GeneralInformation

Hostnames	jvjiongshog.1688.com qichebaijian.1688.com shjonso.1688.com shog1492759159639.1688.com shog6xg1q03654180.1688.com shop1460480247699.1688.com global-payment-bops.ae.alibaba-inc.com a2n360.ojibobo-ina.aon.alibaba-inc.com ahorvs-ai.ojibobo-ina.aon.alibaba-inc.com gre-exgjore.ojibobo-ina.aon.alibaba-inc.com hb-ogi.ojibobo-ina.aon.alibaba-inc.com iabv-qo.ojibobo-ina.aon.alibaba-inc.com igrogh-sg.ojibobo-ina.aon.alibaba-inc.com ata.alibaba-inc.com camp.alibaba-inc.com guidance.alibaba-inc.com 08yt.blog.china.alibaba.com dorkorder-tb.alibaba.com hbjaarystoj.en.alibaba.com preview.aliexpress.com stlacct.alimama.com di-serviae.an-ahengdv.doto.ojiyvn-ina.aon.aliyun-inc.com ob-gre.ojiyvn-ina.aon.aliyun-inc.com sahedvjer.ojiyvn-ina.aon.aliyun-inc.com vseraenter2.ojiyvn-ina.aon.aliyun-inc.com yundun-oem-cn-zhangjiakou.aliyun-inc.com aliyun.com dingding-devogs.aliyun.com dms-app-core.aliyun.com fourier.aliyun.com hsf.aliyun.com metrichub-cms-cn-hangzhou.aliyun.com origin-e72dd8c-trendyolbotak-status.aliyun.com zb-dsw-dsw59578-80.pcs-svr.aliyun.com rdc.aliyun.com sandbox.aliyun.com www2.shop.aliyun.com shop36982957.aliyun.com eai-vga.an-beijing.aliyuncs.com ean.an-beijing.aliyuncs.com nse-vga.an-hongzhov.aliyuncs.com eas.an-hvhehoote.aliyuncs.com swas-share.ap-southeast-1.aliyuncs.com onahoshi.aliyuncs.com valley.cainiao.com space.dingtalk.com app122159.eapps.dingtalkcloud.com app87100.eapps.dingtalkcloud.com wwwdocker.faas.ele.me interact.sh m-sg.lazada-seller.cn sellercenter-my-staging.lazada-seller.cn pdpdesc.lazada.co.id ssc.lazada.co.id wallet.lazada.com.ph email.fc.lazada.sg client-jyh.maitix.com access-open.quark.cn api.rantu.com alimama.taobao.com ddd.taobao.com gnarn.taobao.com shog36220471.taobao.com shog36284229.taobao.com shog36325416.taobao.com shog36854541.taobao.com shop36745251.taobao.com shop37105204.taobao.com svbdoy.sinbo.taobao.com svbdoy2.sinbo.taobao.com no.n.tmall.com yingxiao.tmall.com
Domains	1688.com alibaba-inc.com alibaba.com aliexpress.com alimama.com aliyun-inc.com aliyun.com aliyuncs.com cainiao.com dingtalk.com dingtalkcloud.com ele.me interact.sh lazada-seller.cn lazada.co.id lazada.com.ph lazada.sg maitix.com quark.cn rantu.com taobao.com tmall.com
Country	China
City	Hangzhou
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-51767	OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
CVE-2023-51385	In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
CVE-2023-51384	In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
CVE-2023-48795	The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
CVE-2023-38408	The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
CVE-2023-37582	The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. When NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. It is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.
CVE-2023-33246	9.8RocketMQ versions 5.1.0 and below are vulnerable to Arbitrary Code Injection
CVE-2021-41617	4.4sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
CVE-2021-36368	2.6An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.
CVE-2020-15778	6.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."
CVE-2020-14145	4.3The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
CVE-2019-6111	5.8An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
CVE-2019-6110	4.0In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
CVE-2019-6109	4.0An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
CVE-2019-16905	4.4OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.
CVE-2018-20685	2.6In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2018-15919	5.0Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'
CVE-2018-15473	5.0OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
CVE-2018-10088	10.0Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725.
CVE-2017-15906	5.0The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
CVE-2016-20012	4.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product
CVE-2008-3844	9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
CVE-2007-2768	4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 15 17 19 20 21 23 24 37 43 49 53 70 79 80 81 82 102 104 110 111 113 119 175 179 221 225 264 311 389 427 443 444 465 503 515 548 554 636 666 771 873 992 993 995 1023 1024 1025 1050 1099 1153 1177 1200 1234 1311 1337 1388 1433 1515 1521 1588 1599 1604 1723 1741 1800 1801 1883 1926 1962 2000 2002 2008 2049 2054 2061 2067 2081 2082 2083 2086 2087 2122 2154 2222 2250 2323 2332 2345 2376 2404 2455 2480 2525 2553 2626 2761 2762 3001 3050 3062 3078 3081 3088 3091 3097 3098 3105 3110 3112 3120 3268 3269 3299 3301 3306 3310 3333 3389 3443 3552 3557 3566 3569 3749 3780 3790 4000 4022 4040 4063 4064 4157 4200 4242 4321 4433 4443 4500 4506 4550 4664 4786 4808 4840 4899 5001 5004 5006 5007 5009 5010 5025 5090 5150 5172 5201 5222 5269 5400 5432 5435 5443 5560 5592 5601 5605 5608 5609 5858 5986 6000 6001 6009 6080 6379 6443 6511 6512 6633 6653 6666 6667 6668 6697 6789 7001 7022 7071 7081 7170 7171 7218 7415 7434 7443 7547 7634 7776 7778 7779 7979 7989 8001 8006 8009 8016 8042 8058 8060 8069 8071 8081 8083 8085 8086 8087 8089 8090 8099 8103 8110 8112 8123 8126 8139 8140 8181 8184 8200 8238 8248 8252 8291 8333 8404 8410 8414 8419 8428 8429 8432 8443 8545 8554 8575 8623 8649 8728 8801 8834 8835 8853 8880 8885 8889 9000 9001 9012 9023 9024 9026 9042 9051 9070 9091 9095 9100 9104 9191 9213 9306 9389 9418 9443 9530 9595 9633 9761 9765 9869 9876 9944 9991 9998 9999 10000 10001 10134 10443 10554 10909 11000 11112 11210 11211 12000 12345 14147 14344 16993 18081 18245 19000 19071 20256 20547 21025 21379 23023 23424 25001 25565 27015 27017 28080 28107 30003 31337 32764 33060 35000 37777 44158 47990 49152 50000 50050 50100 51106 55000 55553 60001 60010 60129 61613 62078 65522

-358801646 | 2024-05-11T16:57:15.098828

11 / tcp

SSH-2.0-OpenSSH_6.6.1

-1770051369 | 2024-04-28T21:55:08.678047

13 / tcp

421 too many connections

550048729 | 2024-04-30T00:41:58.475837

15 / tcp

ÿÿÿ
0 ...

1852418385 | 2024-05-16T08:54:40.350463

17 / tcp

RTSP/1.0 453 Not Enough Bandwidth
Server: AirTunes/7l_wZ

829384519 | 2024-05-15T11:57:51.568985

19 / tcp

 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefg
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUV

-297128567 | 2024-04-27T10:06:49.086878

20 / tcp

\x04\x01\xc3\xb4\x00\x15Internal Server Error\x00\x00\x00AB\x00\x02\x05\x00

-1248408558 | 2024-04-24T12:32:30.678113

21 / tcp

220 MikroTik FTP server (MikroTik 6.44.3) ready

-1816600103 | 2024-05-05T16:09:26.526317

23 / tcp

tc login:

408230060 | 2024-05-13T22:18:31.675716

24 / tcp

\r\nSorry, that nickname format is invalid.\r\n

2046098166 | 2024-04-19T18:06:58.428399

37 / tcp

HTTP/1.1 302 Found
X-Content-Ty

1208318993 | 2024-04-28T05:58:25.642244

43 / tcp

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

588096080 | 2024-05-01T05:06:28.680148

49 / tcp

\\x00\\x00\\x01\\x00

-42462918 | 2024-04-27T08:45:25.812287

53 / tcp

9
\x81\x05\x00\x01\x00\x00\x00\x00\x00\x00\x08clients1\x06google\x03com\x00\x00\x01\x00\x01
\x00\x06\x85\x00\x00\x01\x00\x01\x00\x01\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03\xc0\x00\x10\x00\x03\x00\x00\x00\x00\x00\x05\x04none\xc0\x00\x02\x00\x03\

-1967791998 | 2024-05-16T18:32:43.872961

70 / tcp

HTTP/1.1 401 Unauthorized
Server: mini_httpd/1.19 19dec2003
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=%s
Connection: close

-972699072 | 2024-04-28T01:21:36.041533

79 / tcp

HTTP/1.0 200 OK
Content-type: text/html
Server: uc-httpd 1.0.0
Expires: 0

547866602 | 2024-05-14T12:56:34.068313

80 / tcp

HTTP/1.1 400 Bad Request
Server: Tengine
Date: Tue, 14 May 2024 12:56:33 GMT
Content-Type: application/json
Content-Length: 119
Connection: keep-alive
x-datahub-request-id: 20240514205633c5cb7f0a0124f4ee

-984990168 | 2024-05-09T14:12:47.935511

81 / tcp


0ÿñ

1824169301 | 2024-05-04T13:58:58.393290

82 / tcp

HÿjHost '101.133.140.114' is not allowed to 
connect to this MySQL server

-1189269828 | 2024-05-15T10:19:18.237569

102 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

321971019 | 2024-05-09T16:29:25.866015

104 / tcp

-ERR client ip is not in whitelist\r

1363464823 | 2024-05-02T00:36:20.528621

110 / tcp

\x00[|ox\x7f\x00\x00

1363464823 | 2024-05-03T07:22:02.459180

111 / tcp

\x00[|ox\x7f\x00\x00

1921398876 | 2024-05-02T06:55:11.730035

113 / tcp

ÿý"
LinuxNode v06953 (ggfks)

login:

