GeneralInformation

Hostnames	cn-hangzhou.oss.aliyuncs.com
Domains	aliyuncs.com
Country	China
City	Hangzhou
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-51767	OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
CVE-2023-51385	In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
CVE-2023-51384	In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
CVE-2023-48795	The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
CVE-2023-38408	The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
CVE-2022-37454	The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
CVE-2022-31629	In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
CVE-2022-31628	In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.
CVE-2021-41617	4.4sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
CVE-2021-36368	2.6An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.
CVE-2021-21707	5.0In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended.
CVE-2021-21706	4.3In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below 8.0.11, in Microsoft Windows environment, ZipArchive::extractTo may be tricked into writing a file outside target directory when extracting a ZIP file, thus potentially causing files to be created or overwritten, subject to OS permissions.
CVE-2021-21705	5.0In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can be accepted as valid. This can lead to the code incorrectly parsing the URL and potentially leading to other security implications - like contacting a wrong server or making a wrong access decision.
CVE-2021-21704	4.3In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute(), execute(), fetch() and others by returning invalid response data that is not parsed correctly by the driver. This can result in crashes, denial of service or potentially memory corruption.
CVE-2021-21703	6.9In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user.
CVE-2020-15778	6.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."
CVE-2020-14145	4.3The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
CVE-2019-6111	5.8An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
CVE-2019-6110	4.0In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
CVE-2019-6109	4.0An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
CVE-2019-16905	7.8OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.
CVE-2018-20685	2.6In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2018-15919	5.0Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'
CVE-2018-15473	5.0OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
CVE-2017-8923	7.5The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.
CVE-2017-15906	5.0The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
CVE-2016-20012	4.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product
CVE-2013-2220	7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.
CVE-2008-3844	9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
CVE-2007-3205	5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.
CVE-2007-2768	4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

13 15 17 21 23 25 37 38 43 49 51 53 70 79 80 82 90 102 104 110 111 113 119 175 179 195 221 264 311 427 443 444 503 515 548 636 666 771 789 873 992 993 995 1022 1023 1025 1027 1099 1153 1177 1200 1234 1311 1337 1433 1471 1500 1515 1521 1554 1599 1604 1723 1741 1800 1801 1883 1901 1911 1926 1947 1962 1990 2000 2002 2008 2021 2067 2083 2086 2087 2154 2181 2222 2232 2250 2320 2323 2332 2345 2376 2404 2455 2558 2560 2628 2761 2762 3001 3050 3068 3074 3260 3268 3269 3306 3310 3311 3388 3389 3551 3749 3780 4000 4022 4063 4064 4100 4157 4242 4282 4321 4433 4443 4444 4500 4506 4664 4786 4840 4899 4911 4949 4999 5001 5004 5006 5007 5009 5010 5025 5172 5201 5209 5222 5269 5432 5500 5600 5606 5672 5801 5822 5858 5900 5908 5938 5984 5985 5986 6001 6007 6080 6102 6379 6443 6512 6543 6653 6664 6666 6667 6668 6697 6998 7001 7070 7071 7170 7171 7218 7415 7434 7443 7547 7548 7979 7989 8001 8005 8015 8020 8025 8043 8044 8054 8060 8083 8085 8087 8088 8112 8126 8139 8140 8181 8200 8239 8291 8333 8334 8407 8422 8423 8443 8447 8500 8545 8554 8622 8649 8728 8733 8791 8820 8825 8834 8840 8860 8861 8880 8889 8890 9000 9001 9002 9008 9024 9037 9039 9042 9051 9070 9091 9092 9095 9100 9151 9160 9214 9306 9418 9443 9595 9600 9633 9743 9761 9876 9898 9943 9944 9992 9998 9999 10001 10134 10250 10443 10909 10911 11000 11112 11211 11300 11371 12000 12345 14147 14265 14344 16010 16992 16993 18553 19000 20000 20256 20547 21025 22021 22222 22443 23023 25001 25565 27015 27017 28015 28080 30002 31337 32764 33060 35000 37777 41800 44158 44818 49152 50000 50050 50100 51106 51235 54138 55000 55443 55553 55554 60129 61613 61616 62078

1193556399 | 2024-04-05T03:59:20.632898

13 / tcp

12:20:59 2024/1/22

-1230049476 | 2024-04-16T20:01:21.867860

15 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

2115448635 | 2024-04-08T06:53:59.436389

17 / tcp

Toshiba e-STUDIO 233 copier/printer/fax http config

2116898107 | 2024-04-13T20:57:47.776021

21 / tcp

220 (vsFTPd 3.0.2)

-1288412979 | 2024-04-16T22:55:28.898032

23 / tcp

Connection refused

-1327660293 | 2024-04-09T01:11:43.573249

25 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

1288534451 | 2024-04-10T07:07:29.850712

37 / tcp

\\xe9XuK

-1026951088 | 2024-03-22T23:24:45.532828

38 / tcp

erro ip

-142686627 | 2024-04-02T21:21:16.862699

43 / tcp

\x00[\xc2\xba\x7fs\x7f\x00\x00

-1620040646 | 2024-04-17T07:21:11.455431

49 / tcp

\xc3\xbf\xc3\xbb\\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

671605376 | 2024-04-03T03:30:01.894834

51 / tcp

SSH-2.0-OpenSSH_X.X

1369632081 | 2024-03-27T12:37:23.512682

53 / tcp

9
\x81\x80\x00\x01\x00\x02\x00\x00\x00\x00\x08clients1\x06google\x03com\x00\x00\x01\x00\x01\xc0\x00\x05\x00\x01\x00\x00\x01\x03\x00\x07clients\x01l\xc0\x15\xc01\x00\x01\x00\x01\x00\x00\x01\x14\x00\x04\xac٠N
\x00\x06\x85\x80\x00\x01\x00\x01\x00\x00\x00

857710896 | 2024-03-22T07:27:52.190784

70 / tcp

HTTP/1.1 200 OK
Server:  
X-Frame-Options: SAMEORIGIN
Content-type: text/html; charset=UTF-8
Last-modified: Mon, 27 Nov 2023 21:45:42 GMT
Accept-Ranges: bytes
Content-length: 580
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff

-1846450790 | 2024-04-15T00:15:13.417812

79 / tcp

<html>
<head><title>400 Bad Request</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.4.7</center>
</body>
</html>

-2066797492 | 2024-04-13T10:36:55.158709

80 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Sat, 13 Apr 2024 10:36:55 GMT
Content-Type: application/xml
Content-Length: 345
Connection: keep-alive
x-oss-request-id: 661A6047DB1E8B3134B436F6
x-oss-server-time: 0
x-oss-ec: 0003-00001201

-119996482 | 2024-03-27T14:49:47.131948

82 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0

677934968 | 2024-03-29T18:23:14.197222

90 / tcp

lm^)Q

1991883981 | 2024-04-13T22:07:22.706483

102 / tcp

B\x00\x00\x00\xc3\xbfn\x04Too many connections

165188539 | 2024-04-02T13:49:45.915067

104 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-438503381 | 2024-03-30T17:13:16.486894

110 / tcp

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

1308377066 | 2024-04-13T20:36:04.719217

111 / tcp

ncacn_http/1.0

455076604 | 2024-03-28T23:25:39.482560

113 / tcp

!\x07version\x04bind7 t{RPowerDNS Recursor 410

141730637 | 2024-04-09T04:53:55.891253

119 / tcp

HTTP/1.0 200 OK
Server: Proxy

632542934 | 2024-04-03T07:08:34.671582

175 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

-399606100 | 2024-04-05T03:59:25.307485

179 / tcp

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

2087396567 | 2024-03-29T18:20:39.172982

195 / tcp

kjnkjabhbanc283ubcsbhdc72

1134517380 | 2024-04-17T23:50:45.207183

221 / tcp

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

-654288545 | 2024-04-01T06:50:34.646235

264 / tcp

CheckPoint\nFirewall Host: lcm4cp\nSmartCenter Host: cpmanager.cminl.oa.guof3x\\x00\n

