GeneralInformation

Country	China
City	Zhangjiakou
Organization	Hangzhou Alibaba Advertising Co.,Ltd.
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2024(1)

CVE-2024-6387

8.1A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(2)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

2019(4)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(3)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

2017(1)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(4)

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(1)

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

13 15 17 19 23 25 43 49 70 79 80 85 90 93 100 102 104 113 119 135 179 195 221 311 427 440 443 444 485 502 513 515 541 548 554 556 593 636 771 789 811 902 993 995 1002 1013 1023 1025 1028 1080 1099 1153 1177 1234 1291 1414 1433 1454 1494 1500 1515 1521 1599 1604 1723 1800 1830 1883 1954 1962 1977 1983 2000 2003 2008 2010 2054 2067 2072 2080 2081 2083 2087 2095 2122 2126 2154 2181 2195 2211 2222 2320 2323 2332 2345 2362 2363 2379 2404 2435 2455 2550 2559 2566 2569 2628 2761 3001 3009 3016 3049 3050 3058 3072 3074 3076 3085 3090 3098 3100 3123 3131 3136 3149 3160 3169 3173 3179 3183 3221 3260 3268 3269 3299 3306 3388 3540 3553 3554 3566 3780 4000 4010 4022 4063 4064 4157 4242 4282 4321 4344 4400 4433 4434 4436 4443 4444 4447 4499 4500 4502 4506 4786 4899 4949 5009 5010 5025 5061 5130 5135 5172 5201 5222 5241 5245 5251 5252 5254 5260 5435 5494 5569 5596 5599 5660 5858 5907 5909 5938 5984 5986 5988 5990 5996 6001 6002 6004 6022 6070 6264 6308 6379 6580 6667 6697 6955 7006 7010 7071 7171 7401 7434 7443 7444 7634 7676 7774 7777 7778 7946 8001 8007 8009 8014 8015 8016 8023 8024 8047 8050 8061 8081 8083 8085 8087 8099 8100 8101 8114 8116 8126 8140 8147 8149 8169 8171 8175 8192 8196 8200 8291 8318 8333 8393 8403 8407 8426 8485 8500 8545 8554 8557 8565 8575 8576 8579 8582 8590 8594 8649 8728 8745 8767 8805 8807 8817 8824 8834 8841 8850 8851 8867 8870 8880 8889 8891 8899 8905 8906 9012 9034 9050 9052 9063 9068 9072 9083 9089 9091 9095 9099 9100 9101 9111 9132 9137 9140 9142 9145 9151 9155 9160 9165 9166 9167 9177 9179 9189 9194 9206 9207 9208 9209 9213 9223 9230 9249 9250 9289 9306 9309 9333 9398 9456 9530 9754 9761 9898 9900 9908 9918 9926 9928 9930 9944 9998 9999 10000 10018 10050 10051 10066 10075 10093 10554 10909 10911 11112 11211 11288 11300 12000 12084 12101 12116 12120 12127 12140 12142 12143 12147 12148 12153 12158 12162 12166 12180 12185 12230 12243 12252 12275 12281 12282 12300 12304 12314 12317 12319 12321 12331 12338 12345 12360 12380 12388 12390 12394 12403 12409 12419 12431 12440 12442 12444 12472 12486 12505 12506 12526 12540 12563 12575 12589 12980 13082 13443 13780 14147 14344 14407 14895 15443 16001 16020 16028 16033 16065 16075 16094 16311 16402 16464 16992 16993 17010 17182 17773 17779 18004 18019 18066 18068 18079 18080 18081 18083 18087 18092 18103 18110 18111 18225 18245 18368 18443 19000 19015 19999 20000 20070 20107 20121 20880 21233 21236 21245 21248 21261 21282 21291 21292 21326 21379 21400 21515 22001 22380 22403 22556 23023 23084 24181 24245 24510 25001 25565 26656 27015 27017 27036 28015 29984 30003 30005 30009 30017 30022 30110 30121 30122 30473 30522 30622 30722 30822 30922 31022 31522 31622 31722 31922 32022 32101 32102 32122 32622 32722 32764 33022 33060 33122 33422 33822 34122 34622 34722 34822 34922 35000 35004 35101 35122 35522 35554 35822 36022 36422 36522 36822 36922 37022 37222 37322 37422 37522 37622 37777 38022 38333 38522 38880 39622 39822 40022 40029 40322 40522 40892 41122 41443 41522 41794 41800 41922 42122 42901 43222 44021 44100 44307 44310 44410 44818 45003 45666 45667 45786 45888 45922 47722 47989 47990 48001 48022 48322 48522 48888 48899 49152 49694 50000 50002 50008 50050 50070 50073 50100 50122 50998 51000 51235 51443 53022 53413 54138 54922 54984 55000 55022 55055 55350 55443 55470 55475 55522 55722 55822 57722 57782 57787 58122 58422 58443 59012 59122 59222 60001 60129 61613 61616 62078 63210 63257 63260 64477 64738

13 / tcp

-1835577706 | 2025-03-27T18:58:59.924280

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset="UTF-8"
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Vary: Accept-Encoding
Cache-control: no-store
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

15 / tcp

1850902677 | 2025-03-08T20:47:19.797558

W!

17 / tcp

2115448635 | 2025-03-23T15:59:48.953133

Toshiba e-STUDIO 233 copier/printer/fax http config

19 / tcp

829384519 | 2025-02-28T12:03:33.235337

 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefg
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUV

23 / tcp

676675086 | 2025-03-28T05:14:08.686481


Password:

25 / tcp

-1730858130 | 2025-03-13T03:56:14.691310

RFB 003.008
VNC:
  Protocol Version: 3.8

43 / tcp

-1399940268 | 2025-03-28T18:24:22.615064

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

49 / tcp

-1056270173 | 2025-03-19T03:22:00.232815

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close

70 / tcp

-1056270173 | 2025-03-23T17:00:37.378023

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close

79 / tcp

-1770051369 | 2025-03-18T18:35:47.596694

421 too many connections

80 / tcp

-1466342676 | 2025-03-29T09:22:54.216413

Hashes

hash

-1806493674

http.dom_hash

1093960604

http.html_hash

-1466342676

http.server_hash

-2034848670

http.title_hash

-1207101977

404 Not Found

HTTP/1.1 404 Not Found
Date: Sat, 29 Mar 2025 09:22:52 GMT
Content-Type: text/html
Content-Length: 1105
Connection: keep-alive
Server: Tengine/Aserver/3.2.64_20241126150519

85 / tcp

-1888448627 | 2025-03-07T16:50:51.191437

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

90 / tcp

-1399940268 | 2025-03-11T05:17:55.305979

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

93 / tcp

-1099385124 | 2025-03-24T09:41:21.373949

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

100 / tcp

165188539 | 2025-03-15T19:27:42.689697

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

102 / tcp

819727972 | 2025-03-22T11:14:55.148827

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

104 / tcp

165188539 | 2025-03-18T03:23:34.339804

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

113 / tcp

1412519768 | 2025-03-15T22:59:57.931659

"AP0F1D85"
Connection: close

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR

119 / tcp

-1958992631 | 2025-03-12T00:42:52.869803

\\xd5\xca\xba\\xc5\\xc8\\xcf\xd6\xa4\xca\xa7\\xb0\\xdc ...\r\nIP \\xb5\\xd8\xd6\xb7: *.*.*.*\r\nMAC \\xb5\\xd8\xd6\xb7: \r\n\\xb7\\xfe\\xce\\xf1\\xb6\\xcb\xca\xb1\\xbc\\xe4: 2024-01-22 16:23:50\r\n\\xd1\\xe9\xd6\xa4\\xbd\\xe1\\xb9\\xfb: \\xce\\xde\xd0\xa7\\xd3\xc3\xbb\\xa7.

135 / tcp

-1589645334 | 2025-03-23T13:08:57.442968

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: C56L_POS01\n IP2: 60.251.195.90\n IP3: C56L_POS01\n\nNTLMSSP:\nTarget_Name: C56L_POS01\nProduct_Version: 5.1.2600 Ntlm 15\nOS: Windows XP/Windows XP, Service Pack 3\nNetBIOS_Domain_Name: C56L_POS01\nNetBIOS_Computer_Name: C56L_POS01\nDNS_Domain_Name: C56L_POS01\nDNS_Computer_Name: C56L_POS01\n\nDCERPC Dump:\n1088a980-eae5-11d0-8d9b-00a02453c337 ([MS-MQQP]: Message Queuing (MSMQ):):\n  - NCACN: 60.251.195.90:

179 / tcp

-399606100 | 2025-03-08T13:50:46.086425

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

195 / tcp

-971970408 | 2025-03-26T04:51:06.970537

221 / tcp

2098371729 | 2025-03-13T19:15:59.856664

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

311 / tcp

67948279 | 2025-03-06T21:51:10.530854

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET

427 / tcp

-349937125 | 2025-03-11T08:27:08.367833

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://192.168.118.88\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:VMwareInfrastructure\nservice:wbem:https\n\nResponse of service:VMwareInfrastructure SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:VMwareInfrastructure://192.168.118.88\n\n\nResponse of service:VMwareInfrastructure AttrRqst:\nVersion: 2\nFunction: Attribute Reply (7)\nErrorCode: SUCCE

440 / tcp

1308377066 | 2025-03-27T04:41:37.399958

ncacn_http/1.0

443 / tcp

2053195084 | 2025-03-12T02:53:03.599700

HTTP/1.1 404 Not Found
Date: Wed, 12 Mar 2025 02:53:03 GMT
Content-Type: text/html
Content-Length: 703
Connection: keep-alive
Server: Tengine/Aserver/3.2.64_20241126150519

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>404 Not Found</title></head>
<body bgcolor="white">
<h1>404 Not Found</h1>
<p>The requested URL was not found on this server. Sorry for the inconvenience.<br/>
Please report this message and include the following information to us.<br/>
Thank you very much!</p>
<table>
<tr>
<td>URL:</td>
<td>http://59.82.133.79/</td>
</tr>
<tr>
<td>Server:</td>
<td>accs-aserver-idc033062078180.center.na610</td>
</tr>
<tr>
<td>Date:</td>
<td>2025/03/12 10:53:03</td>
</tr>
</table>
<hr/>Powered by Tengine/Aserver/3.2.64_20241126150519</body>
</html>

444 / tcp

-303826268 | 2025-03-17T12:09:20.829046

HTTP/1.1 400 Bad Request
Server: nginx/1.22.1
Date: Mon, 17 Mar 2025 12:09:20 GMT
Content-Type: text/html
Content-Length: 157
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

