GeneralInformation

Hostnames	cn-beijing.oss.aliyuncs.com
Domains	aliyuncs.com
Country	China
City	Beijing
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-51767	OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
CVE-2023-51385	In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
CVE-2023-51384	In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
CVE-2023-48795	The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
CVE-2023-38408	The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
CVE-2021-41617	4.4sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
CVE-2021-36368	2.6An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.
CVE-2020-15778	6.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."
CVE-2020-14145	4.3The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
CVE-2019-6111	5.8An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
CVE-2019-6110	4.0In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
CVE-2019-6109	4.0An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
CVE-2019-16905	4.4OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.
CVE-2018-20685	2.6In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2018-15919	5.0Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'
CVE-2018-15473	5.0OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
CVE-2017-15906	5.0The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
CVE-2016-3115	5.5Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.
CVE-2016-20012	4.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product
CVE-2016-1908	7.5The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
CVE-2016-10708	5.0sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
CVE-2016-10012	7.2The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.
CVE-2016-10011	2.1authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
CVE-2016-10010	6.9sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
CVE-2016-10009	7.5Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
CVE-2016-0777	4.0The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
CVE-2015-6564	6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.
CVE-2015-6563	1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.
CVE-2015-5600	8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.
CVE-2015-5352	4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.
CVE-2014-2653	5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
CVE-2014-2532	5.8sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
CVE-2014-1692	7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.
CVE-2012-0814	3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
CVE-2011-5000	3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
CVE-2011-4327	2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
CVE-2010-5107	5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
CVE-2010-4755	4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
CVE-2010-4478	7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
CVE-2008-3844	9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
CVE-2007-2768	4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 15 17 19 22 23 25 26 37 43 49 53 70 79 80 83 84 86 90 96 102 104 110 113 119 121 122 135 143 175 179 195 221 264 311 340 389 427 443 444 447 515 541 548 554 587 593 631 636 666 685 771 772 789 873 888 902 992 995 1023 1025 1080 1099 1153 1167 1177 1200 1234 1337 1388 1400 1433 1521 1588 1599 1604 1650 1723 1800 1801 1820 1833 1883 1911 1926 1962 1981 1990 2000 2002 2003 2008 2022 2061 2067 2068 2081 2083 2087 2121 2154 2181 2202 2222 2320 2323 2345 2376 2404 2455 2480 2554 2628 2650 2761 2762 3001 3050 3051 3056 3066 3078 3082 3088 3089 3094 3097 3098 3099 3111 3114 3200 3260 3268 3269 3299 3301 3306 3307 3310 3352 3388 3389 3402 3407 3551 3568 3569 3689 3780 3790 3950 4000 4063 4157 4242 4282 4321 4369 4433 4443 4444 4500 4506 4524 4786 4840 4899 4911 4949 5001 5005 5006 5007 5009 5025 5172 5201 5222 5269 5432 5435 5443 5454 5567 5594 5600 5601 5606 5672 5858 5938 5984 5986 6000 6001 6002 6005 6036 6080 6262 6264 6379 6443 6561 6603 6633 6653 6664 6666 6667 6668 6697 7001 7071 7218 7415 7433 7434 7493 7547 7548 7634 7657 7779 7998 8001 8009 8013 8017 8029 8033 8038 8047 8048 8060 8081 8082 8083 8085 8087 8089 8090 8093 8098 8099 8112 8123 8126 8139 8140 8159 8181 8200 8291 8333 8334 8402 8410 8418 8442 8443 8500 8545 8553 8554 8575 8649 8728 8779 8782 8802 8812 8818 8822 8823 8830 8831 8834 8835 8838 8858 8859 8868 8875 8878 8880 8885 8889 8935 9000 9001 9002 9010 9018 9021 9024 9027 9032 9038 9041 9042 9046 9049 9051 9084 9090 9091 9095 9098 9099 9100 9108 9151 9160 9191 9204 9218 9222 9295 9301 9306 9418 9443 9530 9600 9633 9690 9761 9876 9943 9944 9981 9998 9999 10001 10134 10250 10443 10554 10909 10911 11000 11112 11210 11211 11371 12000 12345 13579 14147 14265 14344 16010 16992 18245 19000 20000 20256 20547 21025 21379 22222 25001 25105 25565 27015 27017 28015 28080 30002 30003 31337 32764 35000 37777 41800 44158 44818 47990 49152 50000 50070 50100 51106 51235 52869 54138 55000 55443 55553 55554 60001 60030 60129 61616 62078

-1559123399 | 2024-05-07T10:36:35.720237

11 / tcp

500 Permission denied - closing connection.

291723434 | 2024-05-07T20:20:33.953761

13 / tcp


Lantronix MSS100 Version V118/523(045538937)

Type HELP at the 'Local_61349> ' prompt for assistance.



Username>

1286504516 | 2024-04-25T06:43:16.435522

15 / tcp

CP2E Control Console
Connected to Host: gZI

5698739 | 2024-05-03T19:36:35.535221

17 / tcp

"We have no more right to consume happiness without producing it than to
 consume wealth without producing it." George Bernard Shaw (1856-1950)
\x00

81614701 | 2024-05-11T18:55:45.610682

19 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

2039704282 | 2024-04-23T23:43:13.317163

22 / tcp

SSH-2.0-OpenSSH_5.3\r\n

460589547 | 2024-04-28T10:09:29.844171

23 / tcp

ZyXEL VDSL Router

-1648456501 | 2024-05-10T12:26:24.301860

25 / tcp

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

669849225 | 2024-04-26T08:23:24.442674

26 / tcp

SSH-98.60-SysaxSSH_81885..42\r\n

-253878554 | 2024-05-01T18:16:49.968796

37 / tcp

\\xe9X\\x03M

-952165951 | 2024-04-21T20:32:47.953151

43 / tcp

AB

1160472910 | 2024-05-10T23:20:41.235390

49 / tcp

\xc2\xa5A\\x01,\\x02L\\x08Connectx\\x0857222

-1370420049 | 2024-05-04T14:28:18.866639

53 / tcp

9
\x81\x80\x00\x01\x00\x02\x00\x00\x00\x00\x08clients1\x06google\x03com\x00\x00\x01\x00\x01\xc0\x00\x05\x00\x01\x00\x00\x00\x02\x00\x07clients\x01l\xc0\x15\xc01\x00\x01\x00\x01\x00\x00\x00\x02\x00\x04\xac٣.
\x00\x06\x85\x00\x00\x01\x00\x00\x00\x01\x00

1738069263 | 2024-04-29T20:29:47.516766

70 / tcp

\x01remshd: Kerberos Authentication not enabled.

-1523470570 | 2024-05-08T02:28:10.696859

79 / tcp

yÐÿÿsLINSÓ

-1741086110 | 2024-05-10T22:23:52.656920

80 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Fri, 10 May 2024 22:23:52 GMT
Content-Type: application/xml
Content-Length: 344
Connection: keep-alive
x-oss-request-id: 663E9E78ED2CD439307CD237
x-oss-server-time: 0
x-oss-ec: 0003-00001201

996960436 | 2024-04-26T18:55:25.153512

83 / tcp

572 Relay not authorized

1082732927 | 2024-04-30T17:22:20.092352

84 / tcp

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

671605376 | 2024-05-02T07:44:32.339604

86 / tcp

SSH-2.0-OpenSSH_X.X

819727972 | 2024-05-05T00:58:05.520003

90 / tcp

SSH-2.0-OpenSSH_7.4

1615193817 | 2024-04-28T20:19:10.374327

96 / tcp

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

-1399940268 | 2024-05-06T13:18:58.122447

102 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-904840257 | 2024-05-08T20:11:45.424202

104 / tcp

572 Relay not authorized\r\n

-784071826 | 2024-05-11T17:50:34.735168

110 / tcp

SSH-2.0-OpenSSH_8.0

-1777894858 | 2024-04-26T06:08:32.373052

113 / tcp

113 , 35054 : USERID : OTHER :99

141730637 | 2024-04-29T19:55:37.076063

119 / tcp

HTTP/1.0 200 OK
Server: Proxy

-1888448627 | 2024-04-16T03:48:25.876084

121 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

632542934 | 2024-04-25T14:58:25.774678

122 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

1141948216 | 2024-05-07T21:44:35.644201

135 / tcp

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: DESKTOP-HL59G5J\n IP2: 169.254.93.199\n IP3: 175.180.100.187\n\nNTLMSSP:\nTarget_Name: DESKTOP-HL59G5J\nProduct_Version: 10.0.19041 Ntlm 15\nOS: Windows 10, Version 2004/Windows Server, Version 2004\nNetBIOS_Domain_Name: DESKTOP-HL59G5J\nNetBIOS_Computer_Name: DESKTOP-HL59G5J\nDNS_Domain_Name: DESKTOP-HL59G5J\nDNS_Computer_Name: DESKTOP-HL59G5J\nSystem_Time: 2024-01-22 06:04:34 +0000 UTC\n\nDCERPC Dump:\n954

-100373866 | 2024-05-10T00:25:09.018840

143 / tcp

* OK TurboMail IMAP4 Service ready\r\n

-1835475271 | 2024-04-25T23:24:07.471956

175 / tcp

200 NOD32SS 99 (3318497116)\r\n

-399606100 | 2024-05-03T17:12:20.580332

179 / tcp

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

-1023516719 | 2024-05-08T20:05:38.037114

195 / tcp

ã

KvInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

-1839934832 | 2024-05-04T15:44:14.987702

221 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-1718229072 | 2024-05-11T02:49:18.136376