676753056 | 2024-03-31T18:48:38.813968

311 / tcp

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html

-661950041 | 2024-04-17T14:29:57.533402

427 / tcp

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://*.*.*.*\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:cdserver\nservice:fdserver\nservice:hdserver\nservice:rmedia\nservice:adviser\nservice:lighttpd\nB://l:87/x\n\nResponse of service:cdserver SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:cdserver://IEIB4055D60C037:5120\n\n\nResponse of service:cdserver AttrRqst:\nVersion: 2\nFunction: Attribute R

-465106308 | 2024-04-17T13:22:11.753131

443 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Wed, 17 Apr 2024 13:22:11 GMT
Content-Type: application/xml
Content-Length: 345
Connection: keep-alive
x-oss-request-id: 661FCD036F529336370B5FA7
x-oss-server-time: 0
x-oss-ec: 0003-00001201

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:21:e4:e5:73:fc:7f:09:2a:04:98:d5
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: Feb 19 05:01:07 2024 GMT
            Not After : Mar 22 05:01:06 2025 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=cn-hangzhou.oss.aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e4:33:85:33:df:c3:af:64:36:c4:2f:07:75:c9:
                    3a:b3:26:75:db:43:da:5c:3a:52:cd:1a:22:6e:91:
                    63:82:4a:49:60:30:02:b2:57:00:98:0e:8d:7c:8a:
                    70:cf:bf:d6:9b:82:41:ea:ba:94:fb:3a:bb:e8:7c:
                    2f:79:90:84:d7:a7:24:a3:ef:ee:6a:a7:8e:cf:2a:
                    e0:d1:9a:ac:9c:b6:8c:0c:a4:2f:62:20:54:e0:14:
                    86:b1:3c:7a:30:f2:19:7e:d1:39:17:e9:d6:18:6e:
                    c3:33:ed:1a:4c:e1:9c:89:36:0f:3c:4c:c7:85:60:
                    6e:18:95:3c:c7:a5:3e:77:2e:3a:bb:a8:ff:56:38:
                    37:86:64:c1:7f:36:de:ac:0f:53:7e:b2:09:3e:e0:
                    7a:12:10:10:fb:73:5d:d8:44:08:54:86:67:b0:f9:
                    7d:c4:5a:e4:bf:09:89:1e:c4:8c:fe:0f:de:e3:00:
                    7b:3c:95:53:77:3c:78:dc:c6:13:a1:d2:89:33:66:
                    f1:ef:82:ea:9d:48:1e:5e:ee:cc:26:6c:4e:22:5c:
                    70:e5:4f:6e:9f:29:f2:96:e2:32:8f:1f:f5:ce:7c:
                    59:a7:ce:66:16:c6:1d:8a:e4:f2:3b:ae:7d:4c:23:
                    40:3b:65:06:b9:02:54:82:88:ed:c5:5f:25:7b:db:
                    53:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
            X509v3 Subject Alternative Name: 
                DNS:cn-hangzhou.oss.aliyuncs.com, DNS:*.oss-cn-hangzhou.aliyuncs.com, DNS:*.img-cn-hangzhou-internal.aliyuncs.com, DNS:*.oss-cn-hzjbp-a-internal.aliyuncs.com, DNS:*.oss-cn-hangzhou-internal.aliyuncs.com, DNS:*.oss-cn-hangzhou-diku-internal.aliyuncs.com, DNS:*.cn-hangzhou.oss.aliyuncs.com, DNS:*.oss-enet-cm.aliyuncs.com, DNS:*.cn-hangzhou.oss-internal-cross.aliyun-inc.com, DNS:*.oss-cn-hangzhou-am101.aliyuncs.com, DNS:*.oss-internal.aliyuncs.com, DNS:*.oss-accelerate.aliyuncs.com, DNS:*.oss-cn-hzjbp-b-internal.aliyuncs.com, DNS:*.img-cn-hangzhou.aliyuncs.com, DNS:*.oss-accelerate-overseas.aliyuncs.com, DNS:*.oss-cn-hangzhou-zmf.aliyuncs.com, DNS:*.oss-cn-hangzhou-hsa.aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.oss.aliyuncs.com, DNS:*.oss-cn-hangzhou-cross.aliyuncs.com, DNS:*.vpc100-oss-cn-hangzhou.aliyuncs.com, DNS:*.oss-cn-hzfinance.aliyuncs.com, DNS:*.oss-enet.aliyuncs.com, DNS:*.cn-hangzhou.oss-internal.aliyuncs.com, DNS:*.oss-enet-cu.aliyuncs.com, DNS:*.oss-enet-ct.aliyuncs.com, DNS:*.oss-cn-hangzhou-zmf-internal.aliyuncs.com, DNS:*.oss-cn-hzfinance-internal.aliyuncs.com, DNS:*.cn-hangzhou-finance.oss.aliyuncs.com, DNS:*.oss-cn-hzjbp-b-console.aliyuncs.com, DNS:*.oss-cache-cn-hangzhou-j.aliyuncs.com, DNS:*.oss-cache-cn-hangzhou-j-cross.aliyuncs.com, DNS:*.oss-enet-cn-east.aliyuncs.com, DNS:*.cn-hangzhou-vpc.oss.aliyuncs.com, DNS:*.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-hangzhou.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-hangzhou-internal.oss-accesspoint.aliyuncs.com, DNS:*.cn-hangzhou.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-hangzhou.aliyuncs.com, DNS:*.s3.oss-cn-hangzhou-internal.aliyuncs.com, DNS:*.cn-hangzhou.mgw.aliyuncs.com, DNS:*.oss.cn-hangzhou.privatelink.aliyuncs.com, DNS:*.oss-cn-hangzhou.oss-object-process.aliyuncs.com, DNS:*.oss-cn-hangzhou-internal.oss-object-process.aliyuncs.com, DNS:*.s3.oss-accelerate.aliyuncs.com, DNS:*.s3.oss-accelerate-overseas.aliyuncs.com, DNS:*.cn-hangzhou-cross.mgw.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            X509v3 Subject Key Identifier: 
                A9:B4:08:AD:74:76:24:F8:94:02:09:AF:A1:CD:4B:1D:51:33:C1:61
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Feb 19 05:01:09.851 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:4C:A8:93:C6:9D:10:B5:44:EA:22:C4:6E:
                                92:C3:E2:B2:9B:DE:7D:ED:7C:E4:13:66:7C:BC:00:C6:
                                55:E5:30:FD:02:20:52:7C:85:F1:3E:EA:BE:9A:8E:4B:
                                99:EE:3E:1B:E9:01:06:7D:47:E3:D8:82:C0:E4:29:46:
                                11:A5:F1:30:AB:51
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Feb 19 05:01:09.861 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:FA:47:21:1A:96:CD:EC:11:AE:C7:7C:
                                D9:67:C2:68:9E:BC:61:58:CE:23:BD:45:DD:5F:E5:49:
                                7B:EB:33:BC:CA:02:20:70:0A:31:A8:28:9A:BD:14:21:
                                5C:0A:E9:AA:DD:72:24:80:CE:39:27:5F:A0:48:0E:9C:
                                52:D1:13:61:E3:53:47
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Feb 19 05:01:09.819 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:32:A3:F7:00:A4:8C:A6:78:04:A5:44:F7:
                                70:3D:F8:E4:8D:71:DA:26:14:63:0D:D1:34:8A:C4:5A:
                                C4:ED:62:FC:02:20:39:FD:AC:A3:E6:79:99:18:43:7D:
                                71:8D:1B:B5:39:98:E2:04:70:DD:FD:D2:4F:CD:22:0D:
                                D6:85:2E:46:B7:D5
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        27:c4:7d:9b:75:a3:41:86:a4:06:5f:b8:66:d0:3e:cd:73:9c:
        b2:ba:f0:f3:5b:b9:5c:61:75:10:f9:ec:00:3f:f1:35:1b:64:
        02:ef:a2:0b:64:fe:3a:5f:bd:59:fa:34:17:50:9f:ec:97:0d:
        e8:d9:2c:f4:30:27:5a:51:83:cf:7d:e5:ae:0f:68:b9:ec:a1:
        05:52:98:ff:1d:0b:8a:94:8a:f7:0b:32:e8:2b:91:f2:52:a8:
        ac:44:a7:ab:e0:ae:4f:7e:aa:59:d5:e0:92:e6:ea:6f:a1:3b:
        97:93:68:06:84:a1:8c:eb:76:62:39:00:ff:90:29:b2:90:4c:
        cf:36:f1:82:48:7b:d9:64:f4:6f:fc:1e:e3:90:9d:ea:e0:98:
        f3:99:cd:ca:19:6e:fd:7e:72:12:0e:b6:78:7e:a1:27:7c:a3:
        1f:e5:bc:16:ac:2c:73:fc:1d:db:37:21:6e:7d:30:1d:67:41:
        3e:8d:78:f0:08:76:83:43:df:1d:29:5b:74:9e:20:e0:10:b8:
        69:43:d2:39:ea:65:aa:8b:3f:09:23:82:a5:3a:b8:ad:7f:71:
        9d:22:d8:eb:85:ca:77:97:b1:38:29:02:5d:d1:de:04:ff:cf:
        6d:7c:ee:91:c4:34:33:dc:92:52:f9:48:0c:5f:10:40:dc:5d:
        7d:16:5c:a2