485 / tcp

-1648456501 | 2025-03-20T13:17:25.476349

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

502 / tcp

632542934 | 2025-03-14T14:56:18.101782

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

513 / tcp

-1373613804 | 2025-03-18T23:37:07.197372

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

515 / tcp

988099889 | 2025-03-28T07:18:43.742163

[ºs

541 / tcp

-1299118573 | 2025-03-27T18:44:05.707077

\\x16\\x03\\x01\\x01[\\x01\\x00\\x01W\\x03\\x03\\x89\\xb7a\\xcdh\\xff\\xe7x~\\xc0Z\\x92\\x1f\\xf0\\xd8\xe3\x9f\xb2;\\x92\\x06\\xf9\\xef\\xc7L\\xfa\\x16&#{)` \\xf6k\\x80\\xe6Ylt\\xe8\x0bF\\xa9&?\\xb9!\\xe7\\x93^l\\xb3\\xbe\\x15\\xb1\\xa3n\\x00\\xce\\xde\xcf\x822h\\x002\\x13\\x02\\x13\\x03\\x13\\x01\\x009\\x005\\x00k\\x00=\\xc

548 / tcp

-1128967010 | 2025-03-13T21:13:08.114125

HTTP/1.1 200 OK
Server: Server
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet, nosnippet, notranslate, noimageindex
Content-Type: text/html; charset=utf-8

554 / tcp

1167995424 | 2025-03-26T10:14:54.877603

RTSP/1.0 200 OK
Server: Server/1.0.0
CSeq: 1
Public: OPTIONS, DESCRIBE, SETUP, TEARDOWN, PLAY, GET_PARAMETER, SET_PARAMETER

556 / tcp

632542934 | 2025-03-25T18:32:08.548376

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

593 / tcp

-1112304903 | 2025-03-06T06:33:25.436203

HTTP/1.1 403 Forbidden
Server: Apache/2.4.23 (Win64) OpenSSL/1.0.2h PHP/7.4.13
Content-Type: text/html; charset=iso-8859-1

636 / tcp

-2023550675 | 2025-03-18T20:08:46.085781

\\x01\x0b=\\x01\xc3\x80\\x06\xc3\xbf\xc3\xbf?"<ZDECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\\x01\\x01

771 / tcp

-1399940268 | 2025-03-16T12:11:43.754260

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

789 / tcp

-1795027372 | 2025-03-08T18:16:51.677037

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

811 / tcp

-1399940268 | 2025-03-24T09:23:16.167241

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

902 / tcp

1956828827 | 2025-03-03T17:39:27.309483

220 VMware Authentication Daemon Version 1.10: SSL Required, Se
rverDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t

993 / tcp

45131230 | 2025-03-20T15:00:25.467858

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

995 / tcp

1685649979 | 2025-03-04T18:42:54.737200

+OK Dovecot ready.\r\n

1002 / tcp

1761482307 | 2025-03-15T22:05:26.655555

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

1013 / tcp

-904840257 | 2025-03-20T22:05:05.676574

572 Relay not authorized\r\n

1023 / tcp

233634112 | 2025-03-15T21:34:08.668622

SSH-98.60-SysaxSSH_81885..42

1025 / tcp

-1230049476 | 2025-03-07T12:24:48.018262

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

1028 / tcp

2103111368 | 2025-03-25T03:04:12.113258

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

1080 / tcp

1362344524 | 2025-03-22T10:41:08.151589

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7

1099 / tcp

819727972 | 2025-03-09T19:01:51.010174

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1153 / tcp

580340387 | 2025-03-13T12:46:44.419171

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

1177 / tcp

1960438949 | 2025-03-24T22:53:32.058773

Siemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready
ÿûÿûÿýÿþUsername:

1234 / tcp

321971019 | 2025-03-10T18:50:01.512191

-ERR client ip is not in whitelist\r

1291 / tcp

-1399940268 | 2025-03-22T19:46:52.074338

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1414 / tcp

-2096652808 | 2025-03-24T04:48:20.567191

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1433 / tcp

-186520940 | 2025-03-17T23:07:23.972393

HTTP/1.1

1454 / tcp

-1795027372 | 2025-03-13T20:48:49.264811

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

1494 / tcp

-1049213899 | 2025-03-16T12:02:14.447213

\\x7f\\x7fICA

1500 / tcp

-271515508 | 2025-03-24T20:00:16.606966

HTTP/1.1 302 Moved Temporarily
Server: DrcomServer1.0
Location: http://192.168.254.3
Cache-Control: no-cache
Connection: close

1515 / tcp

819727972 | 2025-03-24T17:42:37.529747

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1521 / tcp

-1184558916 | 2025-03-07T10:16:42.233938

Version:11.2.0.4.0\n"\\x00\\x00Y(DESCRIPTION=(TMP=)(VSNNUM=186647552)(ERR=1189)(ERROR_STACK=(ERROR=(CODE=1189)(EMFI=4))))

1599 / tcp

290819026 | 2025-03-27T04:54:50.784897

welcome to Pandora console!
----------------------------
-------------------------
|     Login Time     |     2021-12-08 1...

1604 / tcp

2087396567 | 2025-03-07T16:24:30.590286

kjnkjabhbanc283ubcsbhdc72

1723 / tcp

2064046231 | 2025-03-18T17:20:44.797435

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1c77_tb143_15913-45531

1800 / tcp

165188539 | 2025-03-20T17:59:26.872612

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1830 / tcp

1911457608 | 2025-03-12T18:00:04.238790

\x00[\x00\x00\x00\x00\x00\x00

1883 / tcp

1231376952 | 2025-03-16T21:53:21.959973

1954 / tcp

1911457608 | 2025-03-24T17:51:45.198170

\x00[\x00\x00\x00\x00\x00\x00

1962 / tcp

455076604 | 2025-03-26T03:44:23.643050

!\x07version\x04bind7 t{RPowerDNS Recursor 410

1977 / tcp

819727972 | 2025-03-25T21:15:25.436472

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1983 / tcp

669849225 | 2025-03-10T00:10:50.122786

SSH-98.60-SysaxSSH_81885..42\r\n

2000 / tcp

671605376 | 2025-03-03T23:50:16.081553

SSH-2.0-OpenSSH_X.X

2003 / tcp

-1399940268 | 2025-03-19T04:25:31.449927

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2008 / tcp

1492413928 | 2025-03-24T14:17:25.271387

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

2010 / tcp

321971019 | 2025-03-10T22:39:20.717833

-ERR client ip is not in whitelist\r

2054 / tcp

-980525298 | 2025-02-27T18:34:58.105180

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

2067 / tcp

-801484042 | 2025-03-09T05:07:56.998188

ERR 27

2072 / tcp

819727972 | 2025-03-17T16:41:41.212792

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2080 / tcp

45131230 | 2025-03-24T22:26:08.352471

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

2081 / tcp

-2096652808 | 2025-03-04T08:26:20.168448

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

2083 / tcp

-1461540015 | 2025-03-20T15:02:46.229180

audio 0 RTP/AVP 18 4 3 8 0 101
a

2087 / tcp

117101543 | 2025-03-25T11:16:28.487380

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

2095 / tcp

632542934 | 2025-03-17T15:27:57.597012

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

2122 / tcp

-1626979812 | 2025-03-25T07:00:43.754426

220 Service ready for new user.

2126 / tcp

2115448635 | 2025-03-26T02:32:22.287763

Toshiba e-STUDIO 233 copier/printer/fax http config

2154 / tcp

104385780 | 2025-02-27T16:41:45.347272

ceph v2

2181 / tcp

-122096153 | 2025-03-04T17:28:44.598917

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

2195 / tcp

-1327660293 | 2025-03-22T20:28:32.705629

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

2211 / tcp

819727972 | 2025-03-15T08:19:44.029300

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2222 / tcp

2051656595 | 2025-03-28T07:48:30.632232

SSH-2.0-OpenSSH_7.4\r\n\n

2320 / tcp

819727972 | 2025-03-18T04:40:00.351541

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2323 / tcp

1662205251 | 2025-03-10T13:03:28.793170

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

2332 / tcp

1632932802 | 2025-03-22T05:24:38.834987

2345 / tcp

1911457608 | 2025-03-27T01:52:15.505743

\x00[\x00\x00\x00\x00\x00\x00

2362 / tcp

-1888448627 | 2025-03-08T14:52:25.197325

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

2363 / tcp

-1428621233 | 2025-03-26T02:57:20.363000

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

2379 / tcp

1282941221 | 2025-03-12T08:49:08.363733

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

2404 / tcp

1282941221 | 2025-03-27T14:14:58.782110

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

2435 / tcp

-1986594217 | 2025-03-22T21:49:16.428509

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

2455 / tcp

2087396567 | 2025-03-16T17:28:42.046669

kjnkjabhbanc283ubcsbhdc72

2550 / tcp

819727972 | 2025-03-19T00:35:29.912813

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2559 / tcp

921225407 | 2025-03-04T00:15:26.996406

\x00\x00\x00\x04\x00\x00\x00\x00\x00

2566 / tcp

2063598737 | 2025-03-20T16:14:04.505653

/0 0 L\r\n/0 0 HUH\r\n

2569 / tcp

-1399940268 | 2025-03-15T17:03:43.801992

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2628 / tcp

2087396567 | 2025-03-16T13:36:41.051579

kjnkjabhbanc283ubcsbhdc72

2761 / tcp

165188539 | 2025-03-21T11:57:33.756090

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

3001 / tcp

-971970408 | 2025-03-04T00:18:30.602240

3009 / tcp

1623746877 | 2025-03-19T06:59:49.519217

500 Permission denied - closing connection.\r\n

3016 / tcp

-1598265216 | 2025-03-26T07:14:45.492936

@RSYNCD: 31.0

3049 / tcp

921225407 | 2025-03-18T15:55:21.367326

\x00\x00\x00\x04\x00\x00\x00\x00\x00

3050 / tcp

2143387245 | 2025-03-15T05:20:54.805936

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

3058 / tcp

165188539 | 2025-03-11T23:40:16.552747

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

3072 / tcp

1911457608 | 2025-03-20T00:59:20.652728

\x00[\x00\x00\x00\x00\x00\x00

3074 / tcp

1911457608 | 2025-03-12T13:24:37.959448

\x00[\x00\x00\x00\x00\x00\x00

3076 / tcp

307999478 | 2025-03-05T22:37:27.438700

unknown command \r\nunknown command \r\n

3085 / tcp

1911457608 | 2025-03-22T09:39:29.952615

\x00[\x00\x00\x00\x00\x00\x00

3090 / tcp

1991883981 | 2025-03-09T23:43:17.052079

B\x00\x00\x00\xc3\xbfn\x04Too many connections

3098 / tcp

-1399940268 | 2025-03-05T15:10:34.700476

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3100 / tcp

1911457608 | 2025-03-19T21:54:28.338492

\x00[\x00\x00\x00\x00\x00\x00

3123 / tcp

1830187220 | 2025-03-18T23:32:35.714648

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

3131 / tcp

2098371729 | 2025-03-09T11:18:33.843141

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

3136 / tcp

1353260875 | 2025-03-12T22:33:06.816618

\x00[g\xc2\x95N\x7f\x00\x00

3149 / tcp

-1399940268 | 2025-03-16T06:15:09.877921

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3160 / tcp

-1399940268 | 2025-03-23T17:21:04.157971

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3169 / tcp

-288825733 | 2025-03-19T14:05:11.254835

HTTP/1.1 200 OK
Connection: close
Content-Length: 2619
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE
Content-Type: text/html
Server: Jetty(9.4.14.v20181114)
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