141730637 | 2024-05-16T09:31:07.417059

119 / tcp

HTTP/1.0 200 OK
Server: Proxy

1504401647 | 2024-05-12T01:16:07.485645

175 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

-399606100 | 2024-04-25T12:14:26.541309

179 / tcp

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

1726594447 | 2024-05-11T17:19:06.679545

221 / tcp

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

-1399940268 | 2024-05-02T10:57:39.245203

225 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1547821026 | 2024-05-09T21:43:39.762167

264 / tcp

CheckPoint\nFirewall Host: CPFWVSX1A_Audi_ODP_S2S_vsfw\nSmartCenter Host: admin..afx8nn\\x00\n

67948279 | 2024-05-15T09:28:31.473239

311 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET

-1713467553 | 2024-05-12T09:22:56.334785

389 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Connection: close

-525136240 | 2024-05-15T14:34:14.763138

427 / tcp

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://bogon.xylink\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:VMwareInfrastructure\nservice:wbem:https\n\nResponse of service:VMwareInfrastructure SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:VMwareInfrastructure://bogon.xylink\n\n\nResponse of service:VMwareInfrastructure AttrRqst:\nVersion: 2\nFunction: Attribute Reply (7)\nErrorCode: SUCCESS (

-386996416 | 2024-05-07T07:37:07.526265

443 / tcp

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 07:37:07 GMT
Content-Type: text/html
Content-Length: 814
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: no-cache, no-store
Etag: "ed193dda-972"
Server: Tengine
Set-Cookie: SERVERID=9798f34e33c354eeb21b6ed53a415145|1715067427|1715067427;Path=/
Vary: Accept-Encoding
Location: htps://edsappcustomer-vpc.cn-beijing.aliyuncs.com

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:49:b2:86:90:3c:9b:46:7a:60:5b:87
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: May  5 06:21:16 2023 GMT
            Not After : Jun  5 06:21:15 2024 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.aliyun.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d7:f5:f2:ba:7f:3a:e9:f9:dc:17:26:74:d7:49:
                    9c:db:62:60:9a:b7:cb:14:89:0f:d9:fb:ef:52:75:
                    88:8d:b4:49:01:26:9c:82:dc:fa:68:a4:7d:01:b9:
                    98:e9:e7:31:d8:04:3f:7a:d3:64:52:c2:14:15:24:
                    35:ff:7a:44:1c:c1:54:5a:8a:5f:96:7e:96:06:3f:
                    52:ab:d3:00:be:d9:6f:4d:52:04:a6:fb:23:ec:c3:
                    98:2b:f9:f6:27:6c:65:58:46:32:68:23:ad:4a:c6:
                    3f:94:ee:a8:dc:84:38:40:98:5b:6c:98:1b:a4:1f:
                    d3:a8:ab:4d:d8:d2:26:97:e8:10:25:49:66:3e:ba:
                    d4:ab:68:ac:ea:77:f4:09:75:65:c2:39:89:0f:00:
                    10:b7:4f:d5:a6:df:d4:f1:e7:3d:76:38:06:4a:41:
                    21:ee:0a:aa:6c:77:d6:14:15:c3:24:f6:b8:0e:d8:
                    65:c4:72:01:68:dc:2c:2b:2f:67:ae:ae:91:18:12:
                    f7:14:49:bd:6b:23:ce:bf:ea:5a:97:eb:6d:1f:2e:
                    96:4a:87:fb:33:b8:a6:47:73:1a:0c:fb:85:9f:80:
                    e9:38:03:a1:0a:28:22:20:1e:40:bc:e8:c9:45:fb:
                    7a:93:3c:b3:75:81:08:60:4d:3c:7b:0c:12:a2:01:
                    05:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FB:43:61:72:DB:90:9F:67:07:2E:AE:74:FB:66:90:A2:E9:C4:FC:15
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            Authority Information Access: 
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
            X509v3 Subject Alternative Name: 
                DNS:*.aliyun.com, DNS:aliyun.com, DNS:email.fc.lazada.sg, DNS:app87100.eapps.dingtalkcloud.com, DNS:eai-vga.an-beijing.aliyuncs.com, DNS:svbdoy2.sinbo.taobao.com, DNS:ddd.taobao.com, DNS:sahedvjer.ojiyvn-ina.aon.aliyun-inc.com, DNS:qichebaijian.1688.com, DNS:ssc.lazada.co.id, DNS:interact.sh, DNS:stlacct.alimama.com, DNS:svbdoy.sinbo.taobao.com, DNS:shog6xg1q03654180.1688.com, DNS:sandbox.aliyun.com, DNS:eas.an-hvhehoote.aliyuncs.com, DNS:sellercenter-my-staging.lazada-seller.cn
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        92:09:53:33:28:b6:fc:32:e0:f9:8c:a8:e4:b3:b6:4d:90:82:
        15:09:08:32:8d:08:81:99:b8:6b:d5:93:d8:e9:7a:80:66:d1:
        6f:df:17:9e:a5:1a:9e:cf:8c:96:0a:4d:ec:8b:93:ff:4c:9f:
        7e:eb:58:28:e3:dd:93:0c:a8:5f:22:8c:8b:e4:e4:c2:4f:02:
        26:66:15:55:8e:e5:74:14:a3:07:9d:1e:83:5a:5e:ea:c3:27:
        87:e7:44:93:f9:6f:aa:ba:88:26:92:10:25:39:de:e1:27:ea:
        c8:3a:27:04:47:9c:b2:c0:05:b0:8a:b4:62:02:44:cd:fc:47:
        2f:ca:9f:5b:45:bd:1d:18:e2:ce:83:ee:49:cc:aa:f0:0c:2a:
        1f:16:85:01:98:4e:77:32:04:d9:5f:80:c7:b2:3d:56:65:d9:
        0c:72:c6:2f:67:e5:7a:3a:20:07:b1:c1:d4:50:a4:d2:ca:b4:
        00:3a:45:fc:11:19:23:fa:57:4c:dc:d5:4c:7f:91:4b:96:80:
        8d:ce:ea:23:18:d7:ca:0a:7c:40:3c:85:9e:c5:cc:56:17:e3:
        21:3d:17:5f:f6:0e:2a:8d:08:d3:3a:d7:6d:29:74:32:ba:9c:
        33:38:e8:55:66:bd:0e:56:31:c2:16:24:5a:ff:f6:77:e7:b7:
        7b:34:a0:b3

349270136 | 2024-05-12T18:27:19.486158

444 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.22.1
Date: Sun, 12 May 2024 18:27:19 GMT
Content-Type: text/html
Content-Length: 157
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

897328069 | 2024-05-06T01:28:04.892532

465 / tcp

220 mail.scott000.com ESMTP

-288825733 | 2024-05-11T11:34:07.238109

503 / tcp

HTTP/1.1 200 OK
Connection: close
Content-Length: 2619
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,Content-Type
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE
Content-Type: text/html
Server: Jetty(9.4.14.v20181114)
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1

-952165951 | 2024-05-10T10:40:50.645116

515 / tcp

AB

-1769206458 | 2024-05-04T14:51:57.315732

548 / tcp

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: NASDF59D2\nMachine Type: \\x10Netatalk3.1.9.q2\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: DHX2\\x0f,No User Authent\\x10,Cleartxt Passwrd\\x00\nServer Signature: 00000000008002000180030002800280

735639583 | 2024-04-26T19:53:51.595353

554 / tcp

RTSP/1.0 200 OK
Server: H264DVR 1.0
Cseq: 1
Public: OPTIONS, DESCRIBE, SETUP, TEARDOWN, GET_PARAMETER, SET_PARAMETER, PLAY, PAUSE

1650594030 | 2024-04-17T05:53:28.894161

636 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 4-30654152-0 0NNN RT(1705911965960 176) q(-1 -1 -1 -1) r(0 -1) b1

2098053533 | 2024-05-07T13:37:04.841780

666 / tcp

HTTP/1.1 401 Unauthorized
Server: nginx/1.17.7
Content-Type: text/html
Connection: keep-alive

-1835475271 | 2024-05-11T20:26:31.009150

771 / tcp

200 NOD32SS 99 (3318497116)\r\n

-976882525 | 2024-05-03T04:38:32.887258

873 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.23.1
Content-Type: text/html
Connection: close

-1242315829 | 2024-04-23T06:01:27.877089

992 / tcp

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: /app/
Permissions-Policy: autoplay=(), camera=(), microphone=(), usb=()
Referrer-Policy: same-origin
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: DENY

-1230049476 | 2024-04-27T05:46:55.368764

993 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

-1489591880 | 2024-05-03T23:44:33.188106

995 / tcp

+OK MS OK\r\n

1423431314 | 2024-05-14T03:53:55.601915

1023 / tcp

 
04 \...

842535728 | 2024-04-20T15:54:01.791434

1024 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

-784071826 | 2024-05-16T13:03:19.920857

1025 / tcp

SSH-2.0-OpenSSH_8.0

45131230 | 2024-04-28T03:31:43.268943

1050 / tcp

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

321971019 | 2024-04-23T23:05:48.941025

1099 / tcp

-ERR client ip is not in whitelist\r

1911457608 | 2024-05-13T08:42:03.115957

1153 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1093576587 | 2024-05-10T20:38:53.293683

1177 / tcp

¥A,LConnectx57222

1830187220 | 2024-05-09T18:04:40.904167

1200 / tcp

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

45131230 | 2024-05-02T07:28:58.523773

1234 / tcp

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

-1392039491 | 2024-05-14T22:44:30.520559

1311 / tcp

"Broadband Router"

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

-2107996212 | 2024-05-08T20:09:59.818183

1337 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

-303199180 | 2024-05-14T00:37:54.600256

1388 / tcp

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

49107754 | 2024-04-19T10:34:14.308948

1433 / tcp

MSSQL Server\nVersion: 134219767 (0x80007f7)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nProduct_Version: 5.2.3790 Ntlm 15\nOS: Windows Server 2003/Windows Server 2003 R2/Windows Server 2003, Service Pack 2\n

2087396567 | 2024-04-30T22:44:41.972764

1515 / tcp

kjnkjabhbanc283ubcsbhdc72

-1184558916 | 2024-05-13T16:41:36.763370

1521 / tcp

Version:11.2.0.4.0\n"\\x00\\x00Y(DESCRIPTION=(TMP=)(VSNNUM=186647552)(ERR=1189)(ERROR_STACK=(ERROR=(CODE=1189)(EMFI=4))))

-1399940268 | 2024-05-10T15:11:57.969715

1588 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1082732927 | 2024-05-03T03:36:18.435385

1599 / tcp

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

550048729 | 2024-05-05T15:47:46.528139

1604 / tcp

ÿÿÿ
0 ...

