GeneralInformation

Hostnames	alibabacloud.co.in alibabacloud.com alibabacloud.com.au alibabacloud.com.hk alibabacloud.com.my alibabacloud.com.sg alibabacloud.com.tw alicdn.com alicloud.com aliyun-iot-share.com aliyun.com manager.channel.aliyun.com aliyuncs.com asmlink.cn scdnphi6.com sparenode.com supet.com tburl.in teambition.com teambition.net teambitionapis.com account.www.net.cn dc.www.net.cn dmp.www.net.cn dns.www.net.cn panda.www.net.cn pandavip.www.net.cn whois.www.net.cn
Domains	alibabacloud.co.in alibabacloud.com alibabacloud.com.au alibabacloud.com.hk alibabacloud.com.my alibabacloud.com.sg alibabacloud.com.tw alicdn.com alicloud.com aliyun-iot-share.com aliyun.com aliyuncs.com asmlink.cn scdnphi6.com sparenode.com supet.com tburl.in teambition.com teambition.net teambitionapis.com www.net.cn
Cloud Provider	Alibaba Cloud
Country	China
City	Beijing
Organization	Aliyun Computing Co.LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26465

6.8A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

2024(1)

CVE-2024-6387

8.1A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

2023(4)

CVE-2023-51767

7.0OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.

CVE-2023-51385

6.5In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

CVE-2023-48795

5.9The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

CVE-2023-38408

9.8The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

2021(2)

CVE-2021-41617

7.0sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.

CVE-2021-36368

3.7An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.

2020(2)

CVE-2020-15778

7.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

CVE-2020-14145

5.9The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

2019(4)

CVE-2019-16905

7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.

CVE-2019-6111

5.9An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).

CVE-2019-6110

6.8In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

CVE-2019-6109

6.8An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.

2018(3)

CVE-2018-20685

5.3In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

CVE-2018-15919

5.3Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'

CVE-2018-15473

5.3OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

2017(1)

CVE-2017-15906

5.3The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

2016(9)

CVE-2016-20012

5.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product

CVE-2016-10708

7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

CVE-2016-10012

7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

CVE-2016-10011

5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.

CVE-2016-10010

7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.

CVE-2016-10009

7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.

CVE-2016-3115

6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

CVE-2016-1908

9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

CVE-2016-0777

6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

2015(4)

CVE-2015-6564

6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563

1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600

8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.

CVE-2015-5352

4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

2014(3)

CVE-2014-2653

5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2014-2532

4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

CVE-2014-1692

7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.

2012(1)

CVE-2012-0814

3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

2011(2)

CVE-2011-5000

3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

CVE-2011-4327

2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2010(3)

CVE-2010-5107

5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

CVE-2010-4755

4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.

CVE-2010-4478

7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.

2008(1)

CVE-2008-3844

9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.

2007(1)

CVE-2007-2768

4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 17 19 24 25 26 37 38 43 49 70 79 80 87 92 93 94 96 102 104 106 110 113 135 175 179 195 221 264 311 343 442 443 462 465 503 513 515 548 554 593 636 666 789 885 888 994 995 1012 1023 1025 1063 1099 1153 1177 1188 1200 1234 1292 1337 1414 1443 1460 1515 1521 1599 1604 1801 1820 1883 1911 1926 1951 1952 1953 1954 1957 1962 1964 1972 1974 1980 1981 2002 2003 2006 2008 2020 2050 2067 2068 2081 2082 2083 2087 2121 2122 2150 2154 2181 2222 2323 2332 2345 2376 2404 2455 2570 2572 2806 3001 3063 3087 3089 3102 3121 3130 3138 3142 3143 3152 3154 3166 3167 3179 3183 3192 3195 3199 3260 3268 3269 3270 3301 3310 3389 3403 3406 3409 3524 3551 3554 3557 3780 3790 3952 4064 4080 4104 4150 4157 4160 4282 4433 4434 4443 4444 4500 4506 4510 4530 4545 4747 4786 4840 4911 4949 5006 5007 5009 5010 5011 5022 5051 5089 5090 5119 5172 5201 5233 5236 5239 5240 5252 5269 5280 5400 5523 5558 5605 5607 5660 5671 5678 5680 5822 5858 5904 5919 5938 5984 5992 5997 6001 6006 6021 6379 6443 6464 6590 6603 6633 6653 6666 6667 6668 6697 6775 6998 7001 7010 7050 7071 7083 7085 7087 7102 7105 7171 7173 7218 7325 7331 7433 7434 7548 8000 8001 8009 8014 8016 8021 8031 8040 8049 8055 8056 8076 8077 8083 8087 8089 8092 8099 8110 8115 8116 8118 8124 8126 8140 8146 8147 8149 8152 8158 8168 8181 8183 8185 8194 8200 8222 8285 8333 8382 8384 8419 8443 8444 8455 8472 8481 8500 8502 8505 8519 8545 8557 8579 8581 8587 8600 8649 8708 8723 8791 8801 8802 8804 8805 8834 8856 8860 8863 8875 8880 8889 8899 8908 8911 9000 9001 9004 9005 9010 9014 9019 9020 9022 9035 9039 9042 9051 9063 9071 9081 9089 9091 9103 9140 9146 9147 9151 9167 9173 9178 9181 9183 9186 9215 9218 9219 9246 9247 9250 9252 9257 9273 9299 9301 9306 9308 9333 9443 9456 9458 9505 9515 9527 9530 9550 9600 9633 9658 9761 9810 9876 9908 9943 9950 9993 9998 9999 10002 10005 10016 10025 10027 10035 10036 10037 10042 10050 10081 10087 10250 10444 10477 10554 10909 10911 11000 11027 11112 11182 11210 11288 11300 11596 12000 12016 12084 12088 12105 12114 12118 12123 12126 12146 12151 12154 12155 12162 12164 12171 12183 12194 12197 12202 12203 12219 12233 12258 12262 12272 12285 12304 12312 12334 12341 12345 12357 12363 12377 12380 12395 12399 12420 12422 12434 12455 12459 12480 12489 12491 12494 12499 12503 12507 12529 12550 12564 12566 12567 12577 12585 12601 13001 13128 13380 14330 14344 14403 14443 14875 14880 14901 15000 15001 15443 16000 16013 16036 16037 16045 16055 16062 16063 16066 16089 16311 16400 16404 16831 16993 17000 17001 17020 18008 18028 18029 18042 18081 18082 18083 18101 18107 18182 18239 18245 19000 20020 20053 20150 20440 20547 20880 21002 21025 21082 21083 21241 21247 21278 21300 21312 21379 21381 21515 22556 23084 24245 25001 25004 25006 25105 25565 26656 27015 28015 28080 30000 30002 30003 30022 30029 30083 30110 30113 30122 30301 30322 30422 30622 30822 30922 31022 31122 31210 31222 31444 31722 32022 32122 32222 32322 32622 32764 32822 32922 33022 33060 33222 33422 33522 33622 33722 33822 34222 34322 34422 34522 34622 34822 34922 35000 35002 35122 35222 35240 35241 35250 35322 35522 35531 35722 35822 35922 36122 36222 36522 36722 37022 37322 37522 37777 37922 38222 38333 38722 38880 39022 39422 39522 39622 39722 40070 40222 40322 40894 41794 41822 41922 42122 42208 42422 42901 43622 44022 44122 44158 44334 44345 44399 44410 45222 45322 45522 45622 45822 46022 46122 46222 46422 47001 47122 47522 47808 47990 48422 48522 48722 48888 48922 49692 49822 50000 50004 50014 50050 50070 50100 50777 51235 51443 52022 52200 52869 53022 53200 53481 54138 54984 55422 55443 55481 55553 55555 55722 55822 57622 57779 58122 58222 58522 58722 60129 61616 62078 63210 63256 63260 63676 64295

11 / tcp

-2031152423 | 2025-03-09T09:23:36.658755

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

13 / tcp

1725312227 | 2025-03-10T19:25:18.401689

12:06:55 2024/1/22

17 / tcp

366084633 | 2025-03-24T16:03:03.655738

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

19 / tcp

-746345752 | 2025-03-14T23:49:08.974941

¥A\x01,\x02L\x08Connectx\x0857222

24 / tcp

-2096652808 | 2025-02-27T18:31:46.198165

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

25 / tcp

1353260875 | 2025-03-19T16:47:53.086124

\x00[g\xc2\x95N\x7f\x00\x00

26 / tcp

1492413928 | 2025-03-13T21:39:10.961841

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

37 / tcp

1463575233 | 2025-02-28T23:29:21.866220

\\xe9XQg

38 / tcp

-2089734047 | 2025-03-09T09:07:58.633653

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

43 / tcp

1842524259 | 2025-03-10T09:18:19.471799

49 / tcp

-1101712668 | 2025-03-13T18:38:32.978029

\\x1e\xc3\x80\\x010\\x02\xc2\xa8\xc3\xa3

70 / tcp

-1385078233 | 2025-03-21T13:13:53.075274

HTTP/1.1 404 
Content-Type: text/html;charset=utf-8
Content-Language: zh-CN

79 / tcp

268196945 | 2025-03-18T15:45:10.844013

AB\x01

80 / tcp

501077178 | 2025-03-16T16:58:17.799895

Hashes

hash

-1456730244

http.dom_hash

1991980804

http.html_hash

501077178

http.server_hash

1673621694

http.title_hash

-1828380909

302 Found

HTTP/1.1 302 Moved Temporarily
Server: Tengine
Date: Sun, 16 Mar 2025 16:58:16 GMT
Content-Type: text/html
Content-Length: 215
Connection: keep-alive
Location: http://www.taobao.com/
Via: tongyijieru-aliyun-com-nu17-011195178216.nu17[web,302]

87 / tcp

-903067560 | 2025-03-15T17:22:54.209319

\x00[\x13)\xc2\x81\x7f\x00\x00

92 / tcp

-904840257 | 2025-03-22T00:00:45.661561

572 Relay not authorized\r\n

93 / tcp

-1140468363 | 2025-03-04T04:31:59.349906

\x02\t\x01

94 / tcp

-1947777893 | 2025-03-19T21:11:51.869413

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

96 / tcp

1911457608 | 2025-03-16T21:56:33.521830

\x00[\x00\x00\x00\x00\x00\x00

102 / tcp

722711397 | 2025-03-23T19:11:58.720954

\x00[M\xc3\xba\xc3\x9a\x7f\x00\x00

104 / tcp

1278527606 | 2025-03-13T14:30:16.796985

SSH-2.0-Teleport

106 / tcp

1107492609 | 2025-03-11T05:21:44.881672

HTTP/1.1 200 OK
Server: App-webs/
Content-Type: text/html
Connection: close

110 / tcp

-2089734047 | 2025-03-24T00:46:42.366543

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

113 / tcp

-414819019 | 2025-03-17T04:51:21.162568

HTTP/1.1 200 OK
Content-type: text/html
Connection: close

135 / tcp

-1589645334 | 2025-03-24T04:59:49.624600

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: C56L_POS01\n IP2: 60.251.195.90\n IP3: C56L_POS01\n\nNTLMSSP:\nTarget_Name: C56L_POS01\nProduct_Version: 5.1.2600 Ntlm 15\nOS: Windows XP/Windows XP, Service Pack 3\nNetBIOS_Domain_Name: C56L_POS01\nNetBIOS_Computer_Name: C56L_POS01\nDNS_Domain_Name: C56L_POS01\nDNS_Computer_Name: C56L_POS01\n\nDCERPC Dump:\n1088a980-eae5-11d0-8d9b-00a02453c337 ([MS-MQQP]: Message Queuing (MSMQ):):\n  - NCACN: 60.251.195.90:

175 / tcp

-358801646 | 2025-03-04T21:15:37.146328

SSH-2.0-OpenSSH_6.6.1

179 / tcp

-399606100 | 2025-02-27T20:50:13.256168

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

195 / tcp

291723434 | 2025-03-22T09:00:09.201501

Lantronix MSS100 Version V118/523(045538937)

Type HELP at the 'Local_61349> ' prompt for assistance.



