GeneralInformation

Hostnames	cn-hangzhou.oss.aliyuncs.com
Domains	aliyuncs.com
Country	China
City	Hangzhou
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-51767	OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
CVE-2023-51385	In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
CVE-2023-51384	In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
CVE-2023-48795	The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
CVE-2023-38408	The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
CVE-2021-41617	4.4sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
CVE-2021-36368	2.6An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.
CVE-2020-15778	6.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."
CVE-2020-14145	4.3The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
CVE-2019-6111	5.8An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
CVE-2019-6110	4.0In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
CVE-2019-6109	4.0An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
CVE-2019-16905	4.4OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.
CVE-2018-20685	2.6In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2018-15919	5.0Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'
CVE-2018-15473	5.0OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
CVE-2017-15906	5.0The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
CVE-2016-3115	5.5Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.
CVE-2016-20012	4.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product
CVE-2016-1908	7.5The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
CVE-2016-10708	5.0sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
CVE-2016-10012	7.2The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.
CVE-2016-10011	2.1authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
CVE-2016-10010	6.9sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
CVE-2016-10009	7.5Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
CVE-2016-0777	4.0The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
CVE-2015-6564	6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.
CVE-2015-6563	1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.
CVE-2015-5600	8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.
CVE-2015-5352	4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.
CVE-2014-2653	5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
CVE-2014-2532	5.8sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
CVE-2014-1692	7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.
CVE-2012-0814	3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
CVE-2011-5000	3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
CVE-2011-4327	2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
CVE-2010-5107	5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
CVE-2010-4755	4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
CVE-2010-4478	7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
CVE-2008-3844	9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
CVE-2007-2768	4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 15 19 23 25 37 43 49 53 70 79 80 82 90 91 102 104 110 111 113 119 122 143 175 179 195 221 264 311 340 389 427 443 444 465 502 515 554 555 631 636 646 666 771 789 873 992 993 994 995 1000 1023 1025 1099 1177 1200 1337 1344 1366 1433 1471 1521 1599 1604 1723 1800 1801 1901 1911 1947 1962 2002 2003 2008 2021 2051 2065 2067 2069 2081 2083 2086 2087 2121 2154 2181 2222 2323 2332 2352 2404 2455 2554 2628 2761 2762 3001 3002 3050 3061 3068 3074 3089 3099 3121 3260 3268 3269 3299 3301 3306 3310 3388 3389 3410 3523 3689 3780 3790 3793 4000 4063 4064 4117 4242 4282 4321 4433 4443 4500 4506 4664 4786 4808 4840 4899 4911 4949 4999 5002 5005 5006 5007 5009 5010 5025 5080 5150 5172 5222 5269 5432 5594 5601 5672 5858 5900 5938 5984 5985 5986 5990 6000 6001 6002 6007 6379 6510 6653 6666 6667 6668 6697 6789 7001 7003 7171 7218 7415 7443 7465 7474 7493 7510 7535 7547 7548 7989 7998 8001 8009 8017 8018 8043 8048 8053 8055 8057 8060 8066 8069 8081 8085 8086 8091 8099 8103 8112 8126 8140 8181 8184 8200 8249 8252 8291 8333 8334 8405 8413 8426 8443 8500 8545 8554 8575 8649 8728 8836 8839 8863 8889 9000 9001 9019 9043 9046 9051 9090 9092 9095 9100 9104 9151 9160 9216 9306 9418 9433 9443 9530 9600 9633 9761 9876 9944 9950 9992 9998 9999 10000 10001 10134 10250 10443 10554 10909 10911 11000 11112 11210 11211 11300 12345 14147 14265 14344 16010 16992 18081 18245 18553 19000 20000 20256 20547 21379 25001 25105 25565 27017 28107 30002 30003 31337 32764 35000 37215 37777 41800 44818 47990 49152 49153 50000 50050 50070 50100 51106 51235 54138 55443 55553 55554 60129 61613 61616 62078

819727972 | 2024-04-18T13:30:17.178941

11 / tcp

SSH-2.0-OpenSSH_7.4

1100205395 | 2024-04-19T16:39:28.525415

13 / tcp

HTTP/1.1 200 OK
Cache-Control: private, max-age=300

1286504516 | 2024-04-11T07:34:17.566099

15 / tcp

CP2E Control Console
Connected to Host: gZI

620044682 | 2024-04-23T08:03:40.483112

19 / tcp

 !"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefg\r\n!"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefgh\r\n"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghi\r\n#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghij\r\n$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijk\r\n%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijkl\r\n&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghi

460589547 | 2024-04-10T12:33:25.006992

23 / tcp

ZyXEL VDSL Router

1363464823 | 2024-04-14T06:08:54.385617

25 / tcp

\x00[|ox\x7f\x00\x00

-1624690781 | 2024-04-03T19:16:34.452304

37 / tcp

\\xe9X6\\xef

-1839934832 | 2024-04-23T21:31:47.058151

43 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-359657882 | 2024-03-26T14:31:28.221288

49 / tcp

GBPK\xc3\xbb\xc3\xb7n\\xc2\\x93W\xc2\xaf\\xc2\\x86\\xc2\\x93x@\xc2\xa9\\x0e\xc3\x8a*\\xc2\\x9bS

-1016957059 | 2024-04-09T18:20:04.684743

53 / tcp

9\n\\x81\\x80\\x00\\x01\\x00\\x02\\x00\\x00\\x00\\x00\\x08clients1\\x06google\\x03com\\x00\\x00\\x01\\x00\\x01\\xc0\x0c\\x00\\x05\\x00\\x01\\x00\\x00\\x00\\x1e\\x00\x0c\\x07clients\\x01l\\xc0\\x15\\xc01\\x00\\x01\\x00\\x01\\x00\\x00\\x00\\x1e\\x00\\x04\\x8e\\xfb+\\x0e\n\\x00\\x06\\x85\\x80\\x00\\x01\\x00\\x01\\x00\\x

175081126 | 2024-04-17T18:02:44.442852

70 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.14.2
Content-Type: text/html
Connection: close

268196945 | 2024-04-18T20:12:49.249549

79 / tcp

AB\x01

-614884918 | 2024-04-22T22:35:02.019213

80 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Mon, 22 Apr 2024 22:35:01 GMT
Content-Type: application/xml
Content-Length: 347
Connection: keep-alive
x-oss-request-id: 6626E6156FB42B37304C116E
x-oss-server-time: 0
x-oss-ec: 0003-00001201

-1344535834 | 2024-04-20T16:09:12.077706

82 / tcp

HTTP/1.0 200 OK
Server: Proxy

-2046514463 | 2024-03-30T12:07:34.570494

90 / tcp

AB\x01\t

-784071826 | 2024-04-04T02:32:13.900906

91 / tcp

SSH-2.0-OpenSSH_8.0

-1399940268 | 2024-04-17T09:44:22.750378

102 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-375604792 | 2024-04-05T21:34:39.342258

104 / tcp

220 Microsoft FTP Service

-2017887953 | 2024-04-19T22:26:17.283822

110 / tcp

SSH-2.0-OpenSSH_7.9

-1999117212 | 2024-04-20T21:53:49.374272

111 / tcp

-1777894858 | 2024-04-15T09:12:24.217898

113 / tcp

113 , 35054 : USERID : OTHER :99

141730637 | 2024-04-22T02:25:29.079196

119 / tcp

HTTP/1.0 200 OK
Server: Proxy

-1279886438 | 2024-04-01T08:04:15.921023

122 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

1771091364 | 2024-04-05T22:25:46.707964

143 / tcp

* OK WIN-C1N84A1UUO4.elite-sz.cn Winmail Mail Server IMAP4 ready\r\n

-1265999252 | 2024-04-21T03:15:42.259246

175 / tcp

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

-399606100 | 2024-04-16T23:01:55.836014

179 / tcp

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

-971970408 | 2024-04-18T07:37:04.016235

195 / tcp

-2089734047 | 2024-04-13T23:11:50.295583

221 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-654288545 | 2024-04-02T01:18:57.792430