1103582599 | 2024-05-13T09:00:29.615605

1723 / tcp

Firmware: 1\nHostname: Vigor\nVendor: DrayTek\n

-222277909 | 2024-05-05T11:41:03.031273

1741 / tcp

0@@

-1888448627 | 2024-05-12T23:39:49.279407

1800 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1692069329 | 2024-05-15T13:05:00.552331

1801 / tcp

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074\\xe14\\xf0\\xb6\\xb85\x0bB\\x86\\x99B\\xa5\\x07\\xb0\\xf6V92d3\\x10\\x03\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

2087396567 | 2024-05-07T01:28:58.374554

1883 / tcp

kjnkjabhbanc283ubcsbhdc72

842535728 | 2024-05-14T17:27:52.057306

1926 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

-249504111 | 2024-04-17T13:39:41.428584

1962 / tcp

\x00[xU-\x7f\x00\x00

50497985 | 2024-05-10T21:37:53.164160

2000 / tcp

\x00[\xc3\x88\xc3\x9dS\x7f\x00\x00

819727972 | 2024-05-14T04:18:27.511045

2002 / tcp

SSH-2.0-OpenSSH_7.4

89282912 | 2024-05-04T19:44:42.057495

2008 / tcp

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto
col:SOAP, MKSDisplayProtocol:VNC , ,

-1730858130 | 2024-04-22T09:40:14.679667

2049 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

1282941221 | 2024-04-26T00:41:03.665428

2054 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

-1327660293 | 2024-04-19T22:53:18.663511

2061 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

819727972 | 2024-05-13T17:45:28.671998

2067 / tcp

SSH-2.0-OpenSSH_7.4

-1810987450 | 2024-05-15T06:43:19.301362

2081 / tcp

\xc3\xbf

1082732927 | 2024-05-02T21:46:38.135599

2082 / tcp

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

1887224352 | 2024-05-12T20:47:26.401071

2083 / tcp

422524323 | 2024-05-07T05:06:20.486957

2086 / tcp

{
"Version": "3.4.18",
"VersionArray": [
3,
4,
18,
0
],
"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",
"OpenSSLVersion": "",
"SysInfo": "",
"Bits": 64,
"Debug": false,
"MaxObjectSize": 16777216
}

2087396567 | 2024-05-16T11:42:25.930756

2087 / tcp

kjnkjabhbanc283ubcsbhdc72

-1626979812 | 2024-05-13T03:18:52.357352

2122 / tcp

220 Service ready for new user.

-1031019485 | 2024-04-30T01:53:43.999805

2154 / tcp

[l¶Ð

-18551454 | 2024-05-06T08:46:23.165518

2222 / tcp

SSH-2.0-OpenSSH_6.2_hpn13v11 FreeBSD-20130515\r\n\n

-1230049476 | 2024-05-08T03:31:38.614765

2250 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

1662205251 | 2024-05-05T13:01:50.525644

2323 / tcp

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

1381121983 | 2024-05-13T18:05:55.441946

2332 / tcp

Notify\r\n

-274082663 | 2024-04-23T18:31:57.520866

2345 / tcp

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

-1114821551 | 2024-05-03T14:50:26.423234

2376 / tcp

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

-1026951088 | 2024-05-09T13:22:19.015081

2404 / tcp

erro ip

104385780 | 2024-05-01T19:37:55.351021

2455 / tcp

ceph v2

-1453516345 | 2024-04-18T08:36:45.088104

2480 / tcp

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

-879497810 | 2024-05-02T03:02:20.707583

2525 / tcp

HTTP/1.1 503 Service Unavailable
Connection: close
Cache-Control: no-cache,no-store
Pragma: no-cache

-784071826 | 2024-05-09T22:54:33.412978

2553 / tcp

SSH-2.0-OpenSSH_8.0

-2089734047 | 2024-05-08T20:18:57.562589

2626 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-1013082686 | 2024-05-12T18:38:27.240584

2761 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

1282941221 | 2024-05-13T23:22:59.542775

2762 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

-1399940268 | 2024-05-06T11:35:46.766595

3001 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1911457608 | 2024-05-11T03:22:42.888578

3050 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-05-12T13:40:01.959061

3062 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

321971019 | 2024-05-09T19:17:19.470822

3078 / tcp

-ERR client ip is not in whitelist\r

-1810987450 | 2024-04-17T06:14:54.227130

3081 / tcp

\xc3\xbf

-1730858130 | 2024-04-30T04:38:17.462982

3088 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-1713437100 | 2024-04-19T18:50:48.651454

3091 / tcp

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

-339084706 | 2024-05-01T12:59:25.940629

3097 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

819727972 | 2024-05-08T09:11:48.350421

3098 / tcp

SSH-2.0-OpenSSH_7.4

-1045760528 | 2024-04-28T01:39:00.319265

3105 / tcp

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

1011407350 | 2024-05-03T10:39:09.247716

3110 / tcp

* OK GroupWise IMAP4rev1 Server Ready\r\n

321971019 | 2024-05-08T19:55:13.558620

3112 / tcp

-ERR client ip is not in whitelist\r

117101543 | 2024-04-24T14:54:43.128493

3120 / tcp

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

-1547976805 | 2024-04-21T05:05:05.936945

3268 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: close

-407828767 | 2024-05-11T05:53:48.963709

3269 / tcp

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

539065883 | 2024-05-13T16:59:26.798622

3299 / tcp

-1453516345 | 2024-04-27T00:46:36.927414

3301 / tcp

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

1047846045 | 2024-05-08T01:41:41.939906

3306 / tcp

H\\x00\\x00\\x01\\xffj\\x04Host \'*.*.*.*\' is not allowed to connect to this MariaDB server

165188539 | 2024-05-07T12:50:00.117703

3310 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

2066043768 | 2024-05-05T08:14:45.745841

3333 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/plain; charset=utf-8
Connection: close

-989469824 | 2024-05-13T07:11:49.496921

3389 / tcp

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x02\\x0f\\x08\\x00\\x08\\x00\\x00\\x00\n\nFlag: PROTOCOL_HYBRID_EX\nTarget_Name: 10_0_4_6\nProduct_Version: 6.3.9600 Ntlm 15\nOS: Windows 8.1/Windows Server 2012 R2\nNetBIOS_Domain_Name: 10_0_4_6\nNetBIOS_Computer_Name: 10_0_4_6\nDNS_Domain_Name: 10_0_4_6\nDNS_Computer_Name: 10_0_4_6\nSystem_Time: 2024-01-22 08:42:17 +0000 UTC\n\n

-585940771 | 2024-05-05T23:12:12.073662

3443 / tcp

Unknown command\r\n

307999478 | 2024-04-24T23:20:44.439660

3552 / tcp

unknown command \r\nunknown command \r\n

2103111368 | 2024-04-21T19:45:48.022021

3557 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

-2089734047 | 2024-05-02T02:30:46.708204

3566 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-2089734047 | 2024-05-04T10:50:15.485355

3569 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-1142844482 | 2024-05-06T05:40:17.386400

3749 / tcp

ÿûSOYO_SIP VBNQyQSKc settings
Password:

1842524259 | 2024-04-21T02:10:32.572750

3780 / tcp

1308377066 | 2024-04-30T16:37:49.691619

3790 / tcp

ncacn_http/1.0

1123187653 | 2024-05-03T00:16:27.621732

4000 / tcp

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN

921225407 | 2024-05-13T00:00:36.196658

4022 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

660175493 | 2024-05-04T19:46:40.264421

4040 / tcp

1542849631 | 2024-05-09T15:44:22.565059

4063 / tcp

* OK [CAPABILITY a2,M\] nBwXk2pPP IMAP4rev1 20qx at

-1839934832 | 2024-05-01T02:57:09.935391

4064 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-971970408 | 2024-05-01T16:50:06.971467

4157 / tcp

-1746074029 | 2024-04-29T03:51:44.877593

4200 / tcp

101 imqbroker =unV\r\n

-1341662640 | 2024-05-07T15:33:41.061993

4242 / tcp

HTTP/1.1 301 Moved Permanently
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

-1250504565 | 2024-04-17T05:46:47.997484

4321 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

1282941221 | 2024-05-13T18:03:55.448790

4433 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

2069201278 | 2024-04-25T14:45:35.179192

4443 / tcp

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html
Connection: keep-alive
Set-Cookie: login_err_num=0; path=/; secure=true;  httponly=true
Set-Cookie: topsecsvportalstyle=style1; path=/; secure=true;  httponly=true
Set-Cookie: topsecsvportallogodir=default; path=/; secure=true;  httponly=true
Set-Cookie: topsecsvportalname=default; path=/; secure=true;  httponly=true
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protectio

-146605374 | 2024-05-14T10:44:39.955252

4500 / tcp

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

-154107716 | 2024-05-06T19:23:55.370935

4506 / tcp

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

-624736855 | 2024-05-13T12:06:56.679754

4550 / tcp

HTTP/1.1 404 Not Found
Server: Microsoft-IIS/10.110
Content-Type: text/plain; charset=utf-8
Connection: close

770016595 | 2024-05-10T18:53:34.398229

4664 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

819727972 | 2024-05-15T10:15:30.813791

4786 / tcp

SSH-2.0-OpenSSH_7.4

1830697416 | 2024-05-13T18:21:52.196142

4808 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

1996932384 | 2024-04-26T11:50:49.296686

4840 / tcp

"raop" nonce

-971970408 | 2024-05-12T21:05:40.701896

4899 / tcp

-1990350878 | 2024-05-13T09:18:20.176472

5001 / tcp

 
04 \...