264 / tcp

CheckPoint\nFirewall Host: gw2\nSmartCenter Host: SMS..6sxmht\\x00\n

933996037 | 2024-05-06T18:46:22.492599

311 / tcp

\x06\xc2\x81\xc2\x81\x01\x07version\x04bind\x10\x03

1770729856 | 2024-05-09T08:30:05.404561

340 / tcp

HTTP/1.1 200 OK
Server: thttpd/2.24 26oct2003
Content-Type: text/html; charset=iso-8859-1
Accept-Ranges: bytes
Connection: close

-1743283776 | 2024-05-04T09:38:50.715955

389 / tcp

0\x0c\\x02\\x01\\x01a\\x07\n\\x01\\x04\\x04

-525136240 | 2024-05-03T02:47:26.810008

427 / tcp

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://bogon.xylink\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:VMwareInfrastructure\nservice:wbem:https\n\nResponse of service:VMwareInfrastructure SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:VMwareInfrastructure://bogon.xylink\n\n\nResponse of service:VMwareInfrastructure AttrRqst:\nVersion: 2\nFunction: Attribute Reply (7)\nErrorCode: SUCCESS (

744753320 | 2024-04-26T14:37:37.881858

443 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Fri, 26 Apr 2024 14:37:37 GMT
Content-Type: application/xml
Content-Length: 344
Connection: keep-alive
x-oss-request-id: 662BBC3115CB033639E64177
x-oss-server-time: 0
x-oss-ec: 0003-00001201

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:c2:fa:4a:79:04:be:34:6d:b7:91:6b
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: Feb 18 11:45:02 2024 GMT
            Not After : Oct 15 03:16:01 2024 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=cn-beijing.oss.aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cb:fd:cb:7f:5f:49:ee:e8:d9:d0:d6:53:d0:a5:
                    88:fd:fc:56:3c:06:76:2d:ad:ee:c9:65:e1:8c:fd:
                    ee:ef:a1:a2:34:db:d3:65:1e:4a:9c:f7:9d:a6:ad:
                    fa:a7:b3:1a:8b:45:f7:13:2a:26:24:9c:50:28:92:
                    25:54:45:fc:d2:2e:17:7d:c1:47:45:a1:39:bf:ce:
                    7e:f2:8b:d7:69:2c:b6:94:3f:5c:fc:a9:6e:c3:bd:
                    a5:a9:f3:6e:65:55:50:ba:b2:8a:df:ee:e9:50:a7:
                    81:b5:5f:3a:96:f9:74:c3:8a:54:51:d7:eb:02:1c:
                    58:33:e6:a0:ea:12:10:52:63:c9:df:03:84:cf:a3:
                    15:9c:50:7b:5e:6e:42:0f:3d:bd:33:3c:f6:6a:eb:
                    be:30:24:30:72:cb:84:a8:e9:17:aa:6a:45:f8:12:
                    c2:a1:78:0d:31:f0:45:2b:32:2f:ff:98:a3:03:a2:
                    5a:b0:8d:e2:d5:ce:e1:35:56:0b:0a:f8:11:bf:18:
                    44:f7:b8:7b:a0:a0:eb:1d:8d:cf:e8:cc:cf:c4:c5:
                    54:69:59:53:e1:ee:51:79:04:67:86:cf:8b:e5:c6:
                    88:a8:cc:9e:61:75:91:90:b5:8a:af:4c:a2:8d:57:
                    14:8a:f6:54:fb:1e:71:e5:09:e3:0a:12:df:34:8d:
                    d5:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
            X509v3 Subject Alternative Name: 
                DNS:cn-beijing.oss.aliyuncs.com, DNS:*.cn-beijing.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-beijing.aliyuncs.com, DNS:*.s3.oss-cn-beijing-internal.aliyuncs.com, DNS:*.cn-beijing.mgw.aliyuncs.com, DNS:*.oss.cn-beijing.privatelink.aliyuncs.com, DNS:*.oss-cn-beijing.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-accesspoint.aliyuncs.com, DNS:*.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing.aliyuncs.com, DNS:*.img-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-internal-cross.aliyuncs.com, DNS:*.oss-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-cross.aliyuncs.com, DNS:*.img-cn-beijing.aliyuncs.com, DNS:*.vpc100-oss-cn-beijing.aliyuncs.com, DNS:*.cn-beijing.oss.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h-cross.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub.aliyuncs.com, DNS:*.cn-beijing-finance.oss.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1.aliyuncs.com, DNS:*.cn-beijing-finance-1.oss.aliyuncs.com, DNS:*.cn-beijing-vpc.oss.aliyuncs.com, DNS:*.oss-enet-cm.aliyuncs.com, DNS:*.oss-enet-cu.aliyuncs.com, DNS:*.oss-enet-ct.aliyuncs.com, DNS:*.oss-enet-cn-north.aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.oss-enet.aliyuncs.com, DNS:*.oss-internal.aliyuncs.com, DNS:*.oss-internal.aliyun-inc.com, DNS:*.oss-accelerate.aliyuncs.com, DNS:*.oss-accelerate-overseas.aliyuncs.com, DNS:*.s3.oss-accelerate.aliyuncs.com, DNS:*.s3.oss-accelerate-overseas.aliyuncs.com, DNS:*.cn-beijing-cross.mgw.aliyuncs.com, DNS:*.oss.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            X509v3 Subject Key Identifier: 
                C1:58:AC:32:69:71:BB:67:42:6C:42:FE:14:E5:57:72:91:C1:82:D6
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Feb 18 11:45:04.957 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:15:EB:B8:83:D7:F7:A8:EA:1C:1D:44:69:
                                0D:C2:0C:E6:46:F3:EA:4D:D4:BA:C1:F1:33:E5:11:01:
                                3F:3A:60:1F:02:21:00:F9:E3:AA:10:52:02:17:D8:C9:
                                82:69:E9:8F:02:B9:E4:87:FD:81:43:CE:C5:3F:1E:8E:
                                3B:D2:A2:8F:D6:D8:B0
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Feb 18 11:45:04.981 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:83:A9:BA:8E:BC:5C:65:C7:88:3F:9A:
                                1C:0A:68:2A:7B:FE:05:7E:89:8E:C1:AB:BA:6A:D4:41:
                                EF:3D:31:99:EE:02:20:04:46:7E:3B:0A:E2:A2:6F:6B:
                                81:66:9A:A1:A3:D7:9C:5E:BF:EA:7E:1F:D6:F9:28:17:
                                D6:E5:CA:A9:B7:0D:63
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Feb 18 11:45:04.953 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E2:B8:E4:4E:C3:59:23:E0:DB:E4:31:
                                DA:74:71:16:E3:26:46:8F:CA:EB:B2:3F:8D:0B:2F:0D:
                                EF:0A:DA:39:98:02:20:3D:8B:BE:C4:24:72:BE:51:B0:
                                B0:C1:B7:90:B3:9E:C8:F8:75:8C:0D:12:5A:12:87:6E:
                                71:52:1D:BE:A8:3B:96
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        14:86:2a:78:c4:ab:69:86:d0:b2:ec:6c:bf:6f:33:ac:c1:d8:
        18:c7:3e:da:d9:ca:01:a5:54:67:a8:fb:7d:41:6b:f5:9e:ea:
        e3:98:63:ee:3e:b8:87:69:3a:98:8d:dc:62:af:02:c3:0a:b4:
        75:52:90:7e:ae:18:1b:5e:88:27:69:de:15:c1:76:37:96:3b:
        db:c4:ac:43:0b:5b:36:fb:62:b3:d7:8c:66:8f:d3:da:b4:6b:
        86:f5:c6:02:06:3d:dd:5b:01:99:a8:74:7f:af:c3:9c:bb:d6:
        9d:98:cb:3c:3d:12:6e:b1:53:29:1d:6d:a7:0f:4c:82:f7:84:
        4f:57:15:9c:9b:a5:91:4b:1d:33:55:c8:f5:06:7d:74:92:63:
        5c:a8:33:ea:25:43:5d:08:10:87:94:a9:92:b3:13:d2:ce:8d:
        6d:8f:31:ac:5d:06:b9:eb:f7:e1:a7:36:4f:14:4e:3e:a4:e6:
        d2:4d:f8:74:a8:62:a4:84:4a:04:7e:c4:6e:b4:84:83:2c:cc:
        c3:ff:54:0d:9c:3c:8b:5a:22:af:12:b5:7d:e6:24:9d:f5:a6:
        28:60:8b:ff:f2:ce:62:85:c3:4a:a8:40:29:85:07:2e:0b:a4:
        c1:d0:dc:23:02:f4:24:1d:f5:84:c8:73:3e:bf:f9:3d:63:06:
        9f:10:1b:e8

1245738865 | 2024-05-10T04:11:30.208736

444 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.22.1
Date: Fri, 10 May 2024 04:11:29 GMT
Content-Type: text/html
Content-Length: 157
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

1208318993 | 2024-04-19T04:37:52.969300

447 / tcp

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

1842524259 | 2024-05-01T05:22:37.055612

515 / tcp

-269727450 | 2024-04-30T00:28:38.523807

541 / tcp

\\x16\\x03\\x01\\x01K\\x01\\x00\\x01G\\x03\\x03\\xa1\\xb0\\xcf\\xc9\\xc2X\\x037P\\xe0\\x8d\\xd7\\x1d_N\\x87&\\xa7U.^\\x19_K\\x13\\xed\\xe9L|\n\\xec\\x9e -\\xc23\\x1e\\x94\\xb3\\xe6|\x0c\\xaco|\\xe1\xc6\xa5V\\xd0\\x1d\\xf7Uf<\\xabgV=)\\xf2\\x86\\xc4\\x18\x0c\\x00"\\x13\\x02\\x13\\x03\\x13\\x01\\x00k\\x00=\\xc00\\xc0,\\xc

