GeneralInformation

Hostnames	jvjiongshog.1688.com qichebaijian.1688.com shog6xg1q03654180.1688.com shop1460480247699.1688.com ahorvs-ai.ojibobo-ina.aon.alibaba-inc.com igrogh-sg.ojibobo-ina.aon.alibaba-inc.com ata.alibaba-inc.com camp.alibaba-inc.com guidance.alibaba-inc.com 08yt.blog.china.alibaba.com hbjaarystoj.en.alibaba.com preview.aliexpress.com stlacct.alimama.com di-serviae.an-ahengdv.doto.ojiyvn-ina.aon.aliyun-inc.com sahedvjer.ojiyvn-ina.aon.aliyun-inc.com vseraenter2.ojiyvn-ina.aon.aliyun-inc.com yundun-oem-cn-zhangjiakou.aliyun-inc.com aliyun.com dingding-devogs.aliyun.com dms-app-core.aliyun.com metrichub-cms-cn-hangzhou.aliyun.com zb-dsw-dsw59578-80.pcs-svr.aliyun.com rdc.aliyun.com sandbox.aliyun.com www2.shop.aliyun.com shop36982957.aliyun.com eai-vga.an-beijing.aliyuncs.com ean.an-beijing.aliyuncs.com nse-vga.an-hongzhov.aliyuncs.com eas.an-hvhehoote.aliyuncs.com swas-share.ap-southeast-1.aliyuncs.com onahoshi.aliyuncs.com oss-cn-shenzhen.aliyuncs.com app87100.eapps.dingtalkcloud.com interact.sh sellercenter-my-staging.lazada-seller.cn ssc.lazada.co.id union.lazada.com.my wallet.lazada.com.ph email.fc.lazada.sg api.rantu.com alimama.taobao.com ddd.taobao.com shog36220471.taobao.com shog36325416.taobao.com shog36403617.taobao.com shop36745251.taobao.com svbdoy.sinbo.taobao.com svbdoy2.sinbo.taobao.com no.n.tmall.com
Domains	1688.com alibaba-inc.com alibaba.com aliexpress.com alimama.com aliyun-inc.com aliyun.com aliyuncs.com dingtalkcloud.com interact.sh lazada-seller.cn lazada.co.id lazada.com.my lazada.com.ph lazada.sg rantu.com taobao.com tmall.com
Country	China
City	Shenzhen
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

JavaScript frameworks

Prototype

JavaScript libraries

YUI

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2024-23897	7.5Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
CVE-2023-51767	OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
CVE-2023-51385	In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
CVE-2023-51384	In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
CVE-2023-48795	The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
CVE-2023-38408	The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
CVE-2021-41617	4.4sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
CVE-2021-36368	2.6An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.
CVE-2020-15778	6.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."
CVE-2020-14145	4.3The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
CVE-2019-6111	5.8An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
CVE-2019-6110	4.0In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
CVE-2019-6109	4.0An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
CVE-2019-16905	4.4OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.
CVE-2018-20685	2.6In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2018-15919	5.0Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'
CVE-2018-15473	5.0OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
CVE-2017-15906	5.0The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
CVE-2016-3115	5.5Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.
CVE-2016-20012	4.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product
CVE-2016-1908	7.5The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
CVE-2016-10708	5.0sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
CVE-2016-10012	7.2The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.
CVE-2016-10011	2.1authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
CVE-2016-10010	6.9sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
CVE-2016-10009	7.5Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
CVE-2016-0777	4.0The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
CVE-2015-6564	6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.
CVE-2015-6563	1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.
CVE-2015-5600	8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.
CVE-2015-5352	4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.
CVE-2014-2653	5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
CVE-2014-2532	5.8sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
CVE-2014-1692	7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.
CVE-2012-0814	3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
CVE-2011-5000	3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
CVE-2011-4327	2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
CVE-2010-5107	5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
CVE-2010-4755	4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
CVE-2010-4478	7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
CVE-2008-3844	9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
CVE-2007-2768	4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 15 17 19 20 21 23 25 26 37 43 49 53 70 79 80 84 87 96 102 104 110 111 113 119 135 143 175 179 180 195 221 264 311 340 389 427 443 444 450 465 502 503 515 548 554 587 593 631 636 666 771 772 789 801 843 873 888 902 992 993 995 1023 1024 1025 1099 1111 1153 1177 1200 1234 1311 1337 1400 1433 1471 1515 1521 1599 1604 1660 1723 1800 1801 1883 1911 1925 1926 1950 1951 1962 2000 2002 2003 2008 2030 2062 2067 2081 2082 2083 2087 2121 2154 2181 2201 2222 2323 2332 2345 2352 2375 2376 2404 2455 2480 2563 2572 2601 2628 2701 2761 2762 3001 3048 3050 3056 3057 3058 3063 3079 3080 3084 3089 3093 3098 3116 3118 3119 3129 3260 3268 3269 3299 3301 3306 3307 3310 3388 3389 3404 3408 3541 3542 3551 3560 3689 3749 3780 3790 3838 3952 4000 4002 4022 4063 4064 4157 4242 4282 4321 4369 4433 4443 4500 4506 4664 4700 4734 4782 4786 4840 4899 4911 4949 5000 5001 5005 5006 5007 5009 5010 5025 5172 5201 5222 5269 5432 5435 5560 5567 5598 5599 5601 5604 5605 5672 5858 5900 5938 5984 5985 5986 6000 6001 6002 6004 6036 6080 6264 6352 6379 6443 6565 6588 6602 6633 6653 6666 6667 6668 6697 7001 7071 7171 7218 7415 7434 7443 7445 7500 7547 7548 7634 7657 7779 7788 8001 8009 8010 8021 8029 8039 8040 8043 8051 8058 8072 8080 8081 8082 8083 8085 8086 8087 8089 8090 8095 8098 8099 8104 8118 8126 8139 8140 8181 8184 8200 8239 8252 8291 8333 8334 8402 8404 8412 8419 8428 8443 8444 8447 8500 8545 8554 8575 8649 8686 8728 8789 8790 8804 8805 8806 8820 8831 8833 8834 8842 8849 8856 8865 8866 8868 8874 8880 8888 8889 8890 9000 9001 9002 9006 9007 9014 9025 9032 9042 9044 9050 9051 9088 9090 9091 9092 9093 9095 9098 9100 9102 9104 9151 9160 9191 9200 9217 9306 9418 9443 9530 9595 9600 9633 9761 9869 9943 9944 9950 9981 9994 9997 9998 9999 10000 10001 10134 10250 10443 10554 10909 10911 11000 11112 11210 11211 11300 11371 12000 12345 14147 14265 14344 16030 16993 18081 18245 18553 19000 19071 20000 20256 20547 21025 21379 23023 23424 25001 25105 25565 27015 27017 28015 28017 28107 30002 30003 31337 32400 32764 33060 35000 37215 37777 41800 44158 44818 47990 49152 49153 50000 50050 50070 50100 51235 54138 55000 55442 55443 55553 55554 60010 60030 60129 61613 61616 62078 65522

2087396567 | 2024-05-06T14:01:35.156948

11 / tcp

kjnkjabhbanc283ubcsbhdc72

1286504516 | 2024-05-04T01:52:43.722845

13 / tcp

CP2E Control Console
Connected to Host: gZI

-1316398834 | 2024-04-30T03:54:38.800307

15 / tcp

ÿ

-1296032851 | 2024-04-25T05:56:27.453564

17 / tcp

\x01=\x01À\x06ÿÿ?"<ZDECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x01\x01

829384519 | 2024-05-07T02:24:42.120656

19 / tcp

 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefg
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUV

-1399940268 | 2024-04-28T13:12:35.268234

20 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1210838212 | 2024-05-02T22:48:55.379276

21 / tcp

220 DiskStation FTP server ready.

676675086 | 2024-04-24T22:50:08.110461

23 / tcp



Password:

321971019 | 2024-04-25T08:15:18.207247

25 / tcp

-ERR client ip is not in whitelist\r

1615193817 | 2024-04-17T19:11:57.986890

26 / tcp

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

-253878554 | 2024-05-01T02:54:36.486765

37 / tcp

\\xe9X\\x03M

740837454 | 2024-05-04T17:57:28.001199

43 / tcp

SSH-2.0-OpenSSH_5.3

-801484042 | 2024-05-03T14:20:00.621168

49 / tcp

ERR 27

-1370420049 | 2024-05-04T05:46:37.539854

53 / tcp

9
\x81\x80\x00\x01\x00\x02\x00\x00\x00\x00\x08clients1\x06google\x03com\x00\x00\x01\x00\x01\xc0\x00\x05\x00\x01\x00\x00\x00\x02\x00\x07clients\x01l\xc0\x15\xc01\x00\x01\x00\x01\x00\x00\x00\x02\x00\x04\xac٣.
\x00\x06\x85\x00\x00\x01\x00\x00\x00\x01\x00

-1763883228 | 2024-05-03T06:28:30.332830

70 / tcp

HTTP/1.1 400 Bad Request
Server: vista/0.7
Content-Type: text/html
Connection: close

-746345752 | 2024-04-26T10:47:17.155685

79 / tcp

¥A\x01,\x02L\x08Connectx\x0857222

-32530634 | 2024-04-28T07:18:33.818473

80 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Sun, 28 Apr 2024 07:18:30 GMT
Content-Type: application/xml
Content-Length: 346
Connection: keep-alive
x-oss-request-id: 662DF84602D413383983515D
x-oss-server-time: 0
x-oss-ec: 0003-00001201

1072892569 | 2024-04-28T16:35:56.346985

84 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

1911457608 | 2024-04-15T23:30:38.944066

87 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1730858130 | 2024-04-22T05:57:03.700653

96 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-339084706 | 2024-05-07T10:26:35.350208

102 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

1911457608 | 2024-05-06T02:05:14.092115

104 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1911457608 | 2024-05-04T14:47:02.382934

110 / tcp

\x00[\x00\x00\x00\x00\x00\x00

2087396567 | 2024-05-07T11:37:22.146279

111 / tcp

kjnkjabhbanc283ubcsbhdc72

60948681 | 2024-04-25T08:37:39.808541

113 / tcp

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).

141730637 | 2024-04-25T07:36:41.996851

119 / tcp

HTTP/1.0 200 OK
Server: Proxy

96945398 | 2024-04-25T03:54:42.854858

135 / tcp

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: WIN-UI6V5MAREEP\n IP2: 192.168.1.3\n\nNTLMSSP:\nTarget_Name: WIN-UI6V5MAREEP\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: WIN-UI6V5MAREEP\nNetBIOS_Computer_Name: WIN-UI6V5MAREEP\nDNS_Domain_Name: WIN-UI6V5MAREEP\nDNS_Computer_Name: WIN-UI6V5MAREEP\nSystem_Time: 2024-01-22 04:04:25 +0000 UTC\n\nDCERPC Dump:\n76f226c3-ec14-4325-

639175818 | 2024-05-02T23:11:23.261266

143 / tcp

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

-1947777893 | 2024-04-25T05:58:14.703427

175 / tcp

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

-399606100 | 2024-04-25T03:33:23.023594

179 / tcp

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

51259122 | 2024-05-02T09:00:25.005219

180 / tcp

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

-1248408558 | 2024-04-29T22:42:35.058984

195 / tcp

220 MikroTik FTP server (MikroTik 6.44.3) ready

819727972 | 2024-04-26T12:10:07.742037

221 / tcp

SSH-2.0-OpenSSH_7.4

-1707068558 | 2024-05-01T02:22:56.373729

264 / tcp

-1547976805 | 2024-04-24T23:51:40.881440

311 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: close

-1458209204 | 2024-04-19T18:00:02.882181

340 / tcp

HTTP/1.1 200 OK
Server: TopWebServer
Set-Cookie: login_err_num=0; path=/
Set-Cookie: topsecsvportalstyle=style1; path=/
Set-Cookie: topsecsvportallogodir=default; path=/
Set-Cookie: topsecsvportalname=default; path=/
Content-Type: text/html

-1743283776 | 2024-04-25T17:13:52.860293

389 / tcp

0\x0c\\x02\\x01\\x01a\\x07\n\\x01\\x04\\x04

1998636604 | 2024-05-07T02:16:46.320646

427 / tcp

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://192.168.2.254\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:VMwareInfrastructure\n\nResponse of service:VMwareInfrastructure SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:VMwareInfrastructure://192.168.2.254\n\n\nResponse of service:VMwareInfrastructure AttrRqst:\nVersion: 2\nFunction: Attribute Reply (7)\nErrorCode: SUCCESS (0)\nAttrList: (pro

