:46.914059

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

21027 / tcp

1542849631 | 2025-03-26T23:07:28.841602

* OK [CAPABILITY a2,M\] nBwXk2pPP IMAP4rev1 20qx at

21235 / tcp

-2089734047 | 2025-04-05T02:49:28.489491

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

21241 / tcp

819727972 | 2025-03-14T22:50:41.589475

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

21249 / tcp

1208318993 | 2025-03-12T07:48:50.501421

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

21251 / tcp

1208318993 | 2025-03-17T02:46:50.845165

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

21255 / tcp

-1839934832 | 2025-03-29T06:20:33.343153

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

21266 / tcp

-1453516345 | 2025-04-10T09:58:39.180522

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

21268 / tcp

-1261090339 | 2025-03-25T00:06:41.876700

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

21280 / tcp

401555314 | 2025-03-18T06:56:50.150318

NB[GFXjA^R

21290 / tcp

-2096652808 | 2025-03-25T20:08:21.058062

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

21297 / tcp

971933601 | 2025-03-29T07:24:53.265904

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

21300 / tcp

-1105333987 | 2025-03-23T19:51:32.753747

\x00[KpU\x7f\x00\x00

21302 / tcp

1332894250 | 2025-03-12T14:33:30.146325

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

21305 / tcp

103159425 | 2025-03-26T20:08:26.686655

SSH-1.99-RGOS_SSH

21326 / tcp

1126993057 | 2025-04-05T19:07:21.649622

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

21379 / tcp

-1399940268 | 2025-03-27T01:52:22.063327

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21381 / tcp

-303199180 | 2025-04-07T21:08:42.415883

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

21443 / tcp

-445721795 | 2025-03-28T00:57:00.593816

\x00[\xc3\xaed\x1a\x7f\x00\x00

22000 / tcp

1332894250 | 2025-04-01T17:29:56.341052

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

22001 / tcp

808560482 | 2025-04-04T04:36:21.695073

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP
 : USERID : UNIX : Cr8

22067 / tcp

-1375131644 | 2025-03-27T17:29:36.351574

\x00[v\xc3\xbdC\x7f\x00\x00

22069 / tcp

2087396567 | 2025-03-25T01:44:17.432021

kjnkjabhbanc283ubcsbhdc72

22070 / tcp

117101543 | 2025-04-04T01:23:25.723752

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

22107 / tcp

-1399940268 | 2025-04-10T10:02:46.974326

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

22206 / tcp

-1026951088 | 2025-03-25T05:23:54.555278

erro ip

22222 / tcp

-358801646 | 2025-03-26T10:08:05.649005

SSH-2.0-OpenSSH_6.6.1

23023 / tcp

-1681927087 | 2025-03-25T16:29:05.402733

kjnkjabhbanc283ubcsbhdc72

24245 / tcp

599074451 | 2025-04-06T07:11:42.273387

msg

25001 / tcp

-1839934832 | 2025-03-17T19:30:09.953434

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

25105 / tcp

2087396567 | 2025-03-22T20:25:59.045444

kjnkjabhbanc283ubcsbhdc72

25565 / tcp

2143387245 | 2025-04-03T03:54:35.891712

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

25952 / tcp

-1611764932 | 2025-03-12T03:52:52.393363

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

26656 / tcp

-1730858130 | 2025-04-07T18:22:36.161804

RFB 003.008
VNC:
  Protocol Version: 3.8

26657 / tcp

1690634669 | 2025-04-07T15:19:51.586188

27015 / tcp

-1888448627 | 2025-03-29T03:22:26.420539

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

27016 / tcp

819727972 | 2025-03-29T10:25:25.606102

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

27017 / tcp

422524323 | 2025-03-31T16:37:25.119199

{
"Version": "3.4.18",
"VersionArray": [
3,
4,
18,
0
],
"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",
"OpenSSLVersion": "",
"SysInfo": "",
"Bits": 64,
"Debug": false,
"MaxObjectSize": 16777216
}