-1839934832 | 2024-05-15T17:52:34.290773

5004 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-1013082686 | 2024-05-12T18:21:42.040321

5006 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

1911457608 | 2024-05-11T14:38:05.118965

5007 / tcp

\x00[\x00\x00\x00\x00\x00\x00

2118208326 | 2024-04-24T23:12:49.974997

5009 / tcp

HTTP/1.1 426 Upgrade Required
Content-Type: text/plain
Connection: keep-alive
Keep-Alive: timeout=5

819727972 | 2024-05-08T06:51:45.548610

5010 / tcp

SSH-2.0-OpenSSH_7.4

2087396567 | 2024-05-07T00:47:48.181971

5025 / tcp

kjnkjabhbanc283ubcsbhdc72

1911457608 | 2024-04-28T10:26:01.426929

5090 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-04-18T23:05:31.289004

5150 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1013082686 | 2024-05-04T17:22:42.540224

5172 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

1911457608 | 2024-05-13T17:59:22.417650

5201 / tcp

\x00[\x00\x00\x00\x00\x00\x00

996960436 | 2024-04-17T13:49:17.080046

5222 / tcp

572 Relay not authorized

1359734371 | 2024-05-08T22:14:25.374350

5269 / tcp

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705938451.076-w-waf01tjgt

165188539 | 2024-05-11T00:19:04.413487

5400 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1327660293 | 2024-05-06T07:42:31.349294

5432 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

-1399940268 | 2024-05-03T19:58:25.595613

5435 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-05-13T15:03:58.866097

5443 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-409020351 | 2024-05-16T00:01:18.806171

5560 / tcp

NPC Telnet permit one connection.
 But One connection() already keep alive.
Good Bye !!

-1986594217 | 2024-04-18T15:34:23.123445

5592 / tcp

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

770016595 | 2024-04-16T21:26:51.907439

5601 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

-801484042 | 2024-05-11T14:55:13.933766

5605 / tcp

ERR 27

-1399940268 | 2024-04-17T05:20:45.114264

5608 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-2089734047 | 2024-04-21T19:27:38.017451

5609 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-746114901 | 2024-05-08T21:55:44.966447

5858 / tcp

[KpU

1642597142 | 2024-05-10T15:15:39.964042

5986 / tcp

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

819727972 | 2024-04-20T21:16:07.558292

6000 / tcp

SSH-2.0-OpenSSH_7.4

-1399940268 | 2024-05-13T02:00:56.784626

6001 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2125172975 | 2024-04-30T00:36:48.638540

6009 / tcp

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

474736340 | 2024-04-29T06:42:31.541442

6080 / tcp

431 Unable to negotiate secure command connection.

321971019 | 2024-04-27T03:05:51.316823

6379 / tcp

-ERR client ip is not in whitelist\r

1455497508 | 2024-05-13T19:58:15.192581

6443 / tcp

HTTP/1.1 200 OK
Date: Mon, 13 May 2024 19:58:15 GMT
Content-Type: application/json
Content-Length: 520
Connection: keep-alive
Ali-Swift-Global-Savetime: 1715630295
Eagleeye-Traceid: 22e7f3cb5aff9284ce314e65a3
Eagleid: 22e7f3cb5aff9284ce314e65a3
S_group: tao-session
S_ip: efaf4b7c715251127b61f4ccb3375338
S_status: STATUS_SYS_ERR
S_tag: 664266830684275|114790566^|^^
S_tid: 22e7f3cb5aff9284ce314e65a3
S_ucode: CN:CENTER
S_v: 1.2.3.9
Server: Tengine
Strict-Transport-Security: max-age=0
Timing-Allow-Origin: *, *
Location: https://decorology.homestyler.com
Ufe-Result: A6
Via: cache45.18cache4[428,557,999-0,M], cache60.cache52[751,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-Cachetime: 0
X-Swift-Savetime: Mon, 13 May 2024 19:58:15 GMT

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:49:b2:86:90:3c:9b:46:7a:60:5b:87
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: May  5 06:21:16 2023 GMT
            Not After : Jun  5 06:21:15 2024 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.aliyun.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bb:e0:30:97:4d:31:70:3f:13:91:24:96:35:46:
                    e5:7d:10:6f:f5:ef:69:02:7a:66:2f:f1:56:b7:ba:
                    df:69:86:08:51:a5:76:1c:23:0a:92:b0:09:60:15:
                    c1:2e:10:1a:a2:00:b8:ba:5f:e5:e4:11:43:c3:ad:
                    e8:c5:83:c8:43:11:21:ce:57:97:60:45:5e:96:b9:
                    01:8a:f5:32:ed:68:46:8e:6c:b5:30:27:0a:9a:50:
                    53:22:a0:19:1e:24:11:2b:2c:cb:18:aa:27:1d:b6:
                    96:d0:5b:39:8c:89:3e:5f:fd:04:fa:bc:e7:24:ca:
                    25:16:b8:fd:ef:d5:74:9d:03:84:ea:34:b8:df:b0:
                    75:27:53:46:85:44:08:73:cd:3b:d6:4c:f7:0f:95:
                    1c:06:28:d3:f7:fb:f5:dc:e1:45:a9:30:2c:be:f4:
                    af:a9:07:22:57:df:f4:0c:64:11:30:b9:21:ce:f8:
                    3f:c3:17:1f:84:80:dd:4d:6f:7c:5d:3b:ec:4d:3e:
                    c6:33:5e:be:eb:4d:65:f8:63:7e:57:ee:b3:07:38:
                    77:5e:94:1b:1d:4c:8a:69:6a:97:a8:58:f6:72:d4:
                    c5:72:f3:3f:a1:5b:0d:bd:f1:a2:e3:38:b2:9b:1c:
                    11:fb:52:33:80:ec:7d:be:f8:c8:23:5f:63:02:86:
                    33:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FB:43:61:72:DB:90:9F:67:07:2E:AE:74:FB:66:90:A2:E9:C4:FC:15
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            Authority Information Access: 
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
            X509v3 Subject Alternative Name: 
                DNS:*.aliyun.com, DNS:aliyun.com, DNS:ahorvs-ai.ojibobo-ina.aon.alibaba-inc.com, DNS:zb-dsw-dsw59578-80.pcs-svr.aliyun.com, DNS:nse-vga.an-hongzhov.aliyuncs.com, DNS:wallet.lazada.com.ph, DNS:no.n.tmall.com, DNS:shop36982957.aliyun.com, DNS:www2.shop.aliyun.com, DNS:yundun-oem-cn-zhangjiakou.aliyun-inc.com, DNS:jvjiongshog.1688.com, DNS:preview.aliexpress.com, DNS:08yt.blog.china.alibaba.com, DNS:shop1460480247699.1688.com, DNS:shog36325416.taobao.com, DNS:metrichub-cms-cn-hangzhou.aliyun.com, DNS:rdc.aliyun.com, DNS:onahoshi.aliyuncs.com, DNS:guidance.alibaba-inc.com, DNS:vseraenter2.ojiyvn-ina.aon.aliyun-inc.com, DNS:alimama.taobao.com, DNS:dingding-devogs.aliyun.com, DNS:igrogh-sg.ojibobo-ina.aon.alibaba-inc.com, DNS:dms-app-core.aliyun.com, DNS:swas-share.ap-southeast-1.aliyuncs.com, DNS:hbjaarystoj.en.alibaba.com, DNS:ata.alibaba-inc.com, DNS:shog36220471.taobao.com, DNS:ean.an-beijing.aliyuncs.com, DNS:camp.alibaba-inc.com, DNS:api.rantu.com, DNS:shop36745251.taobao.com, DNS:[2408:4001:f00::16d], DNS:di-serviae.an-ahengdv.doto.ojiyvn-ina.aon.aliyun-inc.com
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        5b:9e:34:62:4d:05:e1:1c:08:f2:4e:ec:f9:65:4b:0f:2a:53:
        f8:e6:e6:ad:d8:26:50:1c:5a:22:3b:11:05:6b:f5:9c:ae:cb:
        ef:b5:30:ee:9a:c0:9e:71:a2:4c:6f:1a:d7:a9:e5:84:ee:10:
        71:1e:10:3f:56:a5:42:25:69:1e:30:97:5a:d4:b0:68:2f:c2:
        f1:16:64:8d:93:c1:b9:f1:05:d6:a9:e7:18:37:6a:18:95:be:
        1f:43:0f:ee:c6:5f:e1:93:d9:7f:02:03:6b:17:a8:1e:3d:ea:
        67:e5:66:e2:c7:23:04:27:46:a7:17:fa:49:8e:73:68:c7:78:
        6d:28:8e:20:96:25:1d:fc:c5:7b:e3:39:04:e7:16:58:f3:b5:
        b4:8a:b7:91:cc:2f:bb:e7:ae:b9:ca:de:1e:8e:ef:ee:94:0a:
        9a:f6:e7:98:34:de:1d:c0:8d:8c:c0:33:93:66:6f:cb:d3:f1:
        6e:6e:66:70:ec:df:24:9b:0f:68:00:ca:60:6d:72:13:e2:0f:
        7e:cf:62:92:90:2f:de:1a:79:e7:cc:21:5d:51:25:ce:5d:1f:
        8c:43:1f:a7:14:26:ef:09:6c:9c:21:ba:09:7c:ce:61:b6:c9:
        79:b4:22:a1:b4:0b:28:ea:57:99:5d:61:03:87:cf:99:62:31:
        e6:08:26:31

-1373613804 | 2024-05-11T01:07:34.675538

6511 / tcp

00970795:d7:smethod,6:shello,8:soptions,80:d10:shttp_port,368696:i1082,5:sname,5:sL_x,10:ssync_port,5:i00469,10:stimestamp,3190459:f920.7251553166,8:sversion,6262522:sl4X,

1624217396 | 2024-05-16T08:08:16.736074

6512 / tcp

HELO:10.3.6.0.false\nAS:2048\nHL:19

671605376 | 2024-05-06T10:15:40.777942

6633 / tcp

SSH-2.0-OpenSSH_X.X

-2096652808 | 2024-05-15T23:26:03.555902

6653 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

4935895 | 2024-05-02T10:13:52.219477

6666 / tcp

HTTP/1.1 400 Bad Request
Server: CloudWAF

585675468 | 2024-04-25T14:59:14.433201

6667 / tcp

@
05@ þ...