-34857069 | 2024-05-06T17:01:12.553759

443 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Mon, 06 May 2024 17:01:12 GMT
Content-Type: application/xml
Content-Length: 346
Connection: keep-alive
x-oss-request-id: 66390CD84E41B03032F6BB39
x-oss-server-time: 1
x-oss-ec: 0003-00001201

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:9a:a0:c2:cd:6d:5c:60:bc:f2:7a:08
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: Jan 26 02:11:18 2024 GMT
            Not After : Feb 26 02:11:17 2025 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.oss-cn-shenzhen.aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b0:c7:54:83:40:8e:09:77:61:48:ac:c9:ca:24:
                    6b:a5:f6:40:76:6a:c2:5e:38:f5:c3:d9:fa:b8:28:
                    2b:0e:8e:1d:d8:e3:c2:c3:e4:cc:bb:ce:ed:dc:88:
                    cf:31:05:22:ef:ae:26:bf:a2:15:1f:dd:cb:1f:46:
                    8f:4e:bc:41:5f:58:65:97:ad:8e:07:54:c3:f7:d8:
                    23:9e:3e:8e:a6:1b:36:86:e3:0d:f0:6f:fc:1e:a0:
                    c7:33:e3:2c:13:02:a1:12:10:d2:a8:8a:a2:ce:8e:
                    73:8c:83:e5:c5:51:c4:63:bf:57:a3:ff:37:4c:db:
                    bc:44:d9:91:cc:ee:88:9e:83:74:91:30:a2:d6:c7:
                    2b:ad:1b:68:de:63:a1:e6:13:b9:e4:2e:9c:64:18:
                    0e:b6:20:81:7b:00:14:c1:46:80:31:a4:cb:10:5d:
                    38:a2:6c:d7:77:09:8f:12:d1:6e:47:69:a1:79:c6:
                    35:c7:90:0b:84:09:ec:33:26:6c:56:98:fb:2d:38:
                    e4:a6:8a:98:1a:d5:f9:ac:d2:40:58:44:5d:a2:cb:
                    c1:34:98:c7:31:9a:78:f8:1e:98:26:4a:42:ef:78:
                    c8:27:b5:57:c3:c2:c4:f7:9a:dc:e0:66:75:56:0e:
                    02:c4:88:e5:16:e6:25:db:bf:24:26:b9:96:8c:07:
                    e2:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
            X509v3 Subject Alternative Name: 
                DNS:*.oss-cn-shenzhen.aliyuncs.com, DNS:*.oss-cn-shenzhen-finance-1.aliyuncs.com, DNS:*.oss-cn-shenzhen-internal.aliyuncs.com, DNS:*.img-cn-shenzhen-internal.aliyuncs.com, DNS:*.oss-cn-shenzhen-internal-cross.aliyuncs.com, DNS:*.oss-cn-szfinance.aliyuncs.com, DNS:*.oss-cn-shenzhen-diku-internal.aliyuncs.com, DNS:*.oss-cn-shenzhen-finance-1-internal.aliyuncs.com, DNS:*.cn-heyuan.oss.aliyuncs.com, DNS:*.oss-cn-shenzhen-cross.aliyuncs.com, DNS:*.oss-enet-cn-south.aliyuncs.com, DNS:*.oss-internal.aliyuncs.com, DNS:*.oss-cn-guangzhou.aliyuncs.com, DNS:*.oss-cn-guangzhou-cross.aliyuncs.com, DNS:*.oss-accelerate.aliyuncs.com, DNS:*.oss-cn-heyuan-internal.aliyuncs.com, DNS:*.oss-accelerate-overseas.aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.oss.aliyuncs.com, DNS:*.oss-cn-heyuan-cross.aliyuncs.com, DNS:*.img-cn-shenzhen.aliyuncs.com, DNS:*.oss-enet.aliyuncs.com, DNS:*.oss-cn-szfinance-internal.aliyuncs.com, DNS:*.vpc100-oss-cn-shenzhen.aliyuncs.com, DNS:*.cn-shenzhen.oss.aliyuncs.com, DNS:*.oss-cn-heyuan.aliyuncs.com, DNS:*.oss-cn-guangzhou-internal.aliyuncs.com, DNS:*.cn-guangzhou.oss.aliyuncs.com, DNS:*.cn-shenzhen-finance.oss.aliyuncs.com, DNS:*.cn-shenzhen-dualstack.oss.aliyuncs.com, DNS:*.cn-shenzhen-vpc.oss.aliyuncs.com, DNS:*.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-shenzhen.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-shenzhen-internal.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-heyuan.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-heyuan-internal.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-guangzhou.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-guangzhou-internal.oss-accesspoint.aliyuncs.com, DNS:*.cn-shenzhen.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-shenzhen.aliyuncs.com, DNS:*.s3.oss-cn-shenzhen-internal.aliyuncs.com, DNS:*.cn-shenzhen.mgw.aliyuncs.com, DNS:*.oss.cn-shenzhen.privatelink.aliyuncs.com, DNS:*.oss-cn-shenzhen.oss-object-process.aliyuncs.com, DNS:*.oss-cn-shenzhen-internal.oss-object-process.aliyuncs.com, DNS:oss-cn-shenzhen.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            X509v3 Subject Key Identifier: 
                6F:0A:05:0F:AD:E0:67:D5:94:20:25:0A:B9:A1:6C:32:00:B2:CD:87
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Jan 26 02:11:21.372 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:B7:ED:79:37:99:E1:86:8C:72:1F:71:
                                09:CC:48:09:04:03:EE:EB:B9:7B:D6:89:EB:43:EE:DE:
                                73:14:10:BA:DF:02:21:00:88:1A:C7:57:51:2D:2C:A3:
                                D6:2D:FF:21:19:1E:6B:2D:07:30:8C:D4:DE:72:CA:B3:
                                B0:A0:EB:DB:03:1E:8B:D8
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Jan 26 02:11:21.644 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:2F:A8:B4:0D:2B:FF:F7:61:91:DB:16:FA:
                                F6:0C:0D:FD:47:18:0B:C8:94:8A:39:1C:37:BB:E2:67:
                                1C:77:D2:04:02:21:00:ED:35:07:18:F9:AA:BC:69:88:
                                4A:BB:2B:DF:7A:04:EE:A3:4C:75:E3:27:49:A7:C9:0D:
                                3A:EC:01:71:77:E3:98
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E0:92:B3:FC:0C:1D:C8:E7:68:36:1F:DE:61:B9:96:4D:
                                0A:52:78:19:8A:72:D6:72:C4:B0:4D:A5:6D:6F:54:04
                    Timestamp : Jan 26 02:11:21.558 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:31:3F:0E:E2:CD:8A:05:16:91:C9:09:64:
                                C7:53:66:7C:0A:3E:F1:7E:BB:59:87:D1:8C:A5:5F:98:
                                CB:28:E7:FA:02:20:5F:91:81:4A:0C:DE:7D:51:FE:C3:
                                F2:50:06:D2:EE:64:8B:71:16:3D:B0:FE:83:8C:30:BE:
                                39:EF:29:A6:3A:31
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        5d:06:65:d0:19:50:88:38:e5:cb:b9:02:fe:c3:29:34:b3:01:
        de:36:9f:31:83:f1:ac:61:6d:42:62:a4:f8:fb:2b:c3:67:38:
        c0:81:5f:44:4c:94:0f:03:15:90:e9:ef:fc:7c:17:d4:41:92:
        f7:61:e7:87:79:f1:a8:5a:b0:f4:c4:00:ce:1b:50:68:4a:44:
        7b:c5:7a:ec:6e:fa:d0:31:5f:db:08:5b:6b:95:74:46:4c:46:
        57:00:ba:df:94:69:49:11:ff:05:8b:1f:80:ca:b8:e7:f8:54:
        35:d6:45:d3:f7:a8:72:5d:8b:3e:0d:25:74:ab:5a:2b:43:03:
        e1:5c:3c:78:cd:65:05:b6:86:93:f5:19:5b:1e:e1:38:5d:9b:
        ef:56:d4:8b:15:b2:6e:fe:15:41:6e:50:a8:72:f0:b1:28:20:
        ce:f9:1a:7c:b8:d3:a2:f8:51:1f:3f:dc:58:cf:6e:2e:d3:20:
        26:e6:da:2b:9a:5d:5c:07:b8:f1:d8:36:e0:23:43:bc:d9:b4:
        7d:39:04:d1:09:8d:7c:39:6b:1b:0d:33:9e:af:13:6a:19:41:
        c0:38:08:85:40:7d:ee:48:bb:5f:a0:1c:07:bd:f0:54:b0:29:
        2a:ac:9d:5a:aa:bd:9a:b5:34:20:eb:5f:e7:0e:c2:ab:cf:60:
        36:19:e9:d3

1850902677 | 2024-05-03T09:49:58.515093

444 / tcp

W!

1282941221 | 2024-04-17T20:36:25.978642

450 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

897328069 | 2024-05-06T23:51:17.306598

465 / tcp

220 mail.scott000.com ESMTP

669849225 | 2024-04-26T10:17:04.438845

502 / tcp

SSH-98.60-SysaxSSH_81885..42\r\n

819727972 | 2024-05-02T10:26:06.070169

503 / tcp

SSH-2.0-OpenSSH_7.4

2087396567 | 2024-05-03T21:37:32.000144

515 / tcp

kjnkjabhbanc283ubcsbhdc72

444328471 | 2024-05-01T09:18:35.959685

548 / tcp

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: SynologyRouter\nMachine Type: \rNetatalk3.1.1\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: DHX2\t,DHCAST128\\x00\nServer Signature: 00000000008002000180030002800280

285770450 | 2024-05-07T20:53:34.169212

554 / tcp

RTSP/1.0 401 Unauthorized
CSeq: 1

745343730 | 2024-05-03T05:04:24.739006

587 / tcp

220 smtp.qq.com Esmtp QQ Mail Server

-1407711311 | 2024-05-05T03:12:49.805118

593 / tcp

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /login.html?gotourl=default.aspx
X-Powered-By: JunFei
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
X-Download-Options: SAMEORIGIN
Access-Control-Allow-Headers: Content-Type
X-Frame-Options: SAMEORIGIN

-1316491703 | 2024-04-25T15:34:24.462465

631 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready

1650594030 | 2024-04-24T22:58:34.928604

636 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 4-30654152-0 0NNN RT(1705911965960 176) q(-1 -1 -1 -1) r(0 -1) b1

1300162323 | 2024-05-07T01:33:57.772376

666 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff

-1399940268 | 2024-05-05T02:50:03.789325

771 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-2089734047 | 2024-04-27T07:12:42.230734

772 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-1032713145 | 2024-04-25T04:32:20.358332

789 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

819727972 | 2024-04-22T05:37:44.368195

801 / tcp

SSH-2.0-OpenSSH_7.4

-2004989248 | 2024-04-23T16:51:34.628644

843 / tcp

<cross-domain-policy>\n   <allow-access-from domain="*" to-po\nrts="*" />\n</cross-domain-policy>

-1970692834 | 2024-05-03T16:45:41.992840

873 / tcp

@RSYNCD: 31.0\n@RSYNCD: EXIT\n

20021069 | 2024-04-23T15:28:18.611233

888 / tcp

HTTP/1.1 302 Found
X-FRAME-OPTIONS: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-X-WebKit-CSP: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' http: https: data:; frame-ancestors 'self';
Location: https://61.31.89.205:888/webmail

1956828827 | 2024-04-19T06:47:20.611855

902 / tcp

220 VMware Authentication Daemon Version 1.10: SSL Required, Se
rverDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t

-1242315829 | 2024-04-25T08:02:15.618755

992 / tcp

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: /app/
Permissions-Policy: autoplay=(), camera=(), microphone=(), usb=()
Referrer-Policy: same-origin
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: DENY

1948301213 | 2024-05-01T05:53:09.137042

993 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

-740312032 | 2024-04-29T23:31:11.856994

995 / tcp

+OK Dovecot (Ubuntu) ready.\r\n

-1313892715 | 2024-04-27T20:59:15.589298

1023 / tcp


0 ...

