GeneralInformation

Country	China
City	Beijing
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(2)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

2019(4)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(4)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

CVE-2018-10088

9.8Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725.

2017(1)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(4)

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(1)

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 15 17 21 25 37 43 49 53 70 79 80 86 92 104 111 113 135 175 177 179 195 221 264 400 427 440 465 503 513 515 548 554 636 666 789 811 830 995 1023 1025 1080 1177 1190 1200 1234 1250 1337 1364 1370 1414 1456 1515 1521 1599 1723 1800 1801 1926 1955 1958 1962 1974 1979 2000 2008 2057 2058 2078 2080 2083 2091 2095 2130 2154 2209 2210 2220 2222 2223 2226 2323 2332 2344 2345 2353 2404 2480 2550 2561 2572 2601 2626 2628 2762 3001 3008 3010 3050 3056 3064 3080 3096 3099 3103 3106 3119 3124 3138 3143 3144 3147 3152 3167 3192 3198 3221 3256 3269 3299 3310 3345 3388 3389 3510 3551 3780 3790 3954 4000 4022 4063 4095 4103 4150 4157 4282 4321 4432 4433 4435 4437 4438 4439 4443 4444 4477 4500 4506 4523 4786 4821 4840 4899 4911 4949 5001 5007 5009 5011 5172 5180 5190 5222 5226 5235 5238 5251 5263 5264 5269 5272 5432 5435 5443 5446 5503 5544 5556 5557 5591 5595 5602 5604 5620 5672 5698 5721 5858 5910 5938 5984 5990 6000 6001 6002 6006 6011 6036 6061 6161 6262 6379 6380 6500 6561 6565 6633 6666 6667 6697 6699 7001 7006 7010 7013 7016 7081 7171 7218 7403 7415 7434 7480 7548 7634 7773 7775 7777 7790 7946 7980 7998 7999 8001 8002 8009 8017 8027 8052 8058 8068 8081 8083 8085 8087 8089 8094 8099 8105 8106 8139 8140 8143 8150 8164 8180 8183 8185 8192 8196 8230 8236 8251 8252 8291 8384 8426 8460 8481 8502 8528 8545 8548 8549 8554 8570 8573 8574 8575 8595 8649 8700 8702 8731 8767 8791 8804 8812 8842 8847 8859 8866 8872 8880 8887 8889 8890 8899 8906 9000 9001 9002 9004 9019 9020 9042 9051 9052 9058 9061 9065 9067 9075 9077 9095 9100 9102 9128 9134 9151 9155 9158 9160 9162 9181 9185 9212 9226 9236 9245 9248 9256 9257 9305 9306 9308 9333 9398 9418 9443 9445 9488 9553 9658 9743 9761 9802 9898 9919 9944 9991 9998 9999 10000 10001 10010 10014 10024 10027 10034 10046 10050 10051 10071 10086 10134 10240 10256 10324 10399 10443 10911 11000 11002 11112 11288 11300 11701 12082 12109 12113 12143 12144 12147 12155 12171 12178 12210 12219 12221 12234 12258 12277 12305 12310 12324 12345 12347 12350 12358 12361 12362 12377 12378 12388 12394 12395 12397 12398 12424 12432 12433 12454 12460 12462 12470 12473 12474 12478 12487 12500 12510 12511 12515 12518 12543 12568 12574 12581 12615 13001 13128 13333 14265 14344 14400 14407 14523 14524 14873 14894 14901 15000 15018 15443 15672 16002 16004 16006 16029 16035 16038 16040 16041 16047 16058 16071 16077 16079 16093 16104 16402 16464 17000 17001 17084 17770 17774 18002 18009 18012 18016 18029 18033 18039 18043 18052 18063 18065 18072 18080 18096 18100 18245 19017 19080 19902 19930 20000 20080 20087 20151 20202 20208 20500 20547 20880 21025 21236 21238 21250 21262 21264 21270 21277 21296 21299 21309 21330 21379 21935 22000 22001 22067 22107 23023 23084 23182 23184 23424 25001 25006 25565 25782 26656 26657 27015 27016 27017 27036 28001 28015 28080 30002 30003 30004 30009 30022 30122 30222 30301 30443 30718 30722 31122 31422 31444 31522 31622 31722 31822 31922 32022 32222 32422 32522 32622 32722 32764 32822 33060 33338 33389 33622 34422 34922 35000 35322 35422 35522 35524 35531 35822 35922 36022 36122 36222 37122 37215 37322 37622 37722 37777 37922 38022 38333 38522 38880 39122 39522 39622 40022 41022 41443 43009 44158 44222 44303 44307 44350 44400 44818 45006 45022 45777 45786 45822 45922 47808 47822 48019 48222 48522 48889 48899 49152 49153 49501 49684 50000 50022 50042 50070 50073 50080 50100 50113 51002 51235 52022 53413 53481 53484 54138 54984 55222 55422 55443 55553 55822 57522 57778 57781 57787 58422 58522 58532 58822 59012 60001 60099 60129 60443 61613 61616 62016 62078 63210 63256 63260 63443 64738

11 / tcp

165188539 | 2025-03-07T10:08:20.318765

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

13 / tcp

291723434 | 2025-03-17T05:38:48.461138

Lantronix MSS100 Version V118/523(045538937)

Type HELP at the 'Local_61349> ' prompt for assistance.



Username>

15 / tcp

-2017887953 | 2025-04-03T05:56:58.371005

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

17 / tcp

-1907909544 | 2025-04-02T18:54:42.529902

\r\nHello, this is Quagga (version 0T).\r\nCopyright 1996-200

21 / tcp

-1248408558 | 2025-04-03T09:36:14.027351

220 MikroTik FTP server (MikroTik 6.44.3) ready

25 / tcp

-1626979812 | 2025-04-02T22:36:00.220530

220 Service ready for new user.

37 / tcp

1443000738 | 2025-03-20T20:33:57.134677

HTTP/1.1 200 OK
Connection: clo

43 / tcp

-358801646 | 2025-03-27T22:33:55.502878

SSH-2.0-OpenSSH_6.6.1

49 / tcp

1160472910 | 2025-04-03T18:17:29.411527

\xc2\xa5A\\x01,\\x02L\\x08Connectx\\x0857222

53 / tcp

-682282491 | 2025-03-16T14:27:54.345351

9\n\\x81\\x80\\x00\\x01\\x00\\x02\\x00\\x00\\x00\\x00\\x08clients1\\x06google\\x03com\\x00\\x00\\x01\\x00\\x01\\xc0\x0c\\x00\\x05\\x00\\x01\\x00\\x00\\x00<\\x00\x0c\\x07clients\\x01l\\xc0\\x15\\xc01\\x00\\x01\\x00\\x01\\x00\\x00\\x00R\\x00\\x04\\xac\xd9\xa3.\n\\x00\\x06\\x81\\x05\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x

70 / tcp

-972699072 | 2025-03-17T11:26:34.647319

HTTP/1.0 200 OK
Content-type: text/html
Server: uc-httpd 1.0.0
Expires: 0

Vulnerabilities

79 / tcp

-2029556872 | 2025-03-15T21:40:46.462306

HTTP/1.1 200 OK
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Accept-Ranges: bytes

80 / tcp

445417871 | 2025-03-18T11:13:46.412410

Hashes

hash

-1094333559

http.dom_hash

1799269922

http.html_hash

445417871

http.server_hash

-498774968

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Tue, 18 Mar 2025 11:13:46 GMT
Content-Type: application/xml
Content-Length: 346
Connection: keep-alive
x-oss-request-id: 67D9556AA0815133379F6380
x-oss-server-time: 0
x-oss-ec: 0003-00001201

86 / tcp

-1888448627 | 2025-03-17T02:56:00.087049

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

92 / tcp

-1399940268 | 2025-03-15T06:46:21.260243

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

104 / tcp

-1399940268 | 2025-03-20T04:24:28.400879

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

111 / tcp

-122096153 | 2025-03-26T00:03:48.981646

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

113 / tcp

455076604 | 2025-03-20T03:56:40.158986

!\x07version\x04bind7 t{RPowerDNS Recursor 410

135 / tcp

1483120365 | 2025-03-28T21:23:15.604469

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: OP2\n IP2: 192.168.0.20\n IP3: 61.230.135.142\n IP4: 2001:b011:2006:c3ef:18c0:9e02:ef7:84c8\n\nNTLMSSP:\nTarget_Name: OP2\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: OP2\nNetBIOS_Computer_Name: OP2\nDNS_Domain_Name: OP2\nDNS_Computer_Name: OP2\nSystem_Time: 2024-01-22 07:10:42 +0000 UTC\n\nDCERPC Dump:\n4b112204-0e19-11d3-b42b-

175 / tcp

-2096652808 | 2025-03-16T12:29:54.600789

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

177 / tcp

165188539 | 2025-03-06T10:45:17.175968

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

179 / tcp

-399606100 | 2025-03-22T18:09:25.982350

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

195 / tcp

897328069 | 2025-03-15T16:40:09.923767

220 mail.scott000.com ESMTP

221 / tcp

366084633 | 2025-03-09T21:27:29.445530

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

264 / tcp

-654288545 | 2025-03-27T08:37:14.610573

CheckPoint\nFirewall Host: lcm4cp\nSmartCenter Host: cpmanager.cminl.oa.guof3x\\x00\n

400 / tcp

819727972 | 2025-03-23T20:46:48.604420

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

427 / tcp

1801635450 | 2025-03-20T03:49:13.747138

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://127.0.0.1\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:ipmi\nservice:cdserver\nservice:fdserver\nservice:hdserver\nservice:adviser\nservice:lighttpd\nB://l:87/x\n\nResponse of service:ipmi SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:ipmi://(none):623\n  Lifetime: 65535\n  URL: service:ipmi://IEI9CC2C40E4251:623\n\n\nResponse of service:ipmi Attr

440 / tcp

1911457608 | 2025-03-07T09:07:20.795180

\x00[\x00\x00\x00\x00\x00\x00

465 / tcp

897328069 | 2025-03-23T21:25:28.118987

220 mail.scott000.com ESMTP

503 / tcp

-2096652808 | 2025-03-18T12:00:36.669655

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

513 / tcp

1623746877 | 2025-03-21T18:29:28.484607

500 Permission denied - closing connection.\r\n

515 / tcp

1282941221 | 2025-03-17T10:53:59.201116

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

548 / tcp

-773160241 | 2025-04-03T02:51:08.195424

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: Yes\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: Yes\nCopy File: Yes\nServer Name: murphys-airport-time-capsule\nMachine Type: \\x10TimeCapsule8,119\nAFP Versions: AFP3.3, AFP3.2, AFP3.1\nUAMs: DHCAST128\\x04,DHX2\\x03,SRP\\x06,Recon1C\nServer Signature: 4338365332344c58463948350069672d

554 / tcp

902688621 | 2025-04-04T06:07:19.430336

RTSP/1.0 200 OK\r\nCSeq: 1\r\nKeep-Alive: timeout=10, max=1000\r\nPublic: DESCRIBE, SETUP, TEARDOWN, PLAY, PAUSE, SET_PARAMETER, GET_PARAMETER\r\nConnection: Keep-Alive\r\n\r\n

