GeneralInformation

Hostnames

cn-beijing.oss.aliyuncs.com

Domains

aliyuncs.com

Country

China

City

Beijing

Organization

Aliyun Computing Co., LTD

ISP

Hangzhou Alibaba Advertising Co.,Ltd.

ASN

AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

OpenPorts

13 17 21 24 25 43 49 70 80 93 101 102 104 110 113 122 135 175 177 179 195 264 311 389 443 444 446 453 465 502 513 515 541 554 593 666 743 771 789 811 843 853 873 992 993 999 1022 1023 1025 1080 1099 1177 1181 1190 1195 1200 1234 1343 1364 1414 1433 1446 1450 1454 1500 1515 1521 1557 1599 1604 1700 1800 1801 1883 1901 1911 1926 1947 1962 1967 1970 1983 2000 2001 2002 2008 2012 2020 2052 2054 2059 2065 2067 2070 2081 2082 2083 2087 2096 2100 2154 2181 2222 2259 2323 2362 2404 2423 2435 2455 2552 2568 2569 2628 2709 2761 2806 3001 3006 3012 3050 3060 3062 3076 3077 3079 3084 3091 3095 3103 3111 3117 3119 3123 3129 3130 3135 3142 3145 3168 3169 3180 3191 3194 3199 3256 3260 3268 3301 3306 3307 3342 3365 3388 3389 3408 3551 3562 3563 3566 3567 3780 3790 3842 3951 3954 4000 4022 4117 4148 4155 4242 4282 4321 4333 4433 4440 4444 4449 4500 4550 4840 4899 4911 4949 4999 5001 5006 5007 5009 5010 5025 5061 5172 5201 5222 5231 5259 5260 5271 5278 5435 5439 5552 5592 5595 5609 5613 5650 5672 5698 5902 5907 5909 5991 6002 6020 6022 6134 6443 6482 6512 6560 6581 6653 6666 6667 6697 7001 7003 7010 7022 7050 7071 7090 7171 7434 7443 7548 7634 7771 7777 7782 7980 8001 8009 8022 8035 8036 8050 8053 8054 8068 8085 8089 8099 8105 8118 8126 8139 8140 8142 8144 8147 8162 8163 8168 8169 8174 8179 8181 8184 8195 8200 8203 8243 8291 8316 8318 8333 8414 8422 8431 8432 8436 8443 8447 8450 8453 8454 8467 8504 8506 8554 8562 8575 8578 8601 8607 8649 8680 8686 8707 8728 8779 8791 8804 8809 8815 8833 8834 8840 8842 8860 8861 8869 8880 8889 8899 8905 8943 8999 9000 9001 9014 9018 9021 9025 9030 9034 9042 9046 9055 9076 9095 9100 9105 9110 9112 9113 9143 9148 9151 9157 9169 9170 9181 9190 9198 9204 9209 9214 9241 9256 9273 9309 9312 9333 9351 9376 9387 9398 9410 9530 9600 9633 9663 9711 9761 9797 9876 9898 9900 9926 9929 9930 9944 9998 9999 10000 10001 10019 10028 10029 10033 10035 10046 10051 10075 10100 10123 10134 10181 10210 10225 10348 10390 10397 10399 10443 10554 10911 11000 11112 11210 11211 11288 11300 11680 12000 12105 12127 12128 12136 12143 12149 12150 12163 12168 12170 12174 12187 12188 12213 12238 12243 12264 12265 12271 12277 12278 12291 12300 12308 12313 12317 12318 12319 12322 12328 12345 12382 12383 12391 12393 12401 12420 12424 12426 12428 12452 12469 12481 12482 12488 12514 12521 12531 12534 12535 12542 12544 12553 12555 12556 12589 13333 14084 14147 14182 14265 14344 14400 14894 14909 15000 15123 15502 15588 16010 16014 16016 16019 16055 16061 16070 16071 16072 16084 16087 16094 16099 16400 16403 16464 16888 16993 17000 17070 17084 17182 17770 18008 18015 18019 18027 18029 18042 18048 18059 18070 18079 18081 18085 18089 18094 18107 18181 18200 18239 19000 19014 19017 19022 20087 20151 20185 20256 20547 20894 21025 21082 21232 21248 21260 21266 21273 21287 21293 21295 21302 21307 21325 21357 21379 22000 22001 22022 22070 22222 22556 23023 24245 24472 25082 25105 26657 27015 27016 27017 27036 28015 28818 29984 30002 30003 30005 30013 30022 30027 30111 30122 30303 30522 30894 30922 31022 31222 31422 31443 32322 32444 32622 33060 33338 35240 37777 38333 41800 42194 42208 42424 43200 43221 44158 44308 44333 44400 44444 44818 45000 45002 45668 47080 47808 48002 48018 48100 49152 49153 49686 50000 50007 50009 50073 50100 50102 50113 50997 50999 51002 51235 51294 51443 52230 52881 54138 54444 55000 55350 55443 55554 57780 60001 60023 60030 60129 61613 62078 62080 62443 63210 63260 65000

13 / tcp

-341265581 | 2025-04-24T23:02:34.532022

HTTP/1.1 404

17 / tcp

134472555 | 2025-04-18T04:54:08.545620

K\x02%~)J/\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

21 / tcp

179309064 | 2025-04-10T19:30:52.174229

220 Microsoft FTP Service
530 User cannot log in.

24 / tcp

-1795027372 | 2025-04-19T11:45:40.836727

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

25 / tcp

-2089734047 | 2025-04-22T19:35:07.630655

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

43 / tcp

1282941221 | 2025-04-14T21:16:56.187456

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

49 / tcp

-359657882 | 2025-04-08T06:20:47.381637

GBPK\xc3\xbb\xc3\xb7n\\xc2\\x93W\xc2\xaf\\xc2\\x86\\xc2\\x93x@\xc2\xa9\\x0e\xc3\x8a*\\xc2\\x9bS

70 / tcp

175081126 | 2025-04-18T01:17:41.223987

HTTP/1.1 400 Bad Request
Server: nginx/1.14.2
Content-Type: text/html
Connection: close

80 / tcp

1881769185 | 2025-04-18T17:47:55.257161

Hashes

hash

-1781289467

http.dom_hash

1799269922

http.html_hash

1881769185

http.server_hash

-498774968

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Fri, 18 Apr 2025 17:47:54 GMT
Content-Type: application/xml
Content-Length: 392
Connection: keep-alive
x-oss-request-id: 6802904A0BFF4B36345ABC80
x-oss-server-time: 10
x-oss-ec: 0003-00001201

93 / tcp

-122096153 | 2025-04-06T19:55:06.597405

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

101 / tcp

-1399940268 | 2025-04-06T16:27:35.506756

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

102 / tcp

669849225 | 2025-04-12T23:56:20.413879

SSH-98.60-SysaxSSH_81885..42\r\n

104 / tcp

-2096652808 | 2025-04-22T23:32:34.676124

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

110 / tcp

-1399940268 | 2025-04-10T20:18:33.936401

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

113 / tcp

1921398876 | 2025-04-18T06:04:52.261603

ÿý"
LinuxNode v06953 (ggfks)

login:

122 / tcp

321971019 | 2025-04-28T17:07:53.465780

-ERR client ip is not in whitelist\r

135 / tcp

1141948216 | 2025-04-21T09:16:39.975504

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: DESKTOP-HL59G5J\n IP2: 169.254.93.199\n IP3: 175.180.100.187\n\nNTLMSSP:\nTarget_Name: DESKTOP-HL59G5J\nProduct_Version: 10.0.19041 Ntlm 15\nOS: Windows 10, Version 2004/Windows Server, Version 2004\nNetBIOS_Domain_Name: DESKTOP-HL59G5J\nNetBIOS_Computer_Name: DESKTOP-HL59G5J\nDNS_Domain_Name: DESKTOP-HL59G5J\nDNS_Computer_Name: DESKTOP-HL59G5J\nSystem_Time: 2024-01-22 06:04:34 +0000 UTC\n\nDCERPC Dump:\n954

175 / tcp

-1399940268 | 2025-04-12T05:02:27.697700

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

177 / tcp

-1399940268 | 2025-04-12T02:25:40.578406

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

179 / tcp

-399606100 | 2025-04-17T13:25:27.411787

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

195 / tcp

2087396567 | 2025-04-28T06:29:32.981657

kjnkjabhbanc283ubcsbhdc72

264 / tcp

-1709030885 | 2025-04-20T01:10:40.124312

SSH-

311 / tcp

676753056 | 2025-04-07T06:32:58.582735

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html

389 / tcp

-1743283776 | 2025-04-27T06:12:01.894649

0\x0c\\x02\\x01\\x01a\\x07\n\\x01\\x04\\x04

443 / tcp

-291104996 | 2025-04-27T20:02:15.080995

Hashes

hash

-811388795

http.dom_hash

1799269922

http.html_hash

-291104996

http.server_hash

-498774968

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Sun, 27 Apr 2025 20:02:14 GMT
Content-Type: application/xml
Content-Length: 345
Connection: keep-alive
x-oss-request-id: 680E8D462A0577393398D711
x-oss-server-time: 0
x-oss-ec: 0003-00001201