-1900404274 | 2024-04-26T06:57:23.675751

1024 / tcp

Unknown command

1948301213 | 2024-05-08T00:02:01.197458

1025 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

165188539 | 2024-04-25T05:59:11.558459

1099 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-358801646 | 2024-04-29T07:15:48.009642

1111 / tcp

SSH-2.0-OpenSSH_6.6.1

-1428621233 | 2024-04-23T08:45:42.020022

1153 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

-971970408 | 2024-05-04T01:23:10.410671

1177 / tcp

1370263973 | 2024-05-05T04:13:53.150790

1200 / tcp

dubbo>

-1399940268 | 2024-04-24T22:03:33.873812

1234 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-321444299 | 2024-04-25T08:09:05.402181

1311 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

-375604792 | 2024-05-03T13:47:16.842634

1337 / tcp

220 Microsoft FTP Service

104385780 | 2024-04-21T13:55:52.788474

1400 / tcp

ceph v2

555056254 | 2024-05-01T06:55:29.833700

1433 / tcp

MSSQL Server\nVersion: 171050560 (0xa320640)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: 3NXCU7QCCJGSTII\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: 3NXCU7QCCJGSTII\nNetBIOS_Computer_Name: 3NXCU7QCCJGSTII\nDNS_Domain_Name: 3NXCU7QCCJGSTII\nDNS_Computer_Name: 3NXCU7QCCJGSTII\nMsvAvFlags: 01000000\nSystem_Time: 2024-01-22 01:19:47 +0000 UTC\n\n

770016595 | 2024-04-13T12:52:42.218085

1471 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

2087396567 | 2024-05-07T13:10:52.599902

1515 / tcp

kjnkjabhbanc283ubcsbhdc72

-541815454 | 2024-05-07T13:25:44.241994

1521 / tcp

Version:11.2.0.1.0\n"\\x00\\x00Y(DESCRIPTION=(TMP=)(VSNNUM=186646784)(ERR=1189)(ERROR_STACK=(ERROR=(CODE=1189)(EMFI=4))))

1542849631 | 2024-05-05T15:17:38.716828

1599 / tcp

* OK [CAPABILITY a2,M\] nBwXk2pPP IMAP4rev1 20qx at

819727972 | 2024-05-04T03:51:36.724114

1604 / tcp

SSH-2.0-OpenSSH_7.4

-2046514463 | 2024-04-20T02:47:28.564467

1660 / tcp

AB\x01\t

1103582599 | 2024-04-30T07:24:10.953306

1723 / tcp

Firmware: 1\nHostname: Vigor\nVendor: DrayTek\n

2098371729 | 2024-05-01T08:02:30.745033

1800 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

-1299899661 | 2024-05-08T02:45:55.079061

1801 / tcp

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074\\x97W\\xcd[\\x98\\xc4\\x1aJ\\xa5\xd1\xbf\\xf9\\xbd\\xc7\\xce\\xfd92d3\\x10\\x01\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

-971970408 | 2024-05-03T16:11:01.226046

1883 / tcp

-1399940268 | 2024-05-07T03:58:32.336923

1911 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

459162008 | 2024-04-30T09:36:58.994178

1925 / tcp

Notify

539065883 | 2024-05-07T03:09:26.268513

1926 / tcp

-1189269828 | 2024-05-06T10:34:51.371991

1950 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

819727972 | 2024-04-21T20:57:19.106790

1951 / tcp

SSH-2.0-OpenSSH_7.4

-832380282 | 2024-04-25T04:25:03.532861

1962 / tcp

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).\n

1911457608 | 2024-04-25T05:54:33.042505

2000 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1609150592 | 2024-05-04T05:52:00.432994

2002 / tcp

ÿÿÿ
0 ...

1911457608 | 2024-04-28T00:37:24.078294

2003 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1741579575 | 2024-05-07T00:47:09.896962

2008 / tcp

372433470 | 2024-04-26T04:02:12.124808

2030 / tcp

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

1543809371 | 2024-05-04T07:31:58.621253

2062 / tcp

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

819727972 | 2024-04-25T06:48:49.015235

2067 / tcp

SSH-2.0-OpenSSH_7.4

1911457608 | 2024-04-26T11:39:38.287894

2081 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-319440554 | 2024-04-23T07:20:48.729026

2082 / tcp

957278843 | 2024-05-05T04:20:00.871566

2083 / tcp

[|ox

1690634669 | 2024-05-07T22:04:58.215657

2087 / tcp

141730637 | 2024-05-05T11:19:41.495146

2121 / tcp

HTTP/1.0 200 OK
Server: Proxy

2087396567 | 2024-05-01T17:27:20.077638

2154 / tcp

kjnkjabhbanc283ubcsbhdc72

546151771 | 2024-04-24T23:11:51.669416

2181 / tcp

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

-358801646 | 2024-04-24T21:14:47.169618

2201 / tcp

SSH-2.0-OpenSSH_6.6.1

372433470 | 2024-05-01T08:24:41.283937

2222 / tcp

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

1662205251 | 2024-04-30T15:11:50.815982

2323 / tcp

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

1261582754 | 2024-04-30T15:31:25.736733

2332 / tcp

unknown command 
unknown command

-1099385124 | 2024-05-07T07:21:54.070441

2345 / tcp

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

-1189269828 | 2024-05-01T12:17:15.331113

2352 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

770016595 | 2024-04-24T16:12:40.724498

2375 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

-1136600457 | 2024-05-02T21:50:58.849131

2376 / tcp

HELO:10.3.6.0.false
AS:2048
HL:19

-2089734047 | 2024-05-01T14:22:37.049852

2404 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-68075478 | 2024-04-25T11:21:41.748558

2455 / tcp

1778988322 | 2024-05-01T03:15:59.880633

2480 / tcp

* OK GroupWise IMAP4rev1 Server Ready

-2089734047 | 2024-04-09T01:30:56.090802

2563 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

51259122 | 2024-05-02T20:21:26.223477

2572 / tcp

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

-1383220539 | 2024-05-03T03:27:58.924075

2601 / tcp

\n\nWelcome to visit TG-NET RE1000 series router!\n\n\r\nUser Access Verification\r\n\r\n\\xff\\xfb\\x01\\xff\\xfb\\x03\\xff\\xfe"\\xff\\xfd\\x1fPassword:

-1230049476 | 2024-05-06T14:49:58.099875

2628 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

-1641514916 | 2024-04-23T16:23:23.693637

2701 / tcp

* OK Merak 1dFUa2 IMAP4rev1

599074451 | 2024-04-30T19:41:13.839867

2761 / tcp

msg

-345718689 | 2024-05-07T17:44:01.938154

2762 / tcp

Vty password is not set.

2087396567 | 2024-05-06T15:28:05.488775

3001 / tcp

kjnkjabhbanc283ubcsbhdc72

580340387 | 2024-04-27T03:09:21.795720

3048 / tcp

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

-1453516345 | 2024-05-04T17:23:42.257089

3050 / tcp

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

-1261090339 | 2024-04-10T11:44:46.143748

3056 / tcp

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

-1476017887 | 2024-04-15T09:08:07.536639

3057 / tcp

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

-358801646 | 2024-04-26T12:02:52.461201

3058 / tcp

SSH-2.0-OpenSSH_6.6.1

-345718689 | 2024-05-05T22:40:08.651759

3063 / tcp

Vty password is not set.

2103111368 | 2024-05-04T19:45:55.587811

3079 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

-1019343788 | 2024-04-28T22:07:19.943665

3080 / tcp

W!\x00\x00\x00\x00

307999478 | 2024-05-02T07:31:41.797593

3084 / tcp

unknown command \r\nunknown command \r\n

1189133115 | 2024-04-11T10:16:24.364687

3089 / tcp

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

321971019 | 2024-04-10T06:12:30.528609

3093 / tcp

-ERR client ip is not in whitelist\r

1308377066 | 2024-04-16T21:11:54.588909

3098 / tcp

ncacn_http/1.0

-445721795 | 2024-04-09T00:37:31.233986

3116 / tcp

\x00[\xc3\xaed\x1a\x7f\x00\x00

-1888448627 | 2024-04-26T01:53:16.172774

3118 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

-653033013 | 2024-04-18T11:55:36.467760

3119 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

-1947777893 | 2024-04-15T00:40:12.274228

3129 / tcp

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

1655023012 | 2024-04-25T06:00:20.008095

3260 / tcp

athinfod: invalid query.\n

1727372229 | 2024-04-25T03:38:21.715754

3268 / tcp

HTTP/1.1 302 
Location: http://116.6.76.114:3268/index.html

-1279886438 | 2024-04-24T22:47:03.908113

3269 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

722711397 | 2024-04-25T09:39:52.610861

3299 / tcp

\x00[M\xc3\xba\xc3\x9a\x7f\x00\x00

-1487943323 | 2024-04-25T02:24:37.450345

3301 / tcp

431 Unable to negotiate secure command connection.\r\n

1673132866 | 2024-05-06T18:32:35.570967

3306 / tcp

I\\x00\\x00\\x01\\xffj\\x04Host \'*.*.*.*\' is not allowed to connect to this MariaDB server

-146605374 | 2024-04-27T20:24:39.460875

3307 / tcp

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

-1746074029 | 2024-04-25T09:20:03.593379

3310 / tcp

101 imqbroker =unV\r\n

1948301213 | 2024-05-05T01:53:14.791719

3388 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

-6645672 | 2024-04-25T01:31:33.539400

3389 / tcp

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x02\\x0f\\x08\\x00\\x08\\x00\\x00\\x00\n\nFlag: PROTOCOL_HYBRID_EX\nTarget_Name: 172_16_0_11\nProduct_Version: 6.3.9600 Ntlm 15\nOS: Windows 8.1/Windows Server 2012 R2\nNetBIOS_Domain_Name: 172_16_0_11\nNetBIOS_Computer_Name: 172_16_0_11\nDNS_Domain_Name: 172_16_0_11\nDNS_Computer_Name: 172_16_0_11\nSystem_Time: 2024-01-22 08:42:27 +0000 UTC\n\n

-1227409554 | 2024-04-25T05:35:26.788749

3404 / tcp

HTTP/1.1 500 Internal Server Error
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

-616720387 | 2024-04-27T05:38:00.176876

3408 / tcp

SSH-2.0-SSHD_0.7.6

89282912 | 2024-05-03T16:48:46.092263

3541 / tcp

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto
col:SOAP, MKSDisplayProtocol:VNC , ,

770016595 | 2024-04-24T04:27:05.769616

3542 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

198844676 | 2024-05-02T13:43:47.037570

3551 / tcp

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

-805362002 | 2024-04-18T13:38:13.233360

3560 / tcp

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

459162008 | 2024-05-07T20:27:18.037800

3689 / tcp

Notify

770016595 | 2024-05-06T10:40:26.920166

3749 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

104385780 | 2024-05-01T02:22:09.514321

3780 / tcp

ceph v2

2087396567 | 2024-05-03T00:04:31.968807

3790 / tcp

kjnkjabhbanc283ubcsbhdc72

-1996280214 | 2024-05-05T00:01:50.338456

3838 / tcp

\x06\x04\x05@

117101543 | 2024-04-16T08:48:43.214681

3952 / tcp

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

1123187653 | 2024-05-06T03:39:15.088556

4000 / tcp

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN

921225407 | 2024-05-05T04:17:45.699451

4002 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

-288825733 | 2024-04-30T04:39:20.839891

4022 / tcp

HTTP/1.1 200 OK
Connection: close
Content-Length: 2619
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE
Content-Type: text/html
Server: Jetty(9.4.14.v20181114)
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

2067064333 | 2024-05-04T00:27:01.838078

4063 / tcp

athinfod: invalid query.

-1248408558 | 2024-04-25T02:22:39.330687

4064 / tcp

220 MikroTik FTP server (MikroTik 6.44.3) ready

1741579575 | 2024-04-23T05:57:29.791917

4157 / tcp

-1879056922 | 2024-05-05T01:21:23.158216

4242 / tcp

HTTP/1.1 403 Forbidden
Server: Apache/2.4.41 (Unix) OpenSSL/1.1.1d TST PHP/7.3.11
Content-Type: text/plain; charset=utf-8
Connection: close

410249975 | 2024-05-08T05:33:18.537155

4282 / tcp

LNS READY<>

-1250504565 | 2024-05-07T22:58:04.334480

4321 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

1278527606 | 2024-05-06T04:14:39.660597

4369 / tcp

SSH-2.0-Teleport

2087396567 | 2024-05-06T03:18:57.056687

4433 / tcp

kjnkjabhbanc283ubcsbhdc72

1140068775 | 2024-04-25T10:21:26.744421

4443 / tcp

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html
X-Frame-Options: DENY

Name: VMware ESXi
FullName: VMware ESXi 6.7.0 build-8169922
Vendor: VMware, Inc.
Version: 6.7.0
Build: 8169922
LocaleVersion: INTL
LocaleBuild: 000
OsType: vmnix-x86
ProductLineId: embeddedEsx
ApiType: HostAgent
ApiVersion: 6.7

-891714208 | 2024-04-29T20:53:09.766118

4500 / tcp

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

-2017887953 | 2024-04-25T09:00:27.181078

4506 / tcp

SSH-2.0-OpenSSH_7.9

550048729 | 2024-05-04T00:18:41.158400

4664 / tcp

ÿÿÿ
0 ...