636 / tcp

1255568492 | 2025-03-23T02:38:06.932655

HTTP/1.1 400 Bad Request
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 12-56308661-0 0NNN RT(1705912410675 113) q(-1 -1 -1 -1) r(0 -1) b1

666 / tcp

-1960639992 | 2025-03-22T23:45:45.122870

HTTP/1.1 401 Unauthorized

789 / tcp

897328069 | 2025-03-11T15:26:48.047212

220 mail.scott000.com ESMTP

811 / tcp

-1399940268 | 2025-03-24T09:18:51.446923

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

830 / tcp

103159425 | 2025-03-31T23:23:33.360239

SSH-1.99-RGOS_SSH

995 / tcp

-740312032 | 2025-03-07T18:13:32.976339

+OK Dovecot (Ubuntu) ready.\r\n

1023 / tcp

819727972 | 2025-03-15T15:17:04.159534

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1025 / tcp

921225407 | 2025-03-23T05:52:32.646352

\x00\x00\x00\x04\x00\x00\x00\x00\x00

1080 / tcp

1362344524 | 2025-04-03T18:28:19.874620

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7

1177 / tcp

-2017887953 | 2025-03-21T04:43:03.504460

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

1190 / tcp

819727972 | 2025-03-20T16:00:04.898714

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1200 / tcp

171352214 | 2025-03-23T21:10:39.429591

-ERR client ip is not in whitelist

1234 / tcp

-1947777893 | 2025-03-13T01:58:16.652127

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

1250 / tcp

1189133115 | 2025-03-17T23:14:52.047514

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

1337 / tcp

1842524259 | 2025-03-10T18:27:21.504257

1364 / tcp

-1189269828 | 2025-03-14T17:14:31.234181

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1370 / tcp

1642597142 | 2025-03-21T03:38:42.451499

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

1414 / tcp

-903067560 | 2025-03-22T06:06:20.846195

\x00[\x13)\xc2\x81\x7f\x00\x00

1456 / tcp

740837454 | 2025-03-17T22:03:33.267383

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

1515 / tcp

-375604792 | 2025-03-16T22:16:32.268840

220 Microsoft FTP Service

1521 / tcp

-186520940 | 2025-03-29T08:44:23.345434

HTTP/1.1

1599 / tcp

-746114901 | 2025-03-20T00:07:05.773576

[KpU

1723 / tcp

1103582599 | 2025-04-01T20:27:06.264296

Firmware: 1\nHostname: Vigor\nVendor: DrayTek\n

1800 / tcp

1911457608 | 2025-04-01T18:56:08.302489

\x00[\x00\x00\x00\x00\x00\x00

1801 / tcp

-833635452 | 2025-03-25T08:11:05.586613

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074\\x05\xe8\x9b\xb5\\x95E\\x1eJ\\x85\xd5\xb1\\xe4\\xf9\\xba\\xf6+92d3\\x10\\x03\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

1926 / tcp

819727972 | 2025-03-10T04:38:48.211618

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1955 / tcp

1911457608 | 2025-03-12T18:56:43.746107

\x00[\x00\x00\x00\x00\x00\x00

1958 / tcp

-358801646 | 2025-03-22T04:16:29.185368

SSH-2.0-OpenSSH_6.6.1

1962 / tcp

819727972 | 2025-03-21T03:18:54.250135

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1974 / tcp

-1835475271 | 2025-03-24T15:28:17.041673

200 NOD32SS 99 (3318497116)\r\n

1979 / tcp

-1105333987 | 2025-03-29T16:56:06.634815

\x00[KpU\x7f\x00\x00

2000 / tcp

1624217396 | 2025-03-25T03:09:30.566288

HELO:10.3.6.0.false\nAS:2048\nHL:19

2008 / tcp

971933601 | 2025-03-22T10:30:05.140023

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

2057 / tcp

1282941221 | 2025-03-22T21:18:49.009082

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

2058 / tcp

-1746074029 | 2025-03-21T20:07:59.537384

101 imqbroker =unV\r\n

2078 / tcp

-1746074029 | 2025-03-22T04:50:52.820055

101 imqbroker =unV\r\n

2080 / tcp

307999478 | 2025-03-29T03:02:21.721274

unknown command \r\nunknown command \r\n

2083 / tcp

1842524259 | 2025-03-28T12:48:03.442527

2091 / tcp

819727972 | 2025-03-21T06:46:48.861858

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2095 / tcp

2063598737 | 2025-04-03T00:30:08.133347

/0 0 L\r\n/0 0 HUH\r\n

2130 / tcp

745343730 | 2025-04-02T03:51:54.862414

220 smtp.qq.com Esmtp QQ Mail Server

2154 / tcp

539065883 | 2025-03-27T05:13:03.691946

2209 / tcp

-358801646 | 2025-03-08T22:44:14.432394

SSH-2.0-OpenSSH_6.6.1

2210 / tcp

-1888448627 | 2025-03-24T08:06:07.843210

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

2220 / tcp

-1810987450 | 2025-03-11T07:12:40.719978

\xc3\xbf

2222 / tcp

372433470 | 2025-04-03T16:16:37.232926

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

2223 / tcp

1911457608 | 2025-03-07T09:39:56.750074

\x00[\x00\x00\x00\x00\x00\x00

2226 / tcp

-303199180 | 2025-03-26T20:32:46.472398

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

2323 / tcp

1662205251 | 2025-03-11T19:48:56.374796

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

2332 / tcp

-1448296133 | 2025-03-17T14:22:21.969141

[ç

2344 / tcp

-2017887953 | 2025-03-18T19:29:54.065830

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

2345 / tcp

707919486 | 2025-04-04T03:59:16.560409

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

2353 / tcp

597764502 | 2025-03-17T17:49:56.065379

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

2404 / tcp

-407828767 | 2025-04-01T23:06:59.102491

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

2480 / tcp

-2118655245 | 2025-03-11T14:08:41.704405

Hashes

hash

1015654041

http.dom_hash

-2006505642

http.html_hash

-2118655245

HTTP/1.0 500 Internal Server Error
Content-Length: 20

2550 / tcp

-2017887953 | 2025-03-18T09:55:42.202591

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

2561 / tcp

-1399940268 | 2025-03-12T21:15:27.265491

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2572 / tcp

632542934 | 2025-03-26T21:39:34.757840

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

2601 / tcp

-1804005872 | 2025-03-17T20:56:42.381105

\n\nWelcome to visit GOCLOUD S2A series router!\n\n\r\nUser Access Verification\r\n\r\n\\xff\\xfb\\x01\\xff\\xfb\\x03\\xff\\xfe"\\xff\\xfd\\x1fPassword:

2626 / tcp

1623746877 | 2025-03-18T00:15:51.308860

500 Permission denied - closing connection.\r\n

2628 / tcp

-122096153 | 2025-03-23T14:04:47.391513

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

2762 / tcp

-1399940268 | 2025-04-04T04:09:15.239066

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3001 / tcp

1778988322 | 2025-04-01T09:43:20.364765

* OK GroupWise IMAP4rev1 Server Ready

3008 / tcp

-1399940268 | 2025-04-03T14:18:09.022651

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3010 / tcp

455076604 | 2025-03-20T21:15:06.829658

!\x07version\x04bind7 t{RPowerDNS Recursor 410

3050 / tcp

669849225 | 2025-04-03T10:11:27.654043

SSH-98.60-SysaxSSH_81885..42\r\n

3056 / tcp

819727972 | 2025-04-02T01:42:06.310437

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3064 / tcp

1911457608 | 2025-03-19T08:40:27.802238

\x00[\x00\x00\x00\x00\x00\x00

3080 / tcp

-1810987450 | 2025-03-17T18:07:50.774514

\xc3\xbf

3096 / tcp

-2017887953 | 2025-03-20T15:38:41.531040

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

3099 / tcp

165188539 | 2025-03-17T15:55:27.479741

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

3103 / tcp

-1059554316 | 2025-03-24T04:41:12.220904

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

3106 / tcp

-1265999252 | 2025-03-08T15:46:19.820737

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

3119 / tcp

-784071826 | 2025-03-20T23:53:07.427270

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

3124 / tcp

-1399940268 | 2025-03-10T08:50:07.377323

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3138 / tcp

493955023 | 2025-03-14T18:57:30.241880

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

3143 / tcp

819727972 | 2025-03-22T21:11:26.916859

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3144 / tcp

2098371729 | 2025-03-14T19:25:17.017846

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

3147 / tcp

-1399940268 | 2025-03-14T06:15:47.503530

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3152 / tcp

-358801646 | 2025-03-21T04:02:15.625287

SSH-2.0-OpenSSH_6.6.1

3167 / tcp

-1399940268 | 2025-03-17T15:42:17.302585

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3192 / tcp

-1399940268 | 2025-03-31T19:35:41.455228

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3198 / tcp

50497985 | 2025-04-01T12:48:16.473148

\x00[\xc3\x88\xc3\x9dS\x7f\x00\x00

3221 / tcp

-2019309480 | 2025-03-27T05:03:22.978069

<?xml version="1.0" encoding="us-ascii"?>\n

3256 / tcp

398077695 | 2025-03-27T05:57:36.246014

3269 / tcp

-1839934832 | 2025-04-02T01:57:05.626359

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

3299 / tcp

2033888749 | 2025-03-31T12:55:21.046291

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

3310 / tcp

819727972 | 2025-04-03T16:06:23.749441

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3345 / tcp

819727972 | 2025-04-02T19:02:59.037457

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3388 / tcp

1911457608 | 2025-04-01T01:49:24.535314

\x00[\x00\x00\x00\x00\x00\x00

3389 / tcp

-989469824 | 2025-03-24T11:43:53.820242

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x02\\x0f\\x08\\x00\\x08\\x00\\x00\\x00\n\nFlag: PROTOCOL_HYBRID_EX\nTarget_Name: 10_0_4_6\nProduct_Version: 6.3.9600 Ntlm 15\nOS: Windows 8.1/Windows Server 2012 R2\nNetBIOS_Domain_Name: 10_0_4_6\nNetBIOS_Computer_Name: 10_0_4_6\nDNS_Domain_Name: 10_0_4_6\nDNS_Computer_Name: 10_0_4_6\nSystem_Time: 2024-01-22 08:42:17 +0000 UTC\n\n