2087396567 | 2024-04-10T16:54:20.277132

444 / tcp

kjnkjabhbanc283ubcsbhdc72

-445721795 | 2024-04-09T23:39:02.833764

503 / tcp

\x00[\xc3\xaed\x1a\x7f\x00\x00

-2033111675 | 2024-04-02T19:08:53.620404

515 / tcp

~djb

-2035415184 | 2024-04-13T14:35:49.757026

548 / tcp

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: Landisk2\nMachine Type: \rNetatalk3.1.8\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: Cleartxt Passwrd\\x04,DHX2\t,DHCAST128\\x00\nServer Signature: 00000000008002000180030002800280

1255568492 | 2024-04-09T05:34:34.843150

636 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 12-56308661-0 0NNN RT(1705912410675 113) q(-1 -1 -1 -1) r(0 -1) b1

2098053533 | 2024-04-09T00:06:29.791294

666 / tcp

HTTP/1.1 401 Unauthorized
Server: nginx/1.17.7
Content-Type: text/html
Connection: keep-alive

-1399940268 | 2024-04-04T01:32:12.551496

771 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-04-16T02:48:40.467492

789 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1598265216 | 2024-04-14T02:44:53.390335

873 / tcp

@RSYNCD: 31.0

-936692830 | 2024-04-10T04:27:53.801811

992 / tcp

HTTP/1.1 202 OK
Connection: Keep-Alive
Content-Type: text/html
Keep-Alive: timeout=15; max=19

-1139539254 | 2024-04-09T22:37:18.876004

993 / tcp

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

-2113068813 | 2024-04-17T11:48:38.677676

995 / tcp

+OK POP3 server ready\n

819727972 | 2024-03-31T12:47:49.105004

1022 / tcp

SSH-2.0-OpenSSH_7.4

-358801646 | 2024-03-30T11:13:39.954302

1023 / tcp

SSH-2.0-OpenSSH_6.6.1

51259122 | 2024-03-31T22:27:45.158372

1025 / tcp

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

-1888448627 | 2024-04-16T20:40:54.328110

1027 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

819727972 | 2024-04-14T11:02:07.891621

1099 / tcp

SSH-2.0-OpenSSH_7.4

1426971893 | 2024-03-29T23:21:51.685882

1153 / tcp

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

-1477838366 | 2024-04-17T10:41:54.336095

1177 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

-527005584 | 2024-04-18T13:53:47.879349

1200 / tcp

/0 0 L
/0 0 HUH

-1839934832 | 2024-04-08T04:54:41.428642

1234 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

550048729 | 2024-04-15T07:07:57.416152

1311 / tcp

ÿÿÿ
0 ...

-971970408 | 2024-03-30T23:39:37.122306

1337 / tcp

419886129 | 2024-04-18T11:26:56.786465

1433 / tcp

MSSQL Server\nVersion: 167773760 (0xa000640)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: XTZJ-20210317RG\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: XTZJ-20210317RG\nNetBIOS_Computer_Name: XTZJ-20210317RG\nDNS_Domain_Name: XTZJ-20210317RG\nDNS_Computer_Name: XTZJ-20210317RG\nSystem_Time: 2024-01-22 04:01:04 +0000 UTC\n\n

104385780 | 2024-04-18T13:40:25.359346

1471 / tcp

ceph v2

-1373985444 | 2024-03-30T12:44:26.849620

1500 / tcp

HTTP/1.1 200 OK
Server: Apache/2.4.48 (Win64) PHP/7.3.28
X-Powered-By: PHP/7.3.28
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8

2087396567 | 2024-04-18T03:58:26.573925

1515 / tcp

kjnkjabhbanc283ubcsbhdc72

-1337747449 | 2024-04-10T00:25:41.769120

1521 / tcp

Version:12.2.0.1.0\n"\\x00\\x00Y(DESCRIPTION=(TMP=)(VSNNUM=203424000)(ERR=1189)(ERROR_STACK=(ERROR=(CODE=1189)(EMFI=4))))

321971019 | 2024-03-25T22:43:29.152352

1554 / tcp

-ERR client ip is not in whitelist\r

-784071826 | 2024-04-16T19:58:18.221626

1599 / tcp

SSH-2.0-OpenSSH_8.0

550048729 | 2024-04-02T02:06:31.269895

1604 / tcp

ÿÿÿ
0 ...

2064046231 | 2024-03-24T02:22:07.250604

1723 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1c77_tb143_15913-45531

660175493 | 2024-04-08T10:02:59.764061

1741 / tcp

-1399940268 | 2024-03-27T11:38:15.592364

1800 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1692069329 | 2024-04-01T10:06:17.749487

1801 / tcp

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074\\xe14\\xf0\\xb6\\xb85\x0bB\\x86\\x99B\\xa5\\x07\\xb0\\xf6V92d3\\x10\\x03\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

-2017887953 | 2024-04-05T23:38:40.577152

1883 / tcp

SSH-2.0-OpenSSH_7.9

632542934 | 2024-04-10T04:37:21.445154

1901 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

1134517380 | 2024-04-18T14:37:16.137079

1911 / tcp

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

2087396567 | 2024-04-17T10:16:49.654742

1926 / tcp

kjnkjabhbanc283ubcsbhdc72

-130294253 | 2024-03-25T13:54:17.976700

1947 / tcp

HTTP/1.1 401 Unauthorized
Content-Type: text/html
Server: Microsoft-IIS
X-Powered-By: ASP.NET

HTTP NTLM Info:
Target_Name: PSH
Product_Version: 10.0.14393 Ntlm 15
OS: Windows 10, Version 1607/Windows Server 2016, Version 1607
NetBIOS_Domain_Name: PSH
NetBIOS_Computer_Name: PSH-VPN-02V
DNS_Domain_Name: PSH.CORP.PEGATRON
DNS_Computer_Name: PSH-VPN-02V.PSH.CORP.PEGATRON
MsvAvDnsTreeName: CORP.PEGATRON
System_Time: 2024-01-22 05:36:42 +0000 UTC