-1888448627 | 2024-04-10T21:01:07.903924

4700 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

709622286 | 2024-04-11T03:21:09.266097

4734 / tcp

OK Welcome <299685> on DirectUpdate server 7286\r\n

-1142844482 | 2024-05-05T08:31:07.425156

4782 / tcp

ÿûSOYO_SIP VBNQyQSKc settings
Password:

-445721795 | 2024-05-06T09:59:09.561375

4786 / tcp

\x00[\xc3\xaed\x1a\x7f\x00\x00

-358801646 | 2024-04-25T00:56:27.810490

4840 / tcp

SSH-2.0-OpenSSH_6.6.1

2087396567 | 2024-05-01T18:10:00.138320

4899 / tcp

kjnkjabhbanc283ubcsbhdc72

-1730858130 | 2024-05-05T06:56:38.397944

4911 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

1690634669 | 2024-05-02T05:51:07.349100

4949 / tcp

770016595 | 2024-04-23T20:07:55.521667

5000 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

2087396567 | 2024-05-08T05:05:29.173785

5001 / tcp

kjnkjabhbanc283ubcsbhdc72

1767345577 | 2024-04-25T09:55:09.211721

5005 / tcp

Hello, this is Quagga (version 0T).
Copyright 1996-200

171352214 | 2024-05-03T12:06:35.879443

5006 / tcp

-ERR client ip is not in whitelist

1911457608 | 2024-05-04T04:04:04.574398

5007 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1338936697 | 2024-04-30T05:31:53.902787

5009 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2109_PStjdxtk16_38957-48596

-801484042 | 2024-04-25T02:31:12.095176

5010 / tcp

ERR 27

60948681 | 2024-05-03T19:50:24.657891

5025 / tcp

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).

-971970408 | 2024-05-03T08:49:27.468512

5172 / tcp

1212285915 | 2024-05-04T08:35:33.509120

5201 / tcp

\x00K\x00\x00\x02\x00\x00\x00%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

1960438949 | 2024-04-26T18:11:06.803584

5222 / tcp

Siemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready
ÿûÿûÿýÿþUsername:

-1165098486 | 2024-05-06T19:27:04.990957

5269 / tcp

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705938487.609-w-waf02tjgt

1210754493 | 2024-04-29T19:34:05.711665

5432 / tcp

0\x0c\x02\x01\x01a\x07\n\x01\x00\x04\x00\x04\x00

-2089734047 | 2024-05-02T11:14:20.919202

5435 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-321444299 | 2024-04-08T08:58:55.963256

5560 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

1381121983 | 2024-04-08T22:15:23.831760

5567 / tcp

Notify\r\n

410249975 | 2024-05-03T14:35:39.870695

5598 / tcp

LNS READY<>

-2089734047 | 2024-04-24T10:29:18.731669

5599 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

550048729 | 2024-04-25T01:56:22.942316

5601 / tcp

ÿÿÿ
0 ...

-1399940268 | 2024-05-02T21:19:24.270772

5604 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

165188539 | 2024-04-11T15:15:28.461347

5605 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

575925250 | 2024-04-29T14:14:25.195964

5672 / tcp

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

-971970408 | 2024-04-27T16:13:59.913092

5858 / tcp

-42767839 | 2024-05-03T19:12:37.063765

5900 / tcp

RFB 005.000

VNC:
  Protocol Version: 5.0

-1399940268 | 2024-05-05T16:06:51.846595

5938 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1999272906 | 2024-05-05T08:54:27.059311

5984 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

-154107716 | 2024-04-18T16:00:02.243921

5985 / tcp

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

1723769361 | 2024-04-25T03:19:35.913796

5986 / tcp

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

1282941221 | 2024-05-07T16:57:47.413384

6000 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

819727972 | 2024-05-05T15:38:55.026400

6001 / tcp

SSH-2.0-OpenSSH_7.4

-784071826 | 2024-04-25T06:30:35.196704

6002 / tcp

SSH-2.0-OpenSSH_8.0

165188539 | 2024-04-13T16:24:18.165151

6004 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1911457608 | 2024-05-02T16:19:28.461939

6036 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-21576419 | 2024-05-03T22:19:17.361524

6080 / tcp


ÿûUDo you want ANSI color? (Y/n)

671605376 | 2024-04-21T21:47:50.187350

6264 / tcp

SSH-2.0-OpenSSH_X.X

-274082663 | 2024-04-26T07:04:06.325179

6352 / tcp

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

1813977069 | 2024-04-24T21:08:42.204464

6379 / tcp

-ERR wrong number of arguments for 'get' command

224111070 | 2024-05-04T18:27:50.779804

6443 / tcp

HTTP/1.1 301 Moved Permanently
Date: Sat, 04 May 2024 18:27:50 GMT
Content-Type: text/html
Content-Length: 285
Connection: keep-alive
Eagleeye-Traceid: b822b6a5989df886ccc0a652bb65af
Location: https://ks-vendingtransactions-mq1.alitrip.hk
Server: Tengine/Aserver
Timing-Allow-Origin: *

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:a7:27:29:07:10:52:7c:ae:c7:4a:96
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2
        Validity
            Not Before: Sep 12 07:56:08 2023 GMT
            Not After : Feb 20 10:00:00 2024 GMT
        Subject: CN=*.aliyuncs.com, O=Alibaba (China) Technology Co., Ltd., L=Hangzhou, ST=Zhejiang, C=CN
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:af:b1:09:11:5f:ab:90:6d:62:07:27:05:6a:9e:
                    c8:80:6c:be:79:f4:b3:19:53:5d:e5:c4:7c:8a:2a:
                    2c:18:d0:5d:2d:3b:ff:f6:a3:1f:f6:b5:48:03:92:
                    d1:fc:f8:ce:42:25:6b:a4:23:31:4d:9b:76:6f:7d:
                    8b:18:e2:09:df:cb:95:8d:a9:b8:27:4f:b6:58:ad:
                    e5:be:54:77:ef:22:42:47:6d:cc:d8:a1:04:66:0d:
                    2c:3c:13:b5:5c:57:bf:e2:5a:38:99:99:4b:28:f0:
                    79:8c:ef:8e:cb:12:87:5d:4b:89:0f:70:27:d0:de:
                    f0:91:41:d5:5b:54:2c:20:93:74:fd:7e:64:64:bc:
                    03:81:a2:d6:07:62:5e:c9:51:8f:ab:48:cb:4f:28:
                    f3:40:f6:46:51:bd:83:b8:e2:81:f9:df:bb:4c:f6:
                    9d:2f:f6:22:f9:f9:4b:5c:ce:0a:55:25:d1:55:28:
                    d9:dc:51:a9:5b:c3:81:19:c5:11:3e:8c:d8:d9:c3:
                    9e:b6:74:0c:64:f1:e0:2c:be:e8:7d:0b:c0:b1:c1:
                    e2:69:4d:a7:d3:de:b6:3b:e2:aa:06:bb:d2:61:d1:
                    83:93:3d:92:96:bd:64:4d:d8:fd:75:42:d3:63:9f:
                    3f:00:ee:4e:bf:14:33:dd:cf:c3:9f:ce:34:a5:f9:
                    27:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                BD:22:FF:00:93:D9:9B:FA:87:FC:C5:14:21:44:0A:DD:BF:4A:AA:A6
            X509v3 Authority Key Identifier: 
                96:DE:61:F1:BD:1C:16:29:53:1C:C0:CC:7D:3B:83:00:40:E6:1A:7C
            Authority Information Access: 
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g2
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt
            X509v3 Subject Alternative Name: 
                DNS:*.aliyuncs.com, DNS:*.cn-hangzhou-mybk.aliyuncs.com, DNS:*.cn-nantong.aliyuncs.com, DNS:*.cn-shenzhen-finance-1.aliyuncs.com, DNS:*.cn-sichuan.aliyuncs.com, DNS:*.jp-fudao.aliyuncs.com, DNS:*.ap-south-1.aliyuncs.com, DNS:*.cn-wulanchabu.aliyuncs.com, DNS:*.cn-huhehaote.aliyuncs.com, DNS:*.cn-chengdu.aliyuncs.com, DNS:*.rus-west-1.aliyuncs.com, DNS:*.ap-southeast-1.aliyuncs.com, DNS:*.in-mumbai.aliyuncs.com, DNS:*.cn-guangzhou.aliyuncs.com, DNS:*.cn-hangzhou.aliyuncs.com, DNS:union.lazada.com.my, DNS:shog36403617.taobao.com
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        08:44:5c:57:1a:a9:f3:fa:db:51:45:8b:4d:04:56:19:fa:c2:
        a7:25:81:89:33:9f:45:05:6d:b2:cc:9c:04:78:ab:d8:d9:95:
        05:ee:90:5f:4c:eb:4f:d5:4e:c1:ab:48:9e:8d:59:6b:f5:37:
        c6:20:3d:cf:97:d5:b8:66:b9:82:17:26:db:60:34:95:1b:d8:
        32:ca:00:fd:08:46:c0:e9:d9:6a:d0:2d:bf:28:6c:27:93:6b:
        d6:ca:5d:d6:01:cc:18:6e:a6:fb:be:fd:e9:1c:7a:d8:58:ca:
        ea:db:a4:db:42:f6:14:4d:24:ad:8f:2d:4e:f5:5c:b1:8d:df:
        83:af:29:09:a7:7b:c1:bd:b6:c1:b0:31:04:3c:8c:b0:07:d4:
        a2:bf:e0:08:3b:e4:5f:f8:2d:72:d9:de:f1:b8:d2:7c:d1:b3:
        4a:e8:53:97:0f:94:f5:dc:b8:70:57:88:72:81:d8:06:a2:d0:
        7c:61:91:21:68:41:76:f0:2f:8f:d7:32:4e:36:7a:77:83:64:
        a4:fd:10:be:52:43:a8:48:0b:9b:d8:ed:93:7a:80:1e:65:53:
        47:cf:20:d2:31:61:72:78:92:7b:d4:fd:96:21:d8:59:dc:b6:
        be:18:9a:80:43:9a:79:eb:45:47:fd:bd:ce:2a:dd:0b:9e:ef:
        94:36:a5:87

-1575864528 | 2024-04-26T10:00:05.530887

6565 / tcp

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 13-60574284-0 0NNN RT(1705911538273 0) q(0 -1 -1 -1) r(0 -1)

1623746877 | 2024-04-09T01:58:07.896230

6588 / tcp

500 Permission denied - closing connection.\r\n

-1297953727 | 2024-04-17T00:36:26.149672

6602 / tcp

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

-2096652808 | 2024-04-25T02:07:37.380388

6633 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

165188539 | 2024-04-25T00:51:41.715215

6653 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-365662216 | 2024-04-25T01:15:01.661167

6666 / tcp

\x05\xff

988099889 | 2024-05-02T07:37:38.995798

6667 / tcp

[ºs

-2096652808 | 2024-05-08T00:17:51.873361

6668 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-2096652808 | 2024-05-01T17:05:08.796256

6697 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1265582946 | 2024-05-06T06:17:06.661264

7001 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2838_PS-JJN-01GM465_27752-26327

819727972 | 2024-04-26T07:35:59.463490

7071 / tcp

SSH-2.0-OpenSSH_7.4

-1399940268 | 2024-04-25T07:23:13.954016

7171 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

474736340 | 2024-04-27T09:34:07.700093

7218 / tcp

431 Unable to negotiate secure command connection.

-1399940268 | 2024-05-08T04:23:30.261616

7415 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-971970408 | 2024-05-01T15:59:34.328783

7434 / tcp

-1209805157 | 2024-05-05T18:02:40.239537

7443 / tcp

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
via: CHN-SH-COchilian1-CACHE1[1]
X-CCDN-FORBID-CODE: 040001

-358801646 | 2024-04-20T16:30:53.310948

7445 / tcp

SSH-2.0-OpenSSH_6.6.1

-1032713145 | 2024-04-09T11:01:45.973354

7500 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

-1311598826 | 2024-04-29T10:30:18.971115

7547 / tcp

AMQP:
cluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local
copyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.
information:Licensed under the MPL 2.0. Website: https://rabbitmq.com
platform:Erlang/OTP 24.1
product:RabbitMQ
version:3.9.7
Capabilities:
publisher_confirms:true
exchange_exchange_bindings:true
basic.nack:true
consumer_cancel_notify:true
connection.blocked:true
consumer_priorities:true
authentication_failure_close:true
per_consumer_qos:true
direct_reply_to:tru