3510 / tcp

819727972 | 2025-03-24T19:03:40.175940

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3551 / tcp

198844676 | 2025-03-21T23:51:17.411957

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3780 / tcp

398077695 | 2025-03-11T18:53:25.091054

3790 / tcp

1975288991 | 2025-03-05T22:18:24.830189

OPTI

3954 / tcp

-1399940268 | 2025-03-20T15:40:18.612742

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4000 / tcp

-1101712668 | 2025-03-22T07:05:23.359976

\\x1e\xc3\x80\\x010\\x02\xc2\xa8\xc3\xa3

4022 / tcp

-1399940268 | 2025-03-26T08:20:27.826882

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4063 / tcp

-616720387 | 2025-04-02T07:54:10.981542

SSH-2.0-SSHD_0.7.6

4095 / tcp

819727972 | 2025-03-15T10:11:32.704791

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

4103 / tcp

-1036370807 | 2025-03-24T23:29:48.749338

JDWP-Handshake

4150 / tcp

1911457608 | 2025-03-22T04:07:53.233974

\x00[\x00\x00\x00\x00\x00\x00

4157 / tcp

1975288991 | 2025-03-11T11:00:25.633350

OPTI

4282 / tcp

819727972 | 2025-04-01T09:23:13.772159

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

4321 / tcp

-1250504565 | 2025-04-03T07:19:27.593842

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

4432 / tcp

-2096652808 | 2025-03-23T21:23:30.998340

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

4433 / tcp

-1810987450 | 2025-03-11T14:21:22.972726

\xc3\xbf

4435 / tcp

1620329124 | 2025-04-02T06:27:08.722030

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\x01\xc3\xbf\xc3\xbb\x03\xc3\xbf\xc3\xbd\x01\xc3\xbf\xc3\xbe\x01Username:

4437 / tcp

-1888448627 | 2025-03-20T11:29:01.637523

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

4438 / tcp

-1996280214 | 2025-04-02T23:51:42.076077

\x06\x04\x05@

4439 / tcp

165188539 | 2025-04-03T23:33:33.363816

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

4443 / tcp

-1060562267 | 2025-03-22T09:30:54.830272

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae29b6_PS-NKG-01Aqo82_2892-58968

4444 / tcp

-1399940268 | 2025-03-23T18:17:57.828104

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4477 / tcp

-1399940268 | 2025-03-31T06:04:54.191202

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4500 / tcp

-1026951088 | 2025-03-10T22:22:26.075487

erro ip

4506 / tcp

1741579575 | 2025-03-14T22:08:55.858161

4523 / tcp

-1888448627 | 2025-03-13T13:23:27.074470

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

4786 / tcp

1911457608 | 2025-03-18T20:43:03.050407

\x00[\x00\x00\x00\x00\x00\x00

4821 / tcp

-441419608 | 2025-04-04T00:39:53.091974

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

4840 / tcp

-1399940268 | 2025-03-28T17:00:46.153847

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4899 / tcp

2087396567 | 2025-03-07T15:48:40.567629

kjnkjabhbanc283ubcsbhdc72

4911 / tcp

669849225 | 2025-03-24T20:23:41.052221

SSH-98.60-SysaxSSH_81885..42\r\n

4949 / tcp

1189133115 | 2025-03-25T15:42:39.626203

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

5001 / tcp

2087396567 | 2025-03-25T11:17:35.270402

kjnkjabhbanc283ubcsbhdc72

5007 / tcp

-339084706 | 2025-03-20T16:04:19.704309

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

5009 / tcp

567505242 | 2025-04-01T05:32:33.885939

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1a3c_wdx20_40557-6922

5011 / tcp

119860953 | 2025-03-16T18:15:18.822991

* OK ArGoSoft Mail Server IMAP Module v.YW at

5172 / tcp

971933601 | 2025-03-31T21:03:21.646741

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

5180 / tcp

-1399940268 | 2025-03-17T22:12:44.711645

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5190 / tcp

-1056270173 | 2025-04-01T22:23:51.049701

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close

5222 / tcp

171352214 | 2025-03-12T18:55:07.893007

-ERR client ip is not in whitelist

5226 / tcp

-1327660293 | 2025-04-01T17:47:07.738789

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

5235 / tcp

-1399940268 | 2025-03-25T20:09:39.135652

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5238 / tcp

-136006866 | 2025-03-21T13:35:18.761138

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

5251 / tcp

-585940771 | 2025-03-17T17:40:20.846043

Unknown command\r\n

5263 / tcp

-358801646 | 2025-03-09T09:09:27.140325

SSH-2.0-OpenSSH_6.6.1

5264 / tcp

-2107996212 | 2025-03-08T21:22:15.178969

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

5269 / tcp

-1854630806 | 2025-03-29T04:33:07.277408

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705937491.237-w-waf01tjgt

5272 / tcp

1278527606 | 2025-03-13T01:01:58.861392

SSH-2.0-Teleport

5432 / tcp

165188539 | 2025-04-03T13:39:23.625161

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

5435 / tcp

1332894250 | 2025-03-31T20:57:02.803253

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

5443 / tcp

-2107996212 | 2025-03-22T07:05:37.440887

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

5446 / tcp

1282941221 | 2025-03-11T09:30:42.086394

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

5503 / tcp

2103111368 | 2025-03-13T16:46:42.121127

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

5544 / tcp

-879070264 | 2025-03-17T21:59:58.347054

\\xab\xca\xa5]\\x00\\x00\\x00\\x18\\xc0\\x00\\x00\\x01\\xff\\xff\\xff\\xff\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00

5556 / tcp

-1399940268 | 2025-03-19T19:44:10.685402

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5557 / tcp

-303199180 | 2025-04-02T05:16:38.882901

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

5591 / tcp

-2031152423 | 2025-03-05T20:27:38.751253

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

5595 / tcp

-1279886438 | 2025-04-03T16:25:56.535315

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

5602 / tcp

-1399940268 | 2025-03-25T16:25:55.239888

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5604 / tcp

819727972 | 2025-03-15T15:26:37.682874

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

5620 / tcp

575925250 | 2025-03-23T13:24:19.142771

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

5672 / tcp

575925250 | 2025-03-17T07:18:08.483197

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

5698 / tcp

-1099385124 | 2025-03-12T03:25:36.569660

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

5721 / tcp

-1114821551 | 2025-04-01T01:30:19.958526

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

5858 / tcp

677934968 | 2025-03-12T21:32:02.755953

lm^)Q

5910 / tcp

-1881410605 | 2025-03-29T09:18:39.421597

<HTML>\r\n<HEAD>\r\n<TITLE>\r\nADAM-6000 Ethernet-Enabled DA&C Modules\r\n</TITLE>\r\n</HEAD>\r\n<BODY>

5938 / tcp

-445721795 | 2025-03-29T03:35:18.687591

\x00[\xc3\xaed\x1a\x7f\x00\x00

5984 / tcp

1999272906 | 2025-03-22T09:52:56.988805

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

5990 / tcp

-1795027372 | 2025-03-09T21:50:57.440144

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

6000 / tcp

819727972 | 2025-03-24T18:56:42.705473

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

6001 / tcp

-1399940268 | 2025-04-02T16:44:50.328234

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6002 / tcp

1887224352 | 2025-03-14T18:24:21.038855

6006 / tcp

1492413928 | 2025-03-22T18:18:40.373401

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

6011 / tcp

819727972 | 2025-04-02T01:58:56.882167

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

6036 / tcp

-1888448627 | 2025-03-29T17:36:43.052600

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

6061 / tcp

-1265999252 | 2025-03-11T17:16:21.973163

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

6161 / tcp

-1746074029 | 2025-03-26T19:30:48.580120

101 imqbroker =unV\r\n

6262 / tcp

-1327660293 | 2025-04-03T23:47:55.826588

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

6379 / tcp

321971019 | 2025-04-03T00:16:36.260319

-ERR client ip is not in whitelist\r

6380 / tcp

321971019 | 2025-03-24T18:05:21.535220

-ERR client ip is not in whitelist\r

6500 / tcp

-1399940268 | 2025-03-08T18:26:06.639554

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6561 / tcp

-457235091 | 2025-03-12T22:14:01.157979

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

6565 / tcp

-367607324 | 2025-03-16T12:17:41.130701

\\x12\\x04\\x03\\x7f\xc3\xbf\xc3\xbf\xc3\xbf\n0\\x04\\x10\\x06 \\x04\\x08...\n

6633 / tcp

1762042191 | 2025-03-19T05:07:39.339952

\x7f\x7fICA\x00

6666 / tcp

4935895 | 2025-03-07T01:49:23.223462

HTTP/1.1 400 Bad Request
Server: CloudWAF

6667 / tcp

671605376 | 2025-03-25T21:14:32.768460

SSH-2.0-OpenSSH_X.X

6697 / tcp

-653033013 | 2025-03-23T14:58:17.349187

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

6699 / tcp

-1021767858 | 2025-03-23T20:02:38.292073

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705939187.293-w-waf04tjgt

7001 / tcp

1827807483 | 2025-03-16T00:33:46.948101

HTTP/1.1 401 Unauthorized
Server: 
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=%s
Connection: close

7006 / tcp

921225407 | 2025-03-26T06:19:50.838358

\x00\x00\x00\x04\x00\x00\x00\x00\x00

7010 / tcp

921225407 | 2025-03-16T07:36:40.042734

\x00\x00\x00\x04\x00\x00\x00\x00\x00

7013 / tcp

-1888448627 | 2025-03-20T14:54:12.623466

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

7016 / tcp

-832380282 | 2025-03-22T07:55:13.254321

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).\n

7081 / tcp

-274082663 | 2025-03-12T15:20:53.139795

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

7171 / tcp

-1730858130 | 2025-03-16T21:40:58.687974

RFB 003.008
VNC:
  Protocol Version: 3.8

7218 / tcp

1308377066 | 2025-03-25T09:07:19.626801

ncacn_http/1.0

7403 / tcp

117101543 | 2025-03-13T04:55:38.011334

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

7415 / tcp

-345718689 | 2025-03-15T01:44:44.292831

Vty password is not set.

7434 / tcp

-616720387 | 2025-03-14T14:09:29.469709

SSH-2.0-SSHD_0.7.6

7480 / tcp

-1611764932 | 2025-03-21T17:32:34.498884

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

7548 / tcp

-805362002 | 2025-03-22T18:12:10.136823

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

7634 / tcp

-992671574 | 2025-03-23T07:11:36.698926

@RSYNCD: 26

7773 / tcp

-1399940268 | 2025-03-10T11:02:39.644120

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7775 / tcp

1996932384 | 2025-04-03T13:15:21.968667

"raop" nonce

7777 / tcp

1391945995 | 2025-03-27T13:36:52.236440

HTTP/1.1 403 Forbidden 
Content-Type: text/plain; charset=utf-8
Proxy-Authenticate: Basic realm=""

7790 / tcp

-904840257 | 2025-03-12T21:34:16.042262

572 Relay not authorized\r\n

7946 / tcp

165188539 | 2025-03-27T21:14:27.711287

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

7980 / tcp

-2096652808 | 2025-03-23T14:31:17.941042

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

7998 / tcp

-1477838366 | 2025-03-15T00:42:12.653018

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

7999 / tcp

-1259524839 | 2025-03-24T01:44:16.610873

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

8001 / tcp

2103111368 | 2025-03-16T16:58:32.708382

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8002 / tcp

493955023 | 2025-03-16T20:26:54.153124

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

8009 / tcp

165188539 | 2025-03-29T15:11:29.229874

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8017 / tcp

-1399940268 | 2025-03-17T07:04:13.059214

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8027 / tcp

1911457608 | 2025-04-02T17:45:01.727076

\x00[\x00\x00\x00\x00\x00\x00

8052 / tcp

575925250 | 2025-03-13T19:53:18.967567

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

8058 / tcp

-1248408558 | 2025-03-20T14:52:29.584776

220 MikroTik FTP server (MikroTik 6.44.3) ready

8068 / tcp

1991883981 | 2025-03-23T09:59:59.214144

B\x00\x00\x00\xc3\xbfn\x04Too many connections

8081 / tcp

819727972 | 2025-03-20T17:26:10.234158

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8083 / tcp

-1111515360 | 2025-03-06T07:27:46.413845

remshd: Kerberos Authentication not enabled.