27571 / tcp

632542934 | 2025-03-18T05:58:29.926037

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

28017 / tcp

-971970408 | 2025-03-24T15:31:52.612392

30002 / tcp

-1681927087 | 2025-03-23T09:08:35.866810

kjnkjabhbanc283ubcsbhdc72

30003 / tcp

-1730858130 | 2025-03-13T05:19:58.181356

RFB 003.008
VNC:
  Protocol Version: 3.8

30015 / tcp

1911457608 | 2025-03-13T06:53:31.992078

\x00[\x00\x00\x00\x00\x00\x00

30022 / tcp

1308377066 | 2025-03-14T21:46:30.001931

ncacn_http/1.0

30029 / tcp

1911457608 | 2025-03-27T23:14:47.228460

\x00[\x00\x00\x00\x00\x00\x00

30122 / tcp

660175493 | 2025-04-06T04:07:24.358913

30222 / tcp

599074451 | 2025-03-25T16:30:26.416138

msg

30301 / tcp

1690634669 | 2025-03-15T20:24:56.022931

30303 / tcp

-971970408 | 2025-04-09T13:01:50.583334

30422 / tcp

1761482307 | 2025-04-05T20:41:15.223482

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

30622 / tcp

-2080784861 | 2025-04-05T13:35:17.148881

GBPK\xc3\xbb\xc3\xb7n\xc2\x93W\xc2\xaf\xc2\x86\xc2\x93x@\xc2\xa9\x0e\xc3\x8a*\xc2\x9bS\x00

30822 / tcp

-1311598826 | 2025-04-05T15:27:59.347422

AMQP:
cluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local
copyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.
information:Licensed under the MPL 2.0. Website: https://rabbitmq.com
platform:Erlang/OTP 24.1
product:RabbitMQ
version:3.9.7
Capabilities:
publisher_confirms:true
exchange_exchange_bindings:true
basic.nack:true
consumer_cancel_notify:true
connection.blocked:true
consumer_priorities:true
authentication_failure_close:true
per_consumer_qos:true
direct_reply_to:tru

30922 / tcp

1741579575 | 2025-04-05T22:53:44.619150

31022 / tcp

-1900404274 | 2025-04-05T19:40:51.146223

Unknown command

31122 / tcp

1741579575 | 2025-03-25T20:11:32.457559

31222 / tcp

1741579575 | 2025-04-05T08:37:13.924428

31322 / tcp

-1839934832 | 2025-04-05T10:25:17.127734

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

31337 / tcp

-2133761335 | 2025-04-06T17:39:38.727086

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.21

31422 / tcp

-1626979812 | 2025-03-25T03:32:48.472116

220 Service ready for new user.

31443 / tcp

2087396567 | 2025-04-07T16:34:25.206915

kjnkjabhbanc283ubcsbhdc72

31522 / tcp

-784071826 | 2025-04-04T23:46:06.730476

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

31722 / tcp

-801484042 | 2025-03-21T15:37:08.966607

ERR 27

32022 / tcp

-893477759 | 2025-04-05T03:24:48.737779

!versionbind7 t{RPowerDNS Recursor 410

32080 / tcp

-1399940268 | 2025-03-25T11:35:51.167298

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

32122 / tcp

-358801646 | 2025-03-20T03:08:10.407191

SSH-2.0-OpenSSH_6.6.1

32222 / tcp

1261582754 | 2025-03-23T17:21:04.671158

unknown command 
unknown command

32400 / tcp

2087396567 | 2025-03-23T17:20:51.772550

kjnkjabhbanc283ubcsbhdc72

32422 / tcp

60948681 | 2025-04-04T18:31:13.287398

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).

