GeneralInformation

Hostnames	cn-beijing.oss.aliyuncs.com
Domains	aliyuncs.com
Cloud Provider	Alibaba Cloud
Country	China
City	Beijing
Organization	Aliyun Computing Co.LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2024(3)

CVE-2024-25117

6.8php-svg-lib is a scalable vector graphics (SVG) file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP < 8.0, and doesn't validate if external references are allowed. This might leads to bypass of restrictions or RCE on projects that are using it, if they do not strictly revalidate the fontName that is passed by php-svg-lib. The `Style::fromAttributes(`), or the `Style::parseCssStyle()` should check the content of the `font-family` and prevents it to use a PHAR url, to avoid passing an invalid and dangerous `fontName` value to other libraries. The same check as done in the `Style::fromStyleSheets` might be reused. Libraries using this library as a dependency might be vulnerable to some bypass of restrictions, or even remote code execution, if they do not double check the value of the `fontName` that is passed by php-svg-lib. Version 0.5.2 contains a fix for this issue.

CVE-2024-6387

8.1A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

CVE-2024-5458

5.3In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. This may lead to the downstream code accepting invalid URLs as valid and parsing them incorrectly.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2022(7)

CVE-2022-37454

9.8The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.

CVE-2022-31630

6.5In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information.

CVE-2022-31629

6.5In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

CVE-2022-31628

2.3In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

CVE-2022-31626

7.5In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability.

CVE-2022-31625

8.1In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.

CVE-2022-4900

6.2A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.

2021(8)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

CVE-2021-21708

8.2In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits.

CVE-2021-21707

5.3In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended.

CVE-2021-21706

5.3In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below 8.0.11, in Microsoft Windows environment, ZipArchive::extractTo may be tricked into writing a file outside target directory when extracting a ZIP file, thus potentially causing files to be created or overwritten, subject to OS permissions.

CVE-2021-21705

4.3In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can be accepted as valid. This can lead to the code incorrectly parsing the URL and potentially leading to other security implications - like contacting a wrong server or making a wrong access decision.

CVE-2021-21704

5.0In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute(), execute(), fetch() and others by returning invalid response data that is not parsed correctly by the driver. This can result in crashes, denial of service or potentially memory corruption.

CVE-2021-21703

7.8In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user.

2020(2)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

2019(4)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(3)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

2017(4)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

CVE-2017-9120

9.8PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.

CVE-2017-9118

7.5PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call.

CVE-2017-8923

9.8The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(4)

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2013(1)

CVE-2013-2220

7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(2)

CVE-2007-3205

5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

2 11 13 15 17 21 25 43 49 70 79 80 99 102 110 111 113 119 122 175 264 311 314 385 389 400 427 440 441 443 444 446 451 452 465 480 502 503 513 515 541 548 554 587 636 666 771 830 873 995 1023 1025 1080 1099 1153 1190 1195 1200 1337 1366 1414 1433 1515 1599 1604 1800 1801 1883 1911 1926 1952 1970 1978 1990 2000 2003 2008 2030 2051 2056 2062 2066 2067 2068 2079 2081 2083 2087 2121 2154 2195 2210 2222 2224 2323 2332 2345 2376 2404 2455 2506 2628 2762 3001 3013 3015 3050 3059 3068 3075 3093 3097 3098 3099 3119 3120 3129 3130 3144 3149 3157 3166 3169 3180 3256 3268 3299 3306 3310 3390 3404 3406 3503 3548 3551 3553 3554 3557 3558 3563 3780 4022 4040 4064 4118 4150 4282 4321 4343 4369 4400 4402 4431 4433 4443 4444 4477 4506 4524 4528 4786 4821 4899 4911 5001 5006 5007 5010 5160 5172 5201 5222 5231 5235 5257 5268 5269 5351 5613 5620 5672 5858 5911 5915 5986 5994 6000 6001 6002 6005 6006 6010 6050 6379 6667 6668 6686 6779 7000 7001 7002 7003 7018 7050 7071 7082 7218 7434 7443 7547 7548 7634 7887 7989 8001 8009 8015 8017 8027 8047 8077 8083 8085 8087 8089 8095 8100 8102 8103 8139 8140 8157 8167 8177 8181 8200 8280 8284 8315 8403 8409 8411 8414 8415 8464 8514 8545 8553 8575 8594 8600 8606 8641 8643 8728 8790 8816 8822 8838 8841 8850 8852 8876 8883 8884 8901 8905 8916 8993 9000 9003 9011 9029 9034 9042 9071 9077 9093 9095 9100 9117 9124 9130 9142 9154 9173 9174 9182 9195 9219 9241 9280 9291 9303 9306 9333 9398 9418 9443 9446 9515 9530 9633 9743 9758 9876 9950 9966 9998 9999 10000 10001 10002 10016 10018 10024 10036 10043 10134 10210 10250 10256 10324 10443 10554 10810 10911 10943 11001 11075 11211 11443 11681 12000 12116 12118 12125 12135 12144 12148 12161 12167 12171 12183 12199 12209 12210 12224 12225 12226 12227 12244 12248 12250 12271 12278 12290 12291 12294 12297 12336 12342 12344 12345 12353 12365 12366 12379 12404 12411 12424 12478 12482 12484 12499 12522 12531 12533 12561 14147 14265 14344 14524 14895 15002 15018 15044 15502 15503 16004 16009 16011 16013 16016 16022 16025 16036 16058 16059 16063 16072 16090 16402 16993 17182 18009 18036 18043 18057 18072 18081 18102 18182 18245 19000 19222 19999 20000 20060 20202 20256 20500 20547 20880 21025 21083 21084 21233 21302 21318 21379 22022 23023 25565 27015 27017 28015 28080 30007 30122 30301 31001 31017 31122 31337 31380 31422 31522 31822 32001 32522 32764 33060 33322 33622 34222 34522 34722 35000 35004 35022 35241 35522 35524 35554 35922 36222 37122 37522 37822 38122 38222 38322 38522 38822 38922 39122 39222 39322 39522 39622 40022 40322 40722 41222 41800 42222 43522 43622 43922 44122 44158 44301 44307 44308 44322 44334 44365 44400 44818 45005 45122 45668 45777 45821 46022 46222 46322 46522 46622 46822 47122 47222 47522 47534 48018 48322 48422 48622 48722 48822 49210 49222 49322 49422 49501 49622 49722 49822 49922 50000 50014 50050 50073 50085 50100 50103 50160 50522 50922 50996 51004 51222 51322 51443 51822 52022 52522 52822 52951 53922 54138 54322 54722 55222 55422 55522 55554 57622 57822 57922 58122 58222 58422 58722 59122 59222 59522 60129 60443 61616 61617 63210 63256 63260 65000

2 / tcp

-2096652808 | 2025-03-15T22:05:29.422068

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

11 / tcp

2087396567 | 2025-03-13T04:39:15.634016

kjnkjabhbanc283ubcsbhdc72

13 / tcp

-1036370807 | 2025-03-06T08:11:28.361306

JDWP-Handshake

15 / tcp

1911457608 | 2025-03-15T06:57:42.985677

\x00[\x00\x00\x00\x00\x00\x00

17 / tcp

5698739 | 2025-02-28T04:57:41.718037

"We have no more right to consume happiness without producing it than to
 consume wealth without producing it." George Bernard Shaw (1856-1950)
\x00

21 / tcp

1564456597 | 2025-03-10T16:22:38.115493

220 Firewall Authentication required before proceeding with service

25 / tcp

-1435414831 | 2025-03-09T23:05:18.655525

roku: ready\r\n

43 / tcp

472902042 | 2025-03-16T17:08:04.522913

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

49 / tcp

-801484042 | 2025-03-13T09:26:18.317849

ERR 27

70 / tcp

-1056270173 | 2025-03-17T21:07:48.196629

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close

79 / tcp

-2101653054 | 2025-02-25T10:39:50.558743

"Magic:ActiveMQ
Version:12
\x01<\x01ActiveMQ\x01\x01*\x11TcpNoDelayEnabled\x01\x01\x12SizePrefixDisabled\x01 CacheSize\x05\x04ProviderName \x08ActiveMQ\x11StackTraceEnabled\x01\x01\x0fPlatformDetails \x04JavaCacheEnabled\x01\x01\x14TightEncodingEnabl

80 / tcp

-1593055664 | 2025-03-07T07:29:34.482385

Hashes

hash

2134776064

http.dom_hash

1799269922

http.html_hash

-1593055664

http.server_hash

-498774968

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Fri, 07 Mar 2025 07:29:34 GMT
Content-Type: application/xml
Content-Length: 346
Connection: keep-alive
x-oss-request-id: 67CAA05E9BEF453233659660
x-oss-server-time: 0
x-oss-ec: 0003-00001201

99 / tcp

1713556628 | 2025-03-06T20:19:56.429566

HTTP/1.1 400 Bad Request
Server: Jdcloud-FE
Content-Type: text/html
Connection: keep-alive
Keep-Alive: timeout=20

102 / tcp

1615193817 | 2025-03-08T16:00:02.304959

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

110 / tcp

819727972 | 2025-03-13T03:05:31.167485

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

111 / tcp

-53360811 | 2025-02-26T17:40:57.236215

Portmap
Program	Version	Protocol	Port
1633904741	759394158	1953656684	975203951
1751452228	172191598	1852138356	1768910394
1936002314	1131376244	1701737517	1417244773

113 / tcp

-1777894858 | 2025-03-13T08:53:12.719591

113 , 35054 : USERID : OTHER :99

119 / tcp

141730637 | 2025-03-13T12:13:38.835273

HTTP/1.0 200 OK
Server: Proxy

122 / tcp

632542934 | 2025-02-23T16:48:28.425182

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

175 / tcp

-1399940268 | 2025-03-11T17:17:27.833151

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

264 / tcp

-1718229072 | 2025-03-12T08:03:36.150874

CheckPoint\nFirewall Host: gw2\nSmartCenter Host: SMS..6sxmht\\x00\n

311 / tcp

602337838 | 2025-03-13T16:30:12.726234

HTTP/1.1 404 Not Found
Accept-Ranges: bytes

314 / tcp

-1733645023 | 2025-03-16T15:11:51.803247

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

385 / tcp

819727972 | 2025-03-12T13:55:58.543474

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

389 / tcp

-1713467553 | 2025-03-15T07:51:25.067369

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Connection: close

400 / tcp

-1730858130 | 2025-03-13T20:01:20.290657

RFB 003.008
VNC:
  Protocol Version: 3.8

427 / tcp

-349937125 | 2025-02-20T11:15:29.135165

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://192.168.118.88\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:VMwareInfrastructure\nservice:wbem:https\n\nResponse of service:VMwareInfrastructure SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:VMwareInfrastructure://192.168.118.88\n\n\nResponse of service:VMwareInfrastructure AttrRqst:\nVersion: 2\nFunction: Attribute Reply (7)\nErrorCode: SUCCE