Username>

221 / tcp

165188539 | 2025-03-24T02:26:01.057321

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

264 / tcp

-1707068558 | 2025-03-23T01:48:23.771043

311 / tcp

676753056 | 2025-03-11T14:06:11.667533

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html

343 / tcp

117101543 | 2025-03-23T08:38:41.276667

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

442 / tcp

-1399940268 | 2025-03-14T02:29:24.146364

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

443 / tcp

1834245623 | 2025-03-20T16:38:54.478706

Hashes

hash

-111718121

http.dom_hash

945321515

http.html_hash

1834245623

http.server_hash

1673621694

http.title_hash

-1207101977

404 Not Found

HTTP/1.1 404 Not Found
Server: Tengine
Date: Thu, 20 Mar 2025 16:38:54 GMT
Content-Type: text/html
Content-Length: 592
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:ec:5b:15:fa:5e:f4:1d:24:b0:85:aa
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 OV TLS CA 2024
        Validity
            Not Before: Feb 18 08:42:02 2025 GMT
            Not After : Sep  4 00:00:00 2025 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.aliyun.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:8f:7e:68:30:ee:4a:3b:97:32:7e:76:74:9f:2a:
                    94:b4:15:3f:8a:ab:16:98:6c:64:76:6e:ee:32:0a:
                    98:68:87:d3:b3:54:1b:d1:c3:11:cc:ce:ea:6b:9e:
                    13:02:ad:50:b6:52:34:b0:4d:4c:da:f8:f5:46:80:
                    12:da:07:bd:c0
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsgccr3ovtlsca2024.crt
                OCSP - URI:http://ocsp.globalsign.com/gsgccr3ovtlsca2024
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                Policy: 1.3.6.1.4.1.4146.10.1.2
                  CPS: https://www.globalsign.com/repository/
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsgccr3ovtlsca2024.crl
            X509v3 Subject Alternative Name: 
                DNS:*.aliyun.com, DNS:manager.channel.aliyun.com, DNS:*.account.ltc.aliyun.com, DNS:*.ace.aliyun.com, DNS:*.acs-internal.aliyuncs.com, DNS:*.acs.aliyun.com, DNS:*.ads.aliyun.com, DNS:*.ai.aliyun.com, DNS:*.aicrowd.aliyun.com, DNS:*.aiearth.aliyun.com, DNS:*.alibabacloud.co.in, DNS:*.alibabacloud.com, DNS:*.alibabacloud.com.au, DNS:*.alibabacloud.com.hk, DNS:*.alibabacloud.com.my, DNS:*.alibabacloud.com.sg, DNS:*.alibabacloud.com.tw, DNS:*.alibabacloudsso.com, DNS:*.alicdn.com, DNS:*.alicloud.com, DNS:*.aligroup.aliyun.com, DNS:*.alink.aliyun.com, DNS:*.alios.aliyuncs.com, DNS:*.aliplus.com, DNS:*.alitranx.aliyun.com, DNS:*.aliyun-iot-share.com, DNS:*.aliyuncorp.com, DNS:*.aliyuncs.com, DNS:*.aliyunidaas.com, DNS:*.aliyunjinbao.com, DNS:*.alyms.cn, DNS:*.ap-northeast-1.aliyuncs.com, DNS:*.ap-south-1.aliyuncs.com, DNS:*.ap-southeast-1.aliyuncs.com, DNS:*.ap-southeast-2.aliyuncs.com, DNS:*.ap-southeast-3.aliyuncs.com, DNS:*.ap-southeast-5.aliyuncs.com, DNS:*.api.alibabacloud.com, DNS:*.api.aliyun.com, DNS:*.api.aliyunidaas.com, DNS:*.apm.aliyun.com, DNS:*.app.aliyun.com, DNS:*.asmlink.cn, DNS:*.banma.aliyuncs.com, DNS:*.base.shuju.aliyun.com, DNS:*.beian.aliyun.com, DNS:*.bi.aliyun.com, DNS:*.biz.aliyun.com, DNS:*.bridge.aliyun.com, DNS:*.business.aliyun.com, DNS:*.ccc.aliyuncs.com, DNS:*.center.aliyun.com, DNS:*.cfc.aliyuncs.com, DNS:*.channel.aliyun.com, DNS:*.citybrain.aliyun.com, DNS:*.cloudapp.aliyun.com, DNS:*.cloudeagle.cn, DNS:*.cloudgame.aliyun.com, DNS:*.cn-beijing.aliyuncs.com, DNS:*.cn-chengdu.aliyuncs.com, DNS:*.cn-guizhou.aliyuncs.com, DNS:*.cn-haidian.aliyuncs.com, DNS:*.cn-hangzhou-finance.aliyuncs.com, DNS:*.cn-hangzhou.aliyuncs.com, DNS:*.cn-hongkong.aliyuncs.com, DNS:*.cn-huhehaote.aliyuncs.com, DNS:*.cn-ningxia.aliyuncs.com, DNS:*.cn-north-2-gov-1.aliyuncs.com, DNS:*.cn-qingdao-nebula.aliyuncs.com, DNS:*.cn-qingdao.aliyuncs.com, DNS:*.cn-shanghai-finance-1.aliyuncs.com, DNS:*.cn-shanghai.aliyun.com, DNS:*.cn-shanghai.aliyuncs.com, DNS:*.cn-shenzhen-cloudstone.aliyuncs.com, DNS:*.cn-shenzhen-finance-1.aliyuncs.com, DNS:*.cn-shenzhen.aliyuncs.com, DNS:*.cn-sichuan.aliyuncs.com, DNS:*.cn-zhangjiakou.aliyuncs.com, DNS:*.connect.aliyun.com, DNS:*.console.alibabacloud.com, DNS:*.console.alicloud.com, DNS:*.console.aliyun.com, DNS:*.console.aliyuncs.com, DNS:*.cs.aliyun.com, DNS:*.cschat-ccs.aliyun.com, DNS:*.daily.aliyunidaas.com, DNS:*.data.alibabacloud.com, DNS:*.data.aliyun.com, DNS:*.dataapi.aliyun.com, DNS:*.dataq.aliyun.com, DNS:*.dataq.aliyuncs.com, DNS:*.datav.aliyun.com, DNS:*.datav.aliyuncs.com, DNS:*.dbs.aliyun.com, DNS:*.dev.aliyunidaas.com, DNS:*.devlops.aliyun.com, DNS:*.devops.aliyun.com, DNS:*.ditu.aliyun.com, DNS:*.domain.aliyun.com, DNS:*.dyiot.aliyun.com, DNS:*.dyiot.aliyuncs.com, DNS:*.ebs.aliyun.com, DNS:*.edu-aliyun.com, DNS:*.edu.aliyun.com, DNS:*.emas.aliyun.com, DNS:*.emr.aliyun.com, DNS:*.enterprise.aliyun.com, DNS:*.env.aliyun.com, DNS:*.et-industry.aliyun.com, DNS:*.eu-central-1.aliyuncs.com, DNS:*.eu-west-1.aliyuncs.com, DNS:*.faasonasi.aliyuncs.com, DNS:*.fc.aliyun.com, DNS:*.fc.aliyuncs.com, DNS:*.feedback.console.aliyun.com, DNS:*.fintech.aliyuncs.com, DNS:*.gts-x.aliyun.com, DNS:*.gts.aliyun.com, DNS:*.help-ccs.aliyun.com, DNS:*.hologres.aliyuncs.com, DNS:*.ialicdn.com, DNS:*.im.aliyuncs.com, DNS:*.imp.aliyuncs.com, DNS:*.in-mumbai.aliyuncs.com, DNS:*.iot.aliyun.com, DNS:*.jp-fudao.aliyuncs.com, DNS:*.lancet.aliyuncs.com, DNS:*.license-manage.aliyun.com, DNS:*.linkedmall.aliyun.com, DNS:*.linkwan.aliyun.com, DNS:*.living.aliyun.com, DNS:*.login-dev.aliyunidaas.com, DNS:*.login.aliyunidaas.com, DNS:*.luban.aliyun.com, DNS:*.m.aliyun.com, DNS:*.market.aliyun.com, DNS:*.maxcompute.aliyun.com, DNS:*.me-east-1.aliyuncs.com, DNS:*.media.aliyun.com, DNS:*.microdingtalk.aliyun.com, DNS:*.mit.aliyun.com, DNS:*.mobile.aliyun.com, DNS:*.mp.aliyun.com, DNS:*.msea.aliyun.com, DNS:*.mts.aliyun.com, DNS:*.mvp.aliyun.com, DNS:*.nebula.aliyun.com, DNS:*.nlp.aliyun.com, DNS:*.nls.aliyuncs.com, DNS:*.odps.aliyun.com, DNS:*.onepub.aliyun.com, DNS:*.ons.aliyun.com, DNS:*.ose.aliyun.com, DNS:*.pai.data.aliyun.com, DNS:*.pcs-gw-cn-beijing.aliyun.com, DNS:*.pcs-gw-cn-shanghai.aliyun.com, DNS:*.pre-innodeep.aliyuncs.com, DNS:*.pre-operation.aliyuncs.com, DNS:*.pre-page.aliyun.com, DNS:*.pre-sg-purchase.aliyun.com, DNS:*.pre.aliyun.com, DNS:*.prepub.aliyun.com, DNS:*.product.center.aliyun.com, DNS:*.proxy.aliyun.com, DNS:*.proxy.aliyuncs.com, DNS:*.pts.aliyun.com, DNS:*.r-app-cn-beijing-data.aliyun.com, DNS:*.r-app-cn-hangzhou-data.aliyun.com, DNS:*.r-app-cn-shenzhen-data.aliyun.com, DNS:*.r-app-data.aliyun.com, DNS:*.rdc.aliyun.com, DNS:*.rds.aliyun.com, DNS:*.reid.aliyun.com, DNS:*.rtc.aliyun.com, DNS:*.rtc.aliyuncs.com, DNS:*.sc-cmdb.aliyuncs.com, DNS:*.scsp.aliyun.com, DNS:*.service.aliyun.com, DNS:*.settlement.aliyun.com, DNS:*.sg.aliyun.com, DNS:*.sg.aliyuncs.com, DNS:*.shuju.aliyun.com, DNS:*.smart.aliyun.com, DNS:*.soc.aliyun.com, DNS:*.soc.aliyuncs.com, DNS:*.sparenode.com, DNS:*.supet.com, DNS:*.tburl.in, DNS:*.teambition.com, DNS:*.teambition.net, DNS:*.teambitionapis.com, DNS:*.tianchi.aliyun.com, DNS:*.toolkit.aliyun.com, DNS:*.tools.aliyun.com, DNS:*.tv.aliyun.com, DNS:*.tw-gaoxiong.aliyuncs.com, DNS:*.us-east-1.aliyuncs.com, DNS:*.us-west-1.aliyuncs.com, DNS:*.webide.aliyun.com, DNS:*.xspace.alibabacloud.com, DNS:*.yunqi.aliyun.com, DNS:*.yuntu.aliyun.com, DNS:account.www.net.cn, DNS:alibabacloud.co.in, DNS:alibabacloud.com, DNS:alibabacloud.com.au, DNS:alibabacloud.com.hk, DNS:alibabacloud.com.my, DNS:alibabacloud.com.sg, DNS:alibabacloud.com.tw, DNS:alicdn.com, DNS:alicloud.com, DNS:aliyun-iot-share.com, DNS:aliyuncs.com, DNS:asmlink.cn, DNS:dc.www.net.cn, DNS:dmp.www.net.cn, DNS:dns.www.net.cn, DNS:panda.www.net.cn, DNS:pandavip.www.net.cn, DNS:scdnphi6.com, DNS:sparenode.com, DNS:supet.com, DNS:tburl.in, DNS:teambition.com, DNS:teambition.net, DNS:teambitionapis.com, DNS:whois.www.net.cn, DNS:aliyun.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                DA:D3:A8:08:48:0C:34:37:58:EE:E5:A7:75:2E:59:FC:D6:DC:3C:38
            X509v3 Subject Key Identifier: 
                E0:43:01:3E:DF:17:FD:BD:64:EE:8A:59:34:7F:5A:CF:A0:A3:B0:AB
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : AF:18:1A:28:D6:8C:A3:E0:A9:8A:4C:9C:67:AB:09:F8:
                                BB:BC:22:BA:AE:BC:B1:38:A3:A1:9D:D3:F9:B6:03:0D
                    Timestamp : Feb 18 08:42:06.314 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:58:A3:C0:89:B0:B5:A2:EE:B8:3B:98:E9:
                                AC:75:BF:8F:98:1E:E0:47:36:71:0C:28:8E:2D:DE:4D:
                                75:B8:15:F1:02:20:6E:BD:52:F6:47:E8:DB:8D:60:1B:
                                84:6B:0A:A4:7E:C7:6F:E2:3E:00:93:1B:34:4B:7B:72:
                                2E:F2:FF:11:73:D7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 1A:04:FF:49:D0:54:1D:40:AF:F6:A0:C3:BF:F1:D8:C4:
                                67:2F:4E:EC:EE:23:40:68:98:6B:17:40:2E:DC:89:7D
                    Timestamp : Feb 18 08:42:06.719 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:F2:D6:D2:EE:62:0B:1E:C9:7C:0C:B6:
                                5E:64:AD:DD:E7:25:45:3D:F5:DD:80:D3:A8:6D:45:7F:
                                A6:66:13:5C:E6:02:20:64:91:64:22:C0:BD:4F:44:06:
                                15:27:0C:3B:67:FF:C6:C8:2B:7B:C5:B7:AB:6B:FA:E3:
                                25:74:EE:97:89:A5:D3
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:
                                F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A
                    Timestamp : Feb 18 08:42:06.762 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:28:20:CA:D4:6B:FC:9F:38:7B:BC:15:A2:
                                98:B4:D9:1C:22:78:22:58:BF:C6:44:E8:C7:C1:A9:EF:
                                E0:6A:F6:8D:02:21:00:EE:D0:B0:93:B0:B7:1E:CE:A5:
                                DD:4A:EA:D4:62:82:C2:65:4C:A5:A1:A0:9E:8B:07:77:
                                A2:D5:E4:77:0E:66:08
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a5:24:69:de:5b:14:09:48:2c:ea:b8:23:1a:65:7d:fc:39:7a:
        70:fe:02:0a:eb:dc:2d:b3:7e:70:1f:92:00:59:fc:5f:ba:3b:
        55:55:0e:b6:49:b2:91:48:fb:79:1a:a9:56:bd:21:1b:c9:c5:
        aa:f0:20:bd:1a:18:98:3d:62:bf:1c:62:21:15:94:d0:02:ee:
        be:f6:c4:fb:dc:82:cb:67:4d:60:c3:85:9e:ea:4d:a3:46:ed:
        37:42:74:7b:a7:53:4a:91:3c:13:d6:e6:47:6a:28:dd:e1:e5:
        33:55:92:cf:54:4c:ab:b9:2b:1b:88:98:90:ce:36:99:26:f3:
        58:d7:5b:d1:b5:a3:31:6b:0f:6c:1a:40:76:5d:fe:27:53:3f:
        00:36:f9:52:d9:0f:9e:c1:a7:8d:47:6d:94:30:2a:b0:30:72:
        75:c4:89:f6:37:6b:83:b8:cb:e8:ac:6b:5c:d4:02:87:9a:72:
        ce:8e:cc:7b:b7:e8:84:93:b0:7f:1a:4a:4d:97:f9:00:0a:0b:
        0a:3a:8e:7b:68:81:8e:68:7e:34:2f:f5:aa:97:35:dd:a1:d9:
        03:57:0e:a4:28:6d:4c:89:27:09:95:5a:38:ae:cf:6f:7c:33:
        08:b2:e0:17:19:13:24:e4:f1:82:a9:aa:2c:f4:a7:11:da:c4:
        c0:70:1d:6a