32722 / tcp

-971970408 | 2025-04-04T10:45:35.305080

32746 / tcp

1948301213 | 2025-04-08T15:43:45.510427

RFB 003.003
VNC:
  Protocol Version: 3.3

33022 / tcp

-971970408 | 2025-03-23T00:01:15.255696

33060 / tcp

819727972 | 2025-04-08T09:12:45.066250

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

33122 / tcp

-321444299 | 2025-03-22T22:13:21.900777

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

33338 / tcp

-1529979118 | 2025-04-02T17:14:47.024287

inv2W

33422 / tcp

1636811864 | 2025-03-19T16:44:04.094128

33622 / tcp

660175493 | 2025-03-21T05:13:38.358782

33722 / tcp

1541211644 | 2025-03-18T04:08:47.638433

[\xc2\xba\x7fs\x7f

33922 / tcp

-358801646 | 2025-03-18T02:22:15.104175

SSH-2.0-OpenSSH_6.6.1

34122 / tcp

1620329124 | 2025-03-20T15:26:25.207831

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\x01\xc3\xbf\xc3\xbb\x03\xc3\xbf\xc3\xbd\x01\xc3\xbf\xc3\xbe\x01Username:

35000 / tcp

-297128567 | 2025-03-29T21:06:02.820482

\x04\x01\xc3\xb4\x00\x15Internal Server Error\x00\x00\x00AB\x00\x02\x05\x00

35122 / tcp

-786044033 | 2025-03-19T00:56:33.278652

OK Welcome <299685> on DirectUpdate server 7286

35822 / tcp

-905685638 | 2025-03-17T17:40:09.336861

bxz437

36022 / tcp

819727972 | 2025-03-17T21:33:11.934575

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

36622 / tcp

1308377066 | 2025-03-16T08:09:22.067590

ncacn_http/1.0

36982 / tcp

1911457608 | 2025-03-23T18:15:31.972429

\x00[\x00\x00\x00\x00\x00\x00

37122 / tcp

-905685638 | 2025-03-16T23:06:34.402888

bxz437

37622 / tcp

819727972 | 2025-03-16T02:11:21.160317

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

37777 / tcp

1887224352 | 2025-04-02T13:25:27.059138

37822 / tcp

-1839934832 | 2025-03-14T02:35:52.655923

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

37922 / tcp

-1626979812 | 2025-03-18T00:36:59.110650

220 Service ready for new user.

38022 / tcp

2087396567 | 2025-03-17T23:50:29.040908

kjnkjabhbanc283ubcsbhdc72

38122 / tcp

819727972 | 2025-03-15T17:21:53.169283

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

38333 / tcp

104385780 | 2025-03-15T20:47:04.857823

ceph v2

38922 / tcp

-1648456501 | 2025-03-13T15:04:36.787421

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

39022 / tcp

1286504516 | 2025-03-13T20:21:32.556931

CP2E Control Console
Connected to Host: gZI

39222 / tcp

-1839934832 | 2025-03-13T17:33:09.800937

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

39822 / tcp

-321444299 | 2025-03-12T05:43:45.667717

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

41794 / tcp

539065883 | 2025-03-23T20:50:11.576500

41800 / tcp

51259122 | 2025-04-08T08:16:18.757900

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

42194 / tcp

819727972 | 2025-04-08T17:04:09.258536

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

42235 / tcp

-1327660293 | 2025-03-17T04:44:37.734328

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

42443 / tcp

-2107996212 | 2025-03-12T10:59:36.311897

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

44309 / tcp

-1114821551 | 2025-03-14T01:28:20.911524

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

44310 / tcp

-1105333987 | 2025-04-01T08:01:00.936035

\x00[KpU\x7f\x00\x00

44500 / tcp

1381121983 | 2025-03-28T00:09:35.999220

Notify\r\n

44510 / tcp

-1399940268 | 2025-04-08T15:35:24.422147

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

44818 / tcp

-1730858130 | 2025-03-24T05:21:49.571235

RFB 003.008
VNC:
  Protocol Version: 3.8

45666 / tcp

-1888448627 | 2025-04-03T17:58:01.571243

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

45888 / tcp

1911457608 | 2025-04-07T22:13:40.318878

\x00[\x00\x00\x00\x00\x00\x00

46000 / tcp

-1327660293 | 2025-04-08T18:29:31.336573

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

46443 / tcp

-904840257 | 2025-04-03T22:33:13.782073

572 Relay not authorized\r\n

47808 / tcp

-1681927087 | 2025-03-31T10:46:04.349154

kjnkjabhbanc283ubcsbhdc72

48012 / tcp

1911457608 | 2025-03-26T10:33:10.674381

\x00[\x00\x00\x00\x00\x00\x00

48899 / tcp

-971970408 | 2025-03-31T09:03:14.233928

49153 / tcp

1396488228 | 2025-03-22T13:20:00.476269

HTTP/1.1 200 OK
Content-Length: 2037
Cache-Control: private, max-age=300
Content-Type: text/html