264 / tcp

CheckPoint\nFirewall Host: lcm4cp\nSmartCenter Host: cpmanager.cminl.oa.guof3x\\x00\n

-1547976805 | 2024-04-16T03:42:09.087306

311 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: close

-1907365813 | 2024-04-21T00:31:26.904372

340 / tcp

HTTP/1.1 200 OK
Server: ***************************************************
X-UA-Compatible: IE=edge,chrome=1
X-Powered-By: ********
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

-1907080992 | 2024-04-24T05:33:43.479633

389 / tcp

0\x0c\\x02\\x01\\x01a\\x07\n\\x01\\x00\\x04\\x00\\x04\\x00

1998636604 | 2024-04-17T18:18:41.141506

427 / tcp

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://192.168.2.254\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:VMwareInfrastructure\n\nResponse of service:VMwareInfrastructure SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:VMwareInfrastructure://192.168.2.254\n\n\nResponse of service:VMwareInfrastructure AttrRqst:\nVersion: 2\nFunction: Attribute Reply (7)\nErrorCode: SUCCESS (0)\nAttrList: (pro

-197953601 | 2024-04-20T08:53:04.458822

443 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Sat, 20 Apr 2024 08:53:04 GMT
Content-Type: application/xml
Content-Length: 347
Connection: keep-alive
x-oss-request-id: 662382706F8C2633348AC0D6
x-oss-server-time: 0
x-oss-ec: 0003-00001201

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:21:e4:e5:73:fc:7f:09:2a:04:98:d5
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: Feb 19 05:01:07 2024 GMT
            Not After : Mar 22 05:01:06 2025 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=cn-hangzhou.oss.aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e4:33:85:33:df:c3:af:64:36:c4:2f:07:75:c9:
                    3a:b3:26:75:db:43:da:5c:3a:52:cd:1a:22:6e:91:
                    63:82:4a:49:60:30:02:b2:57:00:98:0e:8d:7c:8a:
                    70:cf:bf:d6:9b:82:41:ea:ba:94:fb:3a:bb:e8:7c:
                    2f:79:90:84:d7:a7:24:a3:ef:ee:6a:a7:8e:cf:2a:
                    e0:d1:9a:ac:9c:b6:8c:0c:a4:2f:62:20:54:e0:14:
                    86:b1:3c:7a:30:f2:19:7e:d1:39:17:e9:d6:18:6e:
                    c3:33:ed:1a:4c:e1:9c:89:36:0f:3c:4c:c7:85:60:
                    6e:18:95:3c:c7:a5:3e:77:2e:3a:bb:a8:ff:56:38:
                    37:86:64:c1:7f:36:de:ac:0f:53:7e:b2:09:3e:e0:
                    7a:12:10:10:fb:73:5d:d8:44:08:54:86:67:b0:f9:
                    7d:c4:5a:e4:bf:09:89:1e:c4:8c:fe:0f:de:e3:00:
                    7b:3c:95:53:77:3c:78:dc:c6:13:a1:d2:89:33:66:
                    f1:ef:82:ea:9d:48:1e:5e:ee:cc:26:6c:4e:22:5c:
                    70:e5:4f:6e:9f:29:f2:96:e2:32:8f:1f:f5:ce:7c:
                    59:a7:ce:66:16:c6:1d:8a:e4:f2:3b:ae:7d:4c:23:
                    40:3b:65:06:b9:02:54:82:88:ed:c5:5f:25:7b:db:
                    53:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
            X509v3 Subject Alternative Name: 
                DNS:cn-hangzhou.oss.aliyuncs.com, DNS:*.oss-cn-hangzhou.aliyuncs.com, DNS:*.img-cn-hangzhou-internal.aliyuncs.com, DNS:*.oss-cn-hzjbp-a-internal.aliyuncs.com, DNS:*.oss-cn-hangzhou-internal.aliyuncs.com, DNS:*.oss-cn-hangzhou-diku-internal.aliyuncs.com, DNS:*.cn-hangzhou.oss.aliyuncs.com, DNS:*.oss-enet-cm.aliyuncs.com, DNS:*.cn-hangzhou.oss-internal-cross.aliyun-inc.com, DNS:*.oss-cn-hangzhou-am101.aliyuncs.com, DNS:*.oss-internal.aliyuncs.com, DNS:*.oss-accelerate.aliyuncs.com, DNS:*.oss-cn-hzjbp-b-internal.aliyuncs.com, DNS:*.img-cn-hangzhou.aliyuncs.com, DNS:*.oss-accelerate-overseas.aliyuncs.com, DNS:*.oss-cn-hangzhou-zmf.aliyuncs.com, DNS:*.oss-cn-hangzhou-hsa.aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.oss.aliyuncs.com, DNS:*.oss-cn-hangzhou-cross.aliyuncs.com, DNS:*.vpc100-oss-cn-hangzhou.aliyuncs.com, DNS:*.oss-cn-hzfinance.aliyuncs.com, DNS:*.oss-enet.aliyuncs.com, DNS:*.cn-hangzhou.oss-internal.aliyuncs.com, DNS:*.oss-enet-cu.aliyuncs.com, DNS:*.oss-enet-ct.aliyuncs.com, DNS:*.oss-cn-hangzhou-zmf-internal.aliyuncs.com, DNS:*.oss-cn-hzfinance-internal.aliyuncs.com, DNS:*.cn-hangzhou-finance.oss.aliyuncs.com, DNS:*.oss-cn-hzjbp-b-console.aliyuncs.com, DNS:*.oss-cache-cn-hangzhou-j.aliyuncs.com, DNS:*.oss-cache-cn-hangzhou-j-cross.aliyuncs.com, DNS:*.oss-enet-cn-east.aliyuncs.com, DNS:*.cn-hangzhou-vpc.oss.aliyuncs.com, DNS:*.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-hangzhou.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-hangzhou-internal.oss-accesspoint.aliyuncs.com, DNS:*.cn-hangzhou.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-hangzhou.aliyuncs.com, DNS:*.s3.oss-cn-hangzhou-internal.aliyuncs.com, DNS:*.cn-hangzhou.mgw.aliyuncs.com, DNS:*.oss.cn-hangzhou.privatelink.aliyuncs.com, DNS:*.oss-cn-hangzhou.oss-object-process.aliyuncs.com, DNS:*.oss-cn-hangzhou-internal.oss-object-process.aliyuncs.com, DNS:*.s3.oss-accelerate.aliyuncs.com, DNS:*.s3.oss-accelerate-overseas.aliyuncs.com, DNS:*.cn-hangzhou-cross.mgw.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            X509v3 Subject Key Identifier: 
                A9:B4:08:AD:74:76:24:F8:94:02:09:AF:A1:CD:4B:1D:51:33:C1:61
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Feb 19 05:01:09.851 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:4C:A8:93:C6:9D:10:B5:44:EA:22:C4:6E:
                                92:C3:E2:B2:9B:DE:7D:ED:7C:E4:13:66:7C:BC:00:C6:
                                55:E5:30:FD:02:20:52:7C:85:F1:3E:EA:BE:9A:8E:4B:
                                99:EE:3E:1B:E9:01:06:7D:47:E3:D8:82:C0:E4:29:46:
                                11:A5:F1:30:AB:51
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Feb 19 05:01:09.861 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:FA:47:21:1A:96:CD:EC:11:AE:C7:7C:
                                D9:67:C2:68:9E:BC:61:58:CE:23:BD:45:DD:5F:E5:49:
                                7B:EB:33:BC:CA:02:20:70:0A:31:A8:28:9A:BD:14:21:
                                5C:0A:E9:AA:DD:72:24:80:CE:39:27:5F:A0:48:0E:9C:
                                52:D1:13:61:E3:53:47
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Feb 19 05:01:09.819 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:32:A3:F7:00:A4:8C:A6:78:04:A5:44:F7:
                                70:3D:F8:E4:8D:71:DA:26:14:63:0D:D1:34:8A:C4:5A:
                                C4:ED:62:FC:02:20:39:FD:AC:A3:E6:79:99:18:43:7D:
                                71:8D:1B:B5:39:98:E2:04:70:DD:FD:D2:4F:CD:22:0D:
                                D6:85:2E:46:B7:D5
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        27:c4:7d:9b:75:a3:41:86:a4:06:5f:b8:66:d0:3e:cd:73:9c:
        b2:ba:f0:f3:5b:b9:5c:61:75:10:f9:ec:00:3f:f1:35:1b:64:
        02:ef:a2:0b:64:fe:3a:5f:bd:59:fa:34:17:50:9f:ec:97:0d:
        e8:d9:2c:f4:30:27:5a:51:83:cf:7d:e5:ae:0f:68:b9:ec:a1:
        05:52:98:ff:1d:0b:8a:94:8a:f7:0b:32:e8:2b:91:f2:52:a8:
        ac:44:a7:ab:e0:ae:4f:7e:aa:59:d5:e0:92:e6:ea:6f:a1:3b:
        97:93:68:06:84:a1:8c:eb:76:62:39:00:ff:90:29:b2:90:4c:
        cf:36:f1:82:48:7b:d9:64:f4:6f:fc:1e:e3:90:9d:ea:e0:98:
        f3:99:cd:ca:19:6e:fd:7e:72:12:0e:b6:78:7e:a1:27:7c:a3:
        1f:e5:bc:16:ac:2c:73:fc:1d:db:37:21:6e:7d:30:1d:67:41:
        3e:8d:78:f0:08:76:83:43:df:1d:29:5b:74:9e:20:e0:10:b8:
        69:43:d2:39:ea:65:aa:8b:3f:09:23:82:a5:3a:b8:ad:7f:71:
        9d:22:d8:eb:85:ca:77:97:b1:38:29:02:5d:d1:de:04:ff:cf:
        6d:7c:ee:91:c4:34:33:dc:92:52:f9:48:0c:5f:10:40:dc:5d:
        7d:16:5c:a2

