GeneralInformation

Hostnames	anqi9988.1688.com axjanja.1688.com fvzebogs.1688.com qichebaijian.1688.com shog1442508391642.1688.com shog3078o27060063.1688.com shog6xg1q03654180.1688.com shop6239730h56062.1688.com szdyyyxs.1688.com vidigod.1688.com yhnkwj.1688.com attg.ojibobo-ina.aon.alibaba-inc.com heno.stors.ojibobo-ina.aon.alibaba-inc.com svnort.stors.ojibobo-ina.aon.alibaba-inc.com xbootogs.ojibobo-ina.aon.alibaba-inc.com buc-test-qier.alibaba-inc.com hhpai-dsw-dsw56392-80.pcs-svr.alibaba-inc.com qt-changeplatform.alibaba.net ens-network-sqos-hybrid.alicdn.com 119152.aliexpress.com connect.aliexpress.com 1111.alimama.com sec.alimama.com stlacct.alimama.com www22.aliwork.com ob-gre.ojiyvn-ina.aon.aliyun-inc.com sahedvjer.ojiyvn-ina.aon.aliyun-inc.com yvndvn-idi-server.ojiyvn-ina.aon.aliyun-inc.com aliyun.com adsprobe.aliyun.com alimama2.aliyun.com aloc-offline.aliyun.com iot.ap-southeast-1.aliyun.com api.aliyun.com bi.aliyun.com sandbox.aliyun.com shop2b0883416a7i9.aliyun.com das.base.shuju.aliyun.com auth.wms.aliyun.com eai-vga.an-beijing.aliyuncs.com eas.an-hvhehoote.aliyuncs.com ajovdovth-intj.an-shonghoi.aliyuncs.com eci-vpc.ap-southeast-1.aliyuncs.com netriahvb-ans-an-beijing.aliyuncs.com cn-hangzhou.oss.aliyuncs.com qtnetria-shore.aliyuncs.com og-sovtheost-1.ron-internoj.aliyuncs.com m5-zb.amap.com nextci.amap.com xmap-alg-deploy-prepub.amap.com services-iss-sh.cainiao-inc.com b-manage.gfn.cainiao.com manage-cmscn.gfn.cainiao.com link.wt.cainiao.com hm1.cnzz.com api.dingtalk.com app87100.eapps.dingtalkcloud.com www.yx.fusion.design api.ascp-fresh-produce.hemayx.cn interact.sh sellercenter-my-staging.lazada-seller.cn acs-m-sg.lazada.co.id admin.lazada.co.id new-university.lazada.co.id ssc.lazada.co.id lighthouse.lazada.co.th pre-ids-gpcb.lazada.com sellercenter.lazada.com.my u.lazada.com.my m.sellercenter.lazada.com.ph email.fc.lazada.sg admin-p.lazada.vn university.lazada.vn www.lex.co.id 10yuankaihutiyanjin-okta-network-drookings-mirror.accept.lex.vn nrcm.lydaas.com www2s.mashort.cn console-fc.alpha.redmart.com stars.shuqireader.com ddd.taobao.com dod-tiger.taobao.com gigsijk.taobao.com gvonghe.taobao.com hovonojogin.taobao.com ojiaert.taobao.com shog36236233.taobao.com shog36315220.taobao.com shog36346889.taobao.com shog36600642.taobao.com shog36621603.taobao.com shog36977584.taobao.com shop36579394.taobao.com shop36674442.taobao.com svbdoy.sinbo.taobao.com svbdoy2.sinbo.taobao.com yqza.taobao.com ocache.taobao.net opsx.vip.tbsite.net detoij.tmall.com jielitushu.tmall.com mail.wondfo.com.cn
Domains	1688.com alibaba-inc.com alibaba.net alicdn.com aliexpress.com alimama.com aliwork.com aliyun-inc.com aliyun.com aliyuncs.com amap.com cainiao-inc.com cainiao.com cnzz.com dingtalk.com dingtalkcloud.com fusion.design hemayx.cn interact.sh lazada-seller.cn lazada.co.id lazada.co.th lazada.com lazada.com.my lazada.com.ph lazada.sg lazada.vn lex.co.id lex.vn lydaas.com mashort.cn redmart.com shuqireader.com taobao.com taobao.net tbsite.net tmall.com wondfo.com.cn
Country	China
City	Hangzhou
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

UI frameworks

Bootstrap

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-51767	OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
CVE-2023-51385	In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
CVE-2023-51384	In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
CVE-2023-48795	The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
CVE-2023-38408	The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
CVE-2021-41617	4.4sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
CVE-2021-36368	2.6An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.
CVE-2020-15778	6.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."
CVE-2020-14145	4.3The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
CVE-2019-6111	5.8An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
CVE-2019-6110	4.0In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
CVE-2019-6109	4.0An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
CVE-2019-16905	4.4OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.
CVE-2018-20685	2.6In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2018-15919	5.0Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'
CVE-2018-15473	5.0OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
CVE-2017-15906	5.0The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
CVE-2016-3115	5.5Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.
CVE-2016-20012	4.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product
CVE-2016-1908	7.5The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
CVE-2016-10708	5.0sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
CVE-2016-10012	7.2The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.
CVE-2016-10011	2.1authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
CVE-2016-10010	6.9sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
CVE-2016-10009	7.5Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
CVE-2016-0777	4.0The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
CVE-2015-6564	6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.
CVE-2015-6563	1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.
CVE-2015-5600	8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.
CVE-2015-5352	4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.
CVE-2014-2653	5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
CVE-2014-2532	5.8sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
CVE-2014-1692	7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.
CVE-2012-0814	3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
CVE-2011-5000	3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
CVE-2011-4327	2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
CVE-2010-5107	5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
CVE-2010-4755	4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
CVE-2010-4478	7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
CVE-2008-3844	9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
CVE-2007-2768	4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

13 15 17 19 21 22 23 25 26 37 43 49 53 70 79 80 83 92 100 102 104 110 113 119 131 139 175 179 195 264 311 389 427 443 444 448 449 465 502 503 515 548 587 593 636 666 771 789 806 888 992 993 995 999 1023 1025 1099 1153 1177 1200 1234 1311 1337 1388 1400 1433 1515 1599 1604 1723 1741 1801 1830 1883 1911 1926 1947 1951 1962 2000 2002 2003 2008 2051 2058 2059 2060 2064 2067 2070 2081 2082 2083 2087 2100 2111 2121 2122 2154 2181 2222 2323 2332 2345 2375 2376 2404 2455 2480 2628 2761 2762 3001 3050 3067 3072 3104 3108 3111 3260 3268 3269 3299 3301 3306 3307 3310 3337 3388 3389 3443 3542 3551 3562 3749 3780 3790 3838 3951 3952 4000 4022 4040 4063 4064 4100 4157 4242 4282 4321 4369 4433 4443 4444 4500 4506 4523 4782 4786 4840 4848 4899 4911 4949 4999 5000 5001 5004 5005 5006 5007 5009 5010 5025 5201 5269 5432 5598 5601 5672 5858 5907 5938 5984 6000 6001 6002 6006 6264 6308 6379 6443 6633 6650 6653 6664 6666 6667 7001 7004 7005 7171 7218 7415 7434 7443 7444 7537 7547 7548 7634 7887 7989 8001 8002 8005 8009 8010 8014 8045 8048 8081 8083 8085 8087 8089 8094 8098 8099 8104 8112 8126 8139 8140 8181 8200 8291 8333 8334 8402 8403 8410 8427 8431 8443 8447 8448 8500 8545 8554 8575 8637 8688 8728 8784 8789 8791 8802 8803 8804 8813 8818 8829 8834 8836 8879 8880 8890 8989 9000 9001 9002 9019 9040 9042 9043 9044 9045 9048 9051 9090 9091 9092 9095 9100 9151 9160 9215 9217 9303 9306 9443 9530 9595 9600 9633 9761 9800 9943 9944 9998 9999 10000 10001 10134 10250 10443 10554 10909 11000 11112 11210 11300 12000 12345 14265 16992 18245 18553 19000 20000 20256 20547 21025 21379 23023 25001 25565 27015 27017 28015 28080 31337 32400 32764 33060 35000 37777 41800 44818 49153 50000 50050 50100 51106 51235 54138 55000 55442 55443 55553 55554 60030 61613 61616 62078 65522

1725312227 | 2024-05-05T00:54:44.544651

13 / tcp

12:06:55 2024/1/22

2087396567 | 2024-04-25T22:01:41.056509

15 / tcp

kjnkjabhbanc283ubcsbhdc72

-390388957 | 2024-05-05T03:06:46.947110

17 / tcp

"A wonderful fact to reflect upon, that every human creature is constituted
 to be that profound secret and mystery to every other."
 Charles Dickens (1812-70)

676476721 | 2024-05-12T02:56:31.578508

19 / tcp

ELM Enterprise Manager _l
Copyright © 18668511-928641920 TNT Software, Inc.

1564456597 | 2024-05-17T17:07:01.592606

21 / tcp

220 Firewall Authentication required before proceeding with service

167209503 | 2024-05-13T15:38:29.133973

22 / tcp

SSH-2.0-OpenSSH_6.6.1\r\n

460589547 | 2024-05-12T18:58:56.475844

23 / tcp

ZyXEL VDSL Router

-1730858130 | 2024-05-19T13:00:41.072386

25 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-1265999252 | 2024-04-27T12:00:34.944178

26 / tcp

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

1842948889 | 2024-05-11T17:48:11.542290

37 / tcp

431 Unab

-146605374 | 2024-05-15T05:17:55.501099

43 / tcp

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

588096080 | 2024-05-18T06:31:43.607145

49 / tcp

\\x00\\x00\\x01\\x00

-1665400173 | 2024-05-10T06:14:35.125599

53 / tcp

9\n\\x81\\x05\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x08clients1\\x06google\\x03com\\x00\\x00\\x01\\x00\\x01\n\\x00\\x06\\x81\\x05\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x07version\\x04bind\\x00\\x00\\x10\\x00\\x03

1738069263 | 2024-05-10T21:19:29.466558

70 / tcp

\x01remshd: Kerberos Authentication not enabled.

-1846450790 | 2024-05-10T22:58:39.729484

79 / tcp

<html>
<head><title>400 Bad Request</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.4.7</center>
</body>
</html>

-1068310195 | 2024-05-18T08:37:30.676867

80 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Sat, 18 May 2024 08:37:30 GMT
Content-Type: application/xml
Content-Length: 346
Connection: keep-alive
x-oss-request-id: 664868CAA701303032B3DBC5
x-oss-server-time: 1
x-oss-ec: 0003-00001201

550048729 | 2024-05-01T14:03:42.066370

83 / tcp

ÿÿÿ
0 ...

