GeneralInformation

Country	China
City	Beijing
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2024(1)

CVE-2024-6387

8.1A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(2)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

2019(4)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(3)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

2017(1)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(4)

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(1)

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 19 23 25 37 43 49 53 70 79 80 86 92 98 102 110 113 119 135 175 180 189 195 221 263 264 389 427 440 443 444 503 513 593 646 685 743 771 789 843 873 880 992 993 1002 1025 1153 1181 1290 1291 1414 1433 1443 1599 1723 1800 1801 1820 1883 1911 1926 1956 1962 1966 2000 2002 2003 2008 2051 2052 2058 2081 2087 2121 2122 2154 2200 2209 2223 2323 2332 2344 2375 2376 2404 2443 2549 2554 2562 2566 2601 2626 2628 2761 2762 3001 3019 3050 3071 3105 3138 3143 3155 3179 3256 3260 3268 3301 3306 3310 3352 3389 3401 3403 3406 3408 3503 3552 3556 3557 3780 3790 3838 3910 4000 4022 4080 4095 4100 4157 4242 4282 4321 4343 4369 4400 4431 4432 4436 4443 4444 4500 4506 4602 4786 4899 5001 5006 5007 5009 5025 5105 5122 5135 5160 5172 5222 5242 5246 5248 5254 5261 5267 5269 5351 5432 5435 5590 5593 5594 5597 5599 5672 5698 5701 5853 5858 5903 5919 5984 5986 5987 6000 6001 6002 6008 6011 6100 6102 6352 6379 6443 6602 6653 6667 6668 6686 7001 7016 7083 7218 7415 7433 7434 7443 7510 7548 7634 7777 7887 7946 7999 8009 8018 8024 8026 8035 8050 8051 8074 8081 8082 8083 8085 8089 8093 8095 8099 8105 8121 8126 8127 8135 8140 8143 8151 8155 8157 8160 8173 8179 8182 8187 8200 8291 8333 8350 8406 8423 8432 8436 8461 8463 8482 8500 8505 8523 8524 8545 8553 8554 8565 8582 8586 8590 8593 8649 8663 8686 8728 8791 8802 8803 8809 8826 8834 8836 8849 8854 8861 8889 8899 8912 8989 8993 9002 9012 9018 9025 9028 9029 9036 9040 9042 9046 9047 9063 9074 9077 9092 9095 9099 9100 9101 9103 9105 9109 9136 9140 9143 9145 9146 9147 9151 9153 9155 9160 9164 9177 9186 9213 9215 9218 9230 9247 9283 9309 9312 9333 9398 9418 9443 9454 9501 9530 9633 9663 9876 9901 9928 9943 9944 9990 9994 9997 9998 9999 10000 10001 10012 10021 10035 10040 10041 10042 10051 10068 10071 10106 10134 10181 10393 10397 10909 10911 11065 11112 11211 11288 12000 12112 12113 12115 12118 12138 12147 12148 12149 12151 12157 12175 12185 12192 12193 12194 12198 12203 12214 12216 12224 12233 12244 12269 12282 12283 12284 12291 12295 12298 12315 12323 12327 12337 12338 12343 12345 12368 12373 12379 12381 12382 12392 12400 12405 12421 12440 12455 12475 12482 12488 12495 12515 12521 12524 12527 12534 12535 12546 12553 12571 12585 14082 14147 14265 14344 14524 14895 14896 15038 15123 15151 15443 15504 16007 16010 16013 16015 16030 16046 16067 16069 16075 16091 16095 16103 16601 16992 17000 17771 17774 17780 18014 18024 18034 18037 18047 18052 18067 18073 18074 18080 18081 18094 18100 18245 18443 18553 19000 19200 19902 19930 20000 20070 20082 20087 20106 20121 20202 20325 20547 20880 20892 21025 21230 21247 21250 21257 21261 21269 21292 21297 21300 21313 21314 21379 21500 22000 22001 22067 22084 22222 22703 23023 23082 23182 24245 25001 25010 25105 25565 26657 27015 27016 27017 27036 28015 28017 28443 30002 30022 30104 30112 30121 30122 30222 30301 30303 30422 30468 30522 30622 30722 30822 31222 31337 31443 31444 31622 31722 31822 31922 32444 32622 32764 33022 33060 33122 33222 33338 34222 34322 34422 34722 34822 35000 35100 35153 35222 35250 35322 35522 35622 35822 35922 36022 36322 36422 36522 37122 37215 37322 37722 37777 37922 38333 38522 38922 39022 40005 40471 41800 42194 42901 44158 44304 44333 44818 45000 45002 45677 45788 46443 47808 47989 47990 49200 49592 49682 50000 50006 50013 50014 50050 50070 50080 50100 50112 51003 51235 51434 51443 52869 53400 53413 54138 55081 55443 55470 55490 55553 55554 57787 58392 58532 60001 60129 61613 61616 61617 62016 62078 62237 63210 63256 64477 64738 65004

11 / tcp

2087396567 | 2025-03-17T23:05:30.810763

kjnkjabhbanc283ubcsbhdc72

13 / tcp

-1296032851 | 2025-04-09T19:19:30.641437

\x01=\x01À\x06ÿÿ?"<ZDECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x01\x01

19 / tcp

676476721 | 2025-04-11T03:06:16.654545

ELM Enterprise Manager _l
Copyright © 18668511-928641920 TNT Software, Inc.

23 / tcp

-2107996212 | 2025-03-23T08:31:47.603032

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

25 / tcp

1282941221 | 2025-03-20T16:09:29.529068

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

37 / tcp

387930190 | 2025-04-01T18:18:51.630015

\xc3\xbf\xc3\xbb\\x01\n\rn

43 / tcp

2087396567 | 2025-04-10T21:58:44.253866

kjnkjabhbanc283ubcsbhdc72

49 / tcp

-1867457549 | 2025-03-24T09:34:34.642967

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)

53 / tcp

1308081026 | 2025-04-05T17:11:46.354831

9
\x81\x80\x00\x01\x00\x02\x00\x00\x00\x00\x08clients1\x06google\x03com\x00\x00\x01\x00\x01\xc0\x00\x05\x00\x01\x00\x00\x00<\x00\x07clients\x01l\xc0\x15\xc01\x00\x01\x00\x01\x00\x00\x00R\x00\x04\xac٣.
\x00\x06\x81\x05\x00\x01\x00\x00\x00\x00\x00\x00\x

70 / tcp

857710896 | 2025-03-28T04:32:31.699435

HTTP/1.1 200 OK
Server:  
X-Frame-Options: SAMEORIGIN
Content-type: text/html; charset=UTF-8
Last-modified: Mon, 27 Nov 2023 21:45:42 GMT
Accept-Ranges: bytes
Content-length: 580
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff

79 / tcp

627290832 | 2025-03-16T05:02:24.328745

ÿû\x01SOYO_SIP VBNQyQSKc settings
Password:

80 / tcp

330636060 | 2025-04-08T23:31:33.704402

Hashes

hash

691244553

http.dom_hash

1799269922

http.html_hash

330636060

http.server_hash

-498774968

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Tue, 08 Apr 2025 23:31:33 GMT
Content-Type: application/xml
Content-Length: 346
Connection: keep-alive
x-oss-request-id: 67F5B1D5478AB337303C8286
x-oss-server-time: 0
x-oss-ec: 0003-00001201

86 / tcp

-1045760528 | 2025-03-20T04:46:42.088162

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

92 / tcp

1911457608 | 2025-03-21T16:42:00.308277

\x00[\x00\x00\x00\x00\x00\x00

98 / tcp

-1399940268 | 2025-03-13T17:53:59.465025

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

102 / tcp

1989907056 | 2025-04-05T23:13:36.498407

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

110 / tcp

1126993057 | 2025-03-28T18:59:37.810775

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

113 / tcp

60948681 | 2025-03-27T23:22:35.124913

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).

119 / tcp

141730637 | 2025-03-27T16:58:28.692015

HTTP/1.0 200 OK
Server: Proxy

135 / tcp

-1729522695 | 2025-04-01T13:56:02.982896

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: DESKTOP-BFAHJ06\n IP2: 192.168.3.8\n IP3: 172.29.96.1\n IP4: 172.19.80.1\n\nNTLMSSP:\nTarget_Name: DESKTOP-BFAHJ06\nProduct_Version: 10.0.19041 Ntlm 15\nOS: Windows 10, Version 2004/Windows Server, Version 2004\nNetBIOS_Domain_Name: DESKTOP-BFAHJ06\nNetBIOS_Computer_Name: DESKTOP-BFAHJ06\nDNS_Domain_Name: DESKTOP-BFAHJ06\nDNS_Computer_Name: DESKTOP-BFAHJ06\nSystem_Time: 2024-01-22 04:05:47 +0000 UTC\n\nDCERP

175 / tcp

819727972 | 2025-03-28T10:04:42.391632

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

180 / tcp

89142341 | 2025-03-23T17:51:07.813768

\x05\x00\x00\x00\x0b\x08\x05\x1a\x00

189 / tcp

-1888448627 | 2025-03-13T18:56:55.776991

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

195 / tcp

165188539 | 2025-04-10T04:09:09.941630

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

221 / tcp

-358801646 | 2025-04-01T15:18:22.938117

SSH-2.0-OpenSSH_6.6.1

263 / tcp

-805362002 | 2025-03-29T22:26:50.273779

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

264 / tcp

-1707068558 | 2025-04-08T13:55:31.582867

389 / tcp

-1907080992 | 2025-03-22T04:32:02.746687

0\x0c\\x02\\x01\\x01a\\x07\n\\x01\\x00\\x04\\x00\\x04\\x00

427 / tcp

-661950041 | 2025-03-29T20:29:19.841886

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://*.*.*.*\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:cdserver\nservice:fdserver\nservice:hdserver\nservice:rmedia\nservice:adviser\nservice:lighttpd\nB://l:87/x\n\nResponse of service:cdserver SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:cdserver://IEIB4055D60C037:5120\n\n\nResponse of service:cdserver AttrRqst:\nVersion: 2\nFunction: Attribute R

440 / tcp

1208318993 | 2025-03-24T06:15:22.569111

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

443 / tcp

1638645179 | 2025-04-04T05:51:08.726254

Hashes

hash

641689375

http.dom_hash

196608935

http.html_hash

1638645179

http.server_hash

-498774968

http.title_hash

-1391280995

400 The plain HTTP request was sent to HTTPS port

HTTP/1.1 400 Bad Request
Server: AliyunOSS
Date: Fri, 04 Apr 2025 05:51:08 GMT
Content-Type: text/html
Content-Length: 327
Connection: close

444 / tcp

1887224352 | 2025-04-09T23:42:42.944881

503 / tcp

165188539 | 2025-03-12T12:09:09.537376

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

513 / tcp

-1399940268 | 2025-03-14T20:20:06.198588

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

593 / tcp

1308377066 | 2025-03-26T05:06:27.466988

ncacn_http/1.0

646 / tcp

1260221665 | 2025-03-28T20:09:19.196500

\\x00\\x01\\x00\\x1c\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\x00\\x12\\x00\\x05k\\xaf\\x03\\x00\\x00\n\\x80\\x00\\x00\\x03\\x00\\x00\\x00\\x00\\x00\\x00