462 / tcp

-1399940268 | 2025-02-25T09:53:39.327357

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

465 / tcp

897328069 | 2025-03-12T21:32:06.726426

220 mail.scott000.com ESMTP

503 / tcp

-1399940268 | 2025-03-23T13:36:51.887767

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

513 / tcp

-1013082686 | 2025-03-09T07:47:29.425842

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

515 / tcp

1492413928 | 2025-03-12T21:21:57.862213

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

548 / tcp

-773160241 | 2025-03-05T09:48:41.569955

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: Yes\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: Yes\nCopy File: Yes\nServer Name: murphys-airport-time-capsule\nMachine Type: \\x10TimeCapsule8,119\nAFP Versions: AFP3.3, AFP3.2, AFP3.1\nUAMs: DHCAST128\\x04,DHX2\\x03,SRP\\x06,Recon1C\nServer Signature: 4338365332344c58463948350069672d

554 / tcp

1060450357 | 2025-03-19T21:31:25.690754

RTSP/1.0 200 OK
CSeq: 1
Keep-Alive: timeout=10, max=1000
Public: DESCRIBE, SETUP, TEARDOWN, PLAY, PAUSE, SET_PARAMETER, GET_PARAMETER
Connection: Keep-Alive

593 / tcp

-1407711311 | 2025-03-17T04:05:22.783114

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /login.html?gotourl=default.aspx
X-Powered-By: JunFei
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
X-Download-Options: SAMEORIGIN
Access-Control-Allow-Headers: Content-Type
X-Frame-Options: SAMEORIGIN

636 / tcp

-779815868 | 2025-03-24T10:15:51.887850

HTTP/1.1 400 Bad Request
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 3-22247063-0 0NNN RT(1705912086824 114) q(-1 -1 -1 -1) r(0 -1) b1

666 / tcp

-1420968138 | 2025-03-13T01:01:51.627378

HTTP/1.0 200 OK
Server: SonicWALL
Expires: -1
Cache-Control: no-cache
Content-type: text/html; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains

789 / tcp

1767345577 | 2025-03-24T06:00:54.952618

Hello, this is Quagga (version 0T).
Copyright 1996-200

885 / tcp

1632932802 | 2025-02-26T17:06:55.752738

888 / tcp

-262532376 | 2025-03-04T13:57:25.554441

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: keep-alive

994 / tcp

1543809371 | 2025-03-11T00:42:50.215987

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

995 / tcp

1685649979 | 2025-03-19T16:35:14.379540

+OK Dovecot ready.\r\n

1012 / tcp

819727972 | 2025-03-10T13:14:52.273039

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

1023 / tcp

171352214 | 2025-03-20T20:31:04.030243

-ERR client ip is not in whitelist

1025 / tcp

-2089734047 | 2025-03-23T04:14:31.972448

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1063 / tcp

1278527606 | 2025-03-23T11:50:03.957488

SSH-2.0-Teleport

1099 / tcp

-1399940268 | 2025-03-21T23:54:00.269915

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1153 / tcp

-1795027372 | 2025-03-13T14:31:48.501110

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

1177 / tcp

-1316398834 | 2025-03-09T09:19:56.405505

ÿ

1188 / tcp

-136006866 | 2025-03-12T17:46:02.002757

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

1200 / tcp

2087396567 | 2025-03-06T11:39:57.975419

kjnkjabhbanc283ubcsbhdc72

1234 / tcp

-1888448627 | 2025-02-27T22:46:26.231798

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1292 / tcp

-441419608 | 2025-03-20T01:27:29.520381

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

1337 / tcp

-971970408 | 2025-03-23T01:17:35.921929

1414 / tcp

-274082663 | 2025-03-13T05:04:14.852641

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

1443 / tcp

-1715152554 | 2025-03-20T15:54:29.094345

Hashes

hash

-1326355924

http.dom_hash

1239617585

http.html_hash

-1715152554

http.server_hash

1727046647

http.title_hash

-1828380909

302 Found

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Thu, 20 Mar 2025 15:54:28 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://8.141.244.5:443/

1460 / tcp

-1888448627 | 2025-02-26T15:20:09.791817

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1515 / tcp

819727972 | 2025-03-13T10:14:39.247548

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

1521 / tcp

1975288991 | 2025-03-22T10:57:43.483178

OPTI

1599 / tcp

2087396567 | 2025-03-18T17:44:37.584763

kjnkjabhbanc283ubcsbhdc72

1604 / tcp

1911457608 | 2025-03-19T11:01:56.182916

\x00[\x00\x00\x00\x00\x00\x00

1801 / tcp

1535389866 | 2025-03-24T11:12:51.311626

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2157_PS-LHW-01jjk135_25164-48622

1820 / tcp

-1399940268 | 2025-03-16T10:46:28.138820

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1883 / tcp

2087396567 | 2025-03-12T12:05:40.883580

kjnkjabhbanc283ubcsbhdc72

1911 / tcp

-1399940268 | 2025-03-18T12:20:17.184850

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1926 / tcp

539065883 | 2025-03-18T16:34:33.807860

1951 / tcp

709622286 | 2025-03-15T01:51:24.748302

OK Welcome <299685> on DirectUpdate server 7286\r\n

1952 / tcp

-1399940268 | 2025-03-24T18:09:36.277171

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1953 / tcp

-1538260461 | 2025-03-13T23:27:18.373214

\x01\x00\x00\x00

1954 / tcp

1830187220 | 2025-02-25T15:05:15.991747

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

1957 / tcp

366084633 | 2025-02-24T12:49:27.573731

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

1962 / tcp

-1399940268 | 2025-03-19T19:59:28.911904

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1964 / tcp

2098371729 | 2025-03-23T12:03:32.906921

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

1972 / tcp

-2107996212 | 2025-03-19T05:11:30.601247

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

1974 / tcp

1665357098 | 2025-03-09T18:03:49.877911

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 27-10404878-0 0NNN RT(1700678073189 189) q(0 -1 -1 -1) r(0 -1)

1980 / tcp

408230060 | 2025-03-21T23:02:27.185069

\r\nSorry, that nickname format is invalid.\r\n

1981 / tcp

-1230049476 | 2025-03-10T21:07:59.660960

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

2002 / tcp

-1839934832 | 2025-03-13T03:30:47.790068

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

2003 / tcp

1504401647 | 2025-03-09T16:52:17.048516

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

2006 / tcp

-1297953727 | 2025-03-17T05:45:28.389285

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

2008 / tcp

-1399940268 | 2025-03-23T00:59:23.735949

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2020 / tcp

-1622153914 | 2025-03-15T22:42:52.533848

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1fcc_PS-CAN-01KHa41_1237-13342

2050 / tcp

-358801646 | 2025-03-16T20:17:07.174794

SSH-2.0-OpenSSH_6.6.1

2067 / tcp

819727972 | 2025-03-17T11:55:24.891105

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2068 / tcp

-42767839 | 2025-03-04T22:06:18.597696

RFB 005.000

VNC:
  Protocol Version: 5.0

2081 / tcp

-1399940268 | 2025-03-23T18:19:59.545165

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2082 / tcp

0 | 2025-03-20T21:49:09.628397

Hashes

hash

-119996482

http.dom_hash

http.html_hash

HTTP/1.1 408 Request Timeout
Content-Length: 0

2083 / tcp

-358801646 | 2025-03-18T14:09:07.439024

SSH-2.0-OpenSSH_6.6.1

2087 / tcp

1842524259 | 2025-03-19T13:26:26.685576

2121 / tcp

141730637 | 2025-03-04T18:32:44.979213

HTTP/1.0 200 OK
Server: Proxy

2122 / tcp

-1626979812 | 2025-03-15T09:28:34.889163

220 Service ready for new user.

2150 / tcp

1911457608 | 2025-02-23T20:13:19.075504

\x00[\x00\x00\x00\x00\x00\x00

2154 / tcp

-1999117212 | 2025-03-20T04:53:12.643043

2181 / tcp

546151771 | 2025-02-23T05:23:53.948051

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

2222 / tcp

2051656595 | 2025-03-15T19:28:51.591306

SSH-2.0-OpenSSH_7.4\r\n\n

2323 / tcp

1662205251 | 2025-03-19T17:16:37.133777

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

2332 / tcp

211952361 | 2025-03-16T07:40:55.473692

BÿnToo many connections

2345 / tcp

819727972 | 2025-03-15T01:40:18.018663

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

2376 / tcp

320677201 | 2025-03-24T00:07:27.595067

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

2404 / tcp

-136006866 | 2025-03-19T17:10:16.112600

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

2455 / tcp

740837454 | 2025-03-20T17:20:28.850881

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

2570 / tcp

1632932802 | 2025-02-28T21:58:36.002433

2572 / tcp

320677201 | 2025-02-24T17:46:13.817836

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

2806 / tcp

-1013082686 | 2025-03-16T08:37:54.653696

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

3001 / tcp

1975288991 | 2025-02-25T21:07:40.223125

OPTI

3063 / tcp

-1013082686 | 2025-03-12T20:59:24.975513

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

3087 / tcp

709622286 | 2025-03-08T21:55:42.789345

OK Welcome <299685> on DirectUpdate server 7286\r\n

3089 / tcp

-1399940268 | 2025-03-17T12:13:19.213048

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3102 / tcp

-303199180 | 2025-03-14T21:39:44.555058

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

3121 / tcp

-747911285 | 2025-03-15T14:07:00.205482

\xc2\xaa

3130 / tcp

-1327660293 | 2025-03-06T16:50:28.633784

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

3138 / tcp

-1399940268 | 2025-03-10T09:51:33.273247

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3142 / tcp

-1399940268 | 2025-03-09T08:50:24.290516

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3143 / tcp

-1399940268 | 2025-02-26T16:25:07.530476

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3152 / tcp

-1399940268 | 2025-03-06T06:16:28.085214

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3154 / tcp

1975288991 | 2025-03-15T16:51:59.345542

OPTI

3166 / tcp

-1399940268 | 2025-03-19T11:02:11.105935

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3167 / tcp

819727972 | 2025-03-15T09:10:05.029461

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3179 / tcp

-1399940268 | 2025-03-18T08:59:12.629876

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3183 / tcp

-1888448627 | 2025-03-20T07:22:45.920168

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

3192 / tcp

-1810987450 | 2025-03-17T23:55:10.238860

\xc3\xbf

3195 / tcp

-1013082686 | 2025-03-20T02:34:10.138488

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

3199 / tcp

2143387245 | 2025-02-24T04:57:22.221232

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

3260 / tcp

-862070606 | 2025-03-03T22:42:32.946218

Login Response Success(0x0000)\nKey/Value Pairs\nAuthMethod=None\nTargetAlias=LIO Target\nTargetPortalGroupTag=1\n\n

3268 / tcp

-1688921933 | 2025-03-15T07:14:05.760410

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 12-14878276-0 0NNN RT(1705363841143 0) q(0 -1 -1 -1) r(0 -1)

3269 / tcp

-1105333987 | 2025-03-14T18:44:06.034207

\x00[KpU\x7f\x00\x00

3270 / tcp

-2096652808 | 2025-03-22T14:36:33.353929

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

3301 / tcp

-1105333987 | 2025-02-26T17:28:01.141227

\x00[KpU\x7f\x00\x00

3310 / tcp

1911457608 | 2025-03-15T18:24:22.912790

\x00[\x00\x00\x00\x00\x00\x00

3389 / tcp

-989469824 | 2025-03-22T10:27:46.837244

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x02\\x0f\\x08\\x00\\x08\\x00\\x00\\x00\n\nFlag: PROTOCOL_HYBRID_EX\nTarget_Name: 10_0_4_6\nProduct_Version: 6.3.9600 Ntlm 15\nOS: Windows 8.1/Windows Server 2012 R2\nNetBIOS_Domain_Name: 10_0_4_6\nNetBIOS_Computer_Name: 10_0_4_6\nDNS_Domain_Name: 10_0_4_6\nDNS_Computer_Name: 10_0_4_6\nSystem_Time: 2024-01-22 08:42:17 +0000 UTC\n\n

3403 / tcp

1911457608 | 2025-03-10T12:11:17.805304

\x00[\x00\x00\x00\x00\x00\x00

3406 / tcp

-1105333987 | 2025-03-22T18:04:02.468199

\x00[KpU\x7f\x00\x00

3409 / tcp

-616720387 | 2025-03-23T11:25:21.975392

SSH-2.0-SSHD_0.7.6

3524 / tcp

-1399940268 | 2025-03-16T21:40:38.203427

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

3551 / tcp

198844676 | 2025-03-15T12:38:28.381379

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

3554 / tcp

819727972 | 2025-03-13T09:13:59.825180

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

3557 / tcp

455076604 | 2025-03-12T03:42:33.325614

!\x07version\x04bind7 t{RPowerDNS Recursor 410

3780 / tcp

1690634669 | 2025-03-14T18:29:03.562768

3790 / tcp

-1189269828 | 2025-03-16T04:27:05.944495

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

3952 / tcp

1767345577 | 2025-03-05T11:01:22.500403

Hello, this is Quagga (version 0T).
Copyright 1996-200

4064 / tcp

1574088840 | 2025-03-23T18:12:52.264109

">Application and Content Networking Software 3.9</a>)\n</BODY><

4080 / tcp

-1399940268 | 2025-03-15T22:31:41.581599

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4104 / tcp

1911457608 | 2025-02-24T08:42:19.139193

\x00[\x00\x00\x00\x00\x00\x00

4150 / tcp

1615193817 | 2025-02-24T18:13:08.490226

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

4157 / tcp

-616720387 | 2025-03-14T02:03:39.170433

SSH-2.0-SSHD_0.7.6

4160 / tcp

-1598265216 | 2025-03-18T19:19:12.328219

@RSYNCD: 31.0

4282 / tcp

819727972 | 2025-03-22T15:55:08.074769

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

4433 / tcp

-971970408 | 2025-03-23T22:35:00.051522

4434 / tcp

2087396567 | 2025-03-16T12:43:42.810351

kjnkjabhbanc283ubcsbhdc72

4443 / tcp

141533638 | 2025-03-21T09:04:39.549296

HTTP/1.1 302 Found
Location: /index.html

4444 / tcp

-345718689 | 2025-03-19T04:40:34.032787

Vty password is not set.

