GeneralInformation

Hostnames	cn-beijing.oss.aliyuncs.com
Domains	aliyuncs.com
Country	China
City	Beijing
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2024(1)

CVE-2024-25117

6.8php-svg-lib is a scalable vector graphics (SVG) file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP < 8.0, and doesn't validate if external references are allowed. This might leads to bypass of restrictions or RCE on projects that are using it, if they do not strictly revalidate the fontName that is passed by php-svg-lib. The `Style::fromAttributes(`), or the `Style::parseCssStyle()` should check the content of the `font-family` and prevents it to use a PHAR url, to avoid passing an invalid and dangerous `fontName` value to other libraries. The same check as done in the `Style::fromStyleSheets` might be reused. Libraries using this library as a dependency might be vulnerable to some bypass of restrictions, or even remote code execution, if they do not double check the value of the `fontName` that is passed by php-svg-lib. Version 0.5.2 contains a fix for this issue.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2022(3)

CVE-2022-31629

6.5In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

CVE-2022-31628

2.3In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

CVE-2022-4900

6.2A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(3)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

CVE-2020-11579

7.5An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.

2019(8)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-9641

9.8An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.

CVE-2019-9639

7.5An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.

CVE-2019-9638

CVE-2019-9637

7.5An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(5)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-19396

7.5ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.

CVE-2018-19395

7.5ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM("WScript.Shell").

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

2017(4)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

CVE-2017-8923

9.8The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.

CVE-2017-7963

7.5The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings. NOTE: the vendor disputes this, stating "There is no security issue here, because GMP safely aborts in case of an OOM condition. The only attack vector here is denial of service. However, if you allow attacker-controlled, unbounded allocations you have a DoS vector regardless of GMP's OOM behavior.

CVE-2017-7272

7.4PHP through 7.1.11 enables potential SSRF in applications that accept an fsockopen or pfsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax is recognized, fsockopen will use the port number that is specified in the hostname argument, instead of the port number in the second argument of the function.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(5)

CVE-2015-9253

6.5An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility.

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2013(1)

CVE-2013-2220

7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(2)

CVE-2007-3205

5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

13 15 17 19 21 23 25 26 37 43 49 66 70 80 87 89 102 104 111 113 135 143 179 189 195 221 264 311 427 443 444 449 462 503 513 515 541 548 554 593 636 666 789 806 873 885 999 1023 1080 1099 1119 1337 1414 1433 1443 1452 1521 1599 1604 1723 1801 1883 1911 1926 1954 1958 1964 1967 1987 2000 2002 2003 2008 2054 2061 2067 2081 2085 2087 2121 2150 2154 2181 2195 2222 2223 2323 2376 2404 2435 2455 2559 2561 2628 2761 2762 2850 3001 3003 3004 3010 3016 3017 3047 3050 3058 3073 3087 3112 3131 3135 3136 3145 3180 3190 3198 3256 3268 3301 3310 3342 3388 3405 3410 3521 3548 3550 3551 3552 3561 3563 3790 3838 3910 3952 3954 4010 4023 4063 4085 4104 4150 4157 4282 4343 4402 4433 4434 4438 4443 4444 4459 4461 4500 4506 4643 4840 4911 4949 4999 5001 5006 5007 5009 5010 5025 5172 5201 5222 5256 5321 5400 5444 5650 5671 5672 5678 5986 5998 6000 6001 6379 6433 6482 6633 6666 6667 7001 7010 7018 7050 7071 7080 7081 7171 7218 7415 7433 7444 7445 7548 7634 7676 7773 7774 7980 8000 8001 8002 8009 8020 8022 8026 8030 8065 8066 8075 8081 8083 8084 8087 8089 8102 8115 8121 8126 8127 8139 8140 8145 8146 8147 8156 8157 8160 8181 8199 8239 8291 8315 8317 8319 8405 8422 8441 8450 8459 8466 8470 8488 8500 8510 8531 8543 8545 8553 8554 8556 8558 8564 8566 8575 8576 8589 8591 8593 8601 8606 8649 8663 8680 8686 8723 8728 8810 8816 8827 8832 8834 8864 8876 8879 8880 8906 8943 9000 9002 9012 9032 9038 9041 9042 9051 9059 9070 9075 9088 9092 9095 9100 9151 9160 9163 9166 9168 9178 9186 9188 9204 9218 9222 9241 9247 9299 9303 9308 9333 9398 9418 9443 9446 9501 9530 9600 9633 9761 9779 9797 9943 9988 9994 9998 9999 10000 10001 10004 10009 10011 10014 10020 10024 10027 10045 10065 10068 10083 10123 10134 10240 10250 10933 10934 11112 11211 11288 11300 11601 12128 12132 12134 12137 12138 12140 12153 12158 12204 12207 12209 12211 12214 12227 12232 12234 12235 12237 12238 12244 12245 12247 12256 12258 12267 12269 12304 12311 12339 12345 12367 12399 12402 12416 12424 12440 12444 12449 12478 12485 12488 12504 12521 12524 12527 12537 12540 12543 12582 12590 13047 14006 14101 14147 14182 14265 14330 14344 14523 14875 15000 15443 16002 16011 16017 16043 16044 16049 16063 16064 16071 16079 16083 16085 16086 16101 16993 17770 18025 18030 18042 18072 18087 18090 18097 18104 18245 18443 19000 19013 19022 19090 19998 20001 20185 20256 20880 21025 21083 21234 21239 21244 21250 21251 21258 21262 21277 21280 21283 21300 21301 21306 21310 21323 21325 21328 21379 22082 22103 22380 22556 23023 24245 25009 25565 26656 27015 27017 30010 30022 30120 30121 30123 30301 30422 30522 30722 31001 31322 31337 31443 31822 32222 32422 32722 32764 32922 33322 33622 33722 33922 34422 34522 34622 34822 35000 35100 35122 35322 35422 35722 36022 36122 36622 36722 36984 37022 37322 37422 37722 37777 38022 38122 38222 38333 38422 38522 38722 38822 38922 39001 39022 39222 39422 39522 39622 39722 40022 40122 40222 40322 40422 40471 40622 40722 41022 41800 41822 41922 42222 42922 43008 43080 43200 43322 43422 43522 43822 43922 44022 44122 44322 44422 44520 44722 44818 45006 45022 45222 45322 45522 45622 45821 45822 45922 46122 46222 46522 47222 47322 47522 47622 47722 47990 48018 48022 49222 49322 49692 50000 50006 50022 50100 50102 50202 50722 50822 51002 51003 51222 52822 53200 53322 53622 53922 54222 54522 55022 55200 55322 55481 55553 55622 55722 56222 56422 56622 57522 57778 58422 58922 59222 60129 61613 61616 62078 62080 63210 63256 63257 63260 63443 63676 64295 64738

13 / tcp

1346417108 | 2025-03-17T08:25:07.881785

Mon Jan 22 11:26:37 2024

15 / tcp

-1399940268 | 2025-02-21T20:20:19.950337

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

17 / tcp

1767345577 | 2025-02-22T08:05:50.474766

Hello, this is Quagga (version 0T).
Copyright 1996-200

19 / tcp

829384519 | 2025-03-04T03:57:06.275551

 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefg
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUV

21 / tcp

-1954816821 | 2025-03-14T20:16:55.964465

220 (vsFTPd 3.0.2)\r\n

23 / tcp

460589547 | 2025-02-20T09:53:36.544306

ZyXEL VDSL Router

25 / tcp

-303199180 | 2025-02-17T22:49:09.330231

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

26 / tcp

2143387245 | 2025-03-07T07:14:18.857971

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

37 / tcp

1110767461 | 2025-03-06T05:15:40.573844

HTTP/1.1 200 OK
Server: nginx/1

43 / tcp

819727972 | 2025-03-14T13:00:25.633126

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

49 / tcp

-1620040646 | 2025-02-27T10:46:11.280042

\xc3\xbf\xc3\xbb\\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

66 / tcp

-1399940268 | 2025-03-07T02:11:06.073419

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

70 / tcp

-1056270173 | 2025-03-06T10:34:27.967169

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close

80 / tcp

-2025549431 | 2025-03-13T05:22:06.372669

Hashes

hash

1265647003

http.dom_hash

1799269922

http.html_hash

-2025549431

http.server_hash

-498774968

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Thu, 13 Mar 2025 05:22:06 GMT
Content-Type: application/xml
Content-Length: 345
Connection: keep-alive
x-oss-request-id: 67D26B7EB258223333C4999B
x-oss-server-time: 1
x-oss-ec: 0003-00001201

87 / tcp

1574088840 | 2025-03-06T01:18:43.263607

">Application and Content Networking Software 3.9</a>)\n</BODY><

89 / tcp

-2140303521 | 2025-03-11T20:23:17.415577

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

102 / tcp

-375604792 | 2025-02-22T01:25:05.937559

220 Microsoft FTP Service

104 / tcp

165188539 | 2025-03-09T10:07:18.592246

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

111 / tcp

1880683805 | 2025-03-15T02:43:49.751380

ÿ

113 / tcp

-527005584 | 2025-02-26T08:44:24.039311

/0 0 L
/0 0 HUH

135 / tcp

-1589645334 | 2025-03-13T18:27:09.825205

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: C56L_POS01\n IP2: 60.251.195.90\n IP3: C56L_POS01\n\nNTLMSSP:\nTarget_Name: C56L_POS01\nProduct_Version: 5.1.2600 Ntlm 15\nOS: Windows XP/Windows XP, Service Pack 3\nNetBIOS_Domain_Name: C56L_POS01\nNetBIOS_Computer_Name: C56L_POS01\nDNS_Domain_Name: C56L_POS01\nDNS_Computer_Name: C56L_POS01\n\nDCERPC Dump:\n1088a980-eae5-11d0-8d9b-00a02453c337 ([MS-MQQP]: Message Queuing (MSMQ):):\n  - NCACN: 60.251.195.90:

143 / tcp

-1939513550 | 2025-03-10T19:37:04.853705

* OK The Microsoft Exchange IMAP4 service is ready.\r\n\nImap NTLM Info:\nTarget_Name: HEBEIHK\nProduct_Version: 6.0.6003 Ntlm 15\nOS: Windows Server 2008, Service Pack 2, Rollup KB4489887\nNetBIOS_Domain_Name: HEBEIHK\nNetBIOS_Computer_Name: MAILSERVER2\nDNS_Domain_Name: hebeihk.local\nDNS_Computer_Name: MAILSERVER2.hebeihk.local\nMsvAvDnsTreeName: hebeihk.local\nSystem_Time: 2024-01-22 08:26:31 +0000 UTC\n\n

179 / tcp

-399606100 | 2025-02-21T07:46:41.197321

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

189 / tcp

-1810987450 | 2025-03-09T19:38:40.569236

\xc3\xbf

195 / tcp

-971970408 | 2025-03-10T12:11:46.923710

221 / tcp

-1148066627 | 2025-03-10T15:23:56.545530

\x00[\xc2\x84\xc2\x86\xc3\xb2\x7f\x00\x00

264 / tcp

-1709030885 | 2025-03-18T05:32:54.785694

SSH-

311 / tcp

602337838 | 2025-03-13T13:20:46.092599

HTTP/1.1 404 Not Found
Accept-Ranges: bytes

427 / tcp

-525136240 | 2025-03-16T04:05:29.862551

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://bogon.xylink\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:VMwareInfrastructure\nservice:wbem:https\n\nResponse of service:VMwareInfrastructure SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:VMwareInfrastructure://bogon.xylink\n\n\nResponse of service:VMwareInfrastructure AttrRqst:\nVersion: 2\nFunction: Attribute Reply (7)\nErrorCode: SUCCESS (

443 / tcp

-2090963589 | 2025-03-11T14:55:34.549910

Hashes

hash

835379740

http.dom_hash

1799269922

http.html_hash

-2090963589

http.server_hash

-498774968

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Tue, 11 Mar 2025 14:55:25 GMT
Content-Type: application/xml
Content-Length: 345
Connection: keep-alive
x-oss-request-id: 67D04EDD6D28FD39314A0F13
x-oss-server-time: 0
x-oss-ec: 0003-00001201