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:6b:68:69:54:4a:81:bb:93:b4:d7:d1
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 OV TLS CA 2024
        Validity
            Not Before: Jan  2 06:32:06 2025 GMT
            Not After : Sep  4 00:00:00 2025 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=cn-beijing.oss.aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cb:fd:cb:7f:5f:49:ee:e8:d9:d0:d6:53:d0:a5:
                    88:fd:fc:56:3c:06:76:2d:ad:ee:c9:65:e1:8c:fd:
                    ee:ef:a1:a2:34:db:d3:65:1e:4a:9c:f7:9d:a6:ad:
                    fa:a7:b3:1a:8b:45:f7:13:2a:26:24:9c:50:28:92:
                    25:54:45:fc:d2:2e:17:7d:c1:47:45:a1:39:bf:ce:
                    7e:f2:8b:d7:69:2c:b6:94:3f:5c:fc:a9:6e:c3:bd:
                    a5:a9:f3:6e:65:55:50:ba:b2:8a:df:ee:e9:50:a7:
                    81:b5:5f:3a:96:f9:74:c3:8a:54:51:d7:eb:02:1c:
                    58:33:e6:a0:ea:12:10:52:63:c9:df:03:84:cf:a3:
                    15:9c:50:7b:5e:6e:42:0f:3d:bd:33:3c:f6:6a:eb:
                    be:30:24:30:72:cb:84:a8:e9:17:aa:6a:45:f8:12:
                    c2:a1:78:0d:31:f0:45:2b:32:2f:ff:98:a3:03:a2:
                    5a:b0:8d:e2:d5:ce:e1:35:56:0b:0a:f8:11:bf:18:
                    44:f7:b8:7b:a0:a0:eb:1d:8d:cf:e8:cc:cf:c4:c5:
                    54:69:59:53:e1:ee:51:79:04:67:86:cf:8b:e5:c6:
                    88:a8:cc:9e:61:75:91:90:b5:8a:af:4c:a2:8d:57:
                    14:8a:f6:54:fb:1e:71:e5:09:e3:0a:12:df:34:8d:
                    d5:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr3ovtlsca2024.crt
                OCSP - URI:http://ocsp.globalsign.com/gsgccr3ovtlsca2024
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                Policy: 1.3.6.1.4.1.4146.10.1.2
                  CPS: https://www.globalsign.com/repository/
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsgccr3ovtlsca2024.crl
            X509v3 Subject Alternative Name: 
                DNS:cn-beijing.oss.aliyuncs.com, DNS:*.cn-beijing.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-beijing.aliyuncs.com, DNS:*.s3.oss-cn-beijing-internal.aliyuncs.com, DNS:*.cn-beijing.mgw.aliyuncs.com, DNS:*.oss.cn-beijing.privatelink.aliyuncs.com, DNS:*.oss-cn-beijing.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-accesspoint.aliyuncs.com, DNS:*.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing.aliyuncs.com, DNS:*.img-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-internal-cross.aliyuncs.com, DNS:*.oss-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-cross.aliyuncs.com, DNS:*.img-cn-beijing.aliyuncs.com, DNS:*.vpc100-oss-cn-beijing.aliyuncs.com, DNS:*.cn-beijing.oss.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h-cross.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub.aliyuncs.com, DNS:*.cn-beijing-finance.oss.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1.aliyuncs.com, DNS:*.cn-beijing-finance-1.oss.aliyuncs.com, DNS:*.cn-beijing-vpc.oss.aliyuncs.com, DNS:*.oss-enet-cm.aliyuncs.com, DNS:*.oss-enet-cu.aliyuncs.com, DNS:*.oss-enet-ct.aliyuncs.com, DNS:*.oss-enet-cn-north.aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.oss-enet.aliyuncs.com, DNS:*.oss-internal.aliyuncs.com, DNS:*.oss-internal.aliyun-inc.com, DNS:*.oss-accelerate.aliyuncs.com, DNS:*.oss-accelerate-overseas.aliyuncs.com, DNS:*.s3.oss-accelerate.aliyuncs.com, DNS:*.s3.oss-accelerate-overseas.aliyuncs.com, DNS:*.cn-beijing-cross.mgw.aliyuncs.com, DNS:*.oss-vpc.aliyuncs.com, DNS:*.cn-beijing.oss-vpc.aliyuncs.com, DNS:*.oss.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                DA:D3:A8:08:48:0C:34:37:58:EE:E5:A7:75:2E:59:FC:D6:DC:3C:38
            X509v3 Subject Key Identifier: 
                C1:58:AC:32:69:71:BB:67:42:6C:42:FE:14:E5:57:72:91:C1:82:D6
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 1A:04:FF:49:D0:54:1D:40:AF:F6:A0:C3:BF:F1:D8:C4:
                                67:2F:4E:EC:EE:23:40:68:98:6B:17:40:2E:DC:89:7D
                    Timestamp : Jan  2 06:32:08.952 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:D4:22:D6:BD:85:6A:79:2B:66:0F:1F:
                                36:9C:87:35:37:A2:DA:91:B3:41:21:70:33:24:48:B8:
                                AC:01:B2:4F:8A:02:20:78:33:2F:5E:6C:72:6C:BA:8A:
                                2A:DB:4A:42:99:29:A1:0C:E4:7B:86:88:C2:7F:9F:BE:
                                CE:93:8F:5D:00:2F:8C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
                                F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
                    Timestamp : Jan  2 06:32:08.990 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:DE:60:8C:72:69:F8:ED:DD:B5:9B:2F:
                                88:2B:94:8E:C5:EA:A3:29:CF:5E:76:E1:32:5B:33:E9:
                                09:55:C0:9B:0A:02:20:72:4F:8B:E6:B3:1A:36:F6:61:
                                91:02:36:00:EA:76:E0:8C:5C:3C:8C:AF:C1:4A:F2:FD:
                                CA:7D:2B:6A:A6:5A:A7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
                                47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
                    Timestamp : Jan  2 06:32:08.695 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:82:E8:40:FB:D2:F4:C7:36:73:02:4A:
                                CD:8A:B4:A7:3D:E9:DC:7F:23:C7:17:0C:B1:8F:65:59:
                                3C:89:A5:E4:F0:02:20:2D:57:40:3F:AC:33:84:81:B8:
                                79:8C:CE:B4:F4:CC:44:29:AE:5A:FA:CD:66:FF:7A:69:
                                DA:8E:8E:6B:3D:C7:D7
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4e:88:42:e9:bd:d6:24:7a:b8:0b:08:70:28:8b:e3:90:92:79:
        25:1f:f9:ec:83:69:41:21:cb:3f:cc:c6:2c:76:54:44:09:81:
        c9:8b:a9:bc:32:e4:5e:d4:72:17:de:fd:a1:50:2b:58:ed:45:
        8e:ba:40:ee:f9:54:31:0e:56:0e:7f:9e:36:2d:98:8b:3a:21:
        ac:4c:f7:4b:e5:97:32:cd:c3:b4:9d:b7:99:07:f1:4f:bb:81:
        14:60:64:c2:01:bb:85:62:e5:8a:7e:84:86:9f:c9:0b:80:80:
        c3:95:a2:77:b8:d9:81:73:28:dc:14:f9:af:1b:22:8b:33:2a:
        b5:dd:34:fb:a6:90:3d:a1:37:b1:93:f5:d9:93:d0:3c:86:ac:
        28:04:f6:71:24:54:fd:0c:42:2d:48:d4:9c:a6:e5:fa:88:71:
        e3:dc:e1:a7:c7:8a:d5:39:43:29:5f:5d:2c:02:1a:72:08:e8:
        ce:86:a9:22:b1:ed:4f:4e:7f:e5:7d:ea:01:3b:7f:34:2c:e6:
        94:3c:5b:6c:64:09:c3:88:e5:08:64:91:8a:17:63:99:dc:0c:
        85:ee:6c:4a:67:f4:66:21:e9:7a:a3:95:8c:ed:6c:6f:af:92:
        f8:a3:49:8f:de:3b:85:de:68:56:95:f4:e7:e7:7b:1e:c2:0a:
        1f:12:b5:15

444 / tcp

2032042134 | 2025-04-23T17:25:56.474804

[¥	¾

446 / tcp

-1399940268 | 2025-04-07T03:17:33.629010

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

453 / tcp

-2089734047 | 2025-04-28T05:04:09.619258

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

465 / tcp

897328069 | 2025-04-27T01:08:51.185201

220 mail.scott000.com ESMTP

502 / tcp

-1013082686 | 2025-04-18T17:16:49.749068

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

513 / tcp

-1399940268 | 2025-04-07T18:13:04.226156

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

515 / tcp

921225407 | 2025-04-25T13:36:55.611996

\x00\x00\x00\x04\x00\x00\x00\x00\x00

541 / tcp

-1299118573 | 2025-04-15T09:41:32.523277

\\x16\\x03\\x01\\x01[\\x01\\x00\\x01W\\x03\\x03\\x89\\xb7a\\xcdh\\xff\\xe7x~\\xc0Z\\x92\\x1f\\xf0\\xd8\xe3\x9f\xb2;\\x92\\x06\\xf9\\xef\\xc7L\\xfa\\x16&#{)` \\xf6k\\x80\\xe6Ylt\\xe8\x0bF\\xa9&?\\xb9!\\xe7\\x93^l\\xb3\\xbe\\x15\\xb1\\xa3n\\x00\\xce\\xde\xcf\x822h\\x002\\x13\\x02\\x13\\x03\\x13\\x01\\x009\\x005\\x00k\\x00=\\xc

554 / tcp

-1142488525 | 2025-04-23T18:33:20.663900

RTSP/1.0 401 Unauthorized
CSeq: 0

593 / tcp

1308377066 | 2025-04-11T13:27:03.390771

ncacn_http/1.0

666 / tcp

1300162323 | 2025-04-23T18:04:39.725998

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff

743 / tcp

321971019 | 2025-04-11T18:16:50.286897

-ERR client ip is not in whitelist\r

771 / tcp

-1399940268 | 2025-04-17T22:19:25.118885

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

789 / tcp

-1148066627 | 2025-04-17T02:49:01.117379

\x00[\xc2\x84\xc2\x86\xc3\xb2\x7f\x00\x00

811 / tcp

-1013082686 | 2025-04-25T11:58:31.722649

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

843 / tcp

-2004989248 | 2025-04-03T14:40:10.276714

<cross-domain-policy>\n   <allow-access-from domain="*" to-po\nrts="*" />\n</cross-domain-policy>

853 / tcp

-1399940268 | 2025-04-26T00:13:34.244055

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

873 / tcp

-1970692834 | 2025-04-15T03:27:36.567580

@RSYNCD: 31.0\n@RSYNCD: EXIT\n

992 / tcp

-936692830 | 2025-04-05T10:16:15.232346

HTTP/1.1 202 OK
Connection: Keep-Alive
Content-Type: text/html
Keep-Alive: timeout=15; max=19

993 / tcp

-2089734047 | 2025-04-19T09:21:35.028897

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

999 / tcp

2061638597 | 2025-04-26T10:29:16.301678

HTTP/1.1 200 OK
Server: Apache/2.4.46 (Win32) OpenSSL/1.1.1g mod_fcgid/2.3.9 mod_jk/1.2.40
X-Powered-By: PHP/5.6.40
X-ob_mode: 1
X-Frame-Options: DENY
X-X-WebKit-CSP: default-src 'self' ;script-src 'self'  'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data:  *.tile.openstreetmap.org *.tile.opencyclemap.org;
Expires: Mon, 22 Jan 2024 16:09:12 +0800
Cache-Control: no-store, no-cache, must-revalidate,  pre-check=0, post-check=0, max-age=0
Pragma: no

Vulnerabilities

1022 / tcp

819727972 | 2025-04-24T17:18:24.994110

SSH-2.0-OpenSSH_7.4

Vulnerabilities

1023 / tcp

-1900404274 | 2025-04-04T19:27:05.797462

Unknown command

1025 / tcp

-2089734047 | 2025-04-22T15:14:14.725452

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1080 / tcp

1362344524 | 2025-04-21T06:18:49.365684

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7

1099 / tcp

819727972 | 2025-04-12T09:23:52.900599

SSH-2.0-OpenSSH_7.4

Vulnerabilities

1177 / tcp

1842524259 | 2025-04-10T11:22:58.275141

1181 / tcp

398077695 | 2025-04-17T14:02:01.153650

1190 / tcp

1830187220 | 2025-04-19T01:30:05.123956

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

1195 / tcp

119860953 | 2025-04-06T22:43:19.265312

* OK ArGoSoft Mail Server IMAP Module v.YW at

1200 / tcp

585675468 | 2025-04-27T03:39:50.496789

@
05@ þ...

1234 / tcp

1830697416 | 2025-04-28T17:08:36.278342

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

1343 / tcp

1911457608 | 2025-04-06T07:13:12.622735

\x00[\x00\x00\x00\x00\x00\x00

1364 / tcp

-1399940268 | 2025-04-17T20:06:35.822779

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1414 / tcp

-1399940268 | 2025-04-27T05:47:29.411814

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1433 / tcp

555056254 | 2025-04-25T07:50:35.864667

MSSQL Server\nVersion: 171050560 (0xa320640)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: 3NXCU7QCCJGSTII\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: 3NXCU7QCCJGSTII\nNetBIOS_Computer_Name: 3NXCU7QCCJGSTII\nDNS_Domain_Name: 3NXCU7QCCJGSTII\nDNS_Computer_Name: 3NXCU7QCCJGSTII\nMsvAvFlags: 01000000\nSystem_Time: 2024-01-22 01:19:47 +0000 UTC\n\n

1446 / tcp

-1399940268 | 2025-04-16T18:30:10.054211

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1450 / tcp

-303199180 | 2025-04-12T08:39:05.132189

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

1454 / tcp

-2046514463 | 2025-04-24T05:10:59.800533

AB\x01\t

1500 / tcp

-271515508 | 2025-04-09T09:14:12.299541

HTTP/1.1 302 Moved Temporarily
Server: DrcomServer1.0
Location: http://192.168.254.3
Cache-Control: no-cache
Connection: close

1515 / tcp

-358801646 | 2025-04-23T03:59:59.723967

SSH-2.0-OpenSSH_6.6.1

1521 / tcp

-541815454 | 2025-04-17T06:27:42.258351

Version:11.2.0.1.0\n"\\x00\\x00Y(DESCRIPTION=(TMP=)(VSNNUM=186646784)(ERR=1189)(ERROR_STACK=(ERROR=(CODE=1189)(EMFI=4))))

1557 / tcp

-1189269828 | 2025-04-11T00:28:29.567137

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1599 / tcp

1353260875 | 2025-04-14T19:53:45.103824

\x00[g\xc2\x95N\x7f\x00\x00

1604 / tcp

-1399940268 | 2025-04-12T05:02:08.469629

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1700 / tcp

1727667211 | 2025-04-20T09:39:48.287220

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 7-120613361-0 0NNN RT(1701279697055 177) q(0 -1 -1 -1) r(0 -1)

1800 / tcp

-2089734047 | 2025-04-04T18:21:16.314803

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1801 / tcp

1692069329 | 2025-04-14T18:15:25.729353

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074\\xe14\\xf0\\xb6\\xb85\x0bB\\x86\\x99B\\xa5\\x07\\xb0\\xf6V92d3\\x10\\x03\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