1445639302 | 2024-05-11T04:46:59.055237

548 / tcp

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: DS218sikeer\nMachine Type: \\x0eNetatalk3.1.12\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: Cleartxt Passwrd\\x04,DHX2\t,DHCAST128\\x00\nServer Signature: 00000000008002000180030002800280

1060450357 | 2024-04-27T18:07:48.426811

554 / tcp

RTSP/1.0 200 OK
CSeq: 1
Keep-Alive: timeout=10, max=1000
Public: DESCRIBE, SETUP, TEARDOWN, PLAY, PAUSE, SET_PARAMETER, GET_PARAMETER
Connection: Keep-Alive

745343730 | 2024-05-03T00:36:47.735723

587 / tcp

220 smtp.qq.com Esmtp QQ Mail Server

1308377066 | 2024-04-21T00:28:59.658811

593 / tcp

ncacn_http/1.0

233634112 | 2024-05-03T08:31:01.555240

631 / tcp

SSH-98.60-SysaxSSH_81885..42

-2023550675 | 2024-04-25T23:17:57.047032

636 / tcp

\\x01\x0b=\\x01\xc3\x80\\x06\xc3\xbf\xc3\xbf?"<ZDECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\\x01\\x01

1300162323 | 2024-04-21T01:07:00.817869

666 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff

921225407 | 2024-04-29T03:01:37.959178

685 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

-653033013 | 2024-05-10T03:43:49.868135

771 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

709622286 | 2024-04-21T18:56:18.810936

772 / tcp

OK Welcome <299685> on DirectUpdate server 7286\r\n

-1399940268 | 2024-04-23T22:55:01.167067

789 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1970692834 | 2024-04-30T12:18:21.842376

873 / tcp

@RSYNCD: 31.0\n@RSYNCD: EXIT\n

-972447056 | 2024-04-17T15:14:01.927004

888 / tcp

HTTP/1.1 404 Not Found
Server: nginx
Content-Type: text/html
Connection: keep-alive

1956828827 | 2024-04-16T18:15:21.377836

902 / tcp

220 VMware Authentication Daemon Version 1.10: SSL Required, Se
rverDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t

-1835475271 | 2024-05-01T00:10:21.121017

992 / tcp

200 NOD32SS 99 (3318497116)\r\n

-1199842642 | 2024-04-22T13:07:49.757656

995 / tcp

+OK Welcome to RaidenMAILD POP3 SSL service v4902, Mon, 22 Jan 2024 14:24:46 +0800, (C)2001-2023 <1044592421@raidenmaild>\r\n

1492413928 | 2024-04-30T14:43:57.579895

1023 / tcp

SSH-2.0-OpenSSH_7.5

-1476017887 | 2024-05-08T01:17:24.313806

1025 / tcp

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

1362344524 | 2024-05-08T19:57:47.952135

1080 / tcp

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7

-1795027372 | 2024-04-19T21:05:24.463464

1099 / tcp

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

165188539 | 2024-05-01T21:15:58.964248

1153 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1308377066 | 2024-05-01T13:27:52.292206

1167 / tcp

ncacn_http/1.0

550048729 | 2024-05-05T09:44:18.164656

1177 / tcp

ÿÿÿ
0 ...

1463575827 | 2024-04-27T12:44:24.375541

1200 / tcp

[ÈÝS

-1399940268 | 2024-05-11T11:10:44.315530

1234 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-358801646 | 2024-05-04T02:34:55.695684

1337 / tcp

SSH-2.0-OpenSSH_6.6.1

-1733645023 | 2024-05-03T19:52:19.809753

1388 / tcp

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

-1230049476 | 2024-04-22T17:26:06.475483

1400 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

-271790512 | 2024-05-09T04:51:10.909952

1433 / tcp

MSSQL Server\nVersion: 251660240 (0xf0007d0)\nSub-Build: 0\nEncryption:Not available

-541815454 | 2024-05-08T23:37:25.703282

1521 / tcp

Version:11.2.0.1.0\n"\\x00\\x00Y(DESCRIPTION=(TMP=)(VSNNUM=186646784)(ERR=1189)(ERROR_STACK=(ERROR=(CODE=1189)(EMFI=4))))

1911457608 | 2024-04-21T10:23:37.425618

1588 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-971970408 | 2024-05-07T18:42:20.327687

1599 / tcp

819727972 | 2024-05-07T13:52:15.678376

1604 / tcp

SSH-2.0-OpenSSH_7.4

-1399940268 | 2024-04-29T10:39:53.585406

1650 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1103582599 | 2024-04-22T17:40:40.169701

1723 / tcp

Firmware: 1\nHostname: Vigor\nVendor: DrayTek\n

819727972 | 2024-05-08T00:11:50.546030

1800 / tcp

SSH-2.0-OpenSSH_7.4

-1139999322 | 2024-04-27T05:18:07.018150

1801 / tcp

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074\\xf2\\xdby\\x96\\xbb\\xb1LE\\xa1\\x1f.%\xd2\xbft\\xb692d3\\x10\\x03\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

-1399940268 | 2024-04-26T08:49:34.449866

1820 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-05-10T19:08:52.606695

1833 / tcp

SSH-2.0-OpenSSH_7.4

-1487943323 | 2024-04-29T10:52:55.848486

1883 / tcp

431 Unable to negotiate secure command connection.\r\n

-1327660293 | 2024-05-06T07:47:26.328839

1911 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

-1316491703 | 2024-05-08T21:04:36.797251

1926 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready

1189133115 | 2024-04-23T09:33:39.179799

1962 / tcp

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

1426971893 | 2024-04-20T15:50:05.402782

1981 / tcp

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

819727972 | 2024-05-02T19:15:17.771011

1990 / tcp

SSH-2.0-OpenSSH_7.4

1504401647 | 2024-05-01T23:22:51.740246

2000 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

-154107716 | 2024-05-07T14:01:56.762462

2002 / tcp

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

1624217396 | 2024-04-24T14:29:40.482630

2003 / tcp

HELO:10.3.6.0.false\nAS:2048\nHL:19

819727972 | 2024-05-10T19:33:55.974183

2008 / tcp

SSH-2.0-OpenSSH_7.4

819727972 | 2024-05-05T07:21:09.386834

2022 / tcp

SSH-2.0-OpenSSH_7.4

366084633 | 2024-04-23T16:51:36.319864

2061 / tcp

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

819727972 | 2024-05-06T10:51:58.794449

2067 / tcp

SSH-2.0-OpenSSH_7.4

1989907056 | 2024-05-08T12:51:57.579486

2068 / tcp

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

819727972 | 2024-05-02T01:15:25.284857

2081 / tcp

SSH-2.0-OpenSSH_7.4

660175493 | 2024-05-07T14:28:37.612451

2083 / tcp

539065883 | 2024-05-04T09:36:58.389909

2087 / tcp

2047379038 | 2024-05-02T11:01:51.085510

2121 / tcp

220 RS820Plus FTP server ready.

2087396567 | 2024-05-09T15:45:34.429194

2154 / tcp

kjnkjabhbanc283ubcsbhdc72

546151771 | 2024-05-09T23:48:24.990906

2181 / tcp

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

819727972 | 2024-05-10T22:32:09.148285

2202 / tcp

SSH-2.0-OpenSSH_7.4

372433470 | 2024-05-11T18:19:31.582785

2222 / tcp

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

819727972 | 2024-05-03T06:08:16.502053

2320 / tcp

SSH-2.0-OpenSSH_7.4

1051421500 | 2024-04-19T20:23:45.032160

2323 / tcp


H3C login: 

TELNET Negotiation:
will: Echo, Suppress Go Ahead
do: Echo, Negotiate About Window Size, Remote Flow Control

819727972 | 2024-05-07T08:48:03.371203

2345 / tcp

SSH-2.0-OpenSSH_7.4

2087396567 | 2024-05-06T10:43:38.038379

2376 / tcp

kjnkjabhbanc283ubcsbhdc72

1011407350 | 2024-05-10T10:28:26.347549

2404 / tcp

* OK GroupWise IMAP4rev1 Server Ready\r\n

-1013082686 | 2024-04-28T04:29:14.232581

2455 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

-1969169410 | 2024-04-18T14:06:37.660712

2480 / tcp

ÿû
-> GET / HTTP/1.0
GET / HTTP/1.0
undefined symbol: GET
-> 
->

819727972 | 2024-04-27T07:17:34.514202

2554 / tcp

SSH-2.0-OpenSSH_7.4

841014058 | 2024-05-09T23:24:02.981879

2628 / tcp

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

-2046514463 | 2024-04-19T01:05:24.277924

2650 / tcp

AB\x01\t

671605376 | 2024-05-10T22:33:55.667173

2761 / tcp

SSH-2.0-OpenSSH_X.X

632542934 | 2024-05-06T21:39:37.066010

2762 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

-454087041 | 2024-05-07T15:20:30.475333

3001 / tcp

\x1e\xc3\x80\x010\x02\x00\xc2\xa8\xc3\xa3\x00\x00\x00\x00

-136006866 | 2024-04-26T22:08:44.026131

3050 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

-1399940268 | 2024-05-11T04:53:36.695246

3051 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1428621233 | 2024-04-29T01:19:29.118261

3056 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

1911457608 | 2024-04-21T03:55:37.998679

3066 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1730858130 | 2024-05-10T00:56:42.331686

3078 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-1279886438 | 2024-04-23T15:51:06.557364

3082 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

1919228981 | 2024-05-08T01:25:55.896195

3088 / tcp

\x00\x1e\x00\x06\xc2\x81\xc2\x85\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