104385780 | 2024-04-15T05:41:17.020527

444 / tcp

ceph v2

897328069 | 2024-04-05T09:52:13.761732

465 / tcp

220 mail.scott000.com ESMTP

-375604792 | 2024-03-31T21:10:01.019311

502 / tcp

220 Microsoft FTP Service

1690634669 | 2024-04-08T15:59:13.441062

515 / tcp

1060450357 | 2024-04-19T03:32:58.810112

554 / tcp

RTSP/1.0 200 OK
CSeq: 1
Keep-Alive: timeout=10, max=1000
Public: DESCRIBE, SETUP, TEARDOWN, PLAY, PAUSE, SET_PARAMETER, GET_PARAMETER
Connection: Keep-Alive

-339084706 | 2024-04-03T16:53:10.329979

555 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

1412519768 | 2024-04-12T00:40:58.130942

631 / tcp

"AP0F1D85"
Connection: close

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR

1239199743 | 2024-03-30T14:53:47.980282

636 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 9-24676686-0 0NNN RT(1705910221170 116) q(-1 -1 -1 -1) r(0 -1) b1

1260221665 | 2024-04-19T00:54:48.170941

646 / tcp

\\x00\\x01\\x00\\x1c\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\x00\\x12\\x00\\x05k\\xaf\\x03\\x00\\x00\n\\x80\\x00\\x00\\x03\\x00\\x00\\x00\\x00\\x00\\x00

1300162323 | 2024-03-26T20:23:04.848570

666 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff

1308377066 | 2024-04-11T16:51:32.738786

771 / tcp

ncacn_http/1.0

-1746074029 | 2024-04-22T22:49:07.229354

789 / tcp

101 imqbroker =unV\r\n

-1970692834 | 2024-04-13T13:44:37.386332

873 / tcp

@RSYNCD: 31.0\n@RSYNCD: EXIT\n

-936692830 | 2024-04-18T00:16:36.441310

992 / tcp

HTTP/1.1 202 OK
Connection: Keep-Alive
Content-Type: text/html
Keep-Alive: timeout=15; max=19

-2017887953 | 2024-04-23T08:30:10.931211

993 / tcp

SSH-2.0-OpenSSH_7.9

1543809371 | 2024-04-09T02:01:21.986580

994 / tcp

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

-740312032 | 2024-04-24T00:05:18.628187

995 / tcp

+OK Dovecot (Ubuntu) ready.\r\n

819727972 | 2024-03-30T15:25:25.848859

1000 / tcp

SSH-2.0-OpenSSH_7.4

103159425 | 2024-04-10T17:47:50.346341

1023 / tcp

SSH-1.99-RGOS_SSH

-136006866 | 2024-04-16T07:53:31.403760

1025 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

819727972 | 2024-04-05T10:11:31.969766

1099 / tcp

SSH-2.0-OpenSSH_7.4

1741579575 | 2024-04-21T12:51:42.820664

1177 / tcp

1921398876 | 2024-04-19T13:04:06.290543

1200 / tcp

ÿý"
LinuxNode v06953 (ggfks)

login:

2087396567 | 2024-04-11T20:55:36.453818

1337 / tcp

kjnkjabhbanc283ubcsbhdc72

632542934 | 2024-04-05T23:50:42.900844

1344 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

-1986594217 | 2024-03-29T18:48:45.660361

1366 / tcp

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

555056254 | 2024-04-15T07:42:13.460673

1433 / tcp

MSSQL Server\nVersion: 171050560 (0xa320640)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: 3NXCU7QCCJGSTII\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: 3NXCU7QCCJGSTII\nNetBIOS_Computer_Name: 3NXCU7QCCJGSTII\nDNS_Domain_Name: 3NXCU7QCCJGSTII\nDNS_Computer_Name: 3NXCU7QCCJGSTII\nMsvAvFlags: 01000000\nSystem_Time: 2024-01-22 01:19:47 +0000 UTC\n\n

104385780 | 2024-04-08T23:09:12.221700

1471 / tcp

ceph v2

-541815454 | 2024-04-09T19:55:37.097662

1521 / tcp

Version:11.2.0.1.0\n"\\x00\\x00Y(DESCRIPTION=(TMP=)(VSNNUM=186646784)(ERR=1189)(ERROR_STACK=(ERROR=(CODE=1189)(EMFI=4))))

410249975 | 2024-03-30T15:07:11.738495

1599 / tcp

LNS READY<>

-1231966337 | 2024-04-19T23:05:35.969117

1604 / tcp

[ºs

1103582599 | 2024-04-22T23:35:09.866864

1723 / tcp

Firmware: 1\nHostname: Vigor\nVendor: DrayTek\n

-1477838366 | 2024-04-17T14:49:02.573374

1800 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

1745717579 | 2024-04-02T14:13:09.651804

1801 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae224e_PS-CSX-01CvJ183_33983-2857

819727972 | 2024-04-19T19:49:09.927027

1901 / tcp

SSH-2.0-OpenSSH_7.4

-1626979812 | 2024-04-04T08:16:50.606098

1911 / tcp

220 Service ready for new user.

1332639794 | 2024-04-05T22:53:06.286072

1947 / tcp

HTTP/1.1 403 Forbidden
Server: HASP LM/16.00
Content-Type: text/html

-2107996212 | 2024-04-09T03:37:24.950477

1962 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

-2107996212 | 2024-04-24T03:47:36.924883

2002 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

-1399940268 | 2024-04-01T20:22:58.825864

2003 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-358801646 | 2024-04-04T15:04:24.222512

2008 / tcp

SSH-2.0-OpenSSH_6.6.1

-1477838366 | 2024-04-16T15:03:04.392343

2021 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

-1399940268 | 2024-04-16T05:05:45.118579

2051 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-42767839 | 2024-03-26T20:14:26.969755

2065 / tcp

RFB 005.000

VNC:
  Protocol Version: 5.0

-320705161 | 2024-04-23T23:21:16.083420

2067 / tcp

versionbind

1726594447 | 2024-04-14T17:20:28.934085

2069 / tcp

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

-805362002 | 2024-03-29T21:01:08.722517

2081 / tcp

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

1690634669 | 2024-04-24T03:45:52.123951

2083 / tcp

550048729 | 2024-03-27T12:12:25.421249

2086 / tcp

ÿÿÿ
0 ...