440 / tcp

921225407 | 2025-02-24T09:59:26.631339

\x00\x00\x00\x04\x00\x00\x00\x00\x00

441 / tcp

-1399940268 | 2025-02-25T14:10:02.703541

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

443 / tcp

592534558 | 2025-02-24T23:37:17.161956

Hashes

hash

2089480362

http.dom_hash

1799269922

http.html_hash

592534558

http.server_hash

-498774968

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Mon, 24 Feb 2025 23:37:17 GMT
Content-Type: application/xml
Content-Length: 346
Connection: keep-alive
x-oss-request-id: 67BD02ADAC78CA3337AC857F
x-oss-server-time: 0
x-oss-ec: 0003-00001201

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:6b:68:69:54:4a:81:bb:93:b4:d7:d1
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 OV TLS CA 2024
        Validity
            Not Before: Jan  2 06:32:06 2025 GMT
            Not After : Sep  4 00:00:00 2025 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=cn-beijing.oss.aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cb:fd:cb:7f:5f:49:ee:e8:d9:d0:d6:53:d0:a5:
                    88:fd:fc:56:3c:06:76:2d:ad:ee:c9:65:e1:8c:fd:
                    ee:ef:a1:a2:34:db:d3:65:1e:4a:9c:f7:9d:a6:ad:
                    fa:a7:b3:1a:8b:45:f7:13:2a:26:24:9c:50:28:92:
                    25:54:45:fc:d2:2e:17:7d:c1:47:45:a1:39:bf:ce:
                    7e:f2:8b:d7:69:2c:b6:94:3f:5c:fc:a9:6e:c3:bd:
                    a5:a9:f3:6e:65:55:50:ba:b2:8a:df:ee:e9:50:a7:
                    81:b5:5f:3a:96:f9:74:c3:8a:54:51:d7:eb:02:1c:
                    58:33:e6:a0:ea:12:10:52:63:c9:df:03:84:cf:a3:
                    15:9c:50:7b:5e:6e:42:0f:3d:bd:33:3c:f6:6a:eb:
                    be:30:24:30:72:cb:84:a8:e9:17:aa:6a:45:f8:12:
                    c2:a1:78:0d:31:f0:45:2b:32:2f:ff:98:a3:03:a2:
                    5a:b0:8d:e2:d5:ce:e1:35:56:0b:0a:f8:11:bf:18:
                    44:f7:b8:7b:a0:a0:eb:1d:8d:cf:e8:cc:cf:c4:c5:
                    54:69:59:53:e1:ee:51:79:04:67:86:cf:8b:e5:c6:
                    88:a8:cc:9e:61:75:91:90:b5:8a:af:4c:a2:8d:57:
                    14:8a:f6:54:fb:1e:71:e5:09:e3:0a:12:df:34:8d:
                    d5:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr3ovtlsca2024.crt
                OCSP - URI:http://ocsp.globalsign.com/gsgccr3ovtlsca2024
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                Policy: 1.3.6.1.4.1.4146.10.1.2
                  CPS: https://www.globalsign.com/repository/
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsgccr3ovtlsca2024.crl
            X509v3 Subject Alternative Name: 
                DNS:cn-beijing.oss.aliyuncs.com, DNS:*.cn-beijing.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-beijing.aliyuncs.com, DNS:*.s3.oss-cn-beijing-internal.aliyuncs.com, DNS:*.cn-beijing.mgw.aliyuncs.com, DNS:*.oss.cn-beijing.privatelink.aliyuncs.com, DNS:*.oss-cn-beijing.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-accesspoint.aliyuncs.com, DNS:*.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing.aliyuncs.com, DNS:*.img-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-internal-cross.aliyuncs.com, DNS:*.oss-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-cross.aliyuncs.com, DNS:*.img-cn-beijing.aliyuncs.com, DNS:*.vpc100-oss-cn-beijing.aliyuncs.com, DNS:*.cn-beijing.oss.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h-cross.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub.aliyuncs.com, DNS:*.cn-beijing-finance.oss.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1.aliyuncs.com, DNS:*.cn-beijing-finance-1.oss.aliyuncs.com, DNS:*.cn-beijing-vpc.oss.aliyuncs.com, DNS:*.oss-enet-cm.aliyuncs.com, DNS:*.oss-enet-cu.aliyuncs.com, DNS:*.oss-enet-ct.aliyuncs.com, DNS:*.oss-enet-cn-north.aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.oss-enet.aliyuncs.com, DNS:*.oss-internal.aliyuncs.com, DNS:*.oss-internal.aliyun-inc.com, DNS:*.oss-accelerate.aliyuncs.com, DNS:*.oss-accelerate-overseas.aliyuncs.com, DNS:*.s3.oss-accelerate.aliyuncs.com, DNS:*.s3.oss-accelerate-overseas.aliyuncs.com, DNS:*.cn-beijing-cross.mgw.aliyuncs.com, DNS:*.oss-vpc.aliyuncs.com, DNS:*.cn-beijing.oss-vpc.aliyuncs.com, DNS:*.oss.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                DA:D3:A8:08:48:0C:34:37:58:EE:E5:A7:75:2E:59:FC:D6:DC:3C:38
            X509v3 Subject Key Identifier: 
                C1:58:AC:32:69:71:BB:67:42:6C:42:FE:14:E5:57:72:91:C1:82:D6
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 1A:04:FF:49:D0:54:1D:40:AF:F6:A0:C3:BF:F1:D8:C4:
                                67:2F:4E:EC:EE:23:40:68:98:6B:17:40:2E:DC:89:7D
                    Timestamp : Jan  2 06:32:08.952 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:D4:22:D6:BD:85:6A:79:2B:66:0F:1F:
                                36:9C:87:35:37:A2:DA:91:B3:41:21:70:33:24:48:B8:
                                AC:01:B2:4F:8A:02:20:78:33:2F:5E:6C:72:6C:BA:8A:
                                2A:DB:4A:42:99:29:A1:0C:E4:7B:86:88:C2:7F:9F:BE:
                                CE:93:8F:5D:00:2F:8C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
                                F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
                    Timestamp : Jan  2 06:32:08.990 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:DE:60:8C:72:69:F8:ED:DD:B5:9B:2F:
                                88:2B:94:8E:C5:EA:A3:29:CF:5E:76:E1:32:5B:33:E9:
                                09:55:C0:9B:0A:02:20:72:4F:8B:E6:B3:1A:36:F6:61:
                                91:02:36:00:EA:76:E0:8C:5C:3C:8C:AF:C1:4A:F2:FD:
                                CA:7D:2B:6A:A6:5A:A7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:
                                47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34
                    Timestamp : Jan  2 06:32:08.695 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:82:E8:40:FB:D2:F4:C7:36:73:02:4A:
                                CD:8A:B4:A7:3D:E9:DC:7F:23:C7:17:0C:B1:8F:65:59:
                                3C:89:A5:E4:F0:02:20:2D:57:40:3F:AC:33:84:81:B8:
                                79:8C:CE:B4:F4:CC:44:29:AE:5A:FA:CD:66:FF:7A:69:
                                DA:8E:8E:6B:3D:C7:D7
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        4e:88:42:e9:bd:d6:24:7a:b8:0b:08:70:28:8b:e3:90:92:79:
        25:1f:f9:ec:83:69:41:21:cb:3f:cc:c6:2c:76:54:44:09:81:
        c9:8b:a9:bc:32:e4:5e:d4:72:17:de:fd:a1:50:2b:58:ed:45:
        8e:ba:40:ee:f9:54:31:0e:56:0e:7f:9e:36:2d:98:8b:3a:21:
        ac:4c:f7:4b:e5:97:32:cd:c3:b4:9d:b7:99:07:f1:4f:bb:81:
        14:60:64:c2:01:bb:85:62:e5:8a:7e:84:86:9f:c9:0b:80:80:
        c3:95:a2:77:b8:d9:81:73:28:dc:14:f9:af:1b:22:8b:33:2a:
        b5:dd:34:fb:a6:90:3d:a1:37:b1:93:f5:d9:93:d0:3c:86:ac:
        28:04:f6:71:24:54:fd:0c:42:2d:48:d4:9c:a6:e5:fa:88:71:
        e3:dc:e1:a7:c7:8a:d5:39:43:29:5f:5d:2c:02:1a:72:08:e8:
        ce:86:a9:22:b1:ed:4f:4e:7f:e5:7d:ea:01:3b:7f:34:2c:e6:
        94:3c:5b:6c:64:09:c3:88:e5:08:64:91:8a:17:63:99:dc:0c:
        85:ee:6c:4a:67:f4:66:21:e9:7a:a3:95:8c:ed:6c:6f:af:92:
        f8:a3:49:8f:de:3b:85:de:68:56:95:f4:e7:e7:7b:1e:c2:0a:
        1f:12:b5:15

444 / tcp

1678104936 | 2025-03-13T20:56:00.944841

HTTP/1.1 400 Bad Request
Server: nginx/1.22.1
Date: Thu, 13 Mar 2025 20:56:00 GMT
Content-Type: text/html
Content-Length: 157
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

446 / tcp

1911457608 | 2025-02-24T15:58:10.188767

\x00[\x00\x00\x00\x00\x00\x00

451 / tcp

-1399940268 | 2025-03-16T09:08:39.861829

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

452 / tcp

632542934 | 2025-03-06T07:49:03.781208

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

465 / tcp

897328069 | 2025-03-13T01:18:38.928883

220 mail.scott000.com ESMTP

480 / tcp

-2096652808 | 2025-02-18T20:40:08.779050

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

502 / tcp

-1996280214 | 2025-02-20T11:00:07.494961

\x06\x04\x05@

503 / tcp

-653033013 | 2025-03-11T12:05:37.020327

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

513 / tcp

599074451 | 2025-03-12T23:44:41.471221

msg

515 / tcp

-1013082686 | 2025-03-12T18:16:54.521750

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

541 / tcp

-269727450 | 2025-02-24T19:44:37.106761

\\x16\\x03\\x01\\x01K\\x01\\x00\\x01G\\x03\\x03\\xa1\\xb0\\xcf\\xc9\\xc2X\\x037P\\xe0\\x8d\\xd7\\x1d_N\\x87&\\xa7U.^\\x19_K\\x13\\xed\\xe9L|\n\\xec\\x9e -\\xc23\\x1e\\x94\\xb3\\xe6|\x0c\\xaco|\\xe1\xc6\xa5V\\xd0\\x1d\\xf7Uf<\\xabgV=)\\xf2\\x86\\xc4\\x18\x0c\\x00"\\x13\\x02\\x13\\x03\\x13\\x01\\x00k\\x00=\\xc00\\xc0,\\xc

548 / tcp

1801869778 | 2025-03-10T10:27:16.402859

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: DS1019Plus\nMachine Type: \rNetatalk3.1.8\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: Cleartxt Passwrd\\x04,DHX2\t,DHCAST128\\x00\nServer Signature: 00000000008002000180030002800280