3173 / tcp

307999478 | 2025-03-22T10:20:46.340685

unknown command \r\nunknown command \r\n

3179 / tcp

-585940771 | 2025-03-14T03:06:42.243059

Unknown command\r\n

3183 / tcp

-1888448627 | 2025-03-03T23:35:46.656583

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

3221 / tcp

1625292406 | 2025-03-21T19:29:06.587407

<?x

3260 / tcp

-862070606 | 2025-03-28T05:51:16.297158

Login Response Success(0x0000)\nKey/Value Pairs\nAuthMethod=None\nTargetAlias=LIO Target\nTargetPortalGroupTag=1\n\n

3268 / tcp

-1688921933 | 2025-03-15T22:34:13.699134

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 12-14878276-0 0NNN RT(1705363841143 0) q(0 -1 -1 -1) r(0 -1)

3269 / tcp

-1399940268 | 2025-03-13T18:29:36.591962

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3299 / tcp

-1839934832 | 2025-03-16T02:43:06.527242

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

3306 / tcp

292351399 | 2025-03-24T03:48:58.204019

Mysql Version: 5.5.24-log \r\nN\\x00\\x00\\x00\n5.5.24-log\\x00\\x87\\x00\\x00\\x00uF>E}hpx\\x00\\xff\\xf7!\\x02\\x00\\x0f\\x80\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00-rx$GyO\\aT]Z\\x00mysql_native_password\\x00

3388 / tcp

1632932802 | 2025-02-27T18:58:11.107293

3540 / tcp

-1399940268 | 2025-03-26T22:54:30.112998

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3553 / tcp

1332894250 | 2025-03-28T08:43:02.033355

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

3554 / tcp

1332894250 | 2025-03-15T10:26:08.239452

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

3566 / tcp

1632932802 | 2025-03-06T03:29:58.712940

3780 / tcp

1544300041 | 2025-03-18T07:52:16.423312

SSH-25453-Cisco-3524665.35

4000 / tcp

-1148803158 | 2025-03-17T21:03:57.055030

Mysql Version: 8.0.34 \r\nJ\\x00\\x00\\x00\n8.0.34\\x009L\\x01\\x00NJSz;\\x01\\x19y\\x00\\xff\\xff!\\x02\\x00\\xff\\xdf\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00k\\x13VT\\x10\\x14YfV~^z\\x00caching_sha2_password\\x00

4010 / tcp

-1375131644 | 2025-03-23T15:01:12.922002

\x00[v\xc3\xbdC\x7f\x00\x00

4022 / tcp

1911457608 | 2025-03-09T18:32:28.644810

\x00[\x00\x00\x00\x00\x00\x00

4063 / tcp

1978059005 | 2025-03-18T12:44:09.873553

Sorry, that nickname format is invalid.

4064 / tcp

819727972 | 2025-03-05T02:16:48.004770

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

4157 / tcp

-1839934832 | 2025-03-25T17:11:22.972647

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

4242 / tcp

-1341662640 | 2025-03-09T12:23:46.351978

HTTP/1.1 301 Moved Permanently
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

4282 / tcp

-1999117212 | 2025-03-24T08:21:58.145859

4321 / tcp

-269926141 | 2025-03-17T01:54:29.575956

\\x00\\x00\\x12\\x04\\x00\\x00\\x00\\x00\\x00\\x00\\x03\\x00\\x00\\x00\\x80\\x00\\x04\\x00\\x01\\x00\\x00\\x00\\x05\\x00\\xff\\xff\\xff\\x00\\x00\\x04\\x08\\x00\\x00\\x00\\x00\\x00\\x7f\\xff\\x00\\x00\\x00\\x00\\x08\\x07\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01

4344 / tcp

669849225 | 2025-03-06T01:35:42.075338

SSH-98.60-SysaxSSH_81885..42\r\n

4400 / tcp

-2096652808 | 2025-03-15T02:55:55.597057

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

4433 / tcp

1830187220 | 2025-03-08T21:07:22.571453

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

4434 / tcp

1282941221 | 2025-03-24T09:58:37.785671

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

4436 / tcp

1830187220 | 2025-03-21T06:55:28.686171

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

4443 / tcp

1140068775 | 2025-03-18T04:49:53.908930

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html
X-Frame-Options: DENY

Name: VMware ESXi
FullName: VMware ESXi 6.7.0 build-8169922
Vendor: VMware, Inc.
Version: 6.7.0
Build: 8169922
LocaleVersion: INTL
LocaleBuild: 000
OsType: vmnix-x86
ProductLineId: embeddedEsx
ApiType: HostAgent
ApiVersion: 6.7

4444 / tcp

819727972 | 2025-03-23T22:51:00.171188

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

4447 / tcp

819727972 | 2025-02-28T17:24:22.040416

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

4499 / tcp

1212285915 | 2025-03-16T18:07:24.083018

\x00K\x00\x00\x02\x00\x00\x00%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

4500 / tcp

-2089734047 | 2025-03-22T02:35:45.985725

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

4502 / tcp

1948301213 | 2025-03-08T17:44:10.948819

RFB 003.003
VNC:
  Protocol Version: 3.3

4506 / tcp

1093576587 | 2025-03-17T23:21:19.601112

¥A,LConnectx57222

4786 / tcp

-1139539254 | 2025-03-17T09:13:59.714530

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

4899 / tcp

-358801646 | 2025-03-11T20:42:48.090738

SSH-2.0-OpenSSH_6.6.1

4949 / tcp

1544300041 | 2025-03-12T02:39:27.537769

SSH-25453-Cisco-3524665.35

5009 / tcp

1182822286 | 2025-03-18T03:53:50.272452

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae237b_dianxun172_7460-1469

5010 / tcp

-1099385124 | 2025-03-20T15:51:46.611568

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

5025 / tcp

1778988322 | 2025-03-24T19:29:30.508250

* OK GroupWise IMAP4rev1 Server Ready

5061 / tcp

677934968 | 2025-03-19T18:35:00.686387

lm^)Q

5130 / tcp

320677201 | 2025-03-13T04:18:29.087953

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

5135 / tcp

1911457608 | 2025-03-25T11:46:54.842424

\x00[\x00\x00\x00\x00\x00\x00

5172 / tcp

539065883 | 2025-03-17T16:37:21.077554

5201 / tcp

165188539 | 2025-03-13T06:58:52.511590

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

5222 / tcp

-641479109 | 2025-03-19T18:22:50.488102

[xU-

5241 / tcp

-1399940268 | 2025-03-18T23:02:33.572444

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5245 / tcp

-1399940268 | 2025-03-05T22:29:47.093526

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5251 / tcp

1911457608 | 2025-03-18T18:10:45.937509

\x00[\x00\x00\x00\x00\x00\x00

5252 / tcp

-1327660293 | 2025-03-10T15:57:14.447126

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

5254 / tcp

1767345577 | 2025-03-08T18:49:22.477076

Hello, this is Quagga (version 0T).
Copyright 1996-200

5260 / tcp

-1327660293 | 2025-03-05T03:37:05.483049

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

5435 / tcp

1363464823 | 2025-03-25T16:29:31.513651

\x00[|ox\x7f\x00\x00

5494 / tcp

971933601 | 2025-03-07T01:57:00.712330

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

5569 / tcp

1911457608 | 2025-03-26T04:12:15.646500

\x00[\x00\x00\x00\x00\x00\x00

5596 / tcp

-441419608 | 2025-03-12T15:40:38.076911

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

5599 / tcp

-1839934832 | 2025-03-15T04:29:09.187061

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

5660 / tcp

-1327660293 | 2025-03-15T18:13:50.463368

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

5858 / tcp

-971970408 | 2025-03-28T18:51:17.580191

5907 / tcp

-1045760528 | 2025-03-29T11:13:16.030961

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

5909 / tcp

1282941221 | 2025-03-14T02:52:30.329664

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

5938 / tcp

1763259671 | 2025-03-23T12:08:11.574889

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

5984 / tcp

1999272906 | 2025-03-22T20:08:18.761584

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

5986 / tcp

-407828767 | 2025-02-28T14:00:08.659230

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

5988 / tcp

632542934 | 2025-03-28T16:41:50.130126

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

5990 / tcp

921225407 | 2025-03-21T02:26:10.501560

\x00\x00\x00\x04\x00\x00\x00\x00\x00

5996 / tcp

-1453516345 | 2025-02-27T20:01:44.301673

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

6001 / tcp

819727972 | 2025-03-18T12:27:58.965602

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

6002 / tcp

1911495665 | 2025-03-25T09:26:15.385360

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

6004 / tcp

-339084706 | 2025-03-17T17:37:24.104124

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

6022 / tcp

819727972 | 2025-03-15T05:03:16.926595

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

6070 / tcp

-1399940268 | 2025-03-17T01:50:28.696074

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6264 / tcp

1543809371 | 2025-02-27T18:45:26.898566

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

6308 / tcp

1011407350 | 2025-03-20T12:03:33.243533

* OK GroupWise IMAP4rev1 Server Ready\r\n

6379 / tcp

321971019 | 2025-02-27T14:07:08.358518

-ERR client ip is not in whitelist\r

6580 / tcp

-1835475271 | 2025-03-25T05:24:22.388998

200 NOD32SS 99 (3318497116)\r\n

6667 / tcp

819727972 | 2025-03-27T18:53:28.948016

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

6697 / tcp

819727972 | 2025-03-10T07:01:35.958883

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

6955 / tcp

-2089734047 | 2025-03-09T08:10:10.560653

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

7006 / tcp

307999478 | 2025-03-19T19:16:46.644428

unknown command \r\nunknown command \r\n

7010 / tcp

-1399940268 | 2025-03-23T18:19:41.115630

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7071 / tcp

660175493 | 2025-03-22T23:10:39.775636

7171 / tcp

-1399940268 | 2025-03-12T10:11:28.608111

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7401 / tcp

1370263973 | 2025-03-22T13:55:45.794836

dubbo>

7434 / tcp

842535728 | 2025-02-27T18:27:16.593885

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

7443 / tcp

1612309769 | 2025-03-25T09:06:47.208933

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae28e1_CS-000-01SZh112_7344-42222

7444 / tcp

165188539 | 2025-03-19T20:52:00.154082

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

7634 / tcp

641705735 | 2025-03-26T20:45:34.040894



0
dø...