2087396567 | 2024-04-30T11:47:03.778072

7548 / tcp

kjnkjabhbanc283ubcsbhdc72

1741579575 | 2024-04-26T01:15:25.420507

7634 / tcp

-2118655245 | 2024-04-11T20:57:35.909595

7657 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20

660175493 | 2024-04-25T08:24:33.569849

7779 / tcp

-441419608 | 2024-04-08T23:26:27.125983

7788 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

1072892569 | 2024-05-06T00:08:09.110887

8001 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

-1888448627 | 2024-05-04T21:36:26.976073

8009 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1824169301 | 2024-04-25T00:46:32.071144

8010 / tcp

HÿjHost '101.133.140.114' is not allowed to 
connect to this MySQL server

-1028730644 | 2024-04-13T13:35:42.581658

8021 / tcp

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive

-1032713145 | 2024-04-10T15:06:36.608181

8029 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

1189133115 | 2024-04-12T05:40:33.466215

8039 / tcp

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

1223115691 | 2024-04-25T23:24:00.392706

8040 / tcp

connect

-1399940268 | 2024-04-08T11:56:03.561321

8043 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1126993057 | 2024-04-25T15:54:51.861831

8051 / tcp

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

-903067560 | 2024-04-21T19:04:34.781827

8058 / tcp

\x00[\x13)\xc2\x81\x7f\x00\x00

1623746877 | 2024-04-24T12:13:22.112484

8072 / tcp

500 Permission denied - closing connection.\r\n

-1216556913 | 2024-04-30T19:47:19.651687

8080 / tcp

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate
Connectx-Url: https://db-cn-zjk.aliyuncs.com/heap/hostname
Content-Length: 8373
Content-Type: text/html;charset=UTF-8
Date: Tue, 30 Apr 2024 19:47:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Jetty(9.2.z-SNAPSHOT)
Set-Cookie: JSESSIONID.060f83db=d8igcl5rzvge1x37dsc0sh9p;Path=/;HttpOnly
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Hudson: 1.395
X-Hudson-Cli-Port: 40889
X-Hudson-Theme: default
X-Instance-Identity: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypqsNY6rPKf10yMeidRgxaNSmHBXsSFuwe3SSGW4CPcXencj9Tn8VfWacAlU87YV9+ZYTbLYEm8Bdw2PE3zMAPdsk9WvBKqS300wVIKjjrg3aOq2Fp0dW9pajU8C2Z3+N5G6s++k5rMkCkSNh18hVUBhxTE7fpIl4zijICtQAJ7xxAqT0z8Y2ysKgi7hK9lM5FeO77UDxlekQ3e/DAgMq6ZLzVbbdlq9MPbifl9TH1P/lGcS67tqsWApTN2m6jH0o9wI6VWGdSZCov5p+ZLqz4ChCbydb9D4i8sC2WrHYR1xRs+WYP/9OM5UHFOfmk50STfKrjry1AhIRQrXP+iBkQIDAQAB
X-Jenkins: 2.46.1
X-Jenkins-Cli-Port: 40889
X-Jenkins-Cli2-Port: 40889
X-Jenkins-Session: 1761c4dd
X-Ssh-Endpoint: 120.78.115.68:45615

1305933020 | 2024-04-24T13:27:04.105910

8081 / tcp

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Wed, 24 Apr 2024 13:27:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Link-Domain: https://upload.aliyun.com/trigger-heartbeat/evict-buffer/begin-complete
Server: Jetty(9.2.z-SNAPSHOT)
Set-Cookie: JSESSIONID.030b2b26=eqjh4ibjz81qqbjl44gy7d5u;Path=/;HttpOnly
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Hudson: 1.395
X-Hudson-Cli-Port: 44013
X-Hudson-Theme: default
X-Instance-Identity: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lsuXVCFtpa5cQ2bWyAS8h4VabfsxotrNcePwPt9KiowFrp3yVeuTqGdIx7Q5d7lLOVib634MORPkxqkHM4Bydu/+cm5XF3Ywn5y9dVJ2c7mZV8YX+H+8gSLsZc+HYynb/kqkBX8+G+2hygSomG9/SoTW3wDsZt2LwK8oVFOpeYZprfTP/vb5uQ9FSNe4XM1Ni4shzpjZOnkNztpDyeETqrJF5/dFSEnVNFdOmrZcCciM2iuMKQTNYJc6pLytZtsdrQGcEGotgqL/5r4UbxuZwZ3CThojt/MrP2CSYXyrSv4HYeTlQGZK+l9lpVL0nA90N7qzWpsgZo9/fIONYJ9ZwIDAQAB
X-Jenkins: 2.46.1
X-Jenkins-Cli-Port: 44013
X-Jenkins-Cli2-Port: 44013
X-Jenkins-Session: c05cb85a
X-Ssh-Endpoint: 120.78.115.68:43551
Transfer-Encoding: chunked

20b5




  
  <!DOCTYPE html><html><head resURL="/static/c05cb85a" data-rooturl="" data-resurl="/static/c05cb85a">
    

    <title>Dashboard [Jenkins]</title><link rel="stylesheet" href="/static/c05cb85a/css/layout-common.css" type="text/css" /><link rel="stylesheet" href="/static/c05cb85a/css/style.css" type="text/css" /><link rel="stylesheet" href="/static/c05cb85a/css/color.css" type="text/css" /><link rel="stylesheet" href="/static/c05cb85a/css/responsive-grid.css" type="text/css" /><link rel="shortcut icon" href="/static/c05cb85a/favicon.ico" type="image/vnd.microsoft.icon" /><link color="black" rel="mask-icon" href="/images/mask-icon.svg" /><script>var isRunAsTest=false; var rootURL=""; var resURL="/static/c05cb85a";</script><script src="/static/c05cb85a/scripts/prototype.js" type="text/javascript"></script><script src="/static/c05cb85a/scripts/behavior.js" type="text/javascript"></script><script src='/adjuncts/c05cb85a/org/kohsuke/stapler/bind.js' type='text/javascript'></script><script src="/static/c05cb85a/scripts/yui/yahoo/yahoo-min.js"></script><script src="/static/c05cb85a/scripts/yui/dom/dom-min.js"></script><script src="/static/c05cb85a/scripts/yui/event/event-min.js"></script><script src="/static/c05cb85a/scripts/yui/animation/animation-min.js"></script><script src="/static/c05cb85a/scripts/yui/dragdrop/dragdrop-min.js"></script><script src="/static/c05cb85a/scripts/yui/container/container-min.js"></script><script src="/static/c05cb85a/scripts/yui/connection/connection-min.js"></script><script src="/static/c05cb85a/scripts/yui/datasource/datasource-min.js"></script><script src="/static/c05cb85a/scripts/yui/autocomplete/autocomplete-min.js"></script><script src="/static/c05cb85a/scripts/yui/menu/menu-min.js"></script><script src="/static/c05cb85a/scripts/yui/element/element-min.js"></script><script src="/static/c05cb85a/scripts/yui/button/button-min.js"></script><script src="/static/c05cb85a/scripts/yui/storage/storage-min.js"></script><script src="/static/c05cb85a/scripts/hudson-behavior.js" type="text/javascript"></script><script src="/static/c05cb85a/scripts/sortable.js" type="text/javascript"></script><script>crumb.init("", "");</script><link rel="stylesheet" href="/static/c05cb85a/scripts/yui/container/assets/container.css" type="text/css" /><link rel="stylesheet" href="/static/c05cb85a/scripts/yui/assets/skins/sam/skin.css" type="text/css" /><link rel="stylesheet" href="/static/c05cb85a/scripts/yui/container/assets/skins/sam/container.css" type="text/css" /><link rel="stylesheet" href="/static/c05cb85a/scripts/yui/button/assets/skins/sam/button.css" type="text/css" /><link rel="stylesheet" href="/static/c05cb85a/scripts/yui/menu/assets/skins/sam/menu.css" type="text/css" /><link rel="search" href="/opensearch.xml" type="application/opensearchdescription+xml" title="Jenkins" /><meta name="ROBOTS" content="INDEX,NOFOLLOW" /><meta name="viewport" content="width=device-width, initial-scale=1" /><link rel="alternate" href="/rssAll" title="Jenkins:all (all builds)" type="application/rss+xml" /><link rel="alternate" href="/rssAll?flavor=rss20" title="Jenkins:all (all builds) (RSS 2.0)" type="application/rss+xml" /><link rel="alternate" href="/rssFailed" title="Jenkins:all (failed builds)" type="application/rss+xml" /><link rel="alternate" href="/rssFailed?flavor=rss20" title="Jenkins:all (failed builds) (RSS 2.0)" type="application/rss+xml" /><script src="/static/c05cb85a/scripts/yui/cookie/cookie-min.js"></script><script>
              YAHOO.util.Cookie.set("screenResolution", screen.width+"x"+screen.height);
            </script><script src="/static/c05cb85a/jsbundles/page-init.js" type="text/javascript"></script></head><body data-model-type="hudson.model.AllView" id="jenkins" class="yui-skin-sam jenkins-2.46.1 two-column" data-version="2.46.1"><a href="#skip2content" class="skiplink">Skip to content</a><div id="page-head"><div id="header"><div class="logo"><a id="jenkins-home-link" href="/"><img src="/static/c05cb85a/images/headshot.png" a

-971970408 | 2024-05-03T03:09:12.158947

8082 / tcp

-1453516345 | 2024-04-25T02:28:55.745844

8083 / tcp

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

-358801646 | 2024-05-07T20:15:54.968890

8085 / tcp

SSH-2.0-OpenSSH_6.6.1

-1559123399 | 2024-04-25T03:37:33.767908

8086 / tcp

500 Permission denied - closing connection.

-1399940268 | 2024-04-30T05:13:33.415894

8087 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-04-27T09:34:55.841318

8089 / tcp

SSH-2.0-OpenSSH_7.4

585675468 | 2024-04-20T19:50:23.808796

8090 / tcp

@
05@ þ...

-375604792 | 2024-04-18T18:41:53.088692

8095 / tcp

220 Microsoft FTP Service

-1665643483 | 2024-05-08T01:27:36.872006

8098 / tcp

HTTP/1.1 200 
Accept-Ranges: bytes
Content-Type: text/html;charset=UTF-8
Content-Length: 391
Connect-To: https://qd-gatway.aliyuncs.com/table/tree-land/nacos/

1115736665 | 2024-04-25T02:20:55.881923

8099 / tcp

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
via: CHN-GDdongguan-AREACMCC2-CACHE15[8]
X-CCDN-FORBID-CODE: 040001

-792826324 | 2024-04-12T23:18:58.427663

8104 / tcp

220 FTP server ready - login please

165188539 | 2024-04-27T00:29:05.328743

8118 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1316398834 | 2024-04-29T22:49:22.076122

8126 / tcp

ÿ

2087396567 | 2024-05-01T08:09:35.485924

8139 / tcp

kjnkjabhbanc283ubcsbhdc72

1690634669 | 2024-04-25T04:24:40.212155

8140 / tcp

-2031152423 | 2024-05-01T07:46:06.754178

8181 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

1911457608 | 2024-04-13T22:36:59.948787

8184 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-877598700 | 2024-05-08T02:01:03.720282

8200 / tcp

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\\x01\xc3\xbf\xc3\xbb\\x03\xc3\xbf\xc3\xbd\\x01\xc3\xbf\xc3\xbe\\x01Username:

-1399940268 | 2024-04-08T05:59:36.228678

8239 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-2096652808 | 2024-05-03T21:40:30.660994

8252 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1077013874 | 2024-05-07T21:23:19.105331

8291 / tcp

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

1944032451 | 2024-04-24T13:35:20.159847

8333 / tcp

K\\x02%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

1978059005 | 2024-05-07T16:32:05.423403

8334 / tcp

Sorry, that nickname format is invalid.