554 / tcp

285770450 | 2025-02-21T03:21:47.297580

RTSP/1.0 401 Unauthorized
CSeq: 1

587 / tcp

-721592220 | 2025-03-10T21:42:01.642514

220 mail.xiayi.store ESMTP Postfix\r\n250-mail.xiayi.store\r\n250-PIPELINING\r\n250-SIZE 125829120\r\n250-ETRN\r\n250-STARTTLS\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250 DSN\r\n502 5.5.2 Error: command not recognized\r\n

636 / tcp

-779815868 | 2025-02-20T12:04:54.717085

HTTP/1.1 400 Bad Request
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 3-22247063-0 0NNN RT(1705912086824 114) q(-1 -1 -1 -1) r(0 -1) b1

666 / tcp

1300162323 | 2025-03-15T19:36:42.146270

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff

771 / tcp

1763259671 | 2025-03-11T07:56:20.877917

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

830 / tcp

103159425 | 2025-03-17T04:12:08.909921

SSH-1.99-RGOS_SSH

873 / tcp

-1970692834 | 2025-03-10T18:43:35.229068

@RSYNCD: 31.0\n@RSYNCD: EXIT\n

995 / tcp

1685649979 | 2025-03-14T19:35:06.821335

+OK Dovecot ready.\r\n

1023 / tcp

1231376952 | 2025-02-22T15:30:24.509041

1025 / tcp

1504401647 | 2025-02-23T14:27:20.207519

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

1080 / tcp

1362344524 | 2025-03-10T18:56:05.382348

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7

1099 / tcp

-2089734047 | 2025-02-26T09:52:27.655567

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1153 / tcp

819727972 | 2025-03-11T21:05:51.077825

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1190 / tcp

307999478 | 2025-03-10T16:13:44.030839

unknown command \r\nunknown command \r\n

1195 / tcp

-1297953727 | 2025-03-09T23:27:57.275411

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

1200 / tcp

819727972 | 2025-03-16T13:51:08.744574

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1337 / tcp

-2031152423 | 2025-03-10T14:33:19.369611

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

1366 / tcp

-1730858130 | 2025-03-15T15:55:53.707698

RFB 003.008
VNC:
  Protocol Version: 3.8

1414 / tcp

-784071826 | 2025-03-05T11:12:33.871948

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 5 1

1433 / tcp

-651181868 | 2025-02-24T04:59:13.337397

MSSQL Server\nVersion: 134219767 (0x80007f7)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nProduct_Version: 5.1.2600 Ntlm 15\nOS: Windows XP/Windows XP, Service Pack 3\n

1515 / tcp

416263569 | 2025-03-13T11:32:09.719603

BÿnToo many connections

1599 / tcp

-375604792 | 2025-02-21T01:21:39.626369

220 Microsoft FTP Service

1604 / tcp

-1839934832 | 2025-03-12T05:52:47.766815

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

1800 / tcp

-1399940268 | 2025-03-05T22:26:56.374904

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1801 / tcp

-1139999322 | 2025-02-21T16:20:33.652849

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074\\xf2\\xdby\\x96\\xbb\\xb1LE\\xa1\\x1f.%\xd2\xbft\\xb692d3\\x10\\x03\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

1883 / tcp

660175493 | 2025-03-11T11:32:31.694913

1911 / tcp

639175818 | 2025-02-20T04:01:28.015159

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

1926 / tcp

1842524259 | 2025-02-20T04:04:17.424501

1952 / tcp

-1399940268 | 2025-02-24T05:02:08.974143

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1970 / tcp

1642597142 | 2025-03-15T01:58:46.239719

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

1978 / tcp

-1399940268 | 2025-03-12T16:28:38.614923

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1990 / tcp

165188539 | 2025-02-19T07:33:26.806595

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

2000 / tcp

1543809371 | 2025-03-13T21:36:23.569503

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

2003 / tcp

165188539 | 2025-03-08T11:39:19.051290

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

2008 / tcp

398077695 | 2025-03-11T22:31:13.298007

2030 / tcp

1233062890 | 2025-02-24T21:08:47.544383

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae212e_gwt27_22331-28963

2051 / tcp

599074451 | 2025-03-06T17:52:36.544413

msg

2056 / tcp

819727972 | 2025-03-04T02:03:33.515610

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

2062 / tcp

-2046514463 | 2025-03-14T09:29:26.021565

AB\x01\t

2066 / tcp

1975288991 | 2025-03-06T12:53:46.711453

OPTI

2067 / tcp

632542934 | 2025-03-12T20:38:57.485446

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

2068 / tcp

-42767839 | 2025-03-11T18:18:10.980285

RFB 005.000

VNC:
  Protocol Version: 5.0

2079 / tcp

819727972 | 2025-02-28T17:48:02.801555

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

2081 / tcp

-1327660293 | 2025-03-16T10:15:51.368126

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

2083 / tcp

1690634669 | 2025-02-18T22:11:14.622372

2087 / tcp

-1999117212 | 2025-03-05T16:38:06.629228

2121 / tcp

141730637 | 2025-02-24T11:23:22.496590

HTTP/1.0 200 OK
Server: Proxy

2154 / tcp

1842524259 | 2025-03-15T16:47:51.124229

2195 / tcp

-2089734047 | 2025-03-11T10:26:50.566875

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

2210 / tcp

2098371729 | 2025-03-13T00:26:49.898278

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

2222 / tcp

58083962 | 2025-03-08T17:16:21.039059

HTTP/1.1 400 Bad Request
Server: nginx/1.18.0
Content-Type: text/html
Connection: close

2224 / tcp

1492413928 | 2025-03-10T20:52:51.801161

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

2323 / tcp

1662205251 | 2025-02-23T00:56:13.414913

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

2332 / tcp

1830697416 | 2025-03-11T18:44:50.449422

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

2345 / tcp

1615193817 | 2025-03-09T12:44:39.622415

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

2376 / tcp

-971970408 | 2025-02-28T20:23:27.479660

2404 / tcp

-1399940268 | 2025-03-17T21:00:48.127564

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2455 / tcp

1690634669 | 2025-03-08T22:57:12.581320

2506 / tcp

-2089734047 | 2025-03-10T14:34:02.333514

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

2628 / tcp

1282941221 | 2025-03-14T18:15:48.352301

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

2762 / tcp

1353260875 | 2025-02-28T11:40:06.075176

\x00[g\xc2\x95N\x7f\x00\x00

3001 / tcp

-358801646 | 2025-03-17T01:41:56.879249

SSH-2.0-OpenSSH_6.6.1

3013 / tcp

-1568680103 | 2025-02-19T10:31:34.243073

HTTP/1.1 301 Moved Permanently
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3015 / tcp

493955023 | 2025-02-23T12:30:18.264100

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

3050 / tcp

-2089734047 | 2025-03-15T07:49:46.014213

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3059 / tcp

-2089734047 | 2025-03-16T09:05:43.498059

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

3068 / tcp

1911457608 | 2025-02-19T15:17:40.748104

\x00[\x00\x00\x00\x00\x00\x00

3075 / tcp

-358801646 | 2025-02-28T18:13:06.716842

SSH-2.0-OpenSSH_6.6.1

3093 / tcp

1911457608 | 2025-03-14T21:57:04.491411

\x00[\x00\x00\x00\x00\x00\x00

3097 / tcp

1911457608 | 2025-03-15T23:42:07.092894

\x00[\x00\x00\x00\x00\x00\x00

3098 / tcp

971933601 | 2025-03-17T06:06:05.267687

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

3099 / tcp

1504401647 | 2025-03-13T15:41:12.878681

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

3119 / tcp

321971019 | 2025-03-13T09:41:43.514151

-ERR client ip is not in whitelist\r

3120 / tcp

-1399940268 | 2025-02-27T01:05:33.818085

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3129 / tcp

2063598737 | 2025-03-13T14:31:53.264337

/0 0 L\r\n/0 0 HUH\r\n

3130 / tcp

455076604 | 2025-02-27T09:58:34.281193

!\x07version\x04bind7 t{RPowerDNS Recursor 410

3144 / tcp

1161309183 | 2025-03-16T14:38:23.945664

ProxyServer is ready

3149 / tcp

-2096652808 | 2025-02-19T17:43:29.357661

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

3157 / tcp

-1329831334 | 2025-03-05T21:50:51.155229

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

3166 / tcp

-1737707071 | 2025-02-23T05:20:00.021284

\x00b\x00\x01\x00\x00\x00\x00x\x0b\x00\x00\x00\x00z\x00437

3169 / tcp

2103111368 | 2025-03-16T12:11:21.239586

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

3180 / tcp

709622286 | 2025-03-16T20:11:46.071976

OK Welcome <299685> on DirectUpdate server 7286\r\n

3256 / tcp

1690634669 | 2025-03-14T16:21:12.793175

3268 / tcp

-1688921933 | 2025-03-16T01:44:44.234385

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 12-14878276-0 0NNN RT(1705363841143 0) q(0 -1 -1 -1) r(0 -1)

3299 / tcp

-1428621233 | 2025-02-21T12:18:30.023013

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

3306 / tcp

-1036944024 | 2025-03-15T11:54:20.068640

F\\x00\\x00\\x00\\xffj\\x04Host \'*.*.*.*\' is not allowed to connect to this MySQL server

3310 / tcp

398077695 | 2025-03-09T15:28:53.594091

3390 / tcp

-1189269828 | 2025-03-14T05:55:43.218021

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

3404 / tcp

-1227409554 | 2025-03-13T22:55:20.077881

HTTP/1.1 500 Internal Server Error
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

3406 / tcp

165188539 | 2025-02-23T15:42:17.157032

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

3503 / tcp

119860953 | 2025-03-04T12:17:43.561862

* OK ArGoSoft Mail Server IMAP Module v.YW at

3548 / tcp

1911457608 | 2025-03-12T18:59:16.114867

\x00[\x00\x00\x00\x00\x00\x00

3551 / tcp

198844676 | 2025-03-06T19:20:33.030147

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3553 / tcp

671605376 | 2025-02-28T18:35:18.980696

SSH-2.0-OpenSSH_X.X

3554 / tcp

820958131 | 2025-03-05T14:14:06.616237

kjnkjabhbanc283ubcsbhdc72\x02

3557 / tcp

165188539 | 2025-02-24T09:35:20.140798

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

3558 / tcp

-1399940268 | 2025-03-17T13:00:17.980974

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3563 / tcp

819727972 | 2025-02-22T00:09:51.265192

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

3780 / tcp

401555314 | 2025-03-07T07:31:51.653656

NB[GFXjA^R

4022 / tcp

-358801646 | 2025-03-16T20:58:39.602818

SSH-2.0-OpenSSH_6.6.1

4040 / tcp

0 | 2025-02-26T06:20:26.179418

Hashes

hash

-119996482

http.dom_hash

http.html_hash

HTTP/1.1 408 Request Timeout
Content-Length: 0

4064 / tcp

-1399940268 | 2025-02-28T03:08:06.768361

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4118 / tcp

-1013082686 | 2025-03-15T02:48:39.788799

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

4150 / tcp

-1399940268 | 2025-03-16T07:28:57.363292

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4282 / tcp

504717326 | 2025-02-28T12:17:39.640958

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 5 1

4321 / tcp

-1250504565 | 2025-02-23T12:00:41.552750

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

4343 / tcp

-1267858620 | 2025-02-24T06:04:25.270021

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1f5b_PS-KHN-01g3V80_42383-32056