7676 / tcp

1100205395 | 2025-03-28T12:51:25.491611

HTTP/1.1 200 OK
Cache-Control: private, max-age=300

7774 / tcp

-1399940268 | 2025-03-12T19:05:30.661432

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7777 / tcp

1391945995 | 2025-03-27T13:56:53.661759

HTTP/1.1 403 Forbidden 
Content-Type: text/plain; charset=utf-8
Proxy-Authenticate: Basic realm=""

7778 / tcp

-1996280214 | 2025-03-18T06:29:24.811713

\x06\x04\x05@

7946 / tcp

1761482307 | 2025-03-26T11:45:20.007193

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

8001 / tcp

2103111368 | 2025-03-16T17:23:19.868645

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8007 / tcp

1529339778 | 2025-03-29T11:03:25.873010

HTTP/1.1 200 OK

8009 / tcp

-971970408 | 2025-03-15T13:17:30.700372

8014 / tcp

-1399940268 | 2025-03-06T01:45:58.149128

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8015 / tcp

-653033013 | 2025-03-21T19:56:23.871672

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

8016 / tcp

-1477838366 | 2025-03-25T09:01:24.198636

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

8023 / tcp

819727972 | 2025-03-06T13:55:01.888714

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8024 / tcp

-1428621233 | 2025-03-14T00:18:17.671589

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

8047 / tcp

-1839934832 | 2025-03-19T11:42:20.655471

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8050 / tcp

-1839934832 | 2025-03-26T12:55:42.175792

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8061 / tcp

-1059554316 | 2025-03-10T21:12:32.434053

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

8081 / tcp

2087396567 | 2025-03-17T13:35:53.684448

kjnkjabhbanc283ubcsbhdc72

8083 / tcp

401555314 | 2025-03-13T00:07:58.177937

NB[GFXjA^R

8085 / tcp

1544300041 | 2025-03-23T06:33:26.729813

SSH-25453-Cisco-3524665.35

8087 / tcp

-1538260461 | 2025-03-22T00:21:00.510358

\x01\x00\x00\x00

8099 / tcp

-1639624373 | 2025-03-20T19:54:30.595317

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae28c9_CS-000-01kgX25_35624-12255

8100 / tcp

-1279886438 | 2025-03-11T22:18:54.406035

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

8101 / tcp

1911457608 | 2025-02-28T19:33:49.343142

\x00[\x00\x00\x00\x00\x00\x00

8114 / tcp

-1059554316 | 2025-03-10T03:22:13.491860

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

8116 / tcp

-1730858130 | 2025-02-28T14:27:42.650260

RFB 003.008
VNC:
  Protocol Version: 3.8

8126 / tcp

504717326 | 2025-03-26T05:54:31.558767

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 6 1

8140 / tcp

-375604792 | 2025-03-14T07:14:27.306011

220 Microsoft FTP Service

8147 / tcp

819727972 | 2025-03-19T08:18:59.947856

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8149 / tcp

-1839934832 | 2025-03-04T00:16:27.623627

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8169 / tcp

1363464823 | 2025-03-06T09:47:25.025043

\x00[|ox\x7f\x00\x00

8171 / tcp

-1099385124 | 2025-03-06T22:38:14.216252

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

8175 / tcp

1642597142 | 2025-03-28T17:17:15.242954

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

8192 / tcp

-1755723830 | 2025-03-19T11:28:04.570685

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65a92acb_PS-PEK-017zN163_30438-60415

8196 / tcp

-345718689 | 2025-03-10T03:58:39.770132

Vty password is not set.

8200 / tcp

556442608 | 2025-03-23T06:34:20.142856

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2792_dx54_21588-11785

8291 / tcp

455076604 | 2025-03-13T01:46:09.483283

!\x07version\x04bind7 t{RPowerDNS Recursor 410

8318 / tcp

-1399940268 | 2025-03-17T20:27:06.209158

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8333 / tcp

1723769361 | 2025-03-26T21:38:59.397521

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

8393 / tcp

165188539 | 2025-02-28T04:56:21.318897

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8403 / tcp

1911457608 | 2025-02-28T05:11:37.042310

\x00[\x00\x00\x00\x00\x00\x00

8407 / tcp

504717326 | 2025-03-14T21:12:06.805413

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 6 1

8426 / tcp

410249975 | 2025-03-18T23:12:23.613746

LNS READY<>

8485 / tcp

165188539 | 2025-03-11T02:42:17.947910

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8500 / tcp

-1784271535 | 2025-03-05T22:27:08.487504

inv2W\x04\x0f\x01

8545 / tcp

2087396567 | 2025-03-19T04:40:32.084995

kjnkjabhbanc283ubcsbhdc72

8554 / tcp

-2089734047 | 2025-03-12T18:32:52.371119

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8557 / tcp

51259122 | 2025-03-27T22:01:28.223451

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

8565 / tcp

1830187220 | 2025-03-28T01:24:33.432209

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

8575 / tcp

-1399940268 | 2025-03-13T00:47:30.321788

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8576 / tcp

-2089734047 | 2025-03-25T16:40:53.437857

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8579 / tcp

114471724 | 2025-03-25T22:26:00.361301

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN
Server: NSX

8582 / tcp

-1399940268 | 2025-03-20T17:01:34.284147

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8590 / tcp

321971019 | 2025-03-12T03:46:36.842911

-ERR client ip is not in whitelist\r

8594 / tcp

117101543 | 2025-03-12T05:37:48.383600

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

8649 / tcp

1489954473 | 2025-03-18T20:36:36.390817

HTTP/1.1 410 Gone
Server: openresty
Transfer-Encoding: chunked
Connection: keep-alive
Via: 1.1 google

8728 / tcp

-1779118422 | 2025-03-25T06:45:18.729540

\x00[\xc2\xae\xc2\x8d{\x7f\x00\x00

8745 / tcp

-454087041 | 2025-03-04T22:42:25.069569

\x1e\xc3\x80\x010\x02\x00\xc2\xa8\xc3\xa3\x00\x00\x00\x00

8767 / tcp

-1399940268 | 2025-03-24T21:34:12.290295

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8805 / tcp

-1019343788 | 2025-03-06T21:17:05.475239

W!\x00\x00\x00\x00

8807 / tcp

820958131 | 2025-03-18T13:27:49.353117

kjnkjabhbanc283ubcsbhdc72\x02

8817 / tcp

-1097188123 | 2025-03-16T00:39:05.725092

[g\xc2\x95N\x7f

8824 / tcp

-980525298 | 2025-03-09T22:19:44.046954

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8834 / tcp

1996932384 | 2025-03-22T22:59:08.766278

"raop" nonce

8841 / tcp

819727972 | 2025-03-17T03:03:34.138458

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8850 / tcp

1911457608 | 2025-03-19T21:12:11.106365

\x00[\x00\x00\x00\x00\x00\x00

8851 / tcp

819727972 | 2025-03-07T10:29:45.579922

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8867 / tcp

-441419608 | 2025-02-28T03:19:16.594730

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

8870 / tcp

819727972 | 2025-02-27T20:56:15.777880

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8880 / tcp

740837454 | 2025-03-14T21:51:21.519725

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

8889 / tcp

291723434 | 2025-03-25T17:27:39.121085

Lantronix MSS100 Version V118/523(045538937)

Type HELP at the 'Local_61349> ' prompt for assistance.



Username>

8891 / tcp

2103111368 | 2025-02-28T16:12:47.007403

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8899 / tcp

474736340 | 2025-03-15T15:42:38.169062

431 Unable to negotiate secure command connection.

8905 / tcp

921225407 | 2025-02-27T17:18:11.129945

\x00\x00\x00\x04\x00\x00\x00\x00\x00

8906 / tcp

1282941221 | 2025-03-16T20:10:38.750458

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

9012 / tcp

2143387245 | 2025-03-09T13:14:27.376433

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

9034 / tcp

-1399940268 | 2025-03-20T14:56:28.386867

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9050 / tcp

-392669295 | 2025-03-09T13:05:31.652314

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1b0f_CS-NKG-01HoU21_7454-20182