-2096652808 | 2024-04-25T02:53:27.222425

92 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-1641514916 | 2024-05-11T05:14:43.734795

100 / tcp

* OK Merak 1dFUa2 IMAP4rev1

819727972 | 2024-05-19T13:05:37.232923

102 / tcp

SSH-2.0-OpenSSH_7.4

1126993057 | 2024-05-10T03:26:17.751040

104 / tcp

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

-358801646 | 2024-05-20T22:41:16.244849

110 / tcp

SSH-2.0-OpenSSH_6.6.1

60948681 | 2024-05-09T23:39:59.516460

113 / tcp

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).

141730637 | 2024-05-04T05:32:42.097546

119 / tcp

HTTP/1.0 200 OK
Server: Proxy

-457235091 | 2024-04-23T23:22:07.530247

131 / tcp

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

-1270998736 | 2024-05-10T07:55:59.640448

139 / tcp

\\x83\\x00\\x00\\x01\\x8f

819727972 | 2024-05-17T16:20:20.079630

175 / tcp

SSH-2.0-OpenSSH_7.4

-399606100 | 2024-05-11T23:06:57.497896

179 / tcp

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

-971970408 | 2024-05-06T23:53:32.254079

195 / tcp

-1547821026 | 2024-05-10T09:56:50.764957

264 / tcp

CheckPoint\nFirewall Host: CPFWVSX1A_Audi_ODP_S2S_vsfw\nSmartCenter Host: admin..afx8nn\\x00\n

67948279 | 2024-05-06T02:46:55.833264

311 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET

811247330 | 2024-05-06T12:30:32.074780

389 / tcp

HTTP/1.1 200 OK
Server: Apache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet, nosnippet, notranslate, noimageindex
Content-Type: text/html; charset=utf-8

928665344 | 2024-05-19T03:30:32.213659

427 / tcp

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://127.0.0.1\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:ipmi\nservice:cdserver\nservice:fdserver\nservice:hdserver\nservice:adviser\nservice:lighttpd\nB://l:87/x\n

725818518 | 2024-05-13T03:19:10.540532

443 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Mon, 13 May 2024 03:19:10 GMT
Content-Type: application/xml
Content-Length: 346
Connection: keep-alive
x-oss-request-id: 664186AEBF9C6A3938431214
x-oss-server-time: 0
x-oss-ec: 0003-00001201

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:21:e4:e5:73:fc:7f:09:2a:04:98:d5
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: Feb 19 05:01:07 2024 GMT
            Not After : Mar 22 05:01:06 2025 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=cn-hangzhou.oss.aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e4:33:85:33:df:c3:af:64:36:c4:2f:07:75:c9:
                    3a:b3:26:75:db:43:da:5c:3a:52:cd:1a:22:6e:91:
                    63:82:4a:49:60:30:02:b2:57:00:98:0e:8d:7c:8a:
                    70:cf:bf:d6:9b:82:41:ea:ba:94:fb:3a:bb:e8:7c:
                    2f:79:90:84:d7:a7:24:a3:ef:ee:6a:a7:8e:cf:2a:
                    e0:d1:9a:ac:9c:b6:8c:0c:a4:2f:62:20:54:e0:14:
                    86:b1:3c:7a:30:f2:19:7e:d1:39:17:e9:d6:18:6e:
                    c3:33:ed:1a:4c:e1:9c:89:36:0f:3c:4c:c7:85:60:
                    6e:18:95:3c:c7:a5:3e:77:2e:3a:bb:a8:ff:56:38:
                    37:86:64:c1:7f:36:de:ac:0f:53:7e:b2:09:3e:e0:
                    7a:12:10:10:fb:73:5d:d8:44:08:54:86:67:b0:f9:
                    7d:c4:5a:e4:bf:09:89:1e:c4:8c:fe:0f:de:e3:00:
                    7b:3c:95:53:77:3c:78:dc:c6:13:a1:d2:89:33:66:
                    f1:ef:82:ea:9d:48:1e:5e:ee:cc:26:6c:4e:22:5c:
                    70:e5:4f:6e:9f:29:f2:96:e2:32:8f:1f:f5:ce:7c:
                    59:a7:ce:66:16:c6:1d:8a:e4:f2:3b:ae:7d:4c:23:
                    40:3b:65:06:b9:02:54:82:88:ed:c5:5f:25:7b:db:
                    53:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
            X509v3 Subject Alternative Name: 
                DNS:cn-hangzhou.oss.aliyuncs.com, DNS:*.oss-cn-hangzhou.aliyuncs.com, DNS:*.img-cn-hangzhou-internal.aliyuncs.com, DNS:*.oss-cn-hzjbp-a-internal.aliyuncs.com, DNS:*.oss-cn-hangzhou-internal.aliyuncs.com, DNS:*.oss-cn-hangzhou-diku-internal.aliyuncs.com, DNS:*.cn-hangzhou.oss.aliyuncs.com, DNS:*.oss-enet-cm.aliyuncs.com, DNS:*.cn-hangzhou.oss-internal-cross.aliyun-inc.com, DNS:*.oss-cn-hangzhou-am101.aliyuncs.com, DNS:*.oss-internal.aliyuncs.com, DNS:*.oss-accelerate.aliyuncs.com, DNS:*.oss-cn-hzjbp-b-internal.aliyuncs.com, DNS:*.img-cn-hangzhou.aliyuncs.com, DNS:*.oss-accelerate-overseas.aliyuncs.com, DNS:*.oss-cn-hangzhou-zmf.aliyuncs.com, DNS:*.oss-cn-hangzhou-hsa.aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.oss.aliyuncs.com, DNS:*.oss-cn-hangzhou-cross.aliyuncs.com, DNS:*.vpc100-oss-cn-hangzhou.aliyuncs.com, DNS:*.oss-cn-hzfinance.aliyuncs.com, DNS:*.oss-enet.aliyuncs.com, DNS:*.cn-hangzhou.oss-internal.aliyuncs.com, DNS:*.oss-enet-cu.aliyuncs.com, DNS:*.oss-enet-ct.aliyuncs.com, DNS:*.oss-cn-hangzhou-zmf-internal.aliyuncs.com, DNS:*.oss-cn-hzfinance-internal.aliyuncs.com, DNS:*.cn-hangzhou-finance.oss.aliyuncs.com, DNS:*.oss-cn-hzjbp-b-console.aliyuncs.com, DNS:*.oss-cache-cn-hangzhou-j.aliyuncs.com, DNS:*.oss-cache-cn-hangzhou-j-cross.aliyuncs.com, DNS:*.oss-enet-cn-east.aliyuncs.com, DNS:*.cn-hangzhou-vpc.oss.aliyuncs.com, DNS:*.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-hangzhou.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-hangzhou-internal.oss-accesspoint.aliyuncs.com, DNS:*.cn-hangzhou.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-hangzhou.aliyuncs.com, DNS:*.s3.oss-cn-hangzhou-internal.aliyuncs.com, DNS:*.cn-hangzhou.mgw.aliyuncs.com, DNS:*.oss.cn-hangzhou.privatelink.aliyuncs.com, DNS:*.oss-cn-hangzhou.oss-object-process.aliyuncs.com, DNS:*.oss-cn-hangzhou-internal.oss-object-process.aliyuncs.com, DNS:*.s3.oss-accelerate.aliyuncs.com, DNS:*.s3.oss-accelerate-overseas.aliyuncs.com, DNS:*.cn-hangzhou-cross.mgw.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            X509v3 Subject Key Identifier: 
                A9:B4:08:AD:74:76:24:F8:94:02:09:AF:A1:CD:4B:1D:51:33:C1:61
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Feb 19 05:01:09.851 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:4C:A8:93:C6:9D:10:B5:44:EA:22:C4:6E:
                                92:C3:E2:B2:9B:DE:7D:ED:7C:E4:13:66:7C:BC:00:C6:
                                55:E5:30:FD:02:20:52:7C:85:F1:3E:EA:BE:9A:8E:4B:
                                99:EE:3E:1B:E9:01:06:7D:47:E3:D8:82:C0:E4:29:46:
                                11:A5:F1:30:AB:51
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Feb 19 05:01:09.861 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:FA:47:21:1A:96:CD:EC:11:AE:C7:7C:
                                D9:67:C2:68:9E:BC:61:58:CE:23:BD:45:DD:5F:E5:49:
                                7B:EB:33:BC:CA:02:20:70:0A:31:A8:28:9A:BD:14:21:
                                5C:0A:E9:AA:DD:72:24:80:CE:39:27:5F:A0:48:0E:9C:
                                52:D1:13:61:E3:53:47
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Feb 19 05:01:09.819 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:32:A3:F7:00:A4:8C:A6:78:04:A5:44:F7:
                                70:3D:F8:E4:8D:71:DA:26:14:63:0D:D1:34:8A:C4:5A:
                                C4:ED:62:FC:02:20:39:FD:AC:A3:E6:79:99:18:43:7D:
                                71:8D:1B:B5:39:98:E2:04:70:DD:FD:D2:4F:CD:22:0D:
                                D6:85:2E:46:B7:D5
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        27:c4:7d:9b:75:a3:41:86:a4:06:5f:b8:66:d0:3e:cd:73:9c:
        b2:ba:f0:f3:5b:b9:5c:61:75:10:f9:ec:00:3f:f1:35:1b:64:
        02:ef:a2:0b:64:fe:3a:5f:bd:59:fa:34:17:50:9f:ec:97:0d:
        e8:d9:2c:f4:30:27:5a:51:83:cf:7d:e5:ae:0f:68:b9:ec:a1:
        05:52:98:ff:1d:0b:8a:94:8a:f7:0b:32:e8:2b:91:f2:52:a8:
        ac:44:a7:ab:e0:ae:4f:7e:aa:59:d5:e0:92:e6:ea:6f:a1:3b:
        97:93:68:06:84:a1:8c:eb:76:62:39:00:ff:90:29:b2:90:4c:
        cf:36:f1:82:48:7b:d9:64:f4:6f:fc:1e:e3:90:9d:ea:e0:98:
        f3:99:cd:ca:19:6e:fd:7e:72:12:0e:b6:78:7e:a1:27:7c:a3:
        1f:e5:bc:16:ac:2c:73:fc:1d:db:37:21:6e:7d:30:1d:67:41:
        3e:8d:78:f0:08:76:83:43:df:1d:29:5b:74:9e:20:e0:10:b8:
        69:43:d2:39:ea:65:aa:8b:3f:09:23:82:a5:3a:b8:ad:7f:71:
        9d:22:d8:eb:85:ca:77:97:b1:38:29:02:5d:d1:de:04:ff:cf:
        6d:7c:ee:91:c4:34:33:dc:92:52:f9:48:0c:5f:10:40:dc:5d:
        7d:16:5c:a2

