GeneralInformation

Hostnames	cn-beijing.oss.aliyuncs.com
Domains	aliyuncs.com
Country	China
City	Beijing
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(2)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

2019(4)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(3)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

2017(1)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(4)

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(1)

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 15 17 19 21 23 25 37 53 79 80 89 91 101 110 111 113 135 143 154 175 179 195 222 264 389 427 443 444 449 503 513 515 541 548 554 556 593 666 685 771 789 809 830 832 853 873 1023 1025 1028 1080 1099 1177 1200 1234 1337 1344 1355 1366 1433 1443 1521 1599 1604 1723 1800 1801 1820 1883 1926 1962 1970 1980 1987 2000 2002 2003 2006 2008 2067 2069 2081 2087 2121 2154 2181 2222 2232 2271 2332 2345 2351 2363 2404 2443 2455 2553 2558 2562 2566 2628 2761 3001 3013 3014 3019 3050 3053 3055 3064 3066 3078 3090 3098 3101 3114 3117 3121 3124 3175 3176 3183 3192 3200 3256 3260 3268 3269 3299 3306 3310 3352 3388 3389 3550 3780 3790 4000 4022 4063 4118 4150 4157 4242 4282 4321 4344 4401 4434 4439 4443 4444 4449 4463 4500 4524 4572 4840 4899 4911 4949 5004 5006 5007 5010 5025 5090 5201 5222 5230 5234 5241 5250 5259 5268 5432 5440 5556 5558 5603 5672 5858 5906 5986 5987 5988 6001 6036 6262 6544 6600 6602 6633 6666 6668 6998 7001 7014 7025 7071 7100 7434 7443 7537 7634 7777 8000 8009 8016 8023 8031 8033 8044 8045 8050 8061 8075 8082 8083 8089 8099 8100 8105 8121 8128 8130 8136 8141 8142 8145 8149 8167 8173 8187 8200 8340 8384 8393 8411 8414 8415 8436 8443 8450 8455 8457 8505 8545 8554 8586 8593 8596 8630 8703 8728 8805 8821 8828 8831 8836 8838 8853 8869 8899 9001 9038 9041 9044 9046 9074 9084 9087 9095 9100 9104 9105 9108 9123 9138 9146 9147 9155 9163 9166 9257 9306 9333 9345 9398 9410 9418 9444 9530 9600 9704 9804 9876 9898 9922 9929 9977 9992 9993 9998 9999 10000 10001 10004 10012 10013 10015 10016 10023 10075 10081 10083 10134 10250 10443 10480 10911 11000 11111 11112 11182 11211 11300 11680 11920 12000 12084 12088 12117 12118 12119 12124 12135 12151 12169 12176 12180 12186 12237 12251 12255 12267 12271 12323 12350 12353 12373 12377 12390 12406 12442 12483 12488 12499 12504 12510 12516 12524 12528 12529 12533 12534 12536 12549 12566 12588 12980 13047 13579 14006 14147 14265 14344 14401 15018 15588 16006 16014 16024 16029 16036 16043 16056 16071 16072 16080 16087 16104 16993 18005 18020 18022 18030 18042 18073 18105 18245 19000 20020 20050 20084 20100 20201 20880 20900 21025 21082 21083 21231 21259 21264 21285 21313 21326 21327 21329 21379 22206 22556 23023 25001 27017 28015 28080 30002 30003 30022 30104 30301 30322 30722 30892 31001 31122 31222 31337 31443 31722 32022 32322 32522 32764 33060 33222 33322 33822 34622 35004 35022 35122 35241 35251 35422 35722 36522 37080 37322 37922 38122 38222 38333 38422 38522 38622 38722 38822 38922 39022 39122 39222 39322 39522 39922 40022 40029 40099 40222 40322 40522 40622 40722 41122 41822 42022 42122 42222 42422 42424 42922 43200 43322 43522 43622 43822 43922 44022 44322 44337 44422 44622 44818 45000 45039 45122 45666 45677 45922 46022 46222 46922 47001 47222 47522 47622 47990 48522 48622 48722 48888 48922 49222 49322 49722 50000 50012 50013 50100 50443 50622 50722 50922 51004 51434 51443 51822 52122 53022 53122 54138 54422 54822 55000 55443 55554 57022 57779 57785 58422 58522 58532 58822 58922 59222 59522 60129 61613 61616 63210 63256 63260 64671

11 / tcp

1978059005 | 2025-03-12T02:50:58.818910

Sorry, that nickname format is invalid.

13 / tcp

1100205395 | 2025-03-11T21:24:56.872725

HTTP/1.1 200 OK
Cache-Control: private, max-age=300

15 / tcp

819727972 | 2025-03-11T09:59:10.574717

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

17 / tcp

344087494 | 2025-03-06T03:30:22.454888

"When a stupid man is doing something he is ashamed of, he always declares
 that it is his duty." George Bernard Shaw (1856-1950)
\x00

19 / tcp

-1760806421 | 2025-02-18T21:49:05.841169

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected

21 / tcp

1564456597 | 2025-03-16T09:34:59.926907

220 Firewall Authentication required before proceeding with service

23 / tcp

676675086 | 2025-02-24T11:07:13.503681


Password:

25 / tcp

-1699556818 | 2025-03-14T19:12:06.199753

\x01remshd: Kerberos Authentication not enabled.\n

37 / tcp

-253878554 | 2025-03-14T12:04:27.787786

\\xe9X\\x03M

53 / tcp

1369632081 | 2025-02-27T04:45:46.103071

9
\x81\x80\x00\x01\x00\x02\x00\x00\x00\x00\x08clients1\x06google\x03com\x00\x00\x01\x00\x01\xc0\x00\x05\x00\x01\x00\x00\x01\x03\x00\x07clients\x01l\xc0\x15\xc01\x00\x01\x00\x01\x00\x00\x01\x14\x00\x04\xac٠N
\x00\x06\x85\x80\x00\x01\x00\x01\x00\x00\x00

79 / tcp

-1846450790 | 2025-03-11T16:39:40.755450

<html>
<head><title>400 Bad Request</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.4.7</center>
</body>
</html>

80 / tcp

1789460136 | 2025-03-16T15:53:58.510565

Hashes

hash

1633993763

http.dom_hash

1799269922

http.html_hash

1789460136

http.server_hash

-498774968

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Sun, 16 Mar 2025 15:53:58 GMT
Content-Type: application/xml
Content-Length: 345
Connection: keep-alive
x-oss-request-id: 67D6F416A081513532153AB2
x-oss-server-time: 0
x-oss-ec: 0003-00001201

89 / tcp

-1399940268 | 2025-03-11T18:28:02.264127

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

91 / tcp

1975288991 | 2025-03-04T15:10:12.517126

OPTI

101 / tcp

-1327660293 | 2025-03-11T16:30:08.510956

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

110 / tcp

-1399940268 | 2025-03-04T22:54:18.365980

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

111 / tcp

165188539 | 2025-03-09T08:39:52.594245

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

113 / tcp

-832380282 | 2025-03-07T01:18:27.806227

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).\n

135 / tcp

1483120365 | 2025-03-11T12:39:46.231091

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: OP2\n IP2: 192.168.0.20\n IP3: 61.230.135.142\n IP4: 2001:b011:2006:c3ef:18c0:9e02:ef7:84c8\n\nNTLMSSP:\nTarget_Name: OP2\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: OP2\nNetBIOS_Computer_Name: OP2\nDNS_Domain_Name: OP2\nDNS_Computer_Name: OP2\nSystem_Time: 2024-01-22 07:10:42 +0000 UTC\n\nDCERPC Dump:\n4b112204-0e19-11d3-b42b-

143 / tcp

-398621179 | 2025-03-06T23:23:05.307585

* OK everfull.com.cn IMAP4rev1 MDaemon 12.5.6 ready\r\n

154 / tcp

1911457608 | 2025-03-10T03:53:43.617659

\x00[\x00\x00\x00\x00\x00\x00

175 / tcp

-1428621233 | 2025-03-15T14:53:51.453606

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

179 / tcp

-399606100 | 2025-03-09T14:29:13.210670

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

195 / tcp

2087396567 | 2025-03-06T19:45:37.900822

kjnkjabhbanc283ubcsbhdc72

222 / tcp

-926139304 | 2025-02-24T09:14:49.012545

SSH-2.0-BHostSSH_7.0\r\n\n

264 / tcp

-1547821026 | 2025-03-04T13:29:11.669165

CheckPoint\nFirewall Host: CPFWVSX1A_Audi_ODP_S2S_vsfw\nSmartCenter Host: admin..afx8nn\\x00\n

389 / tcp

-1743283776 | 2025-03-04T01:33:07.258761

0\x0c\\x02\\x01\\x01a\\x07\n\\x01\\x04\\x04

427 / tcp

-349937125 | 2025-03-05T16:58:38.152820

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://192.168.118.88\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:VMwareInfrastructure\nservice:wbem:https\n\nResponse of service:VMwareInfrastructure SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:VMwareInfrastructure://192.168.118.88\n\n\nResponse of service:VMwareInfrastructure AttrRqst:\nVersion: 2\nFunction: Attribute Reply (7)\nErrorCode: SUCCE

443 / tcp

1794958825 | 2025-03-10T10:50:14.408840

Hashes

hash

574823635

http.dom_hash

1799269922

http.html_hash

1794958825

http.server_hash

-498774968

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Mon, 10 Mar 2025 10:50:14 GMT
Content-Type: application/xml
Content-Length: 345
Connection: keep-alive
x-oss-request-id: 67CEC3E6BB04C53731D50027
x-oss-server-time: 0
x-oss-ec: 0003-00001201