819727972 | 2024-04-15T20:36:57.560330

2087 / tcp

SSH-2.0-OpenSSH_7.4

141730637 | 2024-04-22T23:21:19.588955

2121 / tcp

HTTP/1.0 200 OK
Server: Proxy

-971970408 | 2024-04-22T02:02:34.500733

2154 / tcp

546151771 | 2024-03-26T14:49:03.421331

2181 / tcp

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

-358801646 | 2024-04-20T21:44:39.672213

2222 / tcp

SSH-2.0-OpenSSH_6.6.1

-2112953016 | 2024-04-22T21:07:08.144939

2323 / tcp

There are too many users,please wait a moment to log in!


TELNET Negotiation:
will: Echo, Suppress Go Ahead
do: Echo, Negotiate About Window Size, Remote Flow Control

819727972 | 2024-04-21T07:58:13.421945

2332 / tcp

SSH-2.0-OpenSSH_7.4

722711397 | 2024-04-09T20:06:48.421858

2352 / tcp

\x00[M\xc3\xba\xc3\x9a\x7f\x00\x00

-2089734047 | 2024-04-22T08:45:02.861356

2404 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

745343730 | 2024-04-21T22:01:56.410545

2455 / tcp

220 smtp.qq.com Esmtp QQ Mail Server

1991883981 | 2024-04-11T07:04:12.703034

2554 / tcp

B\x00\x00\x00\xc3\xbfn\x04Too many connections

751496153 | 2024-04-01T09:10:33.034590

2628 / tcp

* OK TeamXchange IMAP4rev1 server (otyUg) ready.

-274082663 | 2024-04-14T03:28:02.043568

2761 / tcp

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

-1888448627 | 2024-04-13T20:35:14.659307

2762 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

-1729629024 | 2024-04-16T07:22:14.744576

3001 / tcp

101 imqbroker =unV

-1399940268 | 2024-04-20T19:22:02.338234

3002 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-04-22T15:09:20.984211

3050 / tcp

SSH-2.0-OpenSSH_7.4

-1399940268 | 2024-04-10T23:11:41.762732

3061 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-03-29T08:08:07.829659

3068 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-04-11T14:33:03.698122

3074 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-04-03T22:18:36.363587

3089 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1888448627 | 2024-04-20T11:16:34.591231

3099 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

-2089734047 | 2024-04-08T13:18:30.554011

3121 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-862070606 | 2024-04-11T01:00:40.727334

3260 / tcp

Login Response Success(0x0000)\nKey/Value Pairs\nAuthMethod=None\nTargetAlias=LIO Target\nTargetPortalGroupTag=1\n\n

921482974 | 2024-04-01T11:20:18.073898

3268 / tcp

HTTP/1.1 301 Moved Permanently
Location: /web/index.html
Server: HTTPD
Connection: close
Content-Type: text/html

1077013874 | 2024-04-17T02:45:01.701717

3269 / tcp

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

1623746877 | 2024-04-22T16:23:32.559090

3299 / tcp

500 Permission denied - closing connection.\r\n

-1399940268 | 2024-03-30T21:27:11.233885

3301 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1801207137 | 2024-04-11T16:28:40.997605

3306 / tcp

F\\x00\\x00\\x00\\xffj\\x04Host \'106.75.96.125\' is not allowed to connect to this MySQL server

-1399940268 | 2024-03-31T06:55:27.114245

3310 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-2031152423 | 2024-04-16T00:09:36.463532

3388 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

-2036484723 | 2024-04-11T14:16:01.762558

3389 / tcp

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x02\\x1f\\x08\\x00\\x08\\x00\\x00\\x00\n\nGuess_OS:Windows Server 2016 or 2019 or 2022\nFlag: PROTOCOL_HYBRID_EX\n

-2089734047 | 2024-04-10T03:46:26.372251

3410 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-2089734047 | 2024-04-01T07:52:04.208184

3523 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1921398876 | 2024-04-22T18:44:45.562530

3689 / tcp

ÿý"
LinuxNode v06953 (ggfks)

login:

819727972 | 2024-03-29T16:07:42.379370

3780 / tcp

SSH-2.0-OpenSSH_7.4

957278843 | 2024-04-23T22:12:55.243076

3790 / tcp

[|ox

-2096652808 | 2024-04-16T19:22:38.952986

3793 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-180163620 | 2024-04-16T18:42:06.196377

4000 / tcp

NPC Telnet permit one connection.\r\n But One connection() already keep alive.\r\nGood Bye !! \r\n

1308377066 | 2024-04-20T15:53:10.806820

4063 / tcp

ncacn_http/1.0

1911457608 | 2024-04-14T14:20:28.792625

4064 / tcp

\x00[\x00\x00\x00\x00\x00\x00

165188539 | 2024-04-23T22:22:37.688277

4117 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1914158197 | 2024-04-19T00:50:04.986043

4242 / tcp

HTTP/1.1 500 Internal Server Error
Server: nginx/1.18.11011 (Ubuntu)
Content-Type: text/plain; charset=utf-8
Connection: close

472902042 | 2024-04-04T17:42:52.110240

4282 / tcp

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

740837454 | 2024-04-20T05:06:07.047746

4321 / tcp

SSH-2.0-OpenSSH_5.3

1741579575 | 2024-04-10T09:32:13.728862

4433 / tcp

2140295939 | 2024-04-14T10:45:28.057601

4443 / tcp

HTTP/1.1 200 
Server: nginx
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache

1911457608 | 2024-04-20T21:18:25.518361

4500 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-971970408 | 2024-04-22T12:27:58.677721

4506 / tcp

-1392039491 | 2024-04-20T09:43:47.030598

4664 / tcp

"Broadband Router"

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

1282941221 | 2024-04-19T22:06:24.269971

4786 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

897328069 | 2024-03-29T20:28:48.677896

4808 / tcp

220 mail.scott000.com ESMTP

-1730858130 | 2024-04-16T15:31:03.599757

4840 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-1453516345 | 2024-04-19T13:35:17.502259

4899 / tcp

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

-1399940268 | 2024-04-15T09:59:48.918917

4911 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-04-14T17:16:50.381131

4949 / tcp

SSH-2.0-OpenSSH_7.4

117101543 | 2024-04-17T17:33:06.002505

4999 / tcp

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

103159425 | 2024-03-28T17:29:55.885971

5002 / tcp

SSH-1.99-RGOS_SSH

-1327660293 | 2024-04-23T20:56:25.477496

5005 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

996960436 | 2024-04-01T19:51:41.838793

5006 / tcp

572 Relay not authorized

-407828767 | 2024-04-23T14:34:49.413419

5007 / tcp

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

-1338936697 | 2024-04-21T15:55:36.030553

5009 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2109_PStjdxtk16_38957-48596

