GeneralInformation

Hostnames	shog3509n881244h5.1688.com laoken.en.alibaba.com cn-beijing.oss.aliyuncs.com
Domains	1688.com alibaba.com aliyuncs.com
Country	China
City	Beijing
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

UI frameworks

Bootstrap

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-51767	OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
CVE-2023-51385	In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
CVE-2023-51384	In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
CVE-2023-48795	The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
CVE-2023-38408	The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
CVE-2021-41617	4.4sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
CVE-2021-36368	2.6An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.
CVE-2020-15778	6.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."
CVE-2020-14145	4.3The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
CVE-2019-6111	5.8An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
CVE-2019-6110	4.0In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
CVE-2019-6109	4.0An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
CVE-2019-16905	4.4OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.
CVE-2018-20685	2.6In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2018-15919	5.0Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'
CVE-2018-15473	5.0OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
CVE-2018-10088	10.0Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725.
CVE-2017-15906	5.0The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
CVE-2016-20012	4.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product
CVE-2008-3844	9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
CVE-2007-2768	4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 15 17 19 21 23 24 25 37 43 49 53 70 79 80 81 82 84 90 102 104 110 111 113 119 122 143 175 179 195 221 264 311 340 389 427 443 444 465 491 502 503 515 548 554 587 593 631 636 666 771 789 805 873 902 992 993 995 1023 1024 1025 1029 1099 1153 1177 1200 1234 1337 1344 1433 1471 1515 1521 1599 1604 1650 1723 1800 1801 1883 1911 1925 1926 1962 2000 2002 2008 2052 2067 2081 2083 2087 2095 2121 2154 2181 2200 2202 2222 2250 2323 2332 2345 2375 2404 2455 2553 2568 2628 2762 2985 3001 3049 3050 3051 3057 3059 3073 3084 3099 3116 3119 3260 3268 3269 3299 3301 3306 3310 3337 3389 3404 3405 3410 3479 3522 3523 3542 3551 3558 3689 3749 3780 3790 4000 4022 4040 4043 4063 4064 4157 4242 4282 4321 4369 4433 4443 4444 4500 4506 4523 4643 4782 4786 4808 4840 4848 4899 4911 4949 4999 5001 5005 5006 5007 5009 5010 5025 5090 5172 5190 5201 5222 5269 5431 5432 5435 5500 5568 5569 5601 5607 5672 5673 5801 5858 5908 5938 5984 5986 6000 6002 6008 6379 6443 6510 6633 6653 6664 6666 6667 6668 6697 7001 7071 7218 7415 7434 7443 7493 7547 7548 7634 7779 7999 8001 8003 8005 8009 8010 8026 8028 8030 8040 8041 8042 8045 8046 8049 8052 8060 8064 8081 8083 8085 8086 8087 8088 8089 8099 8106 8112 8118 8123 8126 8139 8140 8143 8200 8291 8333 8405 8408 8410 8415 8416 8433 8443 8500 8545 8554 8575 8585 8637 8649 8666 8728 8803 8810 8820 8834 8856 8863 8864 8872 8874 8878 8879 8880 8889 8969 9000 9001 9002 9006 9020 9022 9024 9030 9036 9042 9048 9051 9082 9090 9091 9092 9095 9097 9100 9107 9151 9160 9189 9200 9202 9210 9212 9221 9251 9306 9418 9443 9530 9600 9633 9663 9761 9981 9994 9998 9999 10000 10001 10134 10250 10443 10554 10909 11112 11210 11211 11300 12000 12345 13579 14147 14265 14344 16030 16992 16993 18081 18245 19000 20000 20256 20547 21025 21379 23023 25105 25565 27015 27017 28015 28017 30002 30003 31337 32764 33060 35000 37215 37777 41800 44158 44818 47990 49152 50000 50100 51106 51235 54138 55000 55442 55443 55553 55554 60010 60030 60129 61613 61616 62078

-1999117212 | 2024-05-20T06:55:52.839413

11 / tcp

1412519768 | 2024-05-14T05:06:06.415063

13 / tcp

"AP0F1D85"
Connection: close

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR

-971970408 | 2024-05-20T05:25:43.173556

15 / tcp

-1296032851 | 2024-05-21T15:33:56.048544

17 / tcp

\x01=\x01À\x06ÿÿ?"<ZDECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x01\x01

1978059005 | 2024-05-20T16:14:07.437274

19 / tcp

Sorry, that nickname format is invalid.

179309064 | 2024-04-25T11:54:06.884277

21 / tcp

220 Microsoft FTP Service
530 User cannot log in.

-2107996212 | 2024-05-16T15:33:42.599648

23 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

-1399940268 | 2024-04-29T11:19:52.202727

24 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1316491703 | 2024-05-22T15:19:09.409707

25 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready

1518650537 | 2024-05-13T11:45:54.178470

37 / tcp

!\\x07versio

1690634669 | 2024-05-21T00:10:39.753044

43 / tcp

-1056270173 | 2024-04-28T02:12:10.501420

49 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close

1369632081 | 2024-05-06T08:13:27.740177

53 / tcp

9
\x81\x80\x00\x01\x00\x02\x00\x00\x00\x00\x08clients1\x06google\x03com\x00\x00\x01\x00\x01\xc0\x00\x05\x00\x01\x00\x00\x01\x03\x00\x07clients\x01l\xc0\x15\xc01\x00\x01\x00\x01\x00\x00\x01\x14\x00\x04\xac٠N
\x00\x06\x85\x80\x00\x01\x00\x01\x00\x00\x00

-972699072 | 2024-04-27T08:08:25.645975

70 / tcp

HTTP/1.0 200 OK
Content-type: text/html
Server: uc-httpd 1.0.0
Expires: 0

-1264324149 | 2024-05-13T22:33:18.517582

79 / tcp

Siemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready
ÿû\x01ÿû\x03ÿý\x01ÿþ\x01Username:

-1986916590 | 2024-05-05T23:51:11.099656

80 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Sun, 05 May 2024 23:51:11 GMT
Content-Type: application/xml
Content-Length: 347
Connection: keep-alive
x-oss-request-id: 66381B6F9C5C283037E1728B
x-oss-server-time: 1
x-oss-ec: 0003-00001201

-1392039491 | 2024-04-27T11:01:52.269150

81 / tcp

"Broadband Router"