8085 / tcp

707919486 | 2025-04-03T12:42:01.282386

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

8087 / tcp

-1139539254 | 2025-03-31T14:55:24.721247

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

8089 / tcp

1741579575 | 2025-03-16T16:16:49.551630

8094 / tcp

709622286 | 2025-03-11T15:01:02.890055

OK Welcome <299685> on DirectUpdate server 7286\r\n

8099 / tcp

438715403 | 2025-03-25T16:19:04.702633

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2874_pingwangtong53_24882-28622

8105 / tcp

-441419608 | 2025-03-29T04:05:15.514541

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

8106 / tcp

-1261090339 | 2025-03-26T22:13:02.450005

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

8139 / tcp

-971970408 | 2025-03-13T02:53:05.963720

8140 / tcp

1690634669 | 2025-03-13T14:22:35.003070

8143 / tcp

-1839934832 | 2025-03-25T12:53:54.080018

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8150 / tcp

117101543 | 2025-03-22T12:26:25.729148

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

8164 / tcp

597764502 | 2025-03-14T21:24:34.069639

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

8180 / tcp

-1180882918 | 2025-03-06T18:12:24.171844

HTTP/1.1 302 Found
Connection: keep-alive
Location: http://125.45.160.178:8180/login;JSESSIONID=a37ef430-68ff-4395-be8c-fc0e9c4cd7f6

8183 / tcp

632542934 | 2025-04-01T20:52:23.615802

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8185 / tcp

-1099385124 | 2025-03-25T18:46:27.451432

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

8192 / tcp

1317779273 | 2025-03-24T09:00:47.274533

HTTP/1.1 401 Unauthorized
Server: 2001639b-4d38-223a-b87-f9a82c7113c5
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=%s
Connection: close

8196 / tcp

-2096652808 | 2025-03-23T17:45:06.461396

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8230 / tcp

-2140303521 | 2025-04-03T09:08:00.367798

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

8236 / tcp

-653033013 | 2025-03-14T04:07:11.559978

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

8251 / tcp

408230060 | 2025-03-13T21:51:26.895119

\r\nSorry, that nickname format is invalid.\r\n

8252 / tcp

-249504111 | 2025-03-27T12:52:57.500783

\x00[xU-\x7f\x00\x00

8291 / tcp

693973426 | 2025-03-20T01:52:37.091189

220 VMware Authentication Daemon Version 1.10: SSL Required, Se\nrverDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t

8384 / tcp

1741579575 | 2025-03-27T22:55:11.753648

8426 / tcp

1911457608 | 2025-03-10T08:36:39.972624

\x00[\x00\x00\x00\x00\x00\x00

8460 / tcp

-1733106930 | 2025-03-23T08:02:04.376892

Mysql Version: 5.6.50-log\nN\n5.6.50-log\x14(\nG5se"tGE\xc3\xbf\xc3\xb7-\x02\x7f\xc2\x80\x15cB^3$Zwh$wM[mysql_native_password

8481 / tcp

-358801646 | 2025-03-13T08:55:10.976152

SSH-2.0-OpenSSH_6.6.1

8502 / tcp

1210754493 | 2025-03-23T20:50:35.771909

0\x0c\x02\x01\x01a\x07\n\x01\x00\x04\x00\x04\x00

8528 / tcp

677934968 | 2025-04-01T06:28:38.375324

lm^)Q

8545 / tcp

290819026 | 2025-03-29T16:51:40.183825

welcome to Pandora console!
----------------------------
-------------------------
|     Login Time     |     2021-12-08 1...

8548 / tcp

-980525298 | 2025-03-09T09:53:14.043218

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8549 / tcp

-2096652808 | 2025-03-23T19:05:19.701446

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8554 / tcp

472902042 | 2025-03-23T15:56:34.099582

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

8570 / tcp

-2096652808 | 2025-03-26T16:50:58.757721

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8573 / tcp

1189133115 | 2025-03-24T06:20:17.160699

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

8574 / tcp

1911457608 | 2025-03-11T01:36:30.069881

\x00[\x00\x00\x00\x00\x00\x00

8575 / tcp

-1399940268 | 2025-03-09T22:33:37.749094

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8595 / tcp

2098371729 | 2025-03-23T21:54:18.872356

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

8649 / tcp

842535728 | 2025-03-25T03:18:10.366397

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

8700 / tcp

-441419608 | 2025-03-18T16:55:50.456508

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

8702 / tcp

-1996280214 | 2025-03-19T03:15:19.883758

\x06\x04\x05@

8731 / tcp

-2089734047 | 2025-03-19T00:15:04.338812

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8767 / tcp

1911457608 | 2025-03-24T18:46:08.923180

\x00[\x00\x00\x00\x00\x00\x00

8791 / tcp

-1399940268 | 2025-03-18T15:14:06.882388

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8804 / tcp

819727972 | 2025-03-12T11:27:18.808083

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8812 / tcp

-1399940268 | 2025-04-01T19:01:52.185677

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8842 / tcp

1615193817 | 2025-03-19T22:32:50.608501

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

8847 / tcp

-784071826 | 2025-03-16T20:10:09.521328

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

8859 / tcp

1282941221 | 2025-03-24T21:16:10.946252

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

8866 / tcp

1919228981 | 2025-03-25T13:58:21.884201

\x00\x1e\x00\x06\xc2\x81\xc2\x85\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

8872 / tcp

921225407 | 2025-03-10T21:43:33.128912

\x00\x00\x00\x04\x00\x00\x00\x00\x00

8880 / tcp

-79865617 | 2025-03-11T16:25:45.723421

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com
mit-revprops depth log-revprops partial-replay ) ) )

8887 / tcp

1911457608 | 2025-03-05T23:01:01.409227

\x00[\x00\x00\x00\x00\x00\x00

8889 / tcp

2087396567 | 2025-03-08T17:03:23.689037

kjnkjabhbanc283ubcsbhdc72

8890 / tcp

-1399940268 | 2025-03-28T18:22:59.398963

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8899 / tcp

372433470 | 2025-03-15T15:27:01.681144

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

8906 / tcp

1911457608 | 2025-04-03T21:40:03.089152

\x00[\x00\x00\x00\x00\x00\x00

9000 / tcp

-1795676121 | 2025-03-20T10:16:19.688627

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65aded01_PS-000-01XB730_6341-708

9001 / tcp

-1026951088 | 2025-03-13T04:46:21.153664

erro ip

9002 / tcp

1690634669 | 2025-03-07T09:34:42.827421

9004 / tcp

-1453516345 | 2025-03-10T03:00:24.200374

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

9019 / tcp

-1399940268 | 2025-03-10T15:51:33.050558

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9020 / tcp

-1779118422 | 2025-03-06T02:59:46.275019

\x00[\xc2\xae\xc2\x8d{\x7f\x00\x00

9042 / tcp

-457235091 | 2025-03-16T07:51:34.683718

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

9051 / tcp

1690634669 | 2025-03-31T12:13:46.568213

9052 / tcp

1911457608 | 2025-03-20T17:12:00.660082

\x00[\x00\x00\x00\x00\x00\x00

9058 / tcp

819727972 | 2025-03-12T18:35:55.460975

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9061 / tcp

575925250 | 2025-04-01T05:03:00.648963

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

9065 / tcp

819727972 | 2025-03-23T22:23:20.108351

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9067 / tcp

-1140468363 | 2025-03-20T15:06:07.449225

\x02\t\x01

9075 / tcp

-1230049476 | 2025-03-22T04:27:21.666935

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

9077 / tcp

-339084706 | 2025-03-31T22:05:14.876181

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

9095 / tcp

2087396567 | 2025-03-31T13:41:12.027092

kjnkjabhbanc283ubcsbhdc72

9100 / tcp

-1730858130 | 2025-03-05T23:35:01.908637

RFB 003.008
VNC:
  Protocol Version: 3.8

9102 / tcp

2143387245 | 2025-03-10T23:06:17.056813

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

9128 / tcp

321971019 | 2025-03-13T02:35:25.659071

-ERR client ip is not in whitelist\r

9134 / tcp

1911457608 | 2025-03-17T22:03:40.747821

\x00[\x00\x00\x00\x00\x00\x00

9151 / tcp

171352214 | 2025-03-24T20:19:32.970835

-ERR client ip is not in whitelist

9155 / tcp

1911457608 | 2025-04-03T13:12:54.514340

\x00[\x00\x00\x00\x00\x00\x00

9158 / tcp

1134517380 | 2025-03-20T22:42:40.773234

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

9160 / tcp

-2089734047 | 2025-03-19T17:11:56.954395

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9162 / tcp

-1428621233 | 2025-03-17T21:10:49.113596

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

9181 / tcp

-1399940268 | 2025-03-24T08:03:34.855182

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9185 / tcp

1332894250 | 2025-03-10T19:43:47.727742

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

9212 / tcp

307999478 | 2025-03-27T11:32:08.587776

unknown command \r\nunknown command \r\n

9226 / tcp

-2089734047 | 2025-03-14T17:37:42.737981

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9236 / tcp

819727972 | 2025-03-28T12:04:31.604530

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9245 / tcp

-1399940268 | 2025-04-02T08:14:10.313865

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9248 / tcp

-1399940268 | 2025-04-02T15:42:05.476119

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9256 / tcp

819727972 | 2025-03-08T21:25:16.653192

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9257 / tcp

-1839934832 | 2025-03-11T02:41:17.415225

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

9305 / tcp

1767345577 | 2025-03-22T16:50:42.753230

Hello, this is Quagga (version 0T).
Copyright 1996-200

9306 / tcp

1278527606 | 2025-03-26T02:48:34.058227

SSH-2.0-Teleport

9308 / tcp

-1428621233 | 2025-03-27T05:25:30.846340

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

9333 / tcp

1911457608 | 2025-04-03T11:18:38.797948

\x00[\x00\x00\x00\x00\x00\x00

9398 / tcp

-1373613804 | 2025-03-28T01:20:33.633224

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

9418 / tcp

-1036370807 | 2025-03-28T11:04:56.178622

JDWP-Handshake

9443 / tcp

2087396567 | 2025-03-15T09:18:21.682867

kjnkjabhbanc283ubcsbhdc72

9445 / tcp

1632932802 | 2025-03-16T21:54:05.118449

9488 / tcp

-1114821551 | 2025-03-19T13:34:24.123837

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

9553 / tcp

-2089734047 | 2025-03-29T05:40:54.751616

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9658 / tcp

-1810987450 | 2025-04-02T04:26:29.990805

\xc3\xbf

9743 / tcp

103159425 | 2025-04-01T04:30:53.426416

SSH-1.99-RGOS_SSH

9761 / tcp

410249975 | 2025-03-13T23:11:05.103241

LNS READY<>

9802 / tcp

632542934 | 2025-03-10T21:15:35.527480

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

9898 / tcp

1320285193 | 2025-03-31T09:01:38.376470

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

9919 / tcp

165188539 | 2025-04-02T19:15:46.870480

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9944 / tcp

-1681927087 | 2025-03-28T00:48:30.480731

kjnkjabhbanc283ubcsbhdc72

9991 / tcp

1492413928 | 2025-03-25T09:03:35.961594

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

9998 / tcp

-1917695220 | 2025-04-04T14:13:33.487680

HTTP/1.1 200 OK
Server: Jetty(9.4.8.v20171121)