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:6b:68:69:54:4a:81:bb:93:b4:d7:d1
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 OV TLS CA 2024
        Validity
            Not Before: Jan  2 06:32:06 2025 GMT
            Not After : Sep  4 00:00:00 2025 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=cn-beijing.oss.aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cb:fd:cb:7f:5f:49:ee:e8:d9:d0:d6:53:d0:a5:
                    88:fd:fc:56:3c:06:76:2d:ad:ee:c9:65:e1:8c:fd:
                    ee:ef:a1:a2:34:db:d3:65:1e:4a:9c:f7:9d:a6:ad:
                    fa:a7:b3:1a:8b:45:f7:13:2a:26:24:9c:50:28:92:
                    25:54:45:fc:d2:2e:17:7d:c1:47:45:a1:39:bf:ce:
                    7e:f2:8b:d7:69:2c:b6:94:3f:5c:fc:a9:6e:c3:bd:
                    a5:a9:f3:6e:65:55:50:ba:b2:8a:df:ee:e9:50:a7:
                    81:b5:5f:3a:96:f9:74:c3:8a:54:51:d7:eb:02:1c:
                    58:33:e6:a0:ea:12:10:52:63:c9:df:03:84:cf:a3:
                    15:9c:50:7b:5e:6e:42:0f:3d:bd:33:3c:f6:6a:eb:
                    be:30:24:30:72:cb:84:a8:e9:17:aa:6a:45:f8:12:
                    c2:a1:78:0d:31:f0:45:2b:32:2f:ff:98:a3:03:a2:
                    5a:b0:8d:e2:d5:ce:e1:35:56:0b:0a:f8:11:bf:18:
                    44:f7:b8:7b:a0:a0:eb:1d:8d:cf:e8:cc:cf:c4:c5:
                    54:69:59:53:e1:ee:51:79:04:67:86:cf:8b:e5:c6:
                    88:a8:cc:9e:61:75:91:90:b5:8a:af:4c:a2:8d:57:
                    14:8a:f6:54:fb:1e:71:e5:09:e3:0a:12:df:34:8d:
                    d5:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr3ovtlsca2024.crt
                OCSP - URI:http://ocsp.globalsign.com/gsgccr3ovtlsca2024
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                Policy: 1.3.6.1.4.1.4146.10.1.2
                  CPS: https://www.globalsign.com/repository/
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsgccr3ovtlsca2024.crl
            X509v3 Subject Alternative Name: 
                DNS:cn-beijing.oss.aliyuncs.com, DNS:*.cn-beijing.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-beijing.aliyuncs.com, DNS:*.s3.oss-cn-beijing-internal.aliyuncs.com, DNS:*.cn-beijing.mgw.aliyuncs.com, DNS:*.oss.cn-beijing.privatelink.aliyuncs.com, DNS:*.oss-cn-beijing.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-accesspoint.aliyuncs.com, DNS:*.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing.aliyuncs.com, DNS:*.img-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-internal-cross.aliyuncs.com, DNS:*.oss-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-cross.aliyuncs.com, DNS:*.img-cn-beijing.aliyuncs.com, DNS:*.vpc100-oss-cn-beijing.aliyuncs.com, DNS:*.cn-beijing.oss.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h-cross.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub.aliyuncs.com, DNS:*.cn-beijing-finance.oss.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1.aliyuncs.com, DNS:*.cn-beijing-finance-1.oss.aliyuncs.com, DNS:*.cn-beijing-vpc.oss.aliyuncs.com, DNS:*.oss-enet-cm.aliyuncs.com, DNS:*.oss-enet-cu.aliyuncs.com, DNS:*.oss-enet-ct.aliyuncs.com, DNS:*.oss-enet-cn-north.aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.oss-enet.aliyuncs.com, DNS:*.oss-internal.aliyuncs.com, DNS:*.oss-internal.aliyun-inc.com, DNS:*.oss-accelerate.aliyuncs.com, DNS:*.oss-accelerate-overseas.aliyuncs.com, DNS:*.s3.oss-accelerate.aliyuncs.com, DNS:*.s3.oss-accelerate-overseas.aliyuncs.com, DNS:*.cn-beijing-cross.mgw.aliyuncs.com, DNS:*.oss-vpc.aliyuncs.com, DNS:*.cn-beijing.oss-vpc.aliyuncs.com, DNS:*.oss.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                DA:D3:A8:08:48:0C:34:37:58:EE:E5:A7:75:2E:59:FC:D6:DC:3C:38
            X509v3 Subject Key Identifier: 
                C1:58:AC:32:69:71:BB:67:42:6C:42:FE:14:E5:57:72:91:C1:82:D6
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 1A:04:FF:49:D0:54:1D:40:AF:F6:A0:C3:BF:F1:D8:C4:
                                67:2F:4E:EC:EE:23:40:68:98:6B:17:40:2E:DC:89:7D
                    Timestamp : Jan  2 06:32:08.952 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:D4:22:D6:BD:85:6A:79:2B:66:0F:1F:
                                36:9C:87:35:37:A2:DA:91:B3:41:21:70:33:24:48:B8:
                                AC:01:B2:4F:8A:02:20:78:33:2F:5E:6C:72:6C:BA:8A:
                                2A:DB:4A:42:99:29:A1:0C:E4:7B:86:88:C2:7F:9F:BE:
                                CE:93:8F:5D:00:2F:8C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
                                F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
                    Timestamp : Jan  2 06:32:08.990 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:DE:60:8C:72:69:F8:ED:DD:B5:9B:2F:
                                88:2B:94:8E:C5:EA:A3:29:CF:5E:76:E1:32:5B:33:E9:
                                09:55:C0:9B:0A:02:20:72:4F:8B:E6:B3:1A:36:F6:61:
                                91:02:36:00:EA:76:E0:8C:5C:3C:8C:AF:C1:4A:F2:FD:
                                CA:7D:2B:6A:A6:5A:A7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
                                47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
                    Timestamp : Jan  2 06:32:08.695 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:82:E8:40:FB:D2:F4:C7:36:73:02:4A:
                                CD:8A:B4:A7:3D:E9:DC:7F:23:C7:17:0C:B1:8F:65:59:
                                3C:89:A5:E4:F0:02:20:2D:57:40:3F:AC:33:84:81:B8:
                                79:8C:CE:B4:F4:CC:44:29:AE:5A:FA:CD:66:FF:7A:69:
                                DA:8E:8E:6B:3D:C7:D7
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4e:88:42:e9:bd:d6:24:7a:b8:0b:08:70:28:8b:e3:90:92:79:
        25:1f:f9:ec:83:69:41:21:cb:3f:cc:c6:2c:76:54:44:09:81:
        c9:8b:a9:bc:32:e4:5e:d4:72:17:de:fd:a1:50:2b:58:ed:45:
        8e:ba:40:ee:f9:54:31:0e:56:0e:7f:9e:36:2d:98:8b:3a:21:
        ac:4c:f7:4b:e5:97:32:cd:c3:b4:9d:b7:99:07:f1:4f:bb:81:
        14:60:64:c2:01:bb:85:62:e5:8a:7e:84:86:9f:c9:0b:80:80:
        c3:95:a2:77:b8:d9:81:73:28:dc:14:f9:af:1b:22:8b:33:2a:
        b5:dd:34:fb:a6:90:3d:a1:37:b1:93:f5:d9:93:d0:3c:86:ac:
        28:04:f6:71:24:54:fd:0c:42:2d:48:d4:9c:a6:e5:fa:88:71:
        e3:dc:e1:a7:c7:8a:d5:39:43:29:5f:5d:2c:02:1a:72:08:e8:
        ce:86:a9:22:b1:ed:4f:4e:7f:e5:7d:ea:01:3b:7f:34:2c:e6:
        94:3c:5b:6c:64:09:c3:88:e5:08:64:91:8a:17:63:99:dc:0c:
        85:ee:6c:4a:67:f4:66:21:e9:7a:a3:95:8c:ed:6c:6f:af:92:
        f8:a3:49:8f:de:3b:85:de:68:56:95:f4:e7:e7:7b:1e:c2:0a:
        1f:12:b5:15

444 / tcp

-2112173617 | 2025-02-25T05:30:50.926260

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Tue, 25 Feb 2025 05:30:50 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://39.103.20.34:443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

449 / tcp

1911457608 | 2025-03-06T00:45:49.960599

\x00[\x00\x00\x00\x00\x00\x00

462 / tcp

1278527606 | 2025-03-14T13:20:39.405733

SSH-2.0-Teleport

503 / tcp

-303199180 | 2025-02-16T17:40:20.541358

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

513 / tcp

1911457608 | 2025-02-26T18:58:28.349250

\x00[\x00\x00\x00\x00\x00\x00

515 / tcp

539065883 | 2025-02-21T21:08:10.106256

541 / tcp

-820381412 | 2025-02-18T02:02:01.375670

\\x16\\x03\\x01\\x01[\\x01\\x00\\x01W\\x03\\x03\\xf8\\x9dqe\\xf3\\x02\xd0\xa0\\x8c.M\x0bR\\xc9\\xeex\\x9d\\xb1)\\x07\\xe3\\x94\\x13z\\xfb\\x83xM\\x9a\\xcf9\\xad \r\\xb0%\\x01\\xb2\\xdb\\xf9%K7\\x99:\\xd9G\\xd2)\\xa7\\xab:\\x80\\xfd\\xfc\\x01\\x96BK\\xa1\\x83\\x0e\\xe8\\xa2b\\x002\\x13\\x02\\x13\\x03\\x13\\x01\\x009\\x0

548 / tcp

-1128967010 | 2025-02-23T03:52:20.650726

HTTP/1.1 200 OK
Server: Server
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet, nosnippet, notranslate, noimageindex
Content-Type: text/html; charset=utf-8

554 / tcp

1207252947 | 2025-03-10T04:35:39.194663

RTSP/1.0 401 Unauthorized\r\nCSeq: 1\r\n\r\n

593 / tcp

-1261053701 | 2025-03-16T07:31:52.836806

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset="UTF-8"
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Cache-control: no-store
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

636 / tcp

-1036370807 | 2025-02-17T11:15:07.496486

JDWP-Handshake

666 / tcp

1300162323 | 2025-03-07T01:21:23.956308

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff

789 / tcp

819727972 | 2025-03-14T01:49:45.007594

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

806 / tcp

-1839934832 | 2025-03-07T16:09:48.395255

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

873 / tcp

-1970692834 | 2025-03-15T14:45:43.637296

@RSYNCD: 31.0\n@RSYNCD: EXIT\n

885 / tcp

1830697416 | 2025-02-25T18:19:06.437889

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

999 / tcp

-2072525622 | 2025-02-23T20:50:27.983578

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate,  pre-check=0, post-check=0, max-age=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Mon, 22 Jan 2024 16:06:36 +0800
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/5.6.40
Set-Cookie: phpMyAdmin=fkrenf42790gjdu0ej2flte4637qi54v; path=/; HttpOnly
X-ob_mode: 1
X-Frame-Options: DENY
X-X-WebKit-CSP: default-src 'self' ;script-src 'self'  'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src

Vulnerabilities

2 9 5 1

1023 / tcp

1632932802 | 2025-03-07T05:00:19.461573

1080 / tcp

1362344524 | 2025-03-17T02:29:57.992655

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7

1099 / tcp

709622286 | 2025-03-06T17:06:37.657632

OK Welcome <299685> on DirectUpdate server 7286\r\n

1119 / tcp

470305186 | 2025-03-16T19:53:37.510288

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET

1337 / tcp

2087396567 | 2025-02-17T01:48:53.702908

kjnkjabhbanc283ubcsbhdc72

1414 / tcp

-1099385124 | 2025-03-04T14:44:48.151824

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

1433 / tcp

419886129 | 2025-03-06T23:05:39.932973

MSSQL Server\nVersion: 167773760 (0xa000640)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: XTZJ-20210317RG\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: XTZJ-20210317RG\nNetBIOS_Computer_Name: XTZJ-20210317RG\nDNS_Domain_Name: XTZJ-20210317RG\nDNS_Computer_Name: XTZJ-20210317RG\nSystem_Time: 2024-01-22 04:01:04 +0000 UTC\n\n

1443 / tcp

-1715152554 | 2025-03-06T21:51:43.951571

Hashes

hash

251558843

http.dom_hash

1239617585

http.html_hash

-1715152554

http.server_hash

1727046647

http.title_hash

-1828380909

302 Found

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Thu, 06 Mar 2025 21:51:43 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://39.103.20.34:443/

1452 / tcp

-1399940268 | 2025-03-15T16:27:23.743578

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1521 / tcp

-186520940 | 2025-02-28T05:28:24.591316

HTTP/1.1

1599 / tcp

-375604792 | 2025-03-13T08:14:05.189580

220 Microsoft FTP Service

1604 / tcp

641705735 | 2025-03-03T22:37:02.456493



0
dø...