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:6b:68:69:54:4a:81:bb:93:b4:d7:d1
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 OV TLS CA 2024
        Validity
            Not Before: Jan  2 06:32:06 2025 GMT
            Not After : Sep  4 00:00:00 2025 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=cn-beijing.oss.aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cb:fd:cb:7f:5f:49:ee:e8:d9:d0:d6:53:d0:a5:
                    88:fd:fc:56:3c:06:76:2d:ad:ee:c9:65:e1:8c:fd:
                    ee:ef:a1:a2:34:db:d3:65:1e:4a:9c:f7:9d:a6:ad:
                    fa:a7:b3:1a:8b:45:f7:13:2a:26:24:9c:50:28:92:
                    25:54:45:fc:d2:2e:17:7d:c1:47:45:a1:39:bf:ce:
                    7e:f2:8b:d7:69:2c:b6:94:3f:5c:fc:a9:6e:c3:bd:
                    a5:a9:f3:6e:65:55:50:ba:b2:8a:df:ee:e9:50:a7:
                    81:b5:5f:3a:96:f9:74:c3:8a:54:51:d7:eb:02:1c:
                    58:33:e6:a0:ea:12:10:52:63:c9:df:03:84:cf:a3:
                    15:9c:50:7b:5e:6e:42:0f:3d:bd:33:3c:f6:6a:eb:
                    be:30:24:30:72:cb:84:a8:e9:17:aa:6a:45:f8:12:
                    c2:a1:78:0d:31:f0:45:2b:32:2f:ff:98:a3:03:a2:
                    5a:b0:8d:e2:d5:ce:e1:35:56:0b:0a:f8:11:bf:18:
                    44:f7:b8:7b:a0:a0:eb:1d:8d:cf:e8:cc:cf:c4:c5:
                    54:69:59:53:e1:ee:51:79:04:67:86:cf:8b:e5:c6:
                    88:a8:cc:9e:61:75:91:90:b5:8a:af:4c:a2:8d:57:
                    14:8a:f6:54:fb:1e:71:e5:09:e3:0a:12:df:34:8d:
                    d5:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr3ovtlsca2024.crt
                OCSP - URI:http://ocsp.globalsign.com/gsgccr3ovtlsca2024
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                Policy: 1.3.6.1.4.1.4146.10.1.2
                  CPS: https://www.globalsign.com/repository/
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsgccr3ovtlsca2024.crl
            X509v3 Subject Alternative Name: 
                DNS:cn-beijing.oss.aliyuncs.com, DNS:*.cn-beijing.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-beijing.aliyuncs.com, DNS:*.s3.oss-cn-beijing-internal.aliyuncs.com, DNS:*.cn-beijing.mgw.aliyuncs.com, DNS:*.oss.cn-beijing.privatelink.aliyuncs.com, DNS:*.oss-cn-beijing.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-accesspoint.aliyuncs.com, DNS:*.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing.aliyuncs.com, DNS:*.img-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-internal-cross.aliyuncs.com, DNS:*.oss-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-cross.aliyuncs.com, DNS:*.img-cn-beijing.aliyuncs.com, DNS:*.vpc100-oss-cn-beijing.aliyuncs.com, DNS:*.cn-beijing.oss.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h-cross.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub.aliyuncs.com, DNS:*.cn-beijing-finance.oss.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1.aliyuncs.com, DNS:*.cn-beijing-finance-1.oss.aliyuncs.com, DNS:*.cn-beijing-vpc.oss.aliyuncs.com, DNS:*.oss-enet-cm.aliyuncs.com, DNS:*.oss-enet-cu.aliyuncs.com, DNS:*.oss-enet-ct.aliyuncs.com, DNS:*.oss-enet-cn-north.aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.oss-enet.aliyuncs.com, DNS:*.oss-internal.aliyuncs.com, DNS:*.oss-internal.aliyun-inc.com, DNS:*.oss-accelerate.aliyuncs.com, DNS:*.oss-accelerate-overseas.aliyuncs.com, DNS:*.s3.oss-accelerate.aliyuncs.com, DNS:*.s3.oss-accelerate-overseas.aliyuncs.com, DNS:*.cn-beijing-cross.mgw.aliyuncs.com, DNS:*.oss-vpc.aliyuncs.com, DNS:*.cn-beijing.oss-vpc.aliyuncs.com, DNS:*.oss.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                DA:D3:A8:08:48:0C:34:37:58:EE:E5:A7:75:2E:59:FC:D6:DC:3C:38
            X509v3 Subject Key Identifier: 
                C1:58:AC:32:69:71:BB:67:42:6C:42:FE:14:E5:57:72:91:C1:82:D6
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 1A:04:FF:49:D0:54:1D:40:AF:F6:A0:C3:BF:F1:D8:C4:
                                67:2F:4E:EC:EE:23:40:68:98:6B:17:40:2E:DC:89:7D
                    Timestamp : Jan  2 06:32:08.952 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:D4:22:D6:BD:85:6A:79:2B:66:0F:1F:
                                36:9C:87:35:37:A2:DA:91:B3:41:21:70:33:24:48:B8:
                                AC:01:B2:4F:8A:02:20:78:33:2F:5E:6C:72:6C:BA:8A:
                                2A:DB:4A:42:99:29:A1:0C:E4:7B:86:88:C2:7F:9F:BE:
                                CE:93:8F:5D:00:2F:8C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
                                F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
                    Timestamp : Jan  2 06:32:08.990 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:DE:60:8C:72:69:F8:ED:DD:B5:9B:2F:
                                88:2B:94:8E:C5:EA:A3:29:CF:5E:76:E1:32:5B:33:E9:
                                09:55:C0:9B:0A:02:20:72:4F:8B:E6:B3:1A:36:F6:61:
                                91:02:36:00:EA:76:E0:8C:5C:3C:8C:AF:C1:4A:F2:FD:
                                CA:7D:2B:6A:A6:5A:A7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
                                47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
                    Timestamp : Jan  2 06:32:08.695 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:82:E8:40:FB:D2:F4:C7:36:73:02:4A:
                                CD:8A:B4:A7:3D:E9:DC:7F:23:C7:17:0C:B1:8F:65:59:
                                3C:89:A5:E4:F0:02:20:2D:57:40:3F:AC:33:84:81:B8:
                                79:8C:CE:B4:F4:CC:44:29:AE:5A:FA:CD:66:FF:7A:69:
                                DA:8E:8E:6B:3D:C7:D7
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4e:88:42:e9:bd:d6:24:7a:b8:0b:08:70:28:8b:e3:90:92:79:
        25:1f:f9:ec:83:69:41:21:cb:3f:cc:c6:2c:76:54:44:09:81:
        c9:8b:a9:bc:32:e4:5e:d4:72:17:de:fd:a1:50:2b:58:ed:45:
        8e:ba:40:ee:f9:54:31:0e:56:0e:7f:9e:36:2d:98:8b:3a:21:
        ac:4c:f7:4b:e5:97:32:cd:c3:b4:9d:b7:99:07:f1:4f:bb:81:
        14:60:64:c2:01:bb:85:62:e5:8a:7e:84:86:9f:c9:0b:80:80:
        c3:95:a2:77:b8:d9:81:73:28:dc:14:f9:af:1b:22:8b:33:2a:
        b5:dd:34:fb:a6:90:3d:a1:37:b1:93:f5:d9:93:d0:3c:86:ac:
        28:04:f6:71:24:54:fd:0c:42:2d:48:d4:9c:a6:e5:fa:88:71:
        e3:dc:e1:a7:c7:8a:d5:39:43:29:5f:5d:2c:02:1a:72:08:e8:
        ce:86:a9:22:b1:ed:4f:4e:7f:e5:7d:ea:01:3b:7f:34:2c:e6:
        94:3c:5b:6c:64:09:c3:88:e5:08:64:91:8a:17:63:99:dc:0c:
        85:ee:6c:4a:67:f4:66:21:e9:7a:a3:95:8c:ed:6c:6f:af:92:
        f8:a3:49:8f:de:3b:85:de:68:56:95:f4:e7:e7:7b:1e:c2:0a:
        1f:12:b5:15

444 / tcp

1911457608 | 2025-03-10T10:58:28.539566

\x00[\x00\x00\x00\x00\x00\x00

449 / tcp

2063598737 | 2025-03-09T18:49:46.065208

/0 0 L\r\n/0 0 HUH\r\n

503 / tcp

-2089734047 | 2025-03-14T20:33:49.508856

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

513 / tcp

321971019 | 2025-03-11T18:11:24.201655

-ERR client ip is not in whitelist\r

515 / tcp

819727972 | 2025-03-13T03:51:14.338919

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

541 / tcp

-1724505569 | 2025-03-12T10:09:15.763470

\\x16\\x03\\x01\\x018\\x01\\x00\\x014\\x03\\x03\\x92\\xbc;\\xc1\'-E\\xf4\\xde82\\x93\\x93 \\xabY\\xcd&\\xc3%\\xcco\\xda^\\xef\\xc2!Ut\\xbe\\xb8\\xb6 \\x0f\\xeb\\x00\\xe7b5\\xaf\\xea>/\\xa0{\\xd6\\x8b\r\t\\x85\\xbd\\x06\xc9\x9bH\\x8f\\x85?~\\xbbGdz9\\xf4\\x00"\\x13\\x02\\x13\\x03\\x13\\x01\\x00k\\x00=\\xc00\\xc0,\\xc

548 / tcp

-773160241 | 2025-03-13T20:12:50.159140

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: Yes\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: Yes\nCopy File: Yes\nServer Name: murphys-airport-time-capsule\nMachine Type: \\x10TimeCapsule8,119\nAFP Versions: AFP3.3, AFP3.2, AFP3.1\nUAMs: DHCAST128\\x04,DHX2\\x03,SRP\\x06,Recon1C\nServer Signature: 4338365332344c58463948350069672d

554 / tcp

1060450357 | 2025-03-13T11:06:55.108331

RTSP/1.0 200 OK
CSeq: 1
Keep-Alive: timeout=10, max=1000
Public: DESCRIBE, SETUP, TEARDOWN, PLAY, PAUSE, SET_PARAMETER, GET_PARAMETER
Connection: Keep-Alive

556 / tcp

-1746074029 | 2025-02-24T14:01:30.993885

101 imqbroker =unV\r\n

593 / tcp

1308377066 | 2025-03-04T17:06:47.605672

ncacn_http/1.0

666 / tcp

1300162323 | 2025-02-28T15:56:58.925425

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff

685 / tcp

2098371729 | 2025-03-04T08:09:21.382899

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

771 / tcp

-1327660293 | 2025-03-16T01:24:40.010067

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

789 / tcp

1208318993 | 2025-03-15T15:42:45.228830

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

809 / tcp

971933601 | 2025-02-22T16:12:24.259837

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

830 / tcp

103159425 | 2025-02-24T06:29:33.354318

SSH-1.99-RGOS_SSH

832 / tcp

321971019 | 2025-02-18T08:08:34.373370

-ERR client ip is not in whitelist\r

853 / tcp

-1230049476 | 2025-02-21T14:15:52.247676

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

873 / tcp

-1598265216 | 2025-02-23T20:47:39.141819

@RSYNCD: 31.0

1023 / tcp

-1681927087 | 2025-03-04T12:02:24.602672

kjnkjabhbanc283ubcsbhdc72

1025 / tcp

307999478 | 2025-02-24T17:50:31.585798

unknown command \r\nunknown command \r\n

1028 / tcp

740837454 | 2025-03-14T16:28:14.855271

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

1080 / tcp

1362344524 | 2025-03-16T12:25:22.475003

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7

1099 / tcp

-2096652808 | 2025-03-15T04:16:43.020765

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1177 / tcp

1842524259 | 2025-02-20T11:51:27.492438

1200 / tcp

-1626979812 | 2025-03-12T20:56:00.484776

220 Service ready for new user.

1234 / tcp

-1297953727 | 2025-03-10T06:50:12.569356

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

1337 / tcp

1690634669 | 2025-03-16T09:17:42.952655

1344 / tcp

1655023012 | 2025-03-10T02:21:17.084475

athinfod: invalid query.\n

1355 / tcp

819727972 | 2025-02-23T05:09:26.144150

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1366 / tcp

2098371729 | 2025-03-15T06:58:57.730247

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

1433 / tcp

-325802316 | 2025-03-06T21:04:33.583635

MSSQL Server\nVersion: 134219767 (0x80007f7)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: PC-20150816MQOM\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: PC-20150816MQOM\nNetBIOS_Computer_Name: PC-20150816MQOM\nDNS_Domain_Name: PC-20150816MQOM\nDNS_Computer_Name: PC-20150816MQOM\nMsvAvFlags: 01000000\nSystem_Time: 2024-01-22 04:03:26 +0000 UTC\n\n