4500 / tcp

-2107996212 | 2025-03-10T11:54:58.926259

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

4506 / tcp

459162008 | 2025-03-17T01:42:25.560169

Notify

4510 / tcp

1208318993 | 2025-02-23T15:32:09.357409

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

4530 / tcp

15018106 | 2025-03-12T02:35:19.023313

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

4545 / tcp

-1399940268 | 2025-03-22T14:47:27.896404

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

4747 / tcp

2103111368 | 2025-03-06T18:16:55.662408

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

4786 / tcp

-1996280214 | 2025-03-12T17:42:25.665418

\x06\x04\x05@

4840 / tcp

-1986594217 | 2025-03-07T17:00:06.041549

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

4911 / tcp

165188539 | 2025-03-06T17:10:08.029780

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

4949 / tcp

-754988795 | 2025-03-15T07:03:59.135055

[výC

5006 / tcp

1353260875 | 2025-03-20T13:08:32.262342

\x00[g\xc2\x95N\x7f\x00\x00

5007 / tcp

321971019 | 2025-03-22T08:18:09.643801

-ERR client ip is not in whitelist\r

5009 / tcp

1017429513 | 2025-03-18T11:29:55.867291

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET

5010 / tcp

1282941221 | 2025-03-23T07:47:59.627989

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

5011 / tcp

-2096652808 | 2025-03-23T17:42:29.687888

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

5022 / tcp

-1888448627 | 2025-03-19T03:04:34.650999

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

5051 / tcp

671605376 | 2025-02-25T02:07:35.819349

SSH-2.0-OpenSSH_X.X

5089 / tcp

632542934 | 2025-02-22T20:59:41.184585

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

5090 / tcp

1911457608 | 2025-03-12T13:35:42.325109

\x00[\x00\x00\x00\x00\x00\x00

5119 / tcp

-1538260461 | 2025-03-14T21:56:49.366663

\x01\x00\x00\x00

5172 / tcp

-971970408 | 2025-03-06T05:02:02.486997

5201 / tcp

669849225 | 2025-03-06T21:00:43.716313

SSH-98.60-SysaxSSH_81885..42\r\n

5233 / tcp

1911457608 | 2025-02-28T10:27:31.229652

\x00[\x00\x00\x00\x00\x00\x00

5236 / tcp

-2089734047 | 2025-03-11T03:04:02.911106

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

5239 / tcp

-2089734047 | 2025-03-22T13:56:57.656164

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

5240 / tcp

-2089734047 | 2025-03-19T14:35:40.975869

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

5252 / tcp

-1399940268 | 2025-03-13T00:49:36.767118

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5269 / tcp

1462885993 | 2025-03-19T23:10:36.998212

HTTP/1.1 400 Bad Request
Server: openresty
Content-Type: text/html
Connection: close

5280 / tcp

1661529882 | 2025-03-04T07:35:33.506556

HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: /index.php/welcome/login
X-POS: WEL:1
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mod=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: Sundray

5400 / tcp

-1399940268 | 2025-03-06T08:40:11.271793

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

5523 / tcp

-2140303521 | 2025-02-25T06:44:18.843191

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

5558 / tcp

-1327660293 | 2025-02-27T01:13:39.791110

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

5605 / tcp

671605376 | 2025-03-04T23:10:19.742894

SSH-2.0-OpenSSH_X.X

5607 / tcp

-303199180 | 2025-03-05T02:47:30.351915

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

5660 / tcp

-1986594217 | 2025-03-21T02:29:06.630285

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

5671 / tcp

-1045760528 | 2025-03-24T16:09:47.375755

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

5678 / tcp

687434487 | 2025-03-16T06:07:45.527514

 \\x00\\x00\\x00{\n  "RPCMethod":"preinstall",\n }

5680 / tcp

-1032713145 | 2025-03-12T01:40:11.481935

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

5822 / tcp

-1547976805 | 2025-02-24T12:49:08.480253

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: close

5858 / tcp

-1441741890 | 2025-03-20T18:14:52.731328

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2
0181212])

5904 / tcp

632542934 | 2025-03-05T19:11:51.170223

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

5919 / tcp

-358801646 | 2025-03-21T04:08:48.671571

SSH-2.0-OpenSSH_6.6.1

5938 / tcp

707919486 | 2025-03-17T12:45:35.396408

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

5984 / tcp

1999272906 | 2025-03-24T01:32:25.884338

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

5992 / tcp

1911457608 | 2025-03-22T14:02:59.761545

\x00[\x00\x00\x00\x00\x00\x00

5997 / tcp

-1399940268 | 2025-03-03T23:46:31.324987

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6001 / tcp

-1399940268 | 2025-03-09T07:32:38.971061

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

6006 / tcp

307999478 | 2025-02-28T11:01:23.962797

unknown command \r\nunknown command \r\n

6021 / tcp

-1641514916 | 2025-03-05T15:14:50.023659

* OK Merak 1dFUa2 IMAP4rev1

6379 / tcp

321971019 | 2025-03-23T10:49:52.170435

-ERR client ip is not in whitelist\r

6443 / tcp

-1114821551 | 2025-02-25T17:23:45.787973

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

6464 / tcp

-1839934832 | 2025-03-14T10:45:20.647238

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

6590 / tcp

1911457608 | 2025-02-24T14:55:53.351799

\x00[\x00\x00\x00\x00\x00\x00

6603 / tcp

1632932802 | 2025-03-20T10:45:47.010414

6633 / tcp

165188539 | 2025-03-18T06:13:26.566303

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

6653 / tcp

-1626979812 | 2025-02-28T18:37:27.209373

220 Service ready for new user.

6666 / tcp

4935895 | 2025-03-17T21:44:49.638065

HTTP/1.1 400 Bad Request
Server: CloudWAF

6667 / tcp

1321679546 | 2025-03-05T06:38:08.184674

ÿÿÿ
0 ...

6668 / tcp

-1279886438 | 2025-03-20T17:08:56.353201

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

6697 / tcp

819727972 | 2025-03-23T17:56:20.787071

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

6775 / tcp

-2089734047 | 2025-03-04T07:46:19.330409

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

6998 / tcp

165188539 | 2025-03-16T06:25:12.323004

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

7001 / tcp

1749359477 | 2025-03-13T10:24:28.796877

HTTP/1.1 403 Forbidden
Content-Type: text/html
Connection: keep-alive
NO_SERVICE: 1

7010 / tcp

-1399940268 | 2025-03-06T02:04:51.484912

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

7050 / tcp

-1105333987 | 2025-02-28T23:04:59.528946

\x00[KpU\x7f\x00\x00

7071 / tcp

1984588611 | 2025-02-25T10:24:41.390911

7083 / tcp

-1099385124 | 2025-03-19T02:09:37.133543

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

7085 / tcp

-1105333987 | 2025-02-24T06:36:51.459262

\x00[KpU\x7f\x00\x00

7087 / tcp

1332894250 | 2025-03-16T10:14:17.112461

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

7102 / tcp

-1598265216 | 2025-02-23T22:58:10.037081

@RSYNCD: 31.0

7105 / tcp

-1453516345 | 2025-02-26T05:16:26.075538

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

7171 / tcp

-1737707071 | 2025-02-26T06:59:53.993676

\x00b\x00\x01\x00\x00\x00\x00x\x0b\x00\x00\x00\x00z\x00437

7173 / tcp

819727972 | 2025-02-24T20:52:20.821697

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

7218 / tcp

-1839934832 | 2025-03-19T10:59:16.840028

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

7325 / tcp

-2031152423 | 2025-03-19T22:55:54.753899

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

7331 / tcp

1308377066 | 2025-03-19T11:09:26.262297

ncacn_http/1.0

7433 / tcp

-1839934832 | 2025-03-07T14:14:02.458245

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

7434 / tcp

1426971893 | 2025-03-08T21:27:15.786148

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

7548 / tcp

2087396567 | 2025-02-27T05:48:50.898715

kjnkjabhbanc283ubcsbhdc72

8000 / tcp

-1204391172 | 2025-03-16T07:49:01.072224

JDWP-Handshake

8001 / tcp

2103111368 | 2025-03-16T18:13:34.372207

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8009 / tcp

-801484042 | 2025-03-20T05:23:18.329326

ERR 27

8014 / tcp

1212285915 | 2025-03-04T07:30:32.506252

\x00K\x00\x00\x02\x00\x00\x00%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

8016 / tcp

-801484042 | 2025-03-21T20:29:08.158426

ERR 27

8021 / tcp

-1816125480 | 2025-03-06T15:44:14.960180

Content-Type: text/rude-rejection\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

8031 / tcp

-1074334298 | 2025-03-10T07:48:36.048431

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 657cf545_PStjdx2ct15_6075-44579

8040 / tcp

1223115691 | 2025-03-06T16:45:18.037015

connect

8049 / tcp

-784071826 | 2025-03-04T22:39:32.403792

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 5 1

8055 / tcp

1975288991 | 2025-03-10T17:17:40.241910

OPTI

8056 / tcp

632542934 | 2025-03-04T12:31:38.961568

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8076 / tcp

-1598265216 | 2025-03-21T09:51:43.777905

@RSYNCD: 31.0

8077 / tcp

-1399940268 | 2025-03-06T18:20:07.647121

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8083 / tcp

-1261090339 | 2025-02-27T11:15:41.987329

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

8087 / tcp

921225407 | 2025-03-15T22:03:57.458489

\x00\x00\x00\x04\x00\x00\x00\x00\x00

8089 / tcp

2087396567 | 2025-03-19T21:03:26.494633

kjnkjabhbanc283ubcsbhdc72

8092 / tcp

1396488228 | 2025-03-05T08:37:56.603601

HTTP/1.1 200 OK
Content-Length: 2037
Cache-Control: private, max-age=300
Content-Type: text/html

8099 / tcp

-1249500036 | 2025-03-18T02:32:42.657144

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes

8110 / tcp

-1888448627 | 2025-03-11T15:07:24.825123

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

8115 / tcp

-1045760528 | 2025-03-04T10:56:07.656424

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

8116 / tcp

1975288991 | 2025-02-26T23:45:13.112411

OPTI

8118 / tcp

-1399940268 | 2025-02-28T19:04:08.479336

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8124 / tcp

-2031152423 | 2025-03-09T11:00:31.719038

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

8126 / tcp

819727972 | 2025-03-24T10:50:07.444866

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8140 / tcp

2087396567 | 2025-03-13T09:30:45.190754

kjnkjabhbanc283ubcsbhdc72

8146 / tcp

-2089734047 | 2025-03-19T05:18:55.463066

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8147 / tcp

-1399940268 | 2025-03-19T12:19:51.321684

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8149 / tcp

1989907056 | 2025-03-16T07:11:39.396110

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

8152 / tcp

-2089734047 | 2025-03-11T08:30:56.956418

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8158 / tcp

819727972 | 2025-03-13T06:59:29.988335

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8168 / tcp

820958131 | 2025-03-17T00:14:08.475971

kjnkjabhbanc283ubcsbhdc72\x02

8181 / tcp

1690634669 | 2025-03-13T05:46:19.402308

8183 / tcp

-1399940268 | 2025-02-28T06:57:55.676547

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8185 / tcp

-2089734047 | 2025-03-05T20:19:20.064467

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8194 / tcp

897328069 | 2025-03-17T05:36:04.069124

220 mail.scott000.com ESMTP

8200 / tcp

1320285193 | 2025-02-26T20:35:32.379671

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

8222 / tcp

759851410 | 2025-03-04T02:14:35.054469

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae252f_PShnhywt2ym144_35291-3960