1723 / tcp

-1608241410 | 2025-03-09T04:44:32.237164

Firmware: 1\nHostname: local\nVendor: linux\n

1801 / tcp

-1299899661 | 2025-02-19T08:03:47.632776

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074\\x97W\\xcd[\\x98\\xc4\\x1aJ\\xa5\xd1\xbf\\xf9\\xbd\\xc7\\xce\\xfd92d3\\x10\\x01\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

1883 / tcp

1741579575 | 2025-02-16T17:08:10.909496

1911 / tcp

-1399940268 | 2025-02-26T10:06:51.282704

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1926 / tcp

-1230049476 | 2025-03-17T01:18:34.808966

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

1954 / tcp

-1140468363 | 2025-02-18T02:24:39.892940

\x02\t\x01

1958 / tcp

-2089734047 | 2025-02-25T22:21:03.060484

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1964 / tcp

1077013874 | 2025-02-25T19:30:24.693659

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

1967 / tcp

-2096652808 | 2025-03-12T02:28:26.538182

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1987 / tcp

819727972 | 2025-02-25T15:01:33.893464

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

2000 / tcp

1911457608 | 2025-03-17T11:44:45.935947

\x00[\x00\x00\x00\x00\x00\x00

2002 / tcp

-1508080900 | 2025-03-16T05:47:42.713843


0ÿñ

2003 / tcp

1911457608 | 2025-02-27T05:42:06.300718

\x00[\x00\x00\x00\x00\x00\x00

2008 / tcp

-303199180 | 2025-03-15T22:35:19.585813

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

2054 / tcp

-2089734047 | 2025-03-07T05:41:37.858007

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

2061 / tcp

-1399940268 | 2025-03-17T22:58:50.620526

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2067 / tcp

1741579575 | 2025-03-11T19:11:25.776987

2081 / tcp

669849225 | 2025-03-06T08:52:31.174127

SSH-98.60-SysaxSSH_81885..42\r\n

2085 / tcp

321971019 | 2025-02-27T13:25:15.382247

-ERR client ip is not in whitelist\r

2087 / tcp

2087396567 | 2025-03-15T00:00:01.377434

kjnkjabhbanc283ubcsbhdc72

2121 / tcp

2047379038 | 2025-02-24T15:34:49.324317

220 RS820Plus FTP server ready.

2150 / tcp

-1399940268 | 2025-02-26T10:54:15.201073

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2154 / tcp

585675468 | 2025-03-18T07:58:34.698606

@
05@ þ...

2181 / tcp

546151771 | 2025-03-12T08:33:14.685154

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

2195 / tcp

1504401647 | 2025-03-16T03:41:48.418513

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

2222 / tcp

372433470 | 2025-02-19T23:09:51.640206

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

2223 / tcp

-1641514916 | 2025-03-05T16:37:04.691080

* OK Merak 1dFUa2 IMAP4rev1

2323 / tcp

1662205251 | 2025-03-11T18:08:05.775828

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

2376 / tcp

819727972 | 2025-02-20T20:08:00.366306

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

2404 / tcp

677934968 | 2025-02-19T04:49:44.210638

lm^)Q

2435 / tcp

1126993057 | 2025-02-24T17:47:10.088126

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

2455 / tcp

-971970408 | 2025-03-17T01:47:59.119166

2559 / tcp

1332894250 | 2025-03-18T06:26:27.655403

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

2561 / tcp

-1399940268 | 2025-02-28T17:25:37.493853

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2628 / tcp

171352214 | 2025-03-06T13:38:55.040105

-ERR client ip is not in whitelist

2761 / tcp

-1626979812 | 2025-03-14T01:17:39.273776

220 Service ready for new user.

2762 / tcp

1911457608 | 2025-03-06T16:29:07.989048

\x00[\x00\x00\x00\x00\x00\x00

2850 / tcp

-801484042 | 2025-02-17T09:46:07.353432

ERR 27

3001 / tcp

-2080784861 | 2025-03-17T03:44:34.617072

GBPK\xc3\xbb\xc3\xb7n\xc2\x93W\xc2\xaf\xc2\x86\xc2\x93x@\xc2\xa9\x0e\xc3\x8a*\xc2\x9bS\x00

3003 / tcp

-1227409554 | 2025-03-01T01:16:32.103272

HTTP/1.1 500 Internal Server Error
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

3004 / tcp

-441419608 | 2025-03-14T13:50:05.612324

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

3010 / tcp

-1648456501 | 2025-03-03T23:27:15.487640

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

3016 / tcp

-142686627 | 2025-02-24T03:55:56.368418

\x00[\xc2\xba\x7fs\x7f\x00\x00

3017 / tcp

-1768187140 | 2025-02-20T00:50:34.847876

HTTP/1.1 403 Forbidden
Server: Microsoft-IIS/10.110
Content-Type: text/plain; charset=utf-8
Connection: close

3047 / tcp

321971019 | 2025-02-22T21:30:22.925734

-ERR client ip is not in whitelist\r

3050 / tcp

819727972 | 2025-03-10T16:35:40.927181

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

3058 / tcp

-1230049476 | 2025-03-18T01:15:51.525996

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

3073 / tcp

1911457608 | 2025-03-17T21:52:29.998879

\x00[\x00\x00\x00\x00\x00\x00

3087 / tcp

493955023 | 2025-02-25T02:24:16.863183

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

3112 / tcp

-653033013 | 2025-03-13T14:44:12.569114

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

3131 / tcp

-2089734047 | 2025-03-08T19:00:30.580719

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3135 / tcp

-358801646 | 2025-02-18T21:39:04.798955

SSH-2.0-OpenSSH_6.6.1

3136 / tcp

1492413928 | 2025-02-27T10:06:59.025252

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

3145 / tcp

-1032713145 | 2025-03-03T18:10:13.822415

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

3180 / tcp

1991883981 | 2025-02-27T21:50:24.720106

B\x00\x00\x00\xc3\xbfn\x04Too many connections

3190 / tcp

632542934 | 2025-02-17T13:24:41.669887

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

3198 / tcp

1911457608 | 2025-02-28T15:30:00.416730

\x00[\x00\x00\x00\x00\x00\x00

3256 / tcp

-2096652808 | 2025-03-14T18:08:40.595402

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

3268 / tcp

-1547976805 | 2025-03-16T09:02:05.319439

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: close

3301 / tcp

669849225 | 2025-03-12T16:21:20.802856

SSH-98.60-SysaxSSH_81885..42\r\n

3310 / tcp

-358801646 | 2025-03-15T16:07:39.879277

SSH-2.0-OpenSSH_6.6.1

3342 / tcp

-1399940268 | 2025-02-22T06:23:48.689741

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3388 / tcp

575925250 | 2025-03-01T00:14:06.639570

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

3405 / tcp

-1399940268 | 2025-03-10T12:09:23.228941

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3410 / tcp

-2089734047 | 2025-03-17T13:53:39.509659

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3521 / tcp

2121220663 | 2025-02-27T21:56:27.860359

SSH-58-Ingrian_SSH\r\n

3548 / tcp

-1453516345 | 2025-02-24T17:31:27.358264

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

3550 / tcp

-1598265216 | 2025-02-24T17:34:59.127659

@RSYNCD: 31.0

3551 / tcp

198844676 | 2025-03-09T10:41:31.281996

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3552 / tcp

165188539 | 2025-03-05T09:32:13.904893

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

3561 / tcp

-1399940268 | 2025-03-09T05:49:30.607186

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3563 / tcp

1989907056 | 2025-03-09T07:46:07.216978

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

3790 / tcp

1741579575 | 2025-03-12T17:30:12.988750

3838 / tcp

103159425 | 2025-03-03T18:38:24.788578

SSH-1.99-RGOS_SSH

3910 / tcp

632542934 | 2025-02-22T23:53:15.748319

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

3952 / tcp

-1019343788 | 2025-02-17T01:00:17.059629

W!\x00\x00\x00\x00

3954 / tcp

921225407 | 2025-03-05T23:19:18.378355

\x00\x00\x00\x04\x00\x00\x00\x00\x00

4010 / tcp

-1059554316 | 2025-03-14T05:39:08.231522

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

4023 / tcp

-1399940268 | 2025-03-13T07:23:12.823807

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4063 / tcp

2103111368 | 2025-03-03T23:10:03.819344

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

4085 / tcp

669849225 | 2025-03-09T15:16:36.523628

SSH-98.60-SysaxSSH_81885..42\r\n

4104 / tcp

-1329831334 | 2025-03-04T14:57:56.287943

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

4150 / tcp

-1375131644 | 2025-03-17T06:37:15.992072

\x00[v\xc3\xbdC\x7f\x00\x00

4157 / tcp

2033888749 | 2025-03-05T08:18:32.646871

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

4282 / tcp

-358801646 | 2025-03-17T20:54:01.094961

SSH-2.0-OpenSSH_6.6.1

4343 / tcp

-1267858620 | 2025-02-23T03:26:12.519905

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1f5b_PS-KHN-01g3V80_42383-32056

4402 / tcp

-1139539254 | 2025-02-28T23:48:37.792717

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

4433 / tcp

1690634669 | 2025-03-15T20:28:30.030540

4434 / tcp

366084633 | 2025-02-27T21:57:15.252335

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

4438 / tcp

1830187220 | 2025-03-06T17:43:03.684963

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

4443 / tcp

141533638 | 2025-03-15T07:27:26.555691

HTTP/1.1 302 Found
Location: /index.html

4444 / tcp

2087396567 | 2025-02-20T14:54:05.663289

kjnkjabhbanc283ubcsbhdc72

4459 / tcp

671605376 | 2025-03-13T01:48:28.617548

SSH-2.0-OpenSSH_X.X

4461 / tcp

1332894250 | 2025-03-06T16:48:13.317835

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

4500 / tcp

639175818 | 2025-03-05T16:25:27.204414

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

4506 / tcp

-1529979118 | 2025-03-06T22:55:58.268999

inv2W

4643 / tcp

-1641514916 | 2025-02-23T05:24:10.158137

* OK Merak 1dFUa2 IMAP4rev1

4840 / tcp

321971019 | 2025-03-11T08:14:51.565822

-ERR client ip is not in whitelist\r

4911 / tcp

-1476017887 | 2025-02-18T16:48:31.707960

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

4949 / tcp

2087396567 | 2025-02-28T21:18:19.330789

kjnkjabhbanc283ubcsbhdc72

4999 / tcp

-375604792 | 2025-02-23T20:07:19.729504

220 Microsoft FTP Service

5001 / tcp

320677201 | 2025-02-19T17:42:29.567857

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

5006 / tcp

1690634669 | 2025-02-27T14:37:10.056426

5007 / tcp

-1399940268 | 2025-02-22T23:16:10.620667

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5009 / tcp

-2015162143 | 2025-02-24T17:34:49.638241

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1c5f_PStjdxtk16_38859-13702

5010 / tcp

-1399940268 | 2025-03-06T09:44:40.658290

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5025 / tcp

-1316398834 | 2025-02-25T18:53:28.886830

ÿ

5172 / tcp

171352214 | 2025-03-08T13:36:08.056140

-ERR client ip is not in whitelist

5201 / tcp

1426971893 | 2025-03-13T23:27:36.048975

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

5222 / tcp

1824169301 | 2025-03-15T21:49:23.342794

HÿjHost '101.133.140.114' is not allowed to 
connect to this MySQL server

5256 / tcp

-1399940268 | 2025-02-23T15:36:25.819292

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5321 / tcp

1308377066 | 2025-02-21T19:35:28.269734

ncacn_http/1.0

5400 / tcp

1911457608 | 2025-03-13T15:39:17.960958

\x00[\x00\x00\x00\x00\x00\x00

5444 / tcp

1543809371 | 2025-02-24T18:10:57.175197

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

5650 / tcp

-1476017887 | 2025-02-22T18:02:15.602328

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

5671 / tcp

-1810987450 | 2025-03-05T09:38:49.547685

\xc3\xbf

5672 / tcp

575925250 | 2025-03-05T20:20:26.270509

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

5678 / tcp

687434487 | 2025-02-23T09:37:38.774303

 \\x00\\x00\\x00{\n  "RPCMethod":"preinstall",\n }

5986 / tcp

1842524259 | 2025-03-11T17:08:41.358646

5998 / tcp

1841100064 | 2025-02-27T22:44:38.135441

HTTP/1.0 200 HTTP OK
Server: Wing FTP Server(Free Edition)
Content-Type: text/html
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Connection: close