1443 / tcp

-1715152554 | 2025-02-21T18:07:31.964787

Hashes

hash

-1746346113

http.dom_hash

1239617585

http.html_hash

-1715152554

http.server_hash

1727046647

http.title_hash

-1828380909

302 Found

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Fri, 21 Feb 2025 18:07:31 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://39.103.20.35:443/

1521 / tcp

-805164506 | 2025-03-06T12:51:06.301889

\xc3\xbf\xc3\xbd"\r\nL

1599 / tcp

-1099385124 | 2025-03-15T07:56:16.363355

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

1604 / tcp

-441419608 | 2025-03-09T20:58:11.383570

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

1723 / tcp

1103582599 | 2025-03-07T03:14:52.792177

Firmware: 1\nHostname: Vigor\nVendor: DrayTek\n

1800 / tcp

819727972 | 2025-03-14T18:49:59.325730

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1801 / tcp

-1139999322 | 2025-02-25T11:23:06.801562

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074\\xf2\\xdby\\x96\\xbb\\xb1LE\\xa1\\x1f.%\xd2\xbft\\xb692d3\\x10\\x03\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

1820 / tcp

1492413928 | 2025-02-27T04:06:24.952366

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

1883 / tcp

-2096652808 | 2025-03-14T23:42:37.644051

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1926 / tcp

1741579575 | 2025-03-08T22:09:25.321424

1962 / tcp

819727972 | 2025-02-25T09:40:23.480713

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1970 / tcp

165188539 | 2025-03-11T23:15:44.183169

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1980 / tcp

-1453516345 | 2025-02-19T15:43:35.248419

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

1987 / tcp

-805362002 | 2025-03-15T14:52:09.341347

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

2000 / tcp

-784071826 | 2025-03-15T00:12:49.002575

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

2002 / tcp

-1681927087 | 2025-03-13T22:44:27.973122

kjnkjabhbanc283ubcsbhdc72

2003 / tcp

921225407 | 2025-03-13T23:06:36.936997

\x00\x00\x00\x04\x00\x00\x00\x00\x00

2006 / tcp

1911457608 | 2025-02-23T21:49:37.661140

\x00[\x00\x00\x00\x00\x00\x00

2008 / tcp

2087396567 | 2025-03-08T15:12:14.497089

kjnkjabhbanc283ubcsbhdc72

2067 / tcp

660175493 | 2025-03-10T03:53:32.327755

2069 / tcp

-1835475271 | 2025-02-20T16:43:58.858532

200 NOD32SS 99 (3318497116)\r\n

2081 / tcp

1975288991 | 2025-03-09T06:10:53.103669

OPTI

2087 / tcp

1426971893 | 2025-03-13T15:58:18.069879

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

2121 / tcp

-2107996212 | 2025-03-06T02:03:39.311123

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

2154 / tcp

-971970408 | 2025-02-21T19:32:55.347170

2181 / tcp

546151771 | 2025-03-15T16:40:40.796910

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

2222 / tcp

-1659353189 | 2025-03-13T14:30:47.380826

SSH-2.0-ssh-server\r\n\\x00\\x00\\x02\\x14\x0b\\x14\x0b\\xed\\x16\\xae\\x96\t\\xc5En\\xbd\\x1cgn\\xff\\xad\\xd7\\x00\\x00\\x00\\xbbcurve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group14-sha256,diffie-hellman-gr

2232 / tcp

921225407 | 2025-02-22T23:22:01.505493

\x00\x00\x00\x04\x00\x00\x00\x00\x00

2271 / tcp

15018106 | 2025-02-28T19:49:03.508037

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

2332 / tcp

128380719 | 2025-03-11T12:54:11.426422

2345 / tcp

-1036370807 | 2025-02-28T20:42:08.331086

JDWP-Handshake

2351 / tcp

-2089734047 | 2025-02-25T17:48:42.098010

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

2363 / tcp

580340387 | 2025-02-24T07:26:16.250299

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

2404 / tcp

-2096652808 | 2025-02-21T22:19:37.881885

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

2443 / tcp

-1888448627 | 2025-03-11T01:36:45.647477

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

2455 / tcp

819727972 | 2025-03-13T12:32:31.877518

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2553 / tcp

-1399940268 | 2025-03-04T09:41:19.140123

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2558 / tcp

-1399940268 | 2025-02-25T19:08:58.296798

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2562 / tcp

1282941221 | 2025-03-05T23:34:35.955658

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

2566 / tcp

-1013082686 | 2025-02-19T12:54:19.945254

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

2628 / tcp

740837454 | 2025-03-15T03:28:00.033678

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

2761 / tcp

-2096652808 | 2025-02-20T13:38:41.372602

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

3001 / tcp

-1399940268 | 2025-02-22T04:59:36.168943

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3013 / tcp

-1568680103 | 2025-02-22T13:39:38.606537

HTTP/1.1 301 Moved Permanently
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3014 / tcp

-136006866 | 2025-03-12T18:37:22.432209

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

3019 / tcp

-2089734047 | 2025-03-08T14:25:13.120595

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3050 / tcp

1911457608 | 2025-03-13T19:23:45.326888

\x00[\x00\x00\x00\x00\x00\x00

3053 / tcp

-1399940268 | 2025-03-10T17:20:43.830764

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3055 / tcp

639175818 | 2025-03-13T00:09:04.577338

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

3064 / tcp

321971019 | 2025-02-24T19:08:58.617079

-ERR client ip is not in whitelist\r

3066 / tcp

639175818 | 2025-02-28T10:34:23.819334

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

3078 / tcp

-1399940268 | 2025-02-22T22:25:49.880603

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3090 / tcp

-1399940268 | 2025-02-28T13:56:16.068065

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3098 / tcp

-1329831334 | 2025-02-26T04:52:24.728987

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

3101 / tcp

1911457608 | 2025-03-06T18:21:23.602880

\x00[\x00\x00\x00\x00\x00\x00

3114 / tcp

-1399940268 | 2025-02-27T22:23:39.664426

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3117 / tcp

1911457608 | 2025-03-07T01:44:21.183729

\x00[\x00\x00\x00\x00\x00\x00

3121 / tcp

819727972 | 2025-02-26T19:06:21.013664

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

3124 / tcp

897328069 | 2025-02-22T20:55:45.772882

220 mail.scott000.com ESMTP

3175 / tcp

1991883981 | 2025-02-27T02:51:53.493636

B\x00\x00\x00\xc3\xbfn\x04Too many connections

3176 / tcp

-407828767 | 2025-03-15T23:28:27.566513

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

3183 / tcp

1911457608 | 2025-03-03T21:22:42.999332

\x00[\x00\x00\x00\x00\x00\x00

3192 / tcp

1991883981 | 2025-03-11T09:02:42.653798

B\x00\x00\x00\xc3\xbfn\x04Too many connections

3200 / tcp

-1476017887 | 2025-03-12T15:12:56.106709

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

3256 / tcp

-358801646 | 2025-03-14T18:06:24.485468

SSH-2.0-OpenSSH_6.6.1

3260 / tcp

-1341662640 | 2025-03-04T04:23:43.767640

HTTP/1.1 301 Moved Permanently
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

3268 / tcp

-879070264 | 2025-03-16T12:54:52.474685

\\xab\xca\xa5]\\x00\\x00\\x00\\x18\\xc0\\x00\\x00\\x01\\xff\\xff\\xff\\xff\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00

3269 / tcp

1308377066 | 2025-03-15T10:54:36.036692

ncacn_http/1.0

3299 / tcp

-1189269828 | 2025-02-18T22:32:35.826031

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

3306 / tcp

849822411 | 2025-03-06T15:29:17.797002

Mysql Version: 5.7.44-log \r\nN\\x00\\x00\\x00\n5.7.44-log\\x00s/\\x06\\x00(o>\\x1c`\\x18*a\\x00\\xff\\xff-\\x02\\x00\\xff\\xc1\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00fFU\\x07_\\x1ay\\x14i}\\x02E\\x00mysql_native_password\\x00

3310 / tcp

819727972 | 2025-03-16T03:32:16.380776

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3352 / tcp

-1032713145 | 2025-02-21T09:44:06.931938

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

3388 / tcp

-1730858130 | 2025-03-13T23:57:19.226076

RFB 003.008
VNC:
  Protocol Version: 3.8

3389 / tcp

521595461 | 2025-02-27T00:03:19.486278

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x03\\x00\\x08\\x00\\x02\\x00\\x00\\x00\n\nGuess_OS:Windows Server 2003 or 2008\nFlag: PROTOCOL_HYBRID\n

3550 / tcp

819727972 | 2025-02-22T06:26:55.556330

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

3780 / tcp

-1810987450 | 2025-03-05T13:53:03.166952

\xc3\xbf

3790 / tcp

-358801646 | 2025-02-27T12:18:23.193601

SSH-2.0-OpenSSH_6.6.1

4000 / tcp

1170207731 | 2025-03-04T20:06:38.932906

HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
content-length: 9446
content-type: text/html; charset=utf-8
cross-origin-window-policy: deny
date: Mon, 22 Jan 2024 08:34:42 GMT
server: Cowboy
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: F6yeXaHCjyC4elgAAoAh
x-xss-protection: 1; mode=block
set-cookie: _teslamate_key=SFMyNTY.g3QAAAAEbQAAAAtfY3NyZl90b2tlbm0AAAAYaUxzWXpoMm5SdWh1V2piMFd

4022 / tcp

1723769361 | 2025-03-16T00:21:23.033107

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

4063 / tcp

740837454 | 2025-03-13T07:48:34.701513

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

4118 / tcp

-303199180 | 2025-02-21T20:45:19.733793

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

4150 / tcp

-1399940268 | 2025-03-05T23:37:41.656155

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4157 / tcp

2087396567 | 2025-03-16T18:38:28.979567

kjnkjabhbanc283ubcsbhdc72

4242 / tcp

302222687 | 2025-03-16T06:35:38.179434

HTTP/1.1 301 Moved Permanently
Server: Apache/2.4.41 (Unix) OpenSSL/1.1.1d TST PHP/7.3.11
Content-Type: text/plain; charset=utf-8
Connection: close

4282 / tcp

2087396567 | 2025-03-13T10:50:43.959547

kjnkjabhbanc283ubcsbhdc72

4321 / tcp

-1250504565 | 2025-03-06T12:55:07.943531

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

4344 / tcp

2121220663 | 2025-02-24T21:47:22.362518

SSH-58-Ingrian_SSH\r\n

4401 / tcp

-358801646 | 2025-02-25T15:20:17.574823

SSH-2.0-OpenSSH_6.6.1

4434 / tcp

-1559123399 | 2025-03-07T17:28:41.182847

500 Permission denied - closing connection.

4439 / tcp

819727972 | 2025-02-22T21:09:12.554588

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

4443 / tcp

1140068775 | 2025-03-06T20:58:24.846362

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html
X-Frame-Options: DENY

Name: VMware ESXi
FullName: VMware ESXi 6.7.0 build-8169922
Vendor: VMware, Inc.
Version: 6.7.0
Build: 8169922
LocaleVersion: INTL
LocaleBuild: 000
OsType: vmnix-x86
ProductLineId: embeddedEsx
ApiType: HostAgent
ApiVersion: 6.7