1911457608 | 2024-04-20T19:09:12.799815

6668 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1911457608 | 2024-05-12T15:14:32.161852

6697 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-04-23T18:25:58.252986

6789 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1136600457 | 2024-05-12T05:35:46.002266

7001 / tcp

HELO:10.3.6.0.false
AS:2048
HL:19

-122096153 | 2024-05-01T22:28:51.816237

7022 / tcp

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

1956828827 | 2024-05-12T18:45:59.152787

7071 / tcp

220 VMware Authentication Daemon Version 1.10: SSL Required, Se
rverDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t

-1839934832 | 2024-04-26T10:52:13.789296

7081 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

575925250 | 2024-05-12T19:36:57.304507

7170 / tcp

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

1911457608 | 2024-05-01T03:23:49.376993

7171 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1626979812 | 2024-05-15T03:34:46.934320

7218 / tcp

220 Service ready for new user.

819727972 | 2024-05-15T05:23:07.264504

7415 / tcp

SSH-2.0-OpenSSH_7.4

-641479109 | 2024-05-08T07:08:37.110759

7434 / tcp

[xU-

-512831750 | 2024-05-10T15:09:16.200700

7443 / tcp

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
via: CHN-GDdongguan-GLOBAL1-CACHE105[2]
X-CCDN-ERRCODE-SRC: 01
X-CCDN-FORBID-CODE: 040001

1286504516 | 2024-05-06T15:39:33.275050

7547 / tcp

CP2E Control Console
Connected to Host: gZI

819727972 | 2024-05-12T02:07:22.459320

7634 / tcp

SSH-2.0-OpenSSH_7.4

-1888448627 | 2024-05-03T04:08:55.103014

7776 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

320677201 | 2024-05-11T21:04:17.253508

7778 / tcp

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

290819026 | 2024-04-18T20:02:40.146884

7779 / tcp

welcome to Pandora console!
----------------------------
-------------------------
|     Login Time     |     2021-12-08 1...

2121220663 | 2024-04-24T21:41:04.018640

7979 / tcp

SSH-58-Ingrian_SSH\r\n

104385780 | 2024-05-04T05:09:23.758883

7989 / tcp

ceph v2

1072892569 | 2024-05-02T09:18:27.123632

8001 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

1911457608 | 2024-04-26T02:07:47.690837

8006 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1329831334 | 2024-05-02T23:40:53.135160

8009 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

-784071826 | 2024-04-25T06:40:31.982746

8016 / tcp

SSH-2.0-OpenSSH_8.0

83427758 | 2024-05-16T00:55:32.090619

8042 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 657c9646_gwt27_33224-16892

-1888448627 | 2024-05-05T15:54:44.654665

8058 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

-1461540015 | 2024-04-22T20:56:46.436144

8060 / tcp

audio 0 RTP/AVP 18 4 3 8 0 101
a

2139670385 | 2024-04-22T14:28:52.972467

8069 / tcp

HTTP/1.1 200 
Accept-Ranges: bytes
Content-Type: text/html;charset=UTF-8
Content-Length: 602
Connect-To: https://member.aliyun.com/unshift-flush/object-trigger/jobs/nacos/

-1140468363 | 2024-05-12T05:13:48.094114

8071 / tcp

\x02\t\x01

1310807011 | 2024-05-10T05:01:50.885087

8081 / tcp

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Fri, 10 May 2024 05:01:50 GMT
Domainx-Connect: https://tyqw.aliyuncs.com/encrypt/graph-separate/session/hostname-encrypt/statistics
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Jetty(9.2.z-SNAPSHOT)
Set-Cookie: JSESSIONID.1601eb68=19bev8xte4i4ptd10lp4ix2fw;Path=/;HttpOnly
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Hudson: 1.395
X-Hudson-Cli-Port: 39803
X-Hudson-Theme: default
X-Instance-Identity: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJI9HMCW0Ita0Auoh62Ky0at8wvsFutPWyEWHHN1YNA7hsN/B3S8UALst3g2uGOkYQ3vdbaVIQzcq+4cTrppkPMt7HyaptboHhU418Yy+X+NZoagKz+V5TJV/mpZakuveK5fMjEiZ2/q+cC7E1kyrJWAUeNGuIyVBClQbcCpqkYNCq+f66fC7ZjFencbXo7JybzySefYit2unX9ATaiZJydU2H/IurGINSXz10Lc+CZICEUPMdnx7bGL86MAau0R8UigFHt9oK1FpQKpu/eh1yTO2nl3KD2oZ5QV+wre1yBeRZbxO/08NtB7VqRT+wUxw6FkgWIRdFAv06l3yR0E4QIDAQAB
X-Jenkins: 2.46.1
X-Jenkins-Cli-Port: 39803
X-Jenkins-Cli2-Port: 39803
X-Jenkins-Session: 96fcb275
X-Ssh-Endpoint: 47.110.194.87:38443
Transfer-Encoding: chunked

20b5




  
  <!DOCTYPE html><html><head resURL="/static/96fcb275" data-rooturl="" data-resurl="/static/96fcb275">
    

    <title>Dashboard [Jenkins]</title><link rel="stylesheet" href="/static/96fcb275/css/layout-common.css" type="text/css" /><link rel="stylesheet" href="/static/96fcb275/css/style.css" type="text/css" /><link rel="stylesheet" href="/static/96fcb275/css/color.css" type="text/css" /><link rel="stylesheet" href="/static/96fcb275/css/responsive-grid.css" type="text/css" /><link rel="shortcut icon" href="/static/96fcb275/favicon.ico" type="image/vnd.microsoft.icon" /><link color="black" rel="mask-icon" href="/images/mask-icon.svg" /><script>var isRunAsTest=false; var rootURL=""; var resURL="/static/96fcb275";</script><script src="/static/96fcb275/scripts/prototype.js" type="text/javascript"></script><script src="/static/96fcb275/scripts/behavior.js" type="text/javascript"></script><script src='/adjuncts/96fcb275/org/kohsuke/stapler/bind.js' type='text/javascript'></script><script src="/static/96fcb275/scripts/yui/yahoo/yahoo-min.js"></script><script src="/static/96fcb275/scripts/yui/dom/dom-min.js"></script><script src="/static/96fcb275/scripts/yui/event/event-min.js"></script><script src="/static/96fcb275/scripts/yui/animation/animation-min.js"></script><script src="/static/96fcb275/scripts/yui/dragdrop/dragdrop-min.js"></script><script src="/static/96fcb275/scripts/yui/container/container-min.js"></script><script src="/static/96fcb275/scripts/yui/connection/connection-min.js"></script><script src="/static/96fcb275/scripts/yui/datasource/datasource-min.js"></script><script src="/static/96fcb275/scripts/yui/autocomplete/autocomplete-min.js"></script><script src="/static/96fcb275/scripts/yui/menu/menu-min.js"></script><script src="/static/96fcb275/scripts/yui/element/element-min.js"></script><script src="/static/96fcb275/scripts/yui/button/button-min.js"></script><script src="/static/96fcb275/scripts/yui/storage/storage-min.js"></script><script src="/static/96fcb275/scripts/hudson-behavior.js" type="text/javascript"></script><script src="/static/96fcb275/scripts/sortable.js" type="text/javascript"></script><script>crumb.init("", "");</script><link rel="stylesheet" href="/static/96fcb275/scripts/yui/container/assets/container.css" type="text/css" /><link rel="stylesheet" href="/static/96fcb275/scripts/yui/assets/skins/sam/skin.css" type="text/css" /><link rel="stylesheet" href="/static/96fcb275/scripts/yui/container/assets/skins/sam/container.css" type="text/css" /><link rel="stylesheet" href="/static/96fcb275/scripts/yui/button/assets/skins/sam/button.css" type="text/css" /><link rel="stylesheet" href="/static/96fcb275/scripts/yui/menu/assets/skins/sam/menu.css" type="text/css" /><link rel="search" href="/opensearch.xml" type="application/opensearchdescription+xml" title="Jenkins" /><meta name="ROBOTS" content="INDEX,NOFOLLOW" /><meta name="viewport" content="width=device-width, initial-scale=1" /><link rel="alternate" href="/rssAll" title="Jenkins:all (all builds)" type="application/rss+xml" /><link rel="alternate" href="/rssAll?flavor=rss20" title="Jenkins:all (all builds) (RSS 2.0)" type="application/rss+xml" /><link rel="alternate" href="/rssFailed" title="Jenkins:all (failed builds)" type="application/rss+xml" /><link rel="alternate" href="/rssFailed?flavor=rss20" title="Jenkins:all (failed builds) (RSS 2.0)" type="application/rss+xml" /><script src="/static/96fcb275/scripts/yui/cookie/cookie-min.js"></script><script>
              YAHOO.util.Cookie.set("screenResolution", screen.width+"x"+screen.height);
            </script><script src="/static/96fcb275/jsbundles/page-init.js" type="text/javascript"></script></head><body data-model-type="hudson.model.AllView" id="jenkins" class="yui-skin-sam jenkins-2.46.1 two-column" data-version="2.46.1"><a href="#skip2content" class="skiplink">Skip to content</a><div id="page-head"><div id="header"><div class="logo"><a id="jenkins-home-link" href="/"><img src="/static/96fcb275/imag

1082732927 | 2024-04-30T19:58:48.450304

8083 / tcp

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

459162008 | 2024-05-03T22:17:34.221858

8085 / tcp

Notify

770016595 | 2024-05-05T22:32:08.574279

8086 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

1189133115 | 2024-05-04T04:08:21.970901

8087 / tcp

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

-1729629024 | 2024-04-29T16:15:15.426725

8089 / tcp

101 imqbroker =unV

1865391109 | 2024-05-06T00:09:55.513920

8090 / tcp

HTTP/1.1 408 Request Timeout
content-length: 0

-1639624373 | 2024-05-12T21:20:13.686316

8099 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae28c9_CS-000-01kgX25_35624-12255