685 / tcp

-2089734047 | 2025-03-29T04:07:25.369866

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

743 / tcp

575925250 | 2025-04-06T21:07:08.772260

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

771 / tcp

1911457608 | 2025-04-06T22:28:42.279218

\x00[\x00\x00\x00\x00\x00\x00

789 / tcp

-1399940268 | 2025-03-19T10:17:53.098979

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

843 / tcp

-2004989248 | 2025-04-05T08:20:50.239768

<cross-domain-policy>\n   <allow-access-from domain="*" to-po\nrts="*" />\n</cross-domain-policy>

873 / tcp

-1970692834 | 2025-03-25T01:17:36.902938

@RSYNCD: 31.0\n@RSYNCD: EXIT\n

880 / tcp

-1256415508 | 2025-04-01T20:09:02.879274

HTTP/1.1 404 Not Found
Server: TornadoServer/6.1
Content-Type: text/html; charset=UTF-8

992 / tcp

1814656027 | 2025-03-21T07:49:23.514856

HTTP/1.1 403 Forbidden
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=15; max=19

993 / tcp

-1996280214 | 2025-04-06T01:56:59.173769

\x06\x04\x05@

1002 / tcp

307999478 | 2025-03-24T19:32:52.423648

unknown command \r\nunknown command \r\n

1025 / tcp

165188539 | 2025-03-28T20:15:48.158865

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1153 / tcp

-1399940268 | 2025-03-13T19:27:28.646134

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1181 / tcp

-980525298 | 2025-03-17T18:38:48.540295

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1290 / tcp

-1399940268 | 2025-04-04T18:42:33.901553

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1291 / tcp

1370263973 | 2025-03-25T14:57:42.664039

dubbo>

1414 / tcp

819727972 | 2025-04-11T06:04:06.391410

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1433 / tcp

-1279739995 | 2025-03-26T01:06:23.081285

MSSQL Server\nVersion: 167773760 (0xa000640)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: XINKE20190306\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: XINKE20190306\nNetBIOS_Computer_Name: XINKE20190306\nDNS_Domain_Name: xinke20190306\nDNS_Computer_Name: xinke20190306\nSystem_Time: 2024-01-22 04:04:46 +0000 UTC\n\n

1443 / tcp

-1715152554 | 2025-04-04T05:51:06.641239

Hashes

hash

445045036

http.dom_hash

1239617585

http.html_hash

-1715152554

http.server_hash

1727046647

http.title_hash

-1828380909

302 Found

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Fri, 04 Apr 2025 05:51:06 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://39.103.20.132:443/

1599 / tcp

1741579575 | 2025-04-09T11:21:52.238964

1723 / tcp

1103582599 | 2025-03-12T13:52:33.798097

Firmware: 1\nHostname: Vigor\nVendor: DrayTek\n

1800 / tcp

-1399940268 | 2025-03-27T18:34:17.012315

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1801 / tcp

1535389866 | 2025-04-02T13:21:25.653648

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2157_PS-LHW-01jjk135_25164-48622

1820 / tcp

-1399940268 | 2025-03-19T16:22:25.497667

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1883 / tcp

2087396567 | 2025-04-04T00:13:32.016791

kjnkjabhbanc283ubcsbhdc72

1911 / tcp

1911457608 | 2025-04-06T02:00:48.812626

\x00[\x00\x00\x00\x00\x00\x00

1926 / tcp

546151771 | 2025-04-01T22:09:23.115577

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

1956 / tcp

165188539 | 2025-03-29T22:17:42.507168

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1962 / tcp

366084633 | 2025-04-09T16:18:29.701307

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

1966 / tcp

-1032713145 | 2025-04-07T09:50:51.824122

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

2000 / tcp

-358801646 | 2025-03-26T13:55:12.634314

SSH-2.0-OpenSSH_6.6.1

2002 / tcp

1948301213 | 2025-03-17T08:48:14.190096

RFB 003.003
VNC:
  Protocol Version: 3.3

2003 / tcp

819727972 | 2025-04-08T01:43:25.829409

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2008 / tcp

-321444299 | 2025-03-15T12:31:59.018611

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

2051 / tcp

408230060 | 2025-03-26T19:58:29.197405

\r\nSorry, that nickname format is invalid.\r\n

2052 / tcp

1161309183 | 2025-03-22T20:01:35.250497

ProxyServer is ready

2058 / tcp

-1888448627 | 2025-03-20T18:54:26.355176

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

2081 / tcp

-1399940268 | 2025-03-24T18:38:49.276819

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2087 / tcp

660175493 | 2025-03-15T18:22:55.939800

2121 / tcp

141730637 | 2025-03-21T15:25:37.780976

HTTP/1.0 200 OK
Server: Proxy

2122 / tcp

-1626979812 | 2025-03-19T00:08:40.791621

220 Service ready for new user.

2154 / tcp

1850902677 | 2025-03-18T07:40:22.434627

W!

2200 / tcp

1023953321 | 2025-04-11T03:47:10.564051

HTTP/1.0 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm="proxy"
Connection: close
Content-type: text/html; charset=utf-8

2209 / tcp

-2089734047 | 2025-03-27T19:37:34.776531

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

2223 / tcp

-2046514463 | 2025-04-11T06:21:11.868958

AB\x01\t

2323 / tcp

1662205251 | 2025-04-02T23:50:55.884742

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

2332 / tcp

819727972 | 2025-03-23T07:51:32.950094

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2344 / tcp

677934968 | 2025-03-29T10:43:40.238875

lm^)Q

2375 / tcp

-2118655245 | 2025-03-22T07:12:44.063635

Hashes

hash

1015654041

http.dom_hash

-2006505642

http.html_hash

-2118655245

HTTP/1.0 500 Internal Server Error
Content-Length: 20

2376 / tcp

-2096652808 | 2025-03-16T21:45:17.955650

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

2404 / tcp

1665283070 | 2025-04-06T04:59:06.395155

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x01\x00\x00\x10\x00\x00\n0\x03\x00\x00\x00\x01\x00\x05\x00\x00@\x00\x00\x06\x00\x00\x1f@

2443 / tcp

1911457608 | 2025-03-24T22:19:01.033933

\x00[\x00\x00\x00\x00\x00\x00

2549 / tcp

971933601 | 2025-03-25T23:29:03.982723

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

2554 / tcp

819727972 | 2025-04-02T02:17:19.980976

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2562 / tcp

-1399940268 | 2025-04-11T04:12:26.163333

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2566 / tcp

-1013082686 | 2025-03-20T11:28:24.927379

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

2601 / tcp

-345718689 | 2025-04-05T05:10:26.540327

Vty password is not set.

2626 / tcp

-2096652808 | 2025-04-08T15:58:24.018386

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

2628 / tcp

119860953 | 2025-04-02T11:19:04.379980

* OK ArGoSoft Mail Server IMAP Module v.YW at

2761 / tcp

-2031152423 | 2025-03-18T20:58:09.614272

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

2762 / tcp

321971019 | 2025-04-03T23:43:28.412939

-ERR client ip is not in whitelist\r

3001 / tcp

103159425 | 2025-04-02T22:36:50.600734

SSH-1.99-RGOS_SSH

3019 / tcp

-1399940268 | 2025-03-14T14:26:42.241842

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3050 / tcp

-358801646 | 2025-03-13T22:51:20.526487

SSH-2.0-OpenSSH_6.6.1

3071 / tcp

198844676 | 2025-03-15T07:53:25.921113

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3105 / tcp

1543809371 | 2025-04-01T22:29:41.975518

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

3138 / tcp

1208318993 | 2025-03-28T08:47:46.661391

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

3143 / tcp

677934968 | 2025-03-24T13:59:13.248667

lm^)Q

3155 / tcp

1911457608 | 2025-03-25T21:13:23.847900

\x00[\x00\x00\x00\x00\x00\x00

3179 / tcp

1615193817 | 2025-03-21T19:07:49.224468

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

3256 / tcp

-527005584 | 2025-03-27T05:48:56.703717

/0 0 L
/0 0 HUH

3260 / tcp

-1914158197 | 2025-04-01T06:56:40.379175

HTTP/1.1 500 Internal Server Error
Server: nginx/1.18.11011 (Ubuntu)
Content-Type: text/plain; charset=utf-8
Connection: close

3268 / tcp

1727372229 | 2025-03-31T08:32:12.412636

HTTP/1.1 302 
Location: http://116.6.76.114:3268/index.html

3301 / tcp

819727972 | 2025-04-01T11:14:30.027733

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3306 / tcp

-1036944024 | 2025-04-07T05:18:17.014294

F\\x00\\x00\\x00\\xffj\\x04Host \'*.*.*.*\' is not allowed to connect to this MySQL server

3310 / tcp

-1899074860 | 2025-03-12T22:04:22.370176

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

3352 / tcp

1830187220 | 2025-04-07T18:52:59.663396

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

3389 / tcp

848680996 | 2025-04-07T14:48:35.673643

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x02\t\\x08\\x00\\x02\\x00\\x00\\x00\n\nFlag: PROTOCOL_HYBRID\nTarget_Name: WINCTYU-KTI28LG\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: WINCTYU-KTI28LG\nNetBIOS_Computer_Name: WINCTYU-KTI28LG\nDNS_Domain_Name: WINCTYU-KTI28LG\nDNS_Computer_Name: WINCTYU-KTI28LG\nSystem_Time: 2024-01-22 08:43:05 +0000 UTC\n\n

3401 / tcp

-2089734047 | 2025-03-16T00:56:06.397153

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3403 / tcp

1492413928 | 2025-04-02T01:59:44.811042

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

3406 / tcp

1911457608 | 2025-04-03T16:23:33.723410

\x00[\x00\x00\x00\x00\x00\x00

3408 / tcp

1210754493 | 2025-03-19T23:53:58.672966

0\x0c\x02\x01\x01a\x07\n\x01\x00\x04\x00\x04\x00

3503 / tcp

921225407 | 2025-03-24T05:06:25.301742

\x00\x00\x00\x04\x00\x00\x00\x00\x00

3552 / tcp

-1986594217 | 2025-04-05T09:01:00.677945

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

3556 / tcp

-358801646 | 2025-03-22T10:51:37.337752

SSH-2.0-OpenSSH_6.6.1

3557 / tcp

1308377066 | 2025-03-18T20:14:02.268200

ncacn_http/1.0

3780 / tcp

-971970408 | 2025-03-27T17:52:04.339784

3790 / tcp

2087396567 | 2025-04-10T18:34:54.153890

kjnkjabhbanc283ubcsbhdc72

3838 / tcp

-2107996212 | 2025-03-12T22:18:13.430348

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

3910 / tcp

-1036370807 | 2025-03-13T21:41:26.287798

JDWP-Handshake

4000 / tcp

-1960639992 | 2025-03-24T12:51:58.340315

HTTP/1.1 401 Unauthorized

4022 / tcp

537581672 | 2025-03-25T08:35:44.186356

HTTP/1.0 408 Request Timeout
content-length: 0

4080 / tcp

-122096153 | 2025-04-02T05:59:42.597567

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

4095 / tcp

-1428621233 | 2025-03-13T19:44:49.958944

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

4100 / tcp

-1888448627 | 2025-03-14T12:17:52.805257

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

4157 / tcp

2143387245 | 2025-03-13T01:46:51.897108

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

4242 / tcp

302222687 | 2025-03-19T18:31:23.172215

HTTP/1.1 301 Moved Permanently
Server: Apache/2.4.41 (Unix) OpenSSL/1.1.1d TST PHP/7.3.11
Content-Type: text/plain; charset=utf-8
Connection: close