1545917845 | 2024-05-20T06:59:19.823034

444 / tcp

[gN

1911457608 | 2024-04-28T13:43:17.650029

448 / tcp

\x00[\x00\x00\x00\x00\x00\x00

2098371729 | 2024-05-08T05:51:35.653714

449 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

897328069 | 2024-05-20T07:51:52.695104

465 / tcp

220 mail.scott000.com ESMTP

-1435414831 | 2024-04-21T17:07:48.341260

502 / tcp

roku: ready\r\n

819727972 | 2024-05-19T17:44:49.870747

503 / tcp

SSH-2.0-OpenSSH_7.4

1690634669 | 2024-05-18T09:40:40.839903

515 / tcp

1801869778 | 2024-04-24T23:32:04.577353

548 / tcp

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: DS1019Plus\nMachine Type: \rNetatalk3.1.8\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: Cleartxt Passwrd\\x04,DHX2\t,DHCAST128\\x00\nServer Signature: 00000000008002000180030002800280

745343730 | 2024-05-20T15:02:08.102949

587 / tcp

220 smtp.qq.com Esmtp QQ Mail Server

-1261053701 | 2024-04-23T15:56:34.404327

593 / tcp

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset="UTF-8"
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Cache-control: no-store
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

-1036370807 | 2024-04-21T00:37:26.261528

636 / tcp

JDWP-Handshake

-1960639992 | 2024-05-13T03:06:40.360207

666 / tcp

HTTP/1.1 401 Unauthorized

1615193817 | 2024-05-15T19:16:53.928104

771 / tcp

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

165188539 | 2024-05-16T06:10:22.729271

789 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-891714208 | 2024-04-24T00:59:27.812630

806 / tcp

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

-262532376 | 2024-05-03T20:35:31.376343

888 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: keep-alive

1814656027 | 2024-05-15T06:42:03.097496

992 / tcp

HTTP/1.1 403 Forbidden
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=15; max=19

-1329831334 | 2024-05-01T22:24:25.041576

993 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

-1199842642 | 2024-05-15T21:52:45.314551

995 / tcp

+OK Welcome to RaidenMAILD POP3 SSL service v4902, Mon, 22 Jan 2024 14:24:46 +0800, (C)2001-2023 <1044592421@raidenmaild>\r\n

1663966465 | 2024-05-11T11:13:36.837518

999 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae293e_CS-NKG-01Hep254_30812-46747

504717326 | 2024-05-10T11:54:38.889814

1023 / tcp

SSH-2.0-OpenSSH_8.6

971933601 | 2024-05-19T17:07:34.081170

1025 / tcp

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

-1733645023 | 2024-04-21T17:49:42.503160

1099 / tcp

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

-1327660293 | 2024-04-28T20:40:06.966380

1153 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

2087396567 | 2024-05-17T19:26:52.952397

1177 / tcp

kjnkjabhbanc283ubcsbhdc72

1978059005 | 2024-05-16T05:24:32.647761

1200 / tcp

Sorry, that nickname format is invalid.

599074451 | 2024-05-06T09:24:50.253368

1234 / tcp

msg

770016595 | 2024-05-11T08:06:38.279512

1311 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

380146262 | 2024-05-10T10:04:32.957595

1337 / tcp

@RSYNCD: 30.0

-2089734047 | 2024-05-13T00:36:13.431092

1388 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-1990350878 | 2024-05-16T17:13:00.131248

1400 / tcp

 
04 \...

-325802316 | 2024-05-16T20:19:44.553449

1433 / tcp

MSSQL Server\nVersion: 134219767 (0x80007f7)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: PC-20150816MQOM\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: PC-20150816MQOM\nNetBIOS_Computer_Name: PC-20150816MQOM\nDNS_Domain_Name: PC-20150816MQOM\nDNS_Computer_Name: PC-20150816MQOM\nMsvAvFlags: 01000000\nSystem_Time: 2024-01-22 04:03:26 +0000 UTC\n\n

1004056929 | 2024-05-13T11:19:29.104525

1515 / tcp

Invalid request string: Request string is: "
"

2087396567 | 2024-05-18T20:08:33.798573

1599 / tcp

kjnkjabhbanc283ubcsbhdc72

1741579575 | 2024-05-15T15:58:15.598124

1604 / tcp

1103582599 | 2024-04-28T15:21:09.291108

1723 / tcp

Firmware: 1\nHostname: Vigor\nVendor: DrayTek\n

-1344535834 | 2024-05-19T09:43:13.916000

1741 / tcp

HTTP/1.0 200 OK
Server: Proxy

1535389866 | 2024-05-13T05:35:41.018564

1801 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2157_PS-LHW-01jjk135_25164-48622

-2096652808 | 2024-04-23T07:07:41.993350

1830 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-345718689 | 2024-04-21T14:59:57.783889

1883 / tcp

Vty password is not set.

709622286 | 2024-05-17T02:42:10.956234

1911 / tcp

OK Welcome <299685> on DirectUpdate server 7286\r\n

-1036370807 | 2024-04-23T16:56:23.472120

1926 / tcp

JDWP-Handshake

1345412733 | 2024-05-19T07:12:00.957946

1947 / tcp

HTTP/1.1 403 Forbidden
Server: HASP LM/19.00
Content-Type: text/html

1991883981 | 2024-04-25T17:41:26.525563

1951 / tcp

B\x00\x00\x00\xc3\xbfn\x04Too many connections

1308377066 | 2024-04-30T22:06:45.528650

1962 / tcp

ncacn_http/1.0

-1399940268 | 2024-05-07T13:15:59.798136

2000 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-05-17T21:50:31.737497

2002 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1032713145 | 2024-05-09T17:46:11.308800

2003 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

-1810987450 | 2024-05-20T15:33:18.390681

2008 / tcp

\xc3\xbf

321971019 | 2024-05-08T02:42:05.146014

2051 / tcp

-ERR client ip is not in whitelist\r

-1279886438 | 2024-05-03T03:26:52.307951

2058 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

1911457608 | 2024-05-18T23:19:36.762481

2059 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1059554316 | 2024-05-17T09:40:28.100659

2060 / tcp

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

-1996280214 | 2024-05-15T20:58:37.500128

2064 / tcp

\x06\x04\x05@

1996932384 | 2024-05-03T21:00:30.414634

2067 / tcp

"raop" nonce

-1261090339 | 2024-05-13T09:15:08.569750

2070 / tcp

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

-1399940268 | 2024-05-15T10:02:20.310919

2081 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

842535728 | 2024-05-05T09:27:02.292282

2082 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

233634112 | 2024-05-05T22:28:20.928291

2083 / tcp

SSH-98.60-SysaxSSH_81885..42

-2031152423 | 2024-05-12T08:55:31.107459

2087 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

-457235091 | 2024-05-03T08:04:48.105898

2100 / tcp

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

372433470 | 2024-05-09T10:38:45.582614

2111 / tcp

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

141730637 | 2024-05-04T06:42:13.616788

2121 / tcp

HTTP/1.0 200 OK
Server: Proxy

-1626979812 | 2024-05-15T13:49:02.140835

2122 / tcp

220 Service ready for new user.

2087396567 | 2024-05-13T15:37:29.808053

2154 / tcp

kjnkjabhbanc283ubcsbhdc72

-122096153 | 2024-04-21T21:40:58.919747

2181 / tcp

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

372433470 | 2024-05-13T19:15:41.964902

2222 / tcp

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

1051421500 | 2024-04-29T07:43:08.731531

2323 / tcp


H3C login: 

TELNET Negotiation:
will: Echo, Suppress Go Ahead
do: Echo, Negotiate About Window Size, Remote Flow Control

1126993057 | 2024-04-29T22:19:47.667729

2332 / tcp

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

-1730858130 | 2024-05-11T08:33:37.393782

2345 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

1321679546 | 2024-04-26T18:15:26.927419

2375 / tcp

ÿÿÿ
0 ...

1282941221 | 2024-05-10T20:51:26.297512

2376 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

1623746877 | 2024-05-19T18:08:51.698192

2404 / tcp

500 Permission denied - closing connection.\r\n

-1529979118 | 2024-05-20T04:28:57.381038

2455 / tcp

inv2W

1865391109 | 2024-05-01T13:03:48.379086

2480 / tcp

HTTP/1.1 408 Request Timeout
content-length: 0

-1529979118 | 2024-05-02T04:20:05.933412

2628 / tcp

inv2W

-1399940268 | 2024-05-14T17:32:18.281666

2761 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-2089734047 | 2024-05-12T21:30:23.699651

2762 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-2080784861 | 2024-05-18T09:05:47.211413

3001 / tcp

GBPK\xc3\xbb\xc3\xb7n\xc2\x93W\xc2\xaf\xc2\x86\xc2\x93x@\xc2\xa9\x0e\xc3\x8a*\xc2\x9bS\x00

819727972 | 2024-05-18T00:52:41.516369

3050 / tcp

SSH-2.0-OpenSSH_7.4

455076604 | 2024-05-17T18:43:32.172194

3067 / tcp

!\x07version\x04bind7 t{RPowerDNS Recursor 410

-1810987450 | 2024-05-02T22:11:18.892633

3072 / tcp

\xc3\xbf

-1399940268 | 2024-05-07T10:01:23.605408

3104 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-146605374 | 2024-05-07T08:56:14.628741

3108 / tcp

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

-1428621233 | 2024-04-25T18:22:46.142612

3111 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

-1341662640 | 2024-05-10T01:49:33.566188

3260 / tcp

HTTP/1.1 301 Moved Permanently
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

1727372229 | 2024-05-12T15:18:30.954273

3268 / tcp

HTTP/1.1 302 
Location: http://116.6.76.114:3268/index.html

-339084706 | 2024-05-03T11:53:16.259444

3269 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

1741579575 | 2024-04-23T20:02:04.115162

3299 / tcp

-653033013 | 2024-05-09T05:28:34.820134

3301 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

-1230509234 | 2024-05-15T06:43:38.778948

3306 / tcp

J\\x00\\x00\\x00\\xffj\\x04Host \'*.*.*.*\' is not allowed to connect to this MariaDB server

632542934 | 2024-05-14T04:06:59.249553

3307 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

-1713437100 | 2024-05-12T06:04:44.173385

3310 / tcp

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

1763259671 | 2024-05-04T07:47:20.884848

3337 / tcp

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

334289483 | 2024-05-20T03:17:56.039797

3388 / tcp

Invalid request string: Request string is: "\r"

-6645672 | 2024-05-03T04:59:54.791786

3389 / tcp

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x02\\x0f\\x08\\x00\\x08\\x00\\x00\\x00\n\nFlag: PROTOCOL_HYBRID_EX\nTarget_Name: 172_16_0_11\nProduct_Version: 6.3.9600 Ntlm 15\nOS: Windows 8.1/Windows Server 2012 R2\nNetBIOS_Domain_Name: 172_16_0_11\nNetBIOS_Computer_Name: 172_16_0_11\nDNS_Domain_Name: 172_16_0_11\nDNS_Computer_Name: 172_16_0_11\nSystem_Time: 2024-01-22 08:42:27 +0000 UTC\n\n