15018106 | 2024-04-04T07:16:22.737135

1962 / tcp

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

-1598265216 | 2024-04-04T00:40:52.711172

1990 / tcp

@RSYNCD: 31.0

-441419608 | 2024-04-03T23:52:13.946788

2000 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

1574088840 | 2024-04-13T12:35:39.008394

2002 / tcp

">Application and Content Networking Software 3.9</a>)\n</BODY><

1453929220 | 2024-04-11T18:54:48.566212

2008 / tcp

[ç

-358801646 | 2024-03-23T01:48:16.352129

2021 / tcp

SSH-2.0-OpenSSH_6.6.1

-1559123399 | 2024-04-14T20:54:43.689581

2067 / tcp

500 Permission denied - closing connection.

1975288991 | 2024-04-15T18:44:31.476456

2083 / tcp

OPTI

89282912 | 2024-03-31T01:45:02.847868

2086 / tcp

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto
col:SOAP, MKSDisplayProtocol:VNC , ,

1741579575 | 2024-04-16T17:28:33.782205

2087 / tcp

2087396567 | 2024-04-03T20:06:17.329960

2154 / tcp

kjnkjabhbanc283ubcsbhdc72

546151771 | 2024-04-17T04:54:40.842146

2181 / tcp

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

2051656595 | 2024-04-15T18:50:30.976825

2222 / tcp

SSH-2.0-OpenSSH_7.4\r\n\n

-1230049476 | 2024-03-25T16:17:32.164237

2232 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

-1399940268 | 2024-04-03T05:07:28.070923

2250 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-04-05T11:43:57.689401

2320 / tcp

SSH-2.0-OpenSSH_7.4

979705126 | 2024-04-18T02:29:04.834392

2323 / tcp


(none) login: 

TELNET Negotiation:
will: Echo, Suppress Go Ahead
do: Echo, Negotiate About Window Size

-1839934832 | 2024-04-05T08:20:11.350105

2332 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

1911457608 | 2024-04-15T01:03:46.970048

2345 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1097188123 | 2024-04-09T01:13:35.580261

2376 / tcp

[g\xc2\x95N\x7f

-1399940268 | 2024-04-11T21:42:58.471085

2404 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1282941221 | 2024-04-10T02:16:28.382414

2455 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

504717326 | 2024-04-17T00:47:42.231842

2558 / tcp

SSH-2.0-OpenSSH_8.6

-1261090339 | 2024-03-25T02:59:52.548442

2560 / tcp

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

2087396567 | 2024-04-16T18:52:07.692186

2628 / tcp

kjnkjabhbanc283ubcsbhdc72

-1428621233 | 2024-03-26T00:08:47.884918

2761 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

-1248408558 | 2024-04-08T10:29:50.810293

2762 / tcp

220 MikroTik FTP server (MikroTik 6.44.3) ready

1911457608 | 2024-04-11T14:25:42.819888

3001 / tcp

\x00[\x00\x00\x00\x00\x00\x00

819727972 | 2024-04-17T22:30:00.460202

3050 / tcp

SSH-2.0-OpenSSH_7.4

2098371729 | 2024-04-17T06:50:17.061164

3068 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

1991883981 | 2024-04-08T18:40:17.399039

3074 / tcp

B\x00\x00\x00\xc3\xbfn\x04Too many connections

1135752610 | 2024-04-10T12:00:50.169203

3260 / tcp

Login Response Success(0x0000)\nKey/Value Pairs\nAuthMethod=None

-561021273 | 2024-04-02T21:53:03.551418

3268 / tcp

220 2.0.0 prod-cn-momentum2.webpowercn.local ESMTP ecelerity 4.2.1.51128 r(Core:4.2.1.5) Sun, 03 Dec 2023 10:04:37 +0800\r\n

165188539 | 2024-03-28T00:40:17.821879

3269 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1047846045 | 2024-04-15T21:56:37.602961

3306 / tcp

H\\x00\\x00\\x01\\xffj\\x04Host \'*.*.*.*\' is not allowed to connect to this MariaDB server

-1399940268 | 2024-04-01T23:07:59.471996

3310 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2143387245 | 2024-04-09T13:04:34.380874

3311 / tcp

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

-1888448627 | 2024-04-16T21:15:50.015409

3388 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

521595461 | 2024-03-28T22:54:45.670280

3389 / tcp

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x03\\x00\\x08\\x00\\x02\\x00\\x00\\x00\n\nGuess_OS:Windows Server 2003 or 2008\nFlag: PROTOCOL_HYBRID\n

198844676 | 2024-04-15T23:31:45.925702

3551 / tcp

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

-1316491703 | 2024-03-30T22:45:29.914621

3749 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready

-2033111675 | 2024-03-28T15:59:36.385347

3780 / tcp

~djb

141533638 | 2024-04-15T01:18:54.369007

4000 / tcp

HTTP/1.1 302 Found
Location: /index.html

1911457608 | 2024-04-17T21:26:51.620441

4022 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1286504516 | 2024-04-08T21:09:18.991589

4063 / tcp

CP2E Control Console
Connected to Host: gZI

165188539 | 2024-04-15T16:28:44.904580

4064 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1723769361 | 2024-03-21T06:32:33.804959

4100 / tcp

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

539065883 | 2024-04-16T00:53:46.509261

4157 / tcp

-1914158197 | 2024-04-11T19:38:16.718936

4242 / tcp

HTTP/1.1 500 Internal Server Error
Server: nginx/1.18.11011 (Ubuntu)
Content-Type: text/plain; charset=utf-8
Connection: close

842535728 | 2024-04-03T07:55:10.355835

4282 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

-1250504565 | 2024-04-10T22:38:33.946476

4321 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

819727972 | 2024-04-09T17:14:32.101467

4433 / tcp

SSH-2.0-OpenSSH_7.4

-1060562267 | 2024-04-18T12:28:57.726230

4443 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae29b6_PS-NKG-01Aqo82_2892-58968

1911457608 | 2024-04-10T04:07:01.678465

4444 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1059554316 | 2024-04-03T07:02:48.299274

4500 / tcp

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

1975288991 | 2024-04-17T04:21:15.167529

4506 / tcp

OPTI

-119996482 | 2024-03-24T06:56:21.337121

4664 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0

-1099385124 | 2024-04-05T19:05:31.923976

4786 / tcp

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

819727972 | 2024-03-27T16:31:17.653776

4840 / tcp

SSH-2.0-OpenSSH_7.4

-1839934832 | 2024-04-10T13:12:17.115162

4899 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

671605376 | 2024-04-02T09:30:12.449577

4911 / tcp

SSH-2.0-OpenSSH_X.X

539065883 | 2024-04-08T11:03:04.330073

4949 / tcp

-1399940268 | 2024-03-30T18:44:10.767252

4999 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1830697416 | 2024-03-23T14:49:03.469908

5001 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

819727972 | 2024-04-13T21:38:12.196599

5004 / tcp

SSH-2.0-OpenSSH_7.4

-1059554316 | 2024-04-18T08:06:28.403278

5006 / tcp

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

-1810987450 | 2024-03-30T19:45:28.145593

5007 / tcp

\xc3\xbf

1578202979 | 2024-04-04T02:55:06.750478

5009 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1a4c_wdx37_19919-36152

1543809371 | 2024-04-18T14:42:52.312668

5010 / tcp

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

550048729 | 2024-04-18T07:44:25.367759

5025 / tcp

ÿÿÿ
0 ...