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

996960436 | 2024-05-19T09:59:10.213844

82 / tcp

572 Relay not authorized

1286504516 | 2024-04-26T13:31:54.444291

84 / tcp

CP2E Control Console
Connected to Host: gZI

1911457608 | 2024-05-05T09:48:37.182931

90 / tcp

\x00[\x00\x00\x00\x00\x00\x00

380146262 | 2024-05-23T08:43:47.152285

102 / tcp

@RSYNCD: 30.0

401555314 | 2024-05-13T23:41:09.617809

104 / tcp

NB[GFXjA^R

1830187220 | 2024-05-17T18:14:32.078971

110 / tcp

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

996960436 | 2024-05-08T19:43:24.215363

111 / tcp

572 Relay not authorized

-832380282 | 2024-05-12T03:37:05.546360

113 / tcp

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).\n

-1958992631 | 2024-05-17T06:54:29.142854

119 / tcp

\\xd5\xca\xba\\xc5\\xc8\\xcf\xd6\xa4\xca\xa7\\xb0\\xdc ...\r\nIP \\xb5\\xd8\xd6\xb7: *.*.*.*\r\nMAC \\xb5\\xd8\xd6\xb7: \r\n\\xb7\\xfe\\xce\\xf1\\xb6\\xcb\xca\xb1\\xbc\\xe4: 2024-01-22 16:23:50\r\n\\xd1\\xe9\xd6\xa4\\xbd\\xe1\\xb9\\xfb: \\xce\\xde\xd0\xa7\\xd3\xc3\xbb\\xa7.

819727972 | 2024-05-17T18:07:49.168537

122 / tcp

SSH-2.0-OpenSSH_7.4

-382990917 | 2024-05-21T16:50:02.971529

143 / tcp

* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.\r\n

-1399940268 | 2024-05-06T00:42:50.334596

175 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-399606100 | 2024-05-21T16:59:15.645595

179 / tcp

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

2087396567 | 2024-05-22T14:07:38.357445

195 / tcp

kjnkjabhbanc283ubcsbhdc72

-1140468363 | 2024-05-10T20:21:33.103479

221 / tcp

\x02\t\x01

-1022036431 | 2024-05-22T10:53:54.961751

264 / tcp

CheckPoint\nFirewall Host: CN05FWINT01\nSmartCenter Host: fw-go-mgmt-01..x6vcm5\\x00\n

-1547976805 | 2024-05-20T02:30:05.387575

311 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: close

-802714280 | 2024-05-09T04:16:56.470526

340 / tcp

HTTP/1.1 404 Not Found
x-proxy-by: Tif-accessgate
content-type: text/plain; charset=utf-8
x-server: host-173-16-179-18
Connection: keep-alive
x-forwarded-for: 173.16.179.18
x-tif-nonce: lhrhdnr5-144419886

-1907080992 | 2024-05-22T15:53:50.464803

389 / tcp

0\x0c\\x02\\x01\\x01a\\x07\n\\x01\\x00\\x04\\x00\\x04\\x00

-349937125 | 2024-05-16T11:39:51.640382

427 / tcp

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://192.168.118.88\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:VMwareInfrastructure\nservice:wbem:https\n\nResponse of service:VMwareInfrastructure SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:VMwareInfrastructure://192.168.118.88\n\n\nResponse of service:VMwareInfrastructure AttrRqst:\nVersion: 2\nFunction: Attribute Reply (7)\nErrorCode: SUCCE

1349873352 | 2024-05-10T03:43:32.520343

443 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Fri, 10 May 2024 03:43:32 GMT
Content-Type: application/xml
Content-Length: 347
Connection: keep-alive
x-oss-request-id: 663D97E47FFDC23230A1F250
x-oss-server-time: 0
x-oss-ec: 0003-00001201