-653033013 | 2024-05-16T01:45:27.693202

3443 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

233634112 | 2024-05-10T19:55:24.563837

3542 / tcp

SSH-98.60-SysaxSSH_81885..42

198844676 | 2024-05-12T18:15:20.141052

3551 / tcp

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

1911457608 | 2024-05-03T03:55:58.431324

3562 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-2118655245 | 2024-05-03T18:35:38.950615

3749 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20

1948301213 | 2024-05-15T01:23:12.025041

3780 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

1308377066 | 2024-05-20T07:39:56.328808

3790 / tcp

ncacn_http/1.0

-1399940268 | 2024-05-20T05:54:00.645665

3838 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

669849225 | 2024-05-02T23:20:10.194369

3951 / tcp

SSH-98.60-SysaxSSH_81885..42\r\n

-1399940268 | 2024-05-15T18:44:21.605124

3952 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-180163620 | 2024-05-12T21:30:22.359654

4000 / tcp

NPC Telnet permit one connection.\r\n But One connection() already keep alive.\r\nGood Bye !! \r\n

-904840257 | 2024-05-20T12:02:27.949355

4022 / tcp

572 Relay not authorized\r\n

842535728 | 2024-05-10T05:19:35.959896

4040 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

-971970408 | 2024-05-15T10:27:52.914815

4063 / tcp

-1114821551 | 2024-05-20T14:24:55.437284

4064 / tcp

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

2103111368 | 2024-04-29T23:39:57.474028

4100 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

819727972 | 2024-05-18T17:16:26.736880

4157 / tcp

SSH-2.0-OpenSSH_7.4

-1879056922 | 2024-05-18T02:50:06.863569

4242 / tcp

HTTP/1.1 403 Forbidden
Server: Apache/2.4.41 (Unix) OpenSSL/1.1.1d TST PHP/7.3.11
Content-Type: text/plain; charset=utf-8
Connection: close

2087396567 | 2024-05-19T23:43:28.357683

4282 / tcp

kjnkjabhbanc283ubcsbhdc72

-1250504565 | 2024-05-12T09:56:08.762025

4321 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

-1399940268 | 2024-05-18T01:25:14.861173

4369 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-05-19T15:20:04.793475

4433 / tcp

SSH-2.0-OpenSSH_7.4

1140068775 | 2024-05-15T03:16:44.081564

4443 / tcp

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html
X-Frame-Options: DENY

Name: VMware ESXi
FullName: VMware ESXi 6.7.0 build-8169922
Vendor: VMware, Inc.
Version: 6.7.0
Build: 8169922
LocaleVersion: INTL
LocaleBuild: 000
OsType: vmnix-x86
ProductLineId: embeddedEsx
ApiType: HostAgent
ApiVersion: 6.7

2087396567 | 2024-05-15T16:38:16.555403

4444 / tcp

kjnkjabhbanc283ubcsbhdc72

632542934 | 2024-05-06T06:22:08.273990

4500 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

1996932384 | 2024-05-08T05:57:26.186141

4506 / tcp

"raop" nonce

-1032713145 | 2024-05-15T20:18:21.144760

4523 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

641705735 | 2024-04-24T13:15:06.338756

4782 / tcp



0
dø...

-1641514916 | 2024-05-08T00:16:22.158618

4786 / tcp

* OK Merak 1dFUa2 IMAP4rev1

1911457608 | 2024-05-09T19:45:35.898006

4840 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-138733098 | 2024-04-28T18:09:26.302872

4848 / tcp

roku: ready

-1316398834 | 2024-05-20T19:40:13.622703

4899 / tcp

ÿ

1282941221 | 2024-05-17T18:03:32.114013

4911 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

171352214 | 2024-05-19T08:28:01.640111

4949 / tcp

-ERR client ip is not in whitelist

707919486 | 2024-04-24T15:18:12.777107

4999 / tcp

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

770016595 | 2024-05-08T18:14:01.152468

5000 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

-1730858130 | 2024-05-18T08:46:14.521389

5001 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-1279886438 | 2024-05-01T21:29:03.981405

5004 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

1978059005 | 2024-05-12T04:41:25.013298

5005 / tcp

Sorry, that nickname format is invalid.

819727972 | 2024-05-19T02:14:06.251103

5006 / tcp

SSH-2.0-OpenSSH_7.4

-1399940268 | 2024-05-13T21:36:42.654239

5007 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-2015162143 | 2024-05-20T19:47:05.928647

5009 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1c5f_PStjdxtk16_38859-13702

-1795027372 | 2024-05-17T09:03:39.558553

5010 / tcp

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

2087396567 | 2024-05-02T21:41:21.601651

5025 / tcp

kjnkjabhbanc283ubcsbhdc72

51259122 | 2024-05-13T00:17:59.671147

5201 / tcp

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

564972781 | 2024-05-06T19:51:31.111923

5269 / tcp

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705937967.102-w-waf03tjgt

-1888448627 | 2024-05-13T16:00:00.396504

5432 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

632542934 | 2024-04-28T08:04:54.741309

5598 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

-321444299 | 2024-05-14T04:22:48.462245

5601 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

575925250 | 2024-04-21T06:11:31.685524

5672 / tcp

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

819727972 | 2024-05-15T16:04:22.500512

5858 / tcp

SSH-2.0-OpenSSH_7.4

1911457608 | 2024-05-14T18:17:21.472906

5907 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-05-20T13:21:21.564074

5938 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1999272906 | 2024-05-19T17:00:04.877078

5984 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

114471724 | 2024-05-13T02:51:06.982214

6000 / tcp

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN
Server: NSX

1830187220 | 2024-04-22T17:55:09.776974

6001 / tcp

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

-1399940268 | 2024-05-15T20:25:26.475989

6002 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-358801646 | 2024-05-11T17:36:40.449703

6006 / tcp

SSH-2.0-OpenSSH_6.6.1

1911457608 | 2024-04-28T01:18:02.832122

6264 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-04-23T23:32:29.984373

6308 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

321971019 | 2024-05-14T23:23:39.729201

6379 / tcp

-ERR client ip is not in whitelist\r

339872247 | 2024-05-20T18:53:02.948293

6443 / tcp


0 ...

321971019 | 2024-05-03T14:57:15.840913

6633 / tcp

-ERR client ip is not in whitelist\r

-653033013 | 2024-05-16T01:53:02.193839

6650 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

1911457608 | 2024-05-04T15:02:55.289597

6653 / tcp

\x00[\x00\x00\x00\x00\x00\x00

770016595 | 2024-05-01T18:37:55.779307

6664 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

-365662216 | 2024-04-26T03:39:33.942316

6666 / tcp

\x05\xff

1880683805 | 2024-04-29T13:12:22.721659

6667 / tcp

ÿ

265065882 | 2024-05-15T11:55:22.018074

7001 / tcp

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked

694172010 | 2024-05-07T07:37:13.511602

7004 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae292b_CS-NKG-015sn19_26622-15534

-1399940268 | 2024-05-04T02:06:48.127868

7005 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-2089734047 | 2024-05-14T01:55:04.454256

7171 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-1609150592 | 2024-04-28T05:15:09.971388

7218 / tcp

ÿÿÿ
0 ...

-2096652808 | 2024-05-16T09:08:14.803318

7415 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1996932384 | 2024-05-20T06:46:45.596328

7434 / tcp

"raop" nonce

-584993230 | 2024-05-16T16:04:34.823173

7443 / tcp

HTTP/1.1 400 Bad Request
Server:  
Content-Type: text/html
Connection: close

-1279886438 | 2024-04-30T16:36:01.232754

7444 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

1332894250 | 2024-05-17T12:24:59.582744

7537 / tcp

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

-527005584 | 2024-04-24T13:36:11.631986

7547 / tcp

/0 0 L
/0 0 HUH

-1036370807 | 2024-05-06T06:28:32.536615

7548 / tcp

JDWP-Handshake

709622286 | 2024-05-07T15:52:10.722878

7634 / tcp

OK Welcome <299685> on DirectUpdate server 7286\r\n

-1099385124 | 2024-05-19T06:28:00.812437

7887 / tcp

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

-1900404274 | 2024-05-07T10:41:09.717376

7989 / tcp

Unknown command

1072892569 | 2024-05-16T20:40:01.415649

8001 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

1623746877 | 2024-04-23T21:25:34.197192

8002 / tcp

500 Permission denied - closing connection.\r\n

-1327660293 | 2024-04-26T22:43:40.451214

8005 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

1741579575 | 2024-05-17T19:51:28.336350

8009 / tcp

-154107716 | 2024-05-09T21:29:26.897613

8010 / tcp

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

-1648456501 | 2024-05-16T11:53:32.077502

8014 / tcp

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

2059642140 | 2024-05-07T01:36:18.989003

8045 / tcp

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 56-52314072-0 0NNN RT(1700786708752 0) q(0 -1 -1 -1) r(0 -1)

-375604792 | 2024-05-02T21:13:53.682587

8048 / tcp

220 Microsoft FTP Service

2113459152 | 2024-04-25T10:34:56.188660

8081 / tcp

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Thu, 25 Apr 2024 10:34:56 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Jetty(9.2.z-SNAPSHOT)
Set-Cookie: JSESSIONID.950f90b9=1w3h4hmsjw8zx1er7uu0xbsist;Path=/;HttpOnly
Sprint-Url: https://gateway.aliyun.com/takeoff-object/swim-legal/theme-interval/hide/refresh
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Hudson: 1.395
X-Hudson-Cli-Port: 46521
X-Hudson-Theme: default
X-Instance-Identity: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAre/+10emw6MQdsSvgJpOv3JYRIs6/MkSoH2L/uwbMNDsVSDAoSIUS1bO8H5pu9sdrV67T1WPeTF4VmrARIVKm+va8bOGxObBwmtkZyVRTTdYwe2QX0J9wwlStl/W4RFbtF7H1cwAwME0eqfAMzA9P4izyLtzMcdFjCcoNmVqDnpiBJ5AC+43PcjIGwiYbstWl5Xp0/Dymw80tiOiMA+E1Ol2U4OsUtQwxyCE/i+CP2qUpUuRXyIeD1gqyfXUyzIrcmviq5vu2q++BOzSOc0c/3lmbPUz+79AkVDn8/SjBUiFR6+hw4uglhZALOKX6YuO5x/z5N5Skzi1x7Ki2SmaWQIDAQAB
X-Jenkins: 2.46.1
X-Jenkins-Cli-Port: 46521
X-Jenkins-Cli2-Port: 46521
X-Jenkins-Session: b00ea7f9
X-Ssh-Endpoint: 47.110.178.63:36215
Transfer-Encoding: chunked

20b6




  
  <!DOCTYPE html><html><head resURL="/static/b00ea7f9" data-rooturl="" data-resurl="/static/b00ea7f9">
    