4444 / tcp

-1839934832 | 2025-03-08T13:18:27.336478

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

4449 / tcp

198844676 | 2025-03-15T19:48:40.896396

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

4463 / tcp

-1839934832 | 2025-02-24T20:19:39.652520

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

4500 / tcp

-1265999252 | 2025-03-12T02:50:14.846329

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

4524 / tcp

819727972 | 2025-02-20T19:06:25.150787

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

4572 / tcp

307999478 | 2025-03-16T12:34:37.437931

unknown command \r\nunknown command \r\n

4840 / tcp

-2089734047 | 2025-02-28T23:48:46.426863

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

4899 / tcp

1911457608 | 2025-03-14T05:23:03.133614

\x00[\x00\x00\x00\x00\x00\x00

4911 / tcp

1723769361 | 2025-02-25T15:43:00.242159

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

4949 / tcp

2087396567 | 2025-03-12T20:00:48.862135

kjnkjabhbanc283ubcsbhdc72

5004 / tcp

-2031152423 | 2025-03-12T04:51:19.103607

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

5006 / tcp

-1810987450 | 2025-03-16T17:04:20.107852

\xc3\xbf

5007 / tcp

1332894250 | 2025-03-12T00:19:03.182537

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

5010 / tcp

398077695 | 2025-02-27T21:24:21.134091

5025 / tcp

819727972 | 2025-02-25T16:43:30.456172

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

5090 / tcp

-1399940268 | 2025-03-07T16:40:03.782680

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5201 / tcp

1911457608 | 2025-02-26T19:50:19.617651

\x00[\x00\x00\x00\x00\x00\x00

5222 / tcp

-1810987450 | 2025-03-14T19:19:05.610897

\xc3\xbf

5230 / tcp

-1399940268 | 2025-03-11T02:18:41.853504

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5234 / tcp

-339084706 | 2025-02-22T08:14:07.781066

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

5241 / tcp

1620329124 | 2025-02-25T10:04:21.976039

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\x01\xc3\xbf\xc3\xbb\x03\xc3\xbf\xc3\xbd\x01\xc3\xbf\xc3\xbe\x01Username:

5250 / tcp

-1013082686 | 2025-02-20T22:02:12.211174

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

5259 / tcp

-1399940268 | 2025-03-04T19:04:06.841987

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5268 / tcp

165188539 | 2025-02-22T18:32:35.134873

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

5432 / tcp

-1399940268 | 2025-02-26T13:32:15.899298

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5440 / tcp

1767620294 | 2025-02-25T18:03:27.867258

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 14-117579287-0 0NNN RT(1700584486788 175) q(0 -1 -1 -1) r(0 -1)

5556 / tcp

819727972 | 2025-02-22T07:34:42.062309

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

5558 / tcp

971933601 | 2025-02-28T20:02:03.003281

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

5603 / tcp

-653033013 | 2025-03-12T20:12:04.941831

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

5672 / tcp

575925250 | 2025-02-24T07:39:17.567659

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

5858 / tcp

-1230049476 | 2025-03-09T05:05:44.235916

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

5906 / tcp

-1249500036 | 2025-03-05T15:13:37.885028

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes

5986 / tcp

1996932384 | 2025-03-09T09:58:47.562522

"raop" nonce

5987 / tcp

378148627 | 2025-03-05T06:12:54.540674

HTTP/1.1 497 Http to Https
Server: nginx/1.20.1
Content-Type: text/html; charset=utf-8
Connection: close

5988 / tcp

1948301213 | 2025-03-09T20:53:45.505509

RFB 003.003
VNC:
  Protocol Version: 3.3

6001 / tcp

1504401647 | 2025-03-13T16:30:26.849147

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

6036 / tcp

971933601 | 2025-03-07T16:53:08.250930

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

6262 / tcp

1911457608 | 2025-02-26T14:00:33.965714

\x00[\x00\x00\x00\x00\x00\x00

6544 / tcp

-1888448627 | 2025-02-18T20:46:31.622470

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

6600 / tcp

819727972 | 2025-03-10T21:04:49.634410

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

6602 / tcp

-1114821551 | 2025-03-03T21:48:31.846270

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

6633 / tcp

-599252106 | 2025-03-09T12:00:00.208755

OpenFlow:
  Version: 1.1

6666 / tcp

4935895 | 2025-03-15T12:03:56.611294

HTTP/1.1 400 Bad Request
Server: CloudWAF

6668 / tcp

1161309183 | 2025-03-13T13:27:13.956521

ProxyServer is ready

6998 / tcp

307999478 | 2025-03-15T02:16:08.145976

unknown command \r\nunknown command \r\n

7001 / tcp

-829704895 | 2025-03-06T17:21:18.902624

+OK-1035|

7014 / tcp

410249975 | 2025-02-26T22:58:06.322420

LNS READY<>

7025 / tcp

921225407 | 2025-02-22T17:58:33.544602

\x00\x00\x00\x04\x00\x00\x00\x00\x00

7071 / tcp

2103111368 | 2025-03-10T09:03:04.053075

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

7100 / tcp

789220008 | 2025-03-13T09:33:11.909390

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1ee7_PS-HAK-01MMC38_33473-54084

7434 / tcp

2033888749 | 2025-03-13T16:47:16.099745

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

7443 / tcp

-1209805157 | 2025-03-14T14:21:21.138291

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
via: CHN-SH-COchilian1-CACHE1[1]
X-CCDN-FORBID-CODE: 040001

7537 / tcp

-1899074860 | 2025-02-28T11:17:10.645148

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

7634 / tcp

819727972 | 2025-03-09T06:59:36.240378

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

7777 / tcp

1391945995 | 2025-03-15T07:24:01.943726

HTTP/1.1 403 Forbidden 
Content-Type: text/plain; charset=utf-8
Proxy-Authenticate: Basic realm=""

8000 / tcp

-1204391172 | 2025-03-16T05:59:58.750560

JDWP-Handshake

8009 / tcp

1690634669 | 2025-03-10T19:30:42.917277

8016 / tcp

1624217396 | 2025-02-28T23:27:14.211329

HELO:10.3.6.0.false\nAS:2048\nHL:19

8023 / tcp

-1399940268 | 2025-02-18T20:29:53.510555

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8031 / tcp

-2102434810 | 2025-03-13T16:34:12.672294

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1702720126.936-s7zzuc

8033 / tcp

1919228981 | 2025-03-08T20:16:40.972192

\x00\x1e\x00\x06\xc2\x81\xc2\x85\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

8044 / tcp

2098371729 | 2025-03-06T18:25:38.856488

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

8045 / tcp

2059642140 | 2025-03-12T01:55:56.518499

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 56-52314072-0 0NNN RT(1700786708752 0) q(0 -1 -1 -1) r(0 -1)

8050 / tcp

-653033013 | 2025-02-27T18:44:35.309801

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

8061 / tcp

-345718689 | 2025-02-23T19:16:52.375519

Vty password is not set.

8075 / tcp

103159425 | 2025-03-01T00:08:13.959130

SSH-1.99-RGOS_SSH

8082 / tcp

1126993057 | 2025-03-11T17:09:07.917673

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

8083 / tcp

1842524259 | 2025-02-23T10:58:01.860181

8089 / tcp

-79865617 | 2025-03-09T21:34:39.129496

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com
mit-revprops depth log-revprops partial-replay ) ) )

8099 / tcp

1825545421 | 2025-03-04T00:34:45.903236

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
via: CHN-GDdongguan-AREACMCC2-CACHE38[0]
X-CCDN-FORBID-CODE: 040001

8100 / tcp

-1399940268 | 2025-02-23T22:37:07.352387

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8105 / tcp

1911457608 | 2025-03-08T15:28:05.643038

\x00[\x00\x00\x00\x00\x00\x00

8121 / tcp

1911457608 | 2025-03-09T04:28:00.519835

\x00[\x00\x00\x00\x00\x00\x00

8128 / tcp

-1297953727 | 2025-03-16T12:14:57.890412

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

8130 / tcp

-2140303521 | 2025-03-11T22:38:31.308933

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

8136 / tcp

1911457608 | 2025-03-11T20:56:33.276281

\x00[\x00\x00\x00\x00\x00\x00

8141 / tcp

-1399940268 | 2025-03-13T00:15:12.834382

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8142 / tcp

709622286 | 2025-03-15T12:06:09.555296

OK Welcome <299685> on DirectUpdate server 7286\r\n

8145 / tcp

1126993057 | 2025-03-12T00:54:53.401127

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

8149 / tcp

-1399940268 | 2025-03-03T20:45:17.372265

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8167 / tcp

-2017887953 | 2025-02-25T13:04:49.996304

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 9 1

8173 / tcp

165188539 | 2025-02-18T16:24:09.073772

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8187 / tcp

-1476017887 | 2025-03-12T22:18:47.515344

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

8200 / tcp

1320285193 | 2025-03-11T12:29:47.167856

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

8340 / tcp

819727972 | 2025-03-04T23:44:35.845943

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8384 / tcp

-1399940268 | 2025-02-18T16:24:02.205908

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8393 / tcp

1492413928 | 2025-02-22T19:38:49.861557

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

8411 / tcp

1134517380 | 2025-03-08T18:56:23.836458

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

8414 / tcp

-1399940268 | 2025-02-24T11:08:14.446653

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8415 / tcp

1911457608 | 2025-03-11T20:09:30.821994

\x00[\x00\x00\x00\x00\x00\x00

8436 / tcp

-1399940268 | 2025-02-18T19:56:06.047059

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8443 / tcp

-1944026660 | 2025-03-05T18:58:43.587617

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Wed, 05 Mar 2025 18:58:42 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://39.103.20.35:443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