9999 / tcp

1161309183 | 2025-03-21T21:19:30.220903

ProxyServer is ready

10000 / tcp

2033888749 | 2025-03-21T08:29:23.923374

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

10001 / tcp

1492413928 | 2025-03-11T10:39:28.298610

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

10010 / tcp

-136006866 | 2025-03-09T11:13:53.077457

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

10014 / tcp

1911457608 | 2025-03-15T22:16:40.693006

\x00[\x00\x00\x00\x00\x00\x00

10024 / tcp

-234408721 | 2025-03-29T21:22:41.757545

\\x00[\'(\\xc0\\xa8Y\\xfd

10027 / tcp

-1327660293 | 2025-03-17T02:56:39.698095

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

10034 / tcp

165188539 | 2025-03-15T14:53:06.791626

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

10046 / tcp

1911457608 | 2025-03-20T23:03:24.630473

\x00[\x00\x00\x00\x00\x00\x00

10050 / tcp

-971970408 | 2025-03-12T13:20:08.735676

10051 / tcp

819727972 | 2025-03-14T15:30:36.687734

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

10071 / tcp

-1986594217 | 2025-03-11T22:13:26.275677

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

10086 / tcp

165188539 | 2025-04-01T23:51:51.486875

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

10134 / tcp

-1265999252 | 2025-03-29T13:12:16.162499

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

10240 / tcp

-445721795 | 2025-03-07T17:12:44.171901

\x00[\xc3\xaed\x1a\x7f\x00\x00

10256 / tcp

-585940771 | 2025-03-19T16:56:29.413882

Unknown command\r\n

10324 / tcp

1975288991 | 2025-03-06T21:12:35.562785

OPTI

10399 / tcp

-303199180 | 2025-03-15T13:57:21.997261

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

10443 / tcp

-1730858130 | 2025-04-02T20:43:25.410847

RFB 003.008
VNC:
  Protocol Version: 3.8

10911 / tcp

1911457608 | 2025-03-19T22:16:08.711425

\x00[\x00\x00\x00\x00\x00\x00

11000 / tcp

-1279886438 | 2025-03-19T16:44:13.405485

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

11002 / tcp

-891714208 | 2025-03-11T14:28:07.328332

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

11112 / tcp

15018106 | 2025-03-12T06:14:35.427155

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

11288 / tcp

401555314 | 2025-03-26T14:45:56.235231

NB[GFXjA^R

11300 / tcp

1911457608 | 2025-03-11T18:25:54.011753

\x00[\x00\x00\x00\x00\x00\x00

11701 / tcp

632542934 | 2025-03-11T16:25:46.031958

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

12082 / tcp

971933601 | 2025-03-28T00:27:43.991487

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

12109 / tcp

819727972 | 2025-04-02T21:34:25.128153

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12113 / tcp

-1327660293 | 2025-03-08T20:13:21.717190

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12143 / tcp

-1839934832 | 2025-03-20T13:47:54.725320

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

12144 / tcp

-1737707071 | 2025-03-10T23:16:02.579282

\x00b\x00\x01\x00\x00\x00\x00x\x0b\x00\x00\x00\x00z\x00437

12147 / tcp

117101543 | 2025-03-23T05:46:53.685440

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

12155 / tcp

-1648456501 | 2025-03-11T06:37:17.303672

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

12171 / tcp

971933601 | 2025-03-27T08:38:02.243909

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

12178 / tcp

-2031152423 | 2025-03-13T09:57:01.555065

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

12210 / tcp

1655023012 | 2025-03-24T20:41:55.378169

athinfod: invalid query.\n

12219 / tcp

819727972 | 2025-04-04T02:27:18.207775

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12221 / tcp

1492413928 | 2025-03-05T22:40:22.943338

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

12234 / tcp

-2089734047 | 2025-03-29T21:34:57.573030

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12258 / tcp

-1399940268 | 2025-04-01T17:43:04.711417

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12277 / tcp

-1428621233 | 2025-03-08T20:21:32.840086

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

12305 / tcp

-1888448627 | 2025-03-16T19:48:48.887330

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12310 / tcp

-1279886438 | 2025-04-01T20:16:36.458997

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

12324 / tcp

-2107996212 | 2025-03-26T23:47:09.432367

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

12345 / tcp

878900329 | 2025-03-21T07:46:35.990535

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae24ba_PStjkgwtss75_22411-43255