49694 / tcp

921225407 | 2025-03-19T13:32:34.692333

\x00\x00\x00\x04\x00\x00\x00\x00\x00

50000 / tcp

-1230049476 | 2025-04-04T19:14:24.949692

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

50003 / tcp

-1888448627 | 2025-03-26T21:53:29.316196

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

50004 / tcp

-1399940268 | 2025-03-21T03:05:50.082805

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

50006 / tcp

-147424911 | 2025-03-14T07:44:09.611437

HTTP/1.1 404 Not Found
Content Length: 0

50050 / tcp

-1032713145 | 2025-03-16T13:02:28.367945

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

50070 / tcp

2087396567 | 2025-04-10T19:00:36.415726

kjnkjabhbanc283ubcsbhdc72

50100 / tcp

539065883 | 2025-04-10T21:02:08.621129

51106 / tcp

2087396567 | 2025-04-10T19:10:48.271668

kjnkjabhbanc283ubcsbhdc72

51235 / tcp

1690634669 | 2025-03-21T17:21:02.796058

51434 / tcp

-2089734047 | 2025-03-22T12:26:29.107578

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

52010 / tcp

-2089734047 | 2025-04-03T18:25:57.542369

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

52536 / tcp

-1399940268 | 2025-03-15T05:54:06.881774

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

52931 / tcp

819727972 | 2025-03-31T10:16:48.322586

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

53200 / tcp

-1399940268 | 2025-04-10T06:21:10.035963

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

53481 / tcp

-1399940268 | 2025-04-07T05:13:59.027193

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

53805 / tcp

-345718689 | 2025-03-31T11:57:36.979398

Vty password is not set.

54138 / tcp

-2096652808 | 2025-04-09T20:04:23.492308

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

54444 / tcp

-2089734047 | 2025-04-07T22:15:30.540609

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

55000 / tcp

-2096652808 | 2025-04-03T02:06:58.756502

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

55442 / tcp

2033888749 | 2025-04-10T01:52:54.237109

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

55443 / tcp

-445721795 | 2025-04-10T10:33:37.586395

\x00[\xc3\xaed\x1a\x7f\x00\x00

55553 / tcp

1690634669 | 2025-04-09T19:32:14.014321

55554 / tcp

819727972 | 2025-04-06T00:41:58.794661

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

58378 / tcp

-1399940268 | 2025-03-18T20:46:33.663582

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

58603 / tcp

-1327660293 | 2025-03-16T14:22:55.934451

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

60001 / tcp

-971970408 | 2025-04-09T18:17:29.631147

60129 / tcp

819727972 | 2025-04-09T15:00:15.872553

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

61613 / tcp

-616720387 | 2025-03-12T03:24:15.685605

SSH-2.0-SSHD_0.7.6

61616 / tcp

1492413928 | 2025-03-27T22:25:30.138108

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

62078 / tcp

-575085326 | 2025-04-09T16:40:40.969065

\x00\x00\x01)

62443 / tcp

-2046514463 | 2025-04-03T16:35:10.155355

AB\x01\t

63210 / tcp

1412519768 | 2025-03-14T22:58:54.039345

"AP0F1D85"
Connection: close

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR

63256 / tcp

-971970408 | 2025-03-21T20:47:10.582542

63257 / tcp

-1681927087 | 2025-04-06T22:38:41.511436

kjnkjabhbanc283ubcsbhdc72

63260 / tcp

1126993057 | 2025-04-01T22:13:59.211149

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

63443 / tcp

-122096153 | 2025-03-20T15:34:15.886530

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

64295 / tcp

320677201 | 2025-04-02T16:39:53.216120

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

64738 / tcp

1842524259 | 2025-04-09T22:16:57.571905

65000 / tcp

1906191280 | 2025-03-20T18:56:39.027217

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 657d0443_jdx210_8928-57530

39.103.20.103

Last Seen: 2025-04-10

Tags:

GeneralInformation

WebTechnologies

OpenPorts

11 / tcp 1492413928 | 2025-04-09T22:01:27.145695

13 / tcp -2023550675 | 2025-04-07T16:10:20.922943

15 / tcp 819727972 | 2025-04-09T20:08:35.244387

17 / tcp 1662811133 | 2025-03-15T17:01:05.266910

19 / tcp -1729629024 | 2025-03-13T01:51:23.520935

21 / tcp -731285715 | 2025-04-01T15:36:33.097044

37 / tcp 1463575233 | 2025-04-04T04:29:30.759845

43 / tcp 2087396567 | 2025-04-08T15:45:07.549350

49 / tcp -1056270173 | 2025-04-09T18:33:28.144179

53 / tcp 1024248778 | 2025-03-15T02:05:00.727868

80 / tcp 1572832718 | 2025-03-19T07:11:39.709851

Hashes

89 / tcp 307999478 | 2025-03-12T07:49:46.668641

94 / tcp 709622286 | 2025-03-24T17:25:33.419494

102 / tcp -792826324 | 2025-03-15T18:13:20.884525

111 / tcp 1187188851 | 2025-04-05T11:55:04.295234

119 / tcp 141730637 | 2025-03-23T20:53:29.265338

121 / tcp -1399940268 | 2025-03-15T21:49:54.175061

135 / tcp 1483120365 | 2025-03-14T17:36:22.877518

143 / tcp -1939513550 | 2025-03-22T13:33:09.912727

192 / tcp 1911457608 | 2025-04-06T20:56:24.994017

221 / tcp 819727972 | 2025-03-13T10:09:18.020361

264 / tcp -1707068558 | 2025-03-18T14:33:56.095648

311 / tcp 749429829 | 2025-03-19T11:06:52.504275

427 / tcp -349937125 | 2025-03-29T09:20:11.850973

441 / tcp 1504401647 | 2025-03-14T22:18:15.197139

443 / tcp 1156496095 | 2025-04-08T20:24:20.125939

Hashes

444 / tcp 0 | 2025-03-22T16:22:52.104825

Hashes

465 / tcp 897328069 | 2025-04-07T20:39:18.453151

503 / tcp -616720387 | 2025-03-27T23:30:10.998739

541 / tcp 1497273505 | 2025-03-17T22:54:28.718456

548 / tcp 155249582 | 2025-03-31T15:01:36.722607

554 / tcp 285770450 | 2025-04-06T16:26:59.907758

587 / tcp 1072031226 | 2025-03-24T04:59:48.906828

591 / tcp 455076604 | 2025-04-06T05:54:43.208407

632 / tcp 1282941221 | 2025-04-03T11:44:04.893759

666 / tcp -1960639992 | 2025-03-15T18:03:55.479420

675 / tcp -1428621233 | 2025-03-24T22:48:43.810970

771 / tcp -1327660293 | 2025-04-07T06:15:20.107992

789 / tcp 921225407 | 2025-04-10T01:09:04.585954

809 / tcp -1099385124 | 2025-04-10T20:20:18.215493

811 / tcp -1099385124 | 2025-04-01T23:30:36.279903

843 / tcp -2004989248 | 2025-03-24T13:43:11.871014

873 / tcp -1598265216 | 2025-03-28T15:27:48.321100

887 / tcp -1399940268 | 2025-03-17T06:55:56.532345

992 / tcp -1718295362 | 2025-04-09T09:50:46.301907

995 / tcp -740312032 | 2025-04-05T13:14:19.934731

999 / tcp 2061638597 | 2025-03-21T09:49:15.107020

1002 / tcp -1888448627 | 2025-03-19T08:42:48.232059

1012 / tcp -1399940268 | 2025-03-24T04:19:43.223384

1023 / tcp 1231376952 | 2025-04-04T02:04:18.866941