820958131 | 2024-05-14T08:44:43.622898

8103 / tcp

kjnkjabhbanc283ubcsbhdc72\x02

632542934 | 2024-05-05T22:48:56.631945

8110 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

996960436 | 2024-05-13T12:26:07.026203

8112 / tcp

572 Relay not authorized

660175493 | 2024-05-08T22:17:34.605383

8123 / tcp

-438503381 | 2024-05-12T19:25:07.623655

8126 / tcp

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

1492413928 | 2024-05-08T10:06:40.303012

8139 / tcp

SSH-2.0-OpenSSH_7.5

-641479109 | 2024-05-04T02:34:08.301213

8140 / tcp

[xU-

-801484042 | 2024-05-15T18:07:35.320350

8181 / tcp

ERR 27

-904840257 | 2024-05-10T14:57:39.536488

8184 / tcp

572 Relay not authorized\r\n

-1264324149 | 2024-05-13T02:22:45.080319

8200 / tcp

Siemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready
ÿû\x01ÿû\x03ÿý\x01ÿþ\x01Username:

51259122 | 2024-05-07T09:24:53.195091

8238 / tcp

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

1332894250 | 2024-05-04T20:32:50.352256

8248 / tcp

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

-653033013 | 2024-04-19T15:35:57.372207

8252 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

-249504111 | 2024-05-04T02:55:15.310892

8291 / tcp

\x00[xU-\x7f\x00\x00

1944032451 | 2024-05-04T01:08:17.699224

8333 / tcp

K\\x02%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

-1399940268 | 2024-05-09T01:51:26.036125

8404 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1428621233 | 2024-04-19T18:19:16.333371

8410 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

-2089734047 | 2024-05-09T06:05:32.249880

8414 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-2017887953 | 2024-04-24T12:58:58.786000

8419 / tcp

SSH-2.0-OpenSSH_7.9

1911457608 | 2024-05-08T10:38:13.101018

8428 / tcp

\x00[\x00\x00\x00\x00\x00\x00

103159425 | 2024-04-25T02:55:04.155937

8429 / tcp

SSH-1.99-RGOS_SSH

1308377066 | 2024-05-01T20:55:19.630962

8432 / tcp

ncacn_http/1.0

1096654864 | 2024-05-05T14:36:34.567386

8443 / tcp

HTTP/1.0 200 OK
Server: httpd/2.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
Content-Type: text/html
Connection: close

575925250 | 2024-04-21T03:26:11.649089

8545 / tcp

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

-984990168 | 2024-05-12T05:35:43.767323

8554 / tcp


0ÿñ

1212285915 | 2024-04-18T08:24:48.693218

8575 / tcp

\x00K\x00\x00\x02\x00\x00\x00%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

1353260875 | 2024-05-08T04:11:06.447933

8623 / tcp

\x00[g\xc2\x95N\x7f\x00\x00

-42767839 | 2024-05-08T11:37:27.744949

8649 / tcp

RFB 005.000

VNC:
  Protocol Version: 5.0

-1737707071 | 2024-05-07T22:13:25.730774

8728 / tcp

\x00b\x00\x01\x00\x00\x00\x00x\x0b\x00\x00\x00\x00z\x00437

1911457608 | 2024-05-09T18:20:12.661075

8801 / tcp

\x00[\x00\x00\x00\x00\x00\x00

472902042 | 2024-05-14T18:58:12.097227

8834 / tcp

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

-616720387 | 2024-05-07T05:37:49.079521

8835 / tcp

SSH-2.0-SSHD_0.7.6

819727972 | 2024-05-09T04:51:50.506195

8853 / tcp

SSH-2.0-OpenSSH_7.4

1741579575 | 2024-05-07T08:53:07.838404

8880 / tcp

819727972 | 2024-04-18T18:39:36.559429

8885 / tcp

SSH-2.0-OpenSSH_7.4

1850902677 | 2024-04-29T22:46:48.042027

8889 / tcp

W!

-1167054895 | 2024-05-05T22:25:23.780204

9000 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae24a9_VM-TPE-019Bk119_8663-62725

-1026951088 | 2024-05-07T19:13:40.051621

9001 / tcp

erro ip

669849225 | 2024-05-07T09:11:56.068979

9012 / tcp

SSH-98.60-SysaxSSH_81885..42\r\n

1911457608 | 2024-04-18T22:30:22.746442

9023 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1189269828 | 2024-05-05T06:42:48.871026

9024 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-1399940268 | 2024-05-03T23:29:21.452295

9026 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2087396567 | 2024-05-12T23:05:38.221235

9042 / tcp

kjnkjabhbanc283ubcsbhdc72

-971970408 | 2024-05-07T06:09:32.661350

9051 / tcp

921225407 | 2024-04-29T15:07:35.654767

9070 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

-1026951088 | 2024-05-05T07:44:44.089641

9091 / tcp

erro ip

-1990350878 | 2024-05-16T08:55:09.309322

9095 / tcp

 
04 \...

-1730858130 | 2024-04-27T01:36:54.292356

9100 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-653033013 | 2024-05-07T18:51:27.771571

9104 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

-1344535834 | 2024-04-19T09:39:06.123097

9191 / tcp

HTTP/1.0 200 OK
Server: Proxy

1723769361 | 2024-04-26T03:40:20.787943

9213 / tcp

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

1911457608 | 2024-05-06T12:19:24.377843

9306 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1911457608 | 2024-05-08T05:04:27.383532

9389 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1529351907 | 2024-04-23T10:56:41.976533

9418 / tcp

HTTP/1.1 407 OK
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

please add white ip *.*.*.*

2087396567 | 2024-05-13T04:56:29.342784

9443 / tcp

kjnkjabhbanc283ubcsbhdc72

632542934 | 2024-05-09T11:53:33.275308

9530 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

770016595 | 2024-04-28T09:50:19.326821

9595 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

842535728 | 2024-04-27T21:34:49.875258

9633 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

-1839934832 | 2024-05-03T11:30:37.507022

9761 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

632542934 | 2024-05-12T14:26:03.346412

9765 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

996960436 | 2024-05-09T16:22:05.877160

9869 / tcp

572 Relay not authorized

829861206 | 2024-04-26T08:39:29.447375

9876 / tcp

\x00\x00\x01j\x00\x00\x00_{"code":0,"flag":1,"language":"JAVA","opaque":1,"serializeTypeCurrentRPC":"JSON","version":433}{"brokerDatas":[{"brokerAddrs":{"0":"117.4.13.13:10911"},"brokerName":"broker-a","cluster":"DefaultCluster","enableActingMaster":false}],"filterServerTable":{},"queueDatas":[{"brokerName":"broker-a","perm":7,"readQueueNums":8,"topicSysFlag":0,"writeQueueNums":8}]}

550048729 | 2024-04-21T17:08:57.801609

9944 / tcp

ÿÿÿ
0 ...

165188539 | 2024-04-17T18:56:39.552899

9991 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

372433470 | 2024-05-02T10:37:03.312123

9998 / tcp

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

1161309183 | 2024-05-04T07:26:38.783106

9999 / tcp

ProxyServer is ready

2087396567 | 2024-05-06T15:08:24.010876

10000 / tcp

kjnkjabhbanc283ubcsbhdc72

1492413928 | 2024-04-24T14:58:03.481153

10001 / tcp

SSH-2.0-OpenSSH_7.5

-2031152423 | 2024-05-13T13:31:04.958230

10134 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

2025012123 | 2024-04-26T01:11:22.834823

10443 / tcp

HTTP/1.1 301 Moved Permanently
Date: Fri, 26 Apr 2024 01:11:22 GMT
Content-Type: text/html
Content-Length: 314
Connection: keep-alive
Eagleeye-Traceid: 1533d2d54c61109ccc6fab07b11df8
Location: https://metrichub-cn-beijing.aliyun.com
Server: Tengine/Aserver
Timing-Allow-Origin: *