-249504111 | 2024-04-22T18:58:57.826853

5010 / tcp

\x00[xU-\x7f\x00\x00

599074451 | 2024-03-28T23:44:39.839039

5025 / tcp

msg

2136170042 | 2024-04-10T12:07:28.240264

5080 / tcp

HTTP/1.1 200 
Accept-Ranges: bytes
Content-Type: text/html

-358801646 | 2024-04-23T20:40:13.240699

5150 / tcp

SSH-2.0-OpenSSH_6.6.1

971933601 | 2024-04-17T13:28:21.696764

5172 / tcp

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

472902042 | 2024-04-23T22:49:49.249110

5222 / tcp

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

1359734371 | 2024-04-19T19:11:22.838766

5269 / tcp

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705938451.076-w-waf01tjgt

-146605374 | 2024-04-19T05:11:14.761218

5432 / tcp

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

-303199180 | 2024-03-25T15:48:25.431639

5594 / tcp

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

770016595 | 2024-04-13T12:14:23.900293

5601 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

575925250 | 2024-04-19T00:28:39.049946

5672 / tcp

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

2087396567 | 2024-04-09T13:30:23.832309

5858 / tcp

kjnkjabhbanc283ubcsbhdc72

704360191 | 2024-04-18T02:23:22.572315

5900 / tcp

SSH-2.0-OpenSSH_7.4

-1013082686 | 2024-04-23T00:52:13.844404

5938 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

1999272906 | 2024-04-20T22:58:38.470563

5984 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

1778988322 | 2024-03-27T08:59:20.158846

5985 / tcp

* OK GroupWise IMAP4rev1 Server Ready

2087396567 | 2024-04-18T10:46:54.690556

5986 / tcp

kjnkjabhbanc283ubcsbhdc72

1911457608 | 2024-04-05T08:53:51.122915

5990 / tcp

\x00[\x00\x00\x00\x00\x00\x00

819727972 | 2024-04-11T14:47:41.487996

6000 / tcp

SSH-2.0-OpenSSH_7.4

-1399940268 | 2024-04-03T05:29:16.507126

6001 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-03-28T15:26:01.160961

6002 / tcp

SSH-2.0-OpenSSH_7.4

1911457608 | 2024-04-20T22:22:46.494578

6007 / tcp

\x00[\x00\x00\x00\x00\x00\x00

321971019 | 2024-04-19T18:41:21.878002

6379 / tcp

-ERR client ip is not in whitelist\r

-444830029 | 2024-04-21T07:51:02.872692

6510 / tcp

HTTP/1.1 401 Unauthorized
Server: xhmmhttpsv130-20200310
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=%s
Connection: close

205347087 | 2024-04-21T19:03:50.593460

6653 / tcp

SSH-25453-Cisco-3524665.35\n

4935895 | 2024-04-08T18:23:44.019489

6666 / tcp

HTTP/1.1 400 Bad Request
Server: CloudWAF

1690634669 | 2024-04-23T05:16:44.239055

6667 / tcp

2103111368 | 2024-04-14T11:36:30.929841

6668 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

165188539 | 2024-04-15T16:02:50.287182

6697 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1492413928 | 2024-03-28T11:04:26.872403

6789 / tcp

SSH-2.0-OpenSSH_7.5

1265582946 | 2024-04-23T03:15:35.250108

7001 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2838_PS-JJN-01GM465_27752-26327

819727972 | 2024-04-22T21:17:17.389976

7003 / tcp

SSH-2.0-OpenSSH_7.4

-2096652808 | 2024-04-02T08:23:00.642350

7171 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1632932802 | 2024-04-13T09:01:20.550286

7218 / tcp

1911457608 | 2024-03-27T01:23:49.388057

7415 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1006110807 | 2024-04-23T22:13:38.145292

7443 / tcp

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
via: CHN-GDdongguan-GLOBAL1-CACHE20[3]
X-CCDN-ERRCODE-SRC: 01
X-CCDN-FORBID-CODE: 040001

819727972 | 2024-03-29T21:33:20.140104

7465 / tcp

SSH-2.0-OpenSSH_7.4

-1344535834 | 2024-04-05T01:07:47.929030

7474 / tcp

HTTP/1.0 200 OK
Server: Proxy

1991883981 | 2024-04-01T04:05:57.864886

7493 / tcp

B\x00\x00\x00\xc3\xbfn\x04Too many connections

-2089734047 | 2024-04-01T03:28:58.165215

7510 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1543809371 | 2024-04-20T02:52:32.446091

7535 / tcp

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

-984990168 | 2024-04-18T17:27:13.899724

7547 / tcp


0ÿñ

1542849631 | 2024-04-15T18:59:01.668985

7548 / tcp

* OK [CAPABILITY a2,M\] nBwXk2pPP IMAP4rev1 20qx at

-321444299 | 2024-04-08T20:26:02.495060

7989 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

-1399940268 | 2024-04-20T22:20:16.619691

7998 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1072892569 | 2024-04-20T22:22:57.905190

8001 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

1911457608 | 2024-04-20T09:44:08.108786

8009 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1279886438 | 2024-04-19T13:29:49.682159

8017 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

-1839934832 | 2024-04-02T23:51:03.941251

8018 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-274082663 | 2024-03-25T17:44:15.857037

8043 / tcp

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

1208318993 | 2024-04-14T17:06:33.618472

8048 / tcp

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

-345718689 | 2024-03-29T05:01:27.150154

8053 / tcp

Vty password is not set.

1911457608 | 2024-03-28T02:17:54.877379

8055 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1620329124 | 2024-03-27T14:36:45.886719

8057 / tcp

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\x01\xc3\xbf\xc3\xbb\x03\xc3\xbf\xc3\xbd\x01\xc3\xbf\xc3\xbe\x01Username:

-786044033 | 2024-04-15T14:20:49.396525

8060 / tcp

OK Welcome <299685> on DirectUpdate server 7286

-1399940268 | 2024-04-21T23:50:29.808715

8066 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1469211519 | 2024-04-15T08:06:34.131869

8069 / tcp

Mysql Version: 5.6.50-log
N
5.6.50-log(
G5se"tGEÿ÷-cB^3$Zwh$wM[mysql_native_password

819727972 | 2024-04-10T19:47:37.781520

8081 / tcp

SSH-2.0-OpenSSH_7.4

-1810987450 | 2024-04-09T05:18:07.638635

8085 / tcp

\xc3\xbf

472902042 | 2024-04-13T22:23:59.938323

8086 / tcp

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

-1839934832 | 2024-04-09T23:07:01.581184

8091 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-1639624373 | 2024-04-04T19:55:17.064334

8099 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae28c9_CS-000-01kgX25_35624-12255

1189133115 | 2024-03-30T11:26:42.458505

8103 / tcp

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

770016595 | 2024-04-11T22:28:59.777624

8112 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

2087396567 | 2024-04-22T05:34:48.655370

8126 / tcp

kjnkjabhbanc283ubcsbhdc72

819727972 | 2024-04-18T19:48:23.742442

8140 / tcp

SSH-2.0-OpenSSH_7.4

1690634669 | 2024-04-24T01:16:00.920747

8181 / tcp

1134517380 | 2024-04-21T11:56:26.608222

8184 / tcp

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

1320285193 | 2024-04-15T15:18:21.678399

8200 / tcp

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

-2089734047 | 2024-04-02T04:10:57.492652

8249 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-1059554316 | 2024-04-20T20:12:20.348642

8252 / tcp

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

-1399940268 | 2024-04-09T16:37:14.440949

8291 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1096654864 | 2024-03-30T05:15:48.100771