4282 / tcp

-527005584 | 2025-03-31T21:38:45.156889

/0 0 L
/0 0 HUH

4321 / tcp

-1250504565 | 2025-04-09T18:30:49.298322

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

4343 / tcp

-1308453173 | 2025-04-05T04:05:20.437185

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2a2d_t137_7803-25952

4369 / tcp

-1839934832 | 2025-04-10T17:58:11.560267

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

4400 / tcp

-653033013 | 2025-03-29T12:28:08.089111

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

4431 / tcp

1911457608 | 2025-04-03T19:33:24.677354

\x00[\x00\x00\x00\x00\x00\x00

4432 / tcp

493955023 | 2025-03-27T19:34:32.202202

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

4436 / tcp

1504401647 | 2025-04-02T19:59:54.138208

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

4443 / tcp

-1060562267 | 2025-04-05T18:19:38.691550

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae29b6_PS-NKG-01Aqo82_2892-58968

4444 / tcp

-1476017887 | 2025-04-04T07:22:53.839648

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

4500 / tcp

-445721795 | 2025-03-15T22:52:36.329660

\x00[\xc3\xaed\x1a\x7f\x00\x00

4506 / tcp

1327134490 | 2025-03-22T11:32:43.031202

versionbind

4602 / tcp

-454087041 | 2025-03-17T05:39:11.499149

\x1e\xc3\x80\x010\x02\x00\xc2\xa8\xc3\xa3\x00\x00\x00\x00

4786 / tcp

321971019 | 2025-03-17T01:19:59.228825

-ERR client ip is not in whitelist\r

4899 / tcp

819727972 | 2025-03-31T13:40:38.370520

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

5001 / tcp

-1598265216 | 2025-04-02T19:01:22.207052

@RSYNCD: 31.0

5006 / tcp

2087396567 | 2025-03-19T08:13:42.549638

kjnkjabhbanc283ubcsbhdc72

5007 / tcp

-904840257 | 2025-04-04T12:27:18.035609

572 Relay not authorized\r\n

5009 / tcp

-1338936697 | 2025-04-10T19:20:17.442696

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2109_PStjdxtk16_38957-48596

5025 / tcp

709622286 | 2025-04-09T11:19:23.611414

OK Welcome <299685> on DirectUpdate server 7286\r\n

5105 / tcp

-1810987450 | 2025-04-10T03:26:54.318153

\xc3\xbf

5122 / tcp

1632932802 | 2025-03-28T01:04:43.132258

5135 / tcp

1911457608 | 2025-04-02T19:02:15.092743

\x00[\x00\x00\x00\x00\x00\x00

5160 / tcp

819727972 | 2025-03-25T02:38:10.427896

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

5172 / tcp

-1900404274 | 2025-03-22T10:45:45.995869

Unknown command

5222 / tcp

1690634669 | 2025-03-18T14:01:15.350827

5242 / tcp

-2089734047 | 2025-03-14T13:52:25.492928

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

5246 / tcp

321971019 | 2025-04-04T17:06:37.237673

-ERR client ip is not in whitelist\r

5248 / tcp

-1399940268 | 2025-04-08T10:58:13.296681

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5254 / tcp

-146605374 | 2025-03-22T23:07:09.772738

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

5261 / tcp

1189133115 | 2025-04-04T22:34:56.236837

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

5267 / tcp

455076604 | 2025-03-13T17:28:19.221469

!\x07version\x04bind7 t{RPowerDNS Recursor 410

5269 / tcp

756886313 | 2025-03-20T08:46:55.011903

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html

5351 / tcp

-1839934832 | 2025-04-10T23:59:23.645277

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

5432 / tcp

1642597142 | 2025-04-02T07:02:29.227318

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

5435 / tcp

1543809371 | 2025-04-07T02:43:32.965747

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

5590 / tcp

-1279886438 | 2025-03-21T16:40:42.037386

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

5593 / tcp

-1888448627 | 2025-04-06T14:58:52.538386

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

5594 / tcp

-1538260461 | 2025-03-19T10:43:48.791708

\x01\x00\x00\x00

5597 / tcp

-1329831334 | 2025-03-26T13:36:03.117820

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

5599 / tcp

-1329831334 | 2025-04-08T22:35:53.073322

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

5672 / tcp

575925250 | 2025-04-10T17:20:30.872314

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

5698 / tcp

921225407 | 2025-03-23T10:47:35.623739

\x00\x00\x00\x04\x00\x00\x00\x00\x00

5701 / tcp

-1399940268 | 2025-04-07T11:40:37.145111

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5853 / tcp

-1399940268 | 2025-03-19T23:41:21.607159

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5858 / tcp

2087396567 | 2025-03-21T16:49:56.203893

kjnkjabhbanc283ubcsbhdc72

5903 / tcp

820958131 | 2025-03-23T17:14:53.126829

kjnkjabhbanc283ubcsbhdc72\x02

5919 / tcp

-1097188123 | 2025-03-12T18:21:34.590221

[g\xc2\x95N\x7f

5984 / tcp

1999272906 | 2025-03-27T22:27:14.139823

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

5986 / tcp

2087396567 | 2025-03-17T04:06:07.093198

kjnkjabhbanc283ubcsbhdc72

5987 / tcp

497968563 | 2025-04-07T21:38:02.040257

RFB 003.008

VNC:
  Protocol Version: 3.8

6000 / tcp

120534451 | 2025-04-08T22:56:16.338793

X11 access denied

6001 / tcp

-1399940268 | 2025-03-18T18:56:46.666168

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6002 / tcp

2033888749 | 2025-03-19T02:07:23.446556

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

6008 / tcp

1911457608 | 2025-04-10T23:10:39.613129

\x00[\x00\x00\x00\x00\x00\x00

6011 / tcp

819727972 | 2025-03-24T10:47:32.532464

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

6100 / tcp

-1997600341 | 2025-03-31T16:27:24.283268

HTTP/1.1 400 Bad Request
Server: squid/3.5.20
Mime-Version: 1.0
Content-Type: text/html;charset=utf-8
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from proxycomp300a2
X-Cache-Lookup: NONE from proxycomp300a2:6100
Via: 1.1 proxycomp300a2 (squid/3.5.20)
Connection: close

6102 / tcp

-1139539254 | 2025-04-09T14:18:59.312188

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

6352 / tcp

1911457608 | 2025-04-02T12:08:50.610166

\x00[\x00\x00\x00\x00\x00\x00

6379 / tcp

321971019 | 2025-03-20T12:37:04.925457

-ERR client ip is not in whitelist\r

6443 / tcp

-1230049476 | 2025-03-20T21:34:33.109183

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

6602 / tcp

-2089734047 | 2025-04-09T21:02:52.124911

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

6653 / tcp

-599252106 | 2025-04-04T04:12:52.668285

OpenFlow:
  Version: 1.1

6667 / tcp

2087396567 | 2025-03-23T05:36:58.003011

kjnkjabhbanc283ubcsbhdc72

6668 / tcp

-1399940268 | 2025-04-05T02:13:51.803560

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6686 / tcp

-441419608 | 2025-03-19T18:05:45.548006

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

7001 / tcp

1827807483 | 2025-03-19T21:08:58.771513

HTTP/1.1 401 Unauthorized
Server: 
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=%s
Connection: close

7016 / tcp

-457235091 | 2025-03-18T04:38:08.856336

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

7083 / tcp

921225407 | 2025-04-07T08:24:28.841441

\x00\x00\x00\x04\x00\x00\x00\x00\x00

7218 / tcp

-1681927087 | 2025-03-27T10:08:28.167407

kjnkjabhbanc283ubcsbhdc72

7415 / tcp

-180163620 | 2025-04-07T19:31:56.593427

NPC Telnet permit one connection.\r\n But One connection() already keep alive.\r\nGood Bye !! \r\n

7433 / tcp

632542934 | 2025-03-18T23:32:47.899578

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

7434 / tcp

-971970408 | 2025-03-29T14:52:43.001945

7443 / tcp

-584993230 | 2025-03-19T04:12:22.133540

HTTP/1.1 400 Bad Request
Server:  
Content-Type: text/html
Connection: close

7510 / tcp

-1810987450 | 2025-03-28T18:24:05.583959

\xc3\xbf

7548 / tcp

660175493 | 2025-03-16T17:23:29.285922

7634 / tcp

-1887823886 | 2025-04-04T11:21:37.079627

K%~)J/\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

7777 / tcp

1391945995 | 2025-03-27T13:52:35.202735

HTTP/1.1 403 Forbidden 
Content-Type: text/plain; charset=utf-8
Proxy-Authenticate: Basic realm=""

7887 / tcp

632542934 | 2025-03-23T08:09:06.694398

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

7946 / tcp

1492413928 | 2025-03-12T17:38:58.565560

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

7999 / tcp

-1259524839 | 2025-03-14T14:59:26.781354

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

8009 / tcp

2087396567 | 2025-04-09T20:34:38.149406

kjnkjabhbanc283ubcsbhdc72

8018 / tcp

401555314 | 2025-03-27T20:58:41.002521

NB[GFXjA^R

8024 / tcp

-1839934832 | 2025-03-17T16:50:40.640821

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8026 / tcp

2143387245 | 2025-03-27T07:37:43.894764

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

8035 / tcp

1126993057 | 2025-04-09T16:54:27.669655

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

8050 / tcp

-1399940268 | 2025-04-03T22:33:01.476062

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8051 / tcp

-1399940268 | 2025-03-17T06:35:32.864029

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8074 / tcp

707919486 | 2025-04-08T18:42:49.496191

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

8081 / tcp

539065883 | 2025-03-18T08:41:22.891937

8082 / tcp

1911457608 | 2025-04-03T22:53:02.276296

\x00[\x00\x00\x00\x00\x00\x00

8083 / tcp

819727972 | 2025-04-07T06:21:11.066228

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8085 / tcp

1690634669 | 2025-03-24T15:13:17.355840

8089 / tcp

1261582754 | 2025-04-08T14:29:00.001317

unknown command 
unknown command

8093 / tcp

-1003456521 | 2025-03-22T22:22:22.175092

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET

8095 / tcp

819727972 | 2025-04-09T10:30:01.377072

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8099 / tcp

1825545421 | 2025-03-23T20:08:21.875923

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
via: CHN-GDdongguan-AREACMCC2-CACHE38[0]
X-CCDN-FORBID-CODE: 040001