819727972 | 2024-04-08T22:31:41.462149

5172 / tcp

SSH-2.0-OpenSSH_7.4

-375604792 | 2024-04-01T20:33:43.974474

5201 / tcp

220 Microsoft FTP Service

-826610984 | 2024-04-01T08:45:13.423783

5209 / tcp

HTTP/1.1 200
Accept-Ranges: bytes
Content-Type: text/html;charset=UTF-8
Content-Length: 602
Connect-To: https://member.aliyun.com/unshift-flush/object-trigger/jobs/nacos/

<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="UTF-8">
	<title>Nacos</title>
	<link rel="shortcut icon" href="/nacos/console-ui/public/img/nacos-logo.png" type="image/x-icon">

<link href="./css/main.css" rel="stylesheet"></head>
<body>
	<div id="root" style="overflow:hidden"></div>
	<div id="app"></div>
	<div id="other"></

1741579575 | 2024-04-14T09:28:21.318270

5222 / tcp

-1854630806 | 2024-04-15T11:42:44.940503

5269 / tcp

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705937491.237-w-waf01tjgt

1213931722 | 2024-04-09T17:24:16.991865

5432 / tcp

ICAP/1.0 501 Other\r\nServer: Traffic Spicer 7788179225\r\n

1023953321 | 2024-03-25T12:23:44.886694

5500 / tcp

HTTP/1.0 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm="proxy"
Connection: close
Content-type: text/html; charset=utf-8

-747911285 | 2024-03-25T09:21:32.062417

5600 / tcp

\xc2\xaa

-1019343788 | 2024-04-14T08:42:55.548776

5606 / tcp

W!\x00\x00\x00\x00

575925250 | 2024-04-09T08:37:00.389641

5672 / tcp

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

-138733098 | 2024-04-14T05:45:58.478485

5801 / tcp

roku: ready

-1547976805 | 2024-04-05T12:14:31.972750

5822 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: close

-358801646 | 2024-04-02T16:35:33.895337

5858 / tcp

SSH-2.0-OpenSSH_6.6.1

-1730858130 | 2024-04-05T05:14:24.313318

5900 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-1399940268 | 2024-04-01T06:00:49.904177

5908 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-801484042 | 2024-04-14T03:50:11.772578

5938 / tcp

ERR 27

1999272906 | 2024-04-15T03:27:04.426070

5984 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

660175493 | 2024-04-14T00:06:13.767167

5985 / tcp

1741579575 | 2024-04-16T01:31:41.966902

5986 / tcp

120534451 | 2024-04-10T14:55:17.251183

6001 / tcp

X11 access denied

-1399940268 | 2024-03-20T22:46:04.685717

6007 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1729629024 | 2024-03-29T01:32:50.874661

6080 / tcp

101 imqbroker =unV

-1399940268 | 2024-04-16T00:50:25.366533

6102 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

321971019 | 2024-03-24T23:34:05.404543

6379 / tcp

-ERR client ip is not in whitelist\r

-345718689 | 2024-04-08T03:46:08.319061

6443 / tcp

Vty password is not set.

-1399940268 | 2024-04-18T04:45:09.551701

6512 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-930644848 | 2024-03-27T08:11:33.852870

6543 / tcp

\\xba\\xdc\xcd\xab\\x01#\\x19\\x10C\\x00U\xd0\x94\\xbc\\x85\\x00\\x94z\\xab\\x18\\x00\\x00\\x00\\x00\\x00\\x00[032][11:39:50.410]\\xc1\\xac\\xbd\xd3\xb3\xc9\xb9\\xa6\\xa3\\xac\\xb1\\xbe\xc4\xa3\\xbf\\xe9 PID \xce\xaa 0x23=35\\x00\\xba\\xdc\xcd\xab\\x01#\\x00\\x00_\\x00U\\xa9\\x00\\x00\\x1d\\x00\\x94\\x8aS\\xb0\\x94\\x8aS\\xb4\\x94;[033][11:3

-1888448627 | 2024-04-15T18:51:03.215458

6653 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

104385780 | 2024-04-04T23:03:33.944183

6664 / tcp

ceph v2

4935895 | 2024-04-10T07:30:18.811196

6666 / tcp

HTTP/1.1 400 Bad Request
Server: CloudWAF

-971970408 | 2024-04-10T16:47:00.149667

6667 / tcp

-616720387 | 2024-04-10T07:53:01.465986

6668 / tcp

SSH-2.0-SSHD_0.7.6

-1795027372 | 2024-03-22T14:19:01.533648

6697 / tcp

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

-1399940268 | 2024-04-04T15:37:44.369331

6998 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1265582946 | 2024-04-14T02:14:57.831671

7001 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2838_PS-JJN-01GM465_27752-26327

572436013 | 2024-04-13T12:35:53.097095

7070 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/plain

660175493 | 2024-03-22T02:57:38.917260

7071 / tcp

1911457608 | 2024-04-09T13:54:49.874510

7170 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1730858130 | 2024-03-27T21:14:26.862022

7171 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

103159425 | 2024-04-14T09:14:11.829153

7218 / tcp

SSH-1.99-RGOS_SSH

677934968 | 2024-04-17T10:49:13.421688

7415 / tcp

lm^)Q

-971970408 | 2024-04-17T05:12:18.717478

7434 / tcp

-584993230 | 2024-04-05T19:53:20.132241

7443 / tcp

HTTP/1.1 400 Bad Request
Server:  
Content-Type: text/html
Connection: close

-1316491703 | 2024-04-11T02:30:17.374570

7547 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready

104385780 | 2024-04-15T12:09:17.729136

7548 / tcp

ceph v2

819727972 | 2024-04-05T14:09:56.524392

7979 / tcp

SSH-2.0-OpenSSH_7.4

104385780 | 2024-04-14T14:44:16.354287

7989 / tcp

ceph v2

1072892569 | 2024-04-14T16:49:59.681215

8001 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

1911457608 | 2024-03-26T04:51:19.673028

8005 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-136006866 | 2024-03-27T02:03:23.097076

8015 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

-1297953727 | 2024-04-02T00:12:55.876791

8020 / tcp

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

-1888448627 | 2024-03-31T01:33:29.006629

8025 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

-1329831334 | 2024-04-17T00:23:21.674133

8043 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

-1399940268 | 2024-04-04T22:50:46.853688

8044 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-04-15T07:33:13.828495

8054 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-79865617 | 2024-04-18T08:33:46.765880

8060 / tcp

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com
mit-revprops depth log-revprops partial-replay ) ) )

104385780 | 2024-04-13T12:46:08.786632

8083 / tcp

ceph v2

-1105333987 | 2024-04-16T07:43:53.624692

8085 / tcp

\x00[KpU\x7f\x00\x00

1504401647 | 2024-04-17T05:03:36.648293

8087 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

-1476017887 | 2024-03-23T14:15:17.686636

8088 / tcp

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

-1461540015 | 2024-04-01T14:28:26.949545

8112 / tcp

audio 0 RTP/AVP 18 4 3 8 0 101
a

2087396567 | 2024-04-10T22:19:17.743611

8126 / tcp

kjnkjabhbanc283ubcsbhdc72

-1795027372 | 2024-03-29T13:57:56.134962

8139 / tcp

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

1741579575 | 2024-04-01T23:17:11.028623

8140 / tcp

171352214 | 2024-04-05T08:04:18.054308

8181 / tcp

-ERR client ip is not in whitelist

-1264324149 | 2024-04-11T08:55:40.346838

8200 / tcp

Siemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready
ÿû\x01ÿû\x03ÿý\x01ÿþ\x01Username:

165188539 | 2024-03-23T05:15:41.665174

8239 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

819727972 | 2024-04-18T09:07:07.431921

8291 / tcp

SSH-2.0-OpenSSH_7.4

-1729028106 | 2024-04-02T01:52:06.219635

8333 / tcp

HTTP/1.1 401 Unauthorized
Content-Type: text/html
Server: Microsoft-IIS/10.0

-119996482 | 2024-04-13T23:51:33.906327

8334 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0

1911457608 | 2024-04-04T12:47:42.285650

8407 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-03-29T05:09:48.570226

8422 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1911457608 | 2024-03-25T21:57:38.158538

8423 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1735450406 | 2024-04-14T06:49:30.205839

8443 / tcp

HTTP/1.1 444 
Content-Type: text/html
Connection: keep-alive
Cache-Control: no-cache, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
X-XSS-Protection: 1
Pragma: no-cache
X-PHP-Response-Code: 403
Server: HTTPD

1763259671 | 2024-04-03T10:55:17.166959

8447 / tcp

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

1652191202 | 2024-04-15T05:15:22.153330

8500 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae296b_PS-NTG-014eQ157_14943-13699

-1399940268 | 2024-04-05T21:28:29.818947

8545 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-2031152423 | 2024-04-14T19:57:20.020752

8554 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

1911457608 | 2024-03-26T20:00:22.168935

8622 / tcp

\x00[\x00\x00\x00\x00\x00\x00

842535728 | 2024-04-09T20:26:59.889115

8649 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

-2017887953 | 2024-04-08T16:05:00.222025

8728 / tcp

SSH-2.0-OpenSSH_7.9

-1139539254 | 2024-04-03T04:41:58.671876

8733 / tcp

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

165188539 | 2024-03-25T08:26:08.507740

8791 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-358801646 | 2024-03-20T13:50:02.459622

8820 / tcp

SSH-2.0-OpenSSH_6.6.1

597764502 | 2024-03-23T08:19:01.251326

8825 / tcp

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

745343730 | 2024-03-29T16:41:54.698405

8834 / tcp

220 smtp.qq.com Esmtp QQ Mail Server

745343730 | 2024-03-27T09:27:06.808647

8840 / tcp

220 smtp.qq.com Esmtp QQ Mail Server

307999478 | 2024-03-31T18:40:32.681390

8860 / tcp

unknown command \r\nunknown command \r\n

-249504111 | 2024-04-11T21:29:46.331354

8861 / tcp

\x00[xU-\x7f\x00\x00

-1045760528 | 2024-04-09T16:07:43.699348

8880 / tcp

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

-2107996212 | 2024-03-27T00:37:26.898085

8889 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

-1032713145 | 2024-04-05T00:04:19.068479

8890 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

-2067028711 | 2024-03-24T08:15:26.938020

9000 / tcp

\x15\x03\x01\x00\x02\x02F

-1026951088 | 2024-04-14T11:36:20.565991

9001 / tcp

erro ip

-1441741890 | 2024-03-30T02:52:42.246759

9002 / tcp

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2
0181212])

1911457608 | 2024-04-02T00:14:18.972515

9008 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-03-25T11:05:29.533390

9024 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-04-04T21:20:50.844852

9037 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

165188539 | 2024-04-16T20:26:19.663973

9039 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

873425297 | 2024-04-18T14:32:26.640996

9042 / tcp

200 NOD32SS 99 (3318497116)

2087396567 | 2024-04-02T23:40:23.928601

9051 / tcp

kjnkjabhbanc283ubcsbhdc72

-1399940268 | 2024-04-05T21:15:49.734123

9070 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2087396567 | 2024-04-14T01:16:21.329098

9091 / tcp

kjnkjabhbanc283ubcsbhdc72

921225407 | 2024-03-26T18:38:02.525671

9092 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

1308377066 | 2024-04-10T18:04:26.315456

9095 / tcp

ncacn_http/1.0

1911457608 | 2024-04-04T13:30:59.595048

9100 / tcp

\x00[\x00\x00\x00\x00\x00\x00

863754335 | 2024-04-16T03:31:52.274926

9151 / tcp

0a

165188539 | 2024-04-05T04:33:01.677997

9160 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1261090339 | 2024-03-20T20:59:10.409807

9214 / tcp

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

-2096652808 | 2024-04-17T17:09:54.215531

9306 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-833168972 | 2024-03-26T07:03:11.527506

9418 / tcp

HTTP/1.1 200 
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked

-971970408 | 2024-04-02T13:25:47.998954

9443 / tcp

104385780 | 2024-04-15T03:40:19.858122

9595 / tcp

ceph v2

1332894250 | 2024-04-10T06:22:32.414406

9600 / tcp

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

171352214 | 2024-04-11T00:07:16.711904

9633 / tcp

-ERR client ip is not in whitelist

1308377066 | 2024-04-17T14:48:33.355532

9743 / tcp

ncacn_http/1.0

-1733645023 | 2024-04-18T00:58:50.863270

9761 / tcp

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

-1867457549 | 2024-03-24T15:44:08.868610

9876 / tcp

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)

1304012963 | 2024-03-21T01:21:00.171493

9898 / tcp

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: close

1833368189 | 2024-04-15T23:40:43.665247

9943 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae18b9_dong118_31397-16667

-119996482 | 2024-04-03T00:44:05.029445

9944 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0

-2089734047 | 2024-03-29T07:06:18.869627

9992 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1969772007 | 2024-03-27T02:00:57.617726

9998 / tcp

HTTP/1.1 400 Bad Request
Connection: keep-alive
Connection: close
X-Via-JSL: c973153,-
X-Cache: error

1161309183 | 2024-04-08T06:37:54.635225

9999 / tcp

ProxyServer is ready

1492413928 | 2024-03-22T21:43:42.231216

10001 / tcp

SSH-2.0-OpenSSH_7.5

1282941221 | 2024-04-16T15:56:51.043264

10134 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

89282912 | 2024-04-11T10:37:31.042899

10250 / tcp

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto
col:SOAP, MKSDisplayProtocol:VNC , ,

2087396567 | 2024-04-08T22:20:25.271306

10443 / tcp

kjnkjabhbanc283ubcsbhdc72

493955023 | 2024-03-23T17:34:28.717350

10909 / tcp

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

-1399940268 | 2024-03-30T16:02:40.002878

10911 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1726594447 | 2024-04-17T02:00:37.164348

11000 / tcp

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

1911457608 | 2024-03-29T06:13:44.080684

11112 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-136006866 | 2024-04-17T05:48:23.310569

11211 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

-903067560 | 2024-04-04T21:02:09.062451

11300 / tcp

\x00[\x13)\xc2\x81\x7f\x00\x00

-119996482 | 2024-04-08T11:57:28.648899

11371 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0

-2046909074 | 2024-04-09T20:58:44.265041

12000 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae217c_PS-000-01mL925_24271-10054

142594048 | 2024-04-11T17:00:56.471856

12345 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae29bb_CS-000-01pYi173_32176-13938

-2089734047 | 2024-04-05T16:10:44.358128

14147 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1948301213 | 2024-04-01T01:37:22.903203

14265 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

1911457608 | 2024-04-18T13:36:41.837474

14344 / tcp

\x00[\x00\x00\x00\x00\x00\x00

770016595 | 2024-03-19T21:05:42.376274

16010 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

-1840324437 | 2024-04-04T14:55:31.060379

16992 / tcp

-971970408 | 2024-03-24T09:11:16.853976

16993 / tcp

2067064333 | 2024-04-08T18:37:45.000805

18553 / tcp

athinfod: invalid query.

1624217396 | 2024-04-17T18:47:17.786318

19000 / tcp

HELO:10.3.6.0.false\nAS:2048\nHL:19

1900503736 | 2024-03-30T16:26:58.707168

20000 / tcp

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

-1399940268 | 2024-04-17T00:22:12.605968

20256 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1139539254 | 2024-03-24T22:57:34.840099

20547 / tcp

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

-1230049476 | 2024-04-09T19:02:52.709689

21025 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

550048729 | 2024-03-26T12:56:31.794866

22021 / tcp

ÿÿÿ
0 ...