8285 / tcp

-1699556818 | 2025-02-23T13:36:00.909678

\x01remshd: Kerberos Authentication not enabled.\n

8333 / tcp

474736340 | 2025-03-19T14:12:30.875522

431 Unable to negotiate secure command connection.

8382 / tcp

-1399940268 | 2025-03-22T17:12:25.181317

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8384 / tcp

-1399940268 | 2025-03-12T14:25:46.997060

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8419 / tcp

819727972 | 2025-03-21T09:18:28.176255

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8443 / tcp

1036077092 | 2025-02-28T21:17:25.667043

HTTP/1.0 404 Not Found
Server: HTTPD
Connection: close
Content-Type: text/html

8444 / tcp

1642597142 | 2025-03-21T08:51:07.912090

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

8455 / tcp

-438503381 | 2025-03-13T08:01:49.796277

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

8472 / tcp

455076604 | 2025-02-27T12:05:04.860703

!\x07version\x04bind7 t{RPowerDNS Recursor 410

8481 / tcp

639175818 | 2025-02-22T18:55:45.438121

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

8500 / tcp

1662811133 | 2025-02-27T11:23:45.481097

MudNames 77 - (C) 1997-2001 Ragnar Hojland Espinosa <ragnar@ragnar-hojland.com>

8502 / tcp

-1399940268 | 2025-03-04T03:11:25.274647

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8505 / tcp

-2089734047 | 2025-02-24T15:12:16.405995

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8519 / tcp

-136006866 | 2025-03-13T17:53:29.982207

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

8545 / tcp

-375604792 | 2025-03-19T05:11:51.188038

220 Microsoft FTP Service

8557 / tcp

575925250 | 2025-02-23T04:18:29.054470

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

8579 / tcp

2098371729 | 2025-03-18T15:19:28.527340

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

8581 / tcp

-1329831334 | 2025-03-11T23:16:37.845308

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

8587 / tcp

-2089734047 | 2025-03-10T11:15:04.816300

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

8600 / tcp

-2067833852 | 2025-02-26T04:12:37.524744

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705938032.542-w-waf01shgt2

8649 / tcp

842535728 | 2025-03-03T20:17:17.720808

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

8708 / tcp

-784071826 | 2025-03-04T09:08:15.417515

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 5 1

8723 / tcp

-802143704 | 2025-02-25T23:42:35.468245

HTTP/1.0 500 Internal Server Error
D
Connection: close

Command server error

8791 / tcp

-1399940268 | 2025-03-08T14:43:11.027672

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

8801 / tcp

1911457608 | 2025-03-15T02:09:39.392455

\x00[\x00\x00\x00\x00\x00\x00

8802 / tcp

-1279886438 | 2025-03-22T08:01:13.682884

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

8804 / tcp

819727972 | 2025-03-22T14:09:53.414305

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

8805 / tcp

-1327660293 | 2025-03-19T02:31:49.712694

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

8834 / tcp

-2017887953 | 2025-02-25T22:30:13.376814

SSH-2.0-OpenSSH_7.9

Vulnerabilities

2 4 9 1

8856 / tcp

-2140303521 | 2025-03-17T02:51:06.841314

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

8860 / tcp

2103111368 | 2025-03-23T22:46:40.292891

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

8863 / tcp

165188539 | 2025-02-26T08:08:26.242492

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

8875 / tcp

-1538260461 | 2025-02-24T18:20:53.959815

\x01\x00\x00\x00

8880 / tcp

1212921144 | 2025-03-22T18:20:25.938534

0@

8889 / tcp

320677201 | 2025-03-22T16:57:14.032034

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

8899 / tcp

372433470 | 2025-03-15T16:58:04.308637

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

8908 / tcp

-784071826 | 2025-03-19T17:37:53.863583

SSH-2.0-OpenSSH_8.0

Vulnerabilities

2 4 6 1

8911 / tcp

-1611764932 | 2025-03-24T10:03:40.398295

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

9000 / tcp

-2067028711 | 2025-03-21T03:54:01.687284

\x15\x03\x01\x00\x02\x02F

9001 / tcp

-1026951088 | 2025-03-04T15:17:00.897927

erro ip

9004 / tcp

632542934 | 2025-03-20T21:11:38.334993

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

9005 / tcp

819727972 | 2025-03-13T07:08:26.460741

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9010 / tcp

632542934 | 2025-03-11T11:42:58.996012

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

9014 / tcp

165188539 | 2025-03-10T11:58:03.980195

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

9019 / tcp

740837454 | 2025-03-04T06:12:00.765978

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

9020 / tcp

-358801646 | 2025-03-11T04:50:45.637498

SSH-2.0-OpenSSH_6.6.1

9022 / tcp

-1470145161 | 2025-03-17T21:28:29.589865

SSH-2.0-ROSSSH\r\n

9035 / tcp

-1453516345 | 2025-03-11T11:23:51.891588

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

9039 / tcp

897328069 | 2025-03-23T19:00:08.128972

220 mail.scott000.com ESMTP

9042 / tcp

-154107716 | 2025-02-27T11:59:09.367819

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

9051 / tcp

-971970408 | 2025-03-24T17:43:11.137083

9063 / tcp

-1835475271 | 2025-02-26T09:13:34.865195

200 NOD32SS 99 (3318497116)\r\n

9071 / tcp

-1056270173 | 2025-03-17T18:38:52.851278

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close

9081 / tcp

820958131 | 2025-03-04T19:39:32.306368

kjnkjabhbanc283ubcsbhdc72\x02

9089 / tcp

1504401647 | 2025-03-13T09:46:26.349963

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

9091 / tcp

504717326 | 2025-03-18T15:13:50.108840

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 6 1

9103 / tcp

-339084706 | 2025-03-12T03:48:15.786986

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

9140 / tcp

819727972 | 2025-03-23T00:34:56.521804

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9146 / tcp

921225407 | 2025-03-14T09:10:18.679090

\x00\x00\x00\x04\x00\x00\x00\x00\x00

9147 / tcp

-2089734047 | 2025-03-17T13:21:54.094628

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9151 / tcp

1741579575 | 2025-03-24T07:37:06.384837

9167 / tcp

103159425 | 2025-03-20T03:29:07.778724

SSH-1.99-RGOS_SSH

9173 / tcp

632542934 | 2025-03-18T05:29:38.763010

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

9178 / tcp

103159425 | 2025-03-16T10:55:23.009829

SSH-1.99-RGOS_SSH

9181 / tcp

1911457608 | 2025-02-24T21:23:27.912894

\x00[\x00\x00\x00\x00\x00\x00

9183 / tcp

1519486042 | 2025-03-11T05:53:29.718175

<KU_goodbye>Protocol Error: XML data is not well-formed.</KU_goodbye>

9186 / tcp

-2046514463 | 2025-03-16T14:36:55.508996

AB\x01\t

9215 / tcp

819727972 | 2025-02-24T15:48:04.441192

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9218 / tcp

921225407 | 2025-03-06T21:34:26.946419

\x00\x00\x00\x04\x00\x00\x00\x00\x00

9219 / tcp

819727972 | 2025-03-04T02:17:22.792497

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

9246 / tcp

819727972 | 2025-03-16T12:33:18.337045

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9247 / tcp

921225407 | 2025-03-13T16:56:57.997792

\x00\x00\x00\x04\x00\x00\x00\x00\x00

9250 / tcp

-1888448627 | 2025-03-04T21:03:32.018294

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9252 / tcp

1911457608 | 2025-03-11T10:52:00.752970

\x00[\x00\x00\x00\x00\x00\x00

9257 / tcp

709622286 | 2025-03-22T10:05:17.570528

OK Welcome <299685> on DirectUpdate server 7286\r\n

9273 / tcp

-1399940268 | 2025-03-03T17:54:23.920397

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

9299 / tcp

-339084706 | 2025-02-25T21:35:04.814925

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

9301 / tcp

-2089734047 | 2025-02-28T09:40:19.982330

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9306 / tcp

1830187220 | 2025-03-19T14:52:34.813026

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

9308 / tcp

1426971893 | 2025-03-13T15:22:44.275651

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

9333 / tcp

1212285915 | 2025-03-18T17:25:42.872440

\x00K\x00\x00\x02\x00\x00\x00%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

9443 / tcp

630622923 | 2025-03-19T02:08:08.316870

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Wed, 19 Mar 2025 02:08:08 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://8.141.244.5:443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

9456 / tcp

-1730858130 | 2025-02-26T02:37:26.744933

RFB 003.008
VNC:
  Protocol Version: 3.8

9458 / tcp

580340387 | 2025-03-24T14:47:24.055261

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

9505 / tcp

-345718689 | 2025-02-28T18:38:57.512025

Vty password is not set.

9515 / tcp

-1327660293 | 2025-03-15T16:46:40.607405

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

9527 / tcp

-2089734047 | 2025-02-24T15:45:57.818354

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

9530 / tcp

1624217396 | 2025-03-10T11:50:02.670942

HELO:10.3.6.0.false\nAS:2048\nHL:19

9550 / tcp

819727972 | 2025-03-21T19:48:09.077658

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9600 / tcp

-1059554316 | 2025-03-24T08:32:11.620883

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

9633 / tcp

819727972 | 2025-03-18T17:58:03.772346

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

9658 / tcp

1911457608 | 2025-03-15T13:09:40.852096

\x00[\x00\x00\x00\x00\x00\x00

9761 / tcp

45131230 | 2025-03-12T14:13:26.776141

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

9810 / tcp

677934968 | 2025-03-23T19:11:22.065227

lm^)Q

9876 / tcp

-255236012 | 2025-03-16T02:55:14.776858

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN

9908 / tcp

-1888448627 | 2025-03-08T19:45:28.797993

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

9943 / tcp

491999737 | 2025-03-14T14:41:20.819427

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705935095.837-s5jhg

9950 / tcp

-146605374 | 2025-03-13T03:31:57.892938

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

9993 / tcp

2098371729 | 2025-03-21T13:10:48.021414

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

9998 / tcp

-1223770960 | 2025-02-23T11:17:49.801436

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae28e5_PS-PEK-01Whk40_31773-63705

9999 / tcp

1161309183 | 2025-03-04T13:33:41.405044

ProxyServer is ready

10002 / tcp

1077013874 | 2025-02-27T10:58:53.550405

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

10005 / tcp

-1399940268 | 2025-03-01T00:27:12.258047

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10016 / tcp

1308377066 | 2025-03-19T04:43:46.131530

ncacn_http/1.0

10025 / tcp

-2089734047 | 2025-03-09T07:47:17.134706

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

10027 / tcp

-2089734047 | 2025-03-23T09:33:41.778922

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

10035 / tcp

1011407350 | 2025-03-18T10:00:51.802821

* OK GroupWise IMAP4rev1 Server Ready\r\n

10036 / tcp

-1327660293 | 2025-02-24T17:30:14.169536

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

10037 / tcp

-1399940268 | 2025-03-23T07:00:27.980379

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

10042 / tcp

1504401647 | 2025-03-08T14:54:19.245755

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

10050 / tcp

1308377066 | 2025-03-12T13:21:43.363509

ncacn_http/1.0

10081 / tcp

-2089734047 | 2025-02-23T20:17:39.603984

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

10087 / tcp

1991883981 | 2025-03-16T20:22:07.348158

B\x00\x00\x00\xc3\xbfn\x04Too many connections

10250 / tcp

104385780 | 2025-03-19T18:13:08.169857

ceph v2

10444 / tcp

-1888448627 | 2025-03-13T13:11:46.954806

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

10477 / tcp

2103111368 | 2025-02-24T00:07:39.238881

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

10554 / tcp

-320705161 | 2025-03-15T02:22:55.554795

versionbind

10909 / tcp

-2089734047 | 2025-03-20T15:43:13.363543

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

10911 / tcp

-2140303521 | 2025-03-18T16:14:48.250790

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

11000 / tcp

1911457608 | 2025-03-23T20:29:07.436888

\x00[\x00\x00\x00\x00\x00\x00

11027 / tcp

819727972 | 2025-03-07T15:42:54.310740

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

11112 / tcp

-136006866 | 2025-03-18T08:37:14.006322

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

11182 / tcp

-653033013 | 2025-03-01T00:10:17.501748

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

11210 / tcp

-1189269828 | 2025-02-24T17:58:38.284610

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

11288 / tcp

-1487943323 | 2025-03-24T11:47:03.854602

431 Unable to negotiate secure command connection.\r\n

11300 / tcp

493955023 | 2025-03-04T18:18:24.737158

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

11596 / tcp

1911457608 | 2025-03-05T21:58:21.474661

\x00[\x00\x00\x00\x00\x00\x00

12000 / tcp

-446385447 | 2025-03-04T10:41:02.352453

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1efa_PS-CKG-01vQy48_16235-38870