8105 / tcp

165188539 | 2025-04-05T15:23:37.193813

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8121 / tcp

-2089734047 | 2025-03-15T05:02:08.788334

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8126 / tcp

1011407350 | 2025-04-08T16:27:00.806473

* OK GroupWise IMAP4rev1 Server Ready\r\n

8127 / tcp

1911457608 | 2025-04-07T22:11:36.177689

\x00[\x00\x00\x00\x00\x00\x00

8135 / tcp

-1399940268 | 2025-04-06T17:32:02.483183

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8140 / tcp

660175493 | 2025-04-03T19:50:44.767244

8143 / tcp

-1399940268 | 2025-04-01T23:35:17.644852

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8151 / tcp

2098371729 | 2025-03-20T23:14:25.537219

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

8155 / tcp

1919228981 | 2025-03-12T21:53:49.913208

\x00\x1e\x00\x06\xc2\x81\xc2\x85\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

8157 / tcp

-1399940268 | 2025-03-13T17:04:50.108463

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8160 / tcp

1624217396 | 2025-03-14T18:35:24.214957

HELO:10.3.6.0.false\nAS:2048\nHL:19

8173 / tcp

-1730858130 | 2025-04-09T20:27:11.958405

RFB 003.008
VNC:
  Protocol Version: 3.8

8179 / tcp

-832380282 | 2025-04-10T10:05:11.698503

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).\n

8182 / tcp

-1399940268 | 2025-03-23T18:15:30.247889

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8187 / tcp

-1399940268 | 2025-04-06T07:09:15.743205

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8200 / tcp

-877598700 | 2025-03-14T16:08:18.003871

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\\x01\xc3\xbf\xc3\xbb\\x03\xc3\xbf\xc3\xbd\\x01\xc3\xbf\xc3\xbe\\x01Username:

8291 / tcp

-375604792 | 2025-03-23T13:34:56.691920

220 Microsoft FTP Service

8333 / tcp

-1713467553 | 2025-04-09T11:05:44.683725

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Connection: close

8350 / tcp

117101543 | 2025-03-27T20:55:26.997795

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

8406 / tcp

-1032713145 | 2025-04-09T17:03:54.452946

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

8423 / tcp

320677201 | 2025-03-17T01:12:29.561940

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

8432 / tcp

-1399940268 | 2025-04-05T06:10:16.677976

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8436 / tcp

119860953 | 2025-03-21T21:47:47.612532

* OK ArGoSoft Mail Server IMAP Module v.YW at

8461 / tcp

1504401647 | 2025-03-13T02:03:04.458969

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

8463 / tcp

671605376 | 2025-03-23T17:17:51.510618

SSH-2.0-OpenSSH_X.X

8482 / tcp

51259122 | 2025-03-22T22:55:09.946492

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

8500 / tcp

-918002969 | 2025-03-14T18:51:02.362706

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1f0c_CS-000-01n4m185_5018-27088

8505 / tcp

1911457608 | 2025-03-12T17:27:47.628696

\x00[\x00\x00\x00\x00\x00\x00

8523 / tcp

599074451 | 2025-03-17T21:12:14.819000

msg

8524 / tcp

-2046514463 | 2025-04-05T23:34:41.715844

AB\x01\t

8545 / tcp

-1399940268 | 2025-04-09T21:41:53.241250

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8553 / tcp

-358801646 | 2025-04-10T17:47:47.912078

SSH-2.0-OpenSSH_6.6.1

8554 / tcp

-971970408 | 2025-03-22T19:10:12.416991

8565 / tcp

-2089734047 | 2025-03-22T04:52:22.142946

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8582 / tcp

165188539 | 2025-03-21T00:47:46.573621

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8586 / tcp

-1399940268 | 2025-03-13T02:33:23.906620

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8590 / tcp

-616720387 | 2025-04-05T19:21:43.795971

SSH-2.0-SSHD_0.7.6

8593 / tcp

-2096652808 | 2025-03-22T19:22:58.289422

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8649 / tcp

842535728 | 2025-03-22T21:35:16.667216

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

8663 / tcp

-358801646 | 2025-04-07T18:15:56.445469

SSH-2.0-OpenSSH_6.6.1

8686 / tcp

-1733106930 | 2025-03-21T12:26:40.605935

Mysql Version: 5.6.50-log\nN\n5.6.50-log\x14(\nG5se"tGE\xc3\xbf\xc3\xb7-\x02\x7f\xc2\x80\x15cB^3$Zwh$wM[mysql_native_password

8728 / tcp

-1795027372 | 2025-04-04T09:34:48.960700

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

8791 / tcp

1077013874 | 2025-04-09T16:58:45.201119

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

8802 / tcp

-2107996212 | 2025-03-12T09:30:58.073428

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

8803 / tcp

639175818 | 2025-04-07T16:14:36.070150

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

8809 / tcp

1911457608 | 2025-04-09T15:04:36.512178

\x00[\x00\x00\x00\x00\x00\x00

8826 / tcp

-1399940268 | 2025-03-21T14:15:28.980565

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8834 / tcp

459162008 | 2025-03-28T10:17:44.649319

Notify

8836 / tcp

-585940771 | 2025-03-22T19:23:25.909502

Unknown command\r\n

8849 / tcp

-1835475271 | 2025-03-24T16:29:07.546635

200 NOD32SS 99 (3318497116)\r\n

8854 / tcp

-1888448627 | 2025-04-05T14:58:16.660101

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8861 / tcp

1278527606 | 2025-03-24T00:00:15.215679

SSH-2.0-Teleport

8889 / tcp

539065883 | 2025-03-16T13:22:46.689231

8899 / tcp

372433470 | 2025-03-15T15:16:14.479498

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

8912 / tcp

1161309183 | 2025-04-10T22:22:11.419841

ProxyServer is ready

8989 / tcp

-1399940268 | 2025-03-18T23:33:24.192415

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8993 / tcp

-1435414831 | 2025-04-04T06:48:49.001371

roku: ready\r\n

9002 / tcp

2087396567 | 2025-04-03T06:14:40.246418

kjnkjabhbanc283ubcsbhdc72

9012 / tcp

-274082663 | 2025-03-17T18:40:34.929053

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

9018 / tcp

-1810987450 | 2025-04-04T11:16:11.075920

\xc3\xbf

9025 / tcp

-1399940268 | 2025-03-17T08:46:32.650468

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9028 / tcp

921225407 | 2025-03-21T21:15:05.002824

\x00\x00\x00\x04\x00\x00\x00\x00\x00

9029 / tcp

205347087 | 2025-03-29T19:06:28.944081

SSH-25453-Cisco-3524665.35\n

9036 / tcp

-1114821551 | 2025-03-25T16:02:15.582544

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

9040 / tcp

-753880919 | 2025-03-14T05:12:58.761616

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65aa1486_PSbjzwdx5ru23_18019-51618

9042 / tcp

-1681927087 | 2025-03-22T22:24:12.768269

kjnkjabhbanc283ubcsbhdc72

9046 / tcp

-1399940268 | 2025-03-27T14:18:33.735244

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9047 / tcp

-1399940268 | 2025-03-29T18:22:58.222019

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9063 / tcp

1911457608 | 2025-03-19T18:57:40.375988

\x00[\x00\x00\x00\x00\x00\x00

9074 / tcp

921225407 | 2025-04-08T05:36:15.443349

\x00\x00\x00\x04\x00\x00\x00\x00\x00

9077 / tcp

671605376 | 2025-03-26T21:39:22.324030

SSH-2.0-OpenSSH_X.X

9092 / tcp

937756010 | 2025-03-23T23:49:26.788634

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x01\x00\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

9095 / tcp

-2033111675 | 2025-03-18T19:51:22.614325

~djb

9099 / tcp

-154634976 | 2025-03-19T02:44:26.840673

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1dd7_PS-000-01sQu109_8179-64359

9100 / tcp

-1746074029 | 2025-03-23T12:54:19.204940

101 imqbroker =unV\r\n

9101 / tcp

-1399940268 | 2025-04-04T17:10:25.890419

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9103 / tcp

-1810987450 | 2025-03-12T11:45:05.936437

\xc3\xbf

9105 / tcp

1911457608 | 2025-03-21T06:29:34.043777

\x00[\x00\x00\x00\x00\x00\x00

9109 / tcp

-2017887953 | 2025-04-10T22:39:58.536984

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

9136 / tcp

-1399940268 | 2025-04-05T11:50:25.916884

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9140 / tcp

945910976 | 2025-04-08T23:41:38.296825

* OK TeamXchange IMAP4rev1 server (otyUg) ready.\r\n

9143 / tcp

-2089734047 | 2025-03-24T11:55:37.701535

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9145 / tcp

-2107996212 | 2025-03-26T05:00:03.324291

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

9146 / tcp

-1248408558 | 2025-03-23T20:27:50.439820

220 MikroTik FTP server (MikroTik 6.44.3) ready

9147 / tcp

-445721795 | 2025-04-02T15:28:55.516685

\x00[\xc3\xaed\x1a\x7f\x00\x00

9151 / tcp

1880683805 | 2025-04-10T03:14:12.715845

ÿ

9153 / tcp

-2096652808 | 2025-03-23T15:35:02.118586

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

9155 / tcp

45131230 | 2025-03-31T21:15:05.515224

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

9160 / tcp

819727972 | 2025-03-13T16:02:54.822793

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9164 / tcp

-1598265216 | 2025-04-07T19:10:51.957406

@RSYNCD: 31.0

9177 / tcp

-1476017887 | 2025-03-21T14:30:07.276970

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

9186 / tcp

-2140303521 | 2025-03-28T06:37:01.179293

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

9213 / tcp

820958131 | 2025-03-28T17:01:47.460147

kjnkjabhbanc283ubcsbhdc72\x02

9215 / tcp

1911457608 | 2025-03-22T13:06:05.999587

\x00[\x00\x00\x00\x00\x00\x00

9218 / tcp

-904840257 | 2025-03-28T21:22:28.707158

572 Relay not authorized\r\n

9230 / tcp

-1733106930 | 2025-04-04T10:50:03.101260

Mysql Version: 5.6.50-log\nN\n5.6.50-log\x14(\nG5se"tGE\xc3\xbf\xc3\xb7-\x02\x7f\xc2\x80\x15cB^3$Zwh$wM[mysql_native_password

9247 / tcp

-1036370807 | 2025-04-08T20:31:25.503755

JDWP-Handshake

9283 / tcp

1541211644 | 2025-04-03T22:22:07.166709

[\xc2\xba\x7fs\x7f

9309 / tcp

671605376 | 2025-03-14T06:13:28.819939

SSH-2.0-OpenSSH_X.X

9312 / tcp

-2096652808 | 2025-04-02T02:21:50.233755

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

9333 / tcp

2063598737 | 2025-04-10T04:43:46.737828

/0 0 L\r\n/0 0 HUH\r\n

9398 / tcp

2103111368 | 2025-03-27T07:48:25.032185

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

9418 / tcp

1909672637 | 2025-03-14T01:58:47.904861

HTTP/1.1 400 Bad Request
Content-Type: text/plain; charset=utf-8
Sec-Websocket-Version: 13
X-Content-Type-Options: nosniff