8450 / tcp

-2089734047 | 2025-03-14T20:52:58.648682

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8455 / tcp

1948301213 | 2025-03-05T09:54:45.267384

RFB 003.003
VNC:
  Protocol Version: 3.3

8457 / tcp

-2033111675 | 2025-03-08T22:45:43.574479

~djb

8505 / tcp

-2096652808 | 2025-03-16T09:55:14.599099

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8545 / tcp

632542934 | 2025-03-09T07:45:04.452842

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8554 / tcp

-2046514463 | 2025-02-21T18:21:46.177894

AB\x01\t

8586 / tcp

819727972 | 2025-03-16T16:17:03.736004

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8593 / tcp

819727972 | 2025-03-15T06:10:43.329414

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8596 / tcp

1767345577 | 2025-03-13T04:27:21.693287

Hello, this is Quagga (version 0T).
Copyright 1996-200

8630 / tcp

1504401647 | 2025-03-04T07:10:08.840721

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

8703 / tcp

669849225 | 2025-02-23T21:12:37.287911

SSH-98.60-SysaxSSH_81885..42\r\n

8728 / tcp

-1189269828 | 2025-02-21T17:23:19.863687

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8805 / tcp

1911457608 | 2025-02-21T22:10:05.171083

\x00[\x00\x00\x00\x00\x00\x00

8821 / tcp

632542934 | 2025-03-04T22:25:38.855269

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8828 / tcp

-1746074029 | 2025-03-14T17:59:27.202927

101 imqbroker =unV\r\n

8831 / tcp

-1399940268 | 2025-03-13T11:49:25.805892

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8836 / tcp

897328069 | 2025-03-15T16:27:38.264996

220 mail.scott000.com ESMTP

8838 / tcp

-1399940268 | 2025-02-22T15:10:22.534541

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8853 / tcp

-1399940268 | 2025-02-28T12:13:05.592298

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8869 / tcp

-1399940268 | 2025-03-14T23:22:10.419090

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8899 / tcp

474736340 | 2025-03-15T16:08:53.460907

431 Unable to negotiate secure command connection.

9001 / tcp

-1026951088 | 2025-02-27T15:04:14.068931

erro ip

9038 / tcp

-1399940268 | 2025-02-27T17:59:43.274182

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9041 / tcp

1615193817 | 2025-02-28T08:37:15.692304

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

9044 / tcp

-297128567 | 2025-03-12T14:09:46.485483

\x04\x01\xc3\xb4\x00\x15Internal Server Error\x00\x00\x00AB\x00\x02\x05\x00

9046 / tcp

-1297953727 | 2025-02-25T05:58:42.704586

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

9074 / tcp

-1013082686 | 2025-02-25T20:34:20.367366

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

9084 / tcp

-1399940268 | 2025-02-23T18:29:40.431275

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9087 / tcp

-1399940268 | 2025-02-25T23:12:09.948793

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9095 / tcp

-1810987450 | 2025-03-15T16:54:51.205323

\xc3\xbf

9100 / tcp

819727972 | 2025-02-23T13:19:28.188946

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9104 / tcp

-274082663 | 2025-03-15T07:43:34.023123

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

9105 / tcp

-274082663 | 2025-02-28T02:34:33.204784

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

9108 / tcp

2103111368 | 2025-02-25T20:23:55.618796

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

9123 / tcp

-1230049476 | 2025-02-21T15:56:13.829795

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

9138 / tcp

1911457608 | 2025-02-23T15:05:44.870535

\x00[\x00\x00\x00\x00\x00\x00

9146 / tcp

307999478 | 2025-02-21T17:48:26.307869

unknown command \r\nunknown command \r\n

9147 / tcp

-653033013 | 2025-03-07T18:15:16.541787

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

9155 / tcp

-1399940268 | 2025-02-23T20:17:02.279676

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9163 / tcp

-792826324 | 2025-03-16T19:19:02.873628

220 FTP server ready - login please

9166 / tcp

-445721795 | 2025-03-09T19:18:36.296971

\x00[\xc3\xaed\x1a\x7f\x00\x00

9257 / tcp

-1399940268 | 2025-03-08T13:26:10.968025

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9306 / tcp

1642597142 | 2025-02-28T03:52:49.053529

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

9333 / tcp

-971970408 | 2025-03-15T23:02:53.955717

9345 / tcp

-1399940268 | 2025-03-08T22:52:01.168964

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9398 / tcp

1741579575 | 2025-03-14T21:43:47.137693

9410 / tcp

1830697416 | 2025-03-09T23:39:43.650796

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

9418 / tcp

1529351907 | 2025-02-27T13:30:10.585330

HTTP/1.1 407 OK
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

please add white ip *.*.*.*

9444 / tcp

1504401647 | 2025-02-28T19:03:15.055016

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

9530 / tcp

1989907056 | 2025-03-12T16:55:36.906756

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

9600 / tcp

-1399940268 | 2025-03-13T05:27:21.226503

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9704 / tcp

1911457608 | 2025-03-10T09:35:17.194660

\x00[\x00\x00\x00\x00\x00\x00

9804 / tcp

321971019 | 2025-02-22T18:46:50.784978

-ERR client ip is not in whitelist\r

9876 / tcp

-1709563712 | 2025-02-18T04:33:06.284996

\\x00\\x00\\x01+\\x00\\x00\\x00_{"code":0,"flag":1,"language":"JAVA","opaque":0,"serializeTypeCurrentRPC":"JSON","version":433}{"brokerAddrTable":{"broker-a":{"brokerAddrs":{0:"62.118.54.92:10911"},"brokerName":"broker-a","cluster":"DefaultCluster","enableActingMaster":false}},"clusterAddrTable":{"DefaultCluster":["broker-a"]}}

9898 / tcp

1304012963 | 2025-03-14T14:39:50.752937

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: close

9922 / tcp

819727972 | 2025-03-08T15:56:48.726054

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9929 / tcp

1911457608 | 2025-02-20T14:17:39.578359

\x00[\x00\x00\x00\x00\x00\x00

9977 / tcp

1308377066 | 2025-03-05T23:47:14.701662

ncacn_http/1.0

9992 / tcp

-792826324 | 2025-03-15T00:30:41.842974

220 FTP server ready - login please

9993 / tcp

-784071826 | 2025-03-03T19:29:03.015279

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 5 1

9998 / tcp

-1917695220 | 2025-02-19T21:11:23.382224

HTTP/1.1 200 OK
Server: Jetty(9.4.8.v20171121)

9999 / tcp

1161309183 | 2025-02-25T06:49:58.373523

ProxyServer is ready

10000 / tcp

-2096652808 | 2025-02-27T01:32:05.801963

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

10001 / tcp

1492413928 | 2025-03-04T19:25:03.551941

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

10004 / tcp

-1139539254 | 2025-02-20T05:57:06.698158

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

10012 / tcp

-1380608668 | 2025-02-24T21:08:05.099541

\\x00[\'\\x1c\\xc0\\xa8X\\xfd

10013 / tcp

165188539 | 2025-03-14T18:20:34.378811

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

10015 / tcp

-2031152423 | 2025-02-26T21:46:07.087750

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

10016 / tcp

671605376 | 2025-02-21T04:23:17.297106

SSH-2.0-OpenSSH_X.X

10023 / tcp

-1327660293 | 2025-03-11T08:37:45.310729

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

10075 / tcp

-1907909544 | 2025-03-10T16:13:20.989559

\r\nHello, this is Quagga (version 0T).\r\nCopyright 1996-200

10081 / tcp

-1399940268 | 2025-02-28T15:58:04.396897

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10083 / tcp

1911457608 | 2025-02-26T05:27:43.085425

\x00[\x00\x00\x00\x00\x00\x00

10134 / tcp

-1399940268 | 2025-02-27T21:47:36.798538

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10250 / tcp

-409020351 | 2025-02-22T19:34:20.870721

NPC Telnet permit one connection.
 But One connection() already keep alive.
Good Bye !!

10443 / tcp

0 | 2025-02-25T14:42:27.154601

Hashes

hash

1041638767

http.dom_hash

http.html_hash

http.server_hash

1673621694

HTTP/1.1 200 OK
Date: Tue, 25 Feb 2025 14:42:27 GMT
Content-Type: text/html
Content-Length: 2632
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: no-cache, no-store
Etag: "d81b0244-4c2"
Server: Tengine
Set-Cookie: SERVERID=c0d81a4211339a6d1cefc4bce25eaa13|1740494547|1740494547;Path=/
Vary: Accept-Encoding
Location: htps://edsappcustomer-vpc.cn-beijing.aliyuncs.com

10480 / tcp

-142686627 | 2025-02-24T01:24:38.086844

\x00[\xc2\xba\x7fs\x7f\x00\x00

10911 / tcp

677934968 | 2025-02-27T19:20:16.920734

lm^)Q

11000 / tcp

2143387245 | 2025-02-18T15:08:35.241380

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

11111 / tcp

-1626979812 | 2025-02-27T09:28:53.583472

220 Service ready for new user.

11112 / tcp

599074451 | 2025-03-12T04:45:07.149950

msg

11182 / tcp

-1399940268 | 2025-03-14T06:39:48.933284

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

11211 / tcp

-136006866 | 2025-03-13T07:38:17.332161

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

11300 / tcp

321971019 | 2025-02-27T05:25:48.618229

-ERR client ip is not in whitelist\r

11680 / tcp

-1986594217 | 2025-02-22T21:38:51.099158

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

11920 / tcp

1911457608 | 2025-03-15T23:40:04.571101

\x00[\x00\x00\x00\x00\x00\x00

12000 / tcp

368820174 | 2025-03-13T23:18:20.792993

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1d94_PS-TNA-01jC465_21028-55111