4369 / tcp

-1099385124 | 2025-03-10T05:12:50.279279

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

4400 / tcp

-2107996212 | 2025-03-09T19:42:25.001543

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

4402 / tcp

114471724 | 2025-03-10T12:20:35.630030

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN
Server: NSX

4431 / tcp

-441419608 | 2025-03-08T21:21:46.971936

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

4433 / tcp

-1810987450 | 2025-02-24T10:14:53.032914

\xc3\xbf

4443 / tcp

594761768 | 2025-02-21T05:11:37.784329

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2a00_PS-NKG-01Aqo82_2843-52437

4444 / tcp

1426971893 | 2025-03-14T06:54:55.622410

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

4477 / tcp

-2096652808 | 2025-03-06T20:14:40.166297

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

4506 / tcp

841014058 | 2025-03-17T02:33:13.248904

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

4524 / tcp

-1036370807 | 2025-03-13T18:19:47.074242

JDWP-Handshake

4528 / tcp

-1428621233 | 2025-03-14T18:00:36.033591

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

4786 / tcp

-407828767 | 2025-02-18T23:06:52.866547

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

4821 / tcp

-1996280214 | 2025-03-15T22:03:42.200472

\x06\x04\x05@

4899 / tcp

1842524259 | 2025-03-14T23:11:35.363828

4911 / tcp

1189133115 | 2025-03-10T12:06:26.652045

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

5001 / tcp

-1641514916 | 2025-03-11T14:59:40.856644

* OK Merak 1dFUa2 IMAP4rev1

5006 / tcp

-445721795 | 2025-03-12T05:54:04.696065

\x00[\xc3\xaed\x1a\x7f\x00\x00

5007 / tcp

1543809371 | 2025-03-11T04:44:20.786493

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

5010 / tcp

-1399940268 | 2025-03-09T09:08:51.200597

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5160 / tcp

165188539 | 2025-03-05T17:00:13.163896

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

5172 / tcp

-1304843095 | 2025-03-07T03:07:15.456332

[Ý

5201 / tcp

819727972 | 2025-03-14T16:29:14.292194

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

5222 / tcp

669849225 | 2025-02-27T02:10:21.758194

SSH-98.60-SysaxSSH_81885..42\r\n

5231 / tcp

-2140303521 | 2025-02-23T18:50:35.998509

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

5235 / tcp

401555314 | 2025-02-27T22:27:37.987190

NB[GFXjA^R

5257 / tcp

-1327660293 | 2025-03-09T11:31:53.316993

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

5268 / tcp

-1538260461 | 2025-02-25T18:21:53.438159

\x01\x00\x00\x00

5269 / tcp

-1074907534 | 2025-03-04T03:17:32.181614

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705938603.82-w-waf02tjgt

5351 / tcp

-1105333987 | 2025-03-09T16:55:03.627744

\x00[KpU\x7f\x00\x00

5613 / tcp

-438503381 | 2025-02-28T13:06:15.907093

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

5620 / tcp

632542934 | 2025-03-13T22:51:40.039596

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

5672 / tcp

575925250 | 2025-03-05T23:16:55.773006

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

5858 / tcp

-971970408 | 2025-03-11T21:15:03.718333

5911 / tcp

921225407 | 2025-03-09T21:44:19.395759

\x00\x00\x00\x04\x00\x00\x00\x00\x00

5915 / tcp

-1249500036 | 2025-02-28T21:09:58.758216

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes

5986 / tcp

1767345577 | 2025-03-16T00:39:30.590368

Hello, this is Quagga (version 0T).
Copyright 1996-200

5994 / tcp

819727972 | 2025-03-07T12:02:52.317876

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

6000 / tcp

-1746074029 | 2025-03-17T08:45:41.838642

101 imqbroker =unV\r\n

6001 / tcp

120534451 | 2025-03-12T15:08:08.499686

X11 access denied

6002 / tcp

1231376952 | 2025-02-28T05:02:00.735209

6005 / tcp

1632932802 | 2025-03-13T23:13:08.370435

6006 / tcp

819727972 | 2025-02-22T18:31:27.367505

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

6010 / tcp

1911457608 | 2025-02-26T22:21:20.526920

\x00[\x00\x00\x00\x00\x00\x00

6050 / tcp

1620329124 | 2025-03-09T08:25:34.898519

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\x01\xc3\xbf\xc3\xbb\x03\xc3\xbf\xc3\xbd\x01\xc3\xbf\xc3\xbe\x01Username:

6379 / tcp

321971019 | 2025-03-14T02:07:08.857255

-ERR client ip is not in whitelist\r

6667 / tcp

-1316398834 | 2025-03-12T05:28:32.887089

ÿ

6668 / tcp

-1399940268 | 2025-03-10T08:29:15.283867

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6686 / tcp

-2096652808 | 2025-02-26T21:17:49.129891

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

6779 / tcp

-1876752144 | 2025-03-14T09:47:22.869963

inv2W\\x04\\x0f\\x01\t

7000 / tcp

-579195550 | 2025-03-01T01:01:30.837097

HTTP/1.1 407 Proxy Authentication Required 
Content-Type: text/plain; charset=utf-8
Proxy-Authenticate: Basic realm="proxy"

7001 / tcp

-1325031830 | 2025-03-15T20:00:10.164961

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae26b2_PS-HFE-01DmZ24_34529-57897

7002 / tcp

-1399940268 | 2025-02-24T22:50:17.121882

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7003 / tcp

-1399940268 | 2025-02-22T07:29:57.203607

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7018 / tcp

-375604792 | 2025-03-15T23:12:57.168076

220 Microsoft FTP Service

7050 / tcp

-2089734047 | 2025-02-27T11:22:58.589386

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

7071 / tcp

1544300041 | 2025-03-16T17:08:24.322642

SSH-25453-Cisco-3524665.35

7082 / tcp

455076604 | 2025-03-09T18:59:44.906331

!\x07version\x04bind7 t{RPowerDNS Recursor 410

7218 / tcp

-1681927087 | 2025-03-14T22:36:19.546064

kjnkjabhbanc283ubcsbhdc72

7434 / tcp

2087396567 | 2025-02-23T04:21:18.231768

kjnkjabhbanc283ubcsbhdc72

7443 / tcp

1612309769 | 2025-03-11T16:37:46.445767

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae28e1_CS-000-01SZh112_7344-42222

7547 / tcp

-2118655245 | 2025-03-14T23:02:59.561493

Hashes

hash

1015654041

http.dom_hash

-2006505642

http.html_hash

-2118655245

HTTP/1.0 500 Internal Server Error
Content-Length: 20

7548 / tcp

1852418385 | 2025-03-06T10:46:30.815502

RTSP/1.0 453 Not Enough Bandwidth
Server: AirTunes/7l_wZ

7634 / tcp

-1248408558 | 2025-03-09T22:55:11.104858

220 MikroTik FTP server (MikroTik 6.44.3) ready

7887 / tcp

-1399940268 | 2025-02-27T20:45:08.180146

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7989 / tcp

-2118655245 | 2025-03-13T17:37:04.991015

Hashes

hash

1015654041

http.dom_hash

-2006505642

http.html_hash

-2118655245

HTTP/1.0 500 Internal Server Error
Content-Length: 20

8001 / tcp

2103111368 | 2025-03-10T16:37:33.732067

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8009 / tcp

819727972 | 2025-03-11T09:27:35.889048

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8015 / tcp

-1297953727 | 2025-03-05T07:06:18.858613

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

8017 / tcp

-1297953727 | 2025-02-23T18:12:08.294138

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

8027 / tcp

401555314 | 2025-03-06T15:40:23.249779

NB[GFXjA^R

8047 / tcp

2143387245 | 2025-02-21T17:52:25.392678

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

8077 / tcp

-345718689 | 2025-03-04T00:12:14.585162

Vty password is not set.

8083 / tcp

863754335 | 2025-03-15T08:33:08.224423

0a

8085 / tcp

2087396567 | 2025-03-08T14:38:47.331367

kjnkjabhbanc283ubcsbhdc72

8087 / tcp

-1487943323 | 2025-03-17T11:38:24.584589

431 Unable to negotiate secure command connection.\r\n

8089 / tcp

1231376952 | 2025-03-10T10:06:22.966876

8095 / tcp

1761482307 | 2025-03-06T23:05:33.764599

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

8100 / tcp

-1428621233 | 2025-02-21T17:12:37.834805

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

8102 / tcp

1911457608 | 2025-02-28T06:01:13.445810

\x00[\x00\x00\x00\x00\x00\x00

8103 / tcp

1911457608 | 2025-02-25T21:57:09.129719

\x00[\x00\x00\x00\x00\x00\x00

8139 / tcp

-2031152423 | 2025-03-07T11:26:39.615165

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

8140 / tcp

-1230049476 | 2025-03-15T08:44:02.897122

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

8157 / tcp

-1730858130 | 2025-03-14T02:57:25.054656

RFB 003.008
VNC:
  Protocol Version: 3.8

8167 / tcp

632542934 | 2025-03-16T09:31:41.119338

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8177 / tcp

-1399940268 | 2025-02-26T14:17:50.311705

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8181 / tcp

-409020351 | 2025-03-11T09:05:28.482810

NPC Telnet permit one connection.
 But One connection() already keep alive.
Good Bye !!