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:c2:fa:4a:79:04:be:34:6d:b7:91:6b
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: Feb 18 11:45:02 2024 GMT
            Not After : Oct 15 03:16:01 2024 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=cn-beijing.oss.aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cb:fd:cb:7f:5f:49:ee:e8:d9:d0:d6:53:d0:a5:
                    88:fd:fc:56:3c:06:76:2d:ad:ee:c9:65:e1:8c:fd:
                    ee:ef:a1:a2:34:db:d3:65:1e:4a:9c:f7:9d:a6:ad:
                    fa:a7:b3:1a:8b:45:f7:13:2a:26:24:9c:50:28:92:
                    25:54:45:fc:d2:2e:17:7d:c1:47:45:a1:39:bf:ce:
                    7e:f2:8b:d7:69:2c:b6:94:3f:5c:fc:a9:6e:c3:bd:
                    a5:a9:f3:6e:65:55:50:ba:b2:8a:df:ee:e9:50:a7:
                    81:b5:5f:3a:96:f9:74:c3:8a:54:51:d7:eb:02:1c:
                    58:33:e6:a0:ea:12:10:52:63:c9:df:03:84:cf:a3:
                    15:9c:50:7b:5e:6e:42:0f:3d:bd:33:3c:f6:6a:eb:
                    be:30:24:30:72:cb:84:a8:e9:17:aa:6a:45:f8:12:
                    c2:a1:78:0d:31:f0:45:2b:32:2f:ff:98:a3:03:a2:
                    5a:b0:8d:e2:d5:ce:e1:35:56:0b:0a:f8:11:bf:18:
                    44:f7:b8:7b:a0:a0:eb:1d:8d:cf:e8:cc:cf:c4:c5:
                    54:69:59:53:e1:ee:51:79:04:67:86:cf:8b:e5:c6:
                    88:a8:cc:9e:61:75:91:90:b5:8a:af:4c:a2:8d:57:
                    14:8a:f6:54:fb:1e:71:e5:09:e3:0a:12:df:34:8d:
                    d5:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
            X509v3 Subject Alternative Name: 
                DNS:cn-beijing.oss.aliyuncs.com, DNS:*.cn-beijing.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-beijing.aliyuncs.com, DNS:*.s3.oss-cn-beijing-internal.aliyuncs.com, DNS:*.cn-beijing.mgw.aliyuncs.com, DNS:*.oss.cn-beijing.privatelink.aliyuncs.com, DNS:*.oss-cn-beijing.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-accesspoint.aliyuncs.com, DNS:*.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing.aliyuncs.com, DNS:*.img-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-internal-cross.aliyuncs.com, DNS:*.oss-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-cross.aliyuncs.com, DNS:*.img-cn-beijing.aliyuncs.com, DNS:*.vpc100-oss-cn-beijing.aliyuncs.com, DNS:*.cn-beijing.oss.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h-cross.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub.aliyuncs.com, DNS:*.cn-beijing-finance.oss.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1.aliyuncs.com, DNS:*.cn-beijing-finance-1.oss.aliyuncs.com, DNS:*.cn-beijing-vpc.oss.aliyuncs.com, DNS:*.oss-enet-cm.aliyuncs.com, DNS:*.oss-enet-cu.aliyuncs.com, DNS:*.oss-enet-ct.aliyuncs.com, DNS:*.oss-enet-cn-north.aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.oss-enet.aliyuncs.com, DNS:*.oss-internal.aliyuncs.com, DNS:*.oss-internal.aliyun-inc.com, DNS:*.oss-accelerate.aliyuncs.com, DNS:*.oss-accelerate-overseas.aliyuncs.com, DNS:*.s3.oss-accelerate.aliyuncs.com, DNS:*.s3.oss-accelerate-overseas.aliyuncs.com, DNS:*.cn-beijing-cross.mgw.aliyuncs.com, DNS:*.oss.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            X509v3 Subject Key Identifier: 
                C1:58:AC:32:69:71:BB:67:42:6C:42:FE:14:E5:57:72:91:C1:82:D6
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Feb 18 11:45:04.957 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:15:EB:B8:83:D7:F7:A8:EA:1C:1D:44:69:
                                0D:C2:0C:E6:46:F3:EA:4D:D4:BA:C1:F1:33:E5:11:01:
                                3F:3A:60:1F:02:21:00:F9:E3:AA:10:52:02:17:D8:C9:
                                82:69:E9:8F:02:B9:E4:87:FD:81:43:CE:C5:3F:1E:8E:
                                3B:D2:A2:8F:D6:D8:B0
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Feb 18 11:45:04.981 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:83:A9:BA:8E:BC:5C:65:C7:88:3F:9A:
                                1C:0A:68:2A:7B:FE:05:7E:89:8E:C1:AB:BA:6A:D4:41:
                                EF:3D:31:99:EE:02:20:04:46:7E:3B:0A:E2:A2:6F:6B:
                                81:66:9A:A1:A3:D7:9C:5E:BF:EA:7E:1F:D6:F9:28:17:
                                D6:E5:CA:A9:B7:0D:63
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Feb 18 11:45:04.953 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E2:B8:E4:4E:C3:59:23:E0:DB:E4:31:
                                DA:74:71:16:E3:26:46:8F:CA:EB:B2:3F:8D:0B:2F:0D:
                                EF:0A:DA:39:98:02:20:3D:8B:BE:C4:24:72:BE:51:B0:
                                B0:C1:B7:90:B3:9E:C8:F8:75:8C:0D:12:5A:12:87:6E:
                                71:52:1D:BE:A8:3B:96
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        14:86:2a:78:c4:ab:69:86:d0:b2:ec:6c:bf:6f:33:ac:c1:d8:
        18:c7:3e:da:d9:ca:01:a5:54:67:a8:fb:7d:41:6b:f5:9e:ea:
        e3:98:63:ee:3e:b8:87:69:3a:98:8d:dc:62:af:02:c3:0a:b4:
        75:52:90:7e:ae:18:1b:5e:88:27:69:de:15:c1:76:37:96:3b:
        db:c4:ac:43:0b:5b:36:fb:62:b3:d7:8c:66:8f:d3:da:b4:6b:
        86:f5:c6:02:06:3d:dd:5b:01:99:a8:74:7f:af:c3:9c:bb:d6:
        9d:98:cb:3c:3d:12:6e:b1:53:29:1d:6d:a7:0f:4c:82:f7:84:
        4f:57:15:9c:9b:a5:91:4b:1d:33:55:c8:f5:06:7d:74:92:63:
        5c:a8:33:ea:25:43:5d:08:10:87:94:a9:92:b3:13:d2:ce:8d:
        6d:8f:31:ac:5d:06:b9:eb:f7:e1:a7:36:4f:14:4e:3e:a4:e6:
        d2:4d:f8:74:a8:62:a4:84:4a:04:7e:c4:6e:b4:84:83:2c:cc:
        c3:ff:54:0d:9c:3c:8b:5a:22:af:12:b5:7d:e6:24:9d:f5:a6:
        28:60:8b:ff:f2:ce:62:85:c3:4a:a8:40:29:85:07:2e:0b:a4:
        c1:d0:dc:23:02:f4:24:1d:f5:84:c8:73:3e:bf:f9:3d:63:06:
        9f:10:1b:e8

-1607991612 | 2024-05-06T23:52:35.645291

444 / tcp

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Mon, 06 May 2024 23:52:35 GMT
Content-Type: text/html
Content-Length: 145
Connection: close
Location: https://59.110.185.124:443/

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

897328069 | 2024-05-19T15:22:28.190128

465 / tcp

220 mail.scott000.com ESMTP

-1888448627 | 2024-05-21T23:09:20.405333

491 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1911457608 | 2024-05-23T07:03:45.296520

502 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1888448627 | 2024-05-14T12:28:30.581738

503 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

-375604792 | 2024-05-01T02:52:50.952474

515 / tcp

220 Microsoft FTP Service

444328471 | 2024-05-18T12:31:53.213954

548 / tcp

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: SynologyRouter\nMachine Type: \rNetatalk3.1.1\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: DHX2\t,DHCAST128\\x00\nServer Signature: 00000000008002000180030002800280

-927382641 | 2024-05-23T13:20:22.235051

554 / tcp

RTSP/1.0 200 OK
CSeq: 1
Public: OPTIONS, DESCRIBE, PLAY, PAUSE, SETUP, TEARDOWN, SET_PARAMETER, GET_PARAMETER

745343730 | 2024-05-19T07:48:43.019060

587 / tcp

220 smtp.qq.com Esmtp QQ Mail Server

-1805329632 | 2024-04-28T19:53:01.749641

593 / tcp

HTTP/1.1 200 OK
Server: nginx/1.13.7
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes

178736976 | 2024-05-11T09:35:59.334212

631 / tcp

SSH-58-Ingrian_SSH

1732481781 | 2024-05-20T15:41:48.788356

636 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 8-38284903-0 0NNN RT(1705909933705 166) q(-1 -1 -1 -1) r(0 -1) b1

1300162323 | 2024-05-18T00:57:01.113190

666 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff

-1810987450 | 2024-05-19T22:03:51.623985

771 / tcp

\xc3\xbf

-1099385124 | 2024-04-28T20:30:19.153872

789 / tcp

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

1911457608 | 2024-05-22T19:23:58.952443

805 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1970692834 | 2024-05-14T09:15:08.693614

873 / tcp

@RSYNCD: 31.0\n@RSYNCD: EXIT\n

1956828827 | 2024-05-13T00:05:36.856846

902 / tcp

220 VMware Authentication Daemon Version 1.10: SSL Required, Se
rverDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t

-936692830 | 2024-05-10T15:00:14.992580

992 / tcp

HTTP/1.1 202 OK
Connection: Keep-Alive
Content-Type: text/html
Keep-Alive: timeout=15; max=19