-180163620 | 2024-04-16T15:43:43.918651

3089 / tcp

NPC Telnet permit one connection.\r\n But One connection() already keep alive.\r\nGood Bye !! \r\n

-616720387 | 2024-04-20T09:32:24.333881

3094 / tcp

SSH-2.0-SSHD_0.7.6

-891714208 | 2024-05-04T11:30:13.161759

3097 / tcp

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

819727972 | 2024-05-08T15:39:43.407881

3098 / tcp

SSH-2.0-OpenSSH_7.4

1492413928 | 2024-05-06T18:12:26.202960

3099 / tcp

SSH-2.0-OpenSSH_7.5

819727972 | 2024-04-11T23:44:39.556096

3111 / tcp

SSH-2.0-OpenSSH_7.4

-792826324 | 2024-04-23T05:26:50.777995

3114 / tcp

220 FTP server ready - login please

-297128567 | 2024-04-12T07:49:53.390690

3200 / tcp

\x04\x01\xc3\xb4\x00\x15Internal Server Error\x00\x00\x00AB\x00\x02\x05\x00

-1914158197 | 2024-05-09T17:52:57.417418

3260 / tcp

HTTP/1.1 500 Internal Server Error
Server: nginx/1.18.11011 (Ubuntu)
Content-Type: text/plain; charset=utf-8
Connection: close

198844676 | 2024-04-19T01:54:14.623526

3268 / tcp

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

-358801646 | 2024-05-01T05:18:00.537121

3269 / tcp

SSH-2.0-OpenSSH_6.6.1

-893477759 | 2024-05-08T13:20:41.635549

3299 / tcp

!versionbind7 t{RPowerDNS Recursor 410

1830697416 | 2024-04-20T00:26:10.879710

3301 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

1673132866 | 2024-04-28T01:25:52.062711

3306 / tcp

I\\x00\\x00\\x01\\xffj\\x04Host \'*.*.*.*\' is not allowed to connect to this MariaDB server

-1399940268 | 2024-04-29T19:32:36.813367

3307 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1504401647 | 2024-04-24T20:53:55.897384

3310 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

1011407350 | 2024-04-14T10:11:20.783609

3352 / tcp

* OK GroupWise IMAP4rev1 Server Ready\r\n

-1399940268 | 2024-04-28T20:16:01.488465

3388 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-6645672 | 2024-05-05T02:52:52.753428

3389 / tcp

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x02\\x0f\\x08\\x00\\x08\\x00\\x00\\x00\n\nFlag: PROTOCOL_HYBRID_EX\nTarget_Name: 172_16_0_11\nProduct_Version: 6.3.9600 Ntlm 15\nOS: Windows 8.1/Windows Server 2012 R2\nNetBIOS_Domain_Name: 172_16_0_11\nNetBIOS_Computer_Name: 172_16_0_11\nDNS_Domain_Name: 172_16_0_11\nDNS_Computer_Name: 172_16_0_11\nSystem_Time: 2024-01-22 08:42:27 +0000 UTC\n\n

-1888448627 | 2024-04-26T00:58:48.911291

3402 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

819727972 | 2024-05-04T00:55:59.435840

3407 / tcp

SSH-2.0-OpenSSH_7.4

198844676 | 2024-04-29T00:41:42.160917

3551 / tcp

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

-1730858130 | 2024-04-20T02:49:41.528139

3568 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-146605374 | 2024-05-02T02:58:23.213293

3569 / tcp

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

459162008 | 2024-05-04T09:47:14.146553

3689 / tcp

Notify

1741579575 | 2024-05-05T17:26:33.868416

3780 / tcp

-971970408 | 2024-04-18T18:05:38.315600

3790 / tcp

-1899074860 | 2024-05-01T03:41:01.389565

3950 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

1300162323 | 2024-04-19T08:14:57.991030

4000 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff

-1730858130 | 2024-05-11T03:50:19.279709

4063 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-527005584 | 2024-05-02T11:41:25.210223

4157 / tcp

/0 0 L
/0 0 HUH

-1914158197 | 2024-05-05T22:24:23.184880

4242 / tcp

HTTP/1.1 500 Internal Server Error
Server: nginx/1.18.11011 (Ubuntu)
Content-Type: text/plain; charset=utf-8
Connection: close

1746071618 | 2024-05-07T03:10:13.336307

4282 / tcp

bxz437

-1250504565 | 2024-05-11T15:11:21.656808

4321 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

-1399940268 | 2024-05-09T05:37:50.056950

4369 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2087396567 | 2024-05-10T08:16:21.426414

4433 / tcp

kjnkjabhbanc283ubcsbhdc72

2140295939 | 2024-05-04T07:26:51.375993

4443 / tcp

HTTP/1.1 200 
Server: nginx
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache

-1261090339 | 2024-05-11T15:06:23.229161

4444 / tcp

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

-1730858130 | 2024-05-09T14:27:28.948314

4500 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-984990168 | 2024-05-10T23:12:20.416629

4506 / tcp


0ÿñ

-2096652808 | 2024-05-08T04:52:11.665074

4524 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1911457608 | 2024-04-19T01:17:31.525905

4786 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-05-10T12:57:11.592367

4840 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-653033013 | 2024-05-02T23:51:15.357031

4899 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

-2089734047 | 2024-05-07T04:33:00.624966

4911 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

171352214 | 2024-05-05T07:41:48.452941

4949 / tcp

-ERR client ip is not in whitelist

2087396567 | 2024-05-01T15:37:45.987259

5001 / tcp

kjnkjabhbanc283ubcsbhdc72

1072892569 | 2024-04-19T14:56:03.264388

5005 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

504717326 | 2024-05-10T16:32:03.538046

5006 / tcp

SSH-2.0-OpenSSH_8.6

165188539 | 2024-05-05T08:20:59.940376

5007 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1017429513 | 2024-05-09T19:18:45.711994

5009 / tcp

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET

-971970408 | 2024-04-29T08:38:24.530994

5025 / tcp

-319440554 | 2024-05-09T21:19:45.118088

5172 / tcp

820958131 | 2024-05-10T05:47:10.761237

5201 / tcp

kjnkjabhbanc283ubcsbhdc72\x02

2087396567 | 2024-05-10T16:46:43.455759

5222 / tcp

kjnkjabhbanc283ubcsbhdc72

-898901461 | 2024-04-12T11:39:01.404956

5269 / tcp

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705941047.522-w-waf01tjgt

-358801646 | 2024-04-26T06:05:22.575411

5432 / tcp

SSH-2.0-OpenSSH_6.6.1

-784071826 | 2024-04-24T06:28:29.733913

5435 / tcp

SSH-2.0-OpenSSH_8.0

-1142844482 | 2024-05-02T19:24:43.799573

5443 / tcp

ÿûSOYO_SIP VBNQyQSKc settings
Password:

321971019 | 2024-05-07T01:19:20.043211

5454 / tcp

-ERR client ip is not in whitelist\r

1574088840 | 2024-05-02T04:26:49.058620

5567 / tcp

">Application and Content Networking Software 3.9</a>)\n</BODY><

-345718689 | 2024-04-30T23:37:56.595210

5594 / tcp

Vty password is not set.

-2089734047 | 2024-05-02T18:59:06.504135

5600 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1943555721 | 2024-04-23T00:55:47.301844

5601 / tcp

HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
content-encoding: gzip
content-length: 318

-358801646 | 2024-04-16T05:54:49.912928

5606 / tcp

SSH-2.0-OpenSSH_6.6.1

575925250 | 2024-05-01T06:29:05.098784

5672 / tcp

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

1308377066 | 2024-05-07T16:11:56.216270

5858 / tcp

ncacn_http/1.0

1911457608 | 2024-05-05T09:14:37.882190

5938 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1999272906 | 2024-04-26T07:39:25.442469

5984 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

-952165951 | 2024-04-25T17:10:45.920137

5986 / tcp

AB

-832380282 | 2024-04-25T08:47:00.450286

6000 / tcp

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).\n

1830187220 | 2024-05-02T20:53:55.490653

6001 / tcp

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

1632932802 | 2024-04-23T19:20:23.464356

6002 / tcp

1665283070 | 2024-04-27T05:41:31.986221

6005 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x01\x00\x00\x10\x00\x00\n0\x03\x00\x00\x00\x01\x00\x05\x00\x00@\x00\x00\x06\x00\x00\x1f@

1077013874 | 2024-04-14T18:59:22.864955

6036 / tcp

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

422524323 | 2024-04-30T15:02:22.600601

6080 / tcp

{
"Version": "3.4.18",
"VersionArray": [
3,
4,
18,
0
],
"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",
"OpenSSLVersion": "",
"SysInfo": "",
"Bits": 64,
"Debug": false,
"MaxObjectSize": 16777216
}

-1399940268 | 2024-04-26T20:48:10.369466

6262 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-04-26T16:03:26.194678

6264 / tcp

SSH-2.0-OpenSSH_7.4

321971019 | 2024-04-19T05:46:15.415646

6379 / tcp

-ERR client ip is not in whitelist\r

2087396567 | 2024-05-07T19:30:33.652956

6443 / tcp

kjnkjabhbanc283ubcsbhdc72

580340387 | 2024-05-02T14:37:12.910042

6561 / tcp

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

1911457608 | 2024-05-09T23:14:05.496227

6603 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-05-07T16:53:34.523967

6633 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-339084706 | 2024-05-09T08:49:10.819380

6653 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

1960438949 | 2024-04-16T03:24:48.577688

6664 / tcp

Siemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready
ÿûÿûÿýÿþUsername:

-365662216 | 2024-05-06T08:24:57.690818

6666 / tcp

\x05\xff

1375509841 | 2024-05-04T21:52:32.287432

6667 / tcp

ÿû

no data rcvd for version string

recv version id unsuccessful

SSH Session task 0xY: Version Exchange Failed

819727972 | 2024-04-30T20:02:42.036808

6668 / tcp

SSH-2.0-OpenSSH_7.4

740837454 | 2024-05-03T23:57:37.054122

6697 / tcp

SSH-2.0-OpenSSH_5.3

-274925451 | 2024-05-01T22:27:57.497697

7001 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2914_PSzqstdxnz35_3380-26211

1282941221 | 2024-05-07T04:49:58.496688

7071 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

1231376952 | 2024-05-09T20:00:36.103068

7218 / tcp

632542934 | 2024-04-30T21:50:02.443279

7415 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

1278527606 | 2024-05-10T08:51:48.553298

7433 / tcp

SSH-2.0-Teleport

1741579575 | 2024-05-11T00:23:12.870265

7434 / tcp

-1399940268 | 2024-04-14T10:20:36.519371

7493 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

770016595 | 2024-04-12T01:45:58.414333

7547 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

171352214 | 2024-05-06T21:30:17.885573

7548 / tcp

-ERR client ip is not in whitelist

504717326 | 2024-04-25T12:03:14.301468

7634 / tcp

SSH-2.0-OpenSSH_8.6

660175493 | 2024-04-15T18:25:23.955600

7657 / tcp

1082732927 | 2024-04-28T03:36:07.430512

7779 / tcp

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

-1399940268 | 2024-04-24T21:54:32.505673

7998 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1072892569 | 2024-04-30T17:35:12.054740

8001 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

-1733645023 | 2024-05-02T11:46:33.932716

8009 / tcp

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

119860953 | 2024-05-03T00:04:26.891600

8013 / tcp

* OK ArGoSoft Mail Server IMAP Module v.YW at

937756010 | 2024-04-13T05:40:59.653468

8017 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x01\x00\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1911457608 | 2024-05-09T21:32:09.052843

8029 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1655023012 | 2024-04-16T01:43:23.662609

8033 / tcp

athinfod: invalid query.\n

-1189269828 | 2024-05-05T17:33:10.413759

8038 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-1399940268 | 2024-05-07T00:08:29.746607

8047 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-180163620 | 2024-04-22T21:02:17.480957

8048 / tcp

NPC Telnet permit one connection.\r\n But One connection() already keep alive.\r\nGood Bye !! \r\n

-154107716 | 2024-05-02T19:48:58.424825

8060 / tcp

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

669252988 | 2024-05-10T09:05:28.286636

8081 / tcp

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Fri, 10 May 2024 09:05:28 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
J-Access-Policy: https://holoweb.aliyuncs.com/matrix/decrement-close/mix-test/sample
Server: Jetty(9.2.z-SNAPSHOT)
Set-Cookie: JSESSIONID.1601eb68=120fgggxfoay64m5nl6djfn0d;Path=/;HttpOnly
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Hudson: 1.395
X-Hudson-Cli-Port: 39803
X-Hudson-Theme: default
X-Instance-Identity: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJI9HMCW0Ita0Auoh62Ky0at8wvsFutPWyEWHHN1YNA7hsN/B3S8UALst3g2uGOkYQ3vdbaVIQzcq+4cTrppkPMt7HyaptboHhU418Yy+X+NZoagKz+V5TJV/mpZakuveK5fMjEiZ2/q+cC7E1kyrJWAUeNGuIyVBClQbcCpqkYNCq+f66fC7ZjFencbXo7JybzySefYit2unX9ATaiZJydU2H/IurGINSXz10Lc+CZICEUPMdnx7bGL86MAau0R8UigFHt9oK1FpQKpu/eh1yTO2nl3KD2oZ5QV+wre1yBeRZbxO/08NtB7VqRT+wUxw6FkgWIRdFAv06l3yR0E4QIDAQAB
X-Jenkins: 2.46.1
X-Jenkins-Cli-Port: 39803
X-Jenkins-Cli2-Port: 39803
X-Jenkins-Session: 96fcb275
X-Ssh-Endpoint: 47.95.85.21:38443
Transfer-Encoding: chunked

20b5




  
  <!DOCTYPE html><html><head resURL="/static/96fcb275" data-rooturl="" data-resurl="/static/96fcb275">
    

    <title>Dashboard [Jenkins]</title><link rel="stylesheet" href="/static/96fcb275/css/layout-common.css" type="text/css" /><link rel="stylesheet" href="/static/96fcb275/css/style.css" type="text/css" /><link rel="stylesheet" href="/static/96fcb275/css/color.css" type="text/css" /><link rel="stylesheet" href="/static/96fcb275/css/responsive-grid.css" type="text/css" /><link rel="shortcut icon" href="/static/96fcb275/favicon.ico" type="image/vnd.microsoft.icon" /><link color="black" rel="mask-icon" href="/images/mask-icon.svg" /><script>var isRunAsTest=false; var rootURL=""; var resURL="/static/96fcb275";</script><script src="/static/96fcb275/scripts/prototype.js" type="text/javascript"></script><script src="/static/96fcb275/scripts/behavior.js" type="text/javascript"></script><script src='/adjuncts/96fcb275/org/kohsuke/stapler/bind.js' type='text/javascript'></script><script src="/static/96fcb275/scripts/yui/yahoo/yahoo-min.js"></script><script src="/static/96fcb275/scripts/yui/dom/dom-min.js"></script><script src="/static/96fcb275/scripts/yui/event/event-min.js"></script><script src="/static/96fcb275/scripts/yui/animation/animation-min.js"></script><script src="/static/96fcb275/scripts/yui/dragdrop/dragdrop-min.js"></script><script src="/static/96fcb275/scripts/yui/container/container-min.js"></script><script src="/static/96fcb275/scripts/yui/connection/connection-min.js"></script><script src="/static/96fcb275/scripts/yui/datasource/datasource-min.js"></script><script src="/static/96fcb275/scripts/yui/autocomplete/autocomplete-min.js"></script><script src="/static/96fcb275/scripts/yui/menu/menu-min.js"></script><script src="/static/96fcb275/scripts/yui/element/element-min.js"></script><script src="/static/96fcb275/scripts/yui/button/button-min.js"></script><script src="/static/96fcb275/scripts/yui/storage/storage-min.js"></script><script src="/static/96fcb275/scripts/hudson-behavior.js" type="text/javascript"></script><script src="/static/96fcb275/scripts/sortable.js" type="text/javascript"></script><script>crumb.init("", "");</script><link rel="stylesheet" href="/static/96fcb275/scripts/yui/container/assets/container.css" type="text/css" /><link rel="stylesheet" href="/static/96fcb275/scripts/yui/assets/skins/sam/skin.css" type="text/css" /><link rel="stylesheet" href="/static/96fcb275/scripts/yui/container/assets/skins/sam/container.css" type="text/css" /><link rel="stylesheet" href="/static/96fcb275/scripts/yui/button/assets/skins/sam/button.css" type="text/css" /><link rel="stylesheet" href="/static/96fcb275/scripts/yui/menu/assets/skins/sam/menu.css" type="text/css" /><link rel="search" href="/opensearch.xml" type="application/opensearchdescription+xml" title="Jenkins" /><meta name="ROBOTS" content="INDEX,NOFOLLOW" /><meta name="viewport" content="width=device-width, initial-scale=1" /><link rel="alternate" href="/rssAll" title="Jenkins:all (all builds)" type="application/rss+xml" /><link rel="alternate" href="/rssAll?flavor=rss20" title="Jenkins:all (all builds) (RSS 2.0)" type="application/rss+xml" /><link rel="alternate" href="/rssFailed" title="Jenkins:all (failed builds)" type="application/rss+xml" /><link rel="alternate" href="/rssFailed?flavor=rss20" title="Jenkins:all (failed builds) (RSS 2.0)" type="application/rss+xml" /><script src="/static/96fcb275/scripts/yui/cookie/cookie-min.js"></script><script>
              YAHOO.util.Cookie.set("screenResolution", screen.width+"x"+screen.height);
            </script><script src="/static/96fcb275/jsbundles/page-init.js" type="text/javascript"></script></head><body data-model-type="hudson.model.AllView" id="jenkins" class="yui-skin-sam jenkins-2.46.1 two-column" data-version="2.46.1"><a href="#skip2content" class="skiplink">Skip to content</a><div id="page-head"><div id="header"><div class="logo"><a id="jenkins-home-link" href="/"><img src="/static/96fcb275/images/headshot.png" al

1059192566 | 2024-05-03T05:54:35.806346

8082 / tcp

HTTP/1.1 200
Accept-Ranges: bytes
Content-Type: text/html;charset=UTF-8
Content-Length: 670
S-Host: https://sukz-mc-u.aliyuncs.com/checkout/share/admit-import/unblend-deactivate/nacos/

<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="UTF-8">
	<title>Nacos</title>
	<link rel="shortcut icon" href="/nacos/console-ui/public/img/nacos-logo.png" type="image/x-icon">

<link href="./css/main.css" rel="stylesheet"></head>
<body>
	<div id="root" style="overflow:hidden"></div>
	<div id="app"></div>
	<div

-1026951088 | 2024-05-08T05:29:03.731378

8083 / tcp

erro ip

1978059005 | 2024-04-19T01:01:26.308465

8085 / tcp

Sorry, that nickname format is invalid.