1025 / tcp -1399940268 | 2025-04-05T22:23:14.745210

1153 / tcp -2089734047 | 2025-03-25T04:37:42.170262

1177 / tcp 1545917845 | 2025-03-26T05:22:28.290891

1200 / tcp -1681927087 | 2025-03-24T01:12:02.751966

1207 / tcp -1399940268 | 2025-04-05T14:11:44.487134

1234 / tcp -1399940268 | 2025-04-05T06:54:32.454986

1293 / tcp 1492413928 | 2025-03-28T04:46:47.188481

1337 / tcp -971970408 | 2025-04-06T12:09:25.863198

1344 / tcp -1779118422 | 2025-04-06T19:27:55.313465

1377 / tcp 819727972 | 2025-03-23T11:57:07.347018

1433 / tcp -1781810481 | 2025-03-24T17:15:33.512912

1515 / tcp 819727972 | 2025-03-27T13:20:57.606556

1521 / tcp -1337747449 | 2025-03-17T15:49:11.532648

1599 / tcp 1208318993 | 2025-04-03T13:13:27.537419

1723 / tcp 1103582599 | 2025-04-06T05:40:16.882061

1800 / tcp -2089734047 | 2025-04-05T21:54:42.771238

1801 / tcp 1535389866 | 2025-03-15T23:30:13.578735

1883 / tcp 1911457608 | 2025-03-25T01:12:32.331048

1911 / tcp -2089734047 | 2025-03-31T15:13:25.017287

1926 / tcp 819727972 | 2025-04-04T20:32:23.268796

1980 / tcp 1541211644 | 2025-04-03T13:17:51.994093

11 / tcp

1492413928 | 2025-04-09T22:01:27.145695

13 / tcp

-2023550675 | 2025-04-07T16:10:20.922943

15 / tcp

819727972 | 2025-04-09T20:08:35.244387

17 / tcp

1662811133 | 2025-03-15T17:01:05.266910

19 / tcp

-1729629024 | 2025-03-13T01:51:23.520935

21 / tcp

-731285715 | 2025-04-01T15:36:33.097044

37 / tcp

1463575233 | 2025-04-04T04:29:30.759845

43 / tcp

2087396567 | 2025-04-08T15:45:07.549350

49 / tcp

-1056270173 | 2025-04-09T18:33:28.144179

53 / tcp

1024248778 | 2025-03-15T02:05:00.727868

80 / tcp

1572832718 | 2025-03-19T07:11:39.709851

89 / tcp

307999478 | 2025-03-12T07:49:46.668641

94 / tcp

709622286 | 2025-03-24T17:25:33.419494

102 / tcp

-792826324 | 2025-03-15T18:13:20.884525

111 / tcp

1187188851 | 2025-04-05T11:55:04.295234

119 / tcp

141730637 | 2025-03-23T20:53:29.265338

121 / tcp

-1399940268 | 2025-03-15T21:49:54.175061

135 / tcp

1483120365 | 2025-03-14T17:36:22.877518

143 / tcp

-1939513550 | 2025-03-22T13:33:09.912727

192 / tcp

1911457608 | 2025-04-06T20:56:24.994017

221 / tcp

819727972 | 2025-03-13T10:09:18.020361

264 / tcp

-1707068558 | 2025-03-18T14:33:56.095648

311 / tcp

749429829 | 2025-03-19T11:06:52.504275

427 / tcp

-349937125 | 2025-03-29T09:20:11.850973

441 / tcp

1504401647 | 2025-03-14T22:18:15.197139

443 / tcp

1156496095 | 2025-04-08T20:24:20.125939

444 / tcp

0 | 2025-03-22T16:22:52.104825

465 / tcp

897328069 | 2025-04-07T20:39:18.453151

503 / tcp

-616720387 | 2025-03-27T23:30:10.998739

541 / tcp

1497273505 | 2025-03-17T22:54:28.718456

548 / tcp