1883 / tcp

-1399940268 | 2025-04-06T03:43:37.554343

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1901 / tcp

677934968 | 2025-04-02T20:02:22.177214

lm^)Q

1911 / tcp

-585940771 | 2025-04-01T22:52:00.902159

Unknown command\r\n

1926 / tcp

104385780 | 2025-04-20T18:57:30.734583

ceph v2

1947 / tcp

291260528 | 2025-04-03T05:41:31.516676

HTTP/1.1 403 Forbidden
Server: HASP LM/12.50
Content-type: text/html
Content-length: 137

1962 / tcp

117101543 | 2025-04-14T16:01:53.383611

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

1967 / tcp

-358801646 | 2025-04-17T15:05:39.831893

SSH-2.0-OpenSSH_6.6.1

1970 / tcp

-1626979812 | 2025-04-17T21:04:09.769998

220 Service ready for new user.

1983 / tcp

-1611764932 | 2025-04-23T00:42:15.043438

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

2000 / tcp

-1399940268 | 2025-04-05T20:08:35.582347

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2001 / tcp

51259122 | 2025-04-02T01:41:02.579326

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

2002 / tcp

-653033013 | 2025-04-28T06:28:23.611096

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

2008 / tcp

2087396567 | 2025-04-08T15:19:26.965545

kjnkjabhbanc283ubcsbhdc72

2012 / tcp

-585940771 | 2025-04-26T08:37:21.701099

Unknown command\r\n

2020 / tcp

1230697277 | 2025-04-25T06:49:37.820717

HTTP/1.1 200 OK
Server: Monkey/1.7.0
Transfer-Encoding: chunked

2052 / tcp

320677201 | 2025-04-28T16:58:53.010873

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

2054 / tcp

1308377066 | 2025-04-06T21:46:14.920080

ncacn_http/1.0

2059 / tcp

165188539 | 2025-04-02T03:58:33.120504

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

2065 / tcp

-42767839 | 2025-04-01T22:33:23.634934

RFB 005.000

VNC:
  Protocol Version: 5.0

2067 / tcp

1741579575 | 2025-04-01T22:18:54.861974

2070 / tcp

1911457608 | 2025-04-03T12:42:01.618843

\x00[\x00\x00\x00\x00\x00\x00

2081 / tcp

-2089734047 | 2025-04-27T11:43:57.594232

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

2082 / tcp

0 | 2025-04-27T22:59:44.798499

Hashes

hash

1865391109

http.dom_hash

http.html_hash

HTTP/1.1 408 Request Timeout
content-length: 0

2083 / tcp

2087396567 | 2025-04-27T02:18:24.590519

kjnkjabhbanc283ubcsbhdc72

2087 / tcp

117101543 | 2025-04-18T10:56:24.625949

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

2096 / tcp

-1399940268 | 2025-04-09T10:52:23.545127

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2100 / tcp

-1835475271 | 2025-04-07T21:36:43.788421

200 NOD32SS 99 (3318497116)\r\n

2154 / tcp

-1730858130 | 2025-04-17T20:02:36.103136

RFB 003.008
VNC:
  Protocol Version: 3.8

2181 / tcp

546151771 | 2025-04-06T21:28:41.834316

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

2222 / tcp

2051656595 | 2025-04-26T12:24:11.933227

SSH-2.0-OpenSSH_7.4\r\n\n

2259 / tcp

819727972 | 2025-04-12T08:20:41.533934

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2323 / tcp

1662205251 | 2025-04-09T09:50:54.432695

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

2362 / tcp

-784071826 | 2025-03-29T21:56:39.298166

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2404 / tcp

-1888448627 | 2025-04-16T21:07:20.033704

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

2423 / tcp

-1598265216 | 2025-04-05T19:45:16.679447

@RSYNCD: 31.0

2435 / tcp

-1013082686 | 2025-04-19T02:28:25.726244

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

2455 / tcp

2103111368 | 2025-04-24T07:31:13.764287

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

2552 / tcp

-1399940268 | 2025-04-06T10:03:29.998411

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2568 / tcp

165188539 | 2025-04-23T18:41:28.225244

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

2569 / tcp

-303199180 | 2025-04-24T09:37:32.798574

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

2628 / tcp

1911457608 | 2025-04-23T16:51:42.549855

\x00[\x00\x00\x00\x00\x00\x00

2709 / tcp

-2033111675 | 2025-04-01T19:55:05.737262

~djb

2761 / tcp

1134517380 | 2025-04-24T19:49:55.724841

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

2806 / tcp

-1733645023 | 2025-04-16T12:10:24.645514

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

3001 / tcp

-1399940268 | 2025-04-11T09:52:57.033934

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3006 / tcp

1911457608 | 2025-04-28T12:29:00.026103

\x00[\x00\x00\x00\x00\x00\x00

3012 / tcp

819727972 | 2025-04-14T23:44:06.048867

SSH-2.0-OpenSSH_7.4

Vulnerabilities

3050 / tcp

-1399940268 | 2025-04-06T18:21:44.439981

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3060 / tcp

-1487943323 | 2025-04-26T20:51:54.015313

431 Unable to negotiate secure command connection.\r\n

3062 / tcp

-1810987450 | 2025-04-17T16:52:10.569616

\xc3\xbf

3076 / tcp

1623746877 | 2025-04-21T23:45:20.845104

500 Permission denied - closing connection.\r\n

3077 / tcp

198844676 | 2025-04-03T16:48:05.809281

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3079 / tcp

-2096652808 | 2025-04-27T22:47:17.943825

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

3084 / tcp

-2089734047 | 2025-04-24T13:49:43.750852

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3091 / tcp

50497985 | 2025-04-12T17:01:05.574639

\x00[\xc3\x88\xc3\x9dS\x7f\x00\x00

3095 / tcp

-653033013 | 2025-04-03T21:35:17.324726

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

3103 / tcp

-457235091 | 2025-04-19T01:37:05.043049

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

3111 / tcp

165188539 | 2025-04-03T18:15:57.327726

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

3117 / tcp

-1399940268 | 2025-04-17T00:45:32.369546

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3119 / tcp

493955023 | 2025-04-10T20:08:19.881384

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

3123 / tcp

493955023 | 2025-04-26T19:14:44.949049

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

3129 / tcp

-345718689 | 2025-04-08T21:57:27.890807

Vty password is not set.

3130 / tcp

-1399940268 | 2025-04-01T06:03:05.287543

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3135 / tcp

1911457608 | 2025-04-21T14:30:08.220473

\x00[\x00\x00\x00\x00\x00\x00

3142 / tcp

-2089734047 | 2025-04-19T13:16:17.650954

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3145 / tcp

819727972 | 2025-04-07T09:27:01.569344

SSH-2.0-OpenSSH_7.4

Vulnerabilities

3168 / tcp

-1227409554 | 2025-04-27T10:25:19.947827

HTTP/1.1 500 Internal Server Error
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

3169 / tcp

819727972 | 2025-03-31T20:28:31.309282

SSH-2.0-OpenSSH_7.4

Vulnerabilities

3180 / tcp

-2089734047 | 2025-04-10T18:31:35.879416

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3191 / tcp

1655023012 | 2025-04-02T22:54:57.827072

athinfod: invalid query.\n

3194 / tcp

632542934 | 2025-04-09T13:20:44.261701

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

3199 / tcp

1948301213 | 2025-04-23T11:28:49.394457

RFB 003.003
VNC:
  Protocol Version: 3.3

3256 / tcp

-1428621233 | 2025-04-06T09:39:44.764142

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

3260 / tcp

-1914158197 | 2025-04-17T06:47:43.349572

HTTP/1.1 500 Internal Server Error
Server: nginx/1.18.11011 (Ubuntu)
Content-Type: text/plain; charset=utf-8
Connection: close

3268 / tcp

-1547976805 | 2025-04-09T01:45:52.977116

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: close

3301 / tcp

-1399940268 | 2025-04-06T10:35:38.749172

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3306 / tcp

1801207137 | 2025-04-26T06:12:26.363753

F\\x00\\x00\\x00\\xffj\\x04Host \'106.75.96.125\' is not allowed to connect to this MySQL server

3307 / tcp

-1399940268 | 2025-04-03T15:02:54.898884

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3342 / tcp

-274082663 | 2025-04-01T18:57:48.321913

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

3365 / tcp

205347087 | 2025-04-28T10:25:02.607110

SSH-25453-Cisco-3524665.35\n

3388 / tcp

-1810987450 | 2025-04-24T21:09:38.258814

\xc3\xbf

3389 / tcp

740837454 | 2025-04-01T06:00:37.743494

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3408 / tcp

1363464823 | 2025-04-16T00:44:51.197687

\x00[|ox\x7f\x00\x00

3551 / tcp

198844676 | 2025-04-12T02:13:28.104774

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3562 / tcp

-1947777893 | 2025-04-05T23:32:05.472864

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

3563 / tcp

632542934 | 2025-04-05T21:22:55.543345

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

3566 / tcp

707919486 | 2025-04-24T06:54:52.075862

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

3567 / tcp

-441419608 | 2025-04-05T04:15:48.190761

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

3780 / tcp

104385780 | 2025-04-09T14:06:02.754678

ceph v2

3790 / tcp

1690634669 | 2025-04-12T04:06:10.669395

3842 / tcp

819727972 | 2025-04-16T03:59:55.342100

SSH-2.0-OpenSSH_7.4

Vulnerabilities

3951 / tcp

1911457608 | 2025-04-22T21:55:02.808060

\x00[\x00\x00\x00\x00\x00\x00

3954 / tcp

-407828767 | 2025-04-10T19:47:35.652844

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

4000 / tcp

1123187653 | 2025-04-15T21:42:24.638698

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN

4022 / tcp

321971019 | 2025-04-14T22:04:51.137968

-ERR client ip is not in whitelist\r

4117 / tcp

-1399940268 | 2025-03-29T21:59:34.895958

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4148 / tcp

-1026951088 | 2025-04-19T04:44:41.448239

erro ip

4155 / tcp

1911457608 | 2025-03-31T12:26:03.022833

\x00[\x00\x00\x00\x00\x00\x00

4242 / tcp

-1341662640 | 2025-04-28T15:40:05.944325

HTTP/1.1 301 Moved Permanently
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