6000 / tcp

-358801646 | 2025-03-17T22:00:45.050245

SSH-2.0-OpenSSH_6.6.1

6001 / tcp

-2031152423 | 2025-02-21T13:33:48.918589

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

6379 / tcp

321971019 | 2025-03-10T10:18:06.461952

-ERR client ip is not in whitelist\r

6433 / tcp

165188539 | 2025-03-09T10:09:29.461479

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

6482 / tcp

-1399940268 | 2025-03-13T19:44:02.394496

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6633 / tcp

-1810987450 | 2025-02-21T02:21:18.849498

\xc3\xbf

6666 / tcp

4935895 | 2025-03-14T19:13:29.106795

HTTP/1.1 400 Bad Request
Server: CloudWAF

6667 / tcp

1975288991 | 2025-03-13T21:06:00.735095

OPTI

7001 / tcp

-1325031830 | 2025-03-12T12:06:10.496379

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae26b2_PS-HFE-01DmZ24_34529-57897

7010 / tcp

-2089734047 | 2025-03-14T17:19:32.901338

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

7018 / tcp

819727972 | 2025-02-21T18:12:36.796676

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

7050 / tcp

-1399940268 | 2025-03-09T13:20:31.682958

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7071 / tcp

-1013082686 | 2025-03-05T01:18:41.656016

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

7080 / tcp

1426971893 | 2025-02-23T22:33:14.578197

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

7081 / tcp

-1399940268 | 2025-02-17T19:12:28.179542

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7171 / tcp

-653033013 | 2025-03-04T01:34:28.822574

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

7218 / tcp

-1681927087 | 2025-03-13T18:30:05.022748

kjnkjabhbanc283ubcsbhdc72

7415 / tcp

1911457608 | 2025-02-23T19:03:48.023069

\x00[\x00\x00\x00\x00\x00\x00

7433 / tcp

-249504111 | 2025-03-10T13:25:24.995592

\x00[xU-\x7f\x00\x00

7444 / tcp

-1399940268 | 2025-02-28T05:50:28.247119

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7445 / tcp

-1013082686 | 2025-02-21T00:34:57.572918

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

7548 / tcp

1278527606 | 2025-03-06T16:07:59.437729

SSH-2.0-Teleport

7634 / tcp

-893477759 | 2025-03-03T20:19:13.714164

!versionbind7 t{RPowerDNS Recursor 410

7676 / tcp

1767345577 | 2025-03-12T20:49:00.532727

Hello, this is Quagga (version 0T).
Copyright 1996-200

7773 / tcp

2098371729 | 2025-03-05T10:45:26.649298

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

7774 / tcp

2098371729 | 2025-02-21T21:40:30.543825

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

7980 / tcp

1543809371 | 2025-03-06T14:47:56.174873

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

8000 / tcp

-1204391172 | 2025-03-16T06:01:13.609519

JDWP-Handshake

8001 / tcp

2103111368 | 2025-03-16T17:52:46.685869

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8002 / tcp

-1399940268 | 2025-03-16T15:53:51.617511

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8009 / tcp

819727972 | 2025-03-16T20:39:42.385971

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8020 / tcp

51259122 | 2025-02-19T17:30:15.984052

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

8022 / tcp

819727972 | 2025-02-23T07:13:30.180632

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8026 / tcp

-1428621233 | 2025-03-07T03:17:33.200252

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

8030 / tcp

-2107996212 | 2025-02-27T04:13:44.059519

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

8065 / tcp

-1099385124 | 2025-02-17T11:34:52.936852

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

8066 / tcp

971933601 | 2025-03-14T18:51:49.239864

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

8075 / tcp

321971019 | 2025-03-12T19:26:32.856814

-ERR client ip is not in whitelist\r

8081 / tcp

-2031152423 | 2025-03-11T13:50:34.904010

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

8083 / tcp

-1795027372 | 2025-03-16T21:40:24.188623

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

8084 / tcp

103159425 | 2025-02-19T16:49:50.090576

SSH-1.99-RGOS_SSH

8087 / tcp

1492413928 | 2025-03-17T08:35:17.752449

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

8089 / tcp

-2080784861 | 2025-03-06T01:43:56.624172

GBPK\xc3\xbb\xc3\xb7n\xc2\x93W\xc2\xaf\xc2\x86\xc2\x93x@\xc2\xa9\x0e\xc3\x8a*\xc2\x9bS\x00

8102 / tcp

-1399940268 | 2025-02-18T11:34:52.207023

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8115 / tcp

-1375131644 | 2025-03-07T02:13:13.276792

\x00[v\xc3\xbdC\x7f\x00\x00

8121 / tcp

-2017887953 | 2025-03-14T15:31:49.690863

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

8126 / tcp

660175493 | 2025-03-13T18:32:24.195395

8127 / tcp

1911457608 | 2025-02-18T18:47:25.363427

\x00[\x00\x00\x00\x00\x00\x00

8139 / tcp

-1428621233 | 2025-03-13T06:20:33.401756

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

8140 / tcp

799468586 | 2025-02-19T04:48:42.956134

ICA

8145 / tcp

1308377066 | 2025-03-18T01:47:07.869760

ncacn_http/1.0

8146 / tcp

2103111368 | 2025-02-24T16:43:13.465388

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8147 / tcp

-1399940268 | 2025-03-04T19:41:47.433677

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8156 / tcp

677934968 | 2025-03-11T20:57:32.577840

lm^)Q

8157 / tcp

2063598737 | 2025-03-12T14:58:06.879880

/0 0 L\r\n/0 0 HUH\r\n

8160 / tcp

-2089734047 | 2025-02-22T23:23:22.888075

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8181 / tcp

-784071826 | 2025-03-14T07:56:24.892902

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

8199 / tcp

-297128567 | 2025-02-26T19:31:38.824718

\x04\x01\xc3\xb4\x00\x15Internal Server Error\x00\x00\x00AB\x00\x02\x05\x00

8239 / tcp

-2107996212 | 2025-03-14T14:59:17.657015

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

8291 / tcp

740837454 | 2025-03-13T10:44:53.959318

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

8315 / tcp

-1099385124 | 2025-03-13T15:46:40.020644

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

8317 / tcp

408230060 | 2025-03-11T16:28:37.493777

\r\nSorry, that nickname format is invalid.\r\n

8319 / tcp

1308377066 | 2025-02-25T16:10:14.078406

ncacn_http/1.0

8405 / tcp

-1399940268 | 2025-02-23T18:18:48.331737

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8422 / tcp

-1399940268 | 2025-03-14T22:03:01.235414

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8441 / tcp

-792826324 | 2025-02-21T21:55:55.488344

220 FTP server ready - login please

8450 / tcp

-1399940268 | 2025-03-13T03:27:24.271478

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8459 / tcp

-339084706 | 2025-03-07T01:50:24.271870

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

8466 / tcp

1948301213 | 2025-02-20T16:32:45.744810

RFB 003.003
VNC:
  Protocol Version: 3.3

8470 / tcp

-1399940268 | 2025-03-17T13:38:49.240963

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8488 / tcp

-980525298 | 2025-03-14T02:26:46.935508

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8500 / tcp

1929293267 | 2025-02-26T19:56:14.979874

HTTP/1.1 404 Not Found
Server: nginx
Content-Type: text/html; charset=utf-8
Connection: keep-alive

8510 / tcp

-1839934832 | 2025-03-14T14:32:13.727054

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8531 / tcp

-2096652808 | 2025-02-24T13:49:58.983612

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8543 / tcp

-1733106930 | 2025-02-20T03:34:01.287010

Mysql Version: 5.6.50-log\nN\n5.6.50-log\x14(\nG5se"tGE\xc3\xbf\xc3\xb7-\x02\x7f\xc2\x80\x15cB^3$Zwh$wM[mysql_native_password