8333 / tcp

HTTP/1.0 200 OK
Server: httpd/2.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
Content-Type: text/html
Connection: close

-2118655245 | 2024-04-21T02:13:10.264168

8334 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20

-2089734047 | 2024-04-22T16:57:28.528874

8405 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

921225407 | 2024-04-02T17:38:47.994620

8413 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

937756010 | 2024-04-03T03:34:45.013689

8426 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x01\x00\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1096654864 | 2024-03-25T22:52:25.007305

8443 / tcp

HTTP/1.0 200 OK
Server: httpd/2.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
Content-Type: text/html
Connection: close

-1455149952 | 2024-04-22T14:46:24.776371

8500 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1e27_PS-000-01sNY99_31294-28028

1911457608 | 2024-04-17T22:09:36.993468

8545 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1077013874 | 2024-04-03T15:51:49.702984

8554 / tcp

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

819727972 | 2024-04-19T19:59:50.072328

8575 / tcp

SSH-2.0-OpenSSH_7.4

842535728 | 2024-04-23T23:18:49.816003

8649 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

-1399940268 | 2024-04-21T01:35:11.752116

8728 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2121220663 | 2024-04-08T22:11:41.699344

8836 / tcp

SSH-58-Ingrian_SSH\r\n

2121220663 | 2024-04-21T08:41:23.797027

8839 / tcp

SSH-58-Ingrian_SSH\r\n

1189133115 | 2024-04-11T02:14:34.256652

8863 / tcp

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

1690634669 | 2024-04-15T16:25:41.731503

8889 / tcp

-2067028711 | 2024-04-23T18:47:56.507665

9000 / tcp

\x15\x03\x01\x00\x02\x02F

-1026951088 | 2024-04-20T19:14:27.490228

9001 / tcp

erro ip

-1399940268 | 2024-04-12T00:19:04.120844

9019 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-03-30T11:18:34.638595

9043 / tcp

SSH-2.0-OpenSSH_7.4

-1032713145 | 2024-04-09T04:58:37.233620

9046 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

2087396567 | 2024-04-21T14:47:14.886446

9051 / tcp

kjnkjabhbanc283ubcsbhdc72

1082239536 | 2024-04-15T10:18:12.902760

9090 / tcp

HTTP/1.1 302 Found
Content-Length: 0
Date: Mon, 15 Apr 2024 10:18:12 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Request-Host: https://corp.aliyun.com/meeting/block-release
Set-Cookie: JSESSIONID=node01fkb6b5kokkmjw6jm3qgj5u6g718.node0; Path=/; HttpOnly
X-Frame-Options: SAMEORIGIN

117101543 | 2024-04-15T10:32:49.736815

9092 / tcp

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

-747911285 | 2024-04-10T00:30:15.027218

9095 / tcp

\xc2\xaa

-1399940268 | 2024-04-17T06:58:04.302285

9100 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1911457608 | 2024-04-14T20:15:36.126562

9104 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1850902677 | 2024-03-26T15:53:52.866929

9151 / tcp

W!

-1032713145 | 2024-04-20T06:52:43.266852

9160 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

493955023 | 2024-04-01T12:15:50.232039

9216 / tcp

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

1767345577 | 2024-04-16T03:00:02.238783

9306 / tcp

Hello, this is Quagga (version 0T).
Copyright 1996-200

233634112 | 2024-04-17T19:11:47.434370

9418 / tcp

SSH-98.60-SysaxSSH_81885..42

-1399940268 | 2024-04-04T01:26:30.847125

9433 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1948301213 | 2024-04-23T13:27:22.392622

9443 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

-146605374 | 2024-04-23T10:49:14.334542

9530 / tcp

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

2121220663 | 2024-04-20T07:19:46.699683

9600 / tcp

SSH-58-Ingrian_SSH\r\n

819727972 | 2024-03-30T13:06:20.662831

9633 / tcp

SSH-2.0-OpenSSH_7.4

-1105333987 | 2024-04-19T16:26:43.155923

9761 / tcp

\x00[KpU\x7f\x00\x00

1721921834 | 2024-04-18T06:42:01.541717

9876 / tcp

\\x00\\x00\\x01+\\x00\\x00\\x00_{"code":0,"flag":1,"language":"JAVA","opaque":0,"serializeTypeCurrentRPC":"JSON","version":433}{"brokerAddrTable":{"broker-a":{"brokerAddrs":{0:"180.116.172.66:10911"},"brokerName":"broker-a","cluster":"DefaultCluster","enableActingMaster":false}},"clusterAddrTable":{"DefaultCluster":["broker-a"]}}

770016595 | 2024-04-19T13:38:37.873615

9944 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

-1399940268 | 2024-04-14T08:06:56.991251

9950 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-04-20T05:39:24.550174

9992 / tcp

SSH-2.0-OpenSSH_7.4

1637038794 | 2024-04-10T02:07:48.033206

9998 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2521_PS-PEK-015Wj25_25111-50596

1161309183 | 2024-04-23T22:47:41.830302

9999 / tcp

ProxyServer is ready

-441419608 | 2024-04-18T19:02:17.279363

10000 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

1492413928 | 2024-04-23T21:34:22.941504

10001 / tcp

SSH-2.0-OpenSSH_7.5

-2089734047 | 2024-04-15T13:56:02.175160

10134 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

660175493 | 2024-04-05T22:21:26.149706

10250 / tcp

539065883 | 2024-04-08T17:40:04.697472

10443 / tcp

-971970408 | 2024-03-31T23:03:31.800302

10554 / tcp

-1399940268 | 2024-04-13T13:33:32.838424

10909 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-407828767 | 2024-04-23T23:00:29.348288

10911 / tcp

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

408230060 | 2024-04-17T05:00:51.942119

11000 / tcp

\r\nSorry, that nickname format is invalid.\r\n

-1730858130 | 2024-04-14T04:39:00.930291

11112 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-142686627 | 2024-04-10T06:36:18.471593

11210 / tcp

\x00[\xc2\xba\x7fs\x7f\x00\x00

-136006866 | 2024-04-23T18:04:04.443825

11211 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

-2096652808 | 2024-04-20T15:35:04.357254

11300 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

142594048 | 2024-04-19T07:16:06.511012

12345 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae29bb_CS-000-01pYi173_32176-13938

1911457608 | 2024-04-21T20:33:52.552722

14147 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-04-22T00:13:57.235302

14265 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1911457608 | 2024-04-02T23:03:12.881084

14344 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1461540015 | 2024-04-18T22:25:43.149724

16010 / tcp

audio 0 RTP/AVP 18 4 3 8 0 101
a

-1840324437 | 2024-04-19T00:59:32.091420

16992 / tcp

-303199180 | 2024-04-18T16:27:36.798158

18081 / tcp

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

1134517380 | 2024-04-11T22:02:27.833137

18245 / tcp

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

842535728 | 2024-04-08T17:47:48.279094

18553 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

-2089734047 | 2024-04-16T15:13:56.035953

19000 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1900503736 | 2024-03-26T12:54:47.485803

20000 / tcp

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

-1428621233 | 2024-04-23T15:48:39.632754

20256 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

-358707605 | 2024-04-23T16:20:27.733908

20547 / tcp

HTTP/1.1 200
Accept-Ranges: bytes
Content-Type: text/html;charset=UTF-8
Content-Length: 391
Connect-To: https://qd-gatway.aliyuncs.com/table/tree-land/nacos/

<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="UTF-8">
	<title>Nacos</title>
	<link rel="shortcut icon" href="/nacos/console-ui/public/img/nacos-logo.png" type="image/x-icon">

<link href="./css/main.css" rel="stylesheet"></head>
<body>
	<div id="root" style="overflow:hidden"></div>
	<div id="app"></div>
	<div id="other"></div>

</body>

-1399940268 | 2024-04-21T18:03:11.034930

21379 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-2046514463 | 2024-04-21T12:41:24.666177

25001 / tcp

AB\x01\t

1261582754 | 2024-03-30T19:38:22.191714

25105 / tcp

unknown command 
unknown command

819727972 | 2024-04-11T12:32:49.043431

25565 / tcp

SSH-2.0-OpenSSH_7.4

1763259671 | 2024-04-23T22:38:03.807067

27017 / tcp

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

676476721 | 2024-04-22T21:13:50.514809

28107 / tcp

ELM Enterprise Manager _l
Copyright © 18668511-928641920 TNT Software, Inc.