-1265999252 | 2024-04-18T06:33:07.874511

8087 / tcp

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

-1730858130 | 2024-04-25T10:31:52.079566

8089 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-1136600457 | 2024-05-05T20:02:39.489243

8090 / tcp

HELO:10.3.6.0.false
AS:2048
HL:19

81614701 | 2024-04-30T17:31:28.685892

8093 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

-1559123399 | 2024-04-30T10:10:39.232991

8098 / tcp

500 Permission denied - closing connection.

1825545421 | 2024-05-11T02:56:22.673149

8099 / tcp

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
via: CHN-GDdongguan-AREACMCC2-CACHE38[0]
X-CCDN-FORBID-CODE: 040001

339872247 | 2024-05-04T20:02:21.793898

8112 / tcp


0 ...

-984990168 | 2024-05-09T09:02:44.005485

8123 / tcp


0ÿñ

819727972 | 2024-05-05T05:54:10.869809

8126 / tcp

SSH-2.0-OpenSSH_7.4

-1795027372 | 2024-04-29T23:36:39.904663

8139 / tcp

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

2087396567 | 2024-05-07T01:20:47.591700

8140 / tcp

kjnkjabhbanc283ubcsbhdc72

-1733106930 | 2024-04-22T04:27:23.685481

8159 / tcp

Mysql Version: 5.6.50-log\nN\n5.6.50-log\x14(\nG5se"tGE\xc3\xbf\xc3\xb7-\x02\x7f\xc2\x80\x15cB^3$Zwh$wM[mysql_native_password

1189133115 | 2024-05-09T12:07:33.696022

8181 / tcp

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

618338916 | 2024-05-10T20:09:13.771414

8200 / tcp

HTTP/1.1 302 Found
Connection: Keep-Alive
Transfer-Encoding: chunked
Keep-Alive: timeout=20
Location: /cgi-bin/luci/

117101543 | 2024-04-22T12:06:32.600683

8291 / tcp

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

1335782347 | 2024-05-04T22:39:03.943109

8333 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705940700.09-waf02bjtp3

-319440554 | 2024-05-07T12:13:14.433050

8334 / tcp

-1046119860 | 2024-04-26T04:03:43.919779

8402 / tcp

\\x19\\x02\\x02\\x07Protocol version mismatch

-303199180 | 2024-05-06T18:03:50.931521

8410 / tcp

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

-1399940268 | 2024-04-26T10:22:28.350517

8418 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-04-22T15:46:59.614729

8442 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1273248176 | 2024-04-22T11:28:11.810497

8443 / tcp

HTTP/1.1 303 See Other
Server: sw-cp-server
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 28 May 1999 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Location: https://61.219.16.209:8443/login.php

1929293267 | 2024-05-06T11:46:00.369377

8500 / tcp

HTTP/1.1 404 Not Found
Server: nginx
Content-Type: text/html; charset=utf-8
Connection: keep-alive

-2096652808 | 2024-04-16T07:57:20.816591

8545 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-1428621233 | 2024-04-24T06:46:08.272764

8553 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

-1036370807 | 2024-04-26T17:18:04.279234

8554 / tcp

JDWP-Handshake

819727972 | 2024-05-07T00:37:59.090061

8575 / tcp

SSH-2.0-OpenSSH_7.4

1489954473 | 2024-04-25T02:48:54.485804

8649 / tcp

HTTP/1.1 410 Gone
Server: openresty
Transfer-Encoding: chunked
Connection: keep-alive
Via: 1.1 google

-1399940268 | 2024-05-10T20:30:26.236722

8728 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-05-01T23:55:49.919438

8779 / tcp

SSH-2.0-OpenSSH_7.4

-1399940268 | 2024-05-08T23:33:39.704479

8782 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-05-01T08:53:29.468229

8802 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1327660293 | 2024-04-26T07:05:47.287873

8812 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

2121220663 | 2024-04-14T08:52:40.135093

8818 / tcp

SSH-58-Ingrian_SSH\r\n

819727972 | 2024-04-12T15:46:58.430853

8822 / tcp

SSH-2.0-OpenSSH_7.4

-616720387 | 2024-04-21T03:30:39.910123

8823 / tcp

SSH-2.0-SSHD_0.7.6

1282941221 | 2024-05-05T12:59:47.359924

8830 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

-1730858130 | 2024-04-30T00:15:48.002759

8831 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

819727972 | 2024-04-24T00:17:44.876095

8834 / tcp

SSH-2.0-OpenSSH_7.4

1989907056 | 2024-04-15T12:54:41.098331

8835 / tcp

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

-2089734047 | 2024-04-28T18:10:51.688687

8838 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1911457608 | 2024-04-26T13:09:42.861814

8858 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-358801646 | 2024-05-10T19:56:35.265726

8859 / tcp

SSH-2.0-OpenSSH_6.6.1

-1399940268 | 2024-04-21T06:21:25.797421

8868 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-04-21T15:44:45.597405

8875 / tcp

SSH-2.0-OpenSSH_7.4

1189133115 | 2024-05-04T23:41:34.950440

8878 / tcp

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

1412519768 | 2024-04-16T10:02:21.059219

8880 / tcp

"AP0F1D85"
Connection: close

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR

321971019 | 2024-04-23T02:58:24.566539

8885 / tcp

-ERR client ip is not in whitelist\r

-1611764932 | 2024-05-09T20:17:15.625639

8889 / tcp

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

-1487943323 | 2024-05-10T07:08:27.603872

8935 / tcp

431 Unable to negotiate secure command connection.\r\n

1119676909 | 2024-05-10T12:15:50.387714

9000 / tcp

M\\xc4\xc5\xb1\\xfa\\xde\\xc8)W\\xad\\xaf\\xb8\\xb5\\x05\\x89\\x9f\\xa2\\x82\\xf2j7

-1026951088 | 2024-05-06T02:54:36.742393

9001 / tcp

erro ip

740837454 | 2024-05-04T04:15:20.120219

9002 / tcp

SSH-2.0-OpenSSH_5.3

819727972 | 2024-04-24T02:52:13.069595

9010 / tcp

SSH-2.0-OpenSSH_7.4

707919486 | 2024-05-04T02:27:28.111470

9018 / tcp

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

-1036370807 | 2024-04-29T05:20:16.563339

9021 / tcp

JDWP-Handshake

334289483 | 2024-04-29T14:08:59.963976

9024 / tcp

Invalid request string: Request string is: "\r"

-1399940268 | 2024-05-09T21:16:36.072677

9027 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-05-11T17:55:43.171382

9032 / tcp

SSH-2.0-OpenSSH_7.4

321971019 | 2024-04-12T19:33:16.085053

9038 / tcp

-ERR client ip is not in whitelist\r

1911457608 | 2024-04-21T11:29:44.656738

9041 / tcp

\x00[\x00\x00\x00\x00\x00\x00

550048729 | 2024-05-10T23:53:24.110537

9042 / tcp

ÿÿÿ
0 ...

-2096652808 | 2024-04-27T02:27:22.256533

9046 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1615193817 | 2024-04-24T23:29:06.358542

9049 / tcp

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

-1461540015 | 2024-05-05T18:55:05.642609

9051 / tcp

audio 0 RTP/AVP 18 4 3 8 0 101
a

-1730858130 | 2024-05-09T00:39:55.278450

9084 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

550820607 | 2024-05-01T18:47:33.794182

9090 / tcp

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Tmd-Policy-Host: https://mrsq.aliyuncs.com/update/rating-deny/photos-child/culture/unselect
Content-Length: 115
Content-Type: text/html
Date: Wed, 01 May 2024 18:47:33 GMT
Last-Modified: Wed, 16 Feb 2022 15:55:03 GMT

<html>
<head><title></title>
<meta http-equiv="refresh" content="0;URL=index.jsp">
</head>
<body>
</body>
</html>

-971970408 | 2024-05-09T23:28:58.660517

9091 / tcp

2087396567 | 2024-04-27T03:34:27.285574

9095 / tcp

kjnkjabhbanc283ubcsbhdc72

-1835475271 | 2024-04-22T07:46:52.798099

9098 / tcp

200 NOD32SS 99 (3318497116)\r\n

728404894 | 2024-04-18T23:11:39.776356

9099 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1e1e_PS-000-013Ry57_4578-61483

165188539 | 2024-05-11T17:37:29.005057

9100 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

2098371729 | 2024-04-24T07:50:49.232632

9108 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

863754335 | 2024-05-09T07:16:21.213601

9151 / tcp

0a

669849225 | 2024-05-11T01:10:13.902287

9160 / tcp

SSH-98.60-SysaxSSH_81885..42\r\n

550048729 | 2024-04-23T15:29:42.363889

9191 / tcp

ÿÿÿ
0 ...