12016 / tcp

-1839934832 | 2025-03-15T16:57:57.361284

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

12084 / tcp

-653033013 | 2025-03-24T15:35:15.416129

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

12088 / tcp

-1428621233 | 2025-03-09T17:02:58.777997

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

12105 / tcp

-1428621233 | 2025-02-24T09:02:02.031550

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

12114 / tcp

1767345577 | 2025-03-20T05:40:39.901672

Hello, this is Quagga (version 0T).
Copyright 1996-200

12118 / tcp

-2096652808 | 2025-03-06T03:17:34.200973

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12123 / tcp

-2140303521 | 2025-02-23T00:59:31.321072

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

12126 / tcp

-2096652808 | 2025-03-15T23:51:19.927686

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12146 / tcp

-1538260461 | 2025-03-20T08:40:43.146962

\x01\x00\x00\x00

12151 / tcp

-1399940268 | 2025-03-10T17:11:54.695174

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12154 / tcp

1911457608 | 2025-03-06T23:11:44.533957

\x00[\x00\x00\x00\x00\x00\x00

12155 / tcp

921225407 | 2025-03-19T16:52:44.138409

\x00\x00\x00\x04\x00\x00\x00\x00\x00

12162 / tcp

1363464823 | 2025-03-23T10:23:48.088015

\x00[|ox\x7f\x00\x00

12164 / tcp

669849225 | 2025-03-10T01:34:38.464285

SSH-98.60-SysaxSSH_81885..42\r\n

12171 / tcp

-1399940268 | 2025-03-17T03:06:17.311564

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12183 / tcp

921225407 | 2025-03-19T19:59:55.942150

\x00\x00\x00\x04\x00\x00\x00\x00\x00

12194 / tcp

-2089734047 | 2025-03-05T08:24:33.675217

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12197 / tcp

1011407350 | 2025-02-25T15:07:19.334780

* OK GroupWise IMAP4rev1 Server Ready\r\n

12202 / tcp

-2089734047 | 2025-03-21T18:15:47.941343

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12203 / tcp

-2031152423 | 2025-02-23T09:57:52.186312

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

12219 / tcp

1492413928 | 2025-03-16T18:57:02.274600

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 13 1

12233 / tcp

2121220663 | 2025-02-24T07:08:12.330009

SSH-58-Ingrian_SSH\r\n

12258 / tcp

-1839934832 | 2025-03-17T15:14:10.379189

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

12262 / tcp

1948301213 | 2025-03-06T20:49:25.702873

RFB 003.003
VNC:
  Protocol Version: 3.3

12272 / tcp

-2033111675 | 2025-02-24T00:13:49.521164

~djb

12285 / tcp

504717326 | 2025-03-13T03:08:04.438704

SSH-2.0-OpenSSH_8.6

Vulnerabilities

2 3 6 1

12304 / tcp

-1399940268 | 2025-02-25T17:48:41.980352

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12312 / tcp

-1399940268 | 2025-02-24T16:45:48.375752

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12334 / tcp

820958131 | 2025-03-18T19:32:14.510236

kjnkjabhbanc283ubcsbhdc72\x02

12341 / tcp

165188539 | 2025-02-27T12:06:57.898904

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

12345 / tcp

296364507 | 2025-03-22T22:30:53.946583

HTTP/1.1 500 Internal Server Error
SERVER: Trend Chip UPnP/1.0 DMS
CONNECTION: close
CONTENT-LENGTH: 60
CONTENT-TYPE: text/html

12357 / tcp

-2089734047 | 2025-03-20T06:02:08.590670

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

12363 / tcp

-1399940268 | 2025-03-15T02:47:23.864925

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12377 / tcp

-801484042 | 2025-02-28T18:14:51.229498

ERR 27

12380 / tcp

-616720387 | 2025-02-26T19:21:26.659805

SSH-2.0-SSHD_0.7.6

12395 / tcp

-1105333987 | 2025-03-05T12:35:48.199724

\x00[KpU\x7f\x00\x00

12399 / tcp

819727972 | 2025-03-12T06:29:43.037459

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12420 / tcp

819727972 | 2025-03-19T05:05:44.518469

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12422 / tcp

1830697416 | 2025-03-24T15:04:40.629266

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

12434 / tcp

321971019 | 2025-03-18T23:45:27.414722

-ERR client ip is not in whitelist\r

12455 / tcp

1308377066 | 2025-02-25T01:27:38.241382

ncacn_http/1.0

12459 / tcp

1353260875 | 2025-03-24T04:39:03.869306

\x00[g\xc2\x95N\x7f\x00\x00

12480 / tcp

2063598737 | 2025-03-05T16:41:57.783937

/0 0 L\r\n/0 0 HUH\r\n

12489 / tcp

-1399940268 | 2025-03-06T05:37:40.399206

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

12491 / tcp

-288825733 | 2025-03-05T10:40:24.811754

HTTP/1.1 200 OK
Connection: close
Content-Length: 2619
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE
Content-Type: text/html
Server: Jetty(9.4.14.v20181114)
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

12494 / tcp

-1733645023 | 2025-02-22T22:12:13.127974

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

12499 / tcp

819727972 | 2025-03-12T23:27:30.925863

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

12503 / tcp

2063598737 | 2025-03-18T16:04:04.666887

/0 0 L\r\n/0 0 HUH\r\n

12507 / tcp

-1733645023 | 2025-03-04T13:33:09.491243

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

12529 / tcp

2103111368 | 2025-03-04T22:36:29.236911

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

12550 / tcp

-1839934832 | 2025-03-05T03:33:51.388030

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

12564 / tcp

1948301213 | 2025-03-23T23:34:34.981020

RFB 003.003
VNC:
  Protocol Version: 3.3

12566 / tcp

-1746074029 | 2025-03-14T04:48:53.413179

101 imqbroker =unV\r\n

12567 / tcp

819727972 | 2025-03-19T16:05:16.246340

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

12577 / tcp

-2096652808 | 2025-03-15T00:47:50.601972

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

12585 / tcp

-1373613804 | 2025-03-13T20:21:34.826779

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

12601 / tcp

-1230049476 | 2025-03-23T14:40:37.011717

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

13001 / tcp

1911457608 | 2025-03-13T18:26:49.485792

\x00[\x00\x00\x00\x00\x00\x00

13128 / tcp

819727972 | 2025-03-14T02:18:43.302025

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

13380 / tcp

-2089734047 | 2025-03-24T09:35:09.639785

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

14330 / tcp

-1399940268 | 2025-03-19T09:12:47.291986

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

14344 / tcp

745343730 | 2025-03-16T17:19:44.822955

220 smtp.qq.com Esmtp QQ Mail Server

14403 / tcp

-345718689 | 2025-03-16T15:06:05.447107

Vty password is not set.

14443 / tcp

1134517380 | 2025-03-20T21:03:53.847657

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

14875 / tcp

1975288991 | 2025-03-23T18:32:10.710098

OPTI

14880 / tcp

-2107996212 | 2025-02-22T23:10:13.456321

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

14901 / tcp

-2096652808 | 2025-03-15T02:03:47.212727

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

15000 / tcp

-942457744 | 2025-03-11T18:04:31.656276

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2b2f_PS-KWE-013ZZ60_26763-44971

15001 / tcp

-1399940268 | 2025-03-19T03:42:52.749255

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

15443 / tcp

660175493 | 2025-03-14T07:08:08.481106

16000 / tcp

665929633 | 2025-03-17T19:19:13.613175

<MSG>;88888;99998;</MSG>\r

16013 / tcp

-1888448627 | 2025-03-04T09:04:46.630030

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

16036 / tcp

321971019 | 2025-03-04T17:04:53.825316

-ERR client ip is not in whitelist\r

16037 / tcp

-2107996212 | 2025-03-16T11:55:06.784772

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

16045 / tcp

971933601 | 2025-03-22T20:15:47.632924

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

16055 / tcp

-445721795 | 2025-03-24T05:51:55.145990

\x00[\xc3\xaed\x1a\x7f\x00\x00

16062 / tcp

1726594447 | 2025-03-19T17:20:31.633167

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

16063 / tcp

-1839934832 | 2025-03-20T08:19:16.490604

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

16066 / tcp

1011407350 | 2025-02-23T09:27:45.324031

* OK GroupWise IMAP4rev1 Server Ready\r\n

16089 / tcp

632542934 | 2025-03-10T21:18:28.482653

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

16311 / tcp

-1032713145 | 2025-03-19T09:00:10.013445

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

16400 / tcp

-1810987450 | 2025-03-19T05:09:43.599930

\xc3\xbf

16404 / tcp

-903067560 | 2025-02-27T17:55:00.255367

\x00[\x13)\xc2\x81\x7f\x00\x00

16831 / tcp

1911457608 | 2025-03-18T17:16:49.710550

\x00[\x00\x00\x00\x00\x00\x00

16993 / tcp

2087396567 | 2025-03-16T04:10:49.280980

kjnkjabhbanc283ubcsbhdc72

17000 / tcp

-1316398834 | 2025-03-05T09:50:11.158716

ÿ

17001 / tcp

-1810987450 | 2025-03-07T10:21:49.123384

\xc3\xbf

17020 / tcp

-1399940268 | 2025-03-23T15:36:53.270190

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

18008 / tcp

1134517380 | 2025-03-13T20:54:18.863376

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

18028 / tcp

819727972 | 2025-03-18T18:22:10.743039

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

18029 / tcp

1911457608 | 2025-03-23T00:18:18.900219

\x00[\x00\x00\x00\x00\x00\x00

18042 / tcp

707919486 | 2025-03-10T21:50:26.698442

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

18081 / tcp

-1729629024 | 2025-03-17T07:29:59.884485

101 imqbroker =unV

18082 / tcp

-1036370807 | 2025-03-18T15:45:27.341788

JDWP-Handshake

18083 / tcp

921225407 | 2025-03-06T19:16:22.993789

\x00\x00\x00\x04\x00\x00\x00\x00\x00

18101 / tcp

1873760314 | 2025-03-22T01:49:45.546783

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65a113e0_PSfjfzdx2ol90_17620-16261