4282 / tcp

-1023516719 | 2025-04-25T23:46:01.548547

ã

KvInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

4321 / tcp

-1250504565 | 2025-04-25T15:44:31.743332

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

4333 / tcp

-2031152423 | 2025-04-17T23:06:09.562929

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

4433 / tcp

957278843 | 2025-04-27T22:08:48.164639

[|ox

4440 / tcp

820958131 | 2025-04-04T07:04:47.538903

kjnkjabhbanc283ubcsbhdc72\x02

4444 / tcp

51259122 | 2025-04-10T22:57:01.363400

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

4449 / tcp

198844676 | 2025-04-11T02:40:07.535161

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

4500 / tcp

819727972 | 2025-04-18T22:01:25.202366

SSH-2.0-OpenSSH_7.4

Vulnerabilities

4550 / tcp

-1153110624 | 2025-04-21T13:25:27.886355

\\xfc!\\x00\\x00

4840 / tcp

-1399940268 | 2025-04-19T13:32:07.111267

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4899 / tcp

-1316398834 | 2025-04-23T17:23:29.490691

ÿ

4911 / tcp

1911457608 | 2025-04-15T12:42:18.662219

\x00[\x00\x00\x00\x00\x00\x00

4949 / tcp

-952165951 | 2025-04-28T15:54:28.819434

AB

4999 / tcp

-1399940268 | 2025-04-10T15:18:21.441952

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5001 / tcp

2087396567 | 2025-04-12T15:25:38.965858

kjnkjabhbanc283ubcsbhdc72

5006 / tcp

410249975 | 2025-04-07T15:47:59.115434

LNS READY<>

5007 / tcp

51259122 | 2025-04-28T01:05:35.844205

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

5009 / tcp

-2015162143 | 2025-04-25T07:31:42.136199

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1c5f_PStjdxtk16_38859-13702

5010 / tcp

-2089734047 | 2025-04-01T01:23:09.582187

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

5025 / tcp

819727972 | 2025-04-22T06:39:15.022357

SSH-2.0-OpenSSH_7.4

Vulnerabilities

5061 / tcp

1911457608 | 2025-04-17T17:42:04.029663

\x00[\x00\x00\x00\x00\x00\x00

5172 / tcp

-358801646 | 2025-04-21T09:24:52.828659

SSH-2.0-OpenSSH_6.6.1

5201 / tcp

1282941221 | 2025-04-26T00:55:45.620026

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

5222 / tcp

819727972 | 2025-04-16T17:05:22.951906

SSH-2.0-OpenSSH_7.4

Vulnerabilities

5231 / tcp

-2096652808 | 2025-04-27T02:58:17.622281

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

5259 / tcp

-358801646 | 2025-04-06T20:12:53.640784

SSH-2.0-OpenSSH_6.6.1

5260 / tcp

-1105333987 | 2025-04-05T06:54:38.821124

\x00[KpU\x7f\x00\x00

5271 / tcp

-1996280214 | 2025-04-23T06:53:40.453264

\x06\x04\x05@

5278 / tcp

-2089734047 | 2025-04-21T22:02:56.151581

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

5435 / tcp

1911457608 | 2025-04-26T19:15:55.431577

\x00[\x00\x00\x00\x00\x00\x00

5439 / tcp

1623746877 | 2025-04-16T15:18:06.266122

500 Permission denied - closing connection.\r\n

5552 / tcp

-2089734047 | 2025-04-06T09:52:13.998906

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

5592 / tcp

1991883981 | 2025-04-17T05:35:55.044151

B\x00\x00\x00\xc3\xbfn\x04Too many connections

5595 / tcp

-1399940268 | 2025-04-15T01:48:50.181490

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5609 / tcp

819727972 | 2025-04-10T20:02:16.839250

SSH-2.0-OpenSSH_7.4

Vulnerabilities

5613 / tcp

819727972 | 2025-04-20T03:37:12.576354

SSH-2.0-OpenSSH_7.4

Vulnerabilities

5650 / tcp

1911457608 | 2025-04-02T13:22:30.808872

\x00[\x00\x00\x00\x00\x00\x00

5672 / tcp

575925250 | 2025-04-20T04:08:43.218116

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

5698 / tcp

-1795027372 | 2025-04-27T21:51:25.031641

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

5902 / tcp

-1730858130 | 2025-04-17T20:03:41.780436

RFB 003.008
VNC:
  Protocol Version: 3.8

5907 / tcp

-1399940268 | 2025-04-24T16:44:19.306448

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5909 / tcp

-358801646 | 2025-03-31T20:17:45.159840

SSH-2.0-OpenSSH_6.6.1

5991 / tcp

580340387 | 2025-04-27T10:42:35.033412

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

6002 / tcp

-893477759 | 2025-04-28T10:15:01.871810

!versionbind7 t{RPowerDNS Recursor 410

6020 / tcp

820958131 | 2025-04-02T22:12:13.993637

kjnkjabhbanc283ubcsbhdc72\x02

6022 / tcp

819727972 | 2025-04-04T19:31:13.141319

SSH-2.0-OpenSSH_7.4

Vulnerabilities

6134 / tcp

-1399940268 | 2025-04-26T02:23:27.021115

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6443 / tcp

-1733106930 | 2025-04-07T21:35:28.104188

Mysql Version: 5.6.50-log\nN\n5.6.50-log\x14(\nG5se"tGE\xc3\xbf\xc3\xb7-\x02\x7f\xc2\x80\x15cB^3$Zwh$wM[mysql_native_password

6482 / tcp

-1114821551 | 2025-04-27T00:17:22.010370

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

6512 / tcp

-1013082686 | 2025-04-14T18:47:37.532328

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

6560 / tcp

-1888448627 | 2025-04-15T19:31:47.951053

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

6581 / tcp

1911457608 | 2025-04-26T19:18:24.403126

\x00[\x00\x00\x00\x00\x00\x00

6653 / tcp

1574088840 | 2025-04-04T16:59:07.795305

">Application and Content Networking Software 3.9</a>)\n</BODY><

6666 / tcp

4935895 | 2025-04-24T21:56:25.116886

HTTP/1.1 400 Bad Request
Server: CloudWAF

6667 / tcp

-984990168 | 2025-04-08T06:01:28.419186


0ÿñ

6697 / tcp

-1733645023 | 2025-04-17T03:31:36.152886

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

7001 / tcp

-274925451 | 2025-04-20T15:02:48.040109

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2914_PSzqstdxnz35_3380-26211

7003 / tcp

1911457608 | 2025-04-12T17:45:29.288641

\x00[\x00\x00\x00\x00\x00\x00

7010 / tcp

-441419608 | 2025-04-15T13:40:39.613949

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

7022 / tcp

-1189269828 | 2025-04-17T02:47:35.763855

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

7050 / tcp

-1399940268 | 2025-04-21T11:47:56.560433

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7071 / tcp

-905685638 | 2025-04-16T12:56:01.631294

bxz437

7090 / tcp

-1327660293 | 2025-04-11T17:25:43.264598

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

7171 / tcp

1911457608 | 2025-04-20T02:34:42.242520

\x00[\x00\x00\x00\x00\x00\x00

7434 / tcp

-1428621233 | 2025-04-07T08:55:07.625297

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

7443 / tcp

-584993230 | 2025-04-23T09:31:04.925112

HTTP/1.1 400 Bad Request
Server:  
Content-Type: text/html
Connection: close

7548 / tcp

-1648456501 | 2025-04-11T02:47:02.173707

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

7634 / tcp

-527005584 | 2025-04-07T11:07:46.634604

/0 0 L
/0 0 HUH

7771 / tcp

-1839934832 | 2025-04-19T14:35:41.869967

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

7777 / tcp

1391945995 | 2025-04-07T10:12:37.021031

HTTP/1.1 403 Forbidden 
Content-Type: text/plain; charset=utf-8
Proxy-Authenticate: Basic realm=""

7782 / tcp

819727972 | 2025-04-16T10:29:55.955539

SSH-2.0-OpenSSH_7.4

Vulnerabilities

7980 / tcp

1077013874 | 2025-04-15T04:21:08.447138

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

8001 / tcp

2103111368 | 2025-04-08T15:10:52.012529

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8009 / tcp

-784071826 | 2025-04-26T21:37:48.628487

SSH-2.0-OpenSSH_8.0

Vulnerabilities

8022 / tcp

819727972 | 2025-03-31T16:13:19.961043

SSH-2.0-OpenSSH_7.4

Vulnerabilities

8035 / tcp

1911457608 | 2025-04-06T19:28:50.275891

\x00[\x00\x00\x00\x00\x00\x00

8036 / tcp

1282941221 | 2025-04-01T19:06:06.381680

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

8050 / tcp

165188539 | 2025-04-16T22:01:30.791646

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8053 / tcp

-832380282 | 2025-04-15T23:06:03.578616

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).\n

8054 / tcp

1911457608 | 2025-04-15T04:37:25.229757

\x00[\x00\x00\x00\x00\x00\x00

8068 / tcp

-1399940268 | 2025-04-22T17:24:56.921957

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8085 / tcp

2087396567 | 2025-04-02T19:07:16.138392

kjnkjabhbanc283ubcsbhdc72

8089 / tcp

117101543 | 2025-04-12T20:13:34.124261

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

8099 / tcp

1825545421 | 2025-04-26T12:47:27.500802

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
via: CHN-GDdongguan-AREACMCC2-CACHE38[0]
X-CCDN-FORBID-CODE: 040001

8105 / tcp

321971019 | 2025-04-04T20:50:39.878854

-ERR client ip is not in whitelist\r

8118 / tcp

1911457608 | 2025-04-22T21:56:09.815131

\x00[\x00\x00\x00\x00\x00\x00

8126 / tcp

-445721795 | 2025-04-23T09:21:54.780310

\x00[\xc3\xaed\x1a\x7f\x00\x00

8139 / tcp

1189133115 | 2025-04-04T05:00:32.154548

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

8140 / tcp

2087396567 | 2025-04-24T09:59:06.910009

kjnkjabhbanc283ubcsbhdc72

8142 / tcp

632542934 | 2025-04-20T21:01:14.752376

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8144 / tcp

1208318993 | 2025-04-23T16:17:54.017496

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

8147 / tcp

165188539 | 2025-04-09T10:36:08.012669

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8162 / tcp

677934968 | 2025-04-10T22:13:03.365897

lm^)Q

8163 / tcp

632542934 | 2025-04-21T15:52:56.617122

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8168 / tcp

-2140303521 | 2025-04-03T15:53:05.149363

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

8169 / tcp

1911457608 | 2025-04-04T14:03:42.119854

\x00[\x00\x00\x00\x00\x00\x00

8174 / tcp

1126993057 | 2025-04-28T11:12:19.042175

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

8179 / tcp

599074451 | 2025-04-06T21:07:08.850056

msg

8181 / tcp

-1032713145 | 2025-04-27T16:51:40.511165

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

8184 / tcp

1126993057 | 2025-04-24T19:02:47.410578

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

8195 / tcp

-1327660293 | 2025-04-12T21:27:37.746390

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

8200 / tcp

-877598700 | 2025-04-28T00:39:52.161007

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\\x01\xc3\xbf\xc3\xbb\\x03\xc3\xbf\xc3\xbd\\x01\xc3\xbf\xc3\xbe\\x01Username:

8203 / tcp

1332894250 | 2025-04-27T19:43:20.094573

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

8243 / tcp

-891714208 | 2025-04-10T20:26:00.907169

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

8291 / tcp

669849225 | 2025-04-21T03:26:22.575404

SSH-98.60-SysaxSSH_81885..42\r\n

8316 / tcp

-1399940268 | 2025-04-22T01:27:44.638072

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8318 / tcp

-747911285 | 2025-04-11T19:05:32.695500

\xc2\xaa

8333 / tcp

1723769361 | 2025-04-17T00:56:11.916961

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

8414 / tcp

-1399940268 | 2025-04-28T13:20:21.103056

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8422 / tcp

1911457608 | 2025-04-25T11:27:30.506268

\x00[\x00\x00\x00\x00\x00\x00

8431 / tcp

-375604792 | 2025-04-23T11:28:20.304331

220 Microsoft FTP Service

8432 / tcp

-2031152423 | 2025-04-22T02:37:44.098076

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

8436 / tcp

-1399940268 | 2025-04-06T08:36:52.460346

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8443 / tcp

-1927320086 | 2025-04-11T02:42:30.050055

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Fri, 11 Apr 2025 02:42:29 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://39.103.20.29:443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