819727972 | 2024-05-14T13:05:44.047415

993 / tcp

SSH-2.0-OpenSSH_7.4

-740312032 | 2024-05-16T20:58:13.029972

995 / tcp

+OK Dovecot (Ubuntu) ready.\r\n

-1681927087 | 2024-05-21T00:51:00.932811

1023 / tcp

kjnkjabhbanc283ubcsbhdc72

2033888749 | 2024-05-05T18:56:14.482036

1024 / tcp

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

599074451 | 2024-05-23T16:59:23.272641

1025 / tcp

msg

1911457608 | 2024-05-13T08:42:19.172420

1029 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1396488228 | 2024-04-28T18:01:43.187934

1099 / tcp

HTTP/1.1 200 OK
Content-Length: 2037
Cache-Control: private, max-age=300
Content-Type: text/html

819727972 | 2024-05-18T12:56:29.364072

1153 / tcp

SSH-2.0-OpenSSH_7.4

996960436 | 2024-05-23T06:10:29.909903

1177 / tcp

572 Relay not authorized

660175493 | 2024-05-10T04:06:53.287579

1200 / tcp

-1399940268 | 2024-05-19T18:17:21.334311

1234 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1760806421 | 2024-05-21T23:05:58.706661

1337 / tcp

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected

1615193817 | 2024-05-03T17:20:31.677229

1344 / tcp

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

49107754 | 2024-05-06T16:19:26.245254

1433 / tcp

MSSQL Server\nVersion: 134219767 (0x80007f7)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nProduct_Version: 5.2.3790 Ntlm 15\nOS: Windows Server 2003/Windows Server 2003 R2/Windows Server 2003, Service Pack 2\n

-1453516345 | 2024-05-23T09:53:20.262102

1471 / tcp

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

819727972 | 2024-05-21T17:47:28.066957

1515 / tcp

SSH-2.0-OpenSSH_7.4

1975288991 | 2024-05-20T08:46:32.021969

1521 / tcp

OPTI

-1626979812 | 2024-05-22T20:53:37.224983

1599 / tcp

220 Service ready for new user.

-971970408 | 2024-05-16T21:54:06.109843

1604 / tcp

921225407 | 2024-05-20T14:41:48.454514

1650 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

1103582599 | 2024-05-23T18:15:19.688054

1723 / tcp

Firmware: 1\nHostname: Vigor\nVendor: DrayTek\n

-1399940268 | 2024-05-23T09:54:25.085964

1800 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1692069329 | 2024-05-22T05:11:45.965296

1801 / tcp

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074\\xe14\\xf0\\xb6\\xb85\x0bB\\x86\\x99B\\xa5\\x07\\xb0\\xf6V92d3\\x10\\x03\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

996960436 | 2024-05-17T18:54:03.784034

1883 / tcp

572 Relay not authorized

1189133115 | 2024-05-23T18:33:17.848593

1911 / tcp

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

-314039103 | 2024-05-13T18:53:08.199383

1925 / tcp

Surnom.
Sorry, that nickname format is invalid.

1690634669 | 2024-05-22T04:50:35.999184

1926 / tcp

677934968 | 2024-05-05T04:24:24.075162

1962 / tcp

lm^)Q

-1888448627 | 2024-05-23T08:40:47.678316

2000 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1978059005 | 2024-05-17T23:53:36.224724

2002 / tcp

Sorry, that nickname format is invalid.

1189133115 | 2024-05-15T18:43:39.045220

2008 / tcp

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

-1487943323 | 2024-05-04T17:43:20.957953

2052 / tcp

431 Unable to negotiate secure command connection.\r\n

2087396567 | 2024-04-24T21:22:14.482990

2067 / tcp

kjnkjabhbanc283ubcsbhdc72

1504401647 | 2024-05-19T03:17:58.899336

2081 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

1741579575 | 2024-05-15T21:00:43.752683

2083 / tcp

1842524259 | 2024-05-23T18:04:38.295629

2087 / tcp

669849225 | 2024-05-04T13:40:41.343274

2095 / tcp

SSH-98.60-SysaxSSH_81885..42\r\n

141730637 | 2024-05-20T10:03:43.617717

2121 / tcp

HTTP/1.0 200 OK
Server: Proxy

-2089734047 | 2024-05-16T06:16:24.512008

2154 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

546151771 | 2024-05-18T16:15:56.048032

2181 / tcp

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

1023953321 | 2024-05-16T08:23:16.621099

2200 / tcp

HTTP/1.0 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm="proxy"
Connection: close
Content-type: text/html; charset=utf-8

819727972 | 2024-04-28T07:28:01.309550

2202 / tcp

SSH-2.0-OpenSSH_7.4

-18551454 | 2024-05-12T12:27:26.752804

2222 / tcp

SSH-2.0-OpenSSH_6.2_hpn13v11 FreeBSD-20130515\r\n\n

-136006866 | 2024-05-17T06:23:26.863382

2250 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

1662205251 | 2024-05-12T22:29:16.777210

2323 / tcp

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

-1471513798 | 2024-05-20T13:37:32.568447

2332 / tcp

[gN

-2096652808 | 2024-05-20T07:42:47.708217

2345 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1072892569 | 2024-05-22T02:08:20.777801

2375 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

-1888448627 | 2024-05-23T12:55:20.315516

2404 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

-1839934832 | 2024-05-15T12:46:48.173224

2455 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-1399940268 | 2024-05-13T13:22:12.644759

2553 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1726594447 | 2024-05-21T02:42:08.233549

2568 / tcp

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

171352214 | 2024-05-22T02:10:18.561318

2628 / tcp

-ERR client ip is not in whitelist

165188539 | 2024-05-15T15:29:52.525830

2762 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1911457608 | 2024-05-22T08:39:41.026724

2985 / tcp

\x00[\x00\x00\x00\x00\x00\x00

2087396567 | 2024-05-14T08:19:22.504067

3001 / tcp

kjnkjabhbanc283ubcsbhdc72

-1835475271 | 2024-05-12T18:53:37.799621

3049 / tcp

200 NOD32SS 99 (3318497116)\r\n

-2089734047 | 2024-05-22T11:39:14.589539

3050 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

819727972 | 2024-05-15T21:03:32.760969

3051 / tcp

SSH-2.0-OpenSSH_7.4

819727972 | 2024-05-13T00:11:25.456429

3057 / tcp

SSH-2.0-OpenSSH_7.4

-358801646 | 2024-05-13T09:52:46.923015

3059 / tcp

SSH-2.0-OpenSSH_6.6.1

-1839934832 | 2024-05-18T10:51:25.555486

3073 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-1399940268 | 2024-05-12T19:26:30.892597