    <title>Dashboard [Jenkins]</title><link rel="stylesheet" href="/static/b00ea7f9/css/layout-common.css" type="text/css" /><link rel="stylesheet" href="/static/b00ea7f9/css/style.css" type="text/css" /><link rel="stylesheet" href="/static/b00ea7f9/css/color.css" type="text/css" /><link rel="stylesheet" href="/static/b00ea7f9/css/responsive-grid.css" type="text/css" /><link rel="shortcut icon" href="/static/b00ea7f9/favicon.ico" type="image/vnd.microsoft.icon" /><link color="black" rel="mask-icon" href="/images/mask-icon.svg" /><script>var isRunAsTest=false; var rootURL=""; var resURL="/static/b00ea7f9";</script><script src="/static/b00ea7f9/scripts/prototype.js" type="text/javascript"></script><script src="/static/b00ea7f9/scripts/behavior.js" type="text/javascript"></script><script src='/adjuncts/b00ea7f9/org/kohsuke/stapler/bind.js' type='text/javascript'></script><script src="/static/b00ea7f9/scripts/yui/yahoo/yahoo-min.js"></script><script src="/static/b00ea7f9/scripts/yui/dom/dom-min.js"></script><script src="/static/b00ea7f9/scripts/yui/event/event-min.js"></script><script src="/static/b00ea7f9/scripts/yui/animation/animation-min.js"></script><script src="/static/b00ea7f9/scripts/yui/dragdrop/dragdrop-min.js"></script><script src="/static/b00ea7f9/scripts/yui/container/container-min.js"></script><script src="/static/b00ea7f9/scripts/yui/connection/connection-min.js"></script><script src="/static/b00ea7f9/scripts/yui/datasource/datasource-min.js"></script><script src="/static/b00ea7f9/scripts/yui/autocomplete/autocomplete-min.js"></script><script src="/static/b00ea7f9/scripts/yui/menu/menu-min.js"></script><script src="/static/b00ea7f9/scripts/yui/element/element-min.js"></script><script src="/static/b00ea7f9/scripts/yui/button/button-min.js"></script><script src="/static/b00ea7f9/scripts/yui/storage/storage-min.js"></script><script src="/static/b00ea7f9/scripts/hudson-behavior.js" type="text/javascript"></script><script src="/static/b00ea7f9/scripts/sortable.js" type="text/javascript"></script><script>crumb.init("", "");</script><link rel="stylesheet" href="/static/b00ea7f9/scripts/yui/container/assets/container.css" type="text/css" /><link rel="stylesheet" href="/static/b00ea7f9/scripts/yui/assets/skins/sam/skin.css" type="text/css" /><link rel="stylesheet" href="/static/b00ea7f9/scripts/yui/container/assets/skins/sam/container.css" type="text/css" /><link rel="stylesheet" href="/static/b00ea7f9/scripts/yui/button/assets/skins/sam/button.css" type="text/css" /><link rel="stylesheet" href="/static/b00ea7f9/scripts/yui/menu/assets/skins/sam/menu.css" type="text/css" /><link rel="search" href="/opensearch.xml" type="application/opensearchdescription+xml" title="Jenkins" /><meta name="ROBOTS" content="INDEX,NOFOLLOW" /><meta name="viewport" content="width=device-width, initial-scale=1" /><link rel="alternate" href="/rssAll" title="Jenkins:all (all builds)" type="application/rss+xml" /><link rel="alternate" href="/rssAll?flavor=rss20" title="Jenkins:all (all builds) (RSS 2.0)" type="application/rss+xml" /><link rel="alternate" href="/rssFailed" title="Jenkins:all (failed builds)" type="application/rss+xml" /><link rel="alternate" href="/rssFailed?flavor=rss20" title="Jenkins:all (failed builds) (RSS 2.0)" type="application/rss+xml" /><script src="/static/b00ea7f9/scripts/yui/cookie/cookie-min.js"></script><script>
              YAHOO.util.Cookie.set("screenResolution", screen.width+"x"+screen.height);
            </script><script src="/static/b00ea7f9/jsbundles/page-init.js" type="text/javascript"></script></head><body data-model-type="hudson.model.AllView" id="jenkins" class="yui-skin-sam jenkins-2.46.1 two-column" data-version="2.46.1"><a href="#skip2content" class="skiplink">Skip to content</a><div id="page-head"><div id="header"><div class="logo"><a id="jenkins-home-link" href="/"><img src="/static/b00ea7f9/images/heads

1308377066 | 2024-05-11T16:50:18.625946

8083 / tcp

ncacn_http/1.0

-616720387 | 2024-05-08T08:04:09.842403

8085 / tcp

SSH-2.0-SSHD_0.7.6

-1839934832 | 2024-04-27T16:21:34.989274

8087 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

2087396567 | 2024-05-19T08:15:38.377902

8089 / tcp

kjnkjabhbanc283ubcsbhdc72

334289483 | 2024-05-07T08:52:20.576072

8094 / tcp

Invalid request string: Request string is: "\r"

104385780 | 2024-05-09T04:07:43.453120

8098 / tcp

ceph v2

-1249500036 | 2024-05-17T00:56:58.780318

8099 / tcp

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes

1308377066 | 2024-05-13T20:26:54.897113

8104 / tcp

ncacn_http/1.0

290819026 | 2024-05-16T02:08:00.753793

8112 / tcp

welcome to Pandora console!
----------------------------
-------------------------
|     Login Time     |     2021-12-08 1...

2087396567 | 2024-05-17T03:28:44.755171

8126 / tcp

kjnkjabhbanc283ubcsbhdc72

819727972 | 2024-04-27T01:20:13.867285

8139 / tcp

SSH-2.0-OpenSSH_7.4

1208318993 | 2024-05-12T19:14:09.359530

8140 / tcp

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

1948301213 | 2024-05-17T13:12:16.219355

8181 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

691315198 | 2024-05-19T18:50:36.088279

8200 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2a23_PS-000-01HN031_1552-11103

1911457608 | 2024-05-18T05:45:27.804572

8291 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1713467553 | 2024-04-21T01:37:23.289132

8333 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Connection: close

-314039103 | 2024-05-09T00:22:53.893742

8334 / tcp

Surnom.
Sorry, that nickname format is invalid.

-271515508 | 2024-05-14T12:15:47.596356

8402 / tcp

HTTP/1.1 302 Moved Temporarily
Server: DrcomServer1.0
Location: http://192.168.254.3
Cache-Control: no-cache
Connection: close

1911457608 | 2024-04-23T14:19:00.535738

8403 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-832380282 | 2024-04-23T07:05:46.611964

8410 / tcp

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).\n

921225407 | 2024-05-14T20:21:17.668060

8427 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

1282941221 | 2024-05-05T00:28:00.473824

8431 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

-465199644 | 2024-05-12T08:50:35.215328

8443 / tcp

HTTP/1.1 403 Forbidden
Date: Sun, 12 May 2024 08:50:35 GMT
Content-Type: text/html
Content-Length: 238
Connection: keep-alive
Server: Tengine
Location: https://acm-us-west-1.console.aliyun.com
Via: kunlun55.cn1984[,0]

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:49:b2:86:90:3c:9b:46:7a:60:5b:87
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: May  5 06:21:16 2023 GMT
            Not After : Jun  5 06:21:15 2024 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.aliyun.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d7:f5:f2:ba:7f:3a:e9:f9:dc:17:26:74:d7:49:
                    9c:db:62:60:9a:b7:cb:14:89:0f:d9:fb:ef:52:75:
                    88:8d:b4:49:01:26:9c:82:dc:fa:68:a4:7d:01:b9:
                    98:e9:e7:31:d8:04:3f:7a:d3:64:52:c2:14:15:24:
                    35:ff:7a:44:1c:c1:54:5a:8a:5f:96:7e:96:06:3f:
                    52:ab:d3:00:be:d9:6f:4d:52:04:a6:fb:23:ec:c3:
                    98:2b:f9:f6:27:6c:65:58:46:32:68:23:ad:4a:c6:
                    3f:94:ee:a8:dc:84:38:40:98:5b:6c:98:1b:a4:1f:
                    d3:a8:ab:4d:d8:d2:26:97:e8:10:25:49:66:3e:ba:
                    d4:ab:68:ac:ea:77:f4:09:75:65:c2:39:89:0f:00:
                    10:b7:4f:d5:a6:df:d4:f1:e7:3d:76:38:06:4a:41:
                    21:ee:0a:aa:6c:77:d6:14:15:c3:24:f6:b8:0e:d8:
                    65:c4:72:01:68:dc:2c:2b:2f:67:ae:ae:91:18:12:
                    f7:14:49:bd:6b:23:ce:bf:ea:5a:97:eb:6d:1f:2e:
                    96:4a:87:fb:33:b8:a6:47:73:1a:0c:fb:85:9f:80:
                    e9:38:03:a1:0a:28:22:20:1e:40:bc:e8:c9:45:fb:
                    7a:93:3c:b3:75:81:08:60:4d:3c:7b:0c:12:a2:01:
                    05:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FB:43:61:72:DB:90:9F:67:07:2E:AE:74:FB:66:90:A2:E9:C4:FC:15
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            Authority Information Access: 
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
            X509v3 Subject Alternative Name: 
                DNS:*.aliyun.com, DNS:aliyun.com, DNS:email.fc.lazada.sg, DNS:app87100.eapps.dingtalkcloud.com, DNS:eai-vga.an-beijing.aliyuncs.com, DNS:svbdoy2.sinbo.taobao.com, DNS:ddd.taobao.com, DNS:sahedvjer.ojiyvn-ina.aon.aliyun-inc.com, DNS:qichebaijian.1688.com, DNS:ssc.lazada.co.id, DNS:interact.sh, DNS:stlacct.alimama.com, DNS:svbdoy.sinbo.taobao.com, DNS:shog6xg1q03654180.1688.com, DNS:sandbox.aliyun.com, DNS:eas.an-hvhehoote.aliyuncs.com, DNS:sellercenter-my-staging.lazada-seller.cn
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        92:09:53:33:28:b6:fc:32:e0:f9:8c:a8:e4:b3:b6:4d:90:82:
        15:09:08:32:8d:08:81:99:b8:6b:d5:93:d8:e9:7a:80:66:d1:
        6f:df:17:9e:a5:1a:9e:cf:8c:96:0a:4d:ec:8b:93:ff:4c:9f:
        7e:eb:58:28:e3:dd:93:0c:a8:5f:22:8c:8b:e4:e4:c2:4f:02:
        26:66:15:55:8e:e5:74:14:a3:07:9d:1e:83:5a:5e:ea:c3:27:
        87:e7:44:93:f9:6f:aa:ba:88:26:92:10:25:39:de:e1:27:ea:
        c8:3a:27:04:47:9c:b2:c0:05:b0:8a:b4:62:02:44:cd:fc:47:
        2f:ca:9f:5b:45:bd:1d:18:e2:ce:83:ee:49:cc:aa:f0:0c:2a:
        1f:16:85:01:98:4e:77:32:04:d9:5f:80:c7:b2:3d:56:65:d9:
        0c:72:c6:2f:67:e5:7a:3a:20:07:b1:c1:d4:50:a4:d2:ca:b4:
        00:3a:45:fc:11:19:23:fa:57:4c:dc:d5:4c:7f:91:4b:96:80:
        8d:ce:ea:23:18:d7:ca:0a:7c:40:3c:85:9e:c5:cc:56:17:e3:
        21:3d:17:5f:f6:0e:2a:8d:08:d3:3a:d7:6d:29:74:32:ba:9c:
        33:38:e8:55:66:bd:0e:56:31:c2:16:24:5a:ff:f6:77:e7:b7:
        7b:34:a0:b3