12084 / tcp

-2089734047 | 2025-03-05T22:56:42.513979

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12088 / tcp

-1399940268 | 2025-03-15T11:32:52.453397

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12117 / tcp

-1399940268 | 2025-03-14T22:53:11.663865

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12118 / tcp

897328069 | 2025-02-28T04:10:42.163627

220 mail.scott000.com ESMTP

12119 / tcp

493955023 | 2025-02-24T13:37:59.056339

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

12124 / tcp

-2046514463 | 2025-03-12T11:49:58.804848

AB\x01\t

12135 / tcp

-358801646 | 2025-03-06T06:48:41.113076

SSH-2.0-OpenSSH_6.6.1

12151 / tcp

-303199180 | 2025-02-26T02:51:52.304604

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

12169 / tcp

-1730858130 | 2025-02-28T05:09:48.088830

RFB 003.008
VNC:
  Protocol Version: 3.8

12176 / tcp

-303199180 | 2025-03-15T22:52:18.375346

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

12180 / tcp

-1265999252 | 2025-03-15T11:27:04.054589

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

12186 / tcp

-1399940268 | 2025-02-25T20:31:39.334214

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12237 / tcp

-1730858130 | 2025-02-23T19:49:26.536693

RFB 003.008
VNC:
  Protocol Version: 3.8

12251 / tcp

921225407 | 2025-03-06T21:46:28.562152

\x00\x00\x00\x04\x00\x00\x00\x00\x00

12255 / tcp

1911457608 | 2025-03-01T01:38:56.556072

\x00[\x00\x00\x00\x00\x00\x00

12267 / tcp

-1399940268 | 2025-02-23T19:32:38.207067

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12271 / tcp

-1375131644 | 2025-03-11T09:24:10.094224

\x00[v\xc3\xbdC\x7f\x00\x00

12323 / tcp

-1013082686 | 2025-03-15T07:10:08.160262

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

12350 / tcp

1623746877 | 2025-02-19T01:23:53.662267

500 Permission denied - closing connection.\r\n

12353 / tcp

1189133115 | 2025-03-06T20:25:48.989994

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

12373 / tcp

-1399940268 | 2025-02-28T00:13:25.023694

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12377 / tcp

1911457608 | 2025-03-12T01:12:03.421528

\x00[\x00\x00\x00\x00\x00\x00

12390 / tcp

1911457608 | 2025-02-18T18:48:01.983085

\x00[\x00\x00\x00\x00\x00\x00

12406 / tcp

307999478 | 2025-03-06T11:37:11.819708

unknown command \r\nunknown command \r\n

12442 / tcp

-1399940268 | 2025-02-20T07:38:51.832888

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12483 / tcp

-2089734047 | 2025-02-18T11:54:56.252009

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12488 / tcp

-1327660293 | 2025-02-22T18:43:35.513096

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12499 / tcp

2121220663 | 2025-02-21T12:58:45.268813

SSH-58-Ingrian_SSH\r\n

12504 / tcp

1308377066 | 2025-03-08T19:39:58.494861

ncacn_http/1.0

12510 / tcp

819727972 | 2025-02-28T08:16:57.482331

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12516 / tcp

-1399940268 | 2025-02-26T19:00:43.322030

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12524 / tcp

819727972 | 2025-03-15T05:28:04.992656

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12528 / tcp

-2089734047 | 2025-03-14T14:57:08.468377

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12529 / tcp

-1399940268 | 2025-02-26T05:24:48.214316

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12533 / tcp

1911457608 | 2025-03-15T06:49:29.881572

\x00[\x00\x00\x00\x00\x00\x00

12534 / tcp

669849225 | 2025-02-28T08:57:52.671453

SSH-98.60-SysaxSSH_81885..42\r\n

12536 / tcp

-358801646 | 2025-03-13T19:46:50.773939

SSH-2.0-OpenSSH_6.6.1

12549 / tcp

-2089734047 | 2025-03-10T14:44:10.957832

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12566 / tcp

-2089734047 | 2025-02-22T16:35:36.435187

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12588 / tcp

1911457608 | 2025-02-25T16:29:22.469524

\x00[\x00\x00\x00\x00\x00\x00

12980 / tcp

1911457608 | 2025-03-16T13:49:11.796828

\x00[\x00\x00\x00\x00\x00\x00

13047 / tcp

104385780 | 2025-03-11T23:17:35.165419

ceph v2

13579 / tcp

0 | 2025-03-10T17:58:59.798931

Hashes

hash

1865391109

http.dom_hash

http.html_hash

HTTP/1.1 408 Request Timeout
content-length: 0

14006 / tcp

-1399940268 | 2025-02-28T05:55:22.247600

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14147 / tcp

-1399940268 | 2025-02-26T07:48:35.816444

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14265 / tcp

-1399940268 | 2025-03-10T00:58:00.503162

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14344 / tcp

1911457608 | 2025-03-05T08:18:58.607590

\x00[\x00\x00\x00\x00\x00\x00

14401 / tcp

-1428621233 | 2025-02-27T21:06:05.732655

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

15018 / tcp

-2096652808 | 2025-02-24T05:59:32.165926

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

15588 / tcp

-1399940268 | 2025-03-11T00:10:36.774772

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16006 / tcp

165188539 | 2025-02-25T12:20:34.989271

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

16014 / tcp

321971019 | 2025-02-24T09:27:36.428184

-ERR client ip is not in whitelist\r

16024 / tcp

165188539 | 2025-02-23T15:51:47.555902

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

16029 / tcp

819727972 | 2025-03-15T20:27:52.346201

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

16036 / tcp

-1399940268 | 2025-03-10T17:27:10.408086

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16043 / tcp

321971019 | 2025-02-28T15:47:10.706803

-ERR client ip is not in whitelist\r

16056 / tcp

165188539 | 2025-02-24T18:03:26.037303

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

16071 / tcp

1911457608 | 2025-02-24T19:17:52.920472

\x00[\x00\x00\x00\x00\x00\x00

16072 / tcp

1623746877 | 2025-03-04T18:10:55.388970

500 Permission denied - closing connection.\r\n

16080 / tcp

244221043 | 2025-03-14T16:24:32.017965

HTTP/1.1 702 No BindIP

16087 / tcp

921225407 | 2025-03-15T18:06:45.072429

\x00\x00\x00\x04\x00\x00\x00\x00\x00

16104 / tcp

205347087 | 2025-02-26T16:54:08.202518

SSH-25453-Cisco-3524665.35\n

16993 / tcp

2087396567 | 2025-03-09T20:18:08.779715

kjnkjabhbanc283ubcsbhdc72

18005 / tcp

-1487943323 | 2025-02-21T18:04:37.812850

431 Unable to negotiate secure command connection.\r\n

18020 / tcp

1911457608 | 2025-02-26T03:51:00.507124

\x00[\x00\x00\x00\x00\x00\x00

18022 / tcp

580340387 | 2025-02-25T22:15:24.386785

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

18030 / tcp

165188539 | 2025-02-24T14:19:55.414684

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

18042 / tcp

-1839934832 | 2025-02-20T19:34:18.289964

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

18073 / tcp

-1013082686 | 2025-02-22T19:51:30.297558

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

18105 / tcp

971933601 | 2025-03-07T01:32:40.816921

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

18245 / tcp

-1399940268 | 2025-02-23T19:37:34.315586

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

19000 / tcp

-1399940268 | 2025-03-10T02:54:36.292073

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20020 / tcp

1761482307 | 2025-03-15T23:33:54.146712

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

20050 / tcp

1911457608 | 2025-03-14T16:59:58.113244

\x00[\x00\x00\x00\x00\x00\x00

20084 / tcp

-1453516345 | 2025-03-03T21:03:11.508573

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

20100 / tcp

632542934 | 2025-02-25T19:39:21.619776

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

20201 / tcp

-1399940268 | 2025-02-26T09:47:03.173918

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20880 / tcp

1370263973 | 2025-03-11T10:39:27.636585

dubbo>

20900 / tcp

820958131 | 2025-03-11T12:11:16.478482

kjnkjabhbanc283ubcsbhdc72\x02

21025 / tcp

-1399940268 | 2025-02-19T14:02:37.912659

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21082 / tcp

1911457608 | 2025-02-25T22:17:04.837207

\x00[\x00\x00\x00\x00\x00\x00

21083 / tcp

1830187220 | 2025-03-15T22:05:52.500284

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

21231 / tcp

-358801646 | 2025-03-15T21:26:02.439185

SSH-2.0-OpenSSH_6.6.1

21259 / tcp

1126993057 | 2025-02-24T20:42:06.551173

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

21264 / tcp

1011407350 | 2025-03-11T21:07:49.445387

* OK GroupWise IMAP4rev1 Server Ready\r\n

21285 / tcp

-1428621233 | 2025-02-19T22:17:02.089574

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

21313 / tcp

-1839934832 | 2025-03-14T18:54:12.913528

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

21326 / tcp

-1399940268 | 2025-02-22T02:17:50.303468

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21327 / tcp

-1399940268 | 2025-02-24T07:44:29.646194

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21329 / tcp

-653033013 | 2025-02-20T13:33:29.427278

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

21379 / tcp

819727972 | 2025-03-16T05:11:56.138221

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

22206 / tcp

1332894250 | 2025-03-09T12:30:53.898450

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

22556 / tcp

51259122 | 2025-03-13T13:30:47.462797

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

23023 / tcp

2143387245 | 2025-03-04T15:10:59.266919

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

25001 / tcp

-1399940268 | 2025-03-05T13:29:37.878058

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

27017 / tcp

1763259671 | 2025-03-11T13:23:16.370305

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

28015 / tcp

-1399940268 | 2025-03-15T00:39:38.584311

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

28080 / tcp

1308377066 | 2025-02-21T22:23:20.048210

ncacn_http/1.0

30002 / tcp

962700458 | 2025-02-19T15:07:59.937656

30003 / tcp

962700458 | 2025-03-11T22:13:00.198093

30022 / tcp

117101543 | 2025-03-14T22:26:26.718414

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

30104 / tcp

114471724 | 2025-02-28T17:28:45.137656

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN
Server: NSX

30301 / tcp

-971970408 | 2025-03-15T19:32:54.208064

30322 / tcp

-1713437100 | 2025-03-09T04:29:14.630172

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

30722 / tcp

-1026951088 | 2025-03-13T14:15:32.847393

erro ip

30892 / tcp

-2089734047 | 2025-02-27T07:17:09.205495

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

31001 / tcp

707919486 | 2025-03-14T09:30:57.115910

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

31122 / tcp

-1139539254 | 2025-03-09T12:54:36.597223

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

31222 / tcp

539065883 | 2025-03-13T04:50:41.717610

31337 / tcp

-1992519278 | 2025-03-15T02:16:01.460568

\xc3\xbf\xc3\xbb\\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

31443 / tcp

1741579575 | 2025-03-12T18:28:12.272986

31722 / tcp

410249975 | 2025-03-12T21:49:16.246493

LNS READY<>

32022 / tcp

2087396567 | 2025-03-12T04:30:16.342104

kjnkjabhbanc283ubcsbhdc72

32322 / tcp

-1730858130 | 2025-03-16T15:27:48.655338

RFB 003.008
VNC:
  Protocol Version: 3.8

32522 / tcp

-79865617 | 2025-03-08T18:08:26.279859

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com
mit-revprops depth log-revprops partial-replay ) ) )

32764 / tcp

-358801646 | 2025-03-09T09:53:27.180899

SSH-2.0-OpenSSH_6.6.1

33060 / tcp

1767345577 | 2025-03-08T18:54:12.047267

Hello, this is Quagga (version 0T).
Copyright 1996-200

33222 / tcp

2087396567 | 2025-03-09T19:44:35.110389

kjnkjabhbanc283ubcsbhdc72

33322 / tcp

-1477838366 | 2025-02-23T17:51:05.074617

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

33822 / tcp

2087396567 | 2025-03-08T14:09:49.941475

kjnkjabhbanc283ubcsbhdc72

34622 / tcp

2087396567 | 2025-03-04T18:12:41.335042

kjnkjabhbanc283ubcsbhdc72

35004 / tcp

819727972 | 2025-03-13T13:26:54.699127

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

35022 / tcp

-1375131644 | 2025-03-04T02:07:19.475261

\x00[v\xc3\xbdC\x7f\x00\x00

35122 / tcp

1767345577 | 2025-03-04T09:19:54.813517

Hello, this is Quagga (version 0T).
Copyright 1996-200

35241 / tcp

819727972 | 2025-02-28T01:47:14.552596

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

35251 / tcp

1948301213 | 2025-03-05T09:40:58.928466

RFB 003.003
VNC:
  Protocol Version: 3.3

35422 / tcp

1353260875 | 2025-02-28T08:37:24.955597

\x00[g\xc2\x95N\x7f\x00\x00

35722 / tcp

677934968 | 2025-02-28T07:04:29.954122

lm^)Q

36522 / tcp

-1559123399 | 2025-02-28T21:23:36.668985

500 Permission denied - closing connection.

37080 / tcp

1911457608 | 2025-03-14T12:58:21.598411

\x00[\x00\x00\x00\x00\x00\x00

37322 / tcp

-786044033 | 2025-03-16T11:46:04.031305

OK Welcome <299685> on DirectUpdate server 7286

37922 / tcp

171352214 | 2025-02-28T01:43:19.263106

-ERR client ip is not in whitelist

38122 / tcp

1690634669 | 2025-03-15T17:48:33.771076

38222 / tcp

1975288991 | 2025-03-10T21:31:51.724831

OPTI

38333 / tcp

104385780 | 2025-03-15T21:15:45.211724

ceph v2

38422 / tcp

660175493 | 2025-02-18T20:38:07.274186

38522 / tcp

-746114901 | 2025-03-14T00:56:49.757732

[KpU

38622 / tcp

740837454 | 2025-03-14T09:07:50.894541

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

38722 / tcp

1842524259 | 2025-03-13T22:31:07.514825

38822 / tcp

-288825733 | 2025-03-03T20:47:34.131069

HTTP/1.1 200 OK
Connection: close
Content-Length: 2619
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE
Content-Type: text/html
Server: Jetty(9.4.14.v20181114)
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