3084 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-05-18T14:08:58.106108

3099 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

455076604 | 2024-05-21T06:27:18.505235

3116 / tcp

!\x07version\x04bind7 t{RPowerDNS Recursor 410

-1230049476 | 2024-05-06T13:10:33.371757

3119 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

-862070606 | 2024-05-13T03:32:22.241693

3260 / tcp

Login Response Success(0x0000)\nKey/Value Pairs\nAuthMethod=None\nTargetAlias=LIO Target\nTargetPortalGroupTag=1\n\n

247702477 | 2024-05-21T23:23:44.538940

3268 / tcp

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 9-54370107-0 0NNN RT(1701565466051 0) q(0 -1 -1 -1) r(0 -1)

819727972 | 2024-05-20T01:32:30.498397

3269 / tcp

SSH-2.0-OpenSSH_7.4

2087396567 | 2024-05-17T14:01:48.730875

3299 / tcp

kjnkjabhbanc283ubcsbhdc72

-1248408558 | 2024-05-12T14:12:34.403394

3301 / tcp

220 MikroTik FTP server (MikroTik 6.44.3) ready

-1036944024 | 2024-05-23T10:30:39.469287

3306 / tcp

F\\x00\\x00\\x00\\xffj\\x04Host \'*.*.*.*\' is not allowed to connect to this MySQL server

401555314 | 2024-05-19T17:38:47.903641

3310 / tcp

NB[GFXjA^R

-1428621233 | 2024-05-06T10:59:30.923807

3337 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

623170236 | 2024-05-16T10:05:11.256252

3389 / tcp

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x02\\x1f\\x08\\x00\\x08\\x00\\x00\\x00\n\nFlag: PROTOCOL_HYBRID_EX\nTarget_Name: PC82139\nProduct_Version: 10.0.19041 Ntlm 15\nOS: Windows 10, Version 2004/Windows Server, Version 2004\nNetBIOS_Domain_Name: PC82139\nNetBIOS_Computer_Name: PC82139\nDNS_Domain_Name: PC82139\nDNS_Computer_Name: PC82139\nSystem_Time: 2024-01-19 08:39:46 +0000 UTC\n\n

-1227409554 | 2024-04-28T23:40:22.537280

3404 / tcp

HTTP/1.1 500 Internal Server Error
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

493955023 | 2024-05-03T21:37:23.348921

3405 / tcp

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

1911457608 | 2024-04-24T10:38:39.986800

3410 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1032713145 | 2024-05-23T00:45:10.753958

3479 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

-1375131644 | 2024-04-30T22:12:14.646856

3522 / tcp

\x00[v\xc3\xbdC\x7f\x00\x00

-1013082686 | 2024-04-29T00:00:25.881937

3523 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

-2118655245 | 2024-04-26T19:30:35.631484

3542 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20

198844676 | 2024-04-25T05:55:51.322453

3551 / tcp

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

1632932802 | 2024-05-19T19:48:02.736555

3558 / tcp

808560482 | 2024-05-19T04:34:19.997589

3689 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP
 : USERID : UNIX : Cr8

-1316491703 | 2024-05-09T18:27:16.345767

3749 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready

-616720387 | 2024-05-21T03:34:39.164363

3780 / tcp

SSH-2.0-SSHD_0.7.6

2087396567 | 2024-05-08T11:06:30.100084

3790 / tcp

kjnkjabhbanc283ubcsbhdc72

-1101712668 | 2024-05-15T10:05:58.897632

4000 / tcp

\\x1e\xc3\x80\\x010\\x02\xc2\xa8\xc3\xa3

1370263973 | 2024-05-13T00:33:03.411184

4022 / tcp

dubbo>

-1461540015 | 2024-05-18T11:49:58.150255

4040 / tcp

audio 0 RTP/AVP 18 4 3 8 0 101
a

-1399940268 | 2024-05-13T03:40:12.087753

4043 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

676476721 | 2024-05-21T10:49:54.119022

4063 / tcp

ELM Enterprise Manager _l
Copyright © 18668511-928641920 TNT Software, Inc.

-1248408558 | 2024-05-22T02:56:38.603680

4064 / tcp

220 MikroTik FTP server (MikroTik 6.44.3) ready

819727972 | 2024-05-21T10:47:24.708158

4157 / tcp

SSH-2.0-OpenSSH_7.4

-1341662640 | 2024-05-03T22:50:23.466722

4242 / tcp

HTTP/1.1 301 Moved Permanently
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

-1013082686 | 2024-05-18T17:35:46.393931

4282 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

-1250504565 | 2024-05-14T17:31:52.162094

4321 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

1911457608 | 2024-05-23T11:12:38.581621

4369 / tcp

\x00[\x00\x00\x00\x00\x00\x00

670357253 | 2024-04-26T02:24:19.652668

4433 / tcp

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 02:24:19 GMT
Content-Type: application/json
Content-Length: 1685
Connection: keep-alive
Ali-Swift-Global-Savetime: 1714098259
Eagleeye-Traceid: e278755953d08fbb9c9a350401
Eagleid: e278755953d08fbb9c9a350401
S_group: tao-session
S_ip: 1efd8381f74ba1dc765cf909cd9ef7c5
S_status: STATUS_SYS_ERR
S_tag: 789335411908327|976413959^|^^
S_tid: e278755953d08fbb9c9a350401
S_ucode: CN:CENTER
S_v: 3.3.3.8
Server: Tengine
Strict-Transport-Security: max-age=0
Timing-Allow-Origin: *, *
Location: https://tianchi-gitlab.aliyun.com
Ufe-Result: A3
Via: kunlun18.69kunlun3[684,932,491-0,M], kunlun40.kunlun06[769,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-Cachetime: 0
X-Swift-Savetime: Fri, 26 Apr 2024 02:24:19 GMT

1140068775 | 2024-05-22T12:58:04.280634

4443 / tcp

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html
X-Frame-Options: DENY

Name: VMware ESXi
FullName: VMware ESXi 6.7.0 build-8169922
Vendor: VMware, Inc.
Version: 6.7.0
Build: 8169922
LocaleVersion: INTL
LocaleBuild: 000
OsType: vmnix-x86
ProductLineId: embeddedEsx
ApiType: HostAgent
ApiVersion: 6.7

504717326 | 2024-05-21T19:35:39.079112

4444 / tcp

SSH-2.0-OpenSSH_8.6

1396488228 | 2024-05-13T02:33:35.885603

4500 / tcp

HTTP/1.1 200 OK
Content-Length: 2037
Cache-Control: private, max-age=300
Content-Type: text/html