1919228981 | 2024-04-30T10:45:10.125845

8447 / tcp

\x00\x1e\x00\x06\xc2\x81\xc2\x85\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

165188539 | 2024-05-02T17:07:34.616655

8448 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1529351907 | 2024-05-18T06:37:59.504244

8500 / tcp

HTTP/1.1 407 OK
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

please add white ip *.*.*.*

-653033013 | 2024-05-16T18:12:17.391536

8545 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

-1248408558 | 2024-05-17T14:16:15.162761

8554 / tcp

220 MikroTik FTP server (MikroTik 6.44.3) ready

921225407 | 2024-05-18T09:03:16.824161

8575 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

740837454 | 2024-04-23T21:11:44.513452

8637 / tcp

SSH-2.0-OpenSSH_5.3

819727972 | 2024-05-07T22:21:31.454753

8688 / tcp

SSH-2.0-OpenSSH_7.4

-1839934832 | 2024-04-28T16:17:04.090799

8728 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-441419608 | 2024-04-22T16:56:28.296008

8784 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

-142686627 | 2024-05-05T07:47:38.169906

8789 / tcp

\x00[\xc2\xba\x7fs\x7f\x00\x00

-2089734047 | 2024-04-28T02:49:09.644444

8791 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1989907056 | 2024-05-08T10:45:38.594826

8802 / tcp

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

1911457608 | 2024-05-11T21:53:36.123184

8803 / tcp

\x00[\x00\x00\x00\x00\x00\x00

819727972 | 2024-05-08T14:18:50.466584

8804 / tcp

SSH-2.0-OpenSSH_7.4

-1399940268 | 2024-04-28T13:30:05.463269

8813 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-05-13T18:12:20.616867

8818 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-05-10T20:03:28.083875

8829 / tcp

SSH-2.0-OpenSSH_7.4

819727972 | 2024-05-16T04:08:49.694874

8834 / tcp

SSH-2.0-OpenSSH_7.4

205347087 | 2024-05-06T03:10:43.687330

8836 / tcp

SSH-25453-Cisco-3524665.35\n

632542934 | 2024-04-30T00:50:47.784868

8879 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

-971970408 | 2024-05-12T10:23:19.264474

8880 / tcp

165188539 | 2024-05-15T08:10:44.978165

8890 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1888448627 | 2024-05-17T18:55:14.520080

8989 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1119676909 | 2024-04-22T23:28:10.883022

9000 / tcp

M\\xc4\xc5\xb1\\xfa\\xde\\xc8)W\\xad\\xaf\\xb8\\xb5\\x05\\x89\\x9f\\xa2\\x82\\xf2j7

-1026951088 | 2024-05-13T03:28:04.839792

9001 / tcp

erro ip

-1189269828 | 2024-05-15T23:19:18.572138

9002 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1212285915 | 2024-04-25T19:36:11.495341

9019 / tcp

\x00K\x00\x00\x02\x00\x00\x00%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

1311501949 | 2024-05-01T20:46:32.968885

9040 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65aa14df_PSfjqzdxid16_23679-23338

2087396567 | 2024-05-17T16:21:50.483908

9042 / tcp

kjnkjabhbanc283ubcsbhdc72

1911457608 | 2024-04-25T01:59:41.536133

9043 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1746074029 | 2024-05-04T06:42:37.490719

9044 / tcp

101 imqbroker =unV\r\n

-1399940268 | 2024-04-25T16:26:32.661431

9045 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

632542934 | 2024-05-07T22:20:46.648750

9048 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

-971970408 | 2024-05-12T23:48:32.764494

9051 / tcp

1260305703 | 2024-05-12T19:26:03.238719

9090 / tcp

HTTP/1.1 200 OK
Content-Language: zh-CN
Content-Length: 4825
Content-Type: text/html;charset=utf-8
Date: Sun, 12 May 2024 19:26:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=node0zq3a94plxcwix3gh8rei6t9t818.node0; Path=/; HttpOnly
Set-Cookie: csrf=QBkdiDkkG15BXpy; Path=/; HttpOnly
X-Domain-Link: https://sell.aliyuncs.com/arrive-remove/data-expel
X-Frame-Options: SAMEORIGIN

539065883 | 2024-05-19T00:01:25.835218

9091 / tcp

-1399940268 | 2024-04-26T04:39:15.577128

9092 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1278527606 | 2024-05-20T15:11:04.614257

9095 / tcp

SSH-2.0-Teleport

2063598737 | 2024-05-18T12:57:28.845918

9100 / tcp

/0 0 L\r\n/0 0 HUH\r\n

1975288991 | 2024-04-21T18:29:43.289065

9151 / tcp

OPTI

-1399940268 | 2024-04-28T20:23:29.315758

9160 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-407828767 | 2024-05-08T05:09:07.028070

9215 / tcp

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

504717326 | 2024-04-30T10:31:30.569380

9217 / tcp

SSH-2.0-OpenSSH_8.6

921225407 | 2024-04-24T13:03:25.063520

9303 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

-653033013 | 2024-05-15T19:54:15.085087

9306 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

841014058 | 2024-05-16T21:25:01.877023

9443 / tcp

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

819727972 | 2024-05-18T10:27:48.443013

9530 / tcp

SSH-2.0-OpenSSH_7.4

770016595 | 2024-05-10T17:36:07.170446

9595 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

820958131 | 2024-05-13T09:43:30.252057

9600 / tcp

kjnkjabhbanc283ubcsbhdc72\x02

1690634669 | 2024-05-15T20:32:46.478239

9633 / tcp

-2089734047 | 2024-05-18T22:36:48.638877

9761 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-805362002 | 2024-05-05T17:35:02.552277

9800 / tcp

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

248249138 | 2024-05-20T12:45:58.669059

9943 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae24d3_xyd116_25356-2749

201984321 | 2024-05-02T16:03:47.457637

9944 / tcp

ÿû
Welcome to NetLinx v94 Copyright AMX Corp. 34395-49007
>

-1901729922 | 2024-05-04T21:27:25.781309

9998 / tcp

HTTP/1.1 404 
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Transfer-Encoding: chunked

1161309183 | 2024-05-17T23:48:58.884759

9999 / tcp

ProxyServer is ready

1082732927 | 2024-05-08T19:07:49.987545

10000 / tcp

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

1492413928 | 2024-05-14T22:46:15.456681

10001 / tcp

SSH-2.0-OpenSSH_7.5

-1477838366 | 2024-05-19T05:43:13.669286

10134 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

-358801646 | 2024-05-10T22:26:37.241024

10250 / tcp

SSH-2.0-OpenSSH_6.6.1

-1056248465 | 2024-04-26T04:59:14.020265

10443 / tcp

HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 04:59:13 GMT
Content-Type: text/html
Content-Length: 238
Connection: keep-alive
Server: Tengine
Location: https://support.aliyun.com