-992671574 | 2024-04-18T01:23:04.894544

9204 / tcp

@RSYNCD: 26

-1399940268 | 2024-04-15T11:12:19.387278

9218 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2063598737 | 2024-05-09T10:12:05.398103

9222 / tcp

/0 0 L\r\n/0 0 HUH\r\n

1286504516 | 2024-04-25T14:21:12.794526

9295 / tcp

CP2E Control Console
Connected to Host: gZI

-1839934832 | 2024-04-19T17:44:28.587027

9301 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-2089734047 | 2024-05-05T08:39:18.400522

9306 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-833168972 | 2024-05-06T20:43:18.695872

9418 / tcp

HTTP/1.1 200 
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked

2087396567 | 2024-05-01T20:53:35.456539

9443 / tcp

kjnkjabhbanc283ubcsbhdc72

165188539 | 2024-05-07T10:10:39.993055

9530 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1519486042 | 2024-05-10T19:36:04.203871

9600 / tcp

<KU_goodbye>Protocol Error: XML data is not well-formed.</KU_goodbye>

2087396567 | 2024-04-13T14:01:42.720584

9633 / tcp

kjnkjabhbanc283ubcsbhdc72

-1730858130 | 2024-04-20T10:44:53.028510

9690 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-1835475271 | 2024-04-21T05:42:13.383417

9761 / tcp

200 NOD32SS 99 (3318497116)\r\n

-1451615933 | 2024-05-05T09:12:13.171310

9876 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705941912.469-s5jhg

1712606111 | 2024-05-11T21:40:14.386650

9943 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1282_PSzqstdxyw34_8689-21922

1544300041 | 2024-04-14T22:20:21.009268

9944 / tcp

SSH-25453-Cisco-3524665.35

-154107716 | 2024-04-15T03:44:53.695096

9981 / tcp

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

-1223770960 | 2024-05-05T12:43:56.023499

9998 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae28e5_PS-PEK-01Whk40_31773-63705

1161309183 | 2024-05-07T04:11:21.273540

9999 / tcp

ProxyServer is ready

1492413928 | 2024-04-30T21:51:40.610759

10001 / tcp

SSH-2.0-OpenSSH_7.5

-2096652808 | 2024-05-07T15:31:42.170964

10134 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

104385780 | 2024-05-08T04:53:22.623532

10250 / tcp

ceph v2

-1648940386 | 2024-05-10T15:46:04.235597

10443 / tcp

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Fri, 10 May 2024 15:46:03 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://47.95.85.21:443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

-971970408 | 2024-05-04T17:29:36.472940

10554 / tcp

1353260875 | 2024-05-09T00:03:20.260846

10909 / tcp

\x00[g\xc2\x95N\x7f\x00\x00

1911457608 | 2024-04-17T16:53:22.516560

10911 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1911457608 | 2024-04-28T02:00:05.601070

11000 / tcp

\x00[\x00\x00\x00\x00\x00\x00

205347087 | 2024-05-11T03:16:12.076762

11112 / tcp

SSH-25453-Cisco-3524665.35\n

-339084706 | 2024-04-28T22:18:52.490169

11210 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

-136006866 | 2024-05-10T06:39:01.863412

11211 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

550048729 | 2024-05-10T07:01:04.129728

11371 / tcp

ÿÿÿ
0 ...

-1368104760 | 2024-04-22T02:31:50.864949

12000 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1d31_PS-TNA-01mQW36_7416-41955

1748152518 | 2024-05-08T16:57:59.797275

12345 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae26f8_hwt112_4105-46187

-527005584 | 2024-04-17T11:39:58.957473

13579 / tcp

/0 0 L
/0 0 HUH

-1399940268 | 2024-05-05T07:55:53.737611

14147 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-138733098 | 2024-04-29T17:23:24.701849

14265 / tcp

roku: ready

-585940771 | 2024-05-09T18:48:36.969948

14344 / tcp

Unknown command\r\n

1412519768 | 2024-04-21T01:57:50.246648

16010 / tcp

"AP0F1D85"
Connection: close

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR

-1840324437 | 2024-04-15T04:21:07.017619

16992 / tcp

740837454 | 2024-05-11T14:13:54.977226

18245 / tcp

SSH-2.0-OpenSSH_5.3

-1888448627 | 2024-05-06T18:49:49.202998

19000 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1900503736 | 2024-05-07T12:25:46.534129

20000 / tcp

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

1948301213 | 2024-05-06T14:41:27.184310

20256 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

-1399940268 | 2024-05-11T00:49:59.533453

20547 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-314039103 | 2024-04-30T02:54:26.024080

21025 / tcp

Surnom.
Sorry, that nickname format is invalid.

819727972 | 2024-04-28T02:51:29.271092

21379 / tcp

SSH-2.0-OpenSSH_7.4

-358801646 | 2024-05-11T05:46:55.298430

22222 / tcp

SSH-2.0-OpenSSH_6.6.1

1911457608 | 2024-05-09T02:10:13.261660

25001 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1119512965 | 2024-05-02T00:09:12.158203

25105 / tcp

HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
content-encoding: gzip
content-length: 171

933996037 | 2024-05-11T14:56:10.776139

25565 / tcp

\x06\xc2\x81\xc2\x81\x01\x07version\x04bind\x10\x03

-232716176 | 2024-05-10T05:17:46.235013

27015 / tcp

Command: None
Size: 759714643
ID: 758132274
Type: 1852141647

1763259671 | 2024-05-01T06:08:44.629029

27017 / tcp

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

-1399940268 | 2024-05-09T01:10:44.276421

28015 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-971970408 | 2024-05-02T02:57:12.833985

28080 / tcp

1231376952 | 2024-05-10T17:46:26.089632

30002 / tcp

-154107716 | 2024-05-07T04:47:40.367490

30003 / tcp

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

756886313 | 2024-04-24T00:49:15.145212

31337 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html

1286504516 | 2024-05-03T19:50:42.682064

32764 / tcp

CP2E Control Console
Connected to Host: gZI

671605376 | 2024-05-04T10:42:51.575654

35000 / tcp

SSH-2.0-OpenSSH_X.X

-653033013 | 2024-04-17T18:51:06.219079

37777 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

-2107996212 | 2024-05-08T08:18:10.481804

41800 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

2054287019 | 2024-04-26T06:24:45.803266

44158 / tcp

\x13/multistream/1.0.0

-1399940268 | 2024-04-30T08:25:39.717284

44818 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

410249975 | 2024-05-10T22:48:37.552916

47990 / tcp

LNS READY<>

-315975075 | 2024-04-24T22:59:17.724203

49152 / tcp

HTTP/1.1 404 Error
Connection: close

2087396567 | 2024-05-10T10:29:48.587812

50000 / tcp

kjnkjabhbanc283ubcsbhdc72

1119512965 | 2024-05-05T21:20:03.377030

50070 / tcp

HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
content-encoding: gzip
content-length: 171

-2030182557 | 2024-04-30T02:10:14.010076

50100 / tcp



0
dø...

996960436 | 2024-04-15T10:32:22.630698

51106 / tcp

572 Relay not authorized

-2096652808 | 2024-05-11T16:10:56.984812

51235 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-1840324437 | 2024-04-15T15:03:17.800726

52869 / tcp

-1888448627 | 2024-05-06T20:56:20.386967

54138 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

408230060 | 2024-05-07T21:12:45.122921

55000 / tcp

\r\nSorry, that nickname format is invalid.\r\n

819727972 | 2024-05-10T17:31:51.566081

55443 / tcp

SSH-2.0-OpenSSH_7.4

-1529979118 | 2024-04-19T16:52:37.326085

55553 / tcp

inv2W

-1142844482 | 2024-05-10T04:43:24.987448

55554 / tcp

ÿûSOYO_SIP VBNQyQSKc settings
Password:

-1311598826 | 2024-05-05T06:39:51.892121

60001 / tcp

AMQP:
cluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local
copyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.
information:Licensed under the MPL 2.0. Website: https://rabbitmq.com
platform:Erlang/OTP 24.1
product:RabbitMQ
version:3.9.7
Capabilities:
publisher_confirms:true
exchange_exchange_bindings:true
basic.nack:true
consumer_cancel_notify:true
connection.blocked:true
consumer_priorities:true
authentication_failure_close:true
per_consumer_qos:true
direct_reply_to:tru

339872247 | 2024-04-25T09:18:12.468420

60030 / tcp


0 ...

-1681927087 | 2024-05-01T01:50:01.529189

60129 / tcp

kjnkjabhbanc283ubcsbhdc72

819727972 | 2024-04-15T20:33:32.658457

61616 / tcp

SSH-2.0-OpenSSH_7.4

408230060 | 2024-05-03T19:34:54.532558

62078 / tcp

\r\nSorry, that nickname format is invalid.\r\n

47.95.85.21

Last Seen: 2024-05-11

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1559123399 | 2024-05-07T10:36:35.720237 11 / tcp