-984990168 | 2024-05-13T13:23:59.445381

4506 / tcp


0ÿñ

165188539 | 2024-04-30T22:47:17.597719

4523 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1911457608 | 2024-05-06T19:50:20.542255

4643 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1375509841 | 2024-05-09T00:25:43.361639

4782 / tcp

ÿû

no data rcvd for version string

recv version id unsuccessful

SSH Session task 0xY: Version Exchange Failed

1620329124 | 2024-05-19T21:38:54.267696

4786 / tcp

\r\nSiemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready\r\n\xc3\xbf\xc3\xbb\x01\xc3\xbf\xc3\xbb\x03\xc3\xbf\xc3\xbd\x01\xc3\xbf\xc3\xbe\x01Username:

1996932384 | 2024-05-03T21:10:05.367339

4808 / tcp

"raop" nonce

1911457608 | 2024-05-21T11:02:14.963979

4840 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-138733098 | 2024-05-17T12:19:20.885652

4848 / tcp

roku: ready

-1733645023 | 2024-05-19T05:40:31.891166

4899 / tcp

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

1996932384 | 2024-05-17T06:27:18.961452

4911 / tcp

"raop" nonce

1948301213 | 2024-05-08T19:10:04.924167

4949 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

165188539 | 2024-05-18T06:14:22.132896

4999 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-971970408 | 2024-05-23T11:13:21.948853

5001 / tcp

290819026 | 2024-05-06T23:55:54.901643

5005 / tcp

welcome to Pandora console!
----------------------------
-------------------------
|     Login Time     |     2021-12-08 1...

-1248408558 | 2024-05-16T21:36:08.871845

5006 / tcp

220 MikroTik FTP server (MikroTik 6.44.3) ready

1615193817 | 2024-05-22T04:41:04.053252

5007 / tcp

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

-1338936697 | 2024-05-21T20:07:13.480268

5009 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2109_PStjdxtk16_38957-48596

320677201 | 2024-05-19T13:09:08.841980

5010 / tcp

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

-971970408 | 2024-05-22T17:35:28.165827

5025 / tcp

-1795027372 | 2024-05-22T21:18:11.750916

5090 / tcp

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

-971970408 | 2024-05-23T19:48:16.530673

5172 / tcp

-1056270173 | 2024-05-13T00:17:22.763309

5190 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close

-1899074860 | 2024-05-10T03:54:44.311680

5201 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

676476721 | 2024-05-21T09:00:35.952793

5222 / tcp

ELM Enterprise Manager _l
Copyright © 18668511-928641920 TNT Software, Inc.

1359734371 | 2024-05-10T19:44:05.692438

5269 / tcp

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705938451.076-w-waf01tjgt

1776982117 | 2024-05-11T21:45:09.263961

5431 / tcp

HTTP/1.1 404 Not Found
DATE: Fri, 19 Jan 2024 11:56:44 GMT
Connection: Keep-Alive
Server: LINUX/2.4 UPnP/1.0 BRCM400/1.0
Content-Type: text/xml; charset="utf-8"
EXT:

-1399940268 | 2024-04-28T10:24:21.422193

5432 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-2089734047 | 2024-05-04T11:47:43.490862

5435 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1023953321 | 2024-05-04T19:48:03.566981

5500 / tcp

HTTP/1.0 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm="proxy"
Connection: close
Content-type: text/html; charset=utf-8

504717326 | 2024-05-23T10:22:55.573312

5568 / tcp

SSH-2.0-OpenSSH_8.6

-2089734047 | 2024-05-03T07:23:17.593257

5569 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1943555721 | 2024-05-05T13:41:48.036088

5601 / tcp

HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
content-encoding: gzip
content-length: 318

-1032713145 | 2024-05-15T20:52:14.388258

5607 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

575925250 | 2024-05-16T01:20:12.759202

5672 / tcp

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

-358801646 | 2024-05-12T07:03:03.958209

5673 / tcp

SSH-2.0-OpenSSH_6.6.1

1984588611 | 2024-05-23T07:09:25.056469

5801 / tcp

119860953 | 2024-05-23T14:23:48.142162

5858 / tcp

* OK ArGoSoft Mail Server IMAP Module v.YW at

-1032713145 | 2024-05-18T02:30:39.835822

5908 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

-805362002 | 2024-05-13T09:25:31.630695

5938 / tcp

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

1999272906 | 2024-05-21T17:09:14.709263

5984 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

-1316491703 | 2024-05-12T20:36:09.972310

5986 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready

-1279886438 | 2024-05-22T06:03:35.383297

6000 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

-1461540015 | 2024-05-17T10:58:56.679061

6002 / tcp

audio 0 RTP/AVP 18 4 3 8 0 101
a

1911457608 | 2024-05-08T23:54:00.772293

6008 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1813977069 | 2024-05-02T20:19:27.933473

6379 / tcp

-ERR wrong number of arguments for 'get' command

-1321416184 | 2024-05-20T01:10:50.627258

6443 / tcp

HTTP/1.1 200 OK
Date: Mon, 20 May 2024 01:10:50 GMT
Content-Type: text/html
Content-Length: 1972
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: no-cache, no-store
Etag: "28f5e0f0-7e4"
Server: Tengine
Set-Cookie: SERVERID=657ec3788b70e77da0c54c57dbdc5d1f|1716167450|1716167450;Path=/
Vary: Accept-Encoding
Location: https://ecs-buy-rus-west-1.aliyun.com