966099654 | 2024-04-10T19:13:47.106523

30002 / tcp

[výC

1956828827 | 2024-04-22T05:33:32.349861

30003 / tcp

220 VMware Authentication Daemon Version 1.10: SSL Required, Se
rverDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t

-147424911 | 2024-03-26T21:52:57.001644

31337 / tcp

HTTP/1.1 404 Not Found
Content Length: 0

2087396567 | 2024-04-22T15:33:15.514057

32764 / tcp

kjnkjabhbanc283ubcsbhdc72

1911457608 | 2024-04-10T03:16:08.541013

35000 / tcp

\x00[\x00\x00\x00\x00\x00\x00

472902042 | 2024-04-10T22:44:18.447281

37215 / tcp

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

-1986594217 | 2024-04-09T22:13:00.026092

37777 / tcp

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

819727972 | 2024-04-13T19:18:34.410117

41800 / tcp

SSH-2.0-OpenSSH_7.4

1210754493 | 2024-04-18T01:09:32.099197

44818 / tcp

0\x0c\x02\x01\x01a\x07\n\x01\x00\x04\x00\x04\x00

2087396567 | 2024-04-02T19:45:46.173917

47990 / tcp

kjnkjabhbanc283ubcsbhdc72

854539422 | 2024-04-08T16:14:16.909861

49152 / tcp

HTTP/1.1 500 Internal Server Error
CONTENT-LENGTH: 411
CONTENT-TYPE: text/xml; charset="utf-8"
DATE: Mon, 22 Jan 2024 16:32:35 GMT
EXT:
SERVER: Linux/3.10.0, UPnP/1.0, Portable SDK for UPnP devices/1.6.18
X-User-Agent: redsonic

1865391109 | 2024-03-29T19:05:08.530436

49153 / tcp

HTTP/1.1 408 Request Timeout
content-length: 0

-274082663 | 2024-04-16T12:21:22.791079

50000 / tcp

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

-321444299 | 2024-04-11T11:13:18.194249

50050 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

-1760806421 | 2024-04-10T04:58:05.908608

50070 / tcp

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected

1231376952 | 2024-04-23T04:38:35.725980

50100 / tcp

2009276894 | 2024-04-18T02:00:44.393343

51106 / tcp

N
5.6.40-logÅTUNEgVX2
¢!xlB...

-1476017887 | 2024-04-23T04:51:30.569849

51235 / tcp

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

-1261090339 | 2024-04-18T21:14:47.014453

54138 / tcp

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

660175493 | 2024-03-29T10:21:52.897617

55443 / tcp

1741579575 | 2024-04-16T01:21:13.830053

55553 / tcp

841014058 | 2024-04-08T19:41:31.526964

55554 / tcp

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

401555314 | 2024-04-03T18:45:03.653779

60129 / tcp

NB[GFXjA^R

-1230049476 | 2024-04-23T20:40:28.249578

61613 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

550048729 | 2024-04-19T14:08:36.988644

61616 / tcp

ÿÿÿ
0 ...

1842317374 | 2024-04-19T17:42:02.028123

62078 / tcp

/1.1 400 Bad Request
Server: nginx/1.13.0
Content-Type: text/html
Connection: close