8545 / tcp

-358801646 | 2025-03-16T20:52:30.564898

SSH-2.0-OpenSSH_6.6.1

8553 / tcp

-1036370807 | 2025-02-16T23:08:14.457237

JDWP-Handshake

8554 / tcp

2087396567 | 2025-03-08T13:30:08.536678

kjnkjabhbanc283ubcsbhdc72

8556 / tcp

-1453516345 | 2025-03-13T17:05:34.873242

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

8558 / tcp

1210754493 | 2025-02-28T03:14:25.602716

0\x0c\x02\x01\x01a\x07\n\x01\x00\x04\x00\x04\x00

8564 / tcp

165188539 | 2025-02-20T18:17:52.759844

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8566 / tcp

-904840257 | 2025-02-18T23:08:22.116849

572 Relay not authorized\r\n

8575 / tcp

-1399940268 | 2025-03-13T20:33:41.007797

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8576 / tcp

1996932384 | 2025-02-25T18:44:59.753156

"raop" nonce

8589 / tcp

-805362002 | 2025-02-27T00:43:13.640038

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

8591 / tcp

819727972 | 2025-03-11T11:00:26.431933

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8593 / tcp

819727972 | 2025-02-22T14:36:38.253240

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8601 / tcp

-1399940268 | 2025-03-15T07:17:50.889814

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8606 / tcp

-1399940268 | 2025-02-20T14:09:19.747896

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8649 / tcp

842535728 | 2025-02-21T05:41:25.184670

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

8663 / tcp

2098371729 | 2025-02-19T14:48:34.462406

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

8680 / tcp

1519486042 | 2025-03-14T13:32:37.184046

<KU_goodbye>Protocol Error: XML data is not well-formed.</KU_goodbye>

8686 / tcp

-1839934832 | 2025-02-27T04:49:09.596244

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8723 / tcp

-802143704 | 2025-02-17T05:03:38.764439

HTTP/1.0 500 Internal Server Error
D
Connection: close

Command server error

8728 / tcp

-1399940268 | 2025-02-18T13:56:51.103250

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8810 / tcp

-1399940268 | 2025-02-21T23:31:46.121780

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8816 / tcp

-1059554316 | 2025-03-04T18:30:54.342820

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

8827 / tcp

-1839934832 | 2025-03-16T20:46:14.014648

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8832 / tcp

-358801646 | 2025-02-28T23:32:37.246510

SSH-2.0-OpenSSH_6.6.1

8834 / tcp

2087396567 | 2025-02-26T02:37:58.353213

kjnkjabhbanc283ubcsbhdc72

8864 / tcp

2143387245 | 2025-03-06T08:47:35.784654

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

8876 / tcp

-1428621233 | 2025-02-17T19:00:38.963690

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

8879 / tcp

-303199180 | 2025-03-09T18:57:03.704859

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

8880 / tcp

1261582754 | 2025-03-17T13:54:42.459043

unknown command 
unknown command

8906 / tcp

1991883981 | 2025-02-21T00:12:16.876020

B\x00\x00\x00\xc3\xbfn\x04Too many connections

8943 / tcp

740837454 | 2025-02-21T05:59:34.876041

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

9000 / tcp

-2067028711 | 2025-03-06T12:20:48.003534

\x15\x03\x01\x00\x02\x02F

9002 / tcp

-971970408 | 2025-03-05T06:03:01.054582

9012 / tcp

1911457608 | 2025-02-23T12:26:50.035400

\x00[\x00\x00\x00\x00\x00\x00

9032 / tcp

1126993057 | 2025-03-18T00:41:25.534020

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

9038 / tcp

-1399940268 | 2025-02-21T08:23:47.632639

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9041 / tcp

408230060 | 2025-03-12T22:16:00.675550

\r\nSorry, that nickname format is invalid.\r\n

9042 / tcp

398077695 | 2025-03-03T18:00:35.374610

9051 / tcp

-984990168 | 2025-03-06T14:47:13.778621


0ÿñ

9059 / tcp

-1476017887 | 2025-03-08T17:31:51.147318

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

9070 / tcp

1208318993 | 2025-03-09T07:52:59.866347

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

9075 / tcp

-1327660293 | 2025-02-23T15:34:50.695368

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

9088 / tcp

1911457608 | 2025-03-09T19:04:22.931454

\x00[\x00\x00\x00\x00\x00\x00

9092 / tcp

921225407 | 2025-02-23T21:52:51.400135

\x00\x00\x00\x04\x00\x00\x00\x00\x00

9095 / tcp

-971970408 | 2025-03-06T06:52:18.423414

9100 / tcp

-1795027372 | 2025-02-22T16:35:28.915452

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

9151 / tcp

-971970408 | 2025-03-16T22:44:45.407689

9160 / tcp

-1399940268 | 2025-03-13T20:43:05.869548

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9163 / tcp

-1013082686 | 2025-02-17T22:02:05.556173

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

9166 / tcp

321971019 | 2025-02-28T18:42:49.748412

-ERR client ip is not in whitelist\r

9168 / tcp

820958131 | 2025-03-13T15:22:27.470959

kjnkjabhbanc283ubcsbhdc72\x02

9178 / tcp

-1261090339 | 2025-02-23T21:27:45.159133

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

9186 / tcp

-1839934832 | 2025-03-04T09:40:36.375666

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

9188 / tcp

819727972 | 2025-02-18T14:05:08.827672

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9204 / tcp

-1114821551 | 2025-03-13T06:50:14.704093

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

9218 / tcp

1911457608 | 2025-03-10T09:24:59.729361

\x00[\x00\x00\x00\x00\x00\x00

9222 / tcp

-616720387 | 2025-02-17T14:32:55.250098

SSH-2.0-SSHD_0.7.6

9241 / tcp

165188539 | 2025-03-15T18:56:53.303589

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9247 / tcp

119860953 | 2025-03-14T22:34:03.915192

* OK ArGoSoft Mail Server IMAP Module v.YW at

9299 / tcp

-1399940268 | 2025-02-26T19:50:56.810876

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9303 / tcp

1911457608 | 2025-03-08T14:38:57.830449

\x00[\x00\x00\x00\x00\x00\x00

9308 / tcp

-1730858130 | 2025-02-22T02:15:01.699823

RFB 003.008
VNC:
  Protocol Version: 3.8

9333 / tcp

-1428621233 | 2025-03-15T23:02:07.616730

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

9398 / tcp

2087396567 | 2025-03-14T00:00:45.282499

kjnkjabhbanc283ubcsbhdc72

9418 / tcp

-1261053701 | 2025-03-15T01:27:31.197145

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset="UTF-8"
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Cache-control: no-store
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

9443 / tcp

2087396567 | 2025-02-18T09:31:24.524645

kjnkjabhbanc283ubcsbhdc72

9446 / tcp

-616720387 | 2025-03-16T14:00:41.773728

SSH-2.0-SSHD_0.7.6

9501 / tcp

-2096652808 | 2025-02-18T20:51:13.509871

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

9530 / tcp

1989907056 | 2025-03-16T01:01:22.623150

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

9600 / tcp

-1428621233 | 2025-03-13T16:06:41.705863

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

9633 / tcp

2087396567 | 2025-02-27T18:38:21.294356

kjnkjabhbanc283ubcsbhdc72

9761 / tcp

745343730 | 2025-03-16T06:49:34.356286

220 smtp.qq.com Esmtp QQ Mail Server

9779 / tcp

-616720387 | 2025-03-04T05:11:10.674176

SSH-2.0-SSHD_0.7.6

9797 / tcp

819727972 | 2025-02-24T00:02:21.345126

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9943 / tcp

248249138 | 2025-03-18T12:22:12.936795

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae24d3_xyd116_25356-2749

9988 / tcp

1363464823 | 2025-03-12T01:27:25.075791

\x00[|ox\x7f\x00\x00

9994 / tcp

-784071826 | 2025-02-28T16:33:02.463134

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 5 1

9998 / tcp

1969772007 | 2025-03-15T21:33:40.047470

HTTP/1.1 400 Bad Request
Connection: keep-alive
Connection: close
X-Via-JSL: c973153,-
X-Cache: error

9999 / tcp

1161309183 | 2025-03-17T13:26:01.030772

ProxyServer is ready

10000 / tcp

2087396567 | 2025-02-28T18:54:29.408176

kjnkjabhbanc283ubcsbhdc72

10001 / tcp

1492413928 | 2025-03-14T06:01:52.207676

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

10004 / tcp

1911457608 | 2025-03-14T17:11:54.978928

\x00[\x00\x00\x00\x00\x00\x00

10009 / tcp

-709267009 | 2025-03-11T13:55:35.683514

\\x00[\'\\x19\\xc0\\xa8X\\xfd

10011 / tcp

580340387 | 2025-03-11T23:16:10.098195

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

10014 / tcp

1623746877 | 2025-03-17T11:33:53.338157

500 Permission denied - closing connection.\r\n

10020 / tcp

921225407 | 2025-03-10T15:47:08.985216

\x00\x00\x00\x04\x00\x00\x00\x00\x00

10024 / tcp

-1473669891 | 2025-03-16T23:21:13.603227

\\x00[\'(\\xc0\\xa8X\\xfd

10027 / tcp

-249504111 | 2025-03-04T16:09:48.177447

\x00[xU-\x7f\x00\x00

10045 / tcp

-2089734047 | 2025-02-28T18:41:38.165834

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

10065 / tcp

1761482307 | 2025-03-11T20:11:57.675567

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

10068 / tcp

-980525298 | 2025-03-12T20:57:21.874558

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

10083 / tcp

921225407 | 2025-03-12T05:22:55.401432

\x00\x00\x00\x04\x00\x00\x00\x00\x00

10123 / tcp

-904840257 | 2025-02-16T18:39:38.336289

572 Relay not authorized\r\n

10134 / tcp

-1888448627 | 2025-03-06T02:14:17.650238

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

10240 / tcp

921225407 | 2025-03-14T13:05:47.580540

\x00\x00\x00\x04\x00\x00\x00\x00\x00

10250 / tcp

1544300041 | 2025-03-15T11:04:15.808625

SSH-25453-Cisco-3524665.35

10933 / tcp

1911457608 | 2025-03-16T11:33:58.651245

\x00[\x00\x00\x00\x00\x00\x00

10934 / tcp

-1907909544 | 2025-03-06T10:34:26.046778

\r\nHello, this is Quagga (version 0T).\r\nCopyright 1996-200

11112 / tcp

1911457608 | 2025-03-17T16:39:42.070908

\x00[\x00\x00\x00\x00\x00\x00

11211 / tcp

-136006866 | 2025-03-05T21:14:07.475319

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

11288 / tcp

-2096652808 | 2025-02-16T16:13:26.953214

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

11300 / tcp

-1399940268 | 2025-03-18T02:11:53.141495

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

11601 / tcp

-1399940268 | 2025-03-10T10:20:15.502721

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12128 / tcp

-1399940268 | 2025-02-21T02:44:19.778687

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12132 / tcp

1911457608 | 2025-02-21T16:39:09.939282

\x00[\x00\x00\x00\x00\x00\x00

12134 / tcp

1911457608 | 2025-02-23T13:49:21.033704

\x00[\x00\x00\x00\x00\x00\x00

12137 / tcp

1911457608 | 2025-03-10T18:37:24.116275

\x00[\x00\x00\x00\x00\x00\x00

12138 / tcp

-1648456501 | 2025-03-12T11:21:58.845813

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

12140 / tcp

1543809371 | 2025-03-15T14:29:45.938583

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

12153 / tcp

1911457608 | 2025-03-14T19:10:34.584881

\x00[\x00\x00\x00\x00\x00\x00

12158 / tcp

-1399940268 | 2025-02-16T20:57:00.061023

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12204 / tcp

-653033013 | 2025-02-19T08:07:26.748673

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

12207 / tcp

2098371729 | 2025-02-24T09:55:49.260443

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

12209 / tcp

-1329831334 | 2025-02-19T16:09:55.094891

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

12211 / tcp

-1329831334 | 2025-03-16T16:14:32.887964

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

12214 / tcp

819727972 | 2025-03-11T05:05:00.972042

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12227 / tcp

-1810987450 | 2025-03-11T09:57:07.023410

\xc3\xbf

12232 / tcp

-1114821551 | 2025-03-16T10:07:23.393350

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

12234 / tcp

-1114821551 | 2025-03-07T01:50:54.556813

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

12235 / tcp

-136006866 | 2025-03-13T01:10:34.282351

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

12237 / tcp

1761482307 | 2025-03-06T07:07:22.440730

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

12238 / tcp

-1327660293 | 2025-03-10T02:12:25.464457

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12244 / tcp

321971019 | 2025-03-11T20:03:06.783342

-ERR client ip is not in whitelist\r

12245 / tcp

921225407 | 2025-03-04T20:44:01.123158

\x00\x00\x00\x04\x00\x00\x00\x00\x00

12247 / tcp

-1399940268 | 2025-02-23T07:44:32.963103

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12256 / tcp

819727972 | 2025-03-04T02:20:39.116785

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12258 / tcp

819727972 | 2025-02-18T18:33:08.046672

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12267 / tcp

-1487943323 | 2025-02-23T23:11:39.368717

431 Unable to negotiate secure command connection.\r\n

12269 / tcp

-2089734047 | 2025-03-03T18:58:39.779760

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12304 / tcp

1353260875 | 2025-03-07T03:10:40.435082

\x00[g\xc2\x95N\x7f\x00\x00

12311 / tcp

-1399940268 | 2025-02-21T19:33:47.742234

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12339 / tcp

819727972 | 2025-02-28T09:17:12.089876

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12345 / tcp

265065882 | 2025-03-10T21:55:25.999233

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked

12367 / tcp

-1279886438 | 2025-03-05T20:02:38.888738

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

12399 / tcp

1911457608 | 2025-02-28T05:21:41.536054

\x00[\x00\x00\x00\x00\x00\x00

12402 / tcp

-288825733 | 2025-02-27T02:46:45.420452

HTTP/1.1 200 OK
Connection: close
Content-Length: 2619
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE
Content-Type: text/html
Server: Jetty(9.4.14.v20181114)
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