9052 / tcp

1353260875 | 2025-03-24T20:35:54.169226

\x00[g\xc2\x95N\x7f\x00\x00

9063 / tcp

1332894250 | 2025-03-04T20:06:10.981115

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

9068 / tcp

-274082663 | 2025-03-20T09:21:59.427326

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

9072 / tcp

-1327660293 | 2025-03-10T07:18:01.838338

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

9083 / tcp

-274082663 | 2025-03-06T23:28:37.527519

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

9089 / tcp

819727972 | 2025-03-04T21:32:58.378184

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9091 / tcp

-1032713145 | 2025-03-14T21:57:57.532876

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

9095 / tcp

-1681927087 | 2025-03-27T20:54:47.707083

kjnkjabhbanc283ubcsbhdc72

9099 / tcp

-1914711518 | 2025-03-09T23:39:17.694125

HTTP/1.1 400 Bad Request
Connection: close
Server: Lego Server

9100 / tcp

820958131 | 2025-03-25T18:34:40.748531

kjnkjabhbanc283ubcsbhdc72\x02

9101 / tcp

-1032713145 | 2025-03-29T08:18:31.526804

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

9111 / tcp

-1399940268 | 2025-03-19T10:25:19.137442

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9132 / tcp

-1399940268 | 2025-03-27T14:30:07.444904

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9137 / tcp

-1746074029 | 2025-03-21T09:34:01.920167

101 imqbroker =unV\r\n

9140 / tcp

165188539 | 2025-03-12T00:26:11.711442

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9142 / tcp

-1888448627 | 2025-03-10T12:40:56.505648

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9145 / tcp

921225407 | 2025-03-25T17:25:08.993821

\x00\x00\x00\x04\x00\x00\x00\x00\x00

9151 / tcp

-319440554 | 2025-03-03T23:46:31.005169

9155 / tcp

-2031152423 | 2025-03-20T09:00:00.707154

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

9160 / tcp

321971019 | 2025-03-27T13:04:37.397758

-ERR client ip is not in whitelist\r

9165 / tcp

819727972 | 2025-03-07T14:27:09.334582

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9166 / tcp

-784071826 | 2025-03-24T18:30:08.133231

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

9167 / tcp

-1399940268 | 2025-03-17T06:45:45.606988

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9177 / tcp

-1399940268 | 2025-03-11T18:36:00.554092

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9179 / tcp

321971019 | 2025-03-18T14:44:49.450014

-ERR client ip is not in whitelist\r

9189 / tcp

1189133115 | 2025-03-28T16:46:16.386595

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

9194 / tcp

1911457608 | 2025-02-27T16:10:25.682153

\x00[\x00\x00\x00\x00\x00\x00

9206 / tcp

740837454 | 2025-03-20T03:37:41.781271

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

9207 / tcp

1989907056 | 2025-03-15T03:34:40.041672

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

9208 / tcp

-1399940268 | 2025-03-12T12:09:53.767620

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9209 / tcp

-1839934832 | 2025-03-04T03:37:04.507528

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

9213 / tcp

-2089734047 | 2025-03-22T10:56:43.014278

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9223 / tcp

1911457608 | 2025-03-06T20:27:26.278630

\x00[\x00\x00\x00\x00\x00\x00

9230 / tcp

1308377066 | 2025-03-16T18:36:40.442558

ncacn_http/1.0

9249 / tcp

205347087 | 2025-03-21T09:57:55.955398

SSH-25453-Cisco-3524665.35\n

9250 / tcp

321971019 | 2025-03-09T22:38:03.533788

-ERR client ip is not in whitelist\r

9289 / tcp

-2033111675 | 2025-03-24T04:43:00.925935

~djb

9306 / tcp

819727972 | 2025-03-04T08:35:46.643388

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9309 / tcp

-1105333987 | 2025-03-19T02:16:20.818295

\x00[KpU\x7f\x00\x00

9333 / tcp

-358801646 | 2025-03-21T14:35:25.770216

SSH-2.0-OpenSSH_6.6.1

9398 / tcp

-1900404274 | 2025-03-26T21:45:11.976267

Unknown command

9456 / tcp

1363464823 | 2025-03-22T01:03:39.236386

\x00[|ox\x7f\x00\x00

9530 / tcp

632542934 | 2025-03-26T08:32:40.215691

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

9754 / tcp

408230060 | 2025-03-04T07:58:05.729619

\r\nSorry, that nickname format is invalid.\r\n

9761 / tcp

-1730858130 | 2025-03-06T17:22:48.191703

RFB 003.008
VNC:
  Protocol Version: 3.8

9898 / tcp

1320285193 | 2025-03-24T19:15:51.467292

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

9900 / tcp

-414819019 | 2025-03-15T23:42:44.953588

HTTP/1.1 200 OK
Content-type: text/html
Connection: close

9908 / tcp

165188539 | 2025-03-25T09:44:08.276907

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9918 / tcp

-1399940268 | 2025-03-27T21:58:06.840976

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9926 / tcp

819727972 | 2025-03-14T22:04:15.892061

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9928 / tcp

-2089734047 | 2025-03-16T06:58:16.148300

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9930 / tcp

1948301213 | 2025-03-19T20:51:40.141774

RFB 003.003
VNC:
  Protocol Version: 3.3

9944 / tcp

2087396567 | 2025-03-18T06:15:53.633545

kjnkjabhbanc283ubcsbhdc72

9998 / tcp

-696402907 | 2025-03-24T12:54:14.498552

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae298c_PS-HIA-01Q7y203_55153-4321

9999 / tcp

1161309183 | 2025-03-28T18:01:12.080116

ProxyServer is ready

10000 / tcp

2087396567 | 2025-03-18T10:03:23.855884

kjnkjabhbanc283ubcsbhdc72

10018 / tcp

-1611764932 | 2025-03-11T22:37:22.833444

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

10050 / tcp

819727972 | 2025-03-27T04:10:35.744912

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

10051 / tcp

104385780 | 2025-03-14T15:45:41.418442

ceph v2

10066 / tcp

632542934 | 2025-03-14T11:38:08.210984

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

10075 / tcp

-146605374 | 2025-03-06T19:01:22.549258

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

10093 / tcp

819727972 | 2025-03-21T12:45:58.313566

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

10554 / tcp

539065883 | 2025-03-09T20:25:26.906516

10909 / tcp

1996932384 | 2025-03-19T23:38:54.566959

"raop" nonce

10911 / tcp

-1899074860 | 2025-03-05T06:34:33.047901

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

11112 / tcp

-1327660293 | 2025-03-22T01:24:23.827018

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

11211 / tcp

-136006866 | 2025-03-11T23:57:34.774357

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

11288 / tcp

-1529979118 | 2025-03-28T09:53:01.054287

inv2W

11300 / tcp

819727972 | 2025-03-07T02:55:45.254210

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12000 / tcp

-1368104760 | 2025-03-27T08:09:59.824564

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1d31_PS-TNA-01mQW36_7416-41955

12084 / tcp

-1327660293 | 2025-03-13T06:23:54.039364

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12101 / tcp

1911457608 | 2025-03-25T11:12:44.530326

\x00[\x00\x00\x00\x00\x00\x00

12116 / tcp

-2089734047 | 2025-03-09T07:29:57.679069

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12120 / tcp

1615193817 | 2025-03-25T18:35:03.175045

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

12127 / tcp

493955023 | 2025-03-23T05:15:14.390261

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

12140 / tcp

1911457608 | 2025-03-06T00:53:28.425257

\x00[\x00\x00\x00\x00\x00\x00

12142 / tcp

-616720387 | 2025-03-26T19:17:11.128828

SSH-2.0-SSHD_0.7.6

12143 / tcp

632542934 | 2025-03-14T06:52:23.841585

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

12147 / tcp

639175818 | 2025-03-08T21:57:06.742024

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

12148 / tcp

-1399940268 | 2025-03-06T16:53:05.986307

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12153 / tcp

-1399940268 | 2025-03-09T19:54:54.595848

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12158 / tcp

-1477838366 | 2025-02-28T22:50:44.211205

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

12162 / tcp

1308377066 | 2025-03-14T00:16:15.777417

ncacn_http/1.0

12166 / tcp

-1733645023 | 2025-03-17T23:07:50.430905

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

12180 / tcp

1363464823 | 2025-03-24T17:53:17.819793

\x00[|ox\x7f\x00\x00

12185 / tcp

-1327660293 | 2025-02-28T14:34:51.287502

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12230 / tcp

-1399940268 | 2025-03-15T07:21:01.973736

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12243 / tcp

-1399940268 | 2025-03-06T10:38:44.897165

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12252 / tcp

-1327660293 | 2025-03-17T01:30:33.937267

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12275 / tcp

-1810987450 | 2025-03-11T21:41:49.774949

\xc3\xbf

12281 / tcp

1911457608 | 2025-03-27T01:10:45.248040

\x00[\x00\x00\x00\x00\x00\x00

12282 / tcp

1911457608 | 2025-03-15T11:06:08.764103

\x00[\x00\x00\x00\x00\x00\x00

12300 / tcp

897328069 | 2025-03-15T23:27:12.497140

220 mail.scott000.com ESMTP

12304 / tcp

493955023 | 2025-03-25T12:03:19.863445

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

12314 / tcp

819727972 | 2025-03-14T23:17:48.552115

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12317 / tcp

-1399940268 | 2025-03-21T06:50:15.644166

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12319 / tcp

51259122 | 2025-03-15T12:47:19.048155

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

12321 / tcp

-653033013 | 2025-03-12T13:35:26.445300

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

12331 / tcp

-1399940268 | 2025-03-14T15:36:38.141076

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12338 / tcp

1919228981 | 2025-03-05T14:13:16.879945

\x00\x1e\x00\x06\xc2\x81\xc2\x85\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

12345 / tcp

296364507 | 2025-03-13T03:12:54.793694

HTTP/1.1 500 Internal Server Error
SERVER: Trend Chip UPnP/1.0 DMS
CONNECTION: close
CONTENT-LENGTH: 60
CONTENT-TYPE: text/html

12360 / tcp

-339084706 | 2025-03-15T13:11:32.380767

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

12380 / tcp

-142686627 | 2025-03-19T10:55:54.312650

\x00[\xc2\xba\x7fs\x7f\x00\x00

12388 / tcp

-1428621233 | 2025-03-04T15:13:27.073373

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

12390 / tcp

-1648456501 | 2025-03-26T16:42:59.362977

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

12394 / tcp

819727972 | 2025-03-22T17:12:35.979673

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12403 / tcp

-1476017887 | 2025-03-09T08:11:19.863115

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

12409 / tcp

819727972 | 2025-03-10T00:07:48.048463

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12419 / tcp

401555314 | 2025-03-22T12:59:26.293985

NB[GFXjA^R

12431 / tcp

408230060 | 2025-03-17T23:09:38.770738

\r\nSorry, that nickname format is invalid.\r\n

12440 / tcp

321971019 | 2025-03-04T10:43:22.352809

-ERR client ip is not in whitelist\r

12442 / tcp

-1839934832 | 2025-03-19T12:32:30.605671

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

12444 / tcp

1911457608 | 2025-03-21T09:19:14.417795

\x00[\x00\x00\x00\x00\x00\x00

12472 / tcp

819727972 | 2025-03-15T09:59:25.606895

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12486 / tcp

580340387 | 2025-03-21T13:02:44.242050

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

12505 / tcp

-1839934832 | 2025-03-23T19:17:56.436284

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

12506 / tcp

1911457608 | 2025-03-05T04:53:27.924015

\x00[\x00\x00\x00\x00\x00\x00

12526 / tcp

1655023012 | 2025-03-18T03:03:10.996031

athinfod: invalid query.\n

12540 / tcp

-1810987450 | 2025-03-26T20:01:43.824133

\xc3\xbf

12563 / tcp

-1036370807 | 2025-03-28T07:18:12.142602

JDWP-Handshake

12575 / tcp

-1375131644 | 2025-03-13T10:03:20.544868

\x00[v\xc3\xbdC\x7f\x00\x00

12589 / tcp

1308377066 | 2025-03-05T21:20:48.386806

ncacn_http/1.0

12980 / tcp

-1888448627 | 2025-03-08T12:22:24.030965

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

13082 / tcp

1911457608 | 2025-03-06T01:43:54.801003

\x00[\x00\x00\x00\x00\x00\x00

13443 / tcp

1911457608 | 2025-03-23T16:07:59.957839

\x00[\x00\x00\x00\x00\x00\x00

13780 / tcp

-1399940268 | 2025-03-24T18:52:02.672768

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14147 / tcp

493955023 | 2025-03-08T11:52:20.454843

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

14344 / tcp

921225407 | 2025-03-26T08:02:47.229943

\x00\x00\x00\x04\x00\x00\x00\x00\x00

14407 / tcp

-1399940268 | 2025-03-05T22:28:10.218382

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14895 / tcp

45131230 | 2025-03-25T06:15:03.384066

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

15443 / tcp

1282941221 | 2025-03-15T19:22:19.120886

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

16001 / tcp

1632932802 | 2025-03-18T20:36:58.906898

16020 / tcp

819727972 | 2025-03-18T12:51:29.110008

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

16028 / tcp

-2096652808 | 2025-03-25T19:11:03.074485

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

16033 / tcp

165188539 | 2025-03-26T10:02:20.895230

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

16065 / tcp

-2096652808 | 2025-03-24T16:42:23.137119

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

16075 / tcp

1911457608 | 2025-03-21T19:14:30.188522

\x00[\x00\x00\x00\x00\x00\x00

16094 / tcp

-1399940268 | 2025-03-17T06:04:55.343471

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16311 / tcp

321971019 | 2025-03-07T18:27:54.333827

-ERR client ip is not in whitelist\r

16402 / tcp

1911457608 | 2025-03-10T19:22:45.544447

\x00[\x00\x00\x00\x00\x00\x00

16464 / tcp

-345718689 | 2025-03-21T00:09:32.704914

Vty password is not set.