291723434 | 2024-05-07T20:20:33.953761 13 / tcp

1286504516 | 2024-04-25T06:43:16.435522 15 / tcp

5698739 | 2024-05-03T19:36:35.535221 17 / tcp

81614701 | 2024-05-11T18:55:45.610682 19 / tcp

2039704282 | 2024-04-23T23:43:13.317163 22 / tcp

460589547 | 2024-04-28T10:09:29.844171 23 / tcp

-1648456501 | 2024-05-10T12:26:24.301860 25 / tcp

669849225 | 2024-04-26T08:23:24.442674 26 / tcp

-253878554 | 2024-05-01T18:16:49.968796 37 / tcp

-952165951 | 2024-04-21T20:32:47.953151 43 / tcp

1160472910 | 2024-05-10T23:20:41.235390 49 / tcp

-1370420049 | 2024-05-04T14:28:18.866639 53 / tcp

1738069263 | 2024-04-29T20:29:47.516766 70 / tcp

-1523470570 | 2024-05-08T02:28:10.696859 79 / tcp

-1741086110 | 2024-05-10T22:23:52.656920 80 / tcp

996960436 | 2024-04-26T18:55:25.153512 83 / tcp

1082732927 | 2024-04-30T17:22:20.092352 84 / tcp

671605376 | 2024-05-02T07:44:32.339604 86 / tcp

819727972 | 2024-05-05T00:58:05.520003 90 / tcp

1615193817 | 2024-04-28T20:19:10.374327 96 / tcp

-1399940268 | 2024-05-06T13:18:58.122447 102 / tcp

-904840257 | 2024-05-08T20:11:45.424202 104 / tcp

-784071826 | 2024-05-11T17:50:34.735168 110 / tcp

-1777894858 | 2024-04-26T06:08:32.373052 113 / tcp

141730637 | 2024-04-29T19:55:37.076063 119 / tcp

-1888448627 | 2024-04-16T03:48:25.876084 121 / tcp

632542934 | 2024-04-25T14:58:25.774678 122 / tcp

1141948216 | 2024-05-07T21:44:35.644201 135 / tcp

-100373866 | 2024-05-10T00:25:09.018840 143 / tcp

-1835475271 | 2024-04-25T23:24:07.471956 175 / tcp

-399606100 | 2024-05-03T17:12:20.580332 179 / tcp

-1023516719 | 2024-05-08T20:05:38.037114 195 / tcp

-1839934832 | 2024-05-04T15:44:14.987702 221 / tcp

-1718229072 | 2024-05-11T02:49:18.136376 264 / tcp

933996037 | 2024-05-06T18:46:22.492599 311 / tcp

1770729856 | 2024-05-09T08:30:05.404561 340 / tcp

-1743283776 | 2024-05-04T09:38:50.715955 389 / tcp

-525136240 | 2024-05-03T02:47:26.810008 427 / tcp

744753320 | 2024-04-26T14:37:37.881858 443 / tcp

1245738865 | 2024-05-10T04:11:30.208736 444 / tcp

1208318993 | 2024-04-19T04:37:52.969300 447 / tcp

1842524259 | 2024-05-01T05:22:37.055612 515 / tcp

-269727450 | 2024-04-30T00:28:38.523807 541 / tcp

1445639302 | 2024-05-11T04:46:59.055237 548 / tcp

1060450357 | 2024-04-27T18:07:48.426811 554 / tcp

745343730 | 2024-05-03T00:36:47.735723 587 / tcp

1308377066 | 2024-04-21T00:28:59.658811 593 / tcp

233634112 | 2024-05-03T08:31:01.555240 631 / tcp

-2023550675 | 2024-04-25T23:17:57.047032 636 / tcp

1300162323 | 2024-04-21T01:07:00.817869 666 / tcp

921225407 | 2024-04-29T03:01:37.959178 685 / tcp

-653033013 | 2024-05-10T03:43:49.868135 771 / tcp

709622286 | 2024-04-21T18:56:18.810936 772 / tcp

-1399940268 | 2024-04-23T22:55:01.167067 789 / tcp

-1970692834 | 2024-04-30T12:18:21.842376 873 / tcp

-972447056 | 2024-04-17T15:14:01.927004 888 / tcp

1956828827 | 2024-04-16T18:15:21.377836 902 / tcp

-1835475271 | 2024-05-01T00:10:21.121017 992 / tcp

-1199842642 | 2024-04-22T13:07:49.757656 995 / tcp

1492413928 | 2024-04-30T14:43:57.579895 1023 / tcp

-1476017887 | 2024-05-08T01:17:24.313806 1025 / tcp

1362344524 | 2024-05-08T19:57:47.952135 1080 / tcp

-1795027372 | 2024-04-19T21:05:24.463464 1099 / tcp

165188539 | 2024-05-01T21:15:58.964248 1153 / tcp

1308377066 | 2024-05-01T13:27:52.292206 1167 / tcp

550048729 | 2024-05-05T09:44:18.164656 1177 / tcp

1463575827 | 2024-04-27T12:44:24.375541 1200 / tcp

-1399940268 | 2024-05-11T11:10:44.315530 1234 / tcp

-358801646 | 2024-05-04T02:34:55.695684 1337 / tcp

-1733645023 | 2024-05-03T19:52:19.809753 1388 / tcp

-1230049476 | 2024-04-22T17:26:06.475483 1400 / tcp

-271790512 | 2024-05-09T04:51:10.909952 1433 / tcp

-1559123399 | 2024-05-07T10:36:35.720237
11 / tcp

291723434 | 2024-05-07T20:20:33.953761
13 / tcp

1286504516 | 2024-04-25T06:43:16.435522
15 / tcp

5698739 | 2024-05-03T19:36:35.535221
17 / tcp

81614701 | 2024-05-11T18:55:45.610682
19 / tcp

2039704282 | 2024-04-23T23:43:13.317163
22 / tcp

460589547 | 2024-04-28T10:09:29.844171
23 / tcp

-1648456501 | 2024-05-10T12:26:24.301860
25 / tcp

669849225 | 2024-04-26T08:23:24.442674
26 / tcp

-253878554 | 2024-05-01T18:16:49.968796
37 / tcp

-952165951 | 2024-04-21T20:32:47.953151
43 / tcp

1160472910 | 2024-05-10T23:20:41.235390
49 / tcp

-1370420049 | 2024-05-04T14:28:18.866639
53 / tcp

1738069263 | 2024-04-29T20:29:47.516766
70 / tcp

-1523470570 | 2024-05-08T02:28:10.696859
79 / tcp

-1741086110 | 2024-05-10T22:23:52.656920
80 / tcp

996960436 | 2024-04-26T18:55:25.153512
83 / tcp

1082732927 | 2024-04-30T17:22:20.092352
84 / tcp

671605376 | 2024-05-02T07:44:32.339604
86 / tcp

819727972 | 2024-05-05T00:58:05.520003
90 / tcp

1615193817 | 2024-04-28T20:19:10.374327
96 / tcp

-1399940268 | 2024-05-06T13:18:58.122447
102 / tcp

-904840257 | 2024-05-08T20:11:45.424202
104 / tcp

-784071826 | 2024-05-11T17:50:34.735168
110 / tcp

-1777894858 | 2024-04-26T06:08:32.373052
113 / tcp

141730637 | 2024-04-29T19:55:37.076063
119 / tcp

-1888448627 | 2024-04-16T03:48:25.876084
121 / tcp

632542934 | 2024-04-25T14:58:25.774678
122 / tcp

1141948216 | 2024-05-07T21:44:35.644201
135 / tcp

-100373866 | 2024-05-10T00:25:09.018840
143 / tcp

-1835475271 | 2024-04-25T23:24:07.471956
175 / tcp

-399606100 | 2024-05-03T17:12:20.580332
179 / tcp

-1023516719 | 2024-05-08T20:05:38.037114
195 / tcp

-1839934832 | 2024-05-04T15:44:14.987702
221 / tcp

-1718229072 | 2024-05-11T02:49:18.136376
264 / tcp

933996037 | 2024-05-06T18:46:22.492599
311 / tcp

1770729856 | 2024-05-09T08:30:05.404561
340 / tcp

-1743283776 | 2024-05-04T09:38:50.715955
389 / tcp

-525136240 | 2024-05-03T02:47:26.810008
427 / tcp

744753320 | 2024-04-26T14:37:37.881858
443 / tcp

1245738865 | 2024-05-10T04:11:30.208736
444 / tcp

1208318993 | 2024-04-19T04:37:52.969300
447 / tcp

1842524259 | 2024-05-01T05:22:37.055612
515 / tcp

-269727450 | 2024-04-30T00:28:38.523807
541 / tcp

1445639302 | 2024-05-11T04:46:59.055237
548 / tcp

1060450357 | 2024-04-27T18:07:48.426811
554 / tcp

745343730 | 2024-05-03T00:36:47.735723
587 / tcp

1308377066 | 2024-04-21T00:28:59.658811
593 / tcp

233634112 | 2024-05-03T08:31:01.555240
631 / tcp

-2023550675 | 2024-04-25T23:17:57.047032
636 / tcp

1300162323 | 2024-04-21T01:07:00.817869
666 / tcp

921225407 | 2024-04-29T03:01:37.959178
685 / tcp

-653033013 | 2024-05-10T03:43:49.868135
771 / tcp

709622286 | 2024-04-21T18:56:18.810936
772 / tcp

-1399940268 | 2024-04-23T22:55:01.167067
789 / tcp

-1970692834 | 2024-04-30T12:18:21.842376
873 / tcp

-972447056 | 2024-04-17T15:14:01.927004
888 / tcp

1956828827 | 2024-04-16T18:15:21.377836
902 / tcp

-1835475271 | 2024-05-01T00:10:21.121017
992 / tcp

-1199842642 | 2024-04-22T13:07:49.757656
995 / tcp

1492413928 | 2024-04-30T14:43:57.579895
1023 / tcp

-1476017887 | 2024-05-08T01:17:24.313806
1025 / tcp

1362344524 | 2024-05-08T19:57:47.952135
1080 / tcp

-1795027372 | 2024-04-19T21:05:24.463464
1099 / tcp

165188539 | 2024-05-01T21:15:58.964248
1153 / tcp

1308377066 | 2024-05-01T13:27:52.292206
1167 / tcp

550048729 | 2024-05-05T09:44:18.164656
1177 / tcp

1463575827 | 2024-04-27T12:44:24.375541
1200 / tcp

-1399940268 | 2024-05-11T11:10:44.315530
1234 / tcp

-358801646 | 2024-05-04T02:34:55.695684
1337 / tcp

-1733645023 | 2024-05-03T19:52:19.809753
1388 / tcp

-1230049476 | 2024-04-22T17:26:06.475483
1400 / tcp

-271790512 | 2024-05-09T04:51:10.909952
1433 / tcp

-541815454 | 2024-05-08T23:37:25.703282
1521 / tcp

1911457608 | 2024-04-21T10:23:37.425618
1588 / tcp

-971970408 | 2024-05-07T18:42:20.327687
1599 / tcp

819727972 | 2024-05-07T13:52:15.678376
1604 / tcp

-1399940268 | 2024-04-29T10:39:53.585406
1650 / tcp

1103582599 | 2024-04-22T17:40:40.169701
1723 / tcp

819727972 | 2024-05-08T00:11:50.546030
1800 / tcp