155249582 | 2025-03-31T15:01:36.722607

554 / tcp

285770450 | 2025-04-06T16:26:59.907758

587 / tcp

1072031226 | 2025-03-24T04:59:48.906828

591 / tcp

455076604 | 2025-04-06T05:54:43.208407

632 / tcp

1282941221 | 2025-04-03T11:44:04.893759

666 / tcp

-1960639992 | 2025-03-15T18:03:55.479420

675 / tcp

-1428621233 | 2025-03-24T22:48:43.810970

771 / tcp

-1327660293 | 2025-04-07T06:15:20.107992

789 / tcp

921225407 | 2025-04-10T01:09:04.585954

809 / tcp

-1099385124 | 2025-04-10T20:20:18.215493

811 / tcp

-1099385124 | 2025-04-01T23:30:36.279903

843 / tcp

-2004989248 | 2025-03-24T13:43:11.871014

873 / tcp

-1598265216 | 2025-03-28T15:27:48.321100

887 / tcp

-1399940268 | 2025-03-17T06:55:56.532345

992 / tcp

-1718295362 | 2025-04-09T09:50:46.301907

995 / tcp

-740312032 | 2025-04-05T13:14:19.934731

999 / tcp

2061638597 | 2025-03-21T09:49:15.107020

1002 / tcp

-1888448627 | 2025-03-19T08:42:48.232059

1012 / tcp

-1399940268 | 2025-03-24T04:19:43.223384

1023 / tcp

1231376952 | 2025-04-04T02:04:18.866941

1025 / tcp

-1399940268 | 2025-04-05T22:23:14.745210

1153 / tcp

-2089734047 | 2025-03-25T04:37:42.170262

1177 / tcp

1545917845 | 2025-03-26T05:22:28.290891

1200 / tcp

-1681927087 | 2025-03-24T01:12:02.751966

1207 / tcp

-1399940268 | 2025-04-05T14:11:44.487134

1234 / tcp

-1399940268 | 2025-04-05T06:54:32.454986

1293 / tcp

1492413928 | 2025-03-28T04:46:47.188481

1337 / tcp

-971970408 | 2025-04-06T12:09:25.863198

1344 / tcp

-1779118422 | 2025-04-06T19:27:55.313465

1377 / tcp

819727972 | 2025-03-23T11:57:07.347018

1433 / tcp

-1781810481 | 2025-03-24T17:15:33.512912

1515 / tcp

819727972 | 2025-03-27T13:20:57.606556

1521 / tcp

-1337747449 | 2025-03-17T15:49:11.532648

1599 / tcp

1208318993 | 2025-04-03T13:13:27.537419

1723 / tcp

1103582599 | 2025-04-06T05:40:16.882061

1800 / tcp

-2089734047 | 2025-04-05T21:54:42.771238

1801 / tcp

1535389866 | 2025-03-15T23:30:13.578735

1883 / tcp

1911457608 | 2025-03-25T01:12:32.331048

1911 / tcp

-2089734047 | 2025-03-31T15:13:25.017287

1926 / tcp

819727972 | 2025-04-04T20:32:23.268796

1980 / tcp

1541211644 | 2025-04-03T13:17:51.994093

2000 / tcp

1911457608 | 2025-04-08T15:54:06.679759

2001 / tcp

820958131 | 2025-04-05T09:36:42.976522

2002 / tcp

-1125826364 | 2025-03-18T17:30:29.542258

2008 / tcp

819727972 | 2025-04-08T01:38:21.791105

2010 / tcp

-1261090339 | 2025-03-26T04:20:55.946227

2020 / tcp

1230697277 | 2025-04-04T20:06:56.328257

2052 / tcp

114471724 | 2025-03-21T18:38:17.821785

2059 / tcp

-1476017887 | 2025-03-15T16:52:55.665469

2061 / tcp

1991883981 | 2025-04-02T16:57:14.816599