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:a7:27:29:07:10:52:7c:ae:c7:4a:96
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2
        Validity
            Not Before: Sep 12 07:56:08 2023 GMT
            Not After : Feb 20 10:00:00 2024 GMT
        Subject: CN=*.aliyuncs.com, O=Alibaba (China) Technology Co., Ltd., L=Hangzhou, ST=Zhejiang, C=CN
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:dd:4b:74:ed:c6:5a:af:d8:ec:b8:00:f8:be:09:
                    34:31:59:b1:d9:1b:77:36:69:8b:27:30:12:a2:ff:
                    69:4e:58:2b:8d:98:ed:55:24:6a:9b:b3:5a:6b:54:
                    68:b8:b7:af:ee:8b:2d:5b:86:f0:92:f6:ef:ba:25:
                    40:b6:ac:30:eb:0c:b4:35:17:25:82:6f:84:57:5b:
                    d7:d9:0c:eb:9d:09:dc:bd:17:bf:92:98:db:b9:3b:
                    d3:70:74:bc:b4:ad:55:c7:e2:85:17:3e:f7:03:ce:
                    a3:7a:d4:61:4b:27:99:3c:8a:b8:7f:bd:f0:02:67:
                    55:75:cc:b7:cd:2b:91:3f:d9:11:a0:74:0c:9d:8a:
                    4a:b9:b8:5a:bc:1e:97:a1:b3:79:5b:5d:30:ea:a5:
                    8b:a2:23:05:02:22:9b:d4:f8:25:e6:99:c0:6d:4b:
                    d6:e0:ad:f0:01:a3:c9:e2:db:c2:bc:66:5e:3f:1b:
                    cd:c9:01:ad:68:50:77:ca:41:b9:a2:cf:58:9b:d9:
                    5c:1d:f2:b4:9c:9e:f9:c7:84:fe:65:8f:68:b5:e3:
                    2c:43:31:a0:a6:5c:65:eb:67:63:da:9b:0a:91:f8:
                    c1:f2:ba:0f:4e:48:53:f7:12:ca:6c:35:4e:4b:96:
                    02:d7:bc:3b:77:ad:80:17:9b:7a:4d:37:a1:e3:8c:
                    85:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                BD:22:FF:00:93:D9:9B:FA:87:FC:C5:14:21:44:0A:DD:BF:4A:AA:A6
            X509v3 Authority Key Identifier: 
                96:DE:61:F1:BD:1C:16:29:53:1C:C0:CC:7D:3B:83:00:40:E6:1A:7C
            Authority Information Access: 
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g2
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt
            X509v3 Subject Alternative Name: 
                DNS:*.aliyuncs.com, DNS:*.cn-hangzhou-mybk.aliyuncs.com, DNS:*.cn-nantong.aliyuncs.com, DNS:*.cn-shenzhen-finance-1.aliyuncs.com, DNS:*.cn-sichuan.aliyuncs.com, DNS:*.jp-fudao.aliyuncs.com, DNS:*.ap-south-1.aliyuncs.com, DNS:*.cn-wulanchabu.aliyuncs.com, DNS:*.cn-huhehaote.aliyuncs.com, DNS:*.cn-chengdu.aliyuncs.com, DNS:*.rus-west-1.aliyuncs.com, DNS:*.ap-southeast-1.aliyuncs.com, DNS:*.in-mumbai.aliyuncs.com, DNS:*.cn-guangzhou.aliyuncs.com, DNS:*.cn-hangzhou.aliyuncs.com, DNS:dod-tiger.taobao.com, DNS:yqza.taobao.com, DNS:sec.alimama.com, DNS:buc-test-qier.alibaba-inc.com, DNS:heno.stors.ojibobo-ina.aon.alibaba-inc.com, DNS:stars.shuqireader.com, DNS:www2s.mashort.cn, DNS:opsx.vip.tbsite.net, DNS:shog36977584.taobao.com, DNS:szdyyyxs.1688.com, DNS:hovonojogin.taobao.com, DNS:shop36674442.taobao.com, DNS:svnort.stors.ojibobo-ina.aon.alibaba-inc.com, DNS:xbootogs.ojibobo-ina.aon.alibaba-inc.com, DNS:university.lazada.vn, DNS:shog36621603.taobao.com, DNS:api.dingtalk.com, DNS:shog36600642.taobao.com, DNS:admin-p.lazada.vn, DNS:ocache.taobao.net, DNS:10yuankaihutiyanjin-okta-network-drookings-mirror.accept.lex.vn, DNS:lighthouse.lazada.co.th, DNS:api.aliyun.com, DNS:admin.lazada.co.id, DNS:ajovdovth-intj.an-shonghoi.aliyuncs.com, DNS:ob-gre.ojiyvn-ina.aon.aliyun-inc.com, DNS:shop2b0883416a7i9.aliyun.com, DNS:acs-m-sg.lazada.co.id, DNS:auth.wms.aliyun.com, DNS:qtnetria-shore.aliyuncs.com, DNS:m5-zb.amap.com, DNS:mail.wondfo.com.cn, DNS:m.sellercenter.lazada.com.ph, DNS:yvndvn-idi-server.ojiyvn-ina.aon.aliyun-inc.com, DNS:xmap-alg-deploy-prepub.amap.com, DNS:qt-changeplatform.alibaba.net, DNS:yhnkwj.1688.com, DNS:www22.aliwork.com, DNS:eci-vpc.ap-southeast-1.aliyuncs.com, DNS:b-manage.gfn.cainiao.com, DNS:sellercenter.lazada.com.my, DNS:aloc-offline.aliyun.com, DNS:hhpai-dsw-dsw56392-80.pcs-svr.alibaba-inc.com, DNS:attg.ojibobo-ina.aon.alibaba-inc.com, DNS:shop6239730h56062.1688.com, DNS:api.ascp-fresh-produce.hemayx.cn, DNS:console-fc.alpha.redmart.com, DNS:shog1442508391642.1688.com, DNS:fvzebogs.1688.com, DNS:das.base.shuju.aliyun.com, DNS:ojiaert.taobao.com, DNS:og-sovtheost-1.ron-internoj.aliyuncs.com, DNS:119152.aliexpress.com, DNS:shog36315220.taobao.com, DNS:nextci.amap.com, DNS:shop36579394.taobao.com, DNS:ens-network-sqos-hybrid.alicdn.com, DNS:manage-cmscn.gfn.cainiao.com, DNS:detoij.tmall.com, DNS:jielitushu.tmall.com, DNS:new-university.lazada.co.id, DNS:bi.aliyun.com, DNS:shog3078o27060063.1688.com, DNS:www.yx.fusion.design, DNS:hm1.cnzz.com, DNS:u.lazada.com.my, DNS:pre-ids-gpcb.lazada.com, DNS:adsprobe.aliyun.com, DNS:services-iss-sh.cainiao-inc.com, DNS:gigsijk.taobao.com, DNS:nrcm.lydaas.com, DNS:connect.aliexpress.com, DNS:vidigod.1688.com, DNS:axjanja.1688.com, DNS:alimama2.aliyun.com, DNS:shog36236233.taobao.com, DNS:anqi9988.1688.com, DNS:www.lex.co.id, DNS:shog36346889.taobao.com, DNS:gvonghe.taobao.com, DNS:iot.ap-southeast-1.aliyun.com, DNS:1111.alimama.com, DNS:netriahvb-ans-an-beijing.aliyuncs.com, DNS:link.wt.cainiao.com
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        55:c0:12:7a:04:5a:dd:93:46:07:dd:96:3f:75:3b:dd:07:3b:
        c0:4a:2e:56:65:f3:86:e1:0a:0a:4b:a4:e1:ca:e2:19:2c:ee:
        e3:f8:4f:06:c4:bb:bc:c8:20:28:67:7e:a2:69:d1:b5:7e:d7:
        bc:34:4f:11:9c:4f:74:37:b8:57:b4:05:45:cf:c8:87:24:ed:
        0c:ee:f6:7d:05:6c:98:f1:72:b7:e4:f3:2a:1a:64:4d:13:be:
        4e:e6:ff:c6:84:3b:4a:2d:3f:5a:1b:4d:77:21:38:e3:68:fd:
        a8:93:fb:2a:f4:ea:c7:89:f0:28:68:ea:3d:f2:ae:0e:31:f7:
        77:fa:01:a4:af:1e:6a:75:8e:6b:17:8d:ba:7b:35:70:3a:6e:
        c8:1c:dd:7a:4e:60:0f:f9:3f:3e:38:7c:39:2a:57:3c:83:ca:
        c5:5c:f8:d8:f3:8d:79:d2:4d:d6:37:63:d8:05:6d:86:91:ce:
        8b:bb:75:ee:92:af:e0:96:94:0f:d6:70:f6:55:62:91:21:10:
        e9:19:0e:23:75:04:d8:13:d9:5a:94:19:24:ac:52:10:b7:5a:
        cc:b2:9e:28:9c:70:21:65:c8:a8:c4:1d:e9:07:57:19:ee:75:
        91:2d:7a:28:52:db:b8:1f:28:78:16:13:f6:4d:ea:ff:79:3d:
        ab:a5:ec:59

2087396567 | 2024-05-16T13:09:33.015906

10554 / tcp

kjnkjabhbanc283ubcsbhdc72

165188539 | 2024-05-14T04:57:07.729632

10909 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1911457608 | 2024-04-25T13:44:02.733090

11000 / tcp

\x00[\x00\x00\x00\x00\x00\x00

820958131 | 2024-05-16T11:25:57.755645

11112 / tcp

kjnkjabhbanc283ubcsbhdc72\x02

-1733645023 | 2024-05-19T14:45:38.832450

11210 / tcp

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

-375604792 | 2024-04-24T02:32:57.936714

11300 / tcp

220 Microsoft FTP Service

1645071342 | 2024-04-22T18:16:07.734721

12000 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11

296364507 | 2024-05-18T18:50:41.958418

12345 / tcp

HTTP/1.1 500 Internal Server Error
SERVER: Trend Chip UPnP/1.0 DMS
CONNECTION: close
CONTENT-LENGTH: 60
CONTENT-TYPE: text/html

-1977675824 | 2024-05-19T23:00:47.605335

14265 / tcp

-1900404274 | 2024-04-25T09:28:19.704209

16992 / tcp

Unknown command

1210754493 | 2024-05-20T19:30:17.257828

18245 / tcp

0\x0c\x02\x01\x01a\x07\n\x01\x00\x04\x00\x04\x00

-407828767 | 2024-05-01T23:05:26.288130

18553 / tcp

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

-407828767 | 2024-05-11T04:32:02.394867

19000 / tcp

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

1900503736 | 2024-05-16T13:48:01.649943

20000 / tcp

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

-154107716 | 2024-05-18T20:54:39.575546

20256 / tcp

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

1308377066 | 2024-04-25T07:31:30.371988

20547 / tcp

ncacn_http/1.0

2087396567 | 2024-04-21T01:33:57.549371

21025 / tcp

kjnkjabhbanc283ubcsbhdc72

-1888448627 | 2024-05-15T22:40:21.433498

21379 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

-1888448627 | 2024-05-06T23:30:03.862371

23023 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-05-18T17:29:05.270573

25001 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-2089734047 | 2024-05-17T17:09:20.172613

25565 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1046296806 | 2024-05-11T06:48:44.220918

27015 / tcp

Command: None
Size: 1347703880
ID: 808333615
Type: 942683168

1763259671 | 2024-05-03T01:17:01.674964

27017 / tcp

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

1911457608 | 2024-04-22T15:50:56.468443

28015 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1741579575 | 2024-05-02T02:28:56.997210

28080 / tcp

-147424911 | 2024-05-06T06:39:17.988975

31337 / tcp

HTTP/1.1 404 Not Found
Content Length: 0

-319440554 | 2024-04-25T01:31:04.443638

32400 / tcp

1911457608 | 2024-04-26T04:11:26.291955

32764 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1842524259 | 2024-05-13T08:46:08.236724

33060 / tcp

-1888448627 | 2024-05-11T18:49:43.275723

35000 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

-1297953727 | 2024-05-05T19:41:04.966144

37777 / tcp

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

-1428621233 | 2024-04-25T14:59:17.750363

41800 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

819727972 | 2024-05-14T23:52:06.402038

44818 / tcp

SSH-2.0-OpenSSH_7.4

1072892569 | 2024-05-05T10:15:57.797674

49153 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

-1760806421 | 2024-05-17T15:14:39.733283

50000 / tcp

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected

1978059005 | 2024-04-26T08:51:40.834191

50050 / tcp

Sorry, that nickname format is invalid.

808560482 | 2024-05-20T19:03:38.694445

50100 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP
 : USERID : UNIX : Cr8

-1392039491 | 2024-04-27T14:57:36.259839

51106 / tcp

"Broadband Router"

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

-1746074029 | 2024-04-29T23:22:23.739001

51235 / tcp

101 imqbroker =unV\r\n

937756010 | 2024-05-19T20:55:36.289413

54138 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x01\x00\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-1888448627 | 2024-05-14T10:39:28.634902

55000 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

546151771 | 2024-05-19T15:30:52.941065

55442 / tcp

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

-1559123399 | 2024-05-08T17:52:03.831719

55443 / tcp

500 Permission denied - closing connection.

2087396567 | 2024-05-14T19:17:54.555850

55553 / tcp

kjnkjabhbanc283ubcsbhdc72

-1598265216 | 2024-05-20T09:24:43.800838

55554 / tcp

@RSYNCD: 31.0

770016595 | 2024-04-22T17:44:00.802863

60030 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

819727972 | 2024-05-03T07:19:24.509613

61613 / tcp

SSH-2.0-OpenSSH_7.4

-784071826 | 2024-05-12T12:39:21.754911

61616 / tcp

SSH-2.0-OpenSSH_8.0

-860824904 | 2024-05-12T19:56:29.916032

62078 / tcp

\x00\x01)

-1189269828 | 2024-05-03T07:27:44.535204

65522 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

47.110.178.63

Last Seen: 2024-05-20

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1725312227 | 2024-05-05T00:54:44.544651 13 / tcp