9443 / tcp

2103111368 | 2025-03-27T19:38:00.373806

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

9454 / tcp

-2096652808 | 2025-03-29T01:18:49.752814

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

9501 / tcp

-2089734047 | 2025-03-13T21:51:37.812823

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9530 / tcp

1574088840 | 2025-04-04T13:07:28.047874

">Application and Content Networking Software 3.9</a>)\n</BODY><

9633 / tcp

-79865617 | 2025-04-02T21:41:57.804616

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com
mit-revprops depth log-revprops partial-replay ) ) )

9663 / tcp

-2046514463 | 2025-04-10T03:47:17.090834

AB\x01\t

9876 / tcp

1127011450 | 2025-04-04T01:41:53.504259

HTTP/1.1 200 
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Accept-Ranges: bytes
Content-Type: text/html;charset=utf-8
Content-Language: en

9901 / tcp

745343730 | 2025-03-29T14:45:14.912682

220 smtp.qq.com Esmtp QQ Mail Server

9928 / tcp

971933601 | 2025-04-03T15:39:36.988248

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

9943 / tcp

-726580714 | 2025-04-03T23:05:25.212680

\\x03\\x10\\x08\\x02\\xc2\\x80}\\x08\\x02\\xc2\\x80\xc3\xa2\\x14\\x01

9944 / tcp

-784071826 | 2025-04-08T07:13:45.512521

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

9990 / tcp

740837454 | 2025-03-23T23:08:48.757850

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

9994 / tcp

-358801646 | 2025-03-16T21:38:23.786096

SSH-2.0-OpenSSH_6.6.1

9997 / tcp

921225407 | 2025-03-25T08:13:20.965666

\x00\x00\x00\x04\x00\x00\x00\x00\x00

9998 / tcp

-1901729922 | 2025-04-06T10:01:53.757971

HTTP/1.1 404 
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Transfer-Encoding: chunked

9999 / tcp

1161309183 | 2025-04-11T00:34:27.408294

ProxyServer is ready

10000 / tcp

472902042 | 2025-03-23T16:00:46.026850

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

10001 / tcp

1492413928 | 2025-03-29T19:23:27.857008

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

10012 / tcp

-1380608668 | 2025-03-22T07:43:39.197994

\\x00[\'\\x1c\\xc0\\xa8X\\xfd

10021 / tcp

819727972 | 2025-03-12T16:10:55.251899

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

10035 / tcp

819727972 | 2025-03-26T16:38:01.470115

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

10040 / tcp

-1399940268 | 2025-03-25T23:12:12.267010

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10041 / tcp

-2096652808 | 2025-03-15T18:22:42.748588

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

10042 / tcp

-1399940268 | 2025-04-07T13:25:32.462830

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10051 / tcp

422524323 | 2025-04-06T10:53:07.188715

{
"Version": "3.4.18",
"VersionArray": [
3,
4,
18,
0
],
"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",
"OpenSSLVersion": "",
"SysInfo": "",
"Bits": 64,
"Debug": false,
"MaxObjectSize": 16777216
}

10068 / tcp

165188539 | 2025-03-21T23:53:12.883237

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

10071 / tcp

1911457608 | 2025-03-28T00:30:29.647344

\x00[\x00\x00\x00\x00\x00\x00

10106 / tcp

1541211644 | 2025-03-13T21:00:27.954080

[\xc2\xba\x7fs\x7f

10134 / tcp

-1230049476 | 2025-03-26T23:30:42.573541

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

10181 / tcp

1011407350 | 2025-03-23T19:19:33.790577

* OK GroupWise IMAP4rev1 Server Ready\r\n

10393 / tcp

1911457608 | 2025-03-29T11:42:17.078370

\x00[\x00\x00\x00\x00\x00\x00

10397 / tcp

-454087041 | 2025-03-19T09:05:31.808750

\x1e\xc3\x80\x010\x02\x00\xc2\xa8\xc3\xa3\x00\x00\x00\x00

10909 / tcp

-1399940268 | 2025-03-27T16:08:47.120031

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10911 / tcp

575925250 | 2025-03-19T12:36:23.637181

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

11065 / tcp

2103111368 | 2025-03-15T22:26:45.767847

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

11112 / tcp

-1399940268 | 2025-03-21T07:05:51.380611

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

11211 / tcp

-136006866 | 2025-03-27T06:08:08.125343

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

11288 / tcp

-1399940268 | 2025-03-18T19:26:09.008306

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12000 / tcp

-1723613895 | 2025-04-06T16:13:25.328946

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2232_PS-HAK-01h6h34_6336-63973

12112 / tcp

819727972 | 2025-03-21T12:23:09.952103

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12113 / tcp

-2017887953 | 2025-03-28T16:10:05.580983

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

12115 / tcp

-1487943323 | 2025-03-21T04:03:15.612701

431 Unable to negotiate secure command connection.\r\n

12118 / tcp

1911457608 | 2025-03-21T11:05:36.514145

\x00[\x00\x00\x00\x00\x00\x00

12138 / tcp

1911457608 | 2025-03-19T23:14:50.455869

\x00[\x00\x00\x00\x00\x00\x00

12147 / tcp

321971019 | 2025-03-24T19:54:52.553596

-ERR client ip is not in whitelist\r

12148 / tcp

1761482307 | 2025-03-17T12:16:34.043444

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

12149 / tcp

1126993057 | 2025-04-11T06:20:13.591951

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

12151 / tcp

-1399940268 | 2025-04-03T13:07:58.022017

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12157 / tcp

117101543 | 2025-03-27T02:46:14.180144

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

12175 / tcp

-1538260461 | 2025-03-21T15:59:46.143344

\x01\x00\x00\x00

12185 / tcp

-1839934832 | 2025-03-29T10:49:47.079930

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

12192 / tcp

1911457608 | 2025-03-19T21:49:08.610546

\x00[\x00\x00\x00\x00\x00\x00

12193 / tcp

-1013082686 | 2025-03-20T19:44:14.570119

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

12194 / tcp

1911457608 | 2025-03-27T06:59:39.558377

\x00[\x00\x00\x00\x00\x00\x00

12198 / tcp

-1399940268 | 2025-04-07T17:41:43.336029

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12203 / tcp

1911457608 | 2025-04-05T09:57:49.062076

\x00[\x00\x00\x00\x00\x00\x00

12214 / tcp

1911457608 | 2025-04-11T06:53:17.751636

\x00[\x00\x00\x00\x00\x00\x00

12216 / tcp

321971019 | 2025-03-27T17:44:16.962730

-ERR client ip is not in whitelist\r

12224 / tcp

-1810987450 | 2025-03-24T15:30:14.590598

\xc3\xbf

12233 / tcp

-1399940268 | 2025-04-01T06:15:39.419242

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12244 / tcp

1911457608 | 2025-04-10T06:54:12.104157

\x00[\x00\x00\x00\x00\x00\x00

12269 / tcp

1208318993 | 2025-03-14T05:23:30.590923

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

12282 / tcp

897328069 | 2025-03-14T00:33:05.634405

220 mail.scott000.com ESMTP

12283 / tcp

-1019343788 | 2025-03-16T20:36:10.127446

W!\x00\x00\x00\x00

12284 / tcp

51259122 | 2025-04-03T18:03:18.768095

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

12291 / tcp

-1399940268 | 2025-03-19T19:02:38.880145

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12295 / tcp

-1375131644 | 2025-04-07T22:21:37.921362

\x00[v\xc3\xbdC\x7f\x00\x00

12298 / tcp

-1839934832 | 2025-04-03T21:06:51.750650

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

12315 / tcp

165188539 | 2025-03-21T07:40:33.219288

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12323 / tcp

-792826324 | 2025-04-06T14:46:00.473602

220 FTP server ready - login please

12327 / tcp

-1399940268 | 2025-04-10T00:34:35.018529

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12337 / tcp

-1327660293 | 2025-03-14T14:07:41.975715

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12338 / tcp

819727972 | 2025-04-10T05:00:15.876689

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12343 / tcp

1975288991 | 2025-03-29T19:02:53.156442

OPTI

12345 / tcp

142594048 | 2025-04-03T21:18:16.999623

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae29bb_CS-000-01pYi173_32176-13938

12368 / tcp

669849225 | 2025-04-03T20:03:11.332133

SSH-98.60-SysaxSSH_81885..42\r\n

12373 / tcp

-2089734047 | 2025-03-13T09:17:15.483591

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12379 / tcp

-1399940268 | 2025-04-10T19:29:31.905935

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12381 / tcp

-1032713145 | 2025-03-13T20:35:51.908626

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

12382 / tcp

-1899074860 | 2025-03-31T23:49:01.029309

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

12392 / tcp

-1399940268 | 2025-03-14T17:49:08.048663

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12400 / tcp

1911457608 | 2025-03-26T10:37:09.125699

\x00[\x00\x00\x00\x00\x00\x00

12405 / tcp

1989907056 | 2025-04-05T17:11:42.368802

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

12421 / tcp

-1453516345 | 2025-04-10T19:00:02.820040

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

12440 / tcp

819727972 | 2025-04-11T07:25:30.864794

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12455 / tcp

-1032713145 | 2025-03-16T18:14:12.662129

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

12475 / tcp

-1032713145 | 2025-03-23T09:47:06.403035

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

12482 / tcp

-1888448627 | 2025-03-12T15:22:21.065579

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

12488 / tcp

1911457608 | 2025-03-25T00:29:24.188643

\x00[\x00\x00\x00\x00\x00\x00

12495 / tcp

-2107996212 | 2025-04-08T17:56:32.122361

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

12515 / tcp

1911457608 | 2025-03-25T16:38:29.007286

\x00[\x00\x00\x00\x00\x00\x00

12521 / tcp

-1279886438 | 2025-03-19T17:31:35.575884

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

12524 / tcp

-1399940268 | 2025-04-03T07:37:21.631963

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12527 / tcp

-1428621233 | 2025-03-28T22:31:55.526975

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

12534 / tcp

1975288991 | 2025-03-19T23:22:21.901118

OPTI

12535 / tcp

-1059554316 | 2025-03-23T15:51:27.513709

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

12546 / tcp

-454087041 | 2025-03-20T00:34:40.975428

\x1e\xc3\x80\x010\x02\x00\xc2\xa8\xc3\xa3\x00\x00\x00\x00

12553 / tcp

-2096652808 | 2025-03-22T20:28:23.295360

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12571 / tcp

-249504111 | 2025-04-06T17:11:01.328603

\x00[xU-\x7f\x00\x00

12585 / tcp

819727972 | 2025-03-25T11:35:07.810675

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

14082 / tcp

-358801646 | 2025-03-14T07:05:51.127130

SSH-2.0-OpenSSH_6.6.1

14147 / tcp

1948301213 | 2025-04-02T16:05:13.363767

RFB 003.003
VNC:
  Protocol Version: 3.3

14265 / tcp

-1399940268 | 2025-03-25T22:05:47.276691

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14344 / tcp

-1648456501 | 2025-04-08T17:07:21.799725

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

14524 / tcp

321971019 | 2025-03-14T02:17:52.289366

-ERR client ip is not in whitelist\r

14895 / tcp

819727972 | 2025-03-27T19:41:44.161452

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

14896 / tcp

1492413928 | 2025-04-10T23:43:47.246566

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

15038 / tcp

-904840257 | 2025-03-17T17:48:57.550065

572 Relay not authorized\r\n

15123 / tcp

-2089734047 | 2025-03-21T13:05:50.306938

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

15151 / tcp

-1399940268 | 2025-04-03T14:36:37.453701

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

15443 / tcp

-2096652808 | 2025-04-06T23:36:18.785407

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

15504 / tcp

-1810987450 | 2025-03-18T10:26:58.976859

\xc3\xbf

16007 / tcp

-1733106930 | 2025-03-19T03:04:18.781783

Mysql Version: 5.6.50-log\nN\n5.6.50-log\x14(\nG5se"tGE\xc3\xbf\xc3\xb7-\x02\x7f\xc2\x80\x15cB^3$Zwh$wM[mysql_native_password