12416 / tcp

-1730858130 | 2025-02-18T07:04:35.226171

RFB 003.008
VNC:
  Protocol Version: 3.8

12424 / tcp

-1399940268 | 2025-03-04T18:38:47.774469

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12440 / tcp

-1013082686 | 2025-03-15T05:40:22.578158

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

12444 / tcp

1911457608 | 2025-02-16T19:48:34.875051

\x00[\x00\x00\x00\x00\x00\x00

12449 / tcp

-1899074860 | 2025-02-23T17:50:33.783422

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

12478 / tcp

-303199180 | 2025-03-17T09:13:12.811856

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

12485 / tcp

1767345577 | 2025-02-28T03:16:46.198373

Hello, this is Quagga (version 0T).
Copyright 1996-200

12488 / tcp

-891714208 | 2025-03-14T17:44:23.017573

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

12504 / tcp

-375604792 | 2025-03-17T15:11:22.450262

220 Microsoft FTP Service

12521 / tcp

165188539 | 2025-03-05T08:56:46.353200

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12524 / tcp

1975288991 | 2025-03-10T21:21:25.157409

OPTI

12527 / tcp

-358801646 | 2025-02-25T09:06:30.462127

SSH-2.0-OpenSSH_6.6.1

12537 / tcp

-1032713145 | 2025-03-04T17:24:19.196875

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

12540 / tcp

-1399940268 | 2025-02-17T07:32:44.626949

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12543 / tcp

-1399940268 | 2025-03-14T20:05:53.161309

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12582 / tcp

-1399940268 | 2025-02-24T19:16:55.957612

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12590 / tcp

-1399940268 | 2025-02-22T22:26:11.113119

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

13047 / tcp

2087396567 | 2025-03-12T00:27:51.385948

kjnkjabhbanc283ubcsbhdc72

14006 / tcp

1615193817 | 2025-03-16T21:12:21.408537

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

14101 / tcp

-2089734047 | 2025-03-16T20:07:01.920224

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

14147 / tcp

493955023 | 2025-03-13T15:05:27.045875

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

14182 / tcp

632542934 | 2025-03-05T05:13:12.126558

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

14265 / tcp

819727972 | 2025-02-23T20:43:26.594924

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

14330 / tcp

1911457608 | 2025-03-13T21:45:03.289944

\x00[\x00\x00\x00\x00\x00\x00

14344 / tcp

-653033013 | 2025-03-13T02:31:20.472266

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

14523 / tcp

-1839934832 | 2025-03-16T14:07:52.324535

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

14875 / tcp

819727972 | 2025-03-06T22:40:11.732947

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

15000 / tcp

-802283180 | 2025-02-25T20:11:44.320570

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
Deny-Reason: hotload rechange server uri format error!!
Request-Id: 65ae2713048e06316f384c0db1051754

15443 / tcp

-1730858130 | 2025-03-16T18:32:44.648036

RFB 003.008
VNC:
  Protocol Version: 3.8

16002 / tcp

-1399940268 | 2025-03-06T12:16:12.757164

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16011 / tcp

-1888448627 | 2025-03-04T12:23:38.553797

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

16017 / tcp

819727972 | 2025-02-18T13:15:33.714884

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

16043 / tcp

2098371729 | 2025-03-15T11:27:15.098517

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

16044 / tcp

-1399940268 | 2025-03-17T23:33:35.114803

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16049 / tcp

819727972 | 2025-03-04T00:55:06.566523

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

16063 / tcp

-1399940268 | 2025-02-21T17:14:28.512202

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16064 / tcp

-1399940268 | 2025-03-13T05:42:05.845254

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16071 / tcp

1574088840 | 2025-03-13T00:02:45.349526

">Application and Content Networking Software 3.9</a>)\n</BODY><

16079 / tcp

1161309183 | 2025-02-22T18:29:51.723893

ProxyServer is ready

16083 / tcp

-1399940268 | 2025-03-14T19:13:15.146685

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16085 / tcp

1426971893 | 2025-02-16T23:25:40.521854

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

16086 / tcp

2103111368 | 2025-03-14T19:48:39.374064

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

16101 / tcp

-1189269828 | 2025-03-08T16:21:05.910271

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

16993 / tcp

-1839934832 | 2025-03-11T15:29:06.694401

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

17770 / tcp

-2089734047 | 2025-03-10T19:24:39.246072

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

18025 / tcp

-441419608 | 2025-03-10T04:21:15.163896

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

18030 / tcp

632542934 | 2025-02-26T06:17:27.059099

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

18042 / tcp

321971019 | 2025-03-13T06:00:12.514114

-ERR client ip is not in whitelist\r

18072 / tcp

-1453516345 | 2025-03-14T21:57:56.821937

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

18087 / tcp

321971019 | 2025-02-20T20:29:06.911816

-ERR client ip is not in whitelist\r

18090 / tcp

-1114821551 | 2025-03-17T17:14:28.860623

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

18097 / tcp

669849225 | 2025-03-16T11:17:48.401823

SSH-98.60-SysaxSSH_81885..42\r\n

18104 / tcp

45131230 | 2025-02-25T12:54:00.407023

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

18245 / tcp

2098371729 | 2025-03-05T22:16:47.638532

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

18443 / tcp

2087396567 | 2025-03-15T10:41:12.434869

kjnkjabhbanc283ubcsbhdc72

19000 / tcp

1830697416 | 2025-02-28T10:53:08.316136

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

19013 / tcp

-1399940268 | 2025-03-11T23:45:04.862576

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

19022 / tcp

819727972 | 2025-02-18T05:44:46.488020

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

19090 / tcp

-2089734047 | 2025-02-24T19:56:12.447434

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

19998 / tcp

-1399940268 | 2025-03-04T11:15:59.169225

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20001 / tcp

1762042191 | 2025-02-17T19:43:52.935179

\x7f\x7fICA\x00

20185 / tcp

380146262 | 2025-03-16T05:13:11.195204

@RSYNCD: 30.0

20256 / tcp

1911457608 | 2025-03-13T13:27:19.763418

\x00[\x00\x00\x00\x00\x00\x00

20880 / tcp

1370263973 | 2025-02-26T02:24:25.268383

dubbo>

21025 / tcp

2087396567 | 2025-02-25T14:35:49.279001

kjnkjabhbanc283ubcsbhdc72

21083 / tcp

1830697416 | 2025-02-19T17:18:29.252767

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

21234 / tcp

165188539 | 2025-03-16T06:10:54.071417

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

21239 / tcp

-2089734047 | 2025-03-16T01:16:04.633624

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

21244 / tcp

819727972 | 2025-02-23T18:27:19.136870

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

21250 / tcp

597764502 | 2025-03-15T08:06:12.686568

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

21251 / tcp

1212285915 | 2025-03-11T09:48:37.702947

\x00K\x00\x00\x02\x00\x00\x00%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

21258 / tcp

-2089734047 | 2025-02-26T19:54:54.989840

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

21262 / tcp

1761482307 | 2025-03-11T07:28:44.337252

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

21277 / tcp

321971019 | 2025-03-10T05:18:41.219709

-ERR client ip is not in whitelist\r

21280 / tcp

-784071826 | 2025-02-25T19:37:52.060767

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 5 1

21283 / tcp

-616720387 | 2025-02-20T23:48:10.945505

SSH-2.0-SSHD_0.7.6

21300 / tcp

165188539 | 2025-02-18T06:15:59.450916

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

21301 / tcp

-1839934832 | 2025-02-22T20:48:59.312521

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

21306 / tcp

1911457608 | 2025-02-18T22:52:40.863027

\x00[\x00\x00\x00\x00\x00\x00

21310 / tcp

-832380282 | 2025-03-04T17:09:45.457366

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).\n

21323 / tcp

-1795027372 | 2025-03-14T07:01:33.918678

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

21325 / tcp

-441419608 | 2025-03-03T20:38:32.912053

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

21328 / tcp

-1399940268 | 2025-03-04T21:09:36.072365

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21379 / tcp

1911457608 | 2025-03-15T15:38:42.546426

\x00[\x00\x00\x00\x00\x00\x00

22082 / tcp

-445721795 | 2025-02-21T09:29:49.729932

\x00[\xc3\xaed\x1a\x7f\x00\x00

22103 / tcp

-339084706 | 2025-03-07T18:43:45.717461

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

22380 / tcp

-2089734047 | 2025-03-13T22:18:44.687419

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

22556 / tcp

-1888448627 | 2025-03-15T18:06:08.039760

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

23023 / tcp

841014058 | 2025-03-15T03:53:49.990647

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

24245 / tcp

-971970408 | 2025-03-14T14:14:25.852315

25009 / tcp

1210754493 | 2025-02-18T19:05:21.627754

0\x0c\x02\x01\x01a\x07\n\x01\x00\x04\x00\x04\x00

25565 / tcp

-1279886438 | 2025-03-05T12:53:33.173804

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

26656 / tcp

1741579575 | 2025-03-13T06:39:47.765442

27015 / tcp

-80321085 | 2025-02-16T17:40:56.911801

Command: None
Size: 1802398315
ID: 1751277930
Type: 1668178274

27017 / tcp

1763259671 | 2025-03-15T08:01:54.288652

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

30010 / tcp

-585940771 | 2025-02-26T06:14:55.553002

Unknown command\r\n

30022 / tcp

1741579575 | 2025-03-14T21:43:07.409187

30120 / tcp

1011407350 | 2025-03-05T01:08:33.910174

* OK GroupWise IMAP4rev1 Server Ready\r\n

30121 / tcp

165188539 | 2025-03-10T20:37:50.139432

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

30123 / tcp

-1795027372 | 2025-03-17T14:54:30.877977

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

30301 / tcp

841014058 | 2025-03-15T19:49:38.870768

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

30422 / tcp

2087396567 | 2025-03-13T12:06:24.704565

kjnkjabhbanc283ubcsbhdc72

30522 / tcp

1842524259 | 2025-03-12T15:54:45.963445

30722 / tcp

1948301213 | 2025-03-13T13:50:04.658326

RFB 003.003
VNC:
  Protocol Version: 3.3

31001 / tcp

-1399940268 | 2025-03-09T17:19:21.019351

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

31322 / tcp

-616720387 | 2025-03-09T16:21:05.772708

SSH-2.0-SSHD_0.7.6

31337 / tcp

1024374118 | 2025-03-04T07:26:44.846513

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

31443 / tcp

-1729629024 | 2025-03-12T18:50:07.536492

101 imqbroker =unV

31822 / tcp

1741579575 | 2025-03-12T08:50:20.374328

32222 / tcp

1690634669 | 2025-03-09T07:51:11.836239

32422 / tcp

2087396567 | 2025-03-09T14:37:16.605265

kjnkjabhbanc283ubcsbhdc72

32722 / tcp

-641479109 | 2025-03-11T16:41:27.191186

[xU-

32764 / tcp

-314039103 | 2025-02-26T12:52:02.057961

Surnom.
Sorry, that nickname format is invalid.

32922 / tcp

-1514525820 | 2025-03-11T02:41:47.168788

Protocol version mismatch

33322 / tcp

-1477838366 | 2025-02-23T17:51:42.094161

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

33622 / tcp

2087396567 | 2025-03-08T19:59:47.108754

kjnkjabhbanc283ubcsbhdc72

33722 / tcp

-971970408 | 2025-03-08T18:13:42.318208

33922 / tcp

1642597142 | 2025-03-08T11:26:19.608837

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

34422 / tcp

291723434 | 2025-03-15T01:32:27.226253

Lantronix MSS100 Version V118/523(045538937)

Type HELP at the 'Local_61349> ' prompt for assistance.