8447 / tcp

-1810987450 | 2025-04-12T06:54:45.564768

\xc3\xbf

8450 / tcp

-1327660293 | 2025-04-22T20:42:33.834669

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

8453 / tcp

1911457608 | 2025-04-09T03:25:42.764278

\x00[\x00\x00\x00\x00\x00\x00

8454 / tcp

-1399940268 | 2025-04-15T08:01:30.409513

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8467 / tcp

1189133115 | 2025-04-08T20:15:48.289639

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

8504 / tcp

-1399940268 | 2025-04-10T04:07:40.923425

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8506 / tcp

-1399940268 | 2025-04-03T15:09:00.466557

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8554 / tcp

504717326 | 2025-04-07T16:47:12.047929

SSH-2.0-OpenSSH_8.6

Vulnerabilities

8562 / tcp

165188539 | 2025-04-09T01:25:10.137445

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8575 / tcp

-1230049476 | 2025-04-06T06:50:08.398869

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

8578 / tcp

-1399940268 | 2025-04-05T04:42:13.945753

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8601 / tcp

820958131 | 2025-04-17T22:57:19.470145

kjnkjabhbanc283ubcsbhdc72\x02

8607 / tcp

-1399940268 | 2025-03-29T20:11:41.005005

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8649 / tcp

842535728 | 2025-04-10T12:56:30.711602

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

8680 / tcp

1911457608 | 2025-04-12T05:24:27.675315

\x00[\x00\x00\x00\x00\x00\x00

8686 / tcp

-2096652808 | 2025-04-09T14:31:22.973390

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8707 / tcp

921225407 | 2025-04-14T19:19:25.343553

\x00\x00\x00\x04\x00\x00\x00\x00\x00

8728 / tcp

-1888448627 | 2025-04-10T19:46:05.289965

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8779 / tcp

-1399940268 | 2025-04-24T22:10:36.169302

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8791 / tcp

819727972 | 2025-04-18T03:07:00.783250

SSH-2.0-OpenSSH_7.4

Vulnerabilities

8804 / tcp

819727972 | 2025-04-19T01:54:10.664787

SSH-2.0-OpenSSH_7.4

Vulnerabilities

8809 / tcp

639175818 | 2025-04-06T09:21:29.614567

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

8815 / tcp

819727972 | 2025-04-16T07:11:55.307917

SSH-2.0-OpenSSH_7.4

Vulnerabilities

8833 / tcp

-1399940268 | 2025-03-31T11:16:43.376116

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8834 / tcp

971933601 | 2025-04-25T04:14:53.874864

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

8840 / tcp

-1373613804 | 2025-04-12T21:43:50.451211

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

8842 / tcp

-1373613804 | 2025-04-28T17:40:25.453166

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

8860 / tcp

1543809371 | 2025-04-02T02:39:43.640595

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

8861 / tcp

1996932384 | 2025-04-26T14:19:11.267099

"raop" nonce

8869 / tcp

-2046514463 | 2025-04-15T22:26:21.513840

AB\x01\t

8880 / tcp

-2096652808 | 2025-04-24T17:46:26.699353

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8889 / tcp

842535728 | 2025-04-01T03:21:15.980285

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

8899 / tcp

372433470 | 2025-04-08T09:51:36.663615

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

8905 / tcp

15018106 | 2025-04-19T10:53:08.025693

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

8943 / tcp

-1265999252 | 2025-03-31T23:57:37.765591

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

8999 / tcp

1991883981 | 2025-04-19T20:55:59.356955

B\x00\x00\x00\xc3\xbfn\x04Too many connections

9000 / tcp

-2067028711 | 2025-04-24T16:24:51.404923

\x15\x03\x01\x00\x02\x02F

9001 / tcp

-1026951088 | 2025-04-05T06:00:46.140897

erro ip

9014 / tcp

-445721795 | 2025-04-07T16:16:57.475863

\x00[\xc3\xaed\x1a\x7f\x00\x00

9018 / tcp

1761482307 | 2025-04-01T15:13:46.981756

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

9021 / tcp

-1032713145 | 2025-04-11T11:48:12.941886

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

9025 / tcp

632542934 | 2025-04-19T17:13:15.416027

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

9030 / tcp

-2089734047 | 2025-04-07T17:51:46.746860

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9034 / tcp

-1598265216 | 2025-04-24T09:47:37.380479

@RSYNCD: 31.0

9042 / tcp

-893477759 | 2025-04-23T15:13:35.024952

!versionbind7 t{RPowerDNS Recursor 410

9046 / tcp

-2089734047 | 2025-04-10T20:49:52.807218

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9055 / tcp

-1476017887 | 2025-04-17T17:25:54.732934

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

9076 / tcp

-1399940268 | 2025-04-25T04:36:39.552969

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9095 / tcp

-321444299 | 2025-04-11T05:18:41.100372

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

9100 / tcp

-1399940268 | 2025-04-25T01:05:08.875685

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9105 / tcp

1332894250 | 2025-04-12T22:57:33.888978

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

9110 / tcp

123106056 | 2025-04-21T19:20:43.899759

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 657c8855_eidianxin13_29251-25028

9112 / tcp

-2096652808 | 2025-04-23T03:49:59.108257

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

9113 / tcp

-249504111 | 2025-04-24T09:49:51.489753

\x00[xU-\x7f\x00\x00

9143 / tcp

-457235091 | 2025-04-07T13:12:22.645456

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

9148 / tcp

165188539 | 2025-04-07T21:35:47.841614

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9151 / tcp

233634112 | 2025-04-23T00:53:26.589917

SSH-98.60-SysaxSSH_81885..42

9157 / tcp

-1399940268 | 2025-04-17T17:05:31.872929

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9169 / tcp

1975288991 | 2025-04-26T22:06:04.401916

OPTI

9170 / tcp

671605376 | 2025-04-09T04:12:18.778313

SSH-2.0-OpenSSH_X.X

9181 / tcp

-1375131644 | 2025-04-19T14:34:32.020422

\x00[v\xc3\xbdC\x7f\x00\x00

9190 / tcp

1911457608 | 2025-04-15T10:36:43.109608

\x00[\x00\x00\x00\x00\x00\x00

9198 / tcp

-904840257 | 2025-04-17T00:19:34.915242

572 Relay not authorized\r\n

9204 / tcp

-792826324 | 2025-04-03T00:59:37.869067

220 FTP server ready - login please

9209 / tcp

-375604792 | 2025-04-27T19:19:04.369488

220 Microsoft FTP Service

9214 / tcp

921225407 | 2025-04-23T04:28:52.851632

\x00\x00\x00\x04\x00\x00\x00\x00\x00

9241 / tcp

-358801646 | 2025-04-12T19:11:15.289422

SSH-2.0-OpenSSH_6.6.1

9256 / tcp

632542934 | 2025-04-23T19:47:19.369046

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

9273 / tcp

819727972 | 2025-04-23T08:17:45.536236

SSH-2.0-OpenSSH_7.4

Vulnerabilities

9309 / tcp

-1399940268 | 2025-04-06T05:05:58.622995

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9312 / tcp

-1399940268 | 2025-04-10T14:38:24.514478

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9333 / tcp

-2140303521 | 2025-04-23T05:53:47.441624

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

9351 / tcp

-1399940268 | 2025-04-05T11:25:04.781741

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9376 / tcp

-1045760528 | 2025-04-02T20:59:57.410738

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

9387 / tcp

-1888448627 | 2025-04-06T06:19:48.681570

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9398 / tcp

1761482307 | 2025-04-23T20:46:54.211328

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

9410 / tcp

-358801646 | 2025-04-22T07:24:00.712185

SSH-2.0-OpenSSH_6.6.1

9530 / tcp

1134517380 | 2025-04-06T09:50:42.970462

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

9600 / tcp

-2089734047 | 2025-04-25T00:46:48.093032

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9633 / tcp

1690634669 | 2025-04-19T02:44:10.090948

9663 / tcp

-142686627 | 2025-04-23T09:12:59.901250

\x00[\xc2\xba\x7fs\x7f\x00\x00

9711 / tcp

-1019343788 | 2025-04-01T03:40:18.568348

W!\x00\x00\x00\x00

9761 / tcp

-1399940268 | 2025-04-01T18:35:46.955513

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9797 / tcp

1212285915 | 2025-04-22T03:11:44.064366

\x00K\x00\x00\x02\x00\x00\x00%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

9876 / tcp

1977569953 | 2025-04-10T01:57:46.091432

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2987_PS-SHA-01Jtm19_12756-43634

9898 / tcp

1615676803 | 2025-04-19T02:34:31.309174

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Etag: "s5sw6112h"

9900 / tcp

-414819019 | 2025-04-04T00:49:04.139087

HTTP/1.1 200 OK
Content-type: text/html
Connection: close

9926 / tcp

1308377066 | 2025-04-19T09:11:35.585839

ncacn_http/1.0

9929 / tcp

-1399940268 | 2025-04-04T15:05:29.263734

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9930 / tcp

-1428621233 | 2025-04-03T04:49:20.444409

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

9944 / tcp

1542849631 | 2025-04-08T07:53:52.688980

* OK [CAPABILITY a2,M\] nBwXk2pPP IMAP4rev1 20qx at

9998 / tcp

-696402907 | 2025-04-17T04:37:04.937758

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae298c_PS-HIA-01Q7y203_55153-4321

9999 / tcp

1161309183 | 2025-04-22T09:06:06.370257

ProxyServer is ready

10000 / tcp

1761482307 | 2025-04-04T18:58:16.764202

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

10001 / tcp

1492413928 | 2025-04-08T05:49:32.651376

SSH-2.0-OpenSSH_7.5

Vulnerabilities

10019 / tcp

-1139539254 | 2025-04-23T00:53:20.654445

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

10028 / tcp

-1888448627 | 2025-04-18T10:50:16.718970

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

10029 / tcp

-358801646 | 2025-04-03T15:36:17.534593

SSH-2.0-OpenSSH_6.6.1

10033 / tcp

1363464823 | 2025-04-24T20:27:49.435600

\x00[|ox\x7f\x00\x00

10035 / tcp

-653033013 | 2025-04-22T09:51:19.080223

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

10046 / tcp

-375604792 | 2025-04-28T11:14:44.523116

220 Microsoft FTP Service

10051 / tcp

1282941221 | 2025-04-06T11:59:14.685395

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

10075 / tcp

677934968 | 2025-04-10T18:10:38.362721

lm^)Q

10100 / tcp

-1839934832 | 2025-04-09T08:24:27.148935

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

10123 / tcp

-1888448627 | 2025-04-12T00:38:43.741590

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

10134 / tcp

-1477838366 | 2025-04-03T01:00:41.386909

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

10181 / tcp

1911457608 | 2025-04-27T07:53:16.460133

\x00[\x00\x00\x00\x00\x00\x00

10210 / tcp

320677201 | 2025-04-17T08:28:43.841690

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

10225 / tcp

1665283070 | 2025-04-06T10:13:23.115343

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x01\x00\x00\x10\x00\x00\n0\x03\x00\x00\x00\x01\x00\x05\x00\x00@\x00\x00\x06\x00\x00\x1f@

10348 / tcp

-1835475271 | 2025-03-31T14:09:24.904664

200 NOD32SS 99 (3318497116)\r\n

10390 / tcp

114471724 | 2025-04-24T19:53:46.770810

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN
Server: NSX

10397 / tcp

1911457608 | 2025-04-10T22:29:43.423956

\x00[\x00\x00\x00\x00\x00\x00

10399 / tcp

1911457608 | 2025-04-26T00:21:10.135085

\x00[\x00\x00\x00\x00\x00\x00

10443 / tcp

-358801646 | 2025-04-27T22:12:02.599777

SSH-2.0-OpenSSH_6.6.1

10554 / tcp

539065883 | 2025-04-17T20:05:14.875276

10911 / tcp

307999478 | 2025-04-21T01:41:17.923022

unknown command \r\nunknown command \r\n

11000 / tcp

1308377066 | 2025-04-03T09:17:33.544886

ncacn_http/1.0

11112 / tcp

-1399940268 | 2025-04-20T06:08:57.433077

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

11210 / tcp

-1265999252 | 2025-04-08T09:10:47.584369

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

11211 / tcp

-136006866 | 2025-04-12T21:15:48.782117

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

11288 / tcp

897328069 | 2025-04-28T14:34:15.721292

220 mail.scott000.com ESMTP

11300 / tcp

669849225 | 2025-04-10T14:40:45.496226

SSH-98.60-SysaxSSH_81885..42\r\n

11680 / tcp

1011407350 | 2025-04-15T14:24:33.033463

* OK GroupWise IMAP4rev1 Server Ready\r\n

12000 / tcp

1734465113 | 2025-04-27T19:08:26.617617

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705938548.385-w-waf05cqt

12105 / tcp

-1648456501 | 2025-04-11T22:18:22.248024

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

12127 / tcp

1504401647 | 2025-04-09T08:54:51.870467

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

12128 / tcp

-1019343788 | 2025-04-10T04:19:23.680023

W!\x00\x00\x00\x00

12136 / tcp

1911457608 | 2025-04-28T14:13:37.090876

\x00[\x00\x00\x00\x00\x00\x00

12143 / tcp

-1189269828 | 2025-04-09T18:44:05.871503

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12149 / tcp

-1399940268 | 2025-03-31T22:41:07.377791

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12150 / tcp

1911457608 | 2025-04-24T09:32:35.200532

\x00[\x00\x00\x00\x00\x00\x00

12163 / tcp

-345718689 | 2025-04-20T22:33:46.500224

Vty password is not set.

12168 / tcp

1911457608 | 2025-04-17T21:14:40.065636

\x00[\x00\x00\x00\x00\x00\x00

12170 / tcp

921225407 | 2025-04-12T23:19:22.835134

\x00\x00\x00\x04\x00\x00\x00\x00\x00

12174 / tcp

-147424911 | 2025-04-01T19:47:03.341412

HTTP/1.1 404 Not Found
Content Length: 0

12187 / tcp

819727972 | 2025-04-18T10:02:27.349789

SSH-2.0-OpenSSH_7.4

Vulnerabilities

12188 / tcp

-122096153 | 2025-04-26T20:08:23.728102

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

12213 / tcp

-1730858130 | 2025-04-06T20:08:07.812196

RFB 003.008
VNC:
  Protocol Version: 3.8

12238 / tcp

937756010 | 2025-03-31T23:41:36.468231

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x01\x00\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12243 / tcp

632542934 | 2025-03-31T07:08:48.104699

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

12264 / tcp

-345718689 | 2025-04-16T12:34:05.171432

Vty password is not set.