16010 / tcp

1842524259 | 2025-04-01T01:36:58.918947

16013 / tcp

-903067560 | 2025-03-28T17:46:47.103845

\x00[\x13)\xc2\x81\x7f\x00\x00

16015 / tcp

-1399940268 | 2025-03-28T21:23:37.348187

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16030 / tcp

0 | 2025-03-24T17:48:33.862524

Hashes

hash

-119996482

http.dom_hash

http.html_hash

HTTP/1.1 408 Request Timeout
Content-Length: 0

16046 / tcp

1541211644 | 2025-04-09T00:39:01.428416

[\xc2\xba\x7fs\x7f

16067 / tcp

165188539 | 2025-03-22T06:24:05.555978

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

16069 / tcp

-358801646 | 2025-03-31T14:33:09.529090

SSH-2.0-OpenSSH_6.6.1

16075 / tcp

119860953 | 2025-03-15T19:06:49.367565

* OK ArGoSoft Mail Server IMAP Module v.YW at

16091 / tcp

-1105333987 | 2025-04-01T07:14:38.669679

\x00[KpU\x7f\x00\x00

16095 / tcp

1763259671 | 2025-03-15T09:32:42.423721

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

16103 / tcp

1911457608 | 2025-03-18T12:35:31.681838

\x00[\x00\x00\x00\x00\x00\x00

16601 / tcp

-1453516345 | 2025-04-10T17:24:48.965225

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

16992 / tcp

-1118605404 | 2025-03-31T07:18:09.003491

220 barracuda.dhc.com.cn ESMTP (0985ecb3f26d489aa5d50a88583d05e6)

17000 / tcp

-1810987450 | 2025-04-03T18:18:06.879840

\xc3\xbf

17771 / tcp

-1399940268 | 2025-04-10T08:40:18.098145

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

17774 / tcp

819727972 | 2025-03-20T17:12:36.477263

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

17780 / tcp

921225407 | 2025-04-03T10:15:35.607244

\x00\x00\x00\x04\x00\x00\x00\x00\x00

18014 / tcp

408230060 | 2025-03-20T16:08:14.568220

\r\nSorry, that nickname format is invalid.\r\n

18024 / tcp

-122096153 | 2025-03-13T21:15:47.917448

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

18034 / tcp

-249504111 | 2025-04-02T10:26:00.941519

\x00[xU-\x7f\x00\x00

18037 / tcp

-2107996212 | 2025-03-26T19:08:55.978562

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

18047 / tcp

-653033013 | 2025-03-24T05:35:40.709998

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

18052 / tcp

-358801646 | 2025-04-01T13:27:13.373432

SSH-2.0-OpenSSH_6.6.1

18067 / tcp

1911457608 | 2025-03-14T18:04:06.195372

\x00[\x00\x00\x00\x00\x00\x00

18073 / tcp

897328069 | 2025-03-23T06:09:05.834092

220 mail.scott000.com ESMTP

18074 / tcp

819727972 | 2025-04-05T04:00:44.721957

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

18080 / tcp

410249975 | 2025-04-08T19:06:01.479687

LNS READY<>

18081 / tcp

921225407 | 2025-03-21T09:05:33.216755

\x00\x00\x00\x04\x00\x00\x00\x00\x00

18094 / tcp

707919486 | 2025-04-04T21:00:41.232104

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

18100 / tcp

740837454 | 2025-03-20T18:54:56.751383

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

18245 / tcp

-1746074029 | 2025-04-05T13:50:00.933432

101 imqbroker =unV\r\n

18443 / tcp

-1013082686 | 2025-03-28T20:07:43.887252

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

18553 / tcp

2087396567 | 2025-04-06T19:54:33.350607

kjnkjabhbanc283ubcsbhdc72

19000 / tcp

819727972 | 2025-03-31T22:36:12.383663

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

19200 / tcp

-345718689 | 2025-04-04T03:16:06.993436

Vty password is not set.

19902 / tcp

1615193817 | 2025-03-27T01:40:02.654955

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

19930 / tcp

-314039103 | 2025-03-26T19:50:29.734527

Surnom.
Sorry, that nickname format is invalid.

20000 / tcp

1900503736 | 2025-04-01T07:49:27.404039

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

20070 / tcp

-2089734047 | 2025-03-23T18:22:41.965910

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

20082 / tcp

1504401647 | 2025-04-08T23:41:53.386777

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

20087 / tcp

-971970408 | 2025-04-03T00:01:38.829515

20106 / tcp

-2033111675 | 2025-03-25T22:13:27.788001

~djb

20121 / tcp

1543809371 | 2025-04-01T03:34:32.196969

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

20202 / tcp

-1019343788 | 2025-03-15T03:48:45.351477

W!\x00\x00\x00\x00

20325 / tcp

819727972 | 2025-03-14T16:49:51.943442

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

20547 / tcp

1911457608 | 2025-04-06T14:43:38.429433

\x00[\x00\x00\x00\x00\x00\x00

20880 / tcp

1370263973 | 2025-04-03T22:09:07.181931

dubbo>

20892 / tcp

117101543 | 2025-04-01T18:28:56.881710

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

21025 / tcp

1741579575 | 2025-04-07T20:36:49.526342

21230 / tcp

455076604 | 2025-03-17T06:34:06.259394

!\x07version\x04bind7 t{RPowerDNS Recursor 410

21247 / tcp

-1399940268 | 2025-04-02T02:20:12.145905

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21250 / tcp

709622286 | 2025-03-29T21:12:54.864222

OK Welcome <299685> on DirectUpdate server 7286\r\n

21257 / tcp

307999478 | 2025-03-15T06:03:06.452493

unknown command \r\nunknown command \r\n

21261 / tcp

-1032713145 | 2025-04-11T02:53:46.873789

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

21269 / tcp

307999478 | 2025-03-20T13:21:09.178569

unknown command \r\nunknown command \r\n

21292 / tcp

-1327660293 | 2025-03-26T15:19:28.402497

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

21297 / tcp

321971019 | 2025-04-07T02:27:36.879198

-ERR client ip is not in whitelist\r

21300 / tcp

-1996280214 | 2025-03-31T08:23:29.938909

\x06\x04\x05@

21313 / tcp

-653033013 | 2025-03-24T14:56:13.013111

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

21314 / tcp

1975288991 | 2025-03-18T02:52:52.801903

OPTI

21379 / tcp

1741579575 | 2025-04-03T10:53:37.152273

21500 / tcp

-1013082686 | 2025-03-24T11:56:16.161261

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

22000 / tcp

117101543 | 2025-03-27T11:27:12.657958

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

22001 / tcp

-2031152423 | 2025-04-04T04:34:30.445983

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

22067 / tcp

-2096652808 | 2025-04-02T03:09:23.084383

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

22084 / tcp

819727972 | 2025-04-09T03:05:46.776611

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

22222 / tcp

-358801646 | 2025-04-03T08:46:51.676813

SSH-2.0-OpenSSH_6.6.1

22703 / tcp

1911457608 | 2025-04-01T15:38:40.506336

\x00[\x00\x00\x00\x00\x00\x00

23023 / tcp

2087396567 | 2025-03-23T22:35:09.946230

kjnkjabhbanc283ubcsbhdc72

23082 / tcp

-1888448627 | 2025-03-23T23:51:26.552080

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

23182 / tcp

-1399940268 | 2025-03-29T18:41:20.404895

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

24245 / tcp

-971970408 | 2025-03-26T03:58:24.136164

25001 / tcp

1911457608 | 2025-03-21T10:21:29.047426

\x00[\x00\x00\x00\x00\x00\x00

25010 / tcp

1623746877 | 2025-03-18T16:12:17.786145

500 Permission denied - closing connection.\r\n

25105 / tcp

-1230049476 | 2025-04-03T05:23:55.457942

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

25565 / tcp

1830187220 | 2025-04-06T12:43:49.895430

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

26657 / tcp

-1136600457 | 2025-04-07T14:58:00.167939

HELO:10.3.6.0.false
AS:2048
HL:19

27015 / tcp

-2107996212 | 2025-04-01T08:36:05.424951

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

27016 / tcp

-1428621233 | 2025-03-25T13:53:19.845294

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

27017 / tcp

1763259671 | 2025-04-03T17:55:34.333521

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

27036 / tcp

-2107996212 | 2025-04-03T02:40:51.381062

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

28015 / tcp

1948301213 | 2025-03-22T18:48:43.628591

RFB 003.003
VNC:
  Protocol Version: 3.3

28017 / tcp

2087396567 | 2025-04-02T11:26:14.949215

kjnkjabhbanc283ubcsbhdc72

28443 / tcp

-136006866 | 2025-03-18T09:39:35.572415

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

30002 / tcp

-1142844482 | 2025-04-07T22:07:23.893814

ÿûSOYO_SIP VBNQyQSKc settings
Password:

30022 / tcp

-138733098 | 2025-03-18T22:13:07.011521

roku: ready

30104 / tcp

-146605374 | 2025-04-10T16:43:55.491717

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

30112 / tcp

819727972 | 2025-03-26T16:13:48.174803

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

30121 / tcp

165188539 | 2025-03-23T03:56:50.727048

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

30122 / tcp

-971970408 | 2025-04-06T03:40:53.710798

30222 / tcp

-1013082686 | 2025-04-05T19:00:58.969531

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

30301 / tcp

819727972 | 2025-03-31T18:43:13.858692

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

30303 / tcp

472902042 | 2025-04-09T12:50:14.332569

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

30422 / tcp

-971970408 | 2025-04-05T20:29:21.470274

30468 / tcp

1911457608 | 2025-04-07T18:47:57.321269

\x00[\x00\x00\x00\x00\x00\x00

30522 / tcp

1996932384 | 2025-04-06T05:17:51.306517

"raop" nonce

30622 / tcp

504717326 | 2025-04-05T12:09:13.727131

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 6 1

30722 / tcp

171352214 | 2025-04-05T04:57:40.563294

-ERR client ip is not in whitelist

30822 / tcp

117101543 | 2025-03-25T20:52:34.732571

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

31222 / tcp

-1810987450 | 2025-04-05T08:26:22.694315

\xc3\xbf

31337 / tcp

-786044033 | 2025-04-07T13:59:37.222505

OK Welcome <299685> on DirectUpdate server 7286

31443 / tcp

-2031152423 | 2025-03-12T17:37:32.152879

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

31444 / tcp

-1327660293 | 2025-03-17T03:11:05.857655

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

31622 / tcp

1741579575 | 2025-03-23T09:39:47.328343

31722 / tcp

1308377066 | 2025-03-12T21:09:19.073157

ncacn_http/1.0

31822 / tcp

-971970408 | 2025-04-04T13:09:19.130120

31922 / tcp

1991883981 | 2025-04-05T01:29:36.000450

B\x00\x00\x00\xc3\xbfn\x04Too many connections

32444 / tcp

-2089734047 | 2025-03-25T06:49:24.439995

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

32622 / tcp

-358801646 | 2025-04-04T11:48:01.039955

SSH-2.0-OpenSSH_6.6.1

32764 / tcp

819727972 | 2025-04-02T20:28:24.279736

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

33022 / tcp

-971970408 | 2025-03-22T23:49:42.670760

33060 / tcp

-1399940268 | 2025-03-28T12:03:53.937466

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

33122 / tcp

1842524259 | 2025-03-22T22:20:43.116664

33222 / tcp

1519486042 | 2025-03-19T23:29:34.049022

<KU_goodbye>Protocol Error: XML data is not well-formed.</KU_goodbye>

33338 / tcp

2087396567 | 2025-04-02T17:02:23.627033

kjnkjabhbanc283ubcsbhdc72

34222 / tcp

-2096652808 | 2025-03-20T01:12:26.394749

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

34322 / tcp

1492413928 | 2025-03-19T18:13:42.435967

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

34422 / tcp

2087396567 | 2025-03-15T00:32:12.419299

kjnkjabhbanc283ubcsbhdc72

34722 / tcp

2087396567 | 2025-03-19T07:45:30.396800

kjnkjabhbanc283ubcsbhdc72

34822 / tcp

-1139539254 | 2025-03-19T06:06:11.607241

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

35000 / tcp

-1399940268 | 2025-03-20T03:14:08.643721

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

35100 / tcp

-358801646 | 2025-04-06T05:50:54.484254

SSH-2.0-OpenSSH_6.6.1

35153 / tcp

-2031152423 | 2025-03-24T16:43:59.182585

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

35222 / tcp

-971970408 | 2025-03-18T10:17:51.682946

35250 / tcp

-1648456501 | 2025-03-24T07:09:24.682428

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

35322 / tcp

1632932802 | 2025-03-17T09:59:47.874455

35522 / tcp

996960436 | 2025-03-17T01:51:21.894301

572 Relay not authorized

35622 / tcp

398077695 | 2025-03-18T07:28:49.706614

35822 / tcp

539065883 | 2025-03-17T17:29:11.485892

35922 / tcp

539065883 | 2025-03-16T21:26:52.014671

36022 / tcp

-358801646 | 2025-03-17T20:54:21.536614

SSH-2.0-OpenSSH_6.6.1

36322 / tcp

-971970408 | 2025-03-17T13:06:03.571555

36422 / tcp

-971970408 | 2025-03-15T09:16:30.274316

36522 / tcp

-407828767 | 2025-03-18T18:19:45.241603

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

37122 / tcp

-746114901 | 2025-03-16T22:54:16.165204

[KpU

37215 / tcp

104385780 | 2025-04-02T15:18:50.356739

ceph v2

37322 / tcp

-1733645023 | 2025-03-16T10:55:20.011434

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

37722 / tcp

2087396567 | 2025-03-16T00:02:00.096647

kjnkjabhbanc283ubcsbhdc72

37777 / tcp

1741579575 | 2025-03-23T08:16:02.179709

37922 / tcp

1542849631 | 2025-03-18T01:13:40.251804

* OK [CAPABILITY a2,M\] nBwXk2pPP IMAP4rev1 20qx at

38333 / tcp

-971970408 | 2025-03-15T20:36:25.507833

38522 / tcp

1308377066 | 2025-03-13T23:43:30.127089

ncacn_http/1.0

38922 / tcp

-407828767 | 2025-03-13T14:53:18.418895

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

39022 / tcp

2087396567 | 2025-03-13T20:14:59.593162

kjnkjabhbanc283ubcsbhdc72

40005 / tcp

-1626979812 | 2025-04-10T16:55:07.943901

220 Service ready for new user.

40471 / tcp

-1097188123 | 2025-03-15T17:59:42.144164

[g\xc2\x95N\x7f

41800 / tcp

165188539 | 2025-04-06T17:25:23.252635

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

42194 / tcp

819727972 | 2025-04-08T18:12:56.292620

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

42901 / tcp

-1598265216 | 2025-04-03T06:23:45.532182

@RSYNCD: 31.0

44158 / tcp

2054287019 | 2025-03-26T18:41:19.537911

\x13/multistream/1.0.0

44304 / tcp

-1795027372 | 2025-03-16T14:57:13.263879

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

44333 / tcp

1353260875 | 2025-03-27T22:32:38.317258

\x00[g\xc2\x95N\x7f\x00\x00

44818 / tcp

-2089734047 | 2025-04-06T08:54:46.840182

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

45000 / tcp

165188539 | 2025-03-25T22:46:59.936137

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

45002 / tcp

1911457608 | 2025-03-19T02:02:27.639956

\x00[\x00\x00\x00\x00\x00\x00

45677 / tcp

-1329831334 | 2025-04-04T02:39:12.278572

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

45788 / tcp

599074451 | 2025-04-07T18:35:24.583906

msg

46443 / tcp

1642597142 | 2025-04-03T23:06:34.764123

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

47808 / tcp

-746114901 | 2025-03-31T10:33:58.537826

[KpU

47989 / tcp

-2017887953 | 2025-03-16T13:23:44.103448

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

47990 / tcp

-1373613804 | 2025-03-29T09:21:26.711065

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

49200 / tcp

165188539 | 2025-03-24T18:08:08.848396

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

49592 / tcp

89142341 | 2025-03-21T07:50:48.683865

\x05\x00\x00\x00\x0b\x08\x05\x1a\x00

49682 / tcp

-2046514463 | 2025-04-03T20:18:23.278967

AB\x01\t

50000 / tcp

1642597142 | 2025-04-11T00:38:53.072067

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

50006 / tcp

-147424911 | 2025-04-07T11:56:47.456723

HTTP/1.1 404 Not Found
Content Length: 0

50013 / tcp

1615193817 | 2025-03-14T23:02:36.500110

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

50014 / tcp

1615193817 | 2025-04-10T16:39:43.049873

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

50050 / tcp

-2096652808 | 2025-04-10T23:11:27.083931

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

50070 / tcp

819727972 | 2025-04-10T15:32:38.473524

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

50080 / tcp

-2089734047 | 2025-03-28T21:33:06.997478

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

50100 / tcp

2087396567 | 2025-04-10T21:45:21.103471

kjnkjabhbanc283ubcsbhdc72

50112 / tcp

-2089734047 | 2025-03-24T02:55:47.375071

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

51003 / tcp

-1888448627 | 2025-04-08T23:59:28.627238

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

51235 / tcp

819727972 | 2025-04-01T19:06:52.087167

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

51434 / tcp

-1399940268 | 2025-04-03T09:43:41.347087

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

51443 / tcp

819727972 | 2025-04-07T01:29:09.916163

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

52869 / tcp

-1072158793 | 2025-04-10T12:11:57.371528

HTTP/1.1 500 Internal Server Error
SERVER: Linux/2.6.21.5, UPnP/1.0, Portable SDK for UPnP devices/1.6.6
CONNECTION: close
CONTENT-LENGTH: 60
CONTENT-TYPE: text/html

53400 / tcp

-142686627 | 2025-03-27T09:41:21.445878

\x00[\xc2\xba\x7fs\x7f\x00\x00

53413 / tcp

660175493 | 2025-03-22T01:52:04.687487

54138 / tcp

-2031152423 | 2025-04-09T19:55:18.867408

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

55081 / tcp

1911457608 | 2025-03-20T18:37:21.704839

\x00[\x00\x00\x00\x00\x00\x00

55443 / tcp

1741579575 | 2025-04-01T13:45:29.992587

55470 / tcp

-1399940268 | 2025-03-13T20:36:39.937368

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

55490 / tcp

-2089734047 | 2025-03-23T08:35:28.399694

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

55553 / tcp

-1230049476 | 2025-03-19T05:07:54.764522

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

55554 / tcp

1842524259 | 2025-04-01T10:41:48.654258

57787 / tcp

165188539 | 2025-03-31T08:38:13.704194

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

58392 / tcp

-303199180 | 2025-04-09T13:05:19.115351

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

58532 / tcp

-1032713145 | 2025-03-17T21:58:27.891281

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

60001 / tcp

-1681927087 | 2025-04-09T18:04:55.456476

kjnkjabhbanc283ubcsbhdc72

60129 / tcp

103159425 | 2025-03-22T10:51:03.726459

SSH-1.99-RGOS_SSH

61613 / tcp

-1399940268 | 2025-03-15T13:14:15.640718

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

61616 / tcp

2033888749 | 2025-03-21T01:10:38.011476

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

61617 / tcp

-1399940268 | 2025-04-01T02:21:25.324073

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

62016 / tcp

-1327660293 | 2025-03-13T00:49:21.345764

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

62078 / tcp

-1113435755 | 2025-04-10T00:53:19.933127

/1.1 404 Not Found
Content Length: 0

62237 / tcp

-1399940268 | 2025-04-03T22:10:53.700409

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

63210 / tcp

1632932802 | 2025-03-25T10:40:48.017159

63256 / tcp

1286504516 | 2025-04-10T10:38:27.813050

CP2E Control Console
Connected to Host: gZI

64477 / tcp

-2031152423 | 2025-04-04T01:33:32.123892

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

64738 / tcp

-1810987450 | 2025-04-09T21:37:59.570353

\xc3\xbf

65004 / tcp

-1810987450 | 2025-03-22T16:17:17.172991

\xc3\xbf

39.103.20.132

Last Seen: 2025-04-11

Tags:

GeneralInformation

WebTechnologies

OpenPorts

11 / tcp 2087396567 | 2025-03-17T23:05:30.810763

13 / tcp -1296032851 | 2025-04-09T19:19:30.641437

19 / tcp 676476721 | 2025-04-11T03:06:16.654545

23 / tcp -2107996212 | 2025-03-23T08:31:47.603032

25 / tcp 1282941221 | 2025-03-20T16:09:29.529068

37 / tcp 387930190 | 2025-04-01T18:18:51.630015

43 / tcp 2087396567 | 2025-04-10T21:58:44.253866

49 / tcp -1867457549 | 2025-03-24T09:34:34.642967

53 / tcp 1308081026 | 2025-04-05T17:11:46.354831

70 / tcp 857710896 | 2025-03-28T04:32:31.699435

79 / tcp 627290832 | 2025-03-16T05:02:24.328745

80 / tcp 330636060 | 2025-04-08T23:31:33.704402

Hashes

86 / tcp -1045760528 | 2025-03-20T04:46:42.088162

92 / tcp 1911457608 | 2025-03-21T16:42:00.308277

98 / tcp -1399940268 | 2025-03-13T17:53:59.465025

102 / tcp 1989907056 | 2025-04-05T23:13:36.498407

110 / tcp 1126993057 | 2025-03-28T18:59:37.810775

113 / tcp 60948681 | 2025-03-27T23:22:35.124913

119 / tcp 141730637 | 2025-03-27T16:58:28.692015

135 / tcp -1729522695 | 2025-04-01T13:56:02.982896

175 / tcp 819727972 | 2025-03-28T10:04:42.391632

180 / tcp 89142341 | 2025-03-23T17:51:07.813768

189 / tcp -1888448627 | 2025-03-13T18:56:55.776991

195 / tcp 165188539 | 2025-04-10T04:09:09.941630

221 / tcp -358801646 | 2025-04-01T15:18:22.938117

263 / tcp -805362002 | 2025-03-29T22:26:50.273779

264 / tcp -1707068558 | 2025-04-08T13:55:31.582867

389 / tcp -1907080992 | 2025-03-22T04:32:02.746687

427 / tcp -661950041 | 2025-03-29T20:29:19.841886

440 / tcp 1208318993 | 2025-03-24T06:15:22.569111

443 / tcp 1638645179 | 2025-04-04T05:51:08.726254

Hashes

444 / tcp 1887224352 | 2025-04-09T23:42:42.944881

503 / tcp 165188539 | 2025-03-12T12:09:09.537376

513 / tcp -1399940268 | 2025-03-14T20:20:06.198588

593 / tcp 1308377066 | 2025-03-26T05:06:27.466988

646 / tcp 1260221665 | 2025-03-28T20:09:19.196500

685 / tcp -2089734047 | 2025-03-29T04:07:25.369866

743 / tcp 575925250 | 2025-04-06T21:07:08.772260

771 / tcp 1911457608 | 2025-04-06T22:28:42.279218

789 / tcp -1399940268 | 2025-03-19T10:17:53.098979

843 / tcp -2004989248 | 2025-04-05T08:20:50.239768

873 / tcp -1970692834 | 2025-03-25T01:17:36.902938

880 / tcp -1256415508 | 2025-04-01T20:09:02.879274

992 / tcp 1814656027 | 2025-03-21T07:49:23.514856

993 / tcp -1996280214 | 2025-04-06T01:56:59.173769

1002 / tcp 307999478 | 2025-03-24T19:32:52.423648

1025 / tcp 165188539 | 2025-03-28T20:15:48.158865

1153 / tcp -1399940268 | 2025-03-13T19:27:28.646134

1181 / tcp -980525298 | 2025-03-17T18:38:48.540295

1290 / tcp -1399940268 | 2025-04-04T18:42:33.901553

1291 / tcp 1370263973 | 2025-03-25T14:57:42.664039

1414 / tcp 819727972 | 2025-04-11T06:04:06.391410

1433 / tcp -1279739995 | 2025-03-26T01:06:23.081285

1443 / tcp -1715152554 | 2025-04-04T05:51:06.641239

Hashes

1599 / tcp 1741579575 | 2025-04-09T11:21:52.238964

1723 / tcp 1103582599 | 2025-03-12T13:52:33.798097

1800 / tcp -1399940268 | 2025-03-27T18:34:17.012315

1801 / tcp 1535389866 | 2025-04-02T13:21:25.653648

1820 / tcp -1399940268 | 2025-03-19T16:22:25.497667

1883 / tcp 2087396567 | 2025-04-04T00:13:32.016791

1911 / tcp 1911457608 | 2025-04-06T02:00:48.812626

1926 / tcp 546151771 | 2025-04-01T22:09:23.115577

1956 / tcp 165188539 | 2025-03-29T22:17:42.507168

1962 / tcp 366084633 | 2025-04-09T16:18:29.701307

1966 / tcp -1032713145 | 2025-04-07T09:50:51.824122

2000 / tcp -358801646 | 2025-03-26T13:55:12.634314

2002 / tcp 1948301213 | 2025-03-17T08:48:14.190096

2003 / tcp 819727972 | 2025-04-08T01:43:25.829409

2008 / tcp -321444299 | 2025-03-15T12:31:59.018611

2051 / tcp 408230060 | 2025-03-26T19:58:29.197405

2052 / tcp 1161309183 | 2025-03-22T20:01:35.250497

11 / tcp

2087396567 | 2025-03-17T23:05:30.810763

13 / tcp

-1296032851 | 2025-04-09T19:19:30.641437

19 / tcp

676476721 | 2025-04-11T03:06:16.654545

23 / tcp

-2107996212 | 2025-03-23T08:31:47.603032

25 / tcp

1282941221 | 2025-03-20T16:09:29.529068

37 / tcp

387930190 | 2025-04-01T18:18:51.630015

43 / tcp

2087396567 | 2025-04-10T21:58:44.253866

49 / tcp

-1867457549 | 2025-03-24T09:34:34.642967

53 / tcp

1308081026 | 2025-04-05T17:11:46.354831

70 / tcp

857710896 | 2025-03-28T04:32:31.699435

79 / tcp

627290832 | 2025-03-16T05:02:24.328745

80 / tcp

330636060 | 2025-04-08T23:31:33.704402

86 / tcp

-1045760528 | 2025-03-20T04:46:42.088162

92 / tcp

1911457608 | 2025-03-21T16:42:00.308277

98 / tcp

-1399940268 | 2025-03-13T17:53:59.465025

102 / tcp

1989907056 | 2025-04-05T23:13:36.498407

110 / tcp

1126993057 | 2025-03-28T18:59:37.810775

113 / tcp

60948681 | 2025-03-27T23:22:35.124913

119 / tcp

141730637 | 2025-03-27T16:58:28.692015

135 / tcp

-1729522695 | 2025-04-01T13:56:02.982896

175 / tcp

819727972 | 2025-03-28T10:04:42.391632

180 / tcp

89142341 | 2025-03-23T17:51:07.813768

189 / tcp

-1888448627 | 2025-03-13T18:56:55.776991

195 / tcp

165188539 | 2025-04-10T04:09:09.941630

221 / tcp

-358801646 | 2025-04-01T15:18:22.938117

263 / tcp

-805362002 | 2025-03-29T22:26:50.273779

264 / tcp

-1707068558 | 2025-04-08T13:55:31.582867

389 / tcp

-1907080992 | 2025-03-22T04:32:02.746687

427 / tcp

-661950041 | 2025-03-29T20:29:19.841886

440 / tcp

1208318993 | 2025-03-24T06:15:22.569111

443 / tcp

1638645179 | 2025-04-04T05:51:08.726254

444 / tcp

1887224352 | 2025-04-09T23:42:42.944881

503 / tcp

165188539 | 2025-03-12T12:09:09.537376

513 / tcp

-1399940268 | 2025-03-14T20:20:06.198588

593 / tcp

1308377066 | 2025-03-26T05:06:27.466988

646 / tcp

1260221665 | 2025-03-28T20:09:19.196500

685 / tcp

-2089734047 | 2025-03-29T04:07:25.369866

743 / tcp

575925250 | 2025-04-06T21:07:08.772260

771 / tcp

1911457608 | 2025-04-06T22:28:42.279218

789 / tcp

-1399940268 | 2025-03-19T10:17:53.098979

843 / tcp

-2004989248 | 2025-04-05T08:20:50.239768

873 / tcp

-1970692834 | 2025-03-25T01:17:36.902938

880 / tcp

-1256415508 | 2025-04-01T20:09:02.879274

992 / tcp

1814656027 | 2025-03-21T07:49:23.514856

993 / tcp

-1996280214 | 2025-04-06T01:56:59.173769

1002 / tcp

307999478 | 2025-03-24T19:32:52.423648

1025 / tcp

165188539 | 2025-03-28T20:15:48.158865

1153 / tcp

-1399940268 | 2025-03-13T19:27:28.646134

1181 / tcp

-980525298 | 2025-03-17T18:38:48.540295

1290 / tcp

-1399940268 | 2025-04-04T18:42:33.901553

1291 / tcp

1370263973 | 2025-03-25T14:57:42.664039

1414 / tcp

819727972 | 2025-04-11T06:04:06.391410

1433 / tcp

-1279739995 | 2025-03-26T01:06:23.081285

1443 / tcp

-1715152554 | 2025-04-04T05:51:06.641239

1599 / tcp

1741579575 | 2025-04-09T11:21:52.238964

1723 / tcp

1103582599 | 2025-03-12T13:52:33.798097

1800 / tcp

-1399940268 | 2025-03-27T18:34:17.012315

1801 / tcp

1535389866 | 2025-04-02T13:21:25.653648

1820 / tcp

-1399940268 | 2025-03-19T16:22:25.497667

1883 / tcp

2087396567 | 2025-04-04T00:13:32.016791

1911 / tcp

1911457608 | 2025-04-06T02:00:48.812626

1926 / tcp

546151771 | 2025-04-01T22:09:23.115577

1956 / tcp

165188539 | 2025-03-29T22:17:42.507168

1962 / tcp

366084633 | 2025-04-09T16:18:29.701307

1966 / tcp

-1032713145 | 2025-04-07T09:50:51.824122

2000 / tcp

-358801646 | 2025-03-26T13:55:12.634314

2002 / tcp

1948301213 | 2025-03-17T08:48:14.190096

2003 / tcp

819727972 | 2025-04-08T01:43:25.829409

2008 / tcp

-321444299 | 2025-03-15T12:31:59.018611

2051 / tcp

408230060 | 2025-03-26T19:58:29.197405

2052 / tcp

1161309183 | 2025-03-22T20:01:35.250497

2058 / tcp

-1888448627 | 2025-03-20T18:54:26.355176

2081 / tcp

-1399940268 | 2025-03-24T18:38:49.276819

2087 / tcp

660175493 | 2025-03-15T18:22:55.939800

2121 / tcp

141730637 | 2025-03-21T15:25:37.780976

2122 / tcp

-1626979812 | 2025-03-19T00:08:40.791621

2154 / tcp

1850902677 | 2025-03-18T07:40:22.434627

2200 / tcp

1023953321 | 2025-04-11T03:47:10.564051

2209 / tcp

-2089734047 | 2025-03-27T19:37:34.776531

2223 / tcp

-2046514463 | 2025-04-11T06:21:11.868958