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:a7:27:29:07:10:52:7c:ae:c7:4a:96
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2
        Validity
            Not Before: Sep 12 07:56:08 2023 GMT
            Not After : Feb 20 10:00:00 2024 GMT
        Subject: CN=*.aliyuncs.com, O=Alibaba (China) Technology Co., Ltd., L=Hangzhou, ST=Zhejiang, C=CN
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d1:07:b7:55:0e:6d:64:a6:5c:ae:5b:46:bd:42:
                    36:62:06:42:64:7c:7b:2b:01:15:75:2d:96:73:7e:
                    7f:0c:7b:a2:11:34:d5:b2:c7:1d:ef:8d:93:04:ae:
                    c1:9c:2f:7b:ee:9e:81:ad:93:eb:38:f8:66:e2:68:
                    a9:51:10:3e:2f:ee:56:35:dd:77:bc:c4:e1:81:b2:
                    ab:fc:e1:c8:84:a4:9f:15:87:f4:5c:28:83:3a:0f:
                    e1:b7:f7:69:83:1d:e7:34:a3:74:97:89:47:49:91:
                    9c:d9:cc:f9:b1:3c:bf:d0:af:44:1a:9b:fd:c0:f9:
                    77:f5:c3:d1:97:f3:62:c4:d7:0c:ae:af:86:03:9c:
                    d0:8d:f0:f2:05:20:5a:1c:d4:c5:c5:26:ae:56:58:
                    e3:6d:01:93:7c:88:c0:94:e0:90:ce:3a:63:d4:17:
                    d1:a8:e8:10:66:96:03:7b:39:3d:9a:20:c9:c5:d0:
                    5e:cd:6d:62:60:2a:f9:17:ff:d0:17:48:35:57:01:
                    8c:73:ee:7d:18:58:b8:4c:45:e1:86:62:df:67:a0:
                    9a:ad:5b:04:1f:e9:c7:6e:95:d9:54:3f:fd:e5:62:
                    89:0d:8b:c4:77:b7:1e:eb:01:5b:8f:95:42:c5:bf:
                    55:d6:2e:db:da:86:24:84:78:bc:bc:3c:f2:af:c4:
                    dc:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                BD:22:FF:00:93:D9:9B:FA:87:FC:C5:14:21:44:0A:DD:BF:4A:AA:A6
            X509v3 Authority Key Identifier: 
                96:DE:61:F1:BD:1C:16:29:53:1C:C0:CC:7D:3B:83:00:40:E6:1A:7C
            Authority Information Access: 
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g2
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt
            X509v3 Subject Alternative Name: 
                DNS:*.aliyuncs.com, DNS:*.cn-hangzhou-mybk.aliyuncs.com, DNS:*.cn-nantong.aliyuncs.com, DNS:*.cn-shenzhen-finance-1.aliyuncs.com, DNS:*.cn-sichuan.aliyuncs.com, DNS:*.jp-fudao.aliyuncs.com, DNS:*.ap-south-1.aliyuncs.com, DNS:*.cn-wulanchabu.aliyuncs.com, DNS:*.cn-huhehaote.aliyuncs.com, DNS:*.cn-chengdu.aliyuncs.com, DNS:*.rus-west-1.aliyuncs.com, DNS:*.ap-southeast-1.aliyuncs.com, DNS:*.in-mumbai.aliyuncs.com, DNS:*.cn-guangzhou.aliyuncs.com, DNS:*.cn-hangzhou.aliyuncs.com, DNS:m-sg.lazada-seller.cn, DNS:gnarn.taobao.com, DNS:hsf.aliyun.com, DNS:shog1492759159639.1688.com, DNS:ob-gre.ojiyvn-ina.aon.aliyun-inc.com, DNS:shop37105204.taobao.com, DNS:shog36854541.taobao.com, DNS:iabv-qo.ojibobo-ina.aon.alibaba-inc.com, DNS:app122159.eapps.dingtalkcloud.com, DNS:dorkorder-tb.alibaba.com, DNS:shjonso.1688.com, DNS:client-jyh.maitix.com, DNS:gre-exgjore.ojibobo-ina.aon.alibaba-inc.com, DNS:origin-e72dd8c-trendyolbotak-status.aliyun.com, DNS:hb-ogi.ojibobo-ina.aon.alibaba-inc.com, DNS:wwwdocker.faas.ele.me, DNS:yingxiao.tmall.com, DNS:shog36284229.taobao.com, DNS:fourier.aliyun.com, DNS:pdpdesc.lazada.co.id, DNS:global-payment-bops.ae.alibaba-inc.com, DNS:access-open.quark.cn, DNS:valley.cainiao.com, DNS:a2n360.ojibobo-ina.aon.alibaba-inc.com, DNS:space.dingtalk.com
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        46:cf:e4:5c:91:f7:54:f5:ca:79:8f:9c:df:80:dc:39:8b:0e:
        fa:0b:c0:1f:9b:ad:fd:25:c6:74:fc:64:9b:95:85:2b:53:21:
        3e:ba:a3:bf:cc:1a:dd:6b:fe:ca:59:d3:aa:7b:05:b0:4a:e4:
        51:2d:95:a2:c9:6b:5b:c1:8a:db:3d:b1:a2:bf:af:52:d2:9d:
        5b:87:37:39:32:60:57:a8:22:f0:2e:f0:fe:4e:34:4c:f7:44:
        66:9f:3a:9e:a3:bf:cf:19:83:0a:ea:91:07:aa:e6:e4:2d:57:
        fc:aa:6b:b3:13:d5:99:ed:7b:ed:b0:bb:96:eb:67:4a:c5:ec:
        38:7a:6c:a8:83:39:3f:7a:0f:7e:1a:9f:d3:83:ac:b0:b3:95:
        c2:a8:87:76:06:7f:8a:a8:4a:e1:dd:af:44:a3:34:53:c5:55:
        66:ce:af:06:2d:07:60:6b:74:91:55:4b:2c:ca:ae:a4:2c:bf:
        f0:3d:a3:89:c4:94:7e:4d:cc:62:5e:74:16:42:0d:4a:be:4f:
        db:d6:65:57:94:1b:09:7f:fb:e0:d1:f3:b8:18:93:fb:ca:db:
        66:b5:1c:3f:7f:28:39:21:68:39:85:0d:15:72:bb:84:21:c0:
        da:c9:9c:dc:88:5c:de:0f:63:3d:ea:d3:9d:63:8b:99:cc:26:
        cd:43:90:da

2033888749 | 2024-05-09T07:41:20.690919

10554 / tcp

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

-1428621233 | 2024-05-01T20:03:22.779620

10909 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

-2031152423 | 2024-04-25T12:27:02.119628

11000 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

632542934 | 2024-05-02T07:25:47.963876

11112 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

-891714208 | 2024-05-15T19:46:43.683885

11210 / tcp

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

-136006866 | 2024-05-13T08:47:43.709612

11211 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

1734465113 | 2024-05-13T20:18:00.078052

12000 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705938548.385-w-waf05cqt

1748152518 | 2024-05-15T07:38:38.739159

12345 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae26f8_hwt112_4105-46187

-1327660293 | 2024-04-19T11:38:35.865515

14147 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

632542934 | 2024-04-29T13:24:09.702102

14344 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

2087396567 | 2024-05-07T03:02:34.325543

16993 / tcp

kjnkjabhbanc283ubcsbhdc72

-375604792 | 2024-05-03T17:17:48.523238

18081 / tcp

220 Microsoft FTP Service

-1248408558 | 2024-05-09T16:48:06.566014

18245 / tcp

220 MikroTik FTP server (MikroTik 6.44.3) ready

1767345577 | 2024-05-15T09:17:19.356093

19000 / tcp

Hello, this is Quagga (version 0T).
Copyright 1996-200

-1344535834 | 2024-05-01T05:30:01.577073

19071 / tcp

HTTP/1.0 200 OK
Server: Proxy

171352214 | 2024-04-21T10:49:48.773231

20256 / tcp

-ERR client ip is not in whitelist

-1375131644 | 2024-05-10T05:04:24.987834

20547 / tcp

\x00[v\xc3\xbdC\x7f\x00\x00

1996932384 | 2024-05-04T09:21:51.094413

21025 / tcp

"raop" nonce

-1399940268 | 2024-05-15T10:50:54.260629

21379 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1694458451 | 2024-05-12T13:59:28.205269

23023 / tcp

@
05@ þ...

1921398876 | 2024-04-20T20:56:55.176762

23424 / tcp

ÿý"
LinuxNode v06953 (ggfks)

login:

819727972 | 2024-04-26T20:30:02.282953

25001 / tcp

SSH-2.0-OpenSSH_7.4

1911457608 | 2024-04-20T01:37:54.126341

25565 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-232716176 | 2024-04-24T13:24:26.218200

27015 / tcp

Command: None
Size: 759714643
ID: 758132274
Type: 1852141647

1763259671 | 2024-05-04T21:45:50.395890

27017 / tcp

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

819727972 | 2024-05-02T04:11:35.372440

28080 / tcp

SSH-2.0-OpenSSH_7.4

1375509841 | 2024-04-22T21:34:54.284598

28107 / tcp

ÿû

no data rcvd for version string

recv version id unsuccessful

SSH Session task 0xY: Version Exchange Failed

1911495665 | 2024-05-16T01:51:53.120584

30003 / tcp

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

756886313 | 2024-05-15T10:56:36.364198

31337 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html

-971970408 | 2024-04-24T21:54:33.574827

32764 / tcp

819727972 | 2024-05-11T21:15:44.889917

33060 / tcp

SSH-2.0-OpenSSH_7.4

1655023012 | 2024-05-13T12:50:27.598218

35000 / tcp

athinfod: invalid query.\n

-1839934832 | 2024-05-10T18:44:41.042007

37777 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-433302150 | 2024-05-02T14:51:14.097834

44158 / tcp

/multistream/1.0.0

-1032713145 | 2024-04-29T11:10:46.827282

47990 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

602755868 | 2024-04-28T00:33:54.861170

49152 / tcp

HTTP/1.1 500 Internal Server Error
CONTENT-LENGTH: 411
CONTENT-TYPE: text/xml; charset="utf-8"
DATE: Mon, 22 Jan 2024 16:06:03 GMT
EXT:
SERVER: Linux/4.9.118, UPnP/1.0, Portable SDK for UPnP devices/1.6.18
X-User-Agent: redsonic

-358801646 | 2024-05-13T10:35:00.208211

50000 / tcp

SSH-2.0-OpenSSH_6.6.1

-984990168 | 2024-05-07T00:34:06.450178

50050 / tcp


0ÿñ

1231376952 | 2024-05-13T19:39:54.151008

50100 / tcp

-154107716 | 2024-05-08T07:56:57.242477

51106 / tcp

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

-1611764932 | 2024-05-14T01:33:57.596491

55000 / tcp

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

539065883 | 2024-05-12T04:48:18.531000

55553 / tcp

660175493 | 2024-05-11T13:34:53.565786

60001 / tcp

-2118655245 | 2024-05-14T14:58:02.654887

60010 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20

-1730858130 | 2024-05-15T00:47:23.790654

60129 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-2089734047 | 2024-05-14T05:50:12.177202

61613 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-154616015 | 2024-04-25T14:28:48.829613

62078 / tcp

=\x01À\x06ÿÿ?"<ZDECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x01\x01

632542934 | 2024-05-03T06:41:31.140746

65522 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

47.110.194.87

Last Seen: 2024-05-16

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-358801646 | 2024-05-11T16:57:15.098828 11 / tcp