16992 / tcp

-1840324437 | 2025-03-22T17:01:55.527544

16993 / tcp

2087396567 | 2025-03-26T08:22:39.493377

kjnkjabhbanc283ubcsbhdc72

17010 / tcp

-904840257 | 2025-03-18T16:57:21.433887

572 Relay not authorized\r\n

17182 / tcp

89142341 | 2025-03-09T14:24:42.687900

\x05\x00\x00\x00\x0b\x08\x05\x1a\x00

17773 / tcp

1911457608 | 2025-03-15T17:40:53.766885

\x00[\x00\x00\x00\x00\x00\x00

17779 / tcp

1911457608 | 2025-03-16T15:50:00.277531

\x00[\x00\x00\x00\x00\x00\x00

18004 / tcp

-1737707071 | 2025-03-18T06:40:06.919153

\x00b\x00\x01\x00\x00\x00\x00x\x0b\x00\x00\x00\x00z\x00437

18019 / tcp

-992671574 | 2025-03-20T19:45:52.217414

@RSYNCD: 26

18066 / tcp

493955023 | 2025-03-05T21:27:31.372124

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

18068 / tcp

-1329831334 | 2025-03-10T09:09:52.189434

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

18079 / tcp

-2089734047 | 2025-03-18T17:52:30.504446

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

18080 / tcp

-653033013 | 2025-03-17T16:25:40.345006

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

18081 / tcp

-2031152423 | 2025-03-22T01:43:25.667819

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

18083 / tcp

-616720387 | 2025-02-28T02:00:54.354627

SSH-2.0-SSHD_0.7.6

18087 / tcp

-1428621233 | 2025-03-14T20:06:46.931869

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

18092 / tcp

-1428621233 | 2025-03-12T18:11:51.563527

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

18103 / tcp

-1399940268 | 2025-03-20T15:39:49.149916

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18110 / tcp

-345718689 | 2025-03-03T18:13:39.974014

Vty password is not set.

18111 / tcp

-122096153 | 2025-03-16T08:58:20.849167

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

18225 / tcp

819727972 | 2025-03-20T02:37:20.697324

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

18245 / tcp

-1428621233 | 2025-03-21T19:13:51.558000

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

18368 / tcp

819727972 | 2025-03-20T23:49:35.014720

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

18443 / tcp

632542934 | 2025-03-26T06:53:24.383048

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

19000 / tcp

-1099385124 | 2025-03-13T16:13:44.817083

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

19015 / tcp

1308377066 | 2025-03-04T17:24:24.705620

ncacn_http/1.0

19999 / tcp

-2096652808 | 2025-03-17T18:00:57.024760

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

20000 / tcp

1900503736 | 2025-03-11T11:36:04.049772

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

20070 / tcp

-1399940268 | 2025-02-28T21:47:16.872978

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20107 / tcp

-1888448627 | 2025-03-26T21:16:13.437603

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

20121 / tcp

1762042191 | 2025-03-16T20:00:46.194146

\x7f\x7fICA\x00

20880 / tcp

1370263973 | 2025-03-18T21:28:47.448315

dubbo>

21233 / tcp

819727972 | 2025-03-20T00:42:52.858186

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

21236 / tcp

819727972 | 2025-03-19T23:34:51.066665

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

21245 / tcp

599074451 | 2025-03-17T17:05:24.388669

msg

21248 / tcp

-1733645023 | 2025-03-26T17:44:18.415635

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

21261 / tcp

1308377066 | 2025-03-01T01:23:36.977988

ncacn_http/1.0

21282 / tcp

-457235091 | 2025-03-27T18:20:06.189463

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

21291 / tcp

1911457608 | 2025-03-17T00:21:10.531478

\x00[\x00\x00\x00\x00\x00\x00

21292 / tcp

-1888448627 | 2025-03-09T13:44:18.445109

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

21326 / tcp

1332894250 | 2025-03-25T14:21:22.333572

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

21379 / tcp

819727972 | 2025-03-11T08:34:10.465202

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

21400 / tcp

-358801646 | 2025-03-23T07:16:11.522627

SSH-2.0-OpenSSH_6.6.1

21515 / tcp

-441419608 | 2025-03-06T15:38:13.974606

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

22001 / tcp

2087396567 | 2025-03-27T21:15:11.927959

kjnkjabhbanc283ubcsbhdc72

22380 / tcp

1767345577 | 2025-03-16T20:24:32.536028

Hello, this is Quagga (version 0T).
Copyright 1996-200

22403 / tcp

1830697416 | 2025-03-15T05:28:18.025624

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

22556 / tcp

-2089734047 | 2025-03-16T10:40:21.831463

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

23023 / tcp

1690634669 | 2025-03-23T23:30:46.971376

23084 / tcp

-1648456501 | 2025-03-20T13:07:07.323030

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

24181 / tcp

632542934 | 2025-03-04T00:03:08.317296

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

24245 / tcp

2087396567 | 2025-03-14T14:21:22.661291

kjnkjabhbanc283ubcsbhdc72

24510 / tcp

1208318993 | 2025-03-25T11:13:55.052309

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

25001 / tcp

-1013082686 | 2025-03-22T16:16:49.233914

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

25565 / tcp

-2089734047 | 2025-03-11T10:29:53.616659

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

26656 / tcp

996960436 | 2025-03-29T00:11:31.890477

572 Relay not authorized

27015 / tcp

-454087041 | 2025-03-25T12:30:15.513384

\x1e\xc3\x80\x010\x02\x00\xc2\xa8\xc3\xa3\x00\x00\x00\x00

27017 / tcp

1763259671 | 2025-03-27T08:24:14.942206

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

27036 / tcp

1282941221 | 2025-03-25T08:53:07.027110

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

28015 / tcp

-2089734047 | 2025-03-05T20:12:02.341402

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

29984 / tcp

1830187220 | 2025-03-26T14:29:54.953571

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

30003 / tcp

171352214 | 2025-03-05T03:44:34.837384

-ERR client ip is not in whitelist

30005 / tcp

-1399940268 | 2025-03-21T12:54:19.956303

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

30009 / tcp

-1329831334 | 2025-03-28T21:25:26.124419

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

30017 / tcp

320677201 | 2025-03-07T16:08:00.448010

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

30022 / tcp

-971970408 | 2025-03-14T21:23:50.604343

30110 / tcp

-1399940268 | 2025-03-27T21:09:41.631597

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

30121 / tcp

921225407 | 2025-03-06T01:14:30.006800

\x00\x00\x00\x04\x00\x00\x00\x00\x00

30122 / tcp

2087396567 | 2025-03-19T20:22:05.646624

kjnkjabhbanc283ubcsbhdc72

30473 / tcp

1911457608 | 2025-02-27T22:35:05.546727

\x00[\x00\x00\x00\x00\x00\x00

30522 / tcp

-971970408 | 2025-03-12T15:51:26.210483

30622 / tcp

799468586 | 2025-03-12T10:59:10.530026

ICA

30722 / tcp

-1839934832 | 2025-03-13T13:31:44.334392

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

30822 / tcp

539065883 | 2025-03-12T19:45:11.567543

30922 / tcp

-971970408 | 2025-03-20T22:25:47.022652

31022 / tcp

-653033013 | 2025-03-24T12:05:46.238660

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

31522 / tcp

2087396567 | 2025-03-13T01:28:00.295148

kjnkjabhbanc283ubcsbhdc72

31622 / tcp

171352214 | 2025-03-23T09:59:42.434730

-ERR client ip is not in whitelist

31722 / tcp

808560482 | 2025-03-12T23:00:43.407341

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP
 : USERID : UNIX : Cr8

31922 / tcp

-971970408 | 2025-03-24T06:23:54.983169

32022 / tcp

2087396567 | 2025-03-23T19:12:36.524282

kjnkjabhbanc283ubcsbhdc72

32101 / tcp

-1907909544 | 2025-03-05T15:32:25.704412

\r\nHello, this is Quagga (version 0T).\r\nCopyright 1996-200

32102 / tcp

-1399940268 | 2025-03-12T02:54:58.143188

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

32122 / tcp

-2096652808 | 2025-03-09T21:05:05.458758

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

32622 / tcp

1332894250 | 2025-03-11T19:32:36.422965

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

32722 / tcp

2087396567 | 2025-03-23T05:28:31.511642

kjnkjabhbanc283ubcsbhdc72

32764 / tcp

1880683805 | 2025-03-14T20:25:34.882841

ÿ

33022 / tcp

-319440554 | 2025-02-27T16:47:51.278922

33060 / tcp

-1013082686 | 2025-03-23T11:00:09.070747

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

33122 / tcp

-971970408 | 2025-03-04T14:24:09.040912

33422 / tcp

1690634669 | 2025-03-19T17:02:28.197636

33822 / tcp

2087396567 | 2025-03-18T12:19:34.269342

kjnkjabhbanc283ubcsbhdc72

34122 / tcp

-905685638 | 2025-03-20T15:36:34.222644

bxz437

34622 / tcp

-746114901 | 2025-03-19T10:37:13.690314

[KpU

34722 / tcp

2087396567 | 2025-03-04T00:15:08.482730

kjnkjabhbanc283ubcsbhdc72

34822 / tcp

-971970408 | 2025-03-19T06:55:08.602026

34922 / tcp

1189133115 | 2025-03-18T19:54:01.187981

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

35000 / tcp

-2089734047 | 2025-03-17T15:14:51.454879

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

35004 / tcp

819727972 | 2025-03-23T02:41:22.988992

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

35101 / tcp

-1399940268 | 2025-03-05T03:40:08.297072

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

35122 / tcp

1830187220 | 2025-03-19T01:05:24.974394

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

35522 / tcp

819727972 | 2025-03-17T01:06:25.414229

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

35554 / tcp

-2033111675 | 2025-03-19T13:26:06.515827

~djb

35822 / tcp

-2107996212 | 2025-03-17T17:50:53.961234

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

36022 / tcp

-314039103 | 2025-03-17T21:15:19.861524

Surnom.
Sorry, that nickname format is invalid.