18107 / tcp

1615193817 | 2025-03-16T20:06:04.411121

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

18182 / tcp

493955023 | 2025-03-15T18:00:01.451357

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

18239 / tcp

819727972 | 2025-03-23T18:08:58.367901

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

18245 / tcp

-1730858130 | 2025-03-21T19:43:49.856681

RFB 003.008
VNC:
  Protocol Version: 3.8

19000 / tcp

-1399940268 | 2025-03-13T00:02:39.288930

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20020 / tcp

819727972 | 2025-03-05T15:14:36.252655

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

20053 / tcp

-1399940268 | 2025-03-05T14:00:14.156017

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

20150 / tcp

819727972 | 2025-03-16T16:22:57.179839

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

20440 / tcp

-2089734047 | 2025-03-22T18:01:23.420004

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

20547 / tcp

-1230049476 | 2025-03-24T01:04:41.225874

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

20880 / tcp

1370263973 | 2025-03-15T16:24:49.604458

dubbo>

21002 / tcp

819727972 | 2025-02-27T06:16:46.072537

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

21025 / tcp

660175493 | 2025-03-19T13:41:10.397762

21082 / tcp

1767345577 | 2025-03-10T21:21:43.020454

Hello, this is Quagga (version 0T).
Copyright 1996-200

21083 / tcp

-1899074860 | 2025-03-11T22:26:12.964386

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

21241 / tcp

-1399940268 | 2025-03-14T02:46:44.637141

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

21247 / tcp

1762042191 | 2025-03-21T19:01:47.015755

\x7f\x7fICA\x00

21278 / tcp

-1428621233 | 2025-03-17T17:21:37.611828

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

21300 / tcp

1911457608 | 2025-03-15T00:04:41.967452

\x00[\x00\x00\x00\x00\x00\x00

21312 / tcp

1911457608 | 2025-03-23T15:42:35.701781

\x00[\x00\x00\x00\x00\x00\x00

21379 / tcp

1690634669 | 2025-03-24T17:43:16.272413

21381 / tcp

1426971893 | 2025-03-09T09:01:44.357311

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

21515 / tcp

740837454 | 2025-03-20T00:29:20.183874

SSH-2.0-OpenSSH_5.3

Vulnerabilities

3 9 19 5

22556 / tcp

-1327660293 | 2025-02-28T00:04:56.221510

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

23084 / tcp

819727972 | 2025-02-27T18:49:44.678754

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

24245 / tcp

-1730858130 | 2025-03-14T15:40:47.029892

RFB 003.008
VNC:
  Protocol Version: 3.8

25001 / tcp

971933601 | 2025-03-19T00:21:38.987958

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

25004 / tcp

-1839934832 | 2025-03-12T18:41:21.898190

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

25006 / tcp

945910976 | 2025-02-27T16:06:20.663009

* OK TeamXchange IMAP4rev1 server (otyUg) ready.\r\n

25105 / tcp

104385780 | 2025-03-22T21:05:30.672089

ceph v2

25565 / tcp

165188539 | 2025-03-15T19:36:06.969852

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

26656 / tcp

2087396567 | 2025-03-13T06:55:44.662676

kjnkjabhbanc283ubcsbhdc72

27015 / tcp

1911457608 | 2025-03-04T08:25:07.284759

\x00[\x00\x00\x00\x00\x00\x00

28015 / tcp

-1399940268 | 2025-03-14T15:39:53.704802

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

28080 / tcp

2087396567 | 2025-03-11T01:26:37.829963

kjnkjabhbanc283ubcsbhdc72

30000 / tcp

-1426182427 | 2025-02-23T23:59:32.179174

\\x00[\\x00\\x00\\x00\\x00\\x00\\x00

30002 / tcp

-1013082686 | 2025-03-06T10:17:32.899290

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

30003 / tcp

-1681927087 | 2025-03-04T00:03:09.347102

kjnkjabhbanc283ubcsbhdc72

30022 / tcp

1077013874 | 2025-03-14T21:54:22.800954

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

30029 / tcp

-1810987450 | 2025-03-11T02:35:31.429886

\xc3\xbf

30083 / tcp

-1730858130 | 2025-03-05T15:41:15.058564

RFB 003.008
VNC:
  Protocol Version: 3.8

30110 / tcp

-375604792 | 2025-02-24T15:55:13.745297

220 Microsoft FTP Service

30113 / tcp

1011407350 | 2025-03-09T10:32:42.534456

* OK GroupWise IMAP4rev1 Server Ready\r\n

30122 / tcp

-2033111675 | 2025-03-11T04:54:43.757242

~djb

30301 / tcp

-971970408 | 2025-03-15T19:43:24.215503

30322 / tcp

2087396567 | 2025-03-24T14:16:19.880873

kjnkjabhbanc283ubcsbhdc72

30422 / tcp

-445721795 | 2025-03-13T13:39:21.486566

\x00[\xc3\xaed\x1a\x7f\x00\x00

30622 / tcp

1741579575 | 2025-03-12T12:07:43.964945

30822 / tcp

2087396567 | 2025-03-12T20:44:25.676326

kjnkjabhbanc283ubcsbhdc72

30922 / tcp

1887224352 | 2025-03-20T22:56:10.352537

31022 / tcp

-138733098 | 2025-03-24T12:37:59.397072

roku: ready

31122 / tcp

178736976 | 2025-03-09T13:52:54.276559

SSH-58-Ingrian_SSH

31210 / tcp

1278527606 | 2025-03-13T20:45:15.012624

SSH-2.0-Teleport

31222 / tcp

819727972 | 2025-03-24T02:53:31.269162

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

31444 / tcp

-2096652808 | 2025-02-27T00:56:33.126106

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

31722 / tcp

819727972 | 2025-03-21T16:20:23.793891

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

32022 / tcp

-801484042 | 2025-03-12T05:17:21.595920

ERR 27

32122 / tcp

819727972 | 2025-03-20T05:19:52.290433

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

32222 / tcp

1741579575 | 2025-03-23T18:01:25.782384

32322 / tcp

2087396567 | 2025-03-16T15:26:37.391256

kjnkjabhbanc283ubcsbhdc72

32622 / tcp

1286504516 | 2025-03-11T20:01:32.348304

CP2E Control Console
Connected to Host: gZI

32764 / tcp

-345718689 | 2025-03-24T17:43:07.505614

Vty password is not set.

32822 / tcp

-358801646 | 2025-03-23T04:12:22.069031

SSH-2.0-OpenSSH_6.6.1

32922 / tcp

1542849631 | 2025-03-23T02:26:27.131297

* OK [CAPABILITY a2,M\] nBwXk2pPP IMAP4rev1 20qx at

33022 / tcp

-971970408 | 2025-03-23T01:15:04.075762

33060 / tcp

1208318993 | 2025-03-22T19:20:45.608311

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

33222 / tcp

-142686627 | 2025-03-20T00:19:50.841728

\x00[\xc2\xba\x7fs\x7f\x00\x00

33422 / tcp

320677201 | 2025-03-19T17:24:13.669396

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

33522 / tcp

-653033013 | 2025-03-20T14:41:27.269107

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

33622 / tcp

320677201 | 2025-03-21T05:53:02.354343

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

33722 / tcp

-971970408 | 2025-03-08T20:21:16.550610

33822 / tcp

819727972 | 2025-03-08T13:19:27.406429

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

34222 / tcp

320677201 | 2025-03-20T02:02:53.962144

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

34322 / tcp

1842524259 | 2025-03-19T19:05:51.178677

34422 / tcp

1741579575 | 2025-03-15T01:24:19.920315

34522 / tcp

2087396567 | 2025-03-19T14:57:28.642318

kjnkjabhbanc283ubcsbhdc72

34622 / tcp

-1529979118 | 2025-03-19T11:11:08.801739

inv2W

34822 / tcp

2087396567 | 2025-03-19T06:53:03.960170

kjnkjabhbanc283ubcsbhdc72

34922 / tcp

996960436 | 2025-03-18T23:54:48.717429

572 Relay not authorized

35000 / tcp

1911457608 | 2025-03-20T03:21:56.092823

\x00[\x00\x00\x00\x00\x00\x00

35002 / tcp

-358801646 | 2025-03-15T18:20:24.907313

SSH-2.0-OpenSSH_6.6.1

35122 / tcp

1353260875 | 2025-03-04T09:32:12.870741

\x00[g\xc2\x95N\x7f\x00\x00

35222 / tcp

751496153 | 2025-03-18T11:25:48.220718

* OK TeamXchange IMAP4rev1 server (otyUg) ready.

35240 / tcp

1282941221 | 2025-03-06T13:06:58.800170

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

35241 / tcp

320677201 | 2025-03-09T10:49:19.028131

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

35250 / tcp

-1399940268 | 2025-03-11T08:38:18.054024

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

35322 / tcp

-971970408 | 2025-03-04T06:01:15.084016

35522 / tcp

-1730858130 | 2025-03-21T20:58:22.655877

RFB 003.008
VNC:
  Protocol Version: 3.8

35531 / tcp

-1428621233 | 2025-03-04T05:22:25.471941

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

35722 / tcp

104385780 | 2025-02-28T07:04:41.117755

ceph v2

35822 / tcp

597764502 | 2025-03-17T18:20:38.832486

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

35922 / tcp

2087396567 | 2025-03-16T21:59:40.053543

kjnkjabhbanc283ubcsbhdc72

36122 / tcp

119860953 | 2025-03-13T10:34:07.186536

* OK ArGoSoft Mail Server IMAP Module v.YW at

36222 / tcp

-616720387 | 2025-03-17T20:03:39.571458

SSH-2.0-SSHD_0.7.6

36522 / tcp

1741579575 | 2025-03-18T16:59:39.560383

36722 / tcp

-792826324 | 2025-03-17T06:31:36.556045

220 FTP server ready - login please

37022 / tcp

-1230049476 | 2025-03-16T20:26:41.108463

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

37322 / tcp

2087396567 | 2025-03-16T11:50:55.685079

kjnkjabhbanc283ubcsbhdc72

37522 / tcp

751496153 | 2025-03-16T10:22:38.051397

* OK TeamXchange IMAP4rev1 server (otyUg) ready.

37777 / tcp

-1487943323 | 2025-02-24T16:04:12.236541

431 Unable to negotiate secure command connection.\r\n

37922 / tcp

819727972 | 2025-03-18T01:13:54.319136

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 13 1

38222 / tcp

-903067560 | 2025-03-10T21:26:45.773167

\x00[\x13)\xc2\x81\x7f\x00\x00

38333 / tcp

114471724 | 2025-03-15T21:26:45.181728

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN
Server: NSX

38722 / tcp

-1839934832 | 2025-03-13T22:43:33.136572

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

38880 / tcp

1332894250 | 2025-03-11T14:14:48.268827

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

39022 / tcp

-79865617 | 2025-03-13T20:59:23.027598

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com
mit-revprops depth log-revprops partial-replay ) ) )

39422 / tcp

1690634669 | 2025-03-11T13:46:42.838670

39522 / tcp

539065883 | 2025-03-11T10:01:40.558554

39622 / tcp

-445721795 | 2025-03-11T08:09:12.133412

\x00[\xc3\xaed\x1a\x7f\x00\x00

39722 / tcp

-1373613804 | 2025-03-05T04:59:39.916177

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

40070 / tcp

-1996280214 | 2025-02-27T17:55:56.172743

\x06\x04\x05@

40222 / tcp

50497985 | 2025-03-04T11:16:24.495317

\x00[\xc3\x88\xc3\x9dS\x7f\x00\x00

40322 / tcp

539065883 | 2025-03-08T21:53:57.745702

40894 / tcp

-1045760528 | 2025-03-21T16:44:22.182178

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

41794 / tcp

2087396567 | 2025-03-23T21:42:23.494614

kjnkjabhbanc283ubcsbhdc72

41822 / tcp

819727972 | 2025-03-07T18:21:34.660043

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

41922 / tcp

-1681927087 | 2025-03-07T16:39:02.944885

kjnkjabhbanc283ubcsbhdc72

42122 / tcp

-971970408 | 2025-03-05T03:29:00.946869

42208 / tcp

-1399940268 | 2025-03-16T08:31:10.548875

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

42422 / tcp

-1375131644 | 2025-03-04T20:46:58.746396

\x00[v\xc3\xbdC\x7f\x00\x00

42901 / tcp

2143387245 | 2025-02-26T03:46:30.387723

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

43622 / tcp

1690634669 | 2025-02-27T00:43:05.292777

44022 / tcp

-1261090339 | 2025-02-26T21:19:13.409409

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

44122 / tcp

1690634669 | 2025-02-26T23:01:41.174386

44158 / tcp

2054287019 | 2025-03-19T16:47:57.269715

\x13/multistream/1.0.0

44334 / tcp

-2107996212 | 2025-03-18T05:59:39.002312

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

44345 / tcp

-1399940268 | 2025-03-03T18:50:04.191241

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

44399 / tcp

-2089734047 | 2025-03-04T03:52:22.823068

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

44410 / tcp

-1375131644 | 2025-03-10T01:05:14.521040

\x00[v\xc3\xbdC\x7f\x00\x00

45222 / tcp

1975288991 | 2025-02-25T19:50:55.314106

OPTI

45322 / tcp

104385780 | 2025-02-25T18:14:07.132461

ceph v2

45522 / tcp

-1392039491 | 2025-02-25T16:40:39.950772

"Broadband Router"

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

45622 / tcp

2087396567 | 2025-02-25T15:05:59.402276

kjnkjabhbanc283ubcsbhdc72

45822 / tcp

-1036370807 | 2025-03-10T13:17:22.648679

JDWP-Handshake

46022 / tcp

-1114821551 | 2025-02-25T08:11:58.432039

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

46122 / tcp

-1839934832 | 2025-02-25T06:28:04.468409

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

46222 / tcp

-1392039491 | 2025-02-24T23:51:03.945091

"Broadband Router"

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

46422 / tcp

677934968 | 2025-02-24T13:37:59.118205

lm^)Q

47001 / tcp

-1730858130 | 2025-03-08T19:35:15.659253

RFB 003.008
VNC:
  Protocol Version: 3.8

47122 / tcp

-971970408 | 2025-02-23T23:17:17.767452

47522 / tcp

2087396567 | 2025-02-23T16:23:42.677529

kjnkjabhbanc283ubcsbhdc72

47808 / tcp

2087396567 | 2025-03-24T04:37:31.332389

kjnkjabhbanc283ubcsbhdc72

47990 / tcp

2087396567 | 2025-03-10T16:52:37.091855

kjnkjabhbanc283ubcsbhdc72

48422 / tcp

819727972 | 2025-03-10T01:01:52.264595

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

48522 / tcp

671605376 | 2025-03-09T23:17:56.325810

SSH-2.0-OpenSSH_X.X

48722 / tcp

1308377066 | 2025-02-24T16:36:16.490293

ncacn_http/1.0

48888 / tcp

-1032713145 | 2025-03-24T02:33:20.275800

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

48922 / tcp

-971970408 | 2025-02-24T14:53:10.007141

49692 / tcp

921225407 | 2025-03-11T20:12:38.278617

\x00\x00\x00\x04\x00\x00\x00\x00\x00

49822 / tcp

2087396567 | 2025-02-22T21:08:28.824414

kjnkjabhbanc283ubcsbhdc72

50000 / tcp

1767345577 | 2025-03-21T05:04:11.739664

Hello, this is Quagga (version 0T).
Copyright 1996-200

50004 / tcp

819727972 | 2025-03-12T20:11:09.633754

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

50014 / tcp

-1733645023 | 2025-03-23T21:50:23.976167

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

50050 / tcp

401555314 | 2025-03-16T13:44:01.473223

NB[GFXjA^R

50070 / tcp

-992671574 | 2025-03-22T01:05:27.603971

@RSYNCD: 26

50100 / tcp

1308377066 | 2025-03-23T15:43:49.734854

ncacn_http/1.0

50777 / tcp

-1399940268 | 2025-03-14T19:14:32.127713

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

51235 / tcp

669849225 | 2025-03-23T13:56:58.191038

SSH-98.60-SysaxSSH_81885..42\r\n

51443 / tcp

-79865617 | 2025-03-12T01:33:11.812668

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com
mit-revprops depth log-revprops partial-replay ) ) )