12347 / tcp

-2107996212 | 2025-03-14T09:01:42.712583

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

12350 / tcp

-274082663 | 2025-03-15T12:03:33.965157

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

12358 / tcp

897328069 | 2025-03-14T10:28:24.364115

220 mail.scott000.com ESMTP

12361 / tcp

-441419608 | 2025-03-27T02:45:36.611403

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

12362 / tcp

-1399940268 | 2025-03-13T08:23:51.447476

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12377 / tcp

-1399940268 | 2025-03-12T15:11:16.504515

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12378 / tcp

632542934 | 2025-03-16T22:59:14.819010

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

12388 / tcp

1332894250 | 2025-03-10T03:30:54.430157

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

12394 / tcp

-1399940268 | 2025-03-15T01:23:31.276478

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12395 / tcp

-1261090339 | 2025-03-19T05:35:23.976479

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

12397 / tcp

2143387245 | 2025-03-15T20:56:06.305915

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

12398 / tcp

-1399940268 | 2025-03-08T19:12:48.370302

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12424 / tcp

-1399940268 | 2025-03-28T23:41:56.235680

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12432 / tcp

-980525298 | 2025-03-23T20:03:29.262489

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12433 / tcp

-1399940268 | 2025-03-06T00:10:20.382692

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12454 / tcp

-358801646 | 2025-03-27T20:57:35.796917

SSH-2.0-OpenSSH_6.6.1

12460 / tcp

-1795027372 | 2025-03-06T00:42:44.437487

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

12462 / tcp

-2089734047 | 2025-03-23T09:25:52.610009

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12470 / tcp

-1899074860 | 2025-04-03T08:41:00.130970

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

12473 / tcp

165188539 | 2025-03-17T09:04:08.610262

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12474 / tcp

-904840257 | 2025-03-20T02:37:04.721882

572 Relay not authorized\r\n

12478 / tcp

1011407350 | 2025-03-13T15:07:09.616591

* OK GroupWise IMAP4rev1 Server Ready\r\n

12487 / tcp

-249504111 | 2025-03-17T20:17:48.983583

\x00[xU-\x7f\x00\x00

12500 / tcp

1363464823 | 2025-04-03T05:15:10.967949

\x00[|ox\x7f\x00\x00

12510 / tcp

165188539 | 2025-04-01T07:51:39.795874

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12511 / tcp

1623746877 | 2025-04-03T18:55:41.872156

500 Permission denied - closing connection.\r\n

12515 / tcp

819727972 | 2025-03-15T12:29:09.249491

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12518 / tcp

-1399940268 | 2025-03-17T02:00:24.057053

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12543 / tcp

165188539 | 2025-04-01T22:45:59.430122

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12568 / tcp

-1699556818 | 2025-04-03T03:21:43.367362

\x01remshd: Kerberos Authentication not enabled.\n

12574 / tcp

-616720387 | 2025-03-13T17:47:36.224846

SSH-2.0-SSHD_0.7.6

12581 / tcp

-980525298 | 2025-03-16T11:27:49.023282

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12615 / tcp

1210754493 | 2025-03-15T20:46:27.808030

0\x0c\x02\x01\x01a\x07\n\x01\x00\x04\x00\x04\x00

13001 / tcp

819727972 | 2025-04-03T02:17:53.658107

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

13128 / tcp

945910976 | 2025-03-27T19:45:27.493857

* OK TeamXchange IMAP4rev1 server (otyUg) ready.\r\n

13333 / tcp

1208318993 | 2025-03-31T19:45:31.813352

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

14265 / tcp

-2089734047 | 2025-04-04T06:31:58.122899

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

14344 / tcp

1911457608 | 2025-03-22T08:55:06.070554

\x00[\x00\x00\x00\x00\x00\x00

14400 / tcp

321971019 | 2025-03-13T14:13:09.135552

-ERR client ip is not in whitelist\r

14407 / tcp

-1399940268 | 2025-03-22T15:57:32.681432

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14523 / tcp

-1487943323 | 2025-03-06T23:29:11.016774

431 Unable to negotiate secure command connection.\r\n

14524 / tcp

1911457608 | 2025-03-16T13:07:22.250607

\x00[\x00\x00\x00\x00\x00\x00

14873 / tcp

-1327660293 | 2025-03-22T14:47:57.904644

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

14894 / tcp

-585940771 | 2025-04-01T21:14:31.922591

Unknown command\r\n

14901 / tcp

-1399940268 | 2025-04-01T05:26:30.100793

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

15000 / tcp

-1729774754 | 2025-03-27T20:17:10.581208

-wrong number of arguments for 'get' command

15018 / tcp

-1453516345 | 2025-04-02T07:47:21.799889

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

15443 / tcp

-2096652808 | 2025-03-28T13:54:12.271653

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

15672 / tcp

671605376 | 2025-04-02T11:15:13.541007

SSH-2.0-OpenSSH_X.X

16002 / tcp

921225407 | 2025-04-03T21:01:37.458189

\x00\x00\x00\x04\x00\x00\x00\x00\x00

16004 / tcp

1726594447 | 2025-03-24T08:09:42.548401

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

16006 / tcp

455076604 | 2025-04-01T21:48:48.270686

!\x07version\x04bind7 t{RPowerDNS Recursor 410

16029 / tcp

1161309183 | 2025-03-07T17:41:06.925748

ProxyServer is ready

16035 / tcp

-1399940268 | 2025-04-03T05:38:12.560899

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16038 / tcp

307999478 | 2025-03-10T16:47:02.620975

unknown command \r\nunknown command \r\n

16040 / tcp

1282941221 | 2025-03-23T10:14:02.545145

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

16041 / tcp

-441419608 | 2025-03-22T01:55:10.303776

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

16047 / tcp

-1399940268 | 2025-03-09T05:57:23.513030

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16058 / tcp

205347087 | 2025-03-10T13:15:17.184888

SSH-25453-Cisco-3524665.35\n

16071 / tcp

-122096153 | 2025-03-22T01:46:48.285162

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

16077 / tcp

1278527606 | 2025-03-19T16:23:14.811076

SSH-2.0-Teleport

16079 / tcp

-1737707071 | 2025-03-29T15:42:12.671133

\x00b\x00\x01\x00\x00\x00\x00x\x0b\x00\x00\x00\x00z\x00437

16093 / tcp

-784071826 | 2025-04-02T04:23:53.233693

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

16104 / tcp

-1327660293 | 2025-03-27T13:42:16.009201

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

16402 / tcp

2063598737 | 2025-03-26T16:11:32.051123

/0 0 L\r\n/0 0 HUH\r\n

16464 / tcp

-1626979812 | 2025-04-02T09:16:29.514276

220 Service ready for new user.

17000 / tcp

-1810987450 | 2025-03-26T00:48:45.018990

\xc3\xbf

17001 / tcp

-1810987450 | 2025-04-02T18:00:18.550888

\xc3\xbf

17084 / tcp

-1399940268 | 2025-03-31T14:32:48.356478

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

17770 / tcp

921225407 | 2025-03-28T21:20:45.367696

\x00\x00\x00\x04\x00\x00\x00\x00\x00

17774 / tcp

819727972 | 2025-04-03T18:58:29.749209

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

18002 / tcp

-122096153 | 2025-03-23T17:17:10.062983

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

18009 / tcp

-1399940268 | 2025-03-23T23:18:59.658664

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18012 / tcp

632542934 | 2025-04-04T00:39:13.393048

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

18016 / tcp

15018106 | 2025-03-17T05:30:50.153313

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

18029 / tcp

897328069 | 2025-03-24T13:41:34.033078

220 mail.scott000.com ESMTP

18033 / tcp

-2089734047 | 2025-03-25T16:26:49.265221

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

18039 / tcp

819727972 | 2025-03-12T17:11:30.235329

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

18043 / tcp

-358801646 | 2025-03-26T19:26:00.648453

SSH-2.0-OpenSSH_6.6.1

18052 / tcp

-249504111 | 2025-03-09T05:08:56.575947

\x00[xU-\x7f\x00\x00

18063 / tcp

-2096652808 | 2025-03-26T12:38:11.507345

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

18065 / tcp

-1399940268 | 2025-03-29T21:03:27.622244

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18072 / tcp

-274082663 | 2025-03-07T18:09:28.001720

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

18080 / tcp

539065883 | 2025-03-29T01:56:14.589742

18096 / tcp

1126993057 | 2025-03-15T14:24:15.092806

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

18100 / tcp

-1032713145 | 2025-03-27T15:40:54.695923

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

18245 / tcp

-1477838366 | 2025-03-21T20:45:01.137604

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

19017 / tcp

-653033013 | 2025-03-27T23:52:29.474834

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

19080 / tcp

-1888448627 | 2025-03-05T20:40:35.246217

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

19902 / tcp

-784071826 | 2025-03-28T20:13:00.076288

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

19930 / tcp

1690634669 | 2025-03-14T10:16:00.011266

20000 / tcp

1900503736 | 2025-04-03T20:57:42.345057

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

20080 / tcp

1543809371 | 2025-03-23T02:26:01.787057

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

20087 / tcp

1741579575 | 2025-04-03T00:08:17.273659

20151 / tcp

-1399940268 | 2025-03-24T00:09:27.685339

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20202 / tcp

921225407 | 2025-03-20T18:53:44.472908

\x00\x00\x00\x04\x00\x00\x00\x00\x00

20208 / tcp

-358801646 | 2025-03-14T16:28:33.689527

SSH-2.0-OpenSSH_6.6.1

20500 / tcp

1353260875 | 2025-03-23T03:54:01.559006

\x00[g\xc2\x95N\x7f\x00\x00

20547 / tcp

-1399940268 | 2025-04-03T15:30:21.027015

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20880 / tcp

1370263973 | 2025-03-11T11:08:52.880367

dubbo>

21025 / tcp

819727972 | 2025-03-29T10:51:49.728769

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

21236 / tcp

-1730858130 | 2025-03-10T03:17:58.226033

RFB 003.008
VNC:
  Protocol Version: 3.8

21238 / tcp

-2089734047 | 2025-03-21T04:52:08.131425

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

21250 / tcp

-441419608 | 2025-03-28T02:57:34.657126

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

21262 / tcp

632542934 | 2025-04-03T19:27:16.143113

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

21264 / tcp

-1399940268 | 2025-03-21T04:46:24.502667

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21270 / tcp

-2033111675 | 2025-03-15T01:23:25.141509

~djb

21277 / tcp

-1013082686 | 2025-03-05T22:10:18.625179

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

21296 / tcp

-358801646 | 2025-04-04T01:12:08.762308

SSH-2.0-OpenSSH_6.6.1

21299 / tcp

1911457608 | 2025-03-07T08:55:41.219181

\x00[\x00\x00\x00\x00\x00\x00

21309 / tcp

-1598265216 | 2025-03-06T03:11:58.393544

@RSYNCD: 31.0

21330 / tcp

321971019 | 2025-03-21T06:07:48.751328

-ERR client ip is not in whitelist\r

21379 / tcp

171352214 | 2025-04-03T10:40:51.761928

-ERR client ip is not in whitelist

21935 / tcp

-1297953727 | 2025-03-19T20:05:43.637225

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

22000 / tcp

1690634669 | 2025-04-01T17:24:47.899276

22001 / tcp

-2107996212 | 2025-04-04T04:31:04.053168

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

22067 / tcp

2103111368 | 2025-03-27T17:25:45.186866

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

22107 / tcp

-441419608 | 2025-03-21T19:20:13.750176

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

23023 / tcp

-971970408 | 2025-03-23T22:32:35.268249

23084 / tcp

-1114821551 | 2025-03-07T08:04:41.238590

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

23182 / tcp

-438503381 | 2025-03-20T00:31:53.699184

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

23184 / tcp

-2089734047 | 2025-03-10T17:59:17.394252

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

23424 / tcp

0 | 2025-03-18T19:33:23.269229

Hashes

hash

-119996482

http.dom_hash

http.html_hash

HTTP/1.1 408 Request Timeout
Content-Length: 0

25001 / tcp

820958131 | 2025-03-18T14:37:55.799853

kjnkjabhbanc283ubcsbhdc72\x02

25006 / tcp

1189133115 | 2025-04-01T12:38:55.801250

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

25565 / tcp

-441419608 | 2025-04-03T03:37:33.811334

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

25782 / tcp

1911457608 | 2025-03-20T23:30:18.145185

\x00[\x00\x00\x00\x00\x00\x00

26656 / tcp

-1428621233 | 2025-03-28T23:57:55.804436

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

26657 / tcp

1741579575 | 2025-03-28T02:28:32.172173

27015 / tcp

-971970408 | 2025-03-25T12:17:15.208003

27016 / tcp

-1441741890 | 2025-03-25T13:59:48.280633

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2
0181212])

27017 / tcp

422524323 | 2025-03-31T17:09:19.550831

{
"Version": "3.4.18",
"VersionArray": [
3,
4,
18,
0
],
"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",
"OpenSSLVersion": "",
"SysInfo": "",
"Bits": 64,
"Debug": false,
"MaxObjectSize": 16777216
}

27036 / tcp

1690634669 | 2025-03-25T09:07:08.942064

28001 / tcp

1726594447 | 2025-03-26T15:20:01.724881

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

28015 / tcp

-2096652808 | 2025-03-18T07:29:13.414805

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

28080 / tcp

-1136600457 | 2025-03-28T05:35:43.150120

HELO:10.3.6.0.false
AS:2048
HL:19

30002 / tcp

1308377066 | 2025-03-10T09:17:33.616175

ncacn_http/1.0

30003 / tcp

1544300041 | 2025-03-09T21:35:21.027358

SSH-25453-Cisco-3524665.35

30004 / tcp

1911457608 | 2025-04-01T01:11:11.926927

\x00[\x00\x00\x00\x00\x00\x00

30009 / tcp

1282941221 | 2025-03-07T01:42:55.377413

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

30022 / tcp

-319440554 | 2025-03-18T21:24:34.493966

30122 / tcp

1741579575 | 2025-03-19T20:07:09.935960

30222 / tcp

2087396567 | 2025-03-25T16:11:07.098955

kjnkjabhbanc283ubcsbhdc72

30301 / tcp

233634112 | 2025-03-15T20:07:48.424031

SSH-98.60-SysaxSSH_81885..42

30443 / tcp

722711397 | 2025-03-23T03:54:10.033187

\x00[M\xc3\xba\xc3\x9a\x7f\x00\x00

30718 / tcp

1589691163 | 2025-04-03T00:02:39.297756

LH\xdb\xc6\xdd\xf6g\x10\x19\x00\x00\x00\x18\x00\x01\x02\x00\x10\x00\x04\x00\x00\x00\x01\x8d\x96\x82(\x02\x12j\xee\xa1\xcd&e\xb7M\xd0q

30722 / tcp

-319440554 | 2025-03-13T13:17:03.229620

31122 / tcp

2087396567 | 2025-03-09T12:31:24.308062

kjnkjabhbanc283ubcsbhdc72

31422 / tcp

-1887823886 | 2025-03-25T03:46:26.625099

K%~)J/\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

31444 / tcp

-2031152423 | 2025-03-16T07:45:49.498893

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

31522 / tcp

2087396567 | 2025-03-13T00:57:27.404563

kjnkjabhbanc283ubcsbhdc72

31622 / tcp

-68075478 | 2025-03-12T23:00:36.487757

31722 / tcp

2087396567 | 2025-03-21T16:28:13.433647

kjnkjabhbanc283ubcsbhdc72

31822 / tcp

863754335 | 2025-03-20T19:28:07.958310

0a

31922 / tcp

2087396567 | 2025-03-11T06:01:41.942994

kjnkjabhbanc283ubcsbhdc72

32022 / tcp

1741579575 | 2025-03-12T04:15:06.924855

32222 / tcp

2087396567 | 2025-03-23T18:28:52.379106

kjnkjabhbanc283ubcsbhdc72

32422 / tcp

-445721795 | 2025-03-23T13:57:17.215094

\x00[\xc3\xaed\x1a\x7f\x00\x00

32522 / tcp

1282941221 | 2025-03-22T03:43:03.491957

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

32622 / tcp

233634112 | 2025-04-04T11:33:00.110570

SSH-98.60-SysaxSSH_81885..42

32722 / tcp

-1990350878 | 2025-04-04T09:48:43.892802

 
04 \...