12265 / tcp

1869192275 | 2025-03-31T12:07:46.766239

\n

12271 / tcp

819727972 | 2025-04-20T05:28:53.019365

SSH-2.0-OpenSSH_7.4

Vulnerabilities

12277 / tcp

-1099385124 | 2025-04-26T23:42:13.532305

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

12278 / tcp

-345718689 | 2025-04-25T03:22:26.131228

Vty password is not set.

12291 / tcp

-1399940268 | 2025-04-09T14:26:54.513970

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12300 / tcp

-1795027372 | 2025-04-21T17:04:08.414086

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

12308 / tcp

-2096652808 | 2025-04-15T06:40:53.763560

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12313 / tcp

-1476017887 | 2025-04-01T20:15:24.808664

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

12317 / tcp

1332894250 | 2025-03-31T19:38:22.001599

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

12318 / tcp

-441419608 | 2025-04-19T16:35:00.303304

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

12319 / tcp

-1105333987 | 2025-04-21T17:44:51.328386

\x00[KpU\x7f\x00\x00

12322 / tcp

-1032713145 | 2025-04-02T06:40:55.436174

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

12328 / tcp

-1399940268 | 2025-04-01T15:35:59.359873

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12345 / tcp

1748152518 | 2025-04-01T09:36:38.944835

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae26f8_hwt112_4105-46187

12382 / tcp

632542934 | 2025-04-23T20:09:56.528344

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

12383 / tcp

-1399940268 | 2025-04-20T18:25:58.576679

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12391 / tcp

-457235091 | 2025-04-20T06:18:22.437309

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

12393 / tcp

-1399940268 | 2025-04-24T04:19:28.368154

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12401 / tcp

-1279886438 | 2025-04-20T16:54:20.851036

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

12420 / tcp

-1399940268 | 2025-04-03T13:31:14.741257

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12424 / tcp

1911457608 | 2025-04-17T15:33:51.337453

\x00[\x00\x00\x00\x00\x00\x00

12426 / tcp

819727972 | 2025-04-12T07:52:11.416269

SSH-2.0-OpenSSH_7.4

Vulnerabilities

12428 / tcp

-2140303521 | 2025-04-24T02:03:06.516260

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

12452 / tcp

1363464823 | 2025-04-27T18:50:19.019022

\x00[|ox\x7f\x00\x00

12469 / tcp

-249504111 | 2025-04-03T17:22:05.526822

\x00[xU-\x7f\x00\x00

12481 / tcp

-1399940268 | 2025-04-11T21:38:02.502216

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12482 / tcp

-1399940268 | 2025-04-18T08:50:51.508033

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12488 / tcp

-2033111675 | 2025-04-10T14:03:15.268590

~djb

12514 / tcp

-1327660293 | 2025-04-23T08:22:39.240980

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12521 / tcp

1911457608 | 2025-04-22T14:41:30.499013

\x00[\x00\x00\x00\x00\x00\x00

12531 / tcp

-375604792 | 2025-04-16T07:06:15.213849

220 Microsoft FTP Service

12534 / tcp

1911457608 | 2025-04-04T00:27:27.048196

\x00[\x00\x00\x00\x00\x00\x00

12535 / tcp

-891714208 | 2025-04-05T16:38:44.426960

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

12542 / tcp

1911457608 | 2025-04-11T10:16:55.228984

\x00[\x00\x00\x00\x00\x00\x00

12544 / tcp

-146605374 | 2025-04-09T03:00:54.919027

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

12553 / tcp

1911457608 | 2025-04-24T17:48:05.419405

\x00[\x00\x00\x00\x00\x00\x00

12555 / tcp

1492413928 | 2025-04-24T23:08:31.041603

SSH-2.0-OpenSSH_7.5

Vulnerabilities

12556 / tcp

-1399940268 | 2025-04-05T20:47:49.842842

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12589 / tcp

-2033111675 | 2025-04-19T21:10:33.784595

~djb

13333 / tcp

-1045760528 | 2025-04-15T18:02:26.791756

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

14084 / tcp

-1986594217 | 2025-04-27T22:11:45.351167

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

14147 / tcp

-1399940268 | 2025-04-20T08:31:21.408416

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14182 / tcp

677934968 | 2025-04-23T21:05:31.740026

lm^)Q

14265 / tcp

1370263973 | 2025-04-17T22:53:49.438166

dubbo>

14344 / tcp

819727972 | 2025-04-25T04:48:37.253585

SSH-2.0-OpenSSH_7.4

Vulnerabilities

14400 / tcp

493955023 | 2025-04-03T19:41:46.355141

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

14894 / tcp

-1327660293 | 2025-04-17T13:21:43.817637

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

14909 / tcp

671605376 | 2025-04-23T15:40:58.396673

SSH-2.0-OpenSSH_X.X

15000 / tcp

-424761848 | 2025-04-24T16:06:59.608543

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
Deny-Reason: hotload rechange server uri format error!!
Request-Id: 65ae2ae1e506031a26c4be3a67691d24

15123 / tcp

-1399940268 | 2025-04-15T03:53:16.625445

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

15502 / tcp

722711397 | 2025-04-07T13:33:29.820548

\x00[M\xc3\xba\xc3\x9a\x7f\x00\x00

15588 / tcp

-1032713145 | 2025-04-11T16:03:18.783783

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

16010 / tcp

-1611764932 | 2025-04-01T02:22:11.463636

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

16014 / tcp

205347087 | 2025-04-10T06:30:27.670565

SSH-25453-Cisco-3524665.35\n

16016 / tcp

-147424911 | 2025-04-05T17:11:24.365311

HTTP/1.1 404 Not Found
Content Length: 0

16019 / tcp

-1399940268 | 2025-04-16T15:44:55.851267

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16055 / tcp

-2089734047 | 2025-04-20T07:45:03.397522

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

16061 / tcp

819727972 | 2025-04-16T12:39:17.064923

SSH-2.0-OpenSSH_7.4

Vulnerabilities

16070 / tcp

-1399940268 | 2025-04-08T18:40:40.849224

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16071 / tcp

-1399940268 | 2025-04-15T19:47:44.071166

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16072 / tcp

-1888448627 | 2025-04-27T15:20:15.285908

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

16084 / tcp

165188539 | 2025-04-25T06:30:19.222351

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

16087 / tcp

819727972 | 2025-04-04T04:01:33.949666

SSH-2.0-OpenSSH_7.4

Vulnerabilities

16094 / tcp

-1888448627 | 2025-04-24T08:02:04.198557

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

16099 / tcp

-1399940268 | 2025-04-23T15:35:32.669294

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16400 / tcp

1911457608 | 2025-04-07T06:18:26.428458

\x00[\x00\x00\x00\x00\x00\x00

16403 / tcp

1492413928 | 2025-04-25T05:23:47.257979

SSH-2.0-OpenSSH_7.5

Vulnerabilities

16464 / tcp

-971970408 | 2025-04-02T09:54:23.206038

16888 / tcp

819727972 | 2025-04-16T06:33:48.886016

SSH-2.0-OpenSSH_7.4

Vulnerabilities

16993 / tcp

1741579575 | 2025-04-21T16:44:02.689142

17000 / tcp

-1810987450 | 2025-04-03T19:06:13.391003

\xc3\xbf

17070 / tcp

-1013082686 | 2025-04-11T18:02:01.746690

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

17084 / tcp

-2089734047 | 2025-04-07T19:30:12.332457

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

17182 / tcp

-2089734047 | 2025-03-31T20:19:50.537027

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

17770 / tcp

1911457608 | 2025-04-11T08:56:06.717255

\x00[\x00\x00\x00\x00\x00\x00

18008 / tcp

1911457608 | 2025-04-28T09:28:37.062127

\x00[\x00\x00\x00\x00\x00\x00

18015 / tcp

639175818 | 2025-04-12T04:46:24.230839

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

18019 / tcp

-2107996212 | 2025-04-23T19:35:37.078612

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

18027 / tcp

-1375131644 | 2025-04-02T05:56:40.937075

\x00[v\xc3\xbdC\x7f\x00\x00

18029 / tcp

1911457608 | 2025-04-08T09:31:04.438552

\x00[\x00\x00\x00\x00\x00\x00

18042 / tcp

-1230049476 | 2025-04-08T08:14:12.755008

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

18048 / tcp

819727972 | 2025-04-07T19:42:33.907785

SSH-2.0-OpenSSH_7.4

Vulnerabilities

18059 / tcp

-1810987450 | 2025-04-16T17:37:29.717747

\xc3\xbf

18070 / tcp

-1105333987 | 2025-04-17T02:48:58.426064

\x00[KpU\x7f\x00\x00

18079 / tcp

-2031152423 | 2025-04-02T03:20:43.077034

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

18081 / tcp

104385780 | 2025-03-31T15:16:27.323326

ceph v2

18085 / tcp

-2089734047 | 2025-04-20T17:37:55.731683

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

18089 / tcp

-441419608 | 2025-04-05T17:04:14.969136

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

18094 / tcp

819727972 | 2025-04-21T05:38:25.825683

SSH-2.0-OpenSSH_7.4

Vulnerabilities

18107 / tcp

51259122 | 2025-04-28T10:01:28.644459

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

18181 / tcp

-1888448627 | 2025-04-02T14:27:11.222836

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

18200 / tcp

1911457608 | 2025-04-28T03:37:17.558731

\x00[\x00\x00\x00\x00\x00\x00

18239 / tcp

-1399940268 | 2025-04-11T05:56:16.868132

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

19000 / tcp

-1189269828 | 2025-04-09T05:53:59.375817

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

19014 / tcp

-1399940268 | 2025-04-22T00:15:41.047001

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

19017 / tcp

1574088840 | 2025-04-22T22:40:47.508355

">Application and Content Networking Software 3.9</a>)\n</BODY><

19022 / tcp

819727972 | 2025-04-10T19:04:07.380418

SSH-2.0-OpenSSH_7.4

Vulnerabilities

20087 / tcp

233634112 | 2025-04-13T01:27:02.840501

SSH-98.60-SysaxSSH_81885..42

20151 / tcp

921225407 | 2025-04-12T23:15:50.173945

\x00\x00\x00\x04\x00\x00\x00\x00\x00

20185 / tcp

45131230 | 2025-04-17T21:16:11.115562

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

20256 / tcp

-154107716 | 2025-04-22T19:01:37.187868

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

20547 / tcp

-1598265216 | 2025-04-10T09:48:25.650198

@RSYNCD: 31.0

20894 / tcp

740837454 | 2025-04-24T20:52:13.872117

SSH-2.0-OpenSSH_5.3

Vulnerabilities

21025 / tcp

-1990350878 | 2025-04-23T11:10:06.954731

 
04 \...