-271515508 | 2024-04-26T18:07:33.394942

8402 / tcp

HTTP/1.1 302 Moved Temporarily
Server: DrcomServer1.0
Location: http://192.168.254.3
Cache-Control: no-cache
Connection: close

-288825733 | 2024-04-16T07:15:43.621798

8404 / tcp

HTTP/1.1 200 OK
Connection: close
Content-Length: 2619
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE
Content-Type: text/html
Server: Jetty(9.4.14.v20181114)
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

-1399940268 | 2024-04-23T03:02:07.777744

8412 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2098371729 | 2024-04-22T10:13:34.657087

8419 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

165188539 | 2024-05-01T18:37:58.487487

8428 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1012740300 | 2024-04-24T13:19:53.217874

8443 / tcp

HTTP/1.1 403 Forbidden
Date: Wed, 24 Apr 2024 13:19:52 GMT
Content-Type: text/html
Content-Length: 238
Connection: keep-alive
Server: Tengine
Location: https://hdm.console.aliyun.com
Via: kunlun84.cn4628[,0]

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:49:b2:86:90:3c:9b:46:7a:60:5b:87
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: May  5 06:21:16 2023 GMT
            Not After : Jun  5 06:21:15 2024 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.aliyun.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d7:f5:f2:ba:7f:3a:e9:f9:dc:17:26:74:d7:49:
                    9c:db:62:60:9a:b7:cb:14:89:0f:d9:fb:ef:52:75:
                    88:8d:b4:49:01:26:9c:82:dc:fa:68:a4:7d:01:b9:
                    98:e9:e7:31:d8:04:3f:7a:d3:64:52:c2:14:15:24:
                    35:ff:7a:44:1c:c1:54:5a:8a:5f:96:7e:96:06:3f:
                    52:ab:d3:00:be:d9:6f:4d:52:04:a6:fb:23:ec:c3:
                    98:2b:f9:f6:27:6c:65:58:46:32:68:23:ad:4a:c6:
                    3f:94:ee:a8:dc:84:38:40:98:5b:6c:98:1b:a4:1f:
                    d3:a8:ab:4d:d8:d2:26:97:e8:10:25:49:66:3e:ba:
                    d4:ab:68:ac:ea:77:f4:09:75:65:c2:39:89:0f:00:
                    10:b7:4f:d5:a6:df:d4:f1:e7:3d:76:38:06:4a:41:
                    21:ee:0a:aa:6c:77:d6:14:15:c3:24:f6:b8:0e:d8:
                    65:c4:72:01:68:dc:2c:2b:2f:67:ae:ae:91:18:12:
                    f7:14:49:bd:6b:23:ce:bf:ea:5a:97:eb:6d:1f:2e:
                    96:4a:87:fb:33:b8:a6:47:73:1a:0c:fb:85:9f:80:
                    e9:38:03:a1:0a:28:22:20:1e:40:bc:e8:c9:45:fb:
                    7a:93:3c:b3:75:81:08:60:4d:3c:7b:0c:12:a2:01:
                    05:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FB:43:61:72:DB:90:9F:67:07:2E:AE:74:FB:66:90:A2:E9:C4:FC:15
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            Authority Information Access: 
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
            X509v3 Subject Alternative Name: 
                DNS:*.aliyun.com, DNS:aliyun.com, DNS:email.fc.lazada.sg, DNS:app87100.eapps.dingtalkcloud.com, DNS:eai-vga.an-beijing.aliyuncs.com, DNS:svbdoy2.sinbo.taobao.com, DNS:ddd.taobao.com, DNS:sahedvjer.ojiyvn-ina.aon.aliyun-inc.com, DNS:qichebaijian.1688.com, DNS:ssc.lazada.co.id, DNS:interact.sh, DNS:stlacct.alimama.com, DNS:svbdoy.sinbo.taobao.com, DNS:shog6xg1q03654180.1688.com, DNS:sandbox.aliyun.com, DNS:eas.an-hvhehoote.aliyuncs.com, DNS:sellercenter-my-staging.lazada-seller.cn
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        92:09:53:33:28:b6:fc:32:e0:f9:8c:a8:e4:b3:b6:4d:90:82:
        15:09:08:32:8d:08:81:99:b8:6b:d5:93:d8:e9:7a:80:66:d1:
        6f:df:17:9e:a5:1a:9e:cf:8c:96:0a:4d:ec:8b:93:ff:4c:9f:
        7e:eb:58:28:e3:dd:93:0c:a8:5f:22:8c:8b:e4:e4:c2:4f:02:
        26:66:15:55:8e:e5:74:14:a3:07:9d:1e:83:5a:5e:ea:c3:27:
        87:e7:44:93:f9:6f:aa:ba:88:26:92:10:25:39:de:e1:27:ea:
        c8:3a:27:04:47:9c:b2:c0:05:b0:8a:b4:62:02:44:cd:fc:47:
        2f:ca:9f:5b:45:bd:1d:18:e2:ce:83:ee:49:cc:aa:f0:0c:2a:
        1f:16:85:01:98:4e:77:32:04:d9:5f:80:c7:b2:3d:56:65:d9:
        0c:72:c6:2f:67:e5:7a:3a:20:07:b1:c1:d4:50:a4:d2:ca:b4:
        00:3a:45:fc:11:19:23:fa:57:4c:dc:d5:4c:7f:91:4b:96:80:
        8d:ce:ea:23:18:d7:ca:0a:7c:40:3c:85:9e:c5:cc:56:17:e3:
        21:3d:17:5f:f6:0e:2a:8d:08:d3:3a:d7:6d:29:74:32:ba:9c:
        33:38:e8:55:66:bd:0e:56:31:c2:16:24:5a:ff:f6:77:e7:b7:
        7b:34:a0:b3

504717326 | 2024-04-15T08:45:04.462526

8444 / tcp

SSH-2.0-OpenSSH_8.6

1282941221 | 2024-04-18T01:17:52.043334

8447 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

-1455149952 | 2024-05-01T11:06:38.522418

8500 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1e27_PS-000-01sNY99_31294-28028

-1641514916 | 2024-04-25T07:11:56.014806

8545 / tcp

* OK Merak 1dFUa2 IMAP4rev1

-2107996212 | 2024-04-24T13:29:33.238379

8554 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

819727972 | 2024-04-30T00:17:07.584191

8575 / tcp

SSH-2.0-OpenSSH_7.4

842535728 | 2024-04-28T15:59:50.850043

8649 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

1975288991 | 2024-04-18T05:51:04.969506

8686 / tcp

OPTI

15018106 | 2024-05-07T15:02:07.859529

8728 / tcp

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

-1399940268 | 2024-04-15T04:09:05.695566

8789 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1947777893 | 2024-04-28T18:09:39.465001

8790 / tcp

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

819727972 | 2024-04-20T20:32:01.053786

8804 / tcp

SSH-2.0-OpenSSH_7.4

677934968 | 2024-04-14T16:17:33.117154

8805 / tcp

lm^)Q

-79865617 | 2024-04-09T20:48:26.258755

8806 / tcp

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com
mit-revprops depth log-revprops partial-replay ) ) )

1615193817 | 2024-04-13T00:00:47.412841

8820 / tcp

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

1911457608 | 2024-05-03T17:11:10.129420

8831 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1839934832 | 2024-05-07T11:36:28.499423

8833 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

819727972 | 2024-05-05T08:57:59.103164

8834 / tcp

SSH-2.0-OpenSSH_7.4

-1399940268 | 2024-04-28T23:30:23.831554

8842 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1504401647 | 2024-04-18T05:37:17.904896

8849 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

2103111368 | 2024-04-25T17:44:51.284975

8856 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

165188539 | 2024-04-20T08:32:55.751259

8865 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1327660293 | 2024-04-24T00:20:31.516625

8866 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

-375604792 | 2024-04-29T12:00:42.402751

8868 / tcp

220 Microsoft FTP Service

-1428621233 | 2024-04-21T06:40:04.372084

8874 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

1690634669 | 2024-04-26T10:50:43.767178

8880 / tcp

250824264 | 2024-05-04T04:13:59.511098

8888 / tcp

HTTP/1.1 408 Request Timeout

2087396567 | 2024-05-01T14:12:48.299936

8889 / tcp

kjnkjabhbanc283ubcsbhdc72

-1888448627 | 2024-05-06T20:13:44.595343

8890 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

-2067028711 | 2024-04-25T02:06:19.167395

9000 / tcp

\x15\x03\x01\x00\x02\x02F

-1026951088 | 2024-05-08T01:31:56.625527

9001 / tcp

erro ip

539065883 | 2024-04-25T09:36:13.149161

9002 / tcp

-1399940268 | 2024-05-03T13:06:03.638261

9006 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

897328069 | 2024-04-15T23:35:33.945684

9007 / tcp

220 mail.scott000.com ESMTP

1208318993 | 2024-05-07T18:09:34.004258

9014 / tcp

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

-1399940268 | 2024-05-04T14:34:08.560382

9025 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-04-12T13:17:55.627416

9032 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2087396567 | 2024-04-29T11:50:29.341841

9042 / tcp

kjnkjabhbanc283ubcsbhdc72

1911457608 | 2024-04-29T02:37:16.689339

9044 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1365128426 | 2024-04-25T04:14:44.226937

9050 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2488_PS-WNZ-01hBk109_17405-32924

2087396567 | 2024-04-28T17:38:52.083386

9051 / tcp

kjnkjabhbanc283ubcsbhdc72

745343730 | 2024-05-06T07:40:32.910605

9088 / tcp

220 smtp.qq.com Esmtp QQ Mail Server

1082239536 | 2024-04-28T23:05:00.747424

9090 / tcp

HTTP/1.1 302 Found
Content-Length: 0
Date: Sun, 28 Apr 2024 23:05:00 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sukz-mc-u.aliyuncs.com/expand/done/edit-lexer
Set-Cookie: JSESSIONID=node012gnb8c4hz71957zgi0wy8ib7526.node0; Path=/; HttpOnly
X-Frame-Options: SAMEORIGIN

2087396567 | 2024-04-29T16:08:12.709837

9091 / tcp

kjnkjabhbanc283ubcsbhdc72

-1026951088 | 2024-05-02T19:31:07.041038

9092 / tcp

erro ip

-1476017887 | 2024-04-21T15:55:40.808775

9093 / tcp

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

291723434 | 2024-05-08T03:41:18.441994

9095 / tcp


Lantronix MSS100 Version V118/523(045538937)

Type HELP at the 'Local_61349> ' prompt for assistance.



Username>

-1399940268 | 2024-05-06T16:40:09.435931

9098 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-05-03T18:17:37.335918

9100 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-04-09T00:53:22.829079

9102 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-616720387 | 2024-04-18T02:14:45.250773

9104 / tcp

SSH-2.0-SSHD_0.7.6

-1839934832 | 2024-04-25T10:17:58.235741

9151 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-2089734047 | 2024-05-05T15:16:55.038479

9160 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-984990168 | 2024-04-30T14:31:16.621192

9191 / tcp


0ÿñ

-1120655012 | 2024-05-07T07:34:35.648149

9200 / tcp

HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
content-length: 534

1911457608 | 2024-04-30T00:19:42.420737

9217 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1045760528 | 2024-04-25T09:52:13.498645

9306 / tcp

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

1529351907 | 2024-04-25T07:41:13.415144

9418 / tcp

HTTP/1.1 407 OK
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

please add white ip *.*.*.*

171352214 | 2024-04-25T15:08:55.042102

9443 / tcp

-ERR client ip is not in whitelist

-1327660293 | 2024-05-03T21:29:56.768379

9530 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

996960436 | 2024-04-25T05:52:05.872199

9595 / tcp

572 Relay not authorized

-1399940268 | 2024-04-25T12:57:17.423316

9600 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

398077695 | 2024-05-06T12:57:34.224563

9633 / tcp

-1399940268 | 2024-04-24T13:13:02.873536

9761 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2033888749 | 2024-04-24T22:09:52.457630

9869 / tcp

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

-726580714 | 2024-04-25T08:09:07.544694

9943 / tcp

\\x03\\x10\\x08\\x02\\xc2\\x80}\\x08\\x02\\xc2\\x80\xc3\xa2\\x14\\x01

-1990350878 | 2024-04-20T07:12:27.831102

9944 / tcp

 
04 \...