Username>

34522 / tcp

-358801646 | 2025-03-05T06:27:20.871064

SSH-2.0-OpenSSH_6.6.1

34622 / tcp

-971970408 | 2025-03-04T19:48:12.016268

34822 / tcp

-1839934832 | 2025-03-03T23:13:21.617603

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

35000 / tcp

1574088840 | 2025-03-09T16:26:31.267241

">Application and Content Networking Software 3.9</a>)\n</BODY><

35100 / tcp

1911457608 | 2025-02-28T08:30:56.015847

\x00[\x00\x00\x00\x00\x00\x00

35122 / tcp

957278843 | 2025-03-04T09:22:55.112491

[|ox

35322 / tcp

660175493 | 2025-03-04T05:48:31.646208

35422 / tcp

-1681927087 | 2025-02-28T08:38:02.536692

kjnkjabhbanc283ubcsbhdc72

35722 / tcp

-2081419599 | 2025-02-28T06:53:55.762708

@
03d

36022 / tcp

1741579575 | 2025-03-17T21:35:23.534230

36122 / tcp

-1189269828 | 2025-03-13T10:21:34.511976

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

36622 / tcp

1991883981 | 2025-03-16T10:38:44.592224

B\x00\x00\x00\xc3\xbfn\x04Too many connections

36722 / tcp

2087396567 | 2025-03-17T05:20:33.150859

kjnkjabhbanc283ubcsbhdc72

36984 / tcp

-2089734047 | 2025-03-12T18:21:35.483683

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

37022 / tcp

740837454 | 2025-03-16T19:55:54.724023

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

37322 / tcp

-893477759 | 2025-03-16T12:39:49.155316

!versionbind7 t{RPowerDNS Recursor 410

37422 / tcp

2087396567 | 2025-03-15T13:14:06.771491

kjnkjabhbanc283ubcsbhdc72

37722 / tcp

-146605374 | 2025-03-16T02:13:50.989192

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

37777 / tcp

165188539 | 2025-03-04T11:16:18.298320

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

38022 / tcp

-971970408 | 2025-03-17T23:55:51.800345

38122 / tcp

1632932802 | 2025-03-15T17:50:09.521318

38222 / tcp

-1681927087 | 2025-03-10T21:15:33.397519

kjnkjabhbanc283ubcsbhdc72

38333 / tcp

-971970408 | 2025-03-15T21:31:22.507909

38422 / tcp

-971970408 | 2025-02-18T20:42:30.701558

38522 / tcp

1282941221 | 2025-02-21T14:58:31.671581

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

38722 / tcp

1830187220 | 2025-03-13T22:32:03.474707

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

38822 / tcp

2087396567 | 2025-03-12T16:33:11.875755

kjnkjabhbanc283ubcsbhdc72

38922 / tcp

-805362002 | 2025-02-22T17:33:55.557318

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

39001 / tcp

1911457608 | 2025-02-28T04:11:31.996364

\x00[\x00\x00\x00\x00\x00\x00

39022 / tcp

-1598265216 | 2025-03-13T20:47:35.979701

@RSYNCD: 31.0

39222 / tcp

-971970408 | 2025-03-13T18:59:13.636463

39422 / tcp

819727972 | 2025-03-11T13:41:38.811563

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

39522 / tcp

-1839934832 | 2025-03-11T09:42:17.220220

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

39622 / tcp

-1730858130 | 2025-02-20T04:36:29.489713

RFB 003.008
VNC:
  Protocol Version: 3.8

39722 / tcp

1492413928 | 2025-03-05T04:49:31.610093

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

40022 / tcp

1830697416 | 2025-03-09T11:12:36.692882

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

40122 / tcp

1544300041 | 2025-02-26T14:14:21.913891

SSH-25453-Cisco-3524665.35

40222 / tcp

-146605374 | 2025-03-04T11:18:07.149578

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

40322 / tcp

2087396567 | 2025-02-17T07:02:28.522413

kjnkjabhbanc283ubcsbhdc72

40422 / tcp

2087396567 | 2025-02-16T17:00:53.906661

kjnkjabhbanc283ubcsbhdc72

40471 / tcp

740837454 | 2025-02-22T09:29:05.342744

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

40622 / tcp

-1641514916 | 2025-02-26T12:31:20.531913

* OK Merak 1dFUa2 IMAP4rev1

40722 / tcp

1741579575 | 2025-03-08T14:49:35.995241

41022 / tcp

-2096652808 | 2025-02-17T05:35:25.607911

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

41800 / tcp

1077013874 | 2025-03-17T20:20:37.075560

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

41822 / tcp

-358801646 | 2025-03-07T18:25:29.770540

SSH-2.0-OpenSSH_6.6.1

41922 / tcp

1842524259 | 2025-03-07T17:50:13.210709

42222 / tcp

1208318993 | 2025-03-04T23:28:10.911370

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

42922 / tcp

841014058 | 2025-02-28T15:51:16.977865

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

43008 / tcp

-1839934832 | 2025-02-16T15:16:16.339690

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

43080 / tcp

1620329124 | 2025-02-25T23:48:15.403944

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\x01\xc3\xbf\xc3\xbb\x03\xc3\xbf\xc3\xbd\x01\xc3\xbf\xc3\xbe\x01Username:

43200 / tcp

321971019 | 2025-03-10T04:23:39.439470

-ERR client ip is not in whitelist\r

43322 / tcp

1690634669 | 2025-02-23T07:28:28.982883

43422 / tcp

104385780 | 2025-02-27T20:26:22.962690

ceph v2

43522 / tcp

1308377066 | 2025-02-27T18:42:08.116483

ncacn_http/1.0

43822 / tcp

2087396567 | 2025-02-23T05:44:32.740956

kjnkjabhbanc283ubcsbhdc72

43922 / tcp

-1559123399 | 2025-02-27T10:32:39.307555

500 Permission denied - closing connection.

44022 / tcp

-1316491703 | 2025-02-27T09:01:52.469602

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready

44122 / tcp

-1453516345 | 2025-02-26T22:50:30.063397

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

44322 / tcp

-1559123399 | 2025-02-26T10:49:21.336096

500 Permission denied - closing connection.

44422 / tcp

2087396567 | 2025-02-26T00:59:02.141415

kjnkjabhbanc283ubcsbhdc72

44520 / tcp

-1399940268 | 2025-02-22T13:28:21.852772

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

44722 / tcp

2087396567 | 2025-02-26T07:12:57.036652

kjnkjabhbanc283ubcsbhdc72

44818 / tcp

1308377066 | 2025-03-11T00:10:50.601306

ncacn_http/1.0

45006 / tcp

-1810987450 | 2025-02-20T22:23:38.583556

\xc3\xbf

45022 / tcp

2087396567 | 2025-03-10T16:23:06.072367

kjnkjabhbanc283ubcsbhdc72

45222 / tcp

819727972 | 2025-02-25T22:39:19.559364

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

45322 / tcp

-1733645023 | 2025-02-25T18:01:45.292957

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

45522 / tcp

1082732927 | 2025-02-25T17:35:35.573663

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

45622 / tcp

740837454 | 2025-02-25T14:53:34.538063

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

45821 / tcp

-1746074029 | 2025-03-13T03:46:42.376865

101 imqbroker =unV\r\n

45822 / tcp

2087396567 | 2025-03-10T12:56:41.977759

kjnkjabhbanc283ubcsbhdc72

45922 / tcp

1396488228 | 2025-03-10T14:39:42.357738

HTTP/1.1 200 OK
Content-Length: 2037
Cache-Control: private, max-age=300
Content-Type: text/html

46122 / tcp

2103111368 | 2025-02-25T06:16:43.417736

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

46222 / tcp

-903067560 | 2025-02-25T00:07:15.657659

\x00[\x13)\xc2\x81\x7f\x00\x00

46522 / tcp

539065883 | 2025-02-24T06:06:09.059249

47222 / tcp

-1810987450 | 2025-02-23T21:20:31.240235

\xc3\xbf

47322 / tcp

-1887823886 | 2025-02-23T19:37:02.500418

K%~)J/\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

47522 / tcp

2087396567 | 2025-02-23T16:14:32.988195

kjnkjabhbanc283ubcsbhdc72

47622 / tcp

808560482 | 2025-02-23T15:24:01.625431

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP
 : USERID : UNIX : Cr8

47722 / tcp

-971970408 | 2025-03-10T11:13:11.854488

47990 / tcp

-893477759 | 2025-02-25T23:17:11.983003

!versionbind7 t{RPowerDNS Recursor 410

48018 / tcp

-1996280214 | 2025-03-07T12:10:51.869676

\x06\x04\x05@

48022 / tcp

1984588611 | 2025-03-07T11:21:41.724473

49222 / tcp

-1730858130 | 2025-02-19T03:45:14.284224

RFB 003.008
VNC:
  Protocol Version: 3.8

49322 / tcp

-1730858130 | 2025-02-20T22:01:45.023944

RFB 003.008
VNC:
  Protocol Version: 3.8

49692 / tcp

-1598265216 | 2025-02-22T01:23:31.547519

@RSYNCD: 31.0

50000 / tcp

819727972 | 2025-02-27T22:47:08.330996

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

50006 / tcp

-147424911 | 2025-02-28T18:30:56.181948

HTTP/1.1 404 Not Found
Content Length: 0

50022 / tcp

819727972 | 2025-02-22T11:33:14.606539

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

50100 / tcp

819727972 | 2025-03-18T13:17:37.133135

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

50102 / tcp

-1399940268 | 2025-03-13T03:11:39.074011

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

50202 / tcp

-891714208 | 2025-02-27T01:58:16.781213

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

50722 / tcp

-1598265216 | 2025-02-20T23:46:50.943139

@RSYNCD: 31.0

50822 / tcp

1778988322 | 2025-02-20T21:46:35.138420

* OK GroupWise IMAP4rev1 Server Ready

51002 / tcp

1911457608 | 2025-02-28T00:26:14.245066

\x00[\x00\x00\x00\x00\x00\x00

51003 / tcp

745343730 | 2025-02-22T09:33:09.509832

220 smtp.qq.com Esmtp QQ Mail Server

51222 / tcp

819727972 | 2025-02-21T13:14:28.630005

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

52822 / tcp

-1455684014 | 2025-02-19T21:29:55.765894

\xff\xfb\x01\xff\xfb\x03\xff\xfc'\xff\xfe\x01\xff\xfd\x03\xff\xfe"\xff\xfd'\xff\xfd\x18\xff\xfe\x1fUsername: GET / HTTP/1.1
Password: 
welcome
>Accept: */*
>
>

53200 / tcp

-1399940268 | 2025-02-24T23:11:20.304050

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

53322 / tcp

819727972 | 2025-02-19T16:12:01.976764

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

53622 / tcp

-1648456501 | 2025-02-19T12:41:54.840763

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

53922 / tcp

2087396567 | 2025-02-19T07:50:18.109886

kjnkjabhbanc283ubcsbhdc72

54222 / tcp

2087396567 | 2025-02-16T22:11:33.212651

kjnkjabhbanc283ubcsbhdc72

54522 / tcp

1690634669 | 2025-02-18T19:20:47.701827

55022 / tcp

2087396567 | 2025-03-07T04:28:09.221389

kjnkjabhbanc283ubcsbhdc72

55200 / tcp

-445721795 | 2025-02-22T19:55:24.802187

\x00[\xc3\xaed\x1a\x7f\x00\x00

55322 / tcp

1261582754 | 2025-02-18T04:18:11.771976

unknown command 
unknown command

55481 / tcp

820958131 | 2025-03-16T17:38:15.766859

kjnkjabhbanc283ubcsbhdc72\x02

55553 / tcp

539065883 | 2025-03-04T13:44:03.644794

55622 / tcp

-971970408 | 2025-03-06T17:17:29.321801

55722 / tcp

-1248408558 | 2025-03-06T20:03:52.119244

220 MikroTik FTP server (MikroTik 6.44.3) ready

56222 / tcp

1948301213 | 2025-02-17T21:26:01.453866

RFB 003.003
VNC:
  Protocol Version: 3.3

56422 / tcp

-971970408 | 2025-02-17T17:32:30.642459

56622 / tcp

-1611764932 | 2025-02-17T16:09:53.811509

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

57522 / tcp

-1529979118 | 2025-03-06T15:49:12.206601

inv2W

57778 / tcp

-653033013 | 2025-03-04T10:56:45.524616

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

58422 / tcp

-438503381 | 2025-03-05T22:24:41.114987

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

58922 / tcp

1887224352 | 2025-03-05T15:13:25.797236

59222 / tcp

539065883 | 2025-03-05T10:01:41.122867

60129 / tcp

1690634669 | 2025-03-06T13:04:44.886686

61613 / tcp

-1626979812 | 2025-03-14T16:41:35.206763

220 Service ready for new user.

61616 / tcp

1308377066 | 2025-03-12T17:03:40.855464

ncacn_http/1.0

62078 / tcp

-860824904 | 2025-02-26T08:08:58.025571

\x00\x01)