32764 / tcp

-971970408 | 2025-03-28T09:42:51.069686

32822 / tcp

-1733645023 | 2025-03-23T03:56:17.153727

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

33060 / tcp

819727972 | 2025-04-01T21:37:30.251261

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

33338 / tcp

2087396567 | 2025-04-02T17:12:30.332696

kjnkjabhbanc283ubcsbhdc72

33389 / tcp

-904840257 | 2025-03-13T17:40:59.110372

572 Relay not authorized\r\n

33622 / tcp

740837454 | 2025-03-21T05:08:43.874125

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

34422 / tcp

819727972 | 2025-03-15T00:40:12.491011

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

34922 / tcp

1690634669 | 2025-03-18T19:40:05.496161

35000 / tcp

-2089734047 | 2025-03-18T17:09:22.440587

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

35322 / tcp

291723434 | 2025-03-17T08:28:31.590941

Lantronix MSS100 Version V118/523(045538937)

Type HELP at the 'Local_61349> ' prompt for assistance.



Username>

35422 / tcp

740837454 | 2025-03-18T23:07:16.391479

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

35522 / tcp

-321444299 | 2025-03-17T01:32:34.561360

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

35524 / tcp

-1399940268 | 2025-03-25T12:22:41.872053

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

35531 / tcp

1911457608 | 2025-03-06T16:25:36.432610

\x00[\x00\x00\x00\x00\x00\x00

35822 / tcp

2087396567 | 2025-03-17T17:36:41.612333

kjnkjabhbanc283ubcsbhdc72

35922 / tcp

1741579575 | 2025-03-16T22:03:53.804936

36022 / tcp

1519486042 | 2025-03-17T21:07:06.670359

<KU_goodbye>Protocol Error: XML data is not well-formed.</KU_goodbye>

36122 / tcp

1282941221 | 2025-03-13T09:49:37.890346

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

36222 / tcp

1189133115 | 2025-03-17T19:51:48.487982

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

37122 / tcp

1741579575 | 2025-03-16T23:06:47.526716

37215 / tcp

1426971893 | 2025-04-02T15:24:41.211365

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

37322 / tcp

-1648456501 | 2025-03-16T11:04:35.339636

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

37622 / tcp

2087396567 | 2025-03-16T01:58:23.679658

kjnkjabhbanc283ubcsbhdc72

37722 / tcp

-1839934832 | 2025-03-16T00:09:50.274475

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

37777 / tcp

2087396567 | 2025-04-02T13:26:42.971097

kjnkjabhbanc283ubcsbhdc72

37922 / tcp

1261582754 | 2025-03-18T00:27:11.130753

unknown command 
unknown command

38022 / tcp

2087396567 | 2025-03-17T22:44:00.871176

kjnkjabhbanc283ubcsbhdc72

38333 / tcp

1308377066 | 2025-03-28T18:37:28.433388

ncacn_http/1.0

38522 / tcp

660175493 | 2025-03-13T23:44:20.697111

38880 / tcp

819727972 | 2025-04-02T16:58:10.483019

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

39122 / tcp

1741579575 | 2025-03-13T19:22:53.449467

39522 / tcp

2087396567 | 2025-03-11T09:09:15.448471

kjnkjabhbanc283ubcsbhdc72

39622 / tcp

2087396567 | 2025-03-11T08:28:41.767167

kjnkjabhbanc283ubcsbhdc72

40022 / tcp

-358801646 | 2025-03-09T10:40:05.478989

SSH-2.0-OpenSSH_6.6.1

41022 / tcp

1632932802 | 2025-03-08T22:55:47.721869

41443 / tcp

2087396567 | 2025-03-14T03:13:16.507314

kjnkjabhbanc283ubcsbhdc72

43009 / tcp

-1140468363 | 2025-03-27T02:32:49.757941

\x02\t\x01

44158 / tcp

-433302150 | 2025-03-15T07:41:27.497445

/multistream/1.0.0

44222 / tcp

-1013082686 | 2025-03-10T22:29:38.891670

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

44303 / tcp

921225407 | 2025-04-02T15:49:45.532656

\x00\x00\x00\x04\x00\x00\x00\x00\x00

44307 / tcp

945910976 | 2025-04-01T18:54:24.763407

* OK TeamXchange IMAP4rev1 server (otyUg) ready.\r\n

44350 / tcp

1761482307 | 2025-04-03T11:39:45.117695

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

44400 / tcp

-1399940268 | 2025-03-25T20:51:51.936907

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

44818 / tcp

1353260875 | 2025-03-24T23:36:36.983217

\x00[g\xc2\x95N\x7f\x00\x00

45006 / tcp

921225407 | 2025-04-01T04:30:00.858200

\x00\x00\x00\x04\x00\x00\x00\x00\x00

45022 / tcp

740837454 | 2025-03-10T15:51:17.965936

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

45777 / tcp

-1399940268 | 2025-03-12T00:28:29.859913

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

45786 / tcp

-1428621233 | 2025-03-08T18:51:09.461702

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

45822 / tcp

2087396567 | 2025-03-10T12:56:32.782830

kjnkjabhbanc283ubcsbhdc72

45922 / tcp

819727972 | 2025-03-10T14:37:12.035734

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

47808 / tcp

-2096652808 | 2025-03-31T11:02:55.191270

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

47822 / tcp

1919228981 | 2025-03-10T09:28:50.150309

\x00\x1e\x00\x06\xc2\x81\xc2\x85\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

48019 / tcp

1426971893 | 2025-03-10T04:20:04.387658

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

48222 / tcp

819727972 | 2025-03-10T03:45:40.763287

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

48522 / tcp

2087396567 | 2025-03-09T22:34:24.860020

kjnkjabhbanc283ubcsbhdc72

48889 / tcp

-1888448627 | 2025-03-05T20:22:10.665337

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

48899 / tcp

1332894250 | 2025-03-31T08:58:54.227745

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

49152 / tcp

-726970723 | 2025-03-31T21:22:47.391083

HTTP/1.1 500 Internal Server Error
CONTENT-LENGTH: 411
CONTENT-TYPE: text/xml; charset="utf-8"
DATE: Mon, 22 Jan 2024 16:46:55 GMT
EXT:
SERVER: Linux/3.18.20, UPnP/1.0, Portable SDK for UPnP devices/1.6.18
X-User-Agent: redsonic

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<s:Body>
<s:Fault>
<faultcode>s:Client</faultcode>
<faultstring>UPnPError</faultstring>
<detail>
<UPnPError xmlns="urn:schemas-upnp-org:control-1-0">

49153 / tcp

819727972 | 2025-03-22T13:14:09.601048

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

49501 / tcp

-1399940268 | 2025-04-01T22:12:41.165256

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

49684 / tcp

1632932802 | 2025-03-19T01:51:24.018474

50000 / tcp

-1392039491 | 2025-04-02T05:17:18.132357

"Broadband Router"

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

50022 / tcp

819727972 | 2025-03-28T14:42:25.534223

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

50042 / tcp

-1399940268 | 2025-03-22T20:02:00.191309

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

50070 / tcp

-358801646 | 2025-03-28T11:37:23.122122

SSH-2.0-OpenSSH_6.6.1

50073 / tcp

575925250 | 2025-03-19T22:15:50.151654

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

50080 / tcp

-146605374 | 2025-03-15T20:31:14.735648

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

50100 / tcp

1996932384 | 2025-04-04T13:25:48.187708

"raop" nonce

50113 / tcp

-2096652808 | 2025-03-15T02:10:05.450629

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

51002 / tcp

-2089734047 | 2025-03-27T19:35:41.053329

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

51235 / tcp

-1887823886 | 2025-03-21T17:39:09.416656

K%~)J/\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

52022 / tcp

819727972 | 2025-03-07T01:34:14.927211

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

53413 / tcp

1761482307 | 2025-03-29T08:13:24.084474

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

53481 / tcp

1911457608 | 2025-03-15T18:36:22.490892

\x00[\x00\x00\x00\x00\x00\x00

53484 / tcp

1208318993 | 2025-03-09T21:13:16.149372

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

54138 / tcp

-971970408 | 2025-04-01T15:39:59.411210

54984 / tcp

1741579575 | 2025-03-21T07:12:51.312434

55222 / tcp

-1730858130 | 2025-03-07T02:15:34.913816

RFB 003.008
VNC:
  Protocol Version: 3.8

55422 / tcp

-1461540015 | 2025-03-06T17:54:21.414030

audio 0 RTP/AVP 18 4 3 8 0 101
a

55443 / tcp

819727972 | 2025-03-24T19:09:26.766450

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

55553 / tcp

660175493 | 2025-03-29T08:05:30.750989

55822 / tcp

2087396567 | 2025-03-06T21:06:09.400095

kjnkjabhbanc283ubcsbhdc72

57522 / tcp

-358801646 | 2025-03-06T13:11:32.478432

SSH-2.0-OpenSSH_6.6.1

57778 / tcp

165188539 | 2025-03-28T19:55:31.960962

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

57781 / tcp

580340387 | 2025-04-02T10:19:43.420657

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

57787 / tcp

-358801646 | 2025-03-19T03:32:53.069433

SSH-2.0-OpenSSH_6.6.1

58422 / tcp

819727972 | 2025-03-06T01:16:38.084700

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

58522 / tcp

-1428621233 | 2025-03-05T19:42:46.201044

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

58532 / tcp

-1399940268 | 2025-03-18T09:11:33.791113

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

58822 / tcp

472902042 | 2025-03-05T16:17:54.026882

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

59012 / tcp

1208318993 | 2025-03-06T23:34:59.229425

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

60001 / tcp

-1189269828 | 2025-03-15T02:59:29.641974

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

60099 / tcp

1332894250 | 2025-04-04T03:53:48.383323

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

60129 / tcp

2087396567 | 2025-03-31T18:54:30.341388

kjnkjabhbanc283ubcsbhdc72

60443 / tcp

-262532376 | 2025-03-21T05:21:10.325738

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: keep-alive

61613 / tcp

-1399940268 | 2025-04-01T03:09:51.574331

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

61616 / tcp

1741579575 | 2025-03-24T17:20:34.059889

62016 / tcp

-1888448627 | 2025-03-25T21:05:01.915580

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

62078 / tcp

1978059005 | 2025-04-01T07:05:38.782390

Sorry, that nickname format is invalid.