21082 / tcp

819727972 | 2025-04-10T18:52:35.673481

SSH-2.0-OpenSSH_7.4

Vulnerabilities

21232 / tcp

2098371729 | 2025-04-10T16:42:34.754321

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

21248 / tcp

632542934 | 2025-04-15T01:30:43.074469

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

21260 / tcp

-1327660293 | 2025-04-10T12:10:59.724525

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

21266 / tcp

-2031152423 | 2025-04-06T23:39:16.995145

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

21273 / tcp

-1399940268 | 2025-04-21T12:43:51.177402

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21287 / tcp

-1189269828 | 2025-03-31T23:24:09.392555

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

21293 / tcp

1492413928 | 2025-04-11T10:42:56.562026

SSH-2.0-OpenSSH_7.5

Vulnerabilities

21295 / tcp

-1399940268 | 2025-04-12T08:53:57.361928

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21302 / tcp

-1730858130 | 2025-04-04T21:58:19.602753

RFB 003.008
VNC:
  Protocol Version: 3.8

21307 / tcp

-1375131644 | 2025-04-27T23:53:36.571784

\x00[v\xc3\xbdC\x7f\x00\x00

21325 / tcp

-445721795 | 2025-04-06T11:14:14.474757

\x00[\xc3\xaed\x1a\x7f\x00\x00

21357 / tcp

-1261090339 | 2025-04-02T02:47:09.161439

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

21379 / tcp

-2089734047 | 2025-04-26T14:52:38.725214

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

22000 / tcp

2087396567 | 2025-04-01T18:02:50.426198

kjnkjabhbanc283ubcsbhdc72

22001 / tcp

-971970408 | 2025-04-04T05:53:35.957825

22022 / tcp

-2096652808 | 2025-04-11T20:44:36.522394

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

22070 / tcp

1492413928 | 2025-04-04T01:35:45.575880

SSH-2.0-OpenSSH_7.5

Vulnerabilities

22222 / tcp

-358801646 | 2025-04-12T18:01:31.417529

SSH-2.0-OpenSSH_6.6.1

22556 / tcp

1830187220 | 2025-04-16T09:19:01.716980

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

23023 / tcp

1746071618 | 2025-04-16T05:55:48.930145

bxz437

24245 / tcp

1208318993 | 2025-04-06T07:42:22.630262

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

24472 / tcp

51259122 | 2025-04-16T10:13:30.918437

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

25082 / tcp

819727972 | 2025-04-07T03:09:38.037942

SSH-2.0-OpenSSH_7.4

Vulnerabilities

25105 / tcp

1690634669 | 2025-04-12T10:47:20.020050

26657 / tcp

897328069 | 2025-04-07T15:37:49.063310

220 mail.scott000.com ESMTP

27015 / tcp

-1032713145 | 2025-04-12T15:17:33.445728

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

27016 / tcp

1690634669 | 2025-04-11T22:07:46.055881

27017 / tcp

422524323 | 2025-04-12T07:34:52.084960

{
"Version": "3.4.18",
"VersionArray": [
3,
4,
18,
0
],
"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",
"OpenSSLVersion": "",
"SysInfo": "",
"Bits": 64,
"Debug": false,
"MaxObjectSize": 16777216
}

27036 / tcp

2087396567 | 2025-04-12T05:49:45.616576

kjnkjabhbanc283ubcsbhdc72

28015 / tcp

-358801646 | 2025-04-19T23:56:17.560565

SSH-2.0-OpenSSH_6.6.1

28818 / tcp

-1230049476 | 2025-04-12T18:10:10.019493

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

29984 / tcp

1911457608 | 2025-04-27T02:59:19.039112

\x00[\x00\x00\x00\x00\x00\x00

30002 / tcp

-1854351412 | 2025-04-11T04:00:28.600737

[îd

30003 / tcp

1632932802 | 2025-04-18T21:03:59.418065

30005 / tcp

819727972 | 2025-04-08T17:01:43.245230

SSH-2.0-OpenSSH_7.4

Vulnerabilities

30013 / tcp

-1839934832 | 2025-04-19T10:23:44.103532

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

30022 / tcp

1761482307 | 2025-04-06T00:41:32.609007

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

30027 / tcp

-2089734047 | 2025-04-02T15:33:52.121089

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

30111 / tcp

-1428621233 | 2025-04-04T04:35:57.304258

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

30122 / tcp

-971970408 | 2025-04-06T04:15:43.350292

30303 / tcp

660175493 | 2025-03-31T22:46:29.172645

30522 / tcp

819727972 | 2025-04-06T06:37:48.137012

SSH-2.0-OpenSSH_7.4

Vulnerabilities

30894 / tcp

-1737707071 | 2025-03-31T13:08:47.140409

\x00b\x00\x01\x00\x00\x00\x00x\x0b\x00\x00\x00\x00z\x00437

30922 / tcp

-1990350878 | 2025-04-05T22:55:34.219405

 
04 \...

31022 / tcp

171352214 | 2025-04-05T17:42:37.724532

-ERR client ip is not in whitelist

31222 / tcp

-1839934832 | 2025-04-05T09:44:46.709294

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

31422 / tcp

291723434 | 2025-04-05T08:17:40.638829

Lantronix MSS100 Version V118/523(045538937)

Type HELP at the 'Local_61349> ' prompt for assistance.



Username>

31443 / tcp

-971970408 | 2025-04-07T17:07:23.142539

32322 / tcp

1984588611 | 2025-04-04T20:48:26.158379

32444 / tcp

921225407 | 2025-04-09T09:50:55.764346

\x00\x00\x00\x04\x00\x00\x00\x00\x00

32622 / tcp

1842524259 | 2025-04-04T12:06:47.322755

33060 / tcp

1544300041 | 2025-04-20T13:57:43.773331

SSH-25453-Cisco-3524665.35

33338 / tcp

-971970408 | 2025-04-11T15:02:15.496947

35240 / tcp

-1477838366 | 2025-04-19T23:04:18.327643

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

37777 / tcp

1911457608 | 2025-04-18T20:38:08.413919

\x00[\x00\x00\x00\x00\x00\x00

38333 / tcp

-441419608 | 2025-04-07T14:46:46.852069

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

41800 / tcp

-1399940268 | 2025-04-04T05:51:52.939906

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

42194 / tcp

-136006866 | 2025-04-08T17:26:54.167218

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

42208 / tcp

-1032713145 | 2025-03-31T09:31:47.056433

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

42424 / tcp

1911457608 | 2025-04-01T07:39:23.604342

\x00[\x00\x00\x00\x00\x00\x00

43200 / tcp

1911457608 | 2025-04-18T06:40:26.664274

\x00[\x00\x00\x00\x00\x00\x00

43221 / tcp

599074451 | 2025-04-24T11:44:26.334724

msg

44158 / tcp

-433302150 | 2025-04-19T17:55:06.747102

/multistream/1.0.0

44308 / tcp

-303199180 | 2025-04-25T11:06:50.862699

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

44333 / tcp

-2031152423 | 2025-04-08T07:08:48.559763

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

44400 / tcp

1332894250 | 2025-04-25T14:19:25.284168

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

44444 / tcp

-1399940268 | 2025-04-24T09:16:28.477903

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

44818 / tcp

-2033111675 | 2025-04-11T05:51:00.646793

~djb

45000 / tcp

819727972 | 2025-04-14T16:11:46.001720

SSH-2.0-OpenSSH_7.4

Vulnerabilities

45002 / tcp

455076604 | 2025-03-31T18:10:58.464952

!\x07version\x04bind7 t{RPowerDNS Recursor 410

45668 / tcp

1911457608 | 2025-04-05T23:55:31.227878

\x00[\x00\x00\x00\x00\x00\x00

47080 / tcp

1989907056 | 2025-04-16T20:37:52.660467

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

47808 / tcp

1690634669 | 2025-03-31T11:19:23.242716

48002 / tcp

-1399940268 | 2025-04-27T20:03:49.410016

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

48018 / tcp

820958131 | 2025-04-02T08:48:29.501434

kjnkjabhbanc283ubcsbhdc72\x02

48100 / tcp

819727972 | 2025-04-07T02:24:18.895651

SSH-2.0-OpenSSH_7.4

Vulnerabilities

49152 / tcp

-1292343804 | 2025-03-31T20:52:57.528248

HTTP/1.1 500 Internal Server Error
CONTENT-LENGTH: 411
CONTENT-TYPE: text/xml; charset="utf-8"
DATE: Mon, 22 Jan 2024 16:32:35 GMT
EXT:
SERVER: Linux/3.10.0, UPnP/1.0, Portable SDK for UPnP devices/1.6.18
X-User-Agent: redsonic

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<s:Body>
<s:Fault>
<faultcode>s:Client</faultcode>
<faultstring>UPnPError</faultstring>
<detail>
<UPnPError xmlns="urn:schemas-upnp-org:control-1-0">

49153 / tcp

1212921144 | 2025-04-02T08:09:35.360947

0@

49686 / tcp

-1888448627 | 2025-04-23T21:26:54.501576

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

50000 / tcp

1723769361 | 2025-04-09T10:21:38.939023

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

50007 / tcp

819727972 | 2025-04-06T14:55:01.524807

SSH-2.0-OpenSSH_7.4

Vulnerabilities

50009 / tcp

-1399940268 | 2025-04-27T19:10:36.604296

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

50073 / tcp

820958131 | 2025-04-25T04:50:38.205406

kjnkjabhbanc283ubcsbhdc72\x02

50100 / tcp

677934968 | 2025-04-20T13:34:22.216203

lm^)Q

50102 / tcp

-180163620 | 2025-04-22T14:40:37.017252

NPC Telnet permit one connection.\r\n But One connection() already keep alive.\r\nGood Bye !! \r\n

50113 / tcp

-1265999252 | 2025-04-26T16:03:54.868417

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

50997 / tcp

921225407 | 2025-04-14T18:54:00.824636

\x00\x00\x00\x04\x00\x00\x00\x00\x00

50999 / tcp

-1810987450 | 2025-04-11T15:23:48.664922

\xc3\xbf

51002 / tcp

819727972 | 2025-04-28T07:33:09.790772

SSH-2.0-OpenSSH_7.4

Vulnerabilities

51235 / tcp

380146262 | 2025-04-01T19:50:08.098738

@RSYNCD: 30.0

51294 / tcp

-2096652808 | 2025-04-28T04:02:39.762514

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

51443 / tcp

2087396567 | 2025-04-07T02:12:46.304888

kjnkjabhbanc283ubcsbhdc72

52230 / tcp

1830697416 | 2025-04-05T19:30:58.680664

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

52881 / tcp

1989907056 | 2025-04-06T17:17:09.708977

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

54138 / tcp

1332894250 | 2025-04-09T22:58:47.137875

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

54444 / tcp

-1746074029 | 2025-04-07T22:36:25.872437

101 imqbroker =unV\r\n

55000 / tcp

921225407 | 2025-04-23T22:36:45.993655

\x00\x00\x00\x04\x00\x00\x00\x00\x00

55350 / tcp

1911457608 | 2025-04-11T00:30:45.828613

\x00[\x00\x00\x00\x00\x00\x00

55443 / tcp

-971970408 | 2025-04-19T21:31:12.018068

55554 / tcp

2087396567 | 2025-04-01T10:58:30.491291

kjnkjabhbanc283ubcsbhdc72

57780 / tcp

-1399940268 | 2025-04-23T15:41:56.787728

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

60001 / tcp

546151771 | 2025-04-09T18:50:15.819055

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

60023 / tcp

-1375131644 | 2025-04-09T00:15:27.752387

\x00[v\xc3\xbdC\x7f\x00\x00

60030 / tcp

0 | 2025-03-29T22:08:12.857108

Hashes

hash

1865391109

http.dom_hash

http.html_hash

HTTP/1.1 408 Request Timeout
content-length: 0

60129 / tcp

819727972 | 2025-04-20T07:49:07.987096

SSH-2.0-OpenSSH_7.4

Vulnerabilities

61613 / tcp

-358801646 | 2025-04-25T07:07:34.726137

SSH-2.0-OpenSSH_6.6.1

62078 / tcp

-154616015 | 2025-04-24T16:26:01.628664

=\x01À\x06ÿÿ?"<ZDECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x01\x01

62080 / tcp

921225407 | 2025-04-10T21:49:41.429487

\x00\x00\x00\x04\x00\x00\x00\x00\x00

62443 / tcp

-2089734047 | 2025-04-10T19:19:34.003846

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

63210 / tcp

-1508080900 | 2025-04-07T22:57:37.525163


0ÿñ

63260 / tcp

819727972 | 2025-04-21T09:26:14.221344

SSH-2.0-OpenSSH_7.4

Vulnerabilities

65000 / tcp

1893177623 | 2025-04-11T18:00:21.654500

HTTP/1.1 200 OK
Server: KKIDC DDOS
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2024(2)

CVE-2024-25117

6.8php-svg-lib is a scalable vector graphics (SVG) file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP < 8.0, and doesn't validate if external references are allowed. This might leads to bypass of restrictions or RCE on projects that are using it, if they do not strictly revalidate the fontName that is passed by php-svg-lib. The `Style::fromAttributes(`), or the `Style::parseCssStyle()` should check the content of the `font-family` and prevents it to use a PHAR url, to avoid passing an invalid and dangerous `fontName` value to other libraries. The same check as done in the `Style::fromStyleSheets` might be reused. Libraries using this library as a dependency might be vulnerable to some bypass of restrictions, or even remote code execution, if they do not double check the value of the `fontName` that is passed by php-svg-lib. Version 0.5.2 contains a fix for this issue.

CVE-2024-6387

8.1A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2022(3)

CVE-2022-31629

6.5In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

CVE-2022-31628

2.3In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

CVE-2022-4900

6.2A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(3)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

CVE-2020-11579

7.5An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.

2019(8)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-9641

9.8An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.

CVE-2019-9639

7.5An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.