38922 / tcp

1975288991 | 2025-03-13T15:42:17.886489

OPTI

39022 / tcp

410249975 | 2025-03-13T21:03:58.148891

LNS READY<>

39122 / tcp

-641479109 | 2025-03-13T19:32:35.851132

[xU-

39222 / tcp

-1733645023 | 2025-02-20T13:20:27.733236

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

39322 / tcp

1353260875 | 2025-02-18T17:06:31.228506

\x00[g\xc2\x95N\x7f\x00\x00

39522 / tcp

1308377066 | 2025-03-11T09:58:21.249541

ncacn_http/1.0

39922 / tcp

-2107996212 | 2025-02-18T07:51:06.836108

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

40022 / tcp

1842524259 | 2025-03-09T11:11:50.282261

40029 / tcp

-375604792 | 2025-03-14T18:54:29.544303

220 Microsoft FTP Service

40099 / tcp

-1248408558 | 2025-02-24T14:02:09.163893

220 MikroTik FTP server (MikroTik 6.44.3) ready

40222 / tcp

-445721795 | 2025-03-04T11:04:34.823677

\x00[\xc3\xaed\x1a\x7f\x00\x00

40322 / tcp

-971970408 | 2025-03-08T21:55:10.302598

40522 / tcp

-971970408 | 2025-03-04T07:32:36.946276

40622 / tcp

819727972 | 2025-02-26T12:30:52.820110

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

40722 / tcp

1741579575 | 2025-03-08T14:53:01.702595

41122 / tcp

819727972 | 2025-02-27T15:14:12.371187

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

41822 / tcp

-971970408 | 2025-03-07T18:24:34.206089

42022 / tcp

339872247 | 2025-03-04T16:56:36.418011


0 ...

42122 / tcp

-2096652808 | 2025-03-05T03:25:24.541991

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

42222 / tcp

-1476017887 | 2025-03-04T23:41:31.838467

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

42422 / tcp

2087396567 | 2025-03-04T20:00:36.948380

kjnkjabhbanc283ubcsbhdc72

42424 / tcp

819727972 | 2025-03-14T19:25:10.392629

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

42922 / tcp

1956828827 | 2025-02-28T15:45:24.356213

220 VMware Authentication Daemon Version 1.10: SSL Required, Se
rverDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t

43200 / tcp

-136006866 | 2025-02-19T03:54:00.029288

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

43322 / tcp

1308377066 | 2025-02-23T07:27:35.481681

ncacn_http/1.0

43522 / tcp

1767345577 | 2025-02-25T21:20:14.705144

Hello, this is Quagga (version 0T).
Copyright 1996-200

43622 / tcp

2087396567 | 2025-02-27T00:31:06.449012

kjnkjabhbanc283ubcsbhdc72

43822 / tcp

1978059005 | 2025-02-23T05:44:15.948836

Sorry, that nickname format is invalid.

43922 / tcp

-971970408 | 2025-02-27T10:09:03.461753

44022 / tcp

819727972 | 2025-02-27T08:33:01.165558

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

44322 / tcp

-971970408 | 2025-02-26T10:57:20.400058

44337 / tcp

-1477838366 | 2025-02-23T05:25:08.197729

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

44422 / tcp

-1598265216 | 2025-02-26T00:43:28.948399

@RSYNCD: 31.0

44622 / tcp

539065883 | 2025-02-23T03:57:42.223112

44818 / tcp

632542934 | 2025-03-11T21:33:36.226517

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

45000 / tcp

819727972 | 2025-02-28T23:26:55.184182

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

45039 / tcp

-1538260461 | 2025-03-05T04:17:53.173609

\x01\x00\x00\x00

45122 / tcp

1919228981 | 2025-02-25T13:09:58.963137

\x00\x1e\x00\x06\xc2\x81\xc2\x85\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

45666 / tcp

-1399940268 | 2025-03-09T20:29:16.195834

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

45677 / tcp

-1399940268 | 2025-03-08T21:23:01.679458

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

45922 / tcp

119860953 | 2025-03-10T14:42:56.935153

* OK ArGoSoft Mail Server IMAP Module v.YW at

46022 / tcp

660175493 | 2025-02-21T21:51:11.373453

46222 / tcp

2087396567 | 2025-02-24T23:54:52.030781

kjnkjabhbanc283ubcsbhdc72

46922 / tcp

1492413928 | 2025-02-24T00:47:56.634921

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

47001 / tcp

-1888448627 | 2025-02-23T15:07:46.304012

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

47222 / tcp

-1311598826 | 2025-02-23T21:19:20.748915

AMQP:
cluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local
copyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.
information:Licensed under the MPL 2.0. Website: https://rabbitmq.com
platform:Erlang/OTP 24.1
product:RabbitMQ
version:3.9.7
Capabilities:
publisher_confirms:true
exchange_exchange_bindings:true
basic.nack:true
consumer_cancel_notify:true
connection.blocked:true
consumer_priorities:true
authentication_failure_close:true
per_consumer_qos:true
direct_reply_to:tru

47522 / tcp

539065883 | 2025-02-23T16:08:21.903533

47622 / tcp

819727972 | 2025-02-25T02:51:37.536376

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

47990 / tcp

-407828767 | 2025-03-16T09:12:31.966615

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

48522 / tcp

2143387245 | 2025-03-09T23:27:17.284759

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

48622 / tcp

-992671574 | 2025-02-24T19:47:47.474184

@RSYNCD: 26

48722 / tcp

-358801646 | 2025-02-24T17:08:24.796956

SSH-2.0-OpenSSH_6.6.1

48888 / tcp

820958131 | 2025-02-27T04:09:35.246098

kjnkjabhbanc283ubcsbhdc72\x02

48922 / tcp

-1316491703 | 2025-02-19T19:44:54.471820

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready

49222 / tcp

-375604792 | 2025-02-19T03:44:58.032807

220 Microsoft FTP Service

49322 / tcp

1082732927 | 2025-02-20T22:01:36.821519

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

49722 / tcp

-319440554 | 2025-02-22T23:07:50.850032

50000 / tcp

1542849631 | 2025-03-06T07:37:02.649224

* OK [CAPABILITY a2,M\] nBwXk2pPP IMAP4rev1 20qx at

50012 / tcp

-303199180 | 2025-02-20T02:11:34.084197

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

50013 / tcp

-1428621233 | 2025-03-07T12:05:12.919943

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

50100 / tcp

-616720387 | 2025-02-25T02:59:03.777889

SSH-2.0-SSHD_0.7.6

50443 / tcp

-407828767 | 2025-02-18T21:22:20.973287

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

50622 / tcp

-1839934832 | 2025-02-21T20:05:24.994139

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

50722 / tcp

103159425 | 2025-02-21T00:21:09.480043

SSH-1.99-RGOS_SSH

50922 / tcp

2087396567 | 2025-02-21T16:39:51.530214

kjnkjabhbanc283ubcsbhdc72

51004 / tcp

819727972 | 2025-02-22T00:49:30.350479

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

51434 / tcp

1911457608 | 2025-03-05T22:58:06.724598

\x00[\x00\x00\x00\x00\x00\x00

51443 / tcp

2087396567 | 2025-03-12T01:02:19.124050

kjnkjabhbanc283ubcsbhdc72

51822 / tcp

-1189269828 | 2025-02-20T17:05:19.870540

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

52122 / tcp

539065883 | 2025-02-20T08:06:44.559075

53022 / tcp

-971970408 | 2025-03-07T08:33:22.372399

53122 / tcp

-801484042 | 2025-02-19T17:59:37.095074

ERR 27

54138 / tcp

819727972 | 2025-03-14T10:39:23.535583

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

54422 / tcp

-1248408558 | 2025-02-18T22:27:09.563958

220 MikroTik FTP server (MikroTik 6.44.3) ready

54822 / tcp

-1097188123 | 2025-02-18T11:31:02.239287

[g\xc2\x95N\x7f

55000 / tcp

165188539 | 2025-02-21T01:16:11.917089

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

55443 / tcp

474736340 | 2025-03-04T00:35:31.785794

431 Unable to negotiate secure command connection.

55554 / tcp

-585940771 | 2025-03-12T03:29:01.558749

Unknown command\r\n

57022 / tcp

1741579575 | 2025-03-06T14:51:50.679119

57779 / tcp

-653033013 | 2025-03-04T10:47:53.819191

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

57785 / tcp

2103111368 | 2025-03-14T18:34:14.173727

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

58422 / tcp

-1013082686 | 2025-03-05T21:58:38.641507

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

58522 / tcp

-971970408 | 2025-03-05T20:15:31.869450

58532 / tcp

-1148066627 | 2025-03-15T02:47:53.299019

\x00[\xc2\x84\xc2\x86\xc3\xb2\x7f\x00\x00

58822 / tcp

-971970408 | 2025-03-05T16:57:01.640382

58922 / tcp

-1111515360 | 2025-03-05T16:13:27.356628

remshd: Kerberos Authentication not enabled.