63210 / tcp

-1681927087 | 2025-03-11T02:46:06.792301

kjnkjabhbanc283ubcsbhdc72

63256 / tcp

1231376952 | 2025-03-16T14:31:49.866865

63260 / tcp

2087396567 | 2025-03-28T07:58:25.477033

kjnkjabhbanc283ubcsbhdc72

63443 / tcp

321971019 | 2025-03-10T12:58:31.672915

-ERR client ip is not in whitelist\r

64738 / tcp

2087396567 | 2025-03-15T05:16:03.698959

kjnkjabhbanc283ubcsbhdc72

39.103.20.114

Last Seen: 2025-04-04

Tags:

GeneralInformation

WebTechnologies

OpenPorts

11 / tcp 165188539 | 2025-03-07T10:08:20.318765

13 / tcp 291723434 | 2025-03-17T05:38:48.461138

15 / tcp -2017887953 | 2025-04-03T05:56:58.371005

17 / tcp -1907909544 | 2025-04-02T18:54:42.529902

21 / tcp -1248408558 | 2025-04-03T09:36:14.027351

25 / tcp -1626979812 | 2025-04-02T22:36:00.220530

37 / tcp 1443000738 | 2025-03-20T20:33:57.134677

43 / tcp -358801646 | 2025-03-27T22:33:55.502878

49 / tcp 1160472910 | 2025-04-03T18:17:29.411527

53 / tcp -682282491 | 2025-03-16T14:27:54.345351

70 / tcp -972699072 | 2025-03-17T11:26:34.647319

79 / tcp -2029556872 | 2025-03-15T21:40:46.462306

80 / tcp 445417871 | 2025-03-18T11:13:46.412410

Hashes

86 / tcp -1888448627 | 2025-03-17T02:56:00.087049

92 / tcp -1399940268 | 2025-03-15T06:46:21.260243

104 / tcp -1399940268 | 2025-03-20T04:24:28.400879

111 / tcp -122096153 | 2025-03-26T00:03:48.981646

113 / tcp 455076604 | 2025-03-20T03:56:40.158986

135 / tcp 1483120365 | 2025-03-28T21:23:15.604469

175 / tcp -2096652808 | 2025-03-16T12:29:54.600789

177 / tcp 165188539 | 2025-03-06T10:45:17.175968

179 / tcp -399606100 | 2025-03-22T18:09:25.982350

195 / tcp 897328069 | 2025-03-15T16:40:09.923767

221 / tcp 366084633 | 2025-03-09T21:27:29.445530

264 / tcp -654288545 | 2025-03-27T08:37:14.610573

400 / tcp 819727972 | 2025-03-23T20:46:48.604420

427 / tcp 1801635450 | 2025-03-20T03:49:13.747138

440 / tcp 1911457608 | 2025-03-07T09:07:20.795180

465 / tcp 897328069 | 2025-03-23T21:25:28.118987

503 / tcp -2096652808 | 2025-03-18T12:00:36.669655

513 / tcp 1623746877 | 2025-03-21T18:29:28.484607

515 / tcp 1282941221 | 2025-03-17T10:53:59.201116

548 / tcp -773160241 | 2025-04-03T02:51:08.195424

554 / tcp 902688621 | 2025-04-04T06:07:19.430336

636 / tcp 1255568492 | 2025-03-23T02:38:06.932655

666 / tcp -1960639992 | 2025-03-22T23:45:45.122870

789 / tcp 897328069 | 2025-03-11T15:26:48.047212

811 / tcp -1399940268 | 2025-03-24T09:18:51.446923

830 / tcp 103159425 | 2025-03-31T23:23:33.360239

995 / tcp -740312032 | 2025-03-07T18:13:32.976339

1023 / tcp 819727972 | 2025-03-15T15:17:04.159534

1025 / tcp 921225407 | 2025-03-23T05:52:32.646352

1080 / tcp 1362344524 | 2025-04-03T18:28:19.874620

1177 / tcp -2017887953 | 2025-03-21T04:43:03.504460

1190 / tcp 819727972 | 2025-03-20T16:00:04.898714

1200 / tcp 171352214 | 2025-03-23T21:10:39.429591

1234 / tcp -1947777893 | 2025-03-13T01:58:16.652127

1250 / tcp 1189133115 | 2025-03-17T23:14:52.047514

1337 / tcp 1842524259 | 2025-03-10T18:27:21.504257

1364 / tcp -1189269828 | 2025-03-14T17:14:31.234181

1370 / tcp 1642597142 | 2025-03-21T03:38:42.451499

1414 / tcp -903067560 | 2025-03-22T06:06:20.846195

1456 / tcp 740837454 | 2025-03-17T22:03:33.267383

1515 / tcp -375604792 | 2025-03-16T22:16:32.268840

1521 / tcp -186520940 | 2025-03-29T08:44:23.345434

1599 / tcp -746114901 | 2025-03-20T00:07:05.773576

1723 / tcp 1103582599 | 2025-04-01T20:27:06.264296

1800 / tcp 1911457608 | 2025-04-01T18:56:08.302489

1801 / tcp -833635452 | 2025-03-25T08:11:05.586613

1926 / tcp 819727972 | 2025-03-10T04:38:48.211618

1955 / tcp 1911457608 | 2025-03-12T18:56:43.746107

1958 / tcp -358801646 | 2025-03-22T04:16:29.185368

1962 / tcp 819727972 | 2025-03-21T03:18:54.250135

1974 / tcp -1835475271 | 2025-03-24T15:28:17.041673

1979 / tcp -1105333987 | 2025-03-29T16:56:06.634815

2000 / tcp 1624217396 | 2025-03-25T03:09:30.566288

2008 / tcp 971933601 | 2025-03-22T10:30:05.140023

2057 / tcp 1282941221 | 2025-03-22T21:18:49.009082

2058 / tcp -1746074029 | 2025-03-21T20:07:59.537384

2078 / tcp -1746074029 | 2025-03-22T04:50:52.820055

2080 / tcp 307999478 | 2025-03-29T03:02:21.721274

2083 / tcp 1842524259 | 2025-03-28T12:48:03.442527

2091 / tcp 819727972 | 2025-03-21T06:46:48.861858

11 / tcp

165188539 | 2025-03-07T10:08:20.318765

13 / tcp

291723434 | 2025-03-17T05:38:48.461138

15 / tcp

-2017887953 | 2025-04-03T05:56:58.371005

17 / tcp

-1907909544 | 2025-04-02T18:54:42.529902

21 / tcp

-1248408558 | 2025-04-03T09:36:14.027351

25 / tcp

-1626979812 | 2025-04-02T22:36:00.220530

37 / tcp

1443000738 | 2025-03-20T20:33:57.134677

43 / tcp

-358801646 | 2025-03-27T22:33:55.502878

49 / tcp

1160472910 | 2025-04-03T18:17:29.411527

53 / tcp

-682282491 | 2025-03-16T14:27:54.345351

70 / tcp

-972699072 | 2025-03-17T11:26:34.647319

79 / tcp

-2029556872 | 2025-03-15T21:40:46.462306

80 / tcp

445417871 | 2025-03-18T11:13:46.412410

86 / tcp

-1888448627 | 2025-03-17T02:56:00.087049

92 / tcp

-1399940268 | 2025-03-15T06:46:21.260243

104 / tcp

-1399940268 | 2025-03-20T04:24:28.400879

111 / tcp

-122096153 | 2025-03-26T00:03:48.981646

113 / tcp

455076604 | 2025-03-20T03:56:40.158986

135 / tcp

1483120365 | 2025-03-28T21:23:15.604469

175 / tcp

-2096652808 | 2025-03-16T12:29:54.600789

177 / tcp

165188539 | 2025-03-06T10:45:17.175968

179 / tcp

-399606100 | 2025-03-22T18:09:25.982350

195 / tcp

897328069 | 2025-03-15T16:40:09.923767

221 / tcp

366084633 | 2025-03-09T21:27:29.445530

264 / tcp

-654288545 | 2025-03-27T08:37:14.610573

400 / tcp

819727972 | 2025-03-23T20:46:48.604420

427 / tcp

1801635450 | 2025-03-20T03:49:13.747138

440 / tcp

1911457608 | 2025-03-07T09:07:20.795180

465 / tcp

897328069 | 2025-03-23T21:25:28.118987

503 / tcp

-2096652808 | 2025-03-18T12:00:36.669655

513 / tcp

1623746877 | 2025-03-21T18:29:28.484607

515 / tcp

1282941221 | 2025-03-17T10:53:59.201116

548 / tcp

-773160241 | 2025-04-03T02:51:08.195424

554 / tcp

902688621 | 2025-04-04T06:07:19.430336

636 / tcp

1255568492 | 2025-03-23T02:38:06.932655

666 / tcp

-1960639992 | 2025-03-22T23:45:45.122870

789 / tcp

897328069 | 2025-03-11T15:26:48.047212

811 / tcp

-1399940268 | 2025-03-24T09:18:51.446923

830 / tcp

103159425 | 2025-03-31T23:23:33.360239

995 / tcp

-740312032 | 2025-03-07T18:13:32.976339

1023 / tcp

819727972 | 2025-03-15T15:17:04.159534

1025 / tcp

921225407 | 2025-03-23T05:52:32.646352

1080 / tcp

1362344524 | 2025-04-03T18:28:19.874620

1177 / tcp

-2017887953 | 2025-03-21T04:43:03.504460

1190 / tcp

819727972 | 2025-03-20T16:00:04.898714

1200 / tcp

171352214 | 2025-03-23T21:10:39.429591

1234 / tcp

-1947777893 | 2025-03-13T01:58:16.652127

1250 / tcp

1189133115 | 2025-03-17T23:14:52.047514

1337 / tcp

1842524259 | 2025-03-10T18:27:21.504257

1364 / tcp

-1189269828 | 2025-03-14T17:14:31.234181

1370 / tcp

1642597142 | 2025-03-21T03:38:42.451499

1414 / tcp

-903067560 | 2025-03-22T06:06:20.846195

1456 / tcp

740837454 | 2025-03-17T22:03:33.267383

1515 / tcp

-375604792 | 2025-03-16T22:16:32.268840

1521 / tcp

-186520940 | 2025-03-29T08:44:23.345434

1599 / tcp

-746114901 | 2025-03-20T00:07:05.773576

1723 / tcp

1103582599 | 2025-04-01T20:27:06.264296

1800 / tcp

1911457608 | 2025-04-01T18:56:08.302489

1801 / tcp

-833635452 | 2025-03-25T08:11:05.586613

1926 / tcp

819727972 | 2025-03-10T04:38:48.211618

1955 / tcp

1911457608 | 2025-03-12T18:56:43.746107

1958 / tcp

-358801646 | 2025-03-22T04:16:29.185368

1962 / tcp

819727972 | 2025-03-21T03:18:54.250135

1974 / tcp

-1835475271 | 2025-03-24T15:28:17.041673

1979 / tcp

-1105333987 | 2025-03-29T16:56:06.634815

2000 / tcp

1624217396 | 2025-03-25T03:09:30.566288

2008 / tcp

971933601 | 2025-03-22T10:30:05.140023

2057 / tcp

1282941221 | 2025-03-22T21:18:49.009082

2058 / tcp

-1746074029 | 2025-03-21T20:07:59.537384

2078 / tcp

-1746074029 | 2025-03-22T04:50:52.820055

2080 / tcp

307999478 | 2025-03-29T03:02:21.721274

2083 / tcp

1842524259 | 2025-03-28T12:48:03.442527

2091 / tcp

819727972 | 2025-03-21T06:46:48.861858

2095 / tcp

2063598737 | 2025-04-03T00:30:08.133347

2130 / tcp

745343730 | 2025-04-02T03:51:54.862414

2154 / tcp

539065883 | 2025-03-27T05:13:03.691946

2209 / tcp

-358801646 | 2025-03-08T22:44:14.432394

2210 / tcp

-1888448627 | 2025-03-24T08:06:07.843210

2220 / tcp

-1810987450 | 2025-03-11T07:12:40.719978

2222 / tcp

372433470 | 2025-04-03T16:16:37.232926