8200 / tcp

691315198 | 2025-02-18T21:00:08.088159

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2a23_PS-000-01HN031_1552-11103

8280 / tcp

-2107996212 | 2025-03-09T21:13:13.143866

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

8284 / tcp

-1839934832 | 2025-02-21T09:57:23.387124

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

8315 / tcp

597764502 | 2025-03-12T19:35:36.445578

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

8403 / tcp

-457235091 | 2025-02-27T18:27:37.734569

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

8409 / tcp

819727972 | 2025-03-12T19:07:52.786064

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8411 / tcp

1208318993 | 2025-02-19T19:55:18.728990

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

8414 / tcp

1623746877 | 2025-02-22T22:06:53.936993

500 Permission denied - closing connection.\r\n

8415 / tcp

-1105333987 | 2025-02-22T14:18:35.738586

\x00[KpU\x7f\x00\x00

8464 / tcp

-1399940268 | 2025-03-04T14:31:14.687983

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8514 / tcp

709622286 | 2025-02-24T05:21:41.244783

OK Welcome <299685> on DirectUpdate server 7286\r\n

8545 / tcp

819727972 | 2025-03-12T20:17:13.876252

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8553 / tcp

321971019 | 2025-03-12T00:21:17.217324

-ERR client ip is not in whitelist\r

8575 / tcp

-1399940268 | 2025-03-04T17:28:49.446631

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8594 / tcp

1353260875 | 2025-02-21T08:01:43.331293

\x00[g\xc2\x95N\x7f\x00\x00

8600 / tcp

-590834724 | 2025-02-23T17:50:10.354633

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705938553.503-w-waf05shgt2

8606 / tcp

-2046514463 | 2025-02-18T20:14:30.385368

AB\x01\t

8641 / tcp

1282941221 | 2025-03-04T20:38:15.724480

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

8643 / tcp

1615193817 | 2025-03-13T06:20:23.182850

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

8728 / tcp

-1428621233 | 2025-03-05T11:02:38.224662

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

8790 / tcp

1632932802 | 2025-03-08T16:36:48.393464

8816 / tcp

2098371729 | 2025-02-23T04:49:49.285761

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

8822 / tcp

819727972 | 2025-02-23T20:29:36.098212

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

8838 / tcp

1975288991 | 2025-03-12T23:48:03.014310

OPTI

8841 / tcp

-1399940268 | 2025-03-12T15:19:47.155824

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8850 / tcp

1911457608 | 2025-03-13T13:48:15.043314

\x00[\x00\x00\x00\x00\x00\x00

8852 / tcp

103159425 | 2025-02-28T04:22:49.196163

SSH-1.99-RGOS_SSH

8876 / tcp

165188539 | 2025-02-25T22:13:38.625420

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8883 / tcp

1504401647 | 2025-03-06T20:37:24.650625

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

8884 / tcp

-2080784861 | 2025-02-27T19:44:20.608350

GBPK\xc3\xbb\xc3\xb7n\xc2\x93W\xc2\xaf\xc2\x86\xc2\x93x@\xc2\xa9\x0e\xc3\x8a*\xc2\x9bS\x00

8901 / tcp

-1626979812 | 2025-02-26T23:09:40.024329

220 Service ready for new user.

8905 / tcp

-1399940268 | 2025-02-19T00:53:07.879412

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8916 / tcp

819727972 | 2025-03-17T02:34:16.873108

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8993 / tcp

-1399940268 | 2025-02-24T13:56:13.974336

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9000 / tcp

-2067028711 | 2025-03-10T17:41:06.311276

\x15\x03\x01\x00\x02\x02F

9003 / tcp

819727972 | 2025-03-07T01:20:40.313564

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9011 / tcp

-1839934832 | 2025-02-24T20:42:07.090249

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

9029 / tcp

-2096652808 | 2025-02-26T02:19:00.872463

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

9034 / tcp

165188539 | 2025-03-08T18:56:35.313873

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9042 / tcp

-1399940268 | 2025-02-21T13:11:49.646325

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9071 / tcp

-1056270173 | 2025-03-17T17:56:06.033746

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close

9077 / tcp

-784071826 | 2025-02-28T23:23:31.649867

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 5 1

9093 / tcp

580340387 | 2025-03-05T20:38:41.548596

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

9095 / tcp

660175493 | 2025-02-28T20:56:55.409886

9100 / tcp

-2089734047 | 2025-03-08T18:33:37.157068

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9117 / tcp

1363464823 | 2025-03-10T18:51:20.462851

\x00[|ox\x7f\x00\x00

9124 / tcp

671605376 | 2025-03-07T07:57:38.584600

SSH-2.0-OpenSSH_X.X

9130 / tcp

-1327660293 | 2025-03-12T02:00:39.065833

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

9142 / tcp

-1399940268 | 2025-03-16T22:10:05.279965

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9154 / tcp

-1435414831 | 2025-03-06T18:16:51.781624

roku: ready\r\n

9173 / tcp

-1399940268 | 2025-03-10T21:00:03.445663

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9174 / tcp

-653033013 | 2025-02-28T15:36:57.323393

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

9182 / tcp

-1013082686 | 2025-02-22T06:47:40.285473

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

9195 / tcp

1911457608 | 2025-03-04T15:11:53.847362

\x00[\x00\x00\x00\x00\x00\x00

9219 / tcp

-1399940268 | 2025-03-15T10:49:16.479030

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9241 / tcp

-1399940268 | 2025-03-15T21:29:43.600401

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9280 / tcp

1911457608 | 2025-02-27T15:42:00.910343

\x00[\x00\x00\x00\x00\x00\x00

9291 / tcp

-2031152423 | 2025-03-15T17:11:30.646634

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

9303 / tcp

165188539 | 2025-02-24T16:18:40.727194

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9306 / tcp

707919486 | 2025-03-07T17:43:13.645100

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

9333 / tcp

740837454 | 2025-03-09T21:06:53.404464

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

9398 / tcp

996960436 | 2025-03-11T18:59:02.180931

572 Relay not authorized

9418 / tcp

233634112 | 2025-02-23T02:57:57.445988

SSH-98.60-SysaxSSH_81885..42

9443 / tcp

2087396567 | 2025-02-23T19:39:23.763028

kjnkjabhbanc283ubcsbhdc72

9446 / tcp

-2089734047 | 2025-03-11T00:36:17.371505

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9515 / tcp

-2107996212 | 2025-03-07T04:41:09.997857

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

9530 / tcp

-2089734047 | 2025-03-15T05:47:05.206922

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9633 / tcp

1690634669 | 2025-03-17T01:10:16.067425

9743 / tcp

-274082663 | 2025-03-14T05:31:42.775647

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

9758 / tcp

1911457608 | 2025-02-20T16:25:36.901491

\x00[\x00\x00\x00\x00\x00\x00

9876 / tcp

2070013657 | 2025-03-15T15:46:30.659041

\\x00\\x00\\x01+\\x00\\x00\\x00_{"code":0,"flag":1,"language":"JAVA","opaque":0,"serializeTypeCurrentRPC":"JSON","version":433}{"brokerAddrTable":{"broker-a":{"brokerAddrs":{0:"127.63.135.245:10911"},"brokerName":"broker-a","cluster":"DefaultCluster","enableActingMaster":false}},"clusterAddrTable":{"DefaultCluster":["broker-a"]}}

9950 / tcp

165188539 | 2025-02-21T14:37:12.084655

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9966 / tcp

1911457608 | 2025-03-16T11:29:35.486195

\x00[\x00\x00\x00\x00\x00\x00

9998 / tcp

-347274959 | 2025-02-28T02:50:03.007608

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2831_PS-000-01PIX79_36197-59880

9999 / tcp

1161309183 | 2025-03-17T01:06:32.302678

ProxyServer is ready

10000 / tcp

1208318993 | 2025-02-23T23:01:46.970666

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

10001 / tcp

1492413928 | 2025-03-12T19:33:10.089773

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

10002 / tcp

-1399940268 | 2025-03-03T22:42:21.021049

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10016 / tcp

-904840257 | 2025-03-17T21:13:01.202404

572 Relay not authorized\r\n

10018 / tcp

1504401647 | 2025-03-08T20:46:34.418940

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

10024 / tcp

-1473669891 | 2025-03-10T10:52:12.451822

\\x00[\'(\\xc0\\xa8X\\xfd

10036 / tcp

-1399940268 | 2025-02-21T19:32:49.996158

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10043 / tcp

-358801646 | 2025-03-13T13:58:18.396027

SSH-2.0-OpenSSH_6.6.1

10134 / tcp

1830187220 | 2025-03-09T08:00:59.066738

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

10210 / tcp

-1399940268 | 2025-03-07T09:34:15.788051

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10250 / tcp

-527005584 | 2025-02-24T01:14:35.107386

/0 0 L
/0 0 HUH

10256 / tcp

-2096652808 | 2025-03-12T16:44:31.021621

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

10324 / tcp

921225407 | 2025-03-14T12:22:51.631629

\x00\x00\x00\x04\x00\x00\x00\x00\x00

10443 / tcp

-346949922 | 2025-03-04T11:27:49.557149

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Tue, 04 Mar 2025 11:27:49 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://8.141.181.255:443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

10554 / tcp

-2031152423 | 2025-03-08T18:20:43.248284

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

10810 / tcp

1975288991 | 2025-03-14T21:12:42.051954

OPTI

10911 / tcp

819727972 | 2025-02-19T09:57:32.965083

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

10943 / tcp

-1598265216 | 2025-02-26T19:02:29.927146

@RSYNCD: 31.0

11001 / tcp

1492413928 | 2025-03-13T02:27:36.324762

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

11075 / tcp

921225407 | 2025-02-23T17:22:57.130473

\x00\x00\x00\x04\x00\x00\x00\x00\x00

11211 / tcp

-136006866 | 2025-03-12T10:29:49.388931

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

11443 / tcp

599074451 | 2025-03-05T09:07:59.269005

msg

11681 / tcp

-1399940268 | 2025-03-13T20:38:13.212528

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12000 / tcp

298695200 | 2025-03-16T06:18:29.368934

220 welcome to connecting FTP server\r\n

12116 / tcp

1623746877 | 2025-03-05T09:56:45.799499

500 Permission denied - closing connection.\r\n

12118 / tcp

321971019 | 2025-03-09T21:25:42.998554

-ERR client ip is not in whitelist\r

12125 / tcp

1353260875 | 2025-03-08T17:45:55.689544

\x00[g\xc2\x95N\x7f\x00\x00

12135 / tcp

165188539 | 2025-02-26T01:30:54.688798

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12144 / tcp

-1399940268 | 2025-02-20T22:21:44.346918

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12148 / tcp

599074451 | 2025-03-06T07:43:35.389992

msg

12161 / tcp

1726594447 | 2025-03-08T18:39:22.520106

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

12167 / tcp

-1327660293 | 2025-03-10T12:43:48.532169

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

12171 / tcp

971933601 | 2025-03-14T01:08:04.151939

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

12183 / tcp

-1099385124 | 2025-02-25T01:03:34.235070

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

12199 / tcp

1911457608 | 2025-03-15T10:21:59.573195

\x00[\x00\x00\x00\x00\x00\x00

12209 / tcp

1761482307 | 2025-03-11T18:54:52.086268

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

12210 / tcp

-1189269828 | 2025-03-05T22:01:04.420269

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12224 / tcp

1615193817 | 2025-02-27T19:13:00.558557

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

12225 / tcp

1282941221 | 2025-02-23T18:33:30.806570

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

12226 / tcp

165188539 | 2025-02-24T16:46:21.724147

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12227 / tcp

-1730858130 | 2025-03-17T19:27:05.034679

RFB 003.008
VNC:
  Protocol Version: 3.8

12244 / tcp

1282941221 | 2025-02-28T20:12:03.824577

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

12248 / tcp

-1428621233 | 2025-03-10T14:00:25.683264

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

12250 / tcp

-784071826 | 2025-02-26T14:49:05.716236

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 5 1

12271 / tcp

-1399940268 | 2025-02-27T19:08:34.088307

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12278 / tcp

-1399940268 | 2025-03-14T18:20:39.201966

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12290 / tcp

-1399940268 | 2025-03-06T04:40:21.413367

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12291 / tcp

-249504111 | 2025-03-17T04:10:45.213170

\x00[xU-\x7f\x00\x00

12294 / tcp

722711397 | 2025-03-10T02:43:51.463773

\x00[M\xc3\xba\xc3\x9a\x7f\x00\x00

12297 / tcp

-1399940268 | 2025-03-06T20:27:56.885643

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12336 / tcp

1126993057 | 2025-02-25T18:54:06.788716

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

12342 / tcp

1011407350 | 2025-02-19T18:50:02.209247

* OK GroupWise IMAP4rev1 Server Ready\r\n

12344 / tcp

2063598737 | 2025-02-28T17:48:27.582189

/0 0 L\r\n/0 0 HUH\r\n

12345 / tcp

296364507 | 2025-03-17T21:48:05.087887

HTTP/1.1 500 Internal Server Error
SERVER: Trend Chip UPnP/1.0 DMS
CONNECTION: close
CONTENT-LENGTH: 60
CONTENT-TYPE: text/html