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:35:2e:4a:35:dc:34:ed:3b:e8:9c:38
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: Apr 12 23:17:04 2023 GMT
            Not After : May 13 23:11:02 2024 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.alibabacorp.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:5a:d8:7b:d4:f1:dd:49:12:82:ec:77:5d:7c:e4:
                    76:9c:4c:04:23:44:89:ec:ef:cd:4a:8b:15:72:f5:
                    2d:58:86:84:41:2d:47:54:06:ec:40:f1:3d:42:e4:
                    03:7c:49:55:ac:29:9a:db:3d:30:29:ba:93:23:24:
                    18:3e:3e:e2:ea
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                EB:3E:07:A3:E1:1B:8B:BD:B5:1C:00:D6:2C:14:E5:3E:32:B8:48:18
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            Authority Information Access: 
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
            X509v3 Subject Alternative Name: 
                DNS:*.alibabacorp.com, DNS:*.56.cainiao-inc.com, DNS:*.56.cainiao.com, DNS:*.9game.cn, DNS:*.a.alibaba-inc.com, DNS:*.abs.alibaba-inc.com, DNS:*.acc.alibaba-inc.com, DNS:*.acds.taobao.org, DNS:*.acp.alibaba-inc.com, DNS:*.acs.alibabaplanet.com, DNS:*.addr.cainiao-inc.com, DNS:*.admin.alibaba-inc.com, DNS:*.admin.alitrip.com, DNS:*.admin.cainiao-inc.com, DNS:*.admin.fliggy.com, DNS:shog3509n881244h5.1688.com, DNS:laoken.en.alibaba.com
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        1e:89:75:04:69:5a:cc:5f:a0:87:6b:5a:21:a3:3a:e0:ad:5e:
        0f:e6:17:1d:f2:27:19:61:5b:8b:2a:c6:49:99:b8:ad:d5:90:
        ad:ab:c7:5f:08:93:d3:6b:5a:79:be:22:d6:45:94:91:65:96:
        6d:d5:cb:5c:50:42:aa:2e:13:70:19:81:1e:86:36:d9:18:40:
        51:bb:89:12:c7:8e:a0:bf:3a:76:5d:61:39:ba:be:74:38:7b:
        4b:a0:d5:f3:4c:4d:9a:68:1b:40:2f:ee:11:e7:2a:c3:4e:c2:
        10:bd:f1:34:c1:10:16:d8:d7:80:70:77:53:e6:5f:ff:07:ef:
        b3:48:07:ec:df:5b:78:cf:dc:47:f0:a5:94:69:6f:9c:ac:3e:
        18:db:15:b3:96:9d:84:96:70:09:4d:34:82:37:63:53:4a:2c:
        9e:c9:c7:e4:52:02:c8:a3:db:33:a3:36:a4:00:14:32:72:a0:
        4e:00:38:3c:43:99:d9:e7:74:82:1c:cf:99:a6:c2:ac:e9:bf:
        51:86:3e:4f:ba:60:82:4f:29:a1:0f:bd:48:74:a1:7c:2e:d7:
        fc:a5:c0:33:3f:b1:41:00:94:34:13:14:94:29:56:70:b5:85:
        2d:df:02:25:92:69:e0:1b:13:d2:44:b2:78:e7:d1:20:a2:1f:
        a6:51:23:2c

-444830029 | 2024-05-14T06:10:36.559972

6510 / tcp

HTTP/1.1 401 Unauthorized
Server: xhmmhttpsv130-20200310
Cache-Control: no-cache,no-store
Content-Type: text/html; charset=%s
Connection: close

-345718689 | 2024-05-20T07:06:16.903798

6633 / tcp

Vty password is not set.

-599252106 | 2024-05-15T12:03:56.426769

6653 / tcp

OpenFlow:
  Version: 1.1

-527005584 | 2024-05-23T03:37:41.527481

6664 / tcp

/0 0 L
/0 0 HUH

4935895 | 2024-05-16T04:07:35.124898

6666 / tcp

HTTP/1.1 400 Bad Request
Server: CloudWAF

819727972 | 2024-05-05T14:53:10.198715

6667 / tcp

SSH-2.0-OpenSSH_7.4

1726594447 | 2024-05-22T23:56:23.961633

6668 / tcp

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

165188539 | 2024-04-29T05:10:37.602568

6697 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1749359477 | 2024-05-14T23:59:32.510289

7001 / tcp

HTTP/1.1 403 Forbidden
Content-Type: text/html
Connection: keep-alive
NO_SERVICE: 1

-971970408 | 2024-05-20T08:32:03.363850

7071 / tcp

-1681927087 | 2024-05-07T03:42:18.652699

7218 / tcp

kjnkjabhbanc283ubcsbhdc72

819727972 | 2024-05-10T19:12:10.234595

7415 / tcp

SSH-2.0-OpenSSH_7.4

-375604792 | 2024-05-23T07:48:10.810716

7434 / tcp

220 Microsoft FTP Service

1342763855 | 2024-05-23T05:07:12.275122

7443 / tcp

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
Connection: close
Server: Nginx
Expires: 0
Pragma: no-cache
Cache-Control: no-cache
X-LANG: 1
X-Timezone: 0800
X-Timestamp: 1705912071
X-Arch: x86
X-Sysbit: x64
X-Enterprise: 0
X-Support-i18n: 0
X-Support-wifi: 0
Location: /login

-2140303521 | 2024-04-27T20:28:34.466639

7493 / tcp

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

770016595 | 2024-04-25T20:41:29.730172

7547 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

808560482 | 2024-05-17T19:33:19.969100

7548 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP
 : USERID : UNIX : Cr8

1842524259 | 2024-05-10T22:01:54.890767

7634 / tcp

-984990168 | 2024-05-17T18:05:11.051730

7779 / tcp


0ÿñ

-1259524839 | 2024-05-20T17:23:26.306399

7999 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

1072892569 | 2024-05-04T20:26:47.878375

8001 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

1911457608 | 2024-05-22T10:42:08.188883

8003 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1105333987 | 2024-05-19T21:24:12.538972

8005 / tcp

\x00[KpU\x7f\x00\x00

-2089734047 | 2024-05-20T00:15:16.740998

8009 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-319440554 | 2024-05-08T09:08:42.241960

8010 / tcp

165188539 | 2024-05-07T19:02:31.473820

8026 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-784071826 | 2024-05-07T16:28:03.908236

8028 / tcp

SSH-2.0-OpenSSH_8.0

45131230 | 2024-05-05T13:57:21.204570

8030 / tcp

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

1223115691 | 2024-04-26T22:52:27.524154

8040 / tcp

connect

921225407 | 2024-05-18T13:33:57.163217

8041 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

-1056270173 | 2024-05-20T08:53:25.755142

8042 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close

2139917906 | 2024-05-15T16:09:19.197848

8045 / tcp

HTTP/1.1 404 Not Found
content-type: text/plain;charset=utf-8
content-length: 10
connection: keep-alive

-1839934832 | 2024-05-11T06:08:36.142324

8046 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-2107996212 | 2024-05-22T20:05:26.762979