-358801646 | 2024-03-22T19:06:41.857068

22222 / tcp

SSH-2.0-OpenSSH_6.6.1

2087396567 | 2024-03-21T20:28:18.876230

22443 / tcp

kjnkjabhbanc283ubcsbhdc72

1632932802 | 2024-04-08T02:53:44.485967

23023 / tcp

819727972 | 2024-03-23T03:21:41.555909

25001 / tcp

SSH-2.0-OpenSSH_7.4

-2089734047 | 2024-04-14T17:57:30.335954

25565 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

921225407 | 2024-03-30T17:00:02.019098

27015 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

1763259671 | 2024-03-29T00:22:05.653520

27017 / tcp

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

1723769361 | 2024-04-16T01:50:25.866461

28015 / tcp

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

-1969169410 | 2024-03-26T17:04:13.200111

28080 / tcp

ÿû
-> GET / HTTP/1.0
GET / HTTP/1.0
undefined symbol: GET
-> 
->

-1609150592 | 2024-04-11T23:28:49.767291

30002 / tcp

ÿÿÿ
0 ...

1024374118 | 2024-04-04T22:47:21.777684

31337 / tcp

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

233634112 | 2024-04-14T22:06:50.750749

32764 / tcp

SSH-98.60-SysaxSSH_81885..42

-1888448627 | 2024-03-21T19:42:04.137959

33060 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1726594447 | 2024-03-22T10:33:09.143821

35000 / tcp

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

-1598265216 | 2024-03-31T22:59:50.001509

37777 / tcp

@RSYNCD: 31.0

-801484042 | 2024-04-13T20:50:11.023074

41800 / tcp

ERR 27

-433302150 | 2024-04-08T23:35:17.594755

44158 / tcp

/multistream/1.0.0

-1327660293 | 2024-04-02T12:58:23.481488

44818 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

-1591825093 | 2024-03-29T03:34:41.381162

49152 / tcp

HTTP/1.1 500 Internal Server Error
CONTENT-LENGTH: 411
CONTENT-TYPE: text/xml; charset="utf-8"
DATE: Mon, 22 Jan 2024 08:04:18 GMT
EXT:
SERVER: Linux/3.3.0, UPnP/1.0, Portable SDK for UPnP devices/1.6.18
X-User-Agent: redsonic

1778988322 | 2024-04-17T22:08:55.301121

50000 / tcp

* OK GroupWise IMAP4rev1 Server Ready

-1023516719 | 2024-04-14T20:32:16.062542

50050 / tcp

ã

KvInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

1632932802 | 2024-04-02T05:16:20.217695

50100 / tcp

-1969169410 | 2024-04-09T10:48:27.821486

51106 / tcp

ÿû
-> GET / HTTP/1.0
GET / HTTP/1.0
undefined symbol: GET
-> 
->

1948301213 | 2024-03-19T21:35:25.803984

51235 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

-1888448627 | 2024-04-01T23:15:19.986042

54138 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-03-30T19:55:34.820890

55000 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1690634669 | 2024-04-03T05:15:15.769197

55443 / tcp

2087396567 | 2024-04-15T21:41:54.165560

55553 / tcp

kjnkjabhbanc283ubcsbhdc72

660175493 | 2024-04-09T05:48:58.994017

55554 / tcp

2087396567 | 2024-04-03T00:55:46.864694

60129 / tcp

kjnkjabhbanc283ubcsbhdc72

-1399940268 | 2024-04-04T16:21:07.108581

61613 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1545917845 | 2024-04-13T21:19:17.546838

61616 / tcp

[gN

1842317374 | 2024-04-13T17:58:10.299805

62078 / tcp

/1.1 400 Bad Request
Server: nginx/1.13.0
Content-Type: text/html
Connection: close

47.110.23.82

Last Seen: 2024-04-18

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1193556399 | 2024-04-05T03:59:20.632898 13 / tcp