CVE-2019-9638

CVE-2019-9637

7.5An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(5)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-19396

7.5ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.

CVE-2018-19395

7.5ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM("WScript.Shell").

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

2017(4)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

CVE-2017-8923

9.8The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.

CVE-2017-7963

7.5The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings. NOTE: the vendor disputes this, stating "There is no security issue here, because GMP safely aborts in case of an OOM condition. The only attack vector here is denial of service. However, if you allow attacker-controlled, unbounded allocations you have a DoS vector regardless of GMP's OOM behavior.

CVE-2017-7272

7.4PHP through 7.1.11 enables potential SSRF in applications that accept an fsockopen or pfsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax is recognized, fsockopen will use the port number that is specified in the hostname argument, instead of the port number in the second argument of the function.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(5)

CVE-2015-9253

6.5An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility.

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2013(1)

CVE-2013-2220

7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(2)

CVE-2007-3205

5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

39.103.20.29

Last Seen: 2025-04-28

Tags:

GeneralInformation

WebTechnologies

OpenPorts

13 / tcp -341265581 | 2025-04-24T23:02:34.532022

17 / tcp 134472555 | 2025-04-18T04:54:08.545620

21 / tcp 179309064 | 2025-04-10T19:30:52.174229

24 / tcp -1795027372 | 2025-04-19T11:45:40.836727

25 / tcp -2089734047 | 2025-04-22T19:35:07.630655

43 / tcp 1282941221 | 2025-04-14T21:16:56.187456

49 / tcp -359657882 | 2025-04-08T06:20:47.381637

70 / tcp 175081126 | 2025-04-18T01:17:41.223987

80 / tcp 1881769185 | 2025-04-18T17:47:55.257161

Hashes

93 / tcp -122096153 | 2025-04-06T19:55:06.597405

101 / tcp -1399940268 | 2025-04-06T16:27:35.506756

102 / tcp 669849225 | 2025-04-12T23:56:20.413879

104 / tcp -2096652808 | 2025-04-22T23:32:34.676124

110 / tcp -1399940268 | 2025-04-10T20:18:33.936401

113 / tcp 1921398876 | 2025-04-18T06:04:52.261603

122 / tcp 321971019 | 2025-04-28T17:07:53.465780

135 / tcp 1141948216 | 2025-04-21T09:16:39.975504

175 / tcp -1399940268 | 2025-04-12T05:02:27.697700

177 / tcp -1399940268 | 2025-04-12T02:25:40.578406

179 / tcp -399606100 | 2025-04-17T13:25:27.411787

195 / tcp 2087396567 | 2025-04-28T06:29:32.981657

264 / tcp -1709030885 | 2025-04-20T01:10:40.124312

311 / tcp 676753056 | 2025-04-07T06:32:58.582735

389 / tcp -1743283776 | 2025-04-27T06:12:01.894649

443 / tcp -291104996 | 2025-04-27T20:02:15.080995

Hashes

444 / tcp 2032042134 | 2025-04-23T17:25:56.474804

446 / tcp -1399940268 | 2025-04-07T03:17:33.629010

453 / tcp -2089734047 | 2025-04-28T05:04:09.619258

465 / tcp 897328069 | 2025-04-27T01:08:51.185201

502 / tcp -1013082686 | 2025-04-18T17:16:49.749068

513 / tcp -1399940268 | 2025-04-07T18:13:04.226156

515 / tcp 921225407 | 2025-04-25T13:36:55.611996

541 / tcp -1299118573 | 2025-04-15T09:41:32.523277

554 / tcp -1142488525 | 2025-04-23T18:33:20.663900

593 / tcp 1308377066 | 2025-04-11T13:27:03.390771

666 / tcp 1300162323 | 2025-04-23T18:04:39.725998

743 / tcp 321971019 | 2025-04-11T18:16:50.286897

771 / tcp -1399940268 | 2025-04-17T22:19:25.118885

789 / tcp -1148066627 | 2025-04-17T02:49:01.117379

811 / tcp -1013082686 | 2025-04-25T11:58:31.722649

843 / tcp -2004989248 | 2025-04-03T14:40:10.276714

853 / tcp -1399940268 | 2025-04-26T00:13:34.244055

873 / tcp -1970692834 | 2025-04-15T03:27:36.567580

992 / tcp -936692830 | 2025-04-05T10:16:15.232346

993 / tcp -2089734047 | 2025-04-19T09:21:35.028897

999 / tcp 2061638597 | 2025-04-26T10:29:16.301678

1022 / tcp 819727972 | 2025-04-24T17:18:24.994110

1023 / tcp -1900404274 | 2025-04-04T19:27:05.797462

1025 / tcp -2089734047 | 2025-04-22T15:14:14.725452

1080 / tcp 1362344524 | 2025-04-21T06:18:49.365684

1099 / tcp 819727972 | 2025-04-12T09:23:52.900599

1177 / tcp 1842524259 | 2025-04-10T11:22:58.275141

1181 / tcp 398077695 | 2025-04-17T14:02:01.153650

1190 / tcp 1830187220 | 2025-04-19T01:30:05.123956

1195 / tcp 119860953 | 2025-04-06T22:43:19.265312

1200 / tcp 585675468 | 2025-04-27T03:39:50.496789

1234 / tcp 1830697416 | 2025-04-28T17:08:36.278342

1343 / tcp 1911457608 | 2025-04-06T07:13:12.622735

1364 / tcp -1399940268 | 2025-04-17T20:06:35.822779

1414 / tcp -1399940268 | 2025-04-27T05:47:29.411814

1433 / tcp 555056254 | 2025-04-25T07:50:35.864667

1446 / tcp -1399940268 | 2025-04-16T18:30:10.054211

1450 / tcp -303199180 | 2025-04-12T08:39:05.132189

1454 / tcp -2046514463 | 2025-04-24T05:10:59.800533

1500 / tcp -271515508 | 2025-04-09T09:14:12.299541

1515 / tcp -358801646 | 2025-04-23T03:59:59.723967

1521 / tcp -541815454 | 2025-04-17T06:27:42.258351

1557 / tcp -1189269828 | 2025-04-11T00:28:29.567137

1599 / tcp 1353260875 | 2025-04-14T19:53:45.103824

1604 / tcp -1399940268 | 2025-04-12T05:02:08.469629

1700 / tcp 1727667211 | 2025-04-20T09:39:48.287220

1800 / tcp -2089734047 | 2025-04-04T18:21:16.314803

13 / tcp

-341265581 | 2025-04-24T23:02:34.532022

17 / tcp

134472555 | 2025-04-18T04:54:08.545620

21 / tcp

179309064 | 2025-04-10T19:30:52.174229

24 / tcp

-1795027372 | 2025-04-19T11:45:40.836727

25 / tcp

-2089734047 | 2025-04-22T19:35:07.630655

43 / tcp

1282941221 | 2025-04-14T21:16:56.187456

49 / tcp

-359657882 | 2025-04-08T06:20:47.381637

70 / tcp

175081126 | 2025-04-18T01:17:41.223987

80 / tcp

1881769185 | 2025-04-18T17:47:55.257161

93 / tcp

-122096153 | 2025-04-06T19:55:06.597405

101 / tcp

-1399940268 | 2025-04-06T16:27:35.506756

102 / tcp

669849225 | 2025-04-12T23:56:20.413879

104 / tcp

-2096652808 | 2025-04-22T23:32:34.676124

110 / tcp

-1399940268 | 2025-04-10T20:18:33.936401

113 / tcp

1921398876 | 2025-04-18T06:04:52.261603

122 / tcp

321971019 | 2025-04-28T17:07:53.465780

135 / tcp

1141948216 | 2025-04-21T09:16:39.975504

175 / tcp

-1399940268 | 2025-04-12T05:02:27.697700

177 / tcp

-1399940268 | 2025-04-12T02:25:40.578406

179 / tcp

-399606100 | 2025-04-17T13:25:27.411787

195 / tcp

2087396567 | 2025-04-28T06:29:32.981657

264 / tcp

-1709030885 | 2025-04-20T01:10:40.124312

311 / tcp

676753056 | 2025-04-07T06:32:58.582735

389 / tcp

-1743283776 | 2025-04-27T06:12:01.894649

443 / tcp

-291104996 | 2025-04-27T20:02:15.080995

444 / tcp

2032042134 | 2025-04-23T17:25:56.474804

446 / tcp

-1399940268 | 2025-04-07T03:17:33.629010

453 / tcp

-2089734047 | 2025-04-28T05:04:09.619258

465 / tcp

897328069 | 2025-04-27T01:08:51.185201

502 / tcp

-1013082686 | 2025-04-18T17:16:49.749068

513 / tcp

-1399940268 | 2025-04-07T18:13:04.226156

515 / tcp

921225407 | 2025-04-25T13:36:55.611996

541 / tcp

-1299118573 | 2025-04-15T09:41:32.523277

554 / tcp

-1142488525 | 2025-04-23T18:33:20.663900

593 / tcp

1308377066 | 2025-04-11T13:27:03.390771

666 / tcp

1300162323 | 2025-04-23T18:04:39.725998

743 / tcp

321971019 | 2025-04-11T18:16:50.286897

771 / tcp

-1399940268 | 2025-04-17T22:19:25.118885

789 / tcp

-1148066627 | 2025-04-17T02:49:01.117379

811 / tcp

-1013082686 | 2025-04-25T11:58:31.722649

843 / tcp

-2004989248 | 2025-04-03T14:40:10.276714

853 / tcp

-1399940268 | 2025-04-26T00:13:34.244055

873 / tcp

-1970692834 | 2025-04-15T03:27:36.567580

992 / tcp

-936692830 | 2025-04-05T10:16:15.232346

993 / tcp

-2089734047 | 2025-04-19T09:21:35.028897

999 / tcp

2061638597 | 2025-04-26T10:29:16.301678

1022 / tcp

819727972 | 2025-04-24T17:18:24.994110

1023 / tcp

-1900404274 | 2025-04-04T19:27:05.797462

1025 / tcp

-2089734047 | 2025-04-22T15:14:14.725452

1080 / tcp

1362344524 | 2025-04-21T06:18:49.365684

1099 / tcp

819727972 | 2025-04-12T09:23:52.900599

1177 / tcp

1842524259 | 2025-04-10T11:22:58.275141

1181 / tcp

398077695 | 2025-04-17T14:02:01.153650

1190 / tcp

1830187220 | 2025-04-19T01:30:05.123956

1195 / tcp

119860953 | 2025-04-06T22:43:19.265312

1200 / tcp

585675468 | 2025-04-27T03:39:50.496789

1234 / tcp

1830697416 | 2025-04-28T17:08:36.278342

1343 / tcp

1911457608 | 2025-04-06T07:13:12.622735

1364 / tcp

-1399940268 | 2025-04-17T20:06:35.822779

1414 / tcp

-1399940268 | 2025-04-27T05:47:29.411814

1433 / tcp

555056254 | 2025-04-25T07:50:35.864667

1446 / tcp

-1399940268 | 2025-04-16T18:30:10.054211

1450 / tcp

-303199180 | 2025-04-12T08:39:05.132189

1454 / tcp

-2046514463 | 2025-04-24T05:10:59.800533

1500 / tcp

-271515508 | 2025-04-09T09:14:12.299541

1515 / tcp

-358801646 | 2025-04-23T03:59:59.723967

1521 / tcp

-541815454 | 2025-04-17T06:27:42.258351

1557 / tcp

-1189269828 | 2025-04-11T00:28:29.567137

1599 / tcp

1353260875 | 2025-04-14T19:53:45.103824

1604 / tcp

-1399940268 | 2025-04-12T05:02:08.469629

1700 / tcp

1727667211 | 2025-04-20T09:39:48.287220

1800 / tcp

-2089734047 | 2025-04-04T18:21:16.314803

1801 / tcp

1692069329 | 2025-04-14T18:15:25.729353

1883 / tcp

-1399940268 | 2025-04-06T03:43:37.554343

1901 / tcp

677934968 | 2025-04-02T20:02:22.177214

1911 / tcp

-585940771 | 2025-04-01T22:52:00.902159

1926 / tcp

104385780 | 2025-04-20T18:57:30.734583

1947 / tcp

291260528 | 2025-04-03T05:41:31.516676

1962 / tcp

117101543 | 2025-04-14T16:01:53.383611

1967 / tcp

-358801646 | 2025-04-17T15:05:39.831893