47.110.177.150

Last Seen: 2024-04-24

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

819727972 | 2024-04-18T13:30:17.178941 11 / tcp

1100205395 | 2024-04-19T16:39:28.525415 13 / tcp

1286504516 | 2024-04-11T07:34:17.566099 15 / tcp

620044682 | 2024-04-23T08:03:40.483112 19 / tcp

460589547 | 2024-04-10T12:33:25.006992 23 / tcp

1363464823 | 2024-04-14T06:08:54.385617 25 / tcp

-1624690781 | 2024-04-03T19:16:34.452304 37 / tcp

-1839934832 | 2024-04-23T21:31:47.058151 43 / tcp

-359657882 | 2024-03-26T14:31:28.221288 49 / tcp

-1016957059 | 2024-04-09T18:20:04.684743 53 / tcp

175081126 | 2024-04-17T18:02:44.442852 70 / tcp

268196945 | 2024-04-18T20:12:49.249549 79 / tcp

-614884918 | 2024-04-22T22:35:02.019213 80 / tcp

-1344535834 | 2024-04-20T16:09:12.077706 82 / tcp

-2046514463 | 2024-03-30T12:07:34.570494 90 / tcp

-784071826 | 2024-04-04T02:32:13.900906 91 / tcp

-1399940268 | 2024-04-17T09:44:22.750378 102 / tcp

-375604792 | 2024-04-05T21:34:39.342258 104 / tcp

-2017887953 | 2024-04-19T22:26:17.283822 110 / tcp

-1999117212 | 2024-04-20T21:53:49.374272 111 / tcp

-1777894858 | 2024-04-15T09:12:24.217898 113 / tcp

141730637 | 2024-04-22T02:25:29.079196 119 / tcp

-1279886438 | 2024-04-01T08:04:15.921023 122 / tcp

1771091364 | 2024-04-05T22:25:46.707964 143 / tcp

-1265999252 | 2024-04-21T03:15:42.259246 175 / tcp

-399606100 | 2024-04-16T23:01:55.836014 179 / tcp

-971970408 | 2024-04-18T07:37:04.016235 195 / tcp

-2089734047 | 2024-04-13T23:11:50.295583 221 / tcp

-654288545 | 2024-04-02T01:18:57.792430 264 / tcp

-1547976805 | 2024-04-16T03:42:09.087306 311 / tcp

-1907365813 | 2024-04-21T00:31:26.904372 340 / tcp

-1907080992 | 2024-04-24T05:33:43.479633 389 / tcp

1998636604 | 2024-04-17T18:18:41.141506 427 / tcp

-197953601 | 2024-04-20T08:53:04.458822 443 / tcp

104385780 | 2024-04-15T05:41:17.020527 444 / tcp

897328069 | 2024-04-05T09:52:13.761732 465 / tcp

-375604792 | 2024-03-31T21:10:01.019311 502 / tcp

1690634669 | 2024-04-08T15:59:13.441062 515 / tcp

1060450357 | 2024-04-19T03:32:58.810112 554 / tcp

-339084706 | 2024-04-03T16:53:10.329979 555 / tcp

1412519768 | 2024-04-12T00:40:58.130942 631 / tcp

1239199743 | 2024-03-30T14:53:47.980282 636 / tcp

1260221665 | 2024-04-19T00:54:48.170941 646 / tcp

1300162323 | 2024-03-26T20:23:04.848570 666 / tcp

1308377066 | 2024-04-11T16:51:32.738786 771 / tcp

-1746074029 | 2024-04-22T22:49:07.229354 789 / tcp

-1970692834 | 2024-04-13T13:44:37.386332 873 / tcp

-936692830 | 2024-04-18T00:16:36.441310 992 / tcp

-2017887953 | 2024-04-23T08:30:10.931211 993 / tcp

1543809371 | 2024-04-09T02:01:21.986580 994 / tcp

-740312032 | 2024-04-24T00:05:18.628187 995 / tcp

819727972 | 2024-03-30T15:25:25.848859 1000 / tcp

103159425 | 2024-04-10T17:47:50.346341 1023 / tcp

-136006866 | 2024-04-16T07:53:31.403760 1025 / tcp

819727972 | 2024-04-05T10:11:31.969766 1099 / tcp

1741579575 | 2024-04-21T12:51:42.820664 1177 / tcp

1921398876 | 2024-04-19T13:04:06.290543 1200 / tcp

2087396567 | 2024-04-11T20:55:36.453818 1337 / tcp

632542934 | 2024-04-05T23:50:42.900844 1344 / tcp

-1986594217 | 2024-03-29T18:48:45.660361 1366 / tcp

555056254 | 2024-04-15T07:42:13.460673 1433 / tcp

104385780 | 2024-04-08T23:09:12.221700 1471 / tcp

-541815454 | 2024-04-09T19:55:37.097662 1521 / tcp

410249975 | 2024-03-30T15:07:11.738495 1599 / tcp

-1231966337 | 2024-04-19T23:05:35.969117 1604 / tcp

1103582599 | 2024-04-22T23:35:09.866864 1723 / tcp

-1477838366 | 2024-04-17T14:49:02.573374 1800 / tcp

1745717579 | 2024-04-02T14:13:09.651804 1801 / tcp

819727972 | 2024-04-19T19:49:09.927027 1901 / tcp

-1626979812 | 2024-04-04T08:16:50.606098 1911 / tcp

1332639794 | 2024-04-05T22:53:06.286072 1947 / tcp

-2107996212 | 2024-04-09T03:37:24.950477 1962 / tcp

-2107996212 | 2024-04-24T03:47:36.924883 2002 / tcp

819727972 | 2024-04-18T13:30:17.178941
11 / tcp

1100205395 | 2024-04-19T16:39:28.525415
13 / tcp

1286504516 | 2024-04-11T07:34:17.566099
15 / tcp

620044682 | 2024-04-23T08:03:40.483112
19 / tcp

460589547 | 2024-04-10T12:33:25.006992
23 / tcp

1363464823 | 2024-04-14T06:08:54.385617
25 / tcp

-1624690781 | 2024-04-03T19:16:34.452304
37 / tcp

-1839934832 | 2024-04-23T21:31:47.058151
43 / tcp

-359657882 | 2024-03-26T14:31:28.221288
49 / tcp

-1016957059 | 2024-04-09T18:20:04.684743
53 / tcp

175081126 | 2024-04-17T18:02:44.442852
70 / tcp

268196945 | 2024-04-18T20:12:49.249549
79 / tcp

-614884918 | 2024-04-22T22:35:02.019213
80 / tcp

-1344535834 | 2024-04-20T16:09:12.077706
82 / tcp

-2046514463 | 2024-03-30T12:07:34.570494
90 / tcp

-784071826 | 2024-04-04T02:32:13.900906
91 / tcp

-1399940268 | 2024-04-17T09:44:22.750378
102 / tcp

-375604792 | 2024-04-05T21:34:39.342258
104 / tcp

-2017887953 | 2024-04-19T22:26:17.283822
110 / tcp

-1999117212 | 2024-04-20T21:53:49.374272
111 / tcp

-1777894858 | 2024-04-15T09:12:24.217898
113 / tcp

141730637 | 2024-04-22T02:25:29.079196
119 / tcp

-1279886438 | 2024-04-01T08:04:15.921023
122 / tcp

1771091364 | 2024-04-05T22:25:46.707964
143 / tcp

-1265999252 | 2024-04-21T03:15:42.259246
175 / tcp

-399606100 | 2024-04-16T23:01:55.836014
179 / tcp

-971970408 | 2024-04-18T07:37:04.016235
195 / tcp

-2089734047 | 2024-04-13T23:11:50.295583
221 / tcp

-654288545 | 2024-04-02T01:18:57.792430
264 / tcp

-1547976805 | 2024-04-16T03:42:09.087306
311 / tcp

-1907365813 | 2024-04-21T00:31:26.904372
340 / tcp

-1907080992 | 2024-04-24T05:33:43.479633
389 / tcp

1998636604 | 2024-04-17T18:18:41.141506
427 / tcp

-197953601 | 2024-04-20T08:53:04.458822
443 / tcp

104385780 | 2024-04-15T05:41:17.020527
444 / tcp

897328069 | 2024-04-05T09:52:13.761732
465 / tcp

-375604792 | 2024-03-31T21:10:01.019311
502 / tcp

1690634669 | 2024-04-08T15:59:13.441062
515 / tcp

1060450357 | 2024-04-19T03:32:58.810112
554 / tcp

-339084706 | 2024-04-03T16:53:10.329979
555 / tcp

1412519768 | 2024-04-12T00:40:58.130942
631 / tcp

1239199743 | 2024-03-30T14:53:47.980282
636 / tcp

1260221665 | 2024-04-19T00:54:48.170941
646 / tcp

1300162323 | 2024-03-26T20:23:04.848570
666 / tcp

1308377066 | 2024-04-11T16:51:32.738786
771 / tcp

-1746074029 | 2024-04-22T22:49:07.229354
789 / tcp

-1970692834 | 2024-04-13T13:44:37.386332
873 / tcp

-936692830 | 2024-04-18T00:16:36.441310
992 / tcp

-2017887953 | 2024-04-23T08:30:10.931211
993 / tcp

1543809371 | 2024-04-09T02:01:21.986580
994 / tcp

-740312032 | 2024-04-24T00:05:18.628187
995 / tcp

819727972 | 2024-03-30T15:25:25.848859
1000 / tcp

103159425 | 2024-04-10T17:47:50.346341
1023 / tcp

-136006866 | 2024-04-16T07:53:31.403760
1025 / tcp

819727972 | 2024-04-05T10:11:31.969766
1099 / tcp

1741579575 | 2024-04-21T12:51:42.820664
1177 / tcp

1921398876 | 2024-04-19T13:04:06.290543
1200 / tcp

2087396567 | 2024-04-11T20:55:36.453818
1337 / tcp

632542934 | 2024-04-05T23:50:42.900844
1344 / tcp

-1986594217 | 2024-03-29T18:48:45.660361
1366 / tcp

555056254 | 2024-04-15T07:42:13.460673
1433 / tcp

104385780 | 2024-04-08T23:09:12.221700
1471 / tcp

-541815454 | 2024-04-09T19:55:37.097662
1521 / tcp

410249975 | 2024-03-30T15:07:11.738495
1599 / tcp

-1231966337 | 2024-04-19T23:05:35.969117
1604 / tcp

1103582599 | 2024-04-22T23:35:09.866864
1723 / tcp

-1477838366 | 2024-04-17T14:49:02.573374
1800 / tcp

1745717579 | 2024-04-02T14:13:09.651804
1801 / tcp

819727972 | 2024-04-19T19:49:09.927027
1901 / tcp

-1626979812 | 2024-04-04T08:16:50.606098
1911 / tcp

1332639794 | 2024-04-05T22:53:06.286072
1947 / tcp

-2107996212 | 2024-04-09T03:37:24.950477
1962 / tcp

-2107996212 | 2024-04-24T03:47:36.924883
2002 / tcp

-1399940268 | 2024-04-01T20:22:58.825864
2003 / tcp

-358801646 | 2024-04-04T15:04:24.222512
2008 / tcp

-1477838366 | 2024-04-16T15:03:04.392343
2021 / tcp

-1399940268 | 2024-04-16T05:05:45.118579
2051 / tcp

-42767839 | 2024-03-26T20:14:26.969755
2065 / tcp

-320705161 | 2024-04-23T23:21:16.083420
2067 / tcp

1726594447 | 2024-04-14T17:20:28.934085
2069 / tcp