-1230049476 | 2024-04-16T20:01:21.867860 15 / tcp

2115448635 | 2024-04-08T06:53:59.436389 17 / tcp

2116898107 | 2024-04-13T20:57:47.776021 21 / tcp

-1288412979 | 2024-04-16T22:55:28.898032 23 / tcp

-1327660293 | 2024-04-09T01:11:43.573249 25 / tcp

1288534451 | 2024-04-10T07:07:29.850712 37 / tcp

-1026951088 | 2024-03-22T23:24:45.532828 38 / tcp

-142686627 | 2024-04-02T21:21:16.862699 43 / tcp

-1620040646 | 2024-04-17T07:21:11.455431 49 / tcp

671605376 | 2024-04-03T03:30:01.894834 51 / tcp

1369632081 | 2024-03-27T12:37:23.512682 53 / tcp

857710896 | 2024-03-22T07:27:52.190784 70 / tcp

-1846450790 | 2024-04-15T00:15:13.417812 79 / tcp

-2066797492 | 2024-04-13T10:36:55.158709 80 / tcp

-119996482 | 2024-03-27T14:49:47.131948 82 / tcp

677934968 | 2024-03-29T18:23:14.197222 90 / tcp

1991883981 | 2024-04-13T22:07:22.706483 102 / tcp

165188539 | 2024-04-02T13:49:45.915067 104 / tcp

-438503381 | 2024-03-30T17:13:16.486894 110 / tcp

1308377066 | 2024-04-13T20:36:04.719217 111 / tcp

455076604 | 2024-03-28T23:25:39.482560 113 / tcp

141730637 | 2024-04-09T04:53:55.891253 119 / tcp

632542934 | 2024-04-03T07:08:34.671582 175 / tcp

-399606100 | 2024-04-05T03:59:25.307485 179 / tcp

2087396567 | 2024-03-29T18:20:39.172982 195 / tcp

1134517380 | 2024-04-17T23:50:45.207183 221 / tcp

-654288545 | 2024-04-01T06:50:34.646235 264 / tcp

676753056 | 2024-03-31T18:48:38.813968 311 / tcp

-661950041 | 2024-04-17T14:29:57.533402 427 / tcp

-465106308 | 2024-04-17T13:22:11.753131 443 / tcp

2087396567 | 2024-04-10T16:54:20.277132 444 / tcp

-445721795 | 2024-04-09T23:39:02.833764 503 / tcp

-2033111675 | 2024-04-02T19:08:53.620404 515 / tcp

-2035415184 | 2024-04-13T14:35:49.757026 548 / tcp

1255568492 | 2024-04-09T05:34:34.843150 636 / tcp

2098053533 | 2024-04-09T00:06:29.791294 666 / tcp

-1399940268 | 2024-04-04T01:32:12.551496 771 / tcp

-1399940268 | 2024-04-16T02:48:40.467492 789 / tcp

-1598265216 | 2024-04-14T02:44:53.390335 873 / tcp

-936692830 | 2024-04-10T04:27:53.801811 992 / tcp

-1139539254 | 2024-04-09T22:37:18.876004 993 / tcp

-2113068813 | 2024-04-17T11:48:38.677676 995 / tcp

819727972 | 2024-03-31T12:47:49.105004 1022 / tcp

-358801646 | 2024-03-30T11:13:39.954302 1023 / tcp

51259122 | 2024-03-31T22:27:45.158372 1025 / tcp

-1888448627 | 2024-04-16T20:40:54.328110 1027 / tcp

819727972 | 2024-04-14T11:02:07.891621 1099 / tcp

1426971893 | 2024-03-29T23:21:51.685882 1153 / tcp

-1477838366 | 2024-04-17T10:41:54.336095 1177 / tcp

-527005584 | 2024-04-18T13:53:47.879349 1200 / tcp

-1839934832 | 2024-04-08T04:54:41.428642 1234 / tcp

550048729 | 2024-04-15T07:07:57.416152 1311 / tcp

-971970408 | 2024-03-30T23:39:37.122306 1337 / tcp

419886129 | 2024-04-18T11:26:56.786465 1433 / tcp

104385780 | 2024-04-18T13:40:25.359346 1471 / tcp

-1373985444 | 2024-03-30T12:44:26.849620 1500 / tcp

2087396567 | 2024-04-18T03:58:26.573925 1515 / tcp

-1337747449 | 2024-04-10T00:25:41.769120 1521 / tcp

321971019 | 2024-03-25T22:43:29.152352 1554 / tcp

-784071826 | 2024-04-16T19:58:18.221626 1599 / tcp

550048729 | 2024-04-02T02:06:31.269895 1604 / tcp

2064046231 | 2024-03-24T02:22:07.250604 1723 / tcp

660175493 | 2024-04-08T10:02:59.764061 1741 / tcp

-1399940268 | 2024-03-27T11:38:15.592364 1800 / tcp

1692069329 | 2024-04-01T10:06:17.749487 1801 / tcp

-2017887953 | 2024-04-05T23:38:40.577152 1883 / tcp

632542934 | 2024-04-10T04:37:21.445154 1901 / tcp

1134517380 | 2024-04-18T14:37:16.137079 1911 / tcp

2087396567 | 2024-04-17T10:16:49.654742 1926 / tcp

-130294253 | 2024-03-25T13:54:17.976700 1947 / tcp

15018106 | 2024-04-04T07:16:22.737135 1962 / tcp

-1598265216 | 2024-04-04T00:40:52.711172 1990 / tcp

1193556399 | 2024-04-05T03:59:20.632898
13 / tcp

-1230049476 | 2024-04-16T20:01:21.867860
15 / tcp

2115448635 | 2024-04-08T06:53:59.436389
17 / tcp

2116898107 | 2024-04-13T20:57:47.776021
21 / tcp

-1288412979 | 2024-04-16T22:55:28.898032
23 / tcp

-1327660293 | 2024-04-09T01:11:43.573249
25 / tcp

1288534451 | 2024-04-10T07:07:29.850712
37 / tcp

-1026951088 | 2024-03-22T23:24:45.532828
38 / tcp

-142686627 | 2024-04-02T21:21:16.862699
43 / tcp

-1620040646 | 2024-04-17T07:21:11.455431
49 / tcp

671605376 | 2024-04-03T03:30:01.894834
51 / tcp

1369632081 | 2024-03-27T12:37:23.512682
53 / tcp

857710896 | 2024-03-22T07:27:52.190784
70 / tcp

-1846450790 | 2024-04-15T00:15:13.417812
79 / tcp

-2066797492 | 2024-04-13T10:36:55.158709
80 / tcp

-119996482 | 2024-03-27T14:49:47.131948
82 / tcp

677934968 | 2024-03-29T18:23:14.197222
90 / tcp

1991883981 | 2024-04-13T22:07:22.706483
102 / tcp

165188539 | 2024-04-02T13:49:45.915067
104 / tcp

-438503381 | 2024-03-30T17:13:16.486894
110 / tcp

1308377066 | 2024-04-13T20:36:04.719217
111 / tcp

455076604 | 2024-03-28T23:25:39.482560
113 / tcp

141730637 | 2024-04-09T04:53:55.891253
119 / tcp

632542934 | 2024-04-03T07:08:34.671582
175 / tcp

-399606100 | 2024-04-05T03:59:25.307485
179 / tcp

2087396567 | 2024-03-29T18:20:39.172982
195 / tcp

1134517380 | 2024-04-17T23:50:45.207183
221 / tcp

-654288545 | 2024-04-01T06:50:34.646235
264 / tcp

676753056 | 2024-03-31T18:48:38.813968
311 / tcp

-661950041 | 2024-04-17T14:29:57.533402
427 / tcp

-465106308 | 2024-04-17T13:22:11.753131
443 / tcp

2087396567 | 2024-04-10T16:54:20.277132
444 / tcp

-445721795 | 2024-04-09T23:39:02.833764
503 / tcp

-2033111675 | 2024-04-02T19:08:53.620404
515 / tcp

-2035415184 | 2024-04-13T14:35:49.757026
548 / tcp

1255568492 | 2024-04-09T05:34:34.843150
636 / tcp

2098053533 | 2024-04-09T00:06:29.791294
666 / tcp

-1399940268 | 2024-04-04T01:32:12.551496
771 / tcp

-1399940268 | 2024-04-16T02:48:40.467492
789 / tcp

-1598265216 | 2024-04-14T02:44:53.390335
873 / tcp

-936692830 | 2024-04-10T04:27:53.801811
992 / tcp

-1139539254 | 2024-04-09T22:37:18.876004
993 / tcp

-2113068813 | 2024-04-17T11:48:38.677676
995 / tcp

819727972 | 2024-03-31T12:47:49.105004
1022 / tcp

-358801646 | 2024-03-30T11:13:39.954302
1023 / tcp

51259122 | 2024-03-31T22:27:45.158372
1025 / tcp

-1888448627 | 2024-04-16T20:40:54.328110
1027 / tcp

819727972 | 2024-04-14T11:02:07.891621
1099 / tcp

1426971893 | 2024-03-29T23:21:51.685882
1153 / tcp

-1477838366 | 2024-04-17T10:41:54.336095
1177 / tcp

-527005584 | 2024-04-18T13:53:47.879349
1200 / tcp

-1839934832 | 2024-04-08T04:54:41.428642
1234 / tcp

550048729 | 2024-04-15T07:07:57.416152
1311 / tcp

-971970408 | 2024-03-30T23:39:37.122306
1337 / tcp

419886129 | 2024-04-18T11:26:56.786465
1433 / tcp

104385780 | 2024-04-18T13:40:25.359346
1471 / tcp

-1373985444 | 2024-03-30T12:44:26.849620
1500 / tcp

2087396567 | 2024-04-18T03:58:26.573925
1515 / tcp

-1337747449 | 2024-04-10T00:25:41.769120
1521 / tcp

321971019 | 2024-03-25T22:43:29.152352
1554 / tcp

-784071826 | 2024-04-16T19:58:18.221626
1599 / tcp

550048729 | 2024-04-02T02:06:31.269895
1604 / tcp

2064046231 | 2024-03-24T02:22:07.250604
1723 / tcp

660175493 | 2024-04-08T10:02:59.764061
1741 / tcp

-1399940268 | 2024-03-27T11:38:15.592364
1800 / tcp

1692069329 | 2024-04-01T10:06:17.749487
1801 / tcp

-2017887953 | 2024-04-05T23:38:40.577152
1883 / tcp

632542934 | 2024-04-10T04:37:21.445154
1901 / tcp

1134517380 | 2024-04-18T14:37:16.137079
1911 / tcp

2087396567 | 2024-04-17T10:16:49.654742
1926 / tcp

-130294253 | 2024-03-25T13:54:17.976700
1947 / tcp

15018106 | 2024-04-04T07:16:22.737135
1962 / tcp

-1598265216 | 2024-04-04T00:40:52.711172
1990 / tcp

-441419608 | 2024-04-03T23:52:13.946788
2000 / tcp

1574088840 | 2024-04-13T12:35:39.008394
2002 / tcp

1453929220 | 2024-04-11T18:54:48.566212
2008 / tcp

-358801646 | 2024-03-23T01:48:16.352129
2021 / tcp

-1559123399 | 2024-04-14T20:54:43.689581
2067 / tcp

1975288991 | 2024-04-15T18:44:31.476456
2083 / tcp

89282912 | 2024-03-31T01:45:02.847868
2086 / tcp