1632932802 | 2024-04-26T13:12:15.048909

9950 / tcp

1767345577 | 2024-04-29T23:53:31.843087

9981 / tcp

Hello, this is Quagga (version 0T).
Copyright 1996-200

1911457608 | 2024-04-30T02:18:37.195187

9994 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1888448627 | 2024-05-03T12:22:16.404256

9997 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

-1917695220 | 2024-05-07T12:03:38.544789

9998 / tcp

HTTP/1.1 200 OK
Server: Jetty(9.4.8.v20171121)

1161309183 | 2024-05-07T12:06:00.555097

9999 / tcp

ProxyServer is ready

171352214 | 2024-04-24T19:30:31.761942

10000 / tcp

-ERR client ip is not in whitelist

1492413928 | 2024-05-03T17:26:16.477364

10001 / tcp

SSH-2.0-OpenSSH_7.5

-1399940268 | 2024-05-05T03:45:44.786366

10134 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-616720387 | 2024-05-02T06:49:00.936094

10250 / tcp

SSH-2.0-SSHD_0.7.6

1055520450 | 2024-05-03T16:55:41.534372

10443 / tcp

HTTP/1.1 403 Forbidden
Date: Fri, 03 May 2024 16:55:41 GMT
Content-Type: text/html
Content-Length: 238
Connection: keep-alive
Server: Tengine
Location: https://dev.iot.aliyun.com
Via: kunlun9.cn4573[,0]

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:49:b2:86:90:3c:9b:46:7a:60:5b:87
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: May  5 06:21:16 2023 GMT
            Not After : Jun  5 06:21:15 2024 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.aliyun.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bb:e0:30:97:4d:31:70:3f:13:91:24:96:35:46:
                    e5:7d:10:6f:f5:ef:69:02:7a:66:2f:f1:56:b7:ba:
                    df:69:86:08:51:a5:76:1c:23:0a:92:b0:09:60:15:
                    c1:2e:10:1a:a2:00:b8:ba:5f:e5:e4:11:43:c3:ad:
                    e8:c5:83:c8:43:11:21:ce:57:97:60:45:5e:96:b9:
                    01:8a:f5:32:ed:68:46:8e:6c:b5:30:27:0a:9a:50:
                    53:22:a0:19:1e:24:11:2b:2c:cb:18:aa:27:1d:b6:
                    96:d0:5b:39:8c:89:3e:5f:fd:04:fa:bc:e7:24:ca:
                    25:16:b8:fd:ef:d5:74:9d:03:84:ea:34:b8:df:b0:
                    75:27:53:46:85:44:08:73:cd:3b:d6:4c:f7:0f:95:
                    1c:06:28:d3:f7:fb:f5:dc:e1:45:a9:30:2c:be:f4:
                    af:a9:07:22:57:df:f4:0c:64:11:30:b9:21:ce:f8:
                    3f:c3:17:1f:84:80:dd:4d:6f:7c:5d:3b:ec:4d:3e:
                    c6:33:5e:be:eb:4d:65:f8:63:7e:57:ee:b3:07:38:
                    77:5e:94:1b:1d:4c:8a:69:6a:97:a8:58:f6:72:d4:
                    c5:72:f3:3f:a1:5b:0d:bd:f1:a2:e3:38:b2:9b:1c:
                    11:fb:52:33:80:ec:7d:be:f8:c8:23:5f:63:02:86:
                    33:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FB:43:61:72:DB:90:9F:67:07:2E:AE:74:FB:66:90:A2:E9:C4:FC:15
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            Authority Information Access: 
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
            X509v3 Subject Alternative Name: 
                DNS:*.aliyun.com, DNS:aliyun.com, DNS:ahorvs-ai.ojibobo-ina.aon.alibaba-inc.com, DNS:zb-dsw-dsw59578-80.pcs-svr.aliyun.com, DNS:nse-vga.an-hongzhov.aliyuncs.com, DNS:wallet.lazada.com.ph, DNS:no.n.tmall.com, DNS:shop36982957.aliyun.com, DNS:www2.shop.aliyun.com, DNS:yundun-oem-cn-zhangjiakou.aliyun-inc.com, DNS:jvjiongshog.1688.com, DNS:preview.aliexpress.com, DNS:08yt.blog.china.alibaba.com, DNS:shop1460480247699.1688.com, DNS:shog36325416.taobao.com, DNS:metrichub-cms-cn-hangzhou.aliyun.com, DNS:rdc.aliyun.com, DNS:onahoshi.aliyuncs.com, DNS:guidance.alibaba-inc.com, DNS:vseraenter2.ojiyvn-ina.aon.aliyun-inc.com, DNS:alimama.taobao.com, DNS:dingding-devogs.aliyun.com, DNS:igrogh-sg.ojibobo-ina.aon.alibaba-inc.com, DNS:dms-app-core.aliyun.com, DNS:swas-share.ap-southeast-1.aliyuncs.com, DNS:hbjaarystoj.en.alibaba.com, DNS:ata.alibaba-inc.com, DNS:shog36220471.taobao.com, DNS:ean.an-beijing.aliyuncs.com, DNS:camp.alibaba-inc.com, DNS:api.rantu.com, DNS:shop36745251.taobao.com, DNS:[2408:4001:f00::16d], DNS:di-serviae.an-ahengdv.doto.ojiyvn-ina.aon.aliyun-inc.com
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        5b:9e:34:62:4d:05:e1:1c:08:f2:4e:ec:f9:65:4b:0f:2a:53:
        f8:e6:e6:ad:d8:26:50:1c:5a:22:3b:11:05:6b:f5:9c:ae:cb:
        ef:b5:30:ee:9a:c0:9e:71:a2:4c:6f:1a:d7:a9:e5:84:ee:10:
        71:1e:10:3f:56:a5:42:25:69:1e:30:97:5a:d4:b0:68:2f:c2:
        f1:16:64:8d:93:c1:b9:f1:05:d6:a9:e7:18:37:6a:18:95:be:
        1f:43:0f:ee:c6:5f:e1:93:d9:7f:02:03:6b:17:a8:1e:3d:ea:
        67:e5:66:e2:c7:23:04:27:46:a7:17:fa:49:8e:73:68:c7:78:
        6d:28:8e:20:96:25:1d:fc:c5:7b:e3:39:04:e7:16:58:f3:b5:
        b4:8a:b7:91:cc:2f:bb:e7:ae:b9:ca:de:1e:8e:ef:ee:94:0a:
        9a:f6:e7:98:34:de:1d:c0:8d:8c:c0:33:93:66:6f:cb:d3:f1:
        6e:6e:66:70:ec:df:24:9b:0f:68:00:ca:60:6d:72:13:e2:0f:
        7e:cf:62:92:90:2f:de:1a:79:e7:cc:21:5d:51:25:ce:5d:1f:
        8c:43:1f:a7:14:26:ef:09:6c:9c:21:ba:09:7c:ce:61:b6:c9:
        79:b4:22:a1:b4:0b:28:ea:57:99:5d:61:03:87:cf:99:62:31:
        e6:08:26:31

2087396567 | 2024-05-06T21:02:34.034662

10554 / tcp

kjnkjabhbanc283ubcsbhdc72

1911457608 | 2024-04-26T10:48:33.601160

10909 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-04-25T22:25:21.752979

10911 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-784071826 | 2024-05-06T05:45:33.228237

11000 / tcp

SSH-2.0-OpenSSH_8.0

1620329124 | 2024-04-28T07:10:26.692380

11112 / tcp

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\x01\xc3\xbf\xc3\xbb\x03\xc3\xbf\xc3\xbd\x01\xc3\xbf\xc3\xbe\x01Username:

-1399940268 | 2024-04-25T10:00:24.187891

11210 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-136006866 | 2024-05-03T12:46:46.929147

11211 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

-2096652808 | 2024-05-01T13:10:21.046646

11300 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1261582754 | 2024-05-06T17:34:01.001591

11371 / tcp

unknown command 
unknown command

-1461540015 | 2024-04-28T19:56:10.865876

12000 / tcp

audio 0 RTP/AVP 18 4 3 8 0 101
a

878900329 | 2024-05-04T17:50:32.590277

12345 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae24ba_PStjkgwtss75_22411-43255

-2089734047 | 2024-05-05T17:18:18.871008

14147 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-2107996212 | 2024-05-07T18:07:17.110723

14265 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

-1399940268 | 2024-05-04T17:20:25.200957

14344 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

770016595 | 2024-04-26T11:12:38.434772

16030 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

-971970408 | 2024-04-27T13:51:49.808174

16993 / tcp

-1399940268 | 2024-05-05T13:05:16.942926

18081 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

119860953 | 2024-04-29T10:43:41.494854

18245 / tcp

* OK ArGoSoft Mail Server IMAP Module v.YW at

171352214 | 2024-05-02T00:18:50.927431

18553 / tcp

-ERR client ip is not in whitelist

1911457608 | 2024-05-02T18:00:23.598744

19000 / tcp

\x00[\x00\x00\x00\x00\x00\x00

104385780 | 2024-05-05T20:42:19.808907

19071 / tcp

ceph v2

1900503736 | 2024-05-02T02:51:24.381468

20000 / tcp

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

1189133115 | 2024-04-28T07:37:00.864419

20256 / tcp

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

1911457608 | 2024-04-25T00:43:30.240643

20547 / tcp

\x00[\x00\x00\x00\x00\x00\x00

819727972 | 2024-05-02T00:38:36.094949

21025 / tcp

SSH-2.0-OpenSSH_7.4

819727972 | 2024-05-06T04:23:16.862023

21379 / tcp

SSH-2.0-OpenSSH_7.4

401555314 | 2024-04-25T02:33:10.491396

23023 / tcp

NB[GFXjA^R

104385780 | 2024-04-14T17:45:29.025567

23424 / tcp

ceph v2

-1399940268 | 2024-05-05T16:30:17.371595

25001 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1082732927 | 2024-04-23T22:50:20.342552

25105 / tcp

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

-1626979812 | 2024-04-26T02:54:28.002396

25565 / tcp

220 Service ready for new user.

-80321085 | 2024-04-25T04:30:41.376749

27015 / tcp

Command: None
Size: 1802398315
ID: 1751277930
Type: 1668178274

1763259671 | 2024-05-06T18:09:57.194397

27017 / tcp

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

-1105333987 | 2024-05-04T04:25:44.383374

28015 / tcp

\x00[KpU\x7f\x00\x00

2033888749 | 2024-05-02T08:03:53.526339

28017 / tcp

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

1544300041 | 2024-04-22T21:42:19.468224

28107 / tcp

SSH-25453-Cisco-3524665.35

1632932802 | 2024-04-14T17:39:14.608964

30002 / tcp

1921398876 | 2024-04-30T05:19:07.582882

30003 / tcp

ÿý"
LinuxNode v06953 (ggfks)

login:

-1835577706 | 2024-04-25T07:06:46.192592

31337 / tcp

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset="UTF-8"
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Vary: Accept-Encoding
Cache-control: no-store
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

2139670385 | 2024-04-25T06:00:39.418514

32400 / tcp

HTTP/1.1 200 
Accept-Ranges: bytes
Content-Type: text/html;charset=UTF-8
Content-Length: 602
Connect-To: https://member.aliyun.com/unshift-flush/object-trigger/jobs/nacos/

-826610984 | 2024-05-02T17:11:36.534927

32764 / tcp

HTTP/1.1 200
Accept-Ranges: bytes
Content-Type: text/html;charset=UTF-8
Content-Length: 602
Connect-To: https://member.aliyun.com/unshift-flush/object-trigger/jobs/nacos/

<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="UTF-8">
	<title>Nacos</title>
	<link rel="shortcut icon" href="/nacos/console-ui/public/img/nacos-logo.png" type="image/x-icon">

<link href="./css/main.css" rel="stylesheet"></head>
<body>
	<div id="root" style="overflow:hidden"></div>
	<div id="app"></div>
	<div id="other"></

2087396567 | 2024-05-06T01:04:08.936830

33060 / tcp

kjnkjabhbanc283ubcsbhdc72

-2089734047 | 2024-04-30T10:46:12.098817

35000 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

660175493 | 2024-04-30T22:22:45.463548

37215 / tcp

2098371729 | 2024-04-25T07:02:55.203031

37777 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

-992671574 | 2024-04-25T03:39:27.946858

41800 / tcp

@RSYNCD: 26

-433302150 | 2024-04-26T05:23:32.263514

44158 / tcp

/multistream/1.0.0

-1399940268 | 2024-04-24T22:53:14.084758

44818 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1620329124 | 2024-04-26T14:08:22.570740

47990 / tcp

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\x01\xc3\xbf\xc3\xbb\x03\xc3\xbf\xc3\xbd\x01\xc3\xbf\xc3\xbe\x01Username:

-1968475615 | 2024-04-27T06:34:12.765896

49152 / tcp

HTTP/1.1 500 Internal Server Error
CONTENT-LENGTH: 411
CONTENT-TYPE: text/xml; charset="utf-8"
DATE: Mon, 22 Jan 2024 07:42:10 GMT
EXT:
SERVER: 6.2.9200 2/, UPnP/1.0, Portable SDK for UPnP devices/1.4.7
X-User-Agent: redsonic

-321444299 | 2024-04-18T09:04:29.479319

49153 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

-653033013 | 2024-05-06T00:43:19.239366

50000 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

104385780 | 2024-04-28T01:56:56.902325

50050 / tcp

ceph v2

-1872120160 | 2024-04-24T20:28:32.767460

50070 / tcp

">Application and Content Networking Software 3.9</a>)
</BODY><

2103111368 | 2024-04-15T09:33:45.222296

50100 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

-1013082686 | 2024-05-01T19:05:10.076301

51235 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

1519486042 | 2024-05-01T14:53:00.610302

54138 / tcp

<KU_goodbye>Protocol Error: XML data is not well-formed.</KU_goodbye>

819727972 | 2024-04-25T03:08:43.873838

55000 / tcp

SSH-2.0-OpenSSH_7.4

-154107716 | 2024-05-07T20:53:56.558295

55442 / tcp

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

2087396567 | 2024-04-30T02:19:12.281261

55443 / tcp

kjnkjabhbanc283ubcsbhdc72

-801484042 | 2024-04-26T10:12:25.440237

55553 / tcp

ERR 27

-1730858130 | 2024-04-26T00:58:57.385136

55554 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-1969169410 | 2024-05-02T03:11:06.337434