59222 / tcp

2087396567 | 2025-03-05T09:56:22.996796

kjnkjabhbanc283ubcsbhdc72

59522 / tcp

-1839934832 | 2025-03-03T19:11:15.710136

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

60129 / tcp

2087396567 | 2025-03-06T03:09:03.610411

kjnkjabhbanc283ubcsbhdc72

61613 / tcp

1363464823 | 2025-02-23T22:43:50.531629

\x00[|ox\x7f\x00\x00

61616 / tcp

1267517148 | 2025-03-12T19:44:01.931735

=Àÿÿ?"<ZDECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6

63210 / tcp

233634112 | 2025-03-15T01:10:28.492096

SSH-98.60-SysaxSSH_81885..42

63256 / tcp

-1730858130 | 2025-03-11T20:35:40.105018

RFB 003.008
VNC:
  Protocol Version: 3.8

63260 / tcp

-1839934832 | 2025-02-24T21:54:40.650089

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

64671 / tcp

-1032713145 | 2025-02-23T10:25:34.285551

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

39.103.20.35

Last Seen: 2025-03-16

Tags:

GeneralInformation

WebTechnologies

OpenPorts

11 / tcp 1978059005 | 2025-03-12T02:50:58.818910

13 / tcp 1100205395 | 2025-03-11T21:24:56.872725

15 / tcp 819727972 | 2025-03-11T09:59:10.574717

17 / tcp 344087494 | 2025-03-06T03:30:22.454888

19 / tcp -1760806421 | 2025-02-18T21:49:05.841169

21 / tcp 1564456597 | 2025-03-16T09:34:59.926907

23 / tcp 676675086 | 2025-02-24T11:07:13.503681

25 / tcp -1699556818 | 2025-03-14T19:12:06.199753

37 / tcp -253878554 | 2025-03-14T12:04:27.787786

53 / tcp 1369632081 | 2025-02-27T04:45:46.103071

79 / tcp -1846450790 | 2025-03-11T16:39:40.755450

80 / tcp 1789460136 | 2025-03-16T15:53:58.510565

Hashes

89 / tcp -1399940268 | 2025-03-11T18:28:02.264127

91 / tcp 1975288991 | 2025-03-04T15:10:12.517126

101 / tcp -1327660293 | 2025-03-11T16:30:08.510956

110 / tcp -1399940268 | 2025-03-04T22:54:18.365980

111 / tcp 165188539 | 2025-03-09T08:39:52.594245

113 / tcp -832380282 | 2025-03-07T01:18:27.806227

135 / tcp 1483120365 | 2025-03-11T12:39:46.231091

143 / tcp -398621179 | 2025-03-06T23:23:05.307585

154 / tcp 1911457608 | 2025-03-10T03:53:43.617659

175 / tcp -1428621233 | 2025-03-15T14:53:51.453606

179 / tcp -399606100 | 2025-03-09T14:29:13.210670

195 / tcp 2087396567 | 2025-03-06T19:45:37.900822

222 / tcp -926139304 | 2025-02-24T09:14:49.012545

264 / tcp -1547821026 | 2025-03-04T13:29:11.669165

389 / tcp -1743283776 | 2025-03-04T01:33:07.258761

427 / tcp -349937125 | 2025-03-05T16:58:38.152820

443 / tcp 1794958825 | 2025-03-10T10:50:14.408840

Hashes

444 / tcp 1911457608 | 2025-03-10T10:58:28.539566

449 / tcp 2063598737 | 2025-03-09T18:49:46.065208

503 / tcp -2089734047 | 2025-03-14T20:33:49.508856

513 / tcp 321971019 | 2025-03-11T18:11:24.201655

515 / tcp 819727972 | 2025-03-13T03:51:14.338919

541 / tcp -1724505569 | 2025-03-12T10:09:15.763470

548 / tcp -773160241 | 2025-03-13T20:12:50.159140

554 / tcp 1060450357 | 2025-03-13T11:06:55.108331

556 / tcp -1746074029 | 2025-02-24T14:01:30.993885

593 / tcp 1308377066 | 2025-03-04T17:06:47.605672

666 / tcp 1300162323 | 2025-02-28T15:56:58.925425

685 / tcp 2098371729 | 2025-03-04T08:09:21.382899

771 / tcp -1327660293 | 2025-03-16T01:24:40.010067

789 / tcp 1208318993 | 2025-03-15T15:42:45.228830

809 / tcp 971933601 | 2025-02-22T16:12:24.259837

830 / tcp 103159425 | 2025-02-24T06:29:33.354318

832 / tcp 321971019 | 2025-02-18T08:08:34.373370

853 / tcp -1230049476 | 2025-02-21T14:15:52.247676

873 / tcp -1598265216 | 2025-02-23T20:47:39.141819

1023 / tcp -1681927087 | 2025-03-04T12:02:24.602672

1025 / tcp 307999478 | 2025-02-24T17:50:31.585798

1028 / tcp 740837454 | 2025-03-14T16:28:14.855271

1080 / tcp 1362344524 | 2025-03-16T12:25:22.475003

1099 / tcp -2096652808 | 2025-03-15T04:16:43.020765

1177 / tcp 1842524259 | 2025-02-20T11:51:27.492438

1200 / tcp -1626979812 | 2025-03-12T20:56:00.484776

1234 / tcp -1297953727 | 2025-03-10T06:50:12.569356

1337 / tcp 1690634669 | 2025-03-16T09:17:42.952655

1344 / tcp 1655023012 | 2025-03-10T02:21:17.084475

1355 / tcp 819727972 | 2025-02-23T05:09:26.144150

1366 / tcp 2098371729 | 2025-03-15T06:58:57.730247

1433 / tcp -325802316 | 2025-03-06T21:04:33.583635

1443 / tcp -1715152554 | 2025-02-21T18:07:31.964787

Hashes

1521 / tcp -805164506 | 2025-03-06T12:51:06.301889

1599 / tcp -1099385124 | 2025-03-15T07:56:16.363355

1604 / tcp -441419608 | 2025-03-09T20:58:11.383570

1723 / tcp 1103582599 | 2025-03-07T03:14:52.792177

1800 / tcp 819727972 | 2025-03-14T18:49:59.325730

1801 / tcp -1139999322 | 2025-02-25T11:23:06.801562

1820 / tcp 1492413928 | 2025-02-27T04:06:24.952366

1883 / tcp -2096652808 | 2025-03-14T23:42:37.644051

1926 / tcp 1741579575 | 2025-03-08T22:09:25.321424

11 / tcp

1978059005 | 2025-03-12T02:50:58.818910

13 / tcp

1100205395 | 2025-03-11T21:24:56.872725

15 / tcp

819727972 | 2025-03-11T09:59:10.574717

17 / tcp

344087494 | 2025-03-06T03:30:22.454888

19 / tcp

-1760806421 | 2025-02-18T21:49:05.841169

21 / tcp

1564456597 | 2025-03-16T09:34:59.926907

23 / tcp

676675086 | 2025-02-24T11:07:13.503681

25 / tcp

-1699556818 | 2025-03-14T19:12:06.199753

37 / tcp

-253878554 | 2025-03-14T12:04:27.787786

53 / tcp

1369632081 | 2025-02-27T04:45:46.103071

79 / tcp

-1846450790 | 2025-03-11T16:39:40.755450

80 / tcp

1789460136 | 2025-03-16T15:53:58.510565

89 / tcp

-1399940268 | 2025-03-11T18:28:02.264127

91 / tcp

1975288991 | 2025-03-04T15:10:12.517126

101 / tcp

-1327660293 | 2025-03-11T16:30:08.510956

110 / tcp

-1399940268 | 2025-03-04T22:54:18.365980

111 / tcp

165188539 | 2025-03-09T08:39:52.594245

113 / tcp

-832380282 | 2025-03-07T01:18:27.806227

135 / tcp

1483120365 | 2025-03-11T12:39:46.231091

143 / tcp

-398621179 | 2025-03-06T23:23:05.307585

154 / tcp

1911457608 | 2025-03-10T03:53:43.617659

175 / tcp

-1428621233 | 2025-03-15T14:53:51.453606

179 / tcp

-399606100 | 2025-03-09T14:29:13.210670

195 / tcp

2087396567 | 2025-03-06T19:45:37.900822

222 / tcp

-926139304 | 2025-02-24T09:14:49.012545

264 / tcp

-1547821026 | 2025-03-04T13:29:11.669165

389 / tcp

-1743283776 | 2025-03-04T01:33:07.258761

427 / tcp

-349937125 | 2025-03-05T16:58:38.152820

443 / tcp

1794958825 | 2025-03-10T10:50:14.408840

444 / tcp

1911457608 | 2025-03-10T10:58:28.539566

449 / tcp

2063598737 | 2025-03-09T18:49:46.065208

503 / tcp

-2089734047 | 2025-03-14T20:33:49.508856

513 / tcp

321971019 | 2025-03-11T18:11:24.201655

515 / tcp

819727972 | 2025-03-13T03:51:14.338919

541 / tcp

-1724505569 | 2025-03-12T10:09:15.763470

548 / tcp

-773160241 | 2025-03-13T20:12:50.159140

554 / tcp

1060450357 | 2025-03-13T11:06:55.108331

556 / tcp

-1746074029 | 2025-02-24T14:01:30.993885

593 / tcp

1308377066 | 2025-03-04T17:06:47.605672

666 / tcp

1300162323 | 2025-02-28T15:56:58.925425

685 / tcp

2098371729 | 2025-03-04T08:09:21.382899

771 / tcp

-1327660293 | 2025-03-16T01:24:40.010067

789 / tcp

1208318993 | 2025-03-15T15:42:45.228830

809 / tcp

971933601 | 2025-02-22T16:12:24.259837

830 / tcp

103159425 | 2025-02-24T06:29:33.354318

832 / tcp

321971019 | 2025-02-18T08:08:34.373370

853 / tcp

-1230049476 | 2025-02-21T14:15:52.247676

873 / tcp

-1598265216 | 2025-02-23T20:47:39.141819

1023 / tcp

-1681927087 | 2025-03-04T12:02:24.602672

1025 / tcp

307999478 | 2025-02-24T17:50:31.585798

1028 / tcp

740837454 | 2025-03-14T16:28:14.855271

1080 / tcp

1362344524 | 2025-03-16T12:25:22.475003

1099 / tcp

-2096652808 | 2025-03-15T04:16:43.020765

1177 / tcp

1842524259 | 2025-02-20T11:51:27.492438

1200 / tcp

-1626979812 | 2025-03-12T20:56:00.484776

1234 / tcp

-1297953727 | 2025-03-10T06:50:12.569356

1337 / tcp

1690634669 | 2025-03-16T09:17:42.952655

1344 / tcp

1655023012 | 2025-03-10T02:21:17.084475

1355 / tcp

819727972 | 2025-02-23T05:09:26.144150

1366 / tcp

2098371729 | 2025-03-15T06:58:57.730247

1433 / tcp

-325802316 | 2025-03-06T21:04:33.583635

1443 / tcp

-1715152554 | 2025-02-21T18:07:31.964787

1521 / tcp

-805164506 | 2025-03-06T12:51:06.301889

1599 / tcp

-1099385124 | 2025-03-15T07:56:16.363355

1604 / tcp

-441419608 | 2025-03-09T20:58:11.383570

1723 / tcp

1103582599 | 2025-03-07T03:14:52.792177

1800 / tcp

819727972 | 2025-03-14T18:49:59.325730

1801 / tcp

-1139999322 | 2025-02-25T11:23:06.801562

1820 / tcp

1492413928 | 2025-02-27T04:06:24.952366

1883 / tcp

-2096652808 | 2025-03-14T23:42:37.644051

1926 / tcp

1741579575 | 2025-03-08T22:09:25.321424

1962 / tcp

819727972 | 2025-02-25T09:40:23.480713

1970 / tcp

165188539 | 2025-03-11T23:15:44.183169

1980 / tcp

-1453516345 | 2025-02-19T15:43:35.248419

1987 / tcp

-805362002 | 2025-03-15T14:52:09.341347

2000 / tcp

-784071826 | 2025-03-15T00:12:49.002575

2002 / tcp

-1681927087 | 2025-03-13T22:44:27.973122

2003 / tcp

921225407 | 2025-03-13T23:06:36.936997

2006 / tcp

1911457608 | 2025-02-23T21:49:37.661140

2008 / tcp

2087396567 | 2025-03-08T15:12:14.497089