12353 / tcp

-2096652808 | 2025-03-09T14:57:43.181067

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12365 / tcp

-2089734047 | 2025-02-25T22:51:22.176567

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12366 / tcp

1911457608 | 2025-02-18T22:10:43.750369

\x00[\x00\x00\x00\x00\x00\x00

12379 / tcp

-1476017887 | 2025-02-27T14:32:35.860262

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

12404 / tcp

-1487943323 | 2025-02-23T20:56:33.113715

431 Unable to negotiate secure command connection.\r\n

12411 / tcp

-1810987450 | 2025-03-15T14:45:19.381679

\xc3\xbf

12424 / tcp

740837454 | 2025-03-06T14:17:17.186698

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

12478 / tcp

165188539 | 2025-03-03T19:11:29.113334

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12482 / tcp

-1399940268 | 2025-03-13T08:22:16.101879

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12484 / tcp

1911457608 | 2025-03-10T23:29:35.619004

\x00[\x00\x00\x00\x00\x00\x00

12499 / tcp

-1399940268 | 2025-03-11T21:57:05.834480

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12522 / tcp

-1399940268 | 2025-02-22T23:15:28.315717

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12531 / tcp

669849225 | 2025-03-12T00:29:42.906180

SSH-98.60-SysaxSSH_81885..42\r\n

12533 / tcp

-1399940268 | 2025-03-05T19:46:25.069535

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12561 / tcp

819727972 | 2025-03-06T05:16:40.153221

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

14147 / tcp

-2089734047 | 2025-03-07T07:03:31.006406

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

14265 / tcp

-808595785 | 2025-03-17T08:03:42.470578

HELO:10.3.6.0.false

14344 / tcp

165188539 | 2025-03-05T15:50:36.574169

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

14524 / tcp

-1810987450 | 2025-03-09T05:30:03.300408

\xc3\xbf

14895 / tcp

1911457608 | 2025-02-25T00:35:58.250598

\x00[\x00\x00\x00\x00\x00\x00

15002 / tcp

616471057 | 2025-02-27T07:06:24.797726

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=utf-8
X-Powered-By: PHP/7.4.19
refresh: 1800
Vary: Accept-Encoding
Transfer-Encoding: chunked

Vulnerabilities

3 6 10 1

15018 / tcp

2143387245 | 2025-02-22T16:54:18.878289

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

15044 / tcp

401555314 | 2025-03-04T07:38:31.552329

NB[GFXjA^R

15502 / tcp

-1399940268 | 2025-03-11T18:29:06.053346

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

15503 / tcp

-2089734047 | 2025-03-06T06:42:47.342331

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

16004 / tcp

-136006866 | 2025-03-08T21:24:14.875568

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

16009 / tcp

632542934 | 2025-03-03T21:17:25.458825

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

16011 / tcp

1543809371 | 2025-03-17T20:08:51.005815

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

16013 / tcp

-1399940268 | 2025-02-22T07:28:24.778495

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16016 / tcp

-147424911 | 2025-02-24T05:27:27.333909

HTTP/1.1 404 Not Found
Content Length: 0

16022 / tcp

-1399940268 | 2025-02-22T14:26:43.473221

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

16025 / tcp

165188539 | 2025-03-16T03:22:53.486279

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

16036 / tcp

819727972 | 2025-02-28T06:39:32.515946

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

16058 / tcp

1011407350 | 2025-02-19T22:17:54.767146

* OK GroupWise IMAP4rev1 Server Ready\r\n

16059 / tcp

-980525298 | 2025-02-23T21:04:09.925987

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

16063 / tcp

1911457608 | 2025-03-11T11:31:50.947027

\x00[\x00\x00\x00\x00\x00\x00

16072 / tcp

-358801646 | 2025-02-23T23:18:54.458462

SSH-2.0-OpenSSH_6.6.1

16090 / tcp

-1795027372 | 2025-03-07T11:24:41.121516

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

16402 / tcp

1911457608 | 2025-02-20T05:14:19.627354

\x00[\x00\x00\x00\x00\x00\x00

16993 / tcp

-971970408 | 2025-02-19T07:09:32.555598

17182 / tcp

580340387 | 2025-03-10T07:30:22.077809

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

18009 / tcp

1911457608 | 2025-03-05T10:13:04.703431

\x00[\x00\x00\x00\x00\x00\x00

18036 / tcp

-2089734047 | 2025-03-16T04:09:21.462264

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

18043 / tcp

1911457608 | 2025-02-20T19:50:07.313302

\x00[\x00\x00\x00\x00\x00\x00

18057 / tcp

51259122 | 2025-03-13T15:10:55.821586

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

18072 / tcp

819727972 | 2025-02-18T04:10:35.611292

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

18081 / tcp

-249504111 | 2025-03-16T19:27:08.605087

\x00[xU-\x7f\x00\x00

18102 / tcp

-1399940268 | 2025-02-20T18:25:43.749318

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18182 / tcp

320677201 | 2025-02-26T14:12:19.868924

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

18245 / tcp

1911457608 | 2025-03-15T22:49:11.400533

\x00[\x00\x00\x00\x00\x00\x00

19000 / tcp

740837454 | 2025-03-11T12:37:07.548828

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

19222 / tcp

2063598737 | 2025-03-05T02:46:31.638619

/0 0 L\r\n/0 0 HUH\r\n

19999 / tcp

-1327660293 | 2025-03-04T14:27:26.479952

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

20000 / tcp

1900503736 | 2025-03-13T17:12:43.817987

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

20060 / tcp

-2089734047 | 2025-03-10T22:19:29.029633

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

20202 / tcp

-2033111675 | 2025-03-12T17:21:10.178942

~djb

20256 / tcp

-1399940268 | 2025-02-23T23:49:17.143413

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20500 / tcp

-1399940268 | 2025-03-08T22:59:46.977529

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20547 / tcp

-2089734047 | 2025-03-04T19:00:53.534685

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

20880 / tcp

1370263973 | 2025-03-06T18:37:57.189463

dubbo>

21025 / tcp

-375604792 | 2025-03-06T20:07:41.893356

220 Microsoft FTP Service

21083 / tcp

-1699556818 | 2025-02-19T07:24:55.492298

\x01remshd: Kerberos Authentication not enabled.\n

21084 / tcp

-146605374 | 2025-03-15T18:12:03.259037

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

21233 / tcp

1492413928 | 2025-03-14T17:08:17.101994

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

21302 / tcp

671605376 | 2025-03-07T03:23:14.504927

SSH-2.0-OpenSSH_X.X

21318 / tcp

819727972 | 2025-02-21T14:12:43.950713

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

21379 / tcp

-1399940268 | 2025-02-21T16:39:12.028020

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

22022 / tcp

-1399940268 | 2025-03-11T20:40:00.901671

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

23023 / tcp

-1448296133 | 2025-03-17T15:56:12.046280

[ç

25565 / tcp

2143387245 | 2025-03-11T22:03:07.094501

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

27015 / tcp

-1476017887 | 2025-03-14T00:33:16.645182

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

27017 / tcp

1763259671 | 2025-03-09T16:28:24.442323

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

28015 / tcp

-358801646 | 2025-03-11T15:22:16.480355

SSH-2.0-OpenSSH_6.6.1

28080 / tcp

-1538260461 | 2025-03-05T12:29:26.060669

\x01\x00\x00\x00

30007 / tcp

819727972 | 2025-02-28T07:24:30.954242

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

30122 / tcp

410249975 | 2025-03-11T03:28:01.501248

LNS READY<>

30301 / tcp

-971970408 | 2025-03-15T18:03:35.909825

31001 / tcp

1911457608 | 2025-02-24T22:31:38.905402

\x00[\x00\x00\x00\x00\x00\x00

31017 / tcp

1911457608 | 2025-03-11T05:31:44.230622

\x00[\x00\x00\x00\x00\x00\x00

31122 / tcp

873425297 | 2025-03-09T12:39:06.828175

200 NOD32SS 99 (3318497116)

31337 / tcp

-147424911 | 2025-03-16T09:24:58.724068

HTTP/1.1 404 Not Found
Content Length: 0

31380 / tcp

-1487943323 | 2025-02-25T21:55:21.996654

431 Unable to negotiate secure command connection.\r\n

31422 / tcp

539065883 | 2025-03-13T01:54:10.817187

31522 / tcp

-746114901 | 2025-03-12T23:44:59.147832

[KpU

31822 / tcp

-1097188123 | 2025-03-12T06:26:46.113847

[g\xc2\x95N\x7f

32001 / tcp

-1045760528 | 2025-02-27T02:11:59.789805

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

32522 / tcp

-971970408 | 2025-03-08T15:29:59.588181

32764 / tcp

171352214 | 2025-03-13T13:53:50.961084

-ERR client ip is not in whitelist

33060 / tcp

-971970408 | 2025-03-15T00:27:32.381793

33322 / tcp

-1477838366 | 2025-02-23T16:26:49.017934

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

33622 / tcp

-1626979812 | 2025-03-08T18:45:41.106630

220 Service ready for new user.

34222 / tcp

-154107716 | 2025-03-07T18:24:48.388242

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

34522 / tcp

-1681927087 | 2025-03-05T05:06:12.302903

kjnkjabhbanc283ubcsbhdc72

34722 / tcp

-1779118422 | 2025-03-03T23:21:44.263939

\x00[\xc2\xae\xc2\x8d{\x7f\x00\x00

35000 / tcp

-805362002 | 2025-03-16T19:59:09.892277

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

35004 / tcp

1543809371 | 2025-02-26T23:39:43.134774

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

35022 / tcp

1741579575 | 2025-03-04T00:35:05.453052

35241 / tcp

-1399940268 | 2025-02-26T08:01:39.099505

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

35522 / tcp

2087396567 | 2025-03-04T03:33:06.656680

kjnkjabhbanc283ubcsbhdc72

35524 / tcp

-1888448627 | 2025-03-14T23:22:03.361009

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

35554 / tcp

-1888448627 | 2025-03-03T18:47:57.928493

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

35922 / tcp

171352214 | 2025-03-16T20:12:26.710737

-ERR client ip is not in whitelist

36222 / tcp

320677201 | 2025-03-17T18:51:41.846316

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

37122 / tcp

2087396567 | 2025-03-16T22:02:09.377965

kjnkjabhbanc283ubcsbhdc72

37522 / tcp

1077013874 | 2025-02-28T15:59:25.601354

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

37822 / tcp

-1999117212 | 2025-03-14T01:14:34.101208

38122 / tcp

1978059005 | 2025-03-15T16:28:43.394456

Sorry, that nickname format is invalid.