36422 / tcp

-1375131644 | 2025-03-15T08:45:16.663840

\x00[v\xc3\xbdC\x7f\x00\x00

36522 / tcp

-1461540015 | 2025-03-18T16:50:20.296102

audio 0 RTP/AVP 18 4 3 8 0 101
a

36822 / tcp

1996932384 | 2025-03-18T14:53:11.456846

"raop" nonce

36922 / tcp

1741579575 | 2025-03-18T13:00:27.398955

37022 / tcp

1690634669 | 2025-03-16T19:35:34.930497

37222 / tcp

2087396567 | 2025-03-14T20:49:36.488122

kjnkjabhbanc283ubcsbhdc72

37322 / tcp

740837454 | 2025-03-16T11:28:02.843886

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

37422 / tcp

-441419608 | 2025-02-28T20:01:38.446178

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

37522 / tcp

-407828767 | 2025-03-16T10:04:07.151592

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

37622 / tcp

1996932384 | 2025-03-16T02:16:21.094777

"raop" nonce

37777 / tcp

-1327660293 | 2025-03-17T23:45:11.834168

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

38022 / tcp

-2017887953 | 2025-03-17T23:05:51.263224

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 10 1

38333 / tcp

-971970408 | 2025-03-28T18:42:50.487575

38522 / tcp

-79865617 | 2025-03-13T23:58:33.117332

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com
mit-revprops depth log-revprops partial-replay ) ) )

38880 / tcp

-1013082686 | 2025-02-27T19:45:28.720300

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

39622 / tcp

-971970408 | 2025-03-11T07:40:37.777195

39822 / tcp

1887224352 | 2025-03-12T06:52:02.645516

40022 / tcp

1741579575 | 2025-03-09T11:37:44.245921

40029 / tcp

-375604792 | 2025-03-25T11:32:14.931912

220 Microsoft FTP Service

40322 / tcp

-971970408 | 2025-03-08T21:21:15.669319

40522 / tcp

171352214 | 2025-03-04T08:39:29.808826

-ERR client ip is not in whitelist

40892 / tcp

1996932384 | 2025-03-08T13:29:21.148425

"raop" nonce

41122 / tcp

-2107996212 | 2025-02-27T15:22:54.043255

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

41443 / tcp

-746114901 | 2025-03-28T06:27:28.633199

[KpU

41522 / tcp

-2033111675 | 2025-03-04T22:33:16.592573

~djb

41794 / tcp

-805362002 | 2025-03-23T20:58:54.215672

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

41800 / tcp

-1996280214 | 2025-03-07T07:23:21.238974

\x06\x04\x05@

41922 / tcp

114471724 | 2025-03-07T16:09:45.488377

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN
Server: NSX

42122 / tcp

897328069 | 2025-03-05T02:46:39.489581

220 mail.scott000.com ESMTP

42901 / tcp

707919486 | 2025-03-28T17:33:40.282677

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

43222 / tcp

-1476017887 | 2025-03-01T00:22:10.792330

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

44021 / tcp

-1059554316 | 2025-03-14T00:10:15.984527

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

44100 / tcp

-136006866 | 2025-03-08T14:55:44.636469

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

44307 / tcp

819727972 | 2025-03-18T20:02:58.237635

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

44310 / tcp

-2080784861 | 2025-03-17T11:20:25.837701

GBPK\xc3\xbb\xc3\xb7n\xc2\x93W\xc2\xaf\xc2\x86\xc2\x93x@\xc2\xa9\x0e\xc3\x8a*\xc2\x9bS\x00

44410 / tcp

1632932802 | 2025-03-28T03:34:13.037386

44818 / tcp

819727972 | 2025-03-24T20:32:44.855583

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

45003 / tcp

-1013082686 | 2025-03-18T12:23:54.225045

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

45666 / tcp

-2089734047 | 2025-03-12T15:51:23.588229

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

45667 / tcp

-1399940268 | 2025-03-26T16:32:07.837514

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

45786 / tcp

455076604 | 2025-03-23T19:40:22.790183

!\x07version\x04bind7 t{RPowerDNS Recursor 410

45888 / tcp

-1399940268 | 2025-03-18T03:58:54.607843

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

45922 / tcp

-2096652808 | 2025-03-10T14:21:54.641012

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

47722 / tcp

-1681927087 | 2025-03-10T12:01:49.693441

kjnkjabhbanc283ubcsbhdc72

47989 / tcp

1911457608 | 2025-03-13T19:10:21.098190

\x00[\x00\x00\x00\x00\x00\x00

47990 / tcp

-1013082686 | 2025-03-26T13:47:07.076434

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

48001 / tcp

-1839934832 | 2025-03-08T18:03:30.508047

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

48022 / tcp

539065883 | 2025-03-07T11:40:17.610656

48322 / tcp

819727972 | 2025-03-10T02:43:40.687072

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

48522 / tcp

841014058 | 2025-03-09T22:48:31.935692

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

48888 / tcp

-2096652808 | 2025-03-24T17:57:54.152059

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

48899 / tcp

2087396567 | 2025-03-22T05:44:26.864855

kjnkjabhbanc283ubcsbhdc72

49152 / tcp

1449779382 | 2025-03-20T07:02:57.482398

HTTP/1.1 500 Internal Server Error
CONTENT-LENGTH: 411
CONTENT-TYPE: text/xml; charset="utf-8"
DATE: Mon, 22 Jan 2024 08:04:18 GMT
EXT:
SERVER: Linux/3.3.0, UPnP/1.0, Portable SDK for UPnP devices/1.6.18
X-User-Agent: redsonic

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<s:Body>
<s:Fault>
<faultcode>s:Client</faultcode>
<faultstring>UPnPError</faultstring>
<detail>
<UPnPError xmlns="urn:schemas-upnp-org:control-1-0">
<

49694 / tcp

-1888448627 | 2025-03-09T23:28:42.029660

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

50000 / tcp

2087396567 | 2025-03-22T10:01:38.185247

kjnkjabhbanc283ubcsbhdc72

50002 / tcp

669849225 | 2025-03-27T10:00:38.464659

SSH-98.60-SysaxSSH_81885..42\r\n

50008 / tcp

-358801646 | 2025-02-27T20:01:06.053962

SSH-2.0-OpenSSH_6.6.1

50050 / tcp

2087396567 | 2025-03-29T04:02:46.795077

kjnkjabhbanc283ubcsbhdc72

50070 / tcp

2087396567 | 2025-03-28T13:05:26.773589

kjnkjabhbanc283ubcsbhdc72

50073 / tcp

119860953 | 2025-03-04T07:40:30.418103

* OK ArGoSoft Mail Server IMAP Module v.YW at

50100 / tcp

-1681927087 | 2025-03-25T12:30:20.960354

kjnkjabhbanc283ubcsbhdc72

50122 / tcp

-1947777893 | 2025-03-16T02:36:36.046876

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

50998 / tcp

-585940771 | 2025-03-09T18:08:05.508135

Unknown command\r\n

51000 / tcp

819727972 | 2025-03-13T18:24:15.258065

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

51235 / tcp

-971970408 | 2025-03-21T17:30:15.259935

51443 / tcp

539065883 | 2025-03-28T15:09:31.104846

53022 / tcp

-2096652808 | 2025-03-07T07:30:17.898241

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

53413 / tcp

171352214 | 2025-03-22T02:55:32.249325

-ERR client ip is not in whitelist

54138 / tcp

1161309183 | 2025-03-21T10:30:26.178491

ProxyServer is ready

54922 / tcp

291723434 | 2025-03-07T09:19:17.987659

Lantronix MSS100 Version V118/523(045538937)

Type HELP at the 'Local_61349> ' prompt for assistance.



Username>

54984 / tcp

2087396567 | 2025-03-28T22:48:58.588111

kjnkjabhbanc283ubcsbhdc72

55000 / tcp

-1375131644 | 2025-03-17T07:10:44.673517

\x00[v\xc3\xbdC\x7f\x00\x00

55022 / tcp

320677201 | 2025-03-07T04:53:07.968959

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

55055 / tcp

-585940771 | 2025-03-12T03:26:26.050836

Unknown command\r\n

55350 / tcp

-1626979812 | 2025-03-28T12:06:53.431776

220 Service ready for new user.

55443 / tcp

-1990350878 | 2025-03-08T13:25:59.102734

 
04 \...

55470 / tcp

114471724 | 2025-03-09T21:25:23.212867

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN
Server: NSX

55475 / tcp

1911457608 | 2025-03-12T01:03:49.127943

\x00[\x00\x00\x00\x00\x00\x00

55522 / tcp

539065883 | 2025-03-06T23:39:05.711547

55722 / tcp

2087396567 | 2025-03-06T19:37:56.488815

kjnkjabhbanc283ubcsbhdc72

55822 / tcp

1278527606 | 2025-03-06T21:37:37.374028

SSH-2.0-Teleport

57722 / tcp

171352214 | 2025-03-06T08:52:18.474031

-ERR client ip is not in whitelist

57782 / tcp

15018106 | 2025-03-29T10:00:33.471869

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

57787 / tcp

-1399940268 | 2025-03-05T23:57:41.045361

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

58122 / tcp

2087396567 | 2025-03-06T02:54:22.859827

kjnkjabhbanc283ubcsbhdc72

58422 / tcp

-971970408 | 2025-03-05T21:40:30.049678

58443 / tcp

-1888448627 | 2025-03-18T07:08:50.554886

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

59012 / tcp

321971019 | 2025-03-08T14:46:21.667730

-ERR client ip is not in whitelist\r

59122 / tcp

2143387245 | 2025-03-05T11:22:59.433244

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

59222 / tcp

-1598265216 | 2025-03-05T09:38:16.670325

@RSYNCD: 31.0

60001 / tcp

-454087041 | 2025-03-29T05:56:13.154568

\x1e\xc3\x80\x010\x02\x00\xc2\xa8\xc3\xa3\x00\x00\x00\x00

60129 / tcp

178736976 | 2025-03-06T15:46:52.123127

SSH-58-Ingrian_SSH

61613 / tcp

1624217396 | 2025-03-07T07:44:39.105079

HELO:10.3.6.0.false\nAS:2048\nHL:19

61616 / tcp

-138733098 | 2025-03-20T12:53:08.563536

roku: ready

62078 / tcp

-860824904 | 2025-03-21T14:04:31.915595

\x00\x01)

63210 / tcp

-1681927087 | 2025-03-27T09:44:18.529817

kjnkjabhbanc283ubcsbhdc72

63257 / tcp

89282912 | 2025-03-11T14:50:33.563829

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto
col:SOAP, MKSDisplayProtocol:VNC , ,

63260 / tcp

-616720387 | 2025-03-11T21:14:55.919214

SSH-2.0-SSHD_0.7.6

64477 / tcp

-1327660293 | 2025-03-06T13:20:19.304266

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

64738 / tcp

996960436 | 2025-03-15T04:37:52.240575

572 Relay not authorized

59.82.133.79

Last Seen: 2025-03-29

Tags:

GeneralInformation

OpenPorts

13 / tcp -1835577706 | 2025-03-27T18:58:59.924280

15 / tcp 1850902677 | 2025-03-08T20:47:19.797558

17 / tcp 2115448635 | 2025-03-23T15:59:48.953133

19 / tcp 829384519 | 2025-02-28T12:03:33.235337

23 / tcp 676675086 | 2025-03-28T05:14:08.686481

25 / tcp -1730858130 | 2025-03-13T03:56:14.691310

43 / tcp -1399940268 | 2025-03-28T18:24:22.615064

49 / tcp -1056270173 | 2025-03-19T03:22:00.232815

70 / tcp -1056270173 | 2025-03-23T17:00:37.378023

79 / tcp -1770051369 | 2025-03-18T18:35:47.596694

80 / tcp -1466342676 | 2025-03-29T09:22:54.216413

Hashes

85 / tcp -1888448627 | 2025-03-07T16:50:51.191437

90 / tcp -1399940268 | 2025-03-11T05:17:55.305979

93 / tcp -1099385124 | 2025-03-24T09:41:21.373949

100 / tcp 165188539 | 2025-03-15T19:27:42.689697

102 / tcp 819727972 | 2025-03-22T11:14:55.148827

104 / tcp 165188539 | 2025-03-18T03:23:34.339804

113 / tcp 1412519768 | 2025-03-15T22:59:57.931659

119 / tcp -1958992631 | 2025-03-12T00:42:52.869803

135 / tcp -1589645334 | 2025-03-23T13:08:57.442968

179 / tcp -399606100 | 2025-03-08T13:50:46.086425

195 / tcp -971970408 | 2025-03-26T04:51:06.970537

221 / tcp 2098371729 | 2025-03-13T19:15:59.856664

311 / tcp 67948279 | 2025-03-06T21:51:10.530854

427 / tcp -349937125 | 2025-03-11T08:27:08.367833

440 / tcp 1308377066 | 2025-03-27T04:41:37.399958

443 / tcp 2053195084 | 2025-03-12T02:53:03.599700

444 / tcp -303826268 | 2025-03-17T12:09:20.829046

485 / tcp -1648456501 | 2025-03-20T13:17:25.476349

502 / tcp 632542934 | 2025-03-14T14:56:18.101782

513 / tcp -1373613804 | 2025-03-18T23:37:07.197372

515 / tcp 988099889 | 2025-03-28T07:18:43.742163

541 / tcp -1299118573 | 2025-03-27T18:44:05.707077

548 / tcp -1128967010 | 2025-03-13T21:13:08.114125

554 / tcp 1167995424 | 2025-03-26T10:14:54.877603

556 / tcp 632542934 | 2025-03-25T18:32:08.548376

593 / tcp -1112304903 | 2025-03-06T06:33:25.436203

636 / tcp -2023550675 | 2025-03-18T20:08:46.085781

771 / tcp -1399940268 | 2025-03-16T12:11:43.754260

789 / tcp -1795027372 | 2025-03-08T18:16:51.677037

811 / tcp -1399940268 | 2025-03-24T09:23:16.167241

902 / tcp 1956828827 | 2025-03-03T17:39:27.309483

993 / tcp 45131230 | 2025-03-20T15:00:25.467858

995 / tcp 1685649979 | 2025-03-04T18:42:54.737200

1002 / tcp 1761482307 | 2025-03-15T22:05:26.655555

1013 / tcp -904840257 | 2025-03-20T22:05:05.676574

1023 / tcp 233634112 | 2025-03-15T21:34:08.668622

1025 / tcp -1230049476 | 2025-03-07T12:24:48.018262

1028 / tcp 2103111368 | 2025-03-25T03:04:12.113258

1080 / tcp 1362344524 | 2025-03-22T10:41:08.151589

1099 / tcp 819727972 | 2025-03-09T19:01:51.010174

1153 / tcp 580340387 | 2025-03-13T12:46:44.419171

1177 / tcp 1960438949 | 2025-03-24T22:53:32.058773

1234 / tcp 321971019 | 2025-03-10T18:50:01.512191

1291 / tcp -1399940268 | 2025-03-22T19:46:52.074338

1414 / tcp -2096652808 | 2025-03-24T04:48:20.567191

1433 / tcp -186520940 | 2025-03-17T23:07:23.972393

1454 / tcp -1795027372 | 2025-03-13T20:48:49.264811

1494 / tcp -1049213899 | 2025-03-16T12:02:14.447213

1500 / tcp -271515508 | 2025-03-24T20:00:16.606966

1515 / tcp 819727972 | 2025-03-24T17:42:37.529747

1521 / tcp -1184558916 | 2025-03-07T10:16:42.233938

1599 / tcp 290819026 | 2025-03-27T04:54:50.784897

1604 / tcp 2087396567 | 2025-03-07T16:24:30.590286

1723 / tcp 2064046231 | 2025-03-18T17:20:44.797435

1800 / tcp 165188539 | 2025-03-20T17:59:26.872612

1830 / tcp 1911457608 | 2025-03-12T18:00:04.238790

1883 / tcp 1231376952 | 2025-03-16T21:53:21.959973

1954 / tcp 1911457608 | 2025-03-24T17:51:45.198170

1962 / tcp 455076604 | 2025-03-26T03:44:23.643050

1977 / tcp 819727972 | 2025-03-25T21:15:25.436472

1983 / tcp 669849225 | 2025-03-10T00:10:50.122786

2000 / tcp 671605376 | 2025-03-03T23:50:16.081553

2003 / tcp -1399940268 | 2025-03-19T04:25:31.449927

13 / tcp

-1835577706 | 2025-03-27T18:58:59.924280

15 / tcp

1850902677 | 2025-03-08T20:47:19.797558

17 / tcp

2115448635 | 2025-03-23T15:59:48.953133

19 / tcp

829384519 | 2025-02-28T12:03:33.235337

23 / tcp

676675086 | 2025-03-28T05:14:08.686481

25 / tcp

-1730858130 | 2025-03-13T03:56:14.691310

43 / tcp

-1399940268 | 2025-03-28T18:24:22.615064

49 / tcp

-1056270173 | 2025-03-19T03:22:00.232815

70 / tcp

-1056270173 | 2025-03-23T17:00:37.378023

79 / tcp

-1770051369 | 2025-03-18T18:35:47.596694

80 / tcp

-1466342676 | 2025-03-29T09:22:54.216413

85 / tcp

-1888448627 | 2025-03-07T16:50:51.191437

90 / tcp

-1399940268 | 2025-03-11T05:17:55.305979

93 / tcp

-1099385124 | 2025-03-24T09:41:21.373949

100 / tcp

165188539 | 2025-03-15T19:27:42.689697

102 / tcp

819727972 | 2025-03-22T11:14:55.148827

104 / tcp

165188539 | 2025-03-18T03:23:34.339804

113 / tcp

1412519768 | 2025-03-15T22:59:57.931659

119 / tcp

-1958992631 | 2025-03-12T00:42:52.869803

135 / tcp

-1589645334 | 2025-03-23T13:08:57.442968

179 / tcp

-399606100 | 2025-03-08T13:50:46.086425

195 / tcp

-971970408 | 2025-03-26T04:51:06.970537

221 / tcp

2098371729 | 2025-03-13T19:15:59.856664

311 / tcp

67948279 | 2025-03-06T21:51:10.530854

427 / tcp

-349937125 | 2025-03-11T08:27:08.367833

440 / tcp

1308377066 | 2025-03-27T04:41:37.399958

443 / tcp

2053195084 | 2025-03-12T02:53:03.599700

444 / tcp

-303826268 | 2025-03-17T12:09:20.829046

485 / tcp

-1648456501 | 2025-03-20T13:17:25.476349

502 / tcp

632542934 | 2025-03-14T14:56:18.101782

513 / tcp

-1373613804 | 2025-03-18T23:37:07.197372

515 / tcp

988099889 | 2025-03-28T07:18:43.742163

541 / tcp

-1299118573 | 2025-03-27T18:44:05.707077

548 / tcp

-1128967010 | 2025-03-13T21:13:08.114125

554 / tcp

1167995424 | 2025-03-26T10:14:54.877603

556 / tcp

632542934 | 2025-03-25T18:32:08.548376

593 / tcp

-1112304903 | 2025-03-06T06:33:25.436203

636 / tcp

-2023550675 | 2025-03-18T20:08:46.085781

771 / tcp

-1399940268 | 2025-03-16T12:11:43.754260

789 / tcp

-1795027372 | 2025-03-08T18:16:51.677037

811 / tcp

-1399940268 | 2025-03-24T09:23:16.167241

902 / tcp

1956828827 | 2025-03-03T17:39:27.309483

993 / tcp

45131230 | 2025-03-20T15:00:25.467858

995 / tcp

1685649979 | 2025-03-04T18:42:54.737200

1002 / tcp

1761482307 | 2025-03-15T22:05:26.655555

1013 / tcp

-904840257 | 2025-03-20T22:05:05.676574

1023 / tcp

233634112 | 2025-03-15T21:34:08.668622

1025 / tcp

-1230049476 | 2025-03-07T12:24:48.018262

1028 / tcp

2103111368 | 2025-03-25T03:04:12.113258

1080 / tcp

1362344524 | 2025-03-22T10:41:08.151589

1099 / tcp

819727972 | 2025-03-09T19:01:51.010174

1153 / tcp

580340387 | 2025-03-13T12:46:44.419171

1177 / tcp

1960438949 | 2025-03-24T22:53:32.058773

1234 / tcp

321971019 | 2025-03-10T18:50:01.512191

1291 / tcp

-1399940268 | 2025-03-22T19:46:52.074338

1414 / tcp

-2096652808 | 2025-03-24T04:48:20.567191

1433 / tcp

-186520940 | 2025-03-17T23:07:23.972393

1454 / tcp

-1795027372 | 2025-03-13T20:48:49.264811

1494 / tcp

-1049213899 | 2025-03-16T12:02:14.447213

1500 / tcp

-271515508 | 2025-03-24T20:00:16.606966

1515 / tcp

819727972 | 2025-03-24T17:42:37.529747

1521 / tcp

-1184558916 | 2025-03-07T10:16:42.233938

1599 / tcp

290819026 | 2025-03-27T04:54:50.784897

1604 / tcp

2087396567 | 2025-03-07T16:24:30.590286

1723 / tcp

2064046231 | 2025-03-18T17:20:44.797435

1800 / tcp

165188539 | 2025-03-20T17:59:26.872612

1830 / tcp

1911457608 | 2025-03-12T18:00:04.238790

1883 / tcp

1231376952 | 2025-03-16T21:53:21.959973

1954 / tcp

1911457608 | 2025-03-24T17:51:45.198170

1962 / tcp

455076604 | 2025-03-26T03:44:23.643050

1977 / tcp

819727972 | 2025-03-25T21:15:25.436472

1983 / tcp

669849225 | 2025-03-10T00:10:50.122786

2000 / tcp

671605376 | 2025-03-03T23:50:16.081553

2003 / tcp

-1399940268 | 2025-03-19T04:25:31.449927

2008 / tcp

1492413928 | 2025-03-24T14:17:25.271387

2010 / tcp

321971019 | 2025-03-10T22:39:20.717833

2054 / tcp

-980525298 | 2025-02-27T18:34:58.105180

2067 / tcp

-801484042 | 2025-03-09T05:07:56.998188

2072 / tcp

819727972 | 2025-03-17T16:41:41.212792

2080 / tcp

45131230 | 2025-03-24T22:26:08.352471