62080 / tcp

1911457608 | 2025-02-18T18:49:19.014799

\x00[\x00\x00\x00\x00\x00\x00

63210 / tcp

2087396567 | 2025-03-14T23:28:41.140971

kjnkjabhbanc283ubcsbhdc72

63256 / tcp

-1399940268 | 2025-03-17T15:37:35.960520

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

63257 / tcp

-971970408 | 2025-03-11T15:13:53.334507

63260 / tcp

-1399940268 | 2025-02-28T22:18:10.078718

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

63443 / tcp

1911457608 | 2025-03-14T06:53:19.854484

\x00[\x00\x00\x00\x00\x00\x00

63676 / tcp

819727972 | 2025-02-16T15:47:33.925822

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

64295 / tcp

-1899074860 | 2025-02-22T01:24:06.342037

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

64738 / tcp

-1428621233 | 2025-03-15T05:30:06.174905

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

39.103.20.34

Last Seen: 2025-03-18

Tags:

GeneralInformation

WebTechnologies

OpenPorts

13 / tcp 1346417108 | 2025-03-17T08:25:07.881785

15 / tcp -1399940268 | 2025-02-21T20:20:19.950337

17 / tcp 1767345577 | 2025-02-22T08:05:50.474766

19 / tcp 829384519 | 2025-03-04T03:57:06.275551

21 / tcp -1954816821 | 2025-03-14T20:16:55.964465

23 / tcp 460589547 | 2025-02-20T09:53:36.544306

25 / tcp -303199180 | 2025-02-17T22:49:09.330231

26 / tcp 2143387245 | 2025-03-07T07:14:18.857971

37 / tcp 1110767461 | 2025-03-06T05:15:40.573844

43 / tcp 819727972 | 2025-03-14T13:00:25.633126

49 / tcp -1620040646 | 2025-02-27T10:46:11.280042

66 / tcp -1399940268 | 2025-03-07T02:11:06.073419

70 / tcp -1056270173 | 2025-03-06T10:34:27.967169

80 / tcp -2025549431 | 2025-03-13T05:22:06.372669

Hashes

87 / tcp 1574088840 | 2025-03-06T01:18:43.263607

89 / tcp -2140303521 | 2025-03-11T20:23:17.415577

102 / tcp -375604792 | 2025-02-22T01:25:05.937559

104 / tcp 165188539 | 2025-03-09T10:07:18.592246

111 / tcp 1880683805 | 2025-03-15T02:43:49.751380

113 / tcp -527005584 | 2025-02-26T08:44:24.039311

135 / tcp -1589645334 | 2025-03-13T18:27:09.825205

143 / tcp -1939513550 | 2025-03-10T19:37:04.853705

179 / tcp -399606100 | 2025-02-21T07:46:41.197321

189 / tcp -1810987450 | 2025-03-09T19:38:40.569236

195 / tcp -971970408 | 2025-03-10T12:11:46.923710

221 / tcp -1148066627 | 2025-03-10T15:23:56.545530

264 / tcp -1709030885 | 2025-03-18T05:32:54.785694

311 / tcp 602337838 | 2025-03-13T13:20:46.092599

427 / tcp -525136240 | 2025-03-16T04:05:29.862551

443 / tcp -2090963589 | 2025-03-11T14:55:34.549910

Hashes

444 / tcp -2112173617 | 2025-02-25T05:30:50.926260

449 / tcp 1911457608 | 2025-03-06T00:45:49.960599

462 / tcp 1278527606 | 2025-03-14T13:20:39.405733

503 / tcp -303199180 | 2025-02-16T17:40:20.541358

513 / tcp 1911457608 | 2025-02-26T18:58:28.349250

515 / tcp 539065883 | 2025-02-21T21:08:10.106256

541 / tcp -820381412 | 2025-02-18T02:02:01.375670

548 / tcp -1128967010 | 2025-02-23T03:52:20.650726

554 / tcp 1207252947 | 2025-03-10T04:35:39.194663

593 / tcp -1261053701 | 2025-03-16T07:31:52.836806

636 / tcp -1036370807 | 2025-02-17T11:15:07.496486

666 / tcp 1300162323 | 2025-03-07T01:21:23.956308

789 / tcp 819727972 | 2025-03-14T01:49:45.007594

806 / tcp -1839934832 | 2025-03-07T16:09:48.395255

873 / tcp -1970692834 | 2025-03-15T14:45:43.637296

885 / tcp 1830697416 | 2025-02-25T18:19:06.437889

999 / tcp -2072525622 | 2025-02-23T20:50:27.983578

1023 / tcp 1632932802 | 2025-03-07T05:00:19.461573

1080 / tcp 1362344524 | 2025-03-17T02:29:57.992655

1099 / tcp 709622286 | 2025-03-06T17:06:37.657632

1119 / tcp 470305186 | 2025-03-16T19:53:37.510288

1337 / tcp 2087396567 | 2025-02-17T01:48:53.702908

1414 / tcp -1099385124 | 2025-03-04T14:44:48.151824

1433 / tcp 419886129 | 2025-03-06T23:05:39.932973

1443 / tcp -1715152554 | 2025-03-06T21:51:43.951571

Hashes

1452 / tcp -1399940268 | 2025-03-15T16:27:23.743578

1521 / tcp -186520940 | 2025-02-28T05:28:24.591316

1599 / tcp -375604792 | 2025-03-13T08:14:05.189580

1604 / tcp 641705735 | 2025-03-03T22:37:02.456493

1723 / tcp -1608241410 | 2025-03-09T04:44:32.237164

1801 / tcp -1299899661 | 2025-02-19T08:03:47.632776

1883 / tcp 1741579575 | 2025-02-16T17:08:10.909496

1911 / tcp -1399940268 | 2025-02-26T10:06:51.282704

1926 / tcp -1230049476 | 2025-03-17T01:18:34.808966

1954 / tcp -1140468363 | 2025-02-18T02:24:39.892940

1958 / tcp -2089734047 | 2025-02-25T22:21:03.060484

1964 / tcp 1077013874 | 2025-02-25T19:30:24.693659

1967 / tcp -2096652808 | 2025-03-12T02:28:26.538182

1987 / tcp 819727972 | 2025-02-25T15:01:33.893464

2000 / tcp 1911457608 | 2025-03-17T11:44:45.935947

2002 / tcp -1508080900 | 2025-03-16T05:47:42.713843

13 / tcp

1346417108 | 2025-03-17T08:25:07.881785

15 / tcp

-1399940268 | 2025-02-21T20:20:19.950337

17 / tcp

1767345577 | 2025-02-22T08:05:50.474766

19 / tcp

829384519 | 2025-03-04T03:57:06.275551

21 / tcp

-1954816821 | 2025-03-14T20:16:55.964465

23 / tcp

460589547 | 2025-02-20T09:53:36.544306

25 / tcp

-303199180 | 2025-02-17T22:49:09.330231

26 / tcp

2143387245 | 2025-03-07T07:14:18.857971

37 / tcp

1110767461 | 2025-03-06T05:15:40.573844

43 / tcp

819727972 | 2025-03-14T13:00:25.633126

49 / tcp

-1620040646 | 2025-02-27T10:46:11.280042

66 / tcp

-1399940268 | 2025-03-07T02:11:06.073419

70 / tcp

-1056270173 | 2025-03-06T10:34:27.967169

80 / tcp

-2025549431 | 2025-03-13T05:22:06.372669

87 / tcp

1574088840 | 2025-03-06T01:18:43.263607

89 / tcp

-2140303521 | 2025-03-11T20:23:17.415577

102 / tcp

-375604792 | 2025-02-22T01:25:05.937559

104 / tcp

165188539 | 2025-03-09T10:07:18.592246

111 / tcp

1880683805 | 2025-03-15T02:43:49.751380

113 / tcp

-527005584 | 2025-02-26T08:44:24.039311

135 / tcp

-1589645334 | 2025-03-13T18:27:09.825205

143 / tcp

-1939513550 | 2025-03-10T19:37:04.853705

179 / tcp

-399606100 | 2025-02-21T07:46:41.197321

189 / tcp

-1810987450 | 2025-03-09T19:38:40.569236

195 / tcp

-971970408 | 2025-03-10T12:11:46.923710

221 / tcp

-1148066627 | 2025-03-10T15:23:56.545530

264 / tcp

-1709030885 | 2025-03-18T05:32:54.785694

311 / tcp

602337838 | 2025-03-13T13:20:46.092599

427 / tcp

-525136240 | 2025-03-16T04:05:29.862551

443 / tcp

-2090963589 | 2025-03-11T14:55:34.549910

444 / tcp

-2112173617 | 2025-02-25T05:30:50.926260

449 / tcp

1911457608 | 2025-03-06T00:45:49.960599

462 / tcp

1278527606 | 2025-03-14T13:20:39.405733

503 / tcp

-303199180 | 2025-02-16T17:40:20.541358

513 / tcp

1911457608 | 2025-02-26T18:58:28.349250

515 / tcp

539065883 | 2025-02-21T21:08:10.106256

541 / tcp

-820381412 | 2025-02-18T02:02:01.375670

548 / tcp

-1128967010 | 2025-02-23T03:52:20.650726

554 / tcp

1207252947 | 2025-03-10T04:35:39.194663

593 / tcp

-1261053701 | 2025-03-16T07:31:52.836806

636 / tcp

-1036370807 | 2025-02-17T11:15:07.496486

666 / tcp

1300162323 | 2025-03-07T01:21:23.956308

789 / tcp

819727972 | 2025-03-14T01:49:45.007594

806 / tcp

-1839934832 | 2025-03-07T16:09:48.395255

873 / tcp

-1970692834 | 2025-03-15T14:45:43.637296

885 / tcp

1830697416 | 2025-02-25T18:19:06.437889

999 / tcp

-2072525622 | 2025-02-23T20:50:27.983578

1023 / tcp

1632932802 | 2025-03-07T05:00:19.461573

1080 / tcp

1362344524 | 2025-03-17T02:29:57.992655

1099 / tcp

709622286 | 2025-03-06T17:06:37.657632

1119 / tcp

470305186 | 2025-03-16T19:53:37.510288

1337 / tcp

2087396567 | 2025-02-17T01:48:53.702908

1414 / tcp

-1099385124 | 2025-03-04T14:44:48.151824

1433 / tcp

419886129 | 2025-03-06T23:05:39.932973

1443 / tcp

-1715152554 | 2025-03-06T21:51:43.951571

1452 / tcp

-1399940268 | 2025-03-15T16:27:23.743578

1521 / tcp

-186520940 | 2025-02-28T05:28:24.591316

1599 / tcp

-375604792 | 2025-03-13T08:14:05.189580

1604 / tcp

641705735 | 2025-03-03T22:37:02.456493

1723 / tcp

-1608241410 | 2025-03-09T04:44:32.237164

1801 / tcp

-1299899661 | 2025-02-19T08:03:47.632776

1883 / tcp

1741579575 | 2025-02-16T17:08:10.909496

1911 / tcp

-1399940268 | 2025-02-26T10:06:51.282704

1926 / tcp

-1230049476 | 2025-03-17T01:18:34.808966

1954 / tcp

-1140468363 | 2025-02-18T02:24:39.892940

1958 / tcp

-2089734047 | 2025-02-25T22:21:03.060484

1964 / tcp

1077013874 | 2025-02-25T19:30:24.693659

1967 / tcp

-2096652808 | 2025-03-12T02:28:26.538182

1987 / tcp

819727972 | 2025-02-25T15:01:33.893464

2000 / tcp

1911457608 | 2025-03-17T11:44:45.935947

2002 / tcp

-1508080900 | 2025-03-16T05:47:42.713843

2003 / tcp

1911457608 | 2025-02-27T05:42:06.300718

2008 / tcp

-303199180 | 2025-03-15T22:35:19.585813

2054 / tcp

-2089734047 | 2025-03-07T05:41:37.858007

2061 / tcp

-1399940268 | 2025-03-17T22:58:50.620526

2067 / tcp

1741579575 | 2025-03-11T19:11:25.776987

2081 / tcp

669849225 | 2025-03-06T08:52:31.174127

2085 / tcp

321971019 | 2025-02-27T13:25:15.382247

2087 / tcp

2087396567 | 2025-03-15T00:00:01.377434

2121 / tcp

2047379038 | 2025-02-24T15:34:49.324317