2087396567 | 2024-04-25T22:01:41.056509 15 / tcp

-390388957 | 2024-05-05T03:06:46.947110 17 / tcp

676476721 | 2024-05-12T02:56:31.578508 19 / tcp

1564456597 | 2024-05-17T17:07:01.592606 21 / tcp

167209503 | 2024-05-13T15:38:29.133973 22 / tcp

460589547 | 2024-05-12T18:58:56.475844 23 / tcp

-1730858130 | 2024-05-19T13:00:41.072386 25 / tcp

-1265999252 | 2024-04-27T12:00:34.944178 26 / tcp

1842948889 | 2024-05-11T17:48:11.542290 37 / tcp

-146605374 | 2024-05-15T05:17:55.501099 43 / tcp

588096080 | 2024-05-18T06:31:43.607145 49 / tcp

-1665400173 | 2024-05-10T06:14:35.125599 53 / tcp

1738069263 | 2024-05-10T21:19:29.466558 70 / tcp

-1846450790 | 2024-05-10T22:58:39.729484 79 / tcp

-1068310195 | 2024-05-18T08:37:30.676867 80 / tcp

550048729 | 2024-05-01T14:03:42.066370 83 / tcp

-2096652808 | 2024-04-25T02:53:27.222425 92 / tcp

-1641514916 | 2024-05-11T05:14:43.734795 100 / tcp

819727972 | 2024-05-19T13:05:37.232923 102 / tcp

1126993057 | 2024-05-10T03:26:17.751040 104 / tcp

-358801646 | 2024-05-20T22:41:16.244849 110 / tcp

60948681 | 2024-05-09T23:39:59.516460 113 / tcp

141730637 | 2024-05-04T05:32:42.097546 119 / tcp

-457235091 | 2024-04-23T23:22:07.530247 131 / tcp

-1270998736 | 2024-05-10T07:55:59.640448 139 / tcp

819727972 | 2024-05-17T16:20:20.079630 175 / tcp

-399606100 | 2024-05-11T23:06:57.497896 179 / tcp

-971970408 | 2024-05-06T23:53:32.254079 195 / tcp

-1547821026 | 2024-05-10T09:56:50.764957 264 / tcp

67948279 | 2024-05-06T02:46:55.833264 311 / tcp

811247330 | 2024-05-06T12:30:32.074780 389 / tcp

928665344 | 2024-05-19T03:30:32.213659 427 / tcp

725818518 | 2024-05-13T03:19:10.540532 443 / tcp

1545917845 | 2024-05-20T06:59:19.823034 444 / tcp

1911457608 | 2024-04-28T13:43:17.650029 448 / tcp

2098371729 | 2024-05-08T05:51:35.653714 449 / tcp

897328069 | 2024-05-20T07:51:52.695104 465 / tcp

-1435414831 | 2024-04-21T17:07:48.341260 502 / tcp

819727972 | 2024-05-19T17:44:49.870747 503 / tcp

1690634669 | 2024-05-18T09:40:40.839903 515 / tcp

1801869778 | 2024-04-24T23:32:04.577353 548 / tcp

745343730 | 2024-05-20T15:02:08.102949 587 / tcp

-1261053701 | 2024-04-23T15:56:34.404327 593 / tcp

-1036370807 | 2024-04-21T00:37:26.261528 636 / tcp

-1960639992 | 2024-05-13T03:06:40.360207 666 / tcp

1615193817 | 2024-05-15T19:16:53.928104 771 / tcp

165188539 | 2024-05-16T06:10:22.729271 789 / tcp

-891714208 | 2024-04-24T00:59:27.812630 806 / tcp

-262532376 | 2024-05-03T20:35:31.376343 888 / tcp

1814656027 | 2024-05-15T06:42:03.097496 992 / tcp

-1329831334 | 2024-05-01T22:24:25.041576 993 / tcp

-1199842642 | 2024-05-15T21:52:45.314551 995 / tcp

1663966465 | 2024-05-11T11:13:36.837518 999 / tcp

504717326 | 2024-05-10T11:54:38.889814 1023 / tcp

971933601 | 2024-05-19T17:07:34.081170 1025 / tcp

-1733645023 | 2024-04-21T17:49:42.503160 1099 / tcp

-1327660293 | 2024-04-28T20:40:06.966380 1153 / tcp

2087396567 | 2024-05-17T19:26:52.952397 1177 / tcp

1978059005 | 2024-05-16T05:24:32.647761 1200 / tcp

599074451 | 2024-05-06T09:24:50.253368 1234 / tcp

770016595 | 2024-05-11T08:06:38.279512 1311 / tcp

380146262 | 2024-05-10T10:04:32.957595 1337 / tcp

-2089734047 | 2024-05-13T00:36:13.431092 1388 / tcp

-1990350878 | 2024-05-16T17:13:00.131248 1400 / tcp

-325802316 | 2024-05-16T20:19:44.553449 1433 / tcp

1004056929 | 2024-05-13T11:19:29.104525 1515 / tcp

2087396567 | 2024-05-18T20:08:33.798573 1599 / tcp

1741579575 | 2024-05-15T15:58:15.598124 1604 / tcp

1103582599 | 2024-04-28T15:21:09.291108 1723 / tcp

-1344535834 | 2024-05-19T09:43:13.916000 1741 / tcp

1535389866 | 2024-05-13T05:35:41.018564 1801 / tcp

-2096652808 | 2024-04-23T07:07:41.993350 1830 / tcp

1725312227 | 2024-05-05T00:54:44.544651
13 / tcp

2087396567 | 2024-04-25T22:01:41.056509
15 / tcp

-390388957 | 2024-05-05T03:06:46.947110
17 / tcp

676476721 | 2024-05-12T02:56:31.578508
19 / tcp

1564456597 | 2024-05-17T17:07:01.592606
21 / tcp

167209503 | 2024-05-13T15:38:29.133973
22 / tcp

460589547 | 2024-05-12T18:58:56.475844
23 / tcp

-1730858130 | 2024-05-19T13:00:41.072386
25 / tcp

-1265999252 | 2024-04-27T12:00:34.944178
26 / tcp

1842948889 | 2024-05-11T17:48:11.542290
37 / tcp

-146605374 | 2024-05-15T05:17:55.501099
43 / tcp

588096080 | 2024-05-18T06:31:43.607145
49 / tcp

-1665400173 | 2024-05-10T06:14:35.125599
53 / tcp

1738069263 | 2024-05-10T21:19:29.466558
70 / tcp

-1846450790 | 2024-05-10T22:58:39.729484
79 / tcp

-1068310195 | 2024-05-18T08:37:30.676867
80 / tcp

550048729 | 2024-05-01T14:03:42.066370
83 / tcp

-2096652808 | 2024-04-25T02:53:27.222425
92 / tcp

-1641514916 | 2024-05-11T05:14:43.734795
100 / tcp

819727972 | 2024-05-19T13:05:37.232923
102 / tcp

1126993057 | 2024-05-10T03:26:17.751040
104 / tcp

-358801646 | 2024-05-20T22:41:16.244849
110 / tcp

60948681 | 2024-05-09T23:39:59.516460
113 / tcp

141730637 | 2024-05-04T05:32:42.097546
119 / tcp

-457235091 | 2024-04-23T23:22:07.530247
131 / tcp

-1270998736 | 2024-05-10T07:55:59.640448
139 / tcp

819727972 | 2024-05-17T16:20:20.079630
175 / tcp

-399606100 | 2024-05-11T23:06:57.497896
179 / tcp

-971970408 | 2024-05-06T23:53:32.254079
195 / tcp

-1547821026 | 2024-05-10T09:56:50.764957
264 / tcp

67948279 | 2024-05-06T02:46:55.833264
311 / tcp

811247330 | 2024-05-06T12:30:32.074780
389 / tcp

928665344 | 2024-05-19T03:30:32.213659
427 / tcp

725818518 | 2024-05-13T03:19:10.540532
443 / tcp

1545917845 | 2024-05-20T06:59:19.823034
444 / tcp

1911457608 | 2024-04-28T13:43:17.650029
448 / tcp

2098371729 | 2024-05-08T05:51:35.653714
449 / tcp

897328069 | 2024-05-20T07:51:52.695104
465 / tcp

-1435414831 | 2024-04-21T17:07:48.341260
502 / tcp

819727972 | 2024-05-19T17:44:49.870747
503 / tcp

1690634669 | 2024-05-18T09:40:40.839903
515 / tcp

1801869778 | 2024-04-24T23:32:04.577353
548 / tcp

745343730 | 2024-05-20T15:02:08.102949
587 / tcp

-1261053701 | 2024-04-23T15:56:34.404327
593 / tcp

-1036370807 | 2024-04-21T00:37:26.261528
636 / tcp

-1960639992 | 2024-05-13T03:06:40.360207
666 / tcp

1615193817 | 2024-05-15T19:16:53.928104
771 / tcp

165188539 | 2024-05-16T06:10:22.729271
789 / tcp

-891714208 | 2024-04-24T00:59:27.812630
806 / tcp

-262532376 | 2024-05-03T20:35:31.376343
888 / tcp

1814656027 | 2024-05-15T06:42:03.097496
992 / tcp

-1329831334 | 2024-05-01T22:24:25.041576
993 / tcp

-1199842642 | 2024-05-15T21:52:45.314551
995 / tcp

1663966465 | 2024-05-11T11:13:36.837518
999 / tcp

504717326 | 2024-05-10T11:54:38.889814
1023 / tcp

971933601 | 2024-05-19T17:07:34.081170
1025 / tcp

-1733645023 | 2024-04-21T17:49:42.503160
1099 / tcp

-1327660293 | 2024-04-28T20:40:06.966380
1153 / tcp

2087396567 | 2024-05-17T19:26:52.952397
1177 / tcp

1978059005 | 2024-05-16T05:24:32.647761
1200 / tcp

599074451 | 2024-05-06T09:24:50.253368
1234 / tcp

770016595 | 2024-05-11T08:06:38.279512
1311 / tcp

380146262 | 2024-05-10T10:04:32.957595
1337 / tcp

-2089734047 | 2024-05-13T00:36:13.431092
1388 / tcp

-1990350878 | 2024-05-16T17:13:00.131248
1400 / tcp

-325802316 | 2024-05-16T20:19:44.553449
1433 / tcp

1004056929 | 2024-05-13T11:19:29.104525
1515 / tcp

2087396567 | 2024-05-18T20:08:33.798573
1599 / tcp

1741579575 | 2024-05-15T15:58:15.598124
1604 / tcp

1103582599 | 2024-04-28T15:21:09.291108
1723 / tcp

-1344535834 | 2024-05-19T09:43:13.916000
1741 / tcp

1535389866 | 2024-05-13T05:35:41.018564
1801 / tcp

-2096652808 | 2024-04-23T07:07:41.993350
1830 / tcp

-345718689 | 2024-04-21T14:59:57.783889
1883 / tcp

709622286 | 2024-05-17T02:42:10.956234
1911 / tcp

-1036370807 | 2024-04-23T16:56:23.472120
1926 / tcp

1345412733 | 2024-05-19T07:12:00.957946
1947 / tcp

1991883981 | 2024-04-25T17:41:26.525563
1951 / tcp

1308377066 | 2024-04-30T22:06:45.528650
1962 / tcp

-1399940268 | 2024-05-07T13:15:59.798136
2000 / tcp