52022 / tcp

660175493 | 2025-03-07T01:18:40.242496

52200 / tcp

819727972 | 2025-03-04T19:49:46.533080

SSH-2.0-OpenSSH_7.4

Vulnerabilities

2 3 12 1

52869 / tcp

-1101712668 | 2025-03-21T14:45:22.297189

\\x1e\xc3\x80\\x010\\x02\xc2\xa8\xc3\xa3

53022 / tcp

539065883 | 2025-03-07T08:16:03.644977

53200 / tcp

-1399940268 | 2025-03-17T16:14:03.083805

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

53481 / tcp

1911457608 | 2025-02-25T09:10:57.816771

\x00[\x00\x00\x00\x00\x00\x00

54138 / tcp

921225407 | 2025-02-24T12:43:24.438715

\x00\x00\x00\x04\x00\x00\x00\x00\x00

54984 / tcp

1741579575 | 2025-03-21T07:43:09.040400

55422 / tcp

-1316491703 | 2025-03-06T18:24:02.751637

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready

55443 / tcp

1887224352 | 2025-03-17T23:29:55.807335

55481 / tcp

-1888448627 | 2025-03-17T19:04:06.054840

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

55553 / tcp

-1097188123 | 2025-03-18T18:42:01.971259

[g\xc2\x95N\x7f

55555 / tcp

-1406255272 | 2025-02-26T16:06:54.450183

SSH-2.0-dropbear_0.52\r\n

55722 / tcp

2087396567 | 2025-03-06T20:06:47.945362

kjnkjabhbanc283ubcsbhdc72

55822 / tcp

171352214 | 2025-03-06T22:30:35.243842

-ERR client ip is not in whitelist

57622 / tcp

1492413928 | 2025-03-06T11:40:33.102484

SSH-2.0-OpenSSH_7.5

Vulnerabilities

2 3 12 1

57779 / tcp

-2096652808 | 2025-03-17T23:37:18.751362

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

58122 / tcp

2033888749 | 2025-03-06T03:25:46.287998

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

58222 / tcp

1741579575 | 2025-03-06T01:39:16.145952

58522 / tcp

-971970408 | 2025-03-05T20:27:53.613065

58722 / tcp

2087396567 | 2025-03-05T18:55:48.127643

kjnkjabhbanc283ubcsbhdc72

60129 / tcp

-1013082686 | 2025-03-20T05:29:44.522038

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

61616 / tcp

-1136600457 | 2025-03-15T03:43:38.482465

HELO:10.3.6.0.false
AS:2048
HL:19

62078 / tcp

-860824904 | 2025-03-10T06:56:11.715168

\x00\x01)

63210 / tcp

-1428621233 | 2025-03-15T00:06:22.968026

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

63256 / tcp

1189133115 | 2025-03-23T04:25:46.436273

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

63260 / tcp

1767345577 | 2025-03-16T10:27:42.835580

Hello, this is Quagga (version 0T).
Copyright 1996-200

63676 / tcp

-339084706 | 2025-03-24T06:04:19.422235

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

64295 / tcp

632542934 | 2025-03-10T00:02:02.617563

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

8.141.244.5

Last Seen: 2025-03-24

Tags:

GeneralInformation

OpenPorts

11 / tcp -2031152423 | 2025-03-09T09:23:36.658755

13 / tcp 1725312227 | 2025-03-10T19:25:18.401689

17 / tcp 366084633 | 2025-03-24T16:03:03.655738

19 / tcp -746345752 | 2025-03-14T23:49:08.974941

24 / tcp -2096652808 | 2025-02-27T18:31:46.198165

25 / tcp 1353260875 | 2025-03-19T16:47:53.086124

26 / tcp 1492413928 | 2025-03-13T21:39:10.961841

37 / tcp 1463575233 | 2025-02-28T23:29:21.866220

38 / tcp -2089734047 | 2025-03-09T09:07:58.633653

43 / tcp 1842524259 | 2025-03-10T09:18:19.471799

49 / tcp -1101712668 | 2025-03-13T18:38:32.978029

70 / tcp -1385078233 | 2025-03-21T13:13:53.075274

79 / tcp 268196945 | 2025-03-18T15:45:10.844013

80 / tcp 501077178 | 2025-03-16T16:58:17.799895

Hashes

87 / tcp -903067560 | 2025-03-15T17:22:54.209319

92 / tcp -904840257 | 2025-03-22T00:00:45.661561

93 / tcp -1140468363 | 2025-03-04T04:31:59.349906

94 / tcp -1947777893 | 2025-03-19T21:11:51.869413

96 / tcp 1911457608 | 2025-03-16T21:56:33.521830

102 / tcp 722711397 | 2025-03-23T19:11:58.720954

104 / tcp 1278527606 | 2025-03-13T14:30:16.796985

106 / tcp 1107492609 | 2025-03-11T05:21:44.881672

110 / tcp -2089734047 | 2025-03-24T00:46:42.366543

113 / tcp -414819019 | 2025-03-17T04:51:21.162568

135 / tcp -1589645334 | 2025-03-24T04:59:49.624600

175 / tcp -358801646 | 2025-03-04T21:15:37.146328

179 / tcp -399606100 | 2025-02-27T20:50:13.256168

195 / tcp 291723434 | 2025-03-22T09:00:09.201501

221 / tcp 165188539 | 2025-03-24T02:26:01.057321

264 / tcp -1707068558 | 2025-03-23T01:48:23.771043

311 / tcp 676753056 | 2025-03-11T14:06:11.667533

343 / tcp 117101543 | 2025-03-23T08:38:41.276667

442 / tcp -1399940268 | 2025-03-14T02:29:24.146364

443 / tcp 1834245623 | 2025-03-20T16:38:54.478706

Hashes

462 / tcp -1399940268 | 2025-02-25T09:53:39.327357

465 / tcp 897328069 | 2025-03-12T21:32:06.726426

503 / tcp -1399940268 | 2025-03-23T13:36:51.887767

513 / tcp -1013082686 | 2025-03-09T07:47:29.425842

515 / tcp 1492413928 | 2025-03-12T21:21:57.862213

548 / tcp -773160241 | 2025-03-05T09:48:41.569955

554 / tcp 1060450357 | 2025-03-19T21:31:25.690754

593 / tcp -1407711311 | 2025-03-17T04:05:22.783114

636 / tcp -779815868 | 2025-03-24T10:15:51.887850

666 / tcp -1420968138 | 2025-03-13T01:01:51.627378

789 / tcp 1767345577 | 2025-03-24T06:00:54.952618

885 / tcp 1632932802 | 2025-02-26T17:06:55.752738

888 / tcp -262532376 | 2025-03-04T13:57:25.554441

994 / tcp 1543809371 | 2025-03-11T00:42:50.215987

995 / tcp 1685649979 | 2025-03-19T16:35:14.379540

1012 / tcp 819727972 | 2025-03-10T13:14:52.273039

1023 / tcp 171352214 | 2025-03-20T20:31:04.030243

1025 / tcp -2089734047 | 2025-03-23T04:14:31.972448

1063 / tcp 1278527606 | 2025-03-23T11:50:03.957488

1099 / tcp -1399940268 | 2025-03-21T23:54:00.269915

1153 / tcp -1795027372 | 2025-03-13T14:31:48.501110

1177 / tcp -1316398834 | 2025-03-09T09:19:56.405505

1188 / tcp -136006866 | 2025-03-12T17:46:02.002757

1200 / tcp 2087396567 | 2025-03-06T11:39:57.975419

1234 / tcp -1888448627 | 2025-02-27T22:46:26.231798

1292 / tcp -441419608 | 2025-03-20T01:27:29.520381

1337 / tcp -971970408 | 2025-03-23T01:17:35.921929

1414 / tcp -274082663 | 2025-03-13T05:04:14.852641

1443 / tcp -1715152554 | 2025-03-20T15:54:29.094345

Hashes

1460 / tcp -1888448627 | 2025-02-26T15:20:09.791817

1515 / tcp 819727972 | 2025-03-13T10:14:39.247548

1521 / tcp 1975288991 | 2025-03-22T10:57:43.483178

1599 / tcp 2087396567 | 2025-03-18T17:44:37.584763

1604 / tcp 1911457608 | 2025-03-19T11:01:56.182916

1801 / tcp 1535389866 | 2025-03-24T11:12:51.311626

1820 / tcp -1399940268 | 2025-03-16T10:46:28.138820

1883 / tcp 2087396567 | 2025-03-12T12:05:40.883580

1911 / tcp -1399940268 | 2025-03-18T12:20:17.184850

11 / tcp

-2031152423 | 2025-03-09T09:23:36.658755

13 / tcp

1725312227 | 2025-03-10T19:25:18.401689

17 / tcp

366084633 | 2025-03-24T16:03:03.655738

19 / tcp

-746345752 | 2025-03-14T23:49:08.974941

24 / tcp

-2096652808 | 2025-02-27T18:31:46.198165

25 / tcp

1353260875 | 2025-03-19T16:47:53.086124

26 / tcp

1492413928 | 2025-03-13T21:39:10.961841

37 / tcp

1463575233 | 2025-02-28T23:29:21.866220

38 / tcp

-2089734047 | 2025-03-09T09:07:58.633653

43 / tcp

1842524259 | 2025-03-10T09:18:19.471799

49 / tcp

-1101712668 | 2025-03-13T18:38:32.978029

70 / tcp

-1385078233 | 2025-03-21T13:13:53.075274

79 / tcp

268196945 | 2025-03-18T15:45:10.844013

80 / tcp

501077178 | 2025-03-16T16:58:17.799895

87 / tcp

-903067560 | 2025-03-15T17:22:54.209319

92 / tcp

-904840257 | 2025-03-22T00:00:45.661561

93 / tcp

-1140468363 | 2025-03-04T04:31:59.349906

94 / tcp

-1947777893 | 2025-03-19T21:11:51.869413

96 / tcp

1911457608 | 2025-03-16T21:56:33.521830

102 / tcp

722711397 | 2025-03-23T19:11:58.720954

104 / tcp

1278527606 | 2025-03-13T14:30:16.796985

106 / tcp

1107492609 | 2025-03-11T05:21:44.881672

110 / tcp

-2089734047 | 2025-03-24T00:46:42.366543

113 / tcp

-414819019 | 2025-03-17T04:51:21.162568

135 / tcp

-1589645334 | 2025-03-24T04:59:49.624600

175 / tcp

-358801646 | 2025-03-04T21:15:37.146328

179 / tcp

-399606100 | 2025-02-27T20:50:13.256168

195 / tcp

291723434 | 2025-03-22T09:00:09.201501

221 / tcp

165188539 | 2025-03-24T02:26:01.057321

264 / tcp

-1707068558 | 2025-03-23T01:48:23.771043

311 / tcp

676753056 | 2025-03-11T14:06:11.667533

343 / tcp

117101543 | 2025-03-23T08:38:41.276667

442 / tcp

-1399940268 | 2025-03-14T02:29:24.146364

443 / tcp

1834245623 | 2025-03-20T16:38:54.478706

462 / tcp

-1399940268 | 2025-02-25T09:53:39.327357

465 / tcp

897328069 | 2025-03-12T21:32:06.726426

503 / tcp

-1399940268 | 2025-03-23T13:36:51.887767

513 / tcp

-1013082686 | 2025-03-09T07:47:29.425842

515 / tcp

1492413928 | 2025-03-12T21:21:57.862213

548 / tcp

-773160241 | 2025-03-05T09:48:41.569955

554 / tcp

1060450357 | 2025-03-19T21:31:25.690754

593 / tcp

-1407711311 | 2025-03-17T04:05:22.783114

636 / tcp

-779815868 | 2025-03-24T10:15:51.887850

666 / tcp

-1420968138 | 2025-03-13T01:01:51.627378

789 / tcp

1767345577 | 2025-03-24T06:00:54.952618

885 / tcp

1632932802 | 2025-02-26T17:06:55.752738

888 / tcp

-262532376 | 2025-03-04T13:57:25.554441

994 / tcp

1543809371 | 2025-03-11T00:42:50.215987

995 / tcp

1685649979 | 2025-03-19T16:35:14.379540

1012 / tcp

819727972 | 2025-03-10T13:14:52.273039

1023 / tcp

171352214 | 2025-03-20T20:31:04.030243

1025 / tcp

-2089734047 | 2025-03-23T04:14:31.972448

1063 / tcp

1278527606 | 2025-03-23T11:50:03.957488

1099 / tcp

-1399940268 | 2025-03-21T23:54:00.269915

1153 / tcp

-1795027372 | 2025-03-13T14:31:48.501110

1177 / tcp

-1316398834 | 2025-03-09T09:19:56.405505

1188 / tcp

-136006866 | 2025-03-12T17:46:02.002757

1200 / tcp

2087396567 | 2025-03-06T11:39:57.975419

1234 / tcp

-1888448627 | 2025-02-27T22:46:26.231798

1292 / tcp

-441419608 | 2025-03-20T01:27:29.520381

1337 / tcp

-971970408 | 2025-03-23T01:17:35.921929

1414 / tcp

-274082663 | 2025-03-13T05:04:14.852641

1443 / tcp

-1715152554 | 2025-03-20T15:54:29.094345

1460 / tcp

-1888448627 | 2025-02-26T15:20:09.791817

1515 / tcp

819727972 | 2025-03-13T10:14:39.247548

1521 / tcp

1975288991 | 2025-03-22T10:57:43.483178

1599 / tcp

2087396567 | 2025-03-18T17:44:37.584763

1604 / tcp

1911457608 | 2025-03-19T11:01:56.182916

1801 / tcp

1535389866 | 2025-03-24T11:12:51.311626

1820 / tcp

-1399940268 | 2025-03-16T10:46:28.138820

1883 / tcp

2087396567 | 2025-03-12T12:05:40.883580

1911 / tcp

-1399940268 | 2025-03-18T12:20:17.184850

1926 / tcp

539065883 | 2025-03-18T16:34:33.807860

1951 / tcp

709622286 | 2025-03-15T01:51:24.748302

1952 / tcp

-1399940268 | 2025-03-24T18:09:36.277171

1953 / tcp

-1538260461 | 2025-03-13T23:27:18.373214

1954 / tcp

1830187220 | 2025-02-25T15:05:15.991747

1957 / tcp

366084633 | 2025-02-24T12:49:27.573731

1962 / tcp

-1399940268 | 2025-03-19T19:59:28.911904

1964 / tcp

2098371729 | 2025-03-23T12:03:32.906921