60010 / tcp

ÿû
-> GET / HTTP/1.0
GET / HTTP/1.0
undefined symbol: GET
-> 
->

-1344535834 | 2024-04-24T22:44:33.877429

60030 / tcp

HTTP/1.0 200 OK
Server: Proxy

-1023516719 | 2024-04-29T21:08:28.606213

60129 / tcp

ã

KvInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

1911457608 | 2024-05-06T10:55:09.976384

61613 / tcp

\x00[\x00\x00\x00\x00\x00\x00

2087396567 | 2024-05-08T02:14:25.708177

61616 / tcp

kjnkjabhbanc283ubcsbhdc72

-1113435755 | 2024-05-06T15:44:09.005228

62078 / tcp

/1.1 404 Not Found
Content Length: 0

-2096652808 | 2024-05-03T07:25:45.228445

65522 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

120.78.115.68

Last Seen: 2024-05-08

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

2087396567 | 2024-05-06T14:01:35.156948 11 / tcp

1286504516 | 2024-05-04T01:52:43.722845 13 / tcp

-1316398834 | 2024-04-30T03:54:38.800307 15 / tcp

-1296032851 | 2024-04-25T05:56:27.453564 17 / tcp

829384519 | 2024-05-07T02:24:42.120656 19 / tcp

-1399940268 | 2024-04-28T13:12:35.268234 20 / tcp

1210838212 | 2024-05-02T22:48:55.379276 21 / tcp

676675086 | 2024-04-24T22:50:08.110461 23 / tcp

321971019 | 2024-04-25T08:15:18.207247 25 / tcp

1615193817 | 2024-04-17T19:11:57.986890 26 / tcp

-253878554 | 2024-05-01T02:54:36.486765 37 / tcp

740837454 | 2024-05-04T17:57:28.001199 43 / tcp

-801484042 | 2024-05-03T14:20:00.621168 49 / tcp

-1370420049 | 2024-05-04T05:46:37.539854 53 / tcp

-1763883228 | 2024-05-03T06:28:30.332830 70 / tcp

-746345752 | 2024-04-26T10:47:17.155685 79 / tcp

-32530634 | 2024-04-28T07:18:33.818473 80 / tcp

1072892569 | 2024-04-28T16:35:56.346985 84 / tcp

1911457608 | 2024-04-15T23:30:38.944066 87 / tcp

-1730858130 | 2024-04-22T05:57:03.700653 96 / tcp

-339084706 | 2024-05-07T10:26:35.350208 102 / tcp

1911457608 | 2024-05-06T02:05:14.092115 104 / tcp

1911457608 | 2024-05-04T14:47:02.382934 110 / tcp

2087396567 | 2024-05-07T11:37:22.146279 111 / tcp

60948681 | 2024-04-25T08:37:39.808541 113 / tcp

141730637 | 2024-04-25T07:36:41.996851 119 / tcp

96945398 | 2024-04-25T03:54:42.854858 135 / tcp

639175818 | 2024-05-02T23:11:23.261266 143 / tcp

-1947777893 | 2024-04-25T05:58:14.703427 175 / tcp

-399606100 | 2024-04-25T03:33:23.023594 179 / tcp

51259122 | 2024-05-02T09:00:25.005219 180 / tcp

-1248408558 | 2024-04-29T22:42:35.058984 195 / tcp

819727972 | 2024-04-26T12:10:07.742037 221 / tcp

-1707068558 | 2024-05-01T02:22:56.373729 264 / tcp

-1547976805 | 2024-04-24T23:51:40.881440 311 / tcp

-1458209204 | 2024-04-19T18:00:02.882181 340 / tcp

-1743283776 | 2024-04-25T17:13:52.860293 389 / tcp

1998636604 | 2024-05-07T02:16:46.320646 427 / tcp

-34857069 | 2024-05-06T17:01:12.553759 443 / tcp

1850902677 | 2024-05-03T09:49:58.515093 444 / tcp

1282941221 | 2024-04-17T20:36:25.978642 450 / tcp

897328069 | 2024-05-06T23:51:17.306598 465 / tcp

669849225 | 2024-04-26T10:17:04.438845 502 / tcp

819727972 | 2024-05-02T10:26:06.070169 503 / tcp

2087396567 | 2024-05-03T21:37:32.000144 515 / tcp

444328471 | 2024-05-01T09:18:35.959685 548 / tcp

285770450 | 2024-05-07T20:53:34.169212 554 / tcp

745343730 | 2024-05-03T05:04:24.739006 587 / tcp

-1407711311 | 2024-05-05T03:12:49.805118 593 / tcp

-1316491703 | 2024-04-25T15:34:24.462465 631 / tcp

1650594030 | 2024-04-24T22:58:34.928604 636 / tcp

1300162323 | 2024-05-07T01:33:57.772376 666 / tcp

-1399940268 | 2024-05-05T02:50:03.789325 771 / tcp

-2089734047 | 2024-04-27T07:12:42.230734 772 / tcp

-1032713145 | 2024-04-25T04:32:20.358332 789 / tcp

819727972 | 2024-04-22T05:37:44.368195 801 / tcp

-2004989248 | 2024-04-23T16:51:34.628644 843 / tcp

-1970692834 | 2024-05-03T16:45:41.992840 873 / tcp

20021069 | 2024-04-23T15:28:18.611233 888 / tcp

1956828827 | 2024-04-19T06:47:20.611855 902 / tcp

-1242315829 | 2024-04-25T08:02:15.618755 992 / tcp

1948301213 | 2024-05-01T05:53:09.137042 993 / tcp

-740312032 | 2024-04-29T23:31:11.856994 995 / tcp

-1313892715 | 2024-04-27T20:59:15.589298 1023 / tcp

-1900404274 | 2024-04-26T06:57:23.675751 1024 / tcp

1948301213 | 2024-05-08T00:02:01.197458 1025 / tcp

165188539 | 2024-04-25T05:59:11.558459 1099 / tcp

-358801646 | 2024-04-29T07:15:48.009642 1111 / tcp

-1428621233 | 2024-04-23T08:45:42.020022 1153 / tcp

-971970408 | 2024-05-04T01:23:10.410671 1177 / tcp

1370263973 | 2024-05-05T04:13:53.150790 1200 / tcp

-1399940268 | 2024-04-24T22:03:33.873812 1234 / tcp

-321444299 | 2024-04-25T08:09:05.402181 1311 / tcp

2087396567 | 2024-05-06T14:01:35.156948
11 / tcp

1286504516 | 2024-05-04T01:52:43.722845
13 / tcp

-1316398834 | 2024-04-30T03:54:38.800307
15 / tcp

-1296032851 | 2024-04-25T05:56:27.453564
17 / tcp

829384519 | 2024-05-07T02:24:42.120656
19 / tcp

-1399940268 | 2024-04-28T13:12:35.268234
20 / tcp

1210838212 | 2024-05-02T22:48:55.379276
21 / tcp

676675086 | 2024-04-24T22:50:08.110461
23 / tcp

321971019 | 2024-04-25T08:15:18.207247
25 / tcp

1615193817 | 2024-04-17T19:11:57.986890
26 / tcp

-253878554 | 2024-05-01T02:54:36.486765
37 / tcp

740837454 | 2024-05-04T17:57:28.001199
43 / tcp

-801484042 | 2024-05-03T14:20:00.621168
49 / tcp

-1370420049 | 2024-05-04T05:46:37.539854
53 / tcp

-1763883228 | 2024-05-03T06:28:30.332830
70 / tcp

-746345752 | 2024-04-26T10:47:17.155685
79 / tcp

-32530634 | 2024-04-28T07:18:33.818473
80 / tcp

1072892569 | 2024-04-28T16:35:56.346985
84 / tcp

1911457608 | 2024-04-15T23:30:38.944066
87 / tcp

-1730858130 | 2024-04-22T05:57:03.700653
96 / tcp

-339084706 | 2024-05-07T10:26:35.350208
102 / tcp

1911457608 | 2024-05-06T02:05:14.092115
104 / tcp

1911457608 | 2024-05-04T14:47:02.382934
110 / tcp

2087396567 | 2024-05-07T11:37:22.146279
111 / tcp

60948681 | 2024-04-25T08:37:39.808541
113 / tcp

141730637 | 2024-04-25T07:36:41.996851
119 / tcp

96945398 | 2024-04-25T03:54:42.854858
135 / tcp

639175818 | 2024-05-02T23:11:23.261266
143 / tcp

-1947777893 | 2024-04-25T05:58:14.703427
175 / tcp

-399606100 | 2024-04-25T03:33:23.023594
179 / tcp

51259122 | 2024-05-02T09:00:25.005219
180 / tcp

-1248408558 | 2024-04-29T22:42:35.058984
195 / tcp

819727972 | 2024-04-26T12:10:07.742037
221 / tcp

-1707068558 | 2024-05-01T02:22:56.373729
264 / tcp

-1547976805 | 2024-04-24T23:51:40.881440
311 / tcp

-1458209204 | 2024-04-19T18:00:02.882181
340 / tcp

-1743283776 | 2024-04-25T17:13:52.860293
389 / tcp

1998636604 | 2024-05-07T02:16:46.320646
427 / tcp

-34857069 | 2024-05-06T17:01:12.553759
443 / tcp

1850902677 | 2024-05-03T09:49:58.515093
444 / tcp

1282941221 | 2024-04-17T20:36:25.978642
450 / tcp

897328069 | 2024-05-06T23:51:17.306598
465 / tcp

669849225 | 2024-04-26T10:17:04.438845
502 / tcp

819727972 | 2024-05-02T10:26:06.070169
503 / tcp

2087396567 | 2024-05-03T21:37:32.000144
515 / tcp

444328471 | 2024-05-01T09:18:35.959685
548 / tcp

285770450 | 2024-05-07T20:53:34.169212
554 / tcp

745343730 | 2024-05-03T05:04:24.739006
587 / tcp

-1407711311 | 2024-05-05T03:12:49.805118
593 / tcp

-1316491703 | 2024-04-25T15:34:24.462465
631 / tcp

1650594030 | 2024-04-24T22:58:34.928604
636 / tcp

1300162323 | 2024-05-07T01:33:57.772376
666 / tcp

-1399940268 | 2024-05-05T02:50:03.789325
771 / tcp

-2089734047 | 2024-04-27T07:12:42.230734
772 / tcp

-1032713145 | 2024-04-25T04:32:20.358332
789 / tcp

819727972 | 2024-04-22T05:37:44.368195
801 / tcp

-2004989248 | 2024-04-23T16:51:34.628644
843 / tcp

-1970692834 | 2024-05-03T16:45:41.992840
873 / tcp

20021069 | 2024-04-23T15:28:18.611233
888 / tcp

1956828827 | 2024-04-19T06:47:20.611855
902 / tcp

-1242315829 | 2024-04-25T08:02:15.618755
992 / tcp

1948301213 | 2024-05-01T05:53:09.137042
993 / tcp

-740312032 | 2024-04-29T23:31:11.856994
995 / tcp

-1313892715 | 2024-04-27T20:59:15.589298
1023 / tcp

-1900404274 | 2024-04-26T06:57:23.675751
1024 / tcp

1948301213 | 2024-05-08T00:02:01.197458
1025 / tcp

165188539 | 2024-04-25T05:59:11.558459
1099 / tcp

-358801646 | 2024-04-29T07:15:48.009642
1111 / tcp

-1428621233 | 2024-04-23T08:45:42.020022
1153 / tcp

-971970408 | 2024-05-04T01:23:10.410671
1177 / tcp

1370263973 | 2024-05-05T04:13:53.150790
1200 / tcp

-1399940268 | 2024-04-24T22:03:33.873812
1234 / tcp

-321444299 | 2024-04-25T08:09:05.402181
1311 / tcp

-375604792 | 2024-05-03T13:47:16.842634
1337 / tcp

104385780 | 2024-04-21T13:55:52.788474
1400 / tcp

555056254 | 2024-05-01T06:55:29.833700
1433 / tcp

770016595 | 2024-04-13T12:52:42.218085
1471 / tcp

2087396567 | 2024-05-07T13:10:52.599902
1515 / tcp

-541815454 | 2024-05-07T13:25:44.241994
1521 / tcp

1542849631 | 2024-05-05T15:17:38.716828
1599 / tcp