38222 / tcp

-971970408 | 2025-03-11T17:26:11.535142

38322 / tcp

-746114901 | 2025-03-15T12:39:29.035492

[KpU

38522 / tcp

2087396567 | 2025-03-13T22:56:16.537231

kjnkjabhbanc283ubcsbhdc72

38822 / tcp

1077013874 | 2025-03-03T19:18:15.500273

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

38922 / tcp

2087396567 | 2025-03-13T14:31:38.313125

kjnkjabhbanc283ubcsbhdc72

39122 / tcp

-146605374 | 2025-03-13T17:31:43.562667

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

39222 / tcp

2087396567 | 2025-02-20T11:51:49.664745

kjnkjabhbanc283ubcsbhdc72

39322 / tcp

-1114821551 | 2025-03-11T14:00:37.541925

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

39522 / tcp

819727972 | 2025-03-11T08:12:03.579906

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

39622 / tcp

2087396567 | 2025-02-20T03:52:27.620305

kjnkjabhbanc283ubcsbhdc72

40022 / tcp

539065883 | 2025-03-09T09:59:19.724632

40322 / tcp

539065883 | 2025-03-08T20:11:46.864744

40722 / tcp

-971970408 | 2025-03-08T13:34:33.374288

41222 / tcp

-971970408 | 2025-03-04T23:57:47.715132

41800 / tcp

-1036370807 | 2025-03-12T07:15:31.715413

JDWP-Handshake

42222 / tcp

-2096652808 | 2025-03-04T22:30:57.090573

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

43522 / tcp

1690634669 | 2025-02-25T19:54:09.348759

43622 / tcp

819727972 | 2025-02-21T17:55:49.661262

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

43922 / tcp

1636811864 | 2025-02-27T08:44:36.616933

44122 / tcp

-971970408 | 2025-02-19T01:00:14.876208

44158 / tcp

-433302150 | 2025-03-04T11:30:37.362440

/multistream/1.0.0

44301 / tcp

1911457608 | 2025-02-20T04:58:14.019050

\x00[\x00\x00\x00\x00\x00\x00

44307 / tcp

-1399940268 | 2025-02-23T17:09:17.226452

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

44308 / tcp

-1730858130 | 2025-03-12T04:21:36.201043

RFB 003.008
VNC:
  Protocol Version: 3.8

44322 / tcp

-1681927087 | 2025-02-26T09:23:49.952382

kjnkjabhbanc283ubcsbhdc72

44334 / tcp

-1648456501 | 2025-03-17T16:46:12.500447

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

44365 / tcp

819727972 | 2025-02-19T06:10:30.990318

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

44400 / tcp

15018106 | 2025-02-26T15:06:50.866740

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

44818 / tcp

165188539 | 2025-03-11T20:04:30.739680

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

45005 / tcp

1134517380 | 2025-03-09T14:02:26.568822

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

45122 / tcp

1741579575 | 2025-02-24T06:16:40.120381

45668 / tcp

-1248408558 | 2025-03-14T19:24:19.739387

220 MikroTik FTP server (MikroTik 6.44.3) ready

45777 / tcp

-1746074029 | 2025-03-09T11:02:21.382934

101 imqbroker =unV\r\n

45821 / tcp

-1399940268 | 2025-02-23T07:44:40.248141

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

46022 / tcp

-1032713145 | 2025-02-21T20:19:32.052272

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

46222 / tcp

1842524259 | 2025-02-24T22:16:18.496693

46322 / tcp

1948301213 | 2025-02-24T20:02:19.433946

RFB 003.003
VNC:
  Protocol Version: 3.3

46522 / tcp

2087396567 | 2025-02-24T04:32:56.923252

kjnkjabhbanc283ubcsbhdc72

46622 / tcp

1723769361 | 2025-02-24T02:49:03.364506

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

46822 / tcp

117101543 | 2025-02-24T01:17:09.586448

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

47122 / tcp

-1136600457 | 2025-02-23T21:34:41.135387

HELO:10.3.6.0.false
AS:2048
HL:19

47222 / tcp

1919228981 | 2025-02-23T19:50:59.290972

\x00\x1e\x00\x06\xc2\x81\xc2\x85\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

47522 / tcp

2087396567 | 2025-02-25T09:09:41.787014

kjnkjabhbanc283ubcsbhdc72

47534 / tcp

-904840257 | 2025-02-21T16:14:26.611447

572 Relay not authorized\r\n

48018 / tcp

-1032713145 | 2025-03-05T04:02:48.779448

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

48322 / tcp

539065883 | 2025-03-10T01:10:49.146561

48422 / tcp

1887224352 | 2025-03-09T23:43:05.217264

48622 / tcp

2087396567 | 2025-02-23T11:15:03.048026

kjnkjabhbanc283ubcsbhdc72

48722 / tcp

-1013082686 | 2025-02-23T09:28:38.616398

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

48822 / tcp

971933601 | 2025-02-24T16:34:23.088696

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

49210 / tcp

1911457608 | 2025-03-17T13:33:16.969211

\x00[\x00\x00\x00\x00\x00\x00

49222 / tcp

-1730858130 | 2025-02-23T01:02:14.528438

RFB 003.008
VNC:
  Protocol Version: 3.8

49322 / tcp

-1999117212 | 2025-02-20T20:54:45.351582

49422 / tcp

-358801646 | 2025-02-23T02:02:28.796355

SSH-2.0-OpenSSH_6.6.1

49501 / tcp

408230060 | 2025-03-17T07:54:20.623454

\r\nSorry, that nickname format is invalid.\r\n

49622 / tcp

1741579575 | 2025-02-22T11:48:54.414604

49722 / tcp

-1248408558 | 2025-02-22T21:11:06.104208

220 MikroTik FTP server (MikroTik 6.44.3) ready

49822 / tcp

1975288991 | 2025-02-22T20:09:33.912706

OPTI

49922 / tcp

1842524259 | 2025-02-22T17:45:16.964641

50000 / tcp

-1559123399 | 2025-03-17T17:32:59.159399

500 Permission denied - closing connection.

50014 / tcp

-1399940268 | 2025-02-21T04:14:21.810188

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

50050 / tcp

1541211644 | 2025-03-16T11:53:56.235994

[\xc2\xba\x7fs\x7f

50073 / tcp

-1839934832 | 2025-03-15T16:37:43.725603

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

50085 / tcp

-1399940268 | 2025-03-07T01:47:12.468894

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

50100 / tcp

-585940771 | 2025-03-15T16:41:44.832206

Unknown command\r\n

50103 / tcp

-1888448627 | 2025-02-21T02:35:09.799050

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

50160 / tcp

-1399940268 | 2025-02-23T11:19:38.737506

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

50522 / tcp

-971970408 | 2025-02-21T22:04:55.775730

50922 / tcp

-1476017887 | 2025-02-21T15:11:38.443317

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

50996 / tcp

-2089734047 | 2025-02-27T19:22:51.680669

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

51004 / tcp

398077695 | 2025-02-26T22:39:56.120977

51222 / tcp

-319440554 | 2025-02-21T11:49:59.010504

51322 / tcp

-1036370807 | 2025-02-21T09:14:26.628998

JDWP-Handshake

51443 / tcp

2087396567 | 2025-03-11T23:43:08.179794

kjnkjabhbanc283ubcsbhdc72

51822 / tcp

-1730858130 | 2025-02-20T15:18:54.354583

RFB 003.008
VNC:
  Protocol Version: 3.8

52022 / tcp

1690634669 | 2025-03-06T23:38:03.867500

52522 / tcp

-971970408 | 2025-02-19T07:56:28.691463

52822 / tcp

299574816 | 2025-02-19T20:59:46.280531

220-FileZilla Server 1.4.1
220 Please visit https://filezilla-project.org/

52951 / tcp

119860953 | 2025-03-13T15:58:44.822005

* OK ArGoSoft Mail Server IMAP Module v.YW at

53922 / tcp

-321444299 | 2025-02-19T05:54:45.545872

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

54138 / tcp

597764502 | 2025-02-27T19:10:22.202273

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

54322 / tcp

103159425 | 2025-02-18T22:37:49.147863

SSH-1.99-RGOS_SSH

54722 / tcp

-1114821551 | 2025-02-18T11:46:55.194614

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

55222 / tcp

2087396567 | 2025-03-07T01:30:13.660704

kjnkjabhbanc283ubcsbhdc72

55422 / tcp

-2017887953 | 2025-03-06T17:25:52.288513

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 9 1

55522 / tcp

-2107996212 | 2025-03-06T21:52:43.042538

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

55554 / tcp

1267517148 | 2025-03-11T05:58:33.994588

=Àÿÿ?"<ZDECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6

57622 / tcp

2087396567 | 2025-03-06T08:53:16.154143

kjnkjabhbanc283ubcsbhdc72

57822 / tcp

707919486 | 2025-03-06T05:10:46.265752

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

57922 / tcp

996960436 | 2025-03-06T03:46:32.597299

572 Relay not authorized

58122 / tcp

1741579575 | 2025-03-06T01:41:44.317420

58222 / tcp

1842524259 | 2025-03-05T23:56:36.678992

58422 / tcp

-1114821551 | 2025-03-05T21:13:43.295748

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

58722 / tcp

-971970408 | 2025-03-05T17:02:24.046433

59122 / tcp

-2096652808 | 2025-03-05T10:10:12.998418

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

59222 / tcp

380146262 | 2025-03-05T08:26:32.246200

@RSYNCD: 30.0

59522 / tcp

2087396567 | 2025-03-03T18:47:13.619225

kjnkjabhbanc283ubcsbhdc72

60129 / tcp

1842524259 | 2025-03-04T18:34:36.439889

60443 / tcp

-147424911 | 2025-03-10T21:14:06.714184

HTTP/1.1 404 Not Found
Content Length: 0

61616 / tcp

-1461540015 | 2025-03-09T21:44:07.596355

audio 0 RTP/AVP 18 4 3 8 0 101
a

61617 / tcp

819727972 | 2025-03-11T00:41:25.685302

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

63210 / tcp

1632932802 | 2025-03-06T10:07:52.852328

63256 / tcp

-441419608 | 2025-03-07T11:35:43.692457

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

63260 / tcp

-1013082686 | 2025-03-15T06:21:16.561931

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

65000 / tcp

1893177623 | 2025-03-05T04:25:35.318052

HTTP/1.1 200 OK
Server: KKIDC DDOS
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding

8.141.181.255

Last Seen: 2025-03-17

Tags:

GeneralInformation

WebTechnologies

OpenPorts

2 / tcp -2096652808 | 2025-03-15T22:05:29.422068

11 / tcp 2087396567 | 2025-03-13T04:39:15.634016

13 / tcp -1036370807 | 2025-03-06T08:11:28.361306

15 / tcp 1911457608 | 2025-03-15T06:57:42.985677

17 / tcp 5698739 | 2025-02-28T04:57:41.718037

21 / tcp 1564456597 | 2025-03-10T16:22:38.115493

25 / tcp -1435414831 | 2025-03-09T23:05:18.655525

43 / tcp 472902042 | 2025-03-16T17:08:04.522913

49 / tcp -801484042 | 2025-03-13T09:26:18.317849

70 / tcp -1056270173 | 2025-03-17T21:07:48.196629

79 / tcp -2101653054 | 2025-02-25T10:39:50.558743

80 / tcp -1593055664 | 2025-03-07T07:29:34.482385

Hashes

99 / tcp 1713556628 | 2025-03-06T20:19:56.429566

102 / tcp 1615193817 | 2025-03-08T16:00:02.304959

110 / tcp 819727972 | 2025-03-13T03:05:31.167485

111 / tcp -53360811 | 2025-02-26T17:40:57.236215

113 / tcp -1777894858 | 2025-03-13T08:53:12.719591

119 / tcp 141730637 | 2025-03-13T12:13:38.835273

122 / tcp 632542934 | 2025-02-23T16:48:28.425182

175 / tcp -1399940268 | 2025-03-11T17:17:27.833151

264 / tcp -1718229072 | 2025-03-12T08:03:36.150874

311 / tcp 602337838 | 2025-03-13T16:30:12.726234

314 / tcp -1733645023 | 2025-03-16T15:11:51.803247

385 / tcp 819727972 | 2025-03-12T13:55:58.543474

389 / tcp -1713467553 | 2025-03-15T07:51:25.067369

400 / tcp -1730858130 | 2025-03-13T20:01:20.290657

427 / tcp -349937125 | 2025-02-20T11:15:29.135165

440 / tcp 921225407 | 2025-02-24T09:59:26.631339

441 / tcp -1399940268 | 2025-02-25T14:10:02.703541

443 / tcp 592534558 | 2025-02-24T23:37:17.161956

Hashes

444 / tcp 1678104936 | 2025-03-13T20:56:00.944841

446 / tcp 1911457608 | 2025-02-24T15:58:10.188767

451 / tcp -1399940268 | 2025-03-16T09:08:39.861829

452 / tcp 632542934 | 2025-03-06T07:49:03.781208

465 / tcp 897328069 | 2025-03-13T01:18:38.928883

480 / tcp -2096652808 | 2025-02-18T20:40:08.779050

502 / tcp -1996280214 | 2025-02-20T11:00:07.494961

503 / tcp -653033013 | 2025-03-11T12:05:37.020327

513 / tcp 599074451 | 2025-03-12T23:44:41.471221

515 / tcp -1013082686 | 2025-03-12T18:16:54.521750

541 / tcp -269727450 | 2025-02-24T19:44:37.106761

548 / tcp 1801869778 | 2025-03-10T10:27:16.402859

554 / tcp 285770450 | 2025-02-21T03:21:47.297580

587 / tcp -721592220 | 2025-03-10T21:42:01.642514

636 / tcp -779815868 | 2025-02-20T12:04:54.717085

666 / tcp 1300162323 | 2025-03-15T19:36:42.146270

771 / tcp 1763259671 | 2025-03-11T07:56:20.877917

830 / tcp 103159425 | 2025-03-17T04:12:08.909921

873 / tcp -1970692834 | 2025-03-10T18:43:35.229068

995 / tcp 1685649979 | 2025-03-14T19:35:06.821335

1023 / tcp 1231376952 | 2025-02-22T15:30:24.509041

1025 / tcp 1504401647 | 2025-02-23T14:27:20.207519

1080 / tcp 1362344524 | 2025-03-10T18:56:05.382348

1099 / tcp -2089734047 | 2025-02-26T09:52:27.655567

1153 / tcp 819727972 | 2025-03-11T21:05:51.077825

1190 / tcp 307999478 | 2025-03-10T16:13:44.030839

1195 / tcp -1297953727 | 2025-03-09T23:27:57.275411

1200 / tcp 819727972 | 2025-03-16T13:51:08.744574

1337 / tcp -2031152423 | 2025-03-10T14:33:19.369611

1366 / tcp -1730858130 | 2025-03-15T15:55:53.707698

1414 / tcp -784071826 | 2025-03-05T11:12:33.871948

1433 / tcp -651181868 | 2025-02-24T04:59:13.337397

1515 / tcp 416263569 | 2025-03-13T11:32:09.719603

1599 / tcp -375604792 | 2025-02-21T01:21:39.626369

1604 / tcp -1839934832 | 2025-03-12T05:52:47.766815

1800 / tcp -1399940268 | 2025-03-05T22:26:56.374904

1801 / tcp -1139999322 | 2025-02-21T16:20:33.652849

1883 / tcp 660175493 | 2025-03-11T11:32:31.694913

1911 / tcp 639175818 | 2025-02-20T04:01:28.015159

1926 / tcp 1842524259 | 2025-02-20T04:04:17.424501

1952 / tcp -1399940268 | 2025-02-24T05:02:08.974143

1970 / tcp 1642597142 | 2025-03-15T01:58:46.239719

2 / tcp

-2096652808 | 2025-03-15T22:05:29.422068

11 / tcp

2087396567 | 2025-03-13T04:39:15.634016

13 / tcp

-1036370807 | 2025-03-06T08:11:28.361306

15 / tcp

1911457608 | 2025-03-15T06:57:42.985677

17 / tcp

5698739 | 2025-02-28T04:57:41.718037

21 / tcp

1564456597 | 2025-03-10T16:22:38.115493

25 / tcp

-1435414831 | 2025-03-09T23:05:18.655525

43 / tcp

472902042 | 2025-03-16T17:08:04.522913

49 / tcp

-801484042 | 2025-03-13T09:26:18.317849

70 / tcp

-1056270173 | 2025-03-17T21:07:48.196629

79 / tcp

-2101653054 | 2025-02-25T10:39:50.558743

80 / tcp

-1593055664 | 2025-03-07T07:29:34.482385

99 / tcp

1713556628 | 2025-03-06T20:19:56.429566

102 / tcp

1615193817 | 2025-03-08T16:00:02.304959

110 / tcp

819727972 | 2025-03-13T03:05:31.167485

111 / tcp

-53360811 | 2025-02-26T17:40:57.236215

113 / tcp

-1777894858 | 2025-03-13T08:53:12.719591

119 / tcp

141730637 | 2025-03-13T12:13:38.835273

122 / tcp

632542934 | 2025-02-23T16:48:28.425182

175 / tcp

-1399940268 | 2025-03-11T17:17:27.833151

264 / tcp

-1718229072 | 2025-03-12T08:03:36.150874

311 / tcp

602337838 | 2025-03-13T16:30:12.726234

314 / tcp

-1733645023 | 2025-03-16T15:11:51.803247

385 / tcp

819727972 | 2025-03-12T13:55:58.543474

389 / tcp

-1713467553 | 2025-03-15T07:51:25.067369

400 / tcp

-1730858130 | 2025-03-13T20:01:20.290657

427 / tcp

-349937125 | 2025-02-20T11:15:29.135165

440 / tcp

921225407 | 2025-02-24T09:59:26.631339

441 / tcp

-1399940268 | 2025-02-25T14:10:02.703541

443 / tcp

592534558 | 2025-02-24T23:37:17.161956

444 / tcp

1678104936 | 2025-03-13T20:56:00.944841

446 / tcp

1911457608 | 2025-02-24T15:58:10.188767

451 / tcp

-1399940268 | 2025-03-16T09:08:39.861829

452 / tcp

632542934 | 2025-03-06T07:49:03.781208

465 / tcp

897328069 | 2025-03-13T01:18:38.928883

480 / tcp

-2096652808 | 2025-02-18T20:40:08.779050

502 / tcp

-1996280214 | 2025-02-20T11:00:07.494961

503 / tcp

-653033013 | 2025-03-11T12:05:37.020327

513 / tcp

599074451 | 2025-03-12T23:44:41.471221

515 / tcp

-1013082686 | 2025-03-12T18:16:54.521750

541 / tcp

-269727450 | 2025-02-24T19:44:37.106761

548 / tcp

1801869778 | 2025-03-10T10:27:16.402859

554 / tcp

285770450 | 2025-02-21T03:21:47.297580

587 / tcp

-721592220 | 2025-03-10T21:42:01.642514

636 / tcp

-779815868 | 2025-02-20T12:04:54.717085

666 / tcp

1300162323 | 2025-03-15T19:36:42.146270

771 / tcp

1763259671 | 2025-03-11T07:56:20.877917

830 / tcp

103159425 | 2025-03-17T04:12:08.909921

873 / tcp

-1970692834 | 2025-03-10T18:43:35.229068

995 / tcp

1685649979 | 2025-03-14T19:35:06.821335

1023 / tcp

1231376952 | 2025-02-22T15:30:24.509041

1025 / tcp

1504401647 | 2025-02-23T14:27:20.207519

1080 / tcp

1362344524 | 2025-03-10T18:56:05.382348

1099 / tcp

-2089734047 | 2025-02-26T09:52:27.655567

1153 / tcp

819727972 | 2025-03-11T21:05:51.077825

1190 / tcp

307999478 | 2025-03-10T16:13:44.030839

1195 / tcp

-1297953727 | 2025-03-09T23:27:57.275411

1200 / tcp

819727972 | 2025-03-16T13:51:08.744574

1337 / tcp

-2031152423 | 2025-03-10T14:33:19.369611

1366 / tcp

-1730858130 | 2025-03-15T15:55:53.707698

1414 / tcp

-784071826 | 2025-03-05T11:12:33.871948

1433 / tcp

-651181868 | 2025-02-24T04:59:13.337397

1515 / tcp

416263569 | 2025-03-13T11:32:09.719603

1599 / tcp

-375604792 | 2025-02-21T01:21:39.626369

1604 / tcp

-1839934832 | 2025-03-12T05:52:47.766815

1800 / tcp

-1399940268 | 2025-03-05T22:26:56.374904

1801 / tcp

-1139999322 | 2025-02-21T16:20:33.652849

1883 / tcp

660175493 | 2025-03-11T11:32:31.694913

1911 / tcp

639175818 | 2025-02-20T04:01:28.015159

1926 / tcp

1842524259 | 2025-02-20T04:04:17.424501

1952 / tcp

-1399940268 | 2025-02-24T05:02:08.974143

1970 / tcp

1642597142 | 2025-03-15T01:58:46.239719

1978 / tcp

-1399940268 | 2025-03-12T16:28:38.614923

1990 / tcp

165188539 | 2025-02-19T07:33:26.806595

2000 / tcp

1543809371 | 2025-03-13T21:36:23.569503

2003 / tcp

165188539 | 2025-03-08T11:39:19.051290

2008 / tcp

398077695 | 2025-03-11T22:31:13.298007

2030 / tcp

1233062890 | 2025-02-24T21:08:47.544383

2051 / tcp

599074451 | 2025-03-06T17:52:36.544413

2056 / tcp

819727972 | 2025-03-04T02:03:33.515610