-1770051369 | 2024-04-28T21:55:08.678047 13 / tcp

550048729 | 2024-04-30T00:41:58.475837 15 / tcp

1852418385 | 2024-05-16T08:54:40.350463 17 / tcp

829384519 | 2024-05-15T11:57:51.568985 19 / tcp

-297128567 | 2024-04-27T10:06:49.086878 20 / tcp

-1248408558 | 2024-04-24T12:32:30.678113 21 / tcp

-1816600103 | 2024-05-05T16:09:26.526317 23 / tcp

408230060 | 2024-05-13T22:18:31.675716 24 / tcp

2046098166 | 2024-04-19T18:06:58.428399 37 / tcp

1208318993 | 2024-04-28T05:58:25.642244 43 / tcp

588096080 | 2024-05-01T05:06:28.680148 49 / tcp

-42462918 | 2024-04-27T08:45:25.812287 53 / tcp

-1967791998 | 2024-05-16T18:32:43.872961 70 / tcp

-972699072 | 2024-04-28T01:21:36.041533 79 / tcp

547866602 | 2024-05-14T12:56:34.068313 80 / tcp

-984990168 | 2024-05-09T14:12:47.935511 81 / tcp

1824169301 | 2024-05-04T13:58:58.393290 82 / tcp

-1189269828 | 2024-05-15T10:19:18.237569 102 / tcp

321971019 | 2024-05-09T16:29:25.866015 104 / tcp

1363464823 | 2024-05-02T00:36:20.528621 110 / tcp

1363464823 | 2024-05-03T07:22:02.459180 111 / tcp

1921398876 | 2024-05-02T06:55:11.730035 113 / tcp

141730637 | 2024-05-16T09:31:07.417059 119 / tcp

1504401647 | 2024-05-12T01:16:07.485645 175 / tcp

-399606100 | 2024-04-25T12:14:26.541309 179 / tcp

1726594447 | 2024-05-11T17:19:06.679545 221 / tcp

-1399940268 | 2024-05-02T10:57:39.245203 225 / tcp

-1547821026 | 2024-05-09T21:43:39.762167 264 / tcp

67948279 | 2024-05-15T09:28:31.473239 311 / tcp

-1713467553 | 2024-05-12T09:22:56.334785 389 / tcp

-525136240 | 2024-05-15T14:34:14.763138 427 / tcp

-386996416 | 2024-05-07T07:37:07.526265 443 / tcp

349270136 | 2024-05-12T18:27:19.486158 444 / tcp

897328069 | 2024-05-06T01:28:04.892532 465 / tcp

-288825733 | 2024-05-11T11:34:07.238109 503 / tcp

-952165951 | 2024-05-10T10:40:50.645116 515 / tcp

-1769206458 | 2024-05-04T14:51:57.315732 548 / tcp

735639583 | 2024-04-26T19:53:51.595353 554 / tcp

1650594030 | 2024-04-17T05:53:28.894161 636 / tcp

2098053533 | 2024-05-07T13:37:04.841780 666 / tcp

-1835475271 | 2024-05-11T20:26:31.009150 771 / tcp

-976882525 | 2024-05-03T04:38:32.887258 873 / tcp

-1242315829 | 2024-04-23T06:01:27.877089 992 / tcp

-1230049476 | 2024-04-27T05:46:55.368764 993 / tcp

-1489591880 | 2024-05-03T23:44:33.188106 995 / tcp

1423431314 | 2024-05-14T03:53:55.601915 1023 / tcp

842535728 | 2024-04-20T15:54:01.791434 1024 / tcp

-784071826 | 2024-05-16T13:03:19.920857 1025 / tcp

45131230 | 2024-04-28T03:31:43.268943 1050 / tcp

321971019 | 2024-04-23T23:05:48.941025 1099 / tcp

1911457608 | 2024-05-13T08:42:03.115957 1153 / tcp

1093576587 | 2024-05-10T20:38:53.293683 1177 / tcp

1830187220 | 2024-05-09T18:04:40.904167 1200 / tcp

45131230 | 2024-05-02T07:28:58.523773 1234 / tcp

-1392039491 | 2024-05-14T22:44:30.520559 1311 / tcp

-2107996212 | 2024-05-08T20:09:59.818183 1337 / tcp

-303199180 | 2024-05-14T00:37:54.600256 1388 / tcp

49107754 | 2024-04-19T10:34:14.308948 1433 / tcp

2087396567 | 2024-04-30T22:44:41.972764 1515 / tcp

-1184558916 | 2024-05-13T16:41:36.763370 1521 / tcp

-1399940268 | 2024-05-10T15:11:57.969715 1588 / tcp

1082732927 | 2024-05-03T03:36:18.435385 1599 / tcp

550048729 | 2024-05-05T15:47:46.528139 1604 / tcp

1103582599 | 2024-05-13T09:00:29.615605 1723 / tcp

-222277909 | 2024-05-05T11:41:03.031273 1741 / tcp

-1888448627 | 2024-05-12T23:39:49.279407 1800 / tcp

1692069329 | 2024-05-15T13:05:00.552331 1801 / tcp

2087396567 | 2024-05-07T01:28:58.374554 1883 / tcp

842535728 | 2024-05-14T17:27:52.057306 1926 / tcp

-249504111 | 2024-04-17T13:39:41.428584 1962 / tcp

50497985 | 2024-05-10T21:37:53.164160 2000 / tcp

819727972 | 2024-05-14T04:18:27.511045 2002 / tcp

89282912 | 2024-05-04T19:44:42.057495 2008 / tcp

-358801646 | 2024-05-11T16:57:15.098828
11 / tcp

-1770051369 | 2024-04-28T21:55:08.678047
13 / tcp

550048729 | 2024-04-30T00:41:58.475837
15 / tcp

1852418385 | 2024-05-16T08:54:40.350463
17 / tcp

829384519 | 2024-05-15T11:57:51.568985
19 / tcp

-297128567 | 2024-04-27T10:06:49.086878
20 / tcp

-1248408558 | 2024-04-24T12:32:30.678113
21 / tcp

-1816600103 | 2024-05-05T16:09:26.526317
23 / tcp

408230060 | 2024-05-13T22:18:31.675716
24 / tcp

2046098166 | 2024-04-19T18:06:58.428399
37 / tcp

1208318993 | 2024-04-28T05:58:25.642244
43 / tcp

588096080 | 2024-05-01T05:06:28.680148
49 / tcp

-42462918 | 2024-04-27T08:45:25.812287
53 / tcp

-1967791998 | 2024-05-16T18:32:43.872961
70 / tcp

-972699072 | 2024-04-28T01:21:36.041533
79 / tcp

547866602 | 2024-05-14T12:56:34.068313
80 / tcp

-984990168 | 2024-05-09T14:12:47.935511
81 / tcp

1824169301 | 2024-05-04T13:58:58.393290
82 / tcp

-1189269828 | 2024-05-15T10:19:18.237569
102 / tcp

321971019 | 2024-05-09T16:29:25.866015
104 / tcp

1363464823 | 2024-05-02T00:36:20.528621
110 / tcp

1363464823 | 2024-05-03T07:22:02.459180
111 / tcp

1921398876 | 2024-05-02T06:55:11.730035
113 / tcp

141730637 | 2024-05-16T09:31:07.417059
119 / tcp

1504401647 | 2024-05-12T01:16:07.485645
175 / tcp

-399606100 | 2024-04-25T12:14:26.541309
179 / tcp

1726594447 | 2024-05-11T17:19:06.679545
221 / tcp

-1399940268 | 2024-05-02T10:57:39.245203
225 / tcp

-1547821026 | 2024-05-09T21:43:39.762167
264 / tcp

67948279 | 2024-05-15T09:28:31.473239
311 / tcp

-1713467553 | 2024-05-12T09:22:56.334785
389 / tcp

-525136240 | 2024-05-15T14:34:14.763138
427 / tcp

-386996416 | 2024-05-07T07:37:07.526265
443 / tcp

349270136 | 2024-05-12T18:27:19.486158
444 / tcp

897328069 | 2024-05-06T01:28:04.892532
465 / tcp

-288825733 | 2024-05-11T11:34:07.238109
503 / tcp

-952165951 | 2024-05-10T10:40:50.645116
515 / tcp

-1769206458 | 2024-05-04T14:51:57.315732
548 / tcp

735639583 | 2024-04-26T19:53:51.595353
554 / tcp

1650594030 | 2024-04-17T05:53:28.894161
636 / tcp

2098053533 | 2024-05-07T13:37:04.841780
666 / tcp

-1835475271 | 2024-05-11T20:26:31.009150
771 / tcp

-976882525 | 2024-05-03T04:38:32.887258
873 / tcp

-1242315829 | 2024-04-23T06:01:27.877089
992 / tcp

-1230049476 | 2024-04-27T05:46:55.368764
993 / tcp

-1489591880 | 2024-05-03T23:44:33.188106
995 / tcp

1423431314 | 2024-05-14T03:53:55.601915
1023 / tcp

842535728 | 2024-04-20T15:54:01.791434
1024 / tcp

-784071826 | 2024-05-16T13:03:19.920857
1025 / tcp

45131230 | 2024-04-28T03:31:43.268943
1050 / tcp

321971019 | 2024-04-23T23:05:48.941025
1099 / tcp

1911457608 | 2024-05-13T08:42:03.115957
1153 / tcp

1093576587 | 2024-05-10T20:38:53.293683
1177 / tcp

1830187220 | 2024-05-09T18:04:40.904167
1200 / tcp

45131230 | 2024-05-02T07:28:58.523773
1234 / tcp

-1392039491 | 2024-05-14T22:44:30.520559
1311 / tcp

-2107996212 | 2024-05-08T20:09:59.818183
1337 / tcp

-303199180 | 2024-05-14T00:37:54.600256
1388 / tcp

49107754 | 2024-04-19T10:34:14.308948
1433 / tcp

2087396567 | 2024-04-30T22:44:41.972764
1515 / tcp

-1184558916 | 2024-05-13T16:41:36.763370
1521 / tcp

-1399940268 | 2024-05-10T15:11:57.969715
1588 / tcp

1082732927 | 2024-05-03T03:36:18.435385
1599 / tcp

550048729 | 2024-05-05T15:47:46.528139
1604 / tcp

1103582599 | 2024-05-13T09:00:29.615605
1723 / tcp

-222277909 | 2024-05-05T11:41:03.031273
1741 / tcp

-1888448627 | 2024-05-12T23:39:49.279407
1800 / tcp

1692069329 | 2024-05-15T13:05:00.552331
1801 / tcp

2087396567 | 2024-05-07T01:28:58.374554
1883 / tcp

842535728 | 2024-05-14T17:27:52.057306
1926 / tcp

-249504111 | 2024-04-17T13:39:41.428584
1962 / tcp

50497985 | 2024-05-10T21:37:53.164160
2000 / tcp

819727972 | 2024-05-14T04:18:27.511045
2002 / tcp

89282912 | 2024-05-04T19:44:42.057495
2008 / tcp

-1730858130 | 2024-04-22T09:40:14.679667
2049 / tcp

1282941221 | 2024-04-26T00:41:03.665428
2054 / tcp

-1327660293 | 2024-04-19T22:53:18.663511
2061 / tcp

819727972 | 2024-05-13T17:45:28.671998
2067 / tcp

-1810987450 | 2024-05-15T06:43:19.301362
2081 / tcp

1082732927 | 2024-05-02T21:46:38.135599
2082 / tcp