8049 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

-1013082686 | 2024-05-20T19:31:42.589449

8052 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

-2118655245 | 2024-05-21T09:39:21.469933

8060 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20

-1265999252 | 2024-05-06T01:59:46.646802

8064 / tcp

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

-402207690 | 2024-05-19T17:08:19.412554

8081 / tcp

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Sun, 19 May 2024 17:08:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Jetty(9.2.z-SNAPSHOT)
Set-Cookie: JSESSIONID.57d90275=l1ikaxjkjgal13b932nr6m046;Path=/;HttpOnly
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Hudson: 1.395
X-Hudson-Cli-Port: 35143
X-Hudson-Theme: default
X-Instance-Identity: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo11q9lqeePDBj5prAqyZlNNLIEqM5MeNNKrDoqlRBoabHmk1kPJtdsWVkH6z4MrC6csIzI5huZA6btT6vWhRQuBL6HfkAnqqSZKHA2nnV53QAGtYvDNc051DP9AQzptNMj1Y0wflcRiyDmduWvqxgCXKYrkjbV2vDD+6eCmRVuGgBV130l5lUdCGlhnYJwSyG0MpgcrDnqPH0FPNNp4+Sc/315EDpb3MmkT+gkJuqrHggk7irw74ZSmTnIptsAlHRjTFuDyBsxfES8eeH5jHEjq+3+7+NU/W6BPRpck7zVmaSSTWdPY8HtwpFzjo0Tylb/VWpv3q/v5AhrFJs3YPjQIDAQAB
X-Jenkins: 2.46.1
X-Jenkins-Cli-Port: 35143
X-Jenkins-Cli2-Port: 35143
X-Jenkins-Session: 0d775b24
X-Ssh-Endpoint: 59.110.185.124:44949
Transfer-Encoding: chunked

20b5




  
  <!DOCTYPE html><html><head resURL="/static/0d775b24" data-rooturl="" data-resurl="/static/0d775b24">
    

    <title>Dashboard [Jenkins]</title><link rel="stylesheet" href="/static/0d775b24/css/layout-common.css" type="text/css" /><link rel="stylesheet" href="/static/0d775b24/css/style.css" type="text/css" /><link rel="stylesheet" href="/static/0d775b24/css/color.css" type="text/css" /><link rel="stylesheet" href="/static/0d775b24/css/responsive-grid.css" type="text/css" /><link rel="shortcut icon" href="/static/0d775b24/favicon.ico" type="image/vnd.microsoft.icon" /><link color="black" rel="mask-icon" href="/images/mask-icon.svg" /><script>var isRunAsTest=false; var rootURL=""; var resURL="/static/0d775b24";</script><script src="/static/0d775b24/scripts/prototype.js" type="text/javascript"></script><script src="/static/0d775b24/scripts/behavior.js" type="text/javascript"></script><script src='/adjuncts/0d775b24/org/kohsuke/stapler/bind.js' type='text/javascript'></script><script src="/static/0d775b24/scripts/yui/yahoo/yahoo-min.js"></script><script src="/static/0d775b24/scripts/yui/dom/dom-min.js"></script><script src="/static/0d775b24/scripts/yui/event/event-min.js"></script><script src="/static/0d775b24/scripts/yui/animation/animation-min.js"></script><script src="/static/0d775b24/scripts/yui/dragdrop/dragdrop-min.js"></script><script src="/static/0d775b24/scripts/yui/container/container-min.js"></script><script src="/static/0d775b24/scripts/yui/connection/connection-min.js"></script><script src="/static/0d775b24/scripts/yui/datasource/datasource-min.js"></script><script src="/static/0d775b24/scripts/yui/autocomplete/autocomplete-min.js"></script><script src="/static/0d775b24/scripts/yui/menu/menu-min.js"></script><script src="/static/0d775b24/scripts/yui/element/element-min.js"></script><script src="/static/0d775b24/scripts/yui/button/button-min.js"></script><script src="/static/0d775b24/scripts/yui/storage/storage-min.js"></script><script src="/static/0d775b24/scripts/hudson-behavior.js" type="text/javascript"></script><script src="/static/0d775b24/scripts/sortable.js" type="text/javascript"></script><script>crumb.init("", "");</script><link rel="stylesheet" href="/static/0d775b24/scripts/yui/container/assets/container.css" type="text/css" /><link rel="stylesheet" href="/static/0d775b24/scripts/yui/assets/skins/sam/skin.css" type="text/css" /><link rel="stylesheet" href="/static/0d775b24/scripts/yui/container/assets/skins/sam/container.css" type="text/css" /><link rel="stylesheet" href="/static/0d775b24/scripts/yui/button/assets/skins/sam/button.css" type="text/css" /><link rel="stylesheet" href="/static/0d775b24/scripts/yui/menu/assets/skins/sam/menu.css" type="text/css" /><link rel="search" href="/opensearch.xml" type="application/opensearchdescription+xml" title="Jenkins" /><meta name="ROBOTS" content="INDEX,NOFOLLOW" /><meta name="viewport" content="width=device-width, initial-scale=1" /><link rel="alternate" href="/rssAll" title="Jenkins:all (all builds)" type="application/rss+xml" /><link rel="alternate" href="/rssAll?flavor=rss20" title="Jenkins:all (all builds) (RSS 2.0)" type="application/rss+xml" /><link rel="alternate" href="/rssFailed" title="Jenkins:all (failed builds)" type="application/rss+xml" /><link rel="alternate" href="/rssFailed?flavor=rss20" title="Jenkins:all (failed builds) (RSS 2.0)" type="application/rss+xml" /><script src="/static/0d775b24/scripts/yui/cookie/cookie-min.js"></script><script>
              YAHOO.util.Cookie.set("screenResolution", screen.width+"x"+screen.height);
            </script><script src="/static/0d775b24/jsbundles/page-init.js" type="text/javascript"></script></head><body data-model-type="hudson.model.AllView" id="jenkins" class="yui-skin-sam jenkins-2.46.1 two-column" data-version="2.46.1"><a href="#skip2content" class="skiplink">Skip to content</a><div id="page-head"><div id="header"><div class="logo"><a id="jenkins-home-link" href="/"><img src="/static/0d775b24/images/headshot.png" alt="title" id="jenkins-head-icon" /><img src="/static/0d775b24/images/title.png" alt

2087396567 | 2024-05-21T04:03:09.716403

8083 / tcp

kjnkjabhbanc283ubcsbhdc72

2087396567 | 2024-05-19T05:45:45.531910

8085 / tcp

kjnkjabhbanc283ubcsbhdc72

1865391109 | 2024-05-20T17:31:07.485919

8086 / tcp

HTTP/1.1 408 Request Timeout
content-length: 0

165188539 | 2024-05-04T06:41:33.967045

8087 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-949565575 | 2024-05-01T21:13:00.464803

8088 / tcp

\x19\x02\x02\x07Protocol version mismatch

1887224352 | 2024-04-24T08:33:07.901308

8089 / tcp

1825545421 | 2024-05-10T19:08:47.420874

8099 / tcp

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
via: CHN-GDdongguan-AREACMCC2-CACHE38[0]
X-CCDN-FORBID-CODE: 040001

1911457608 | 2024-05-18T07:15:01.489635

8106 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-119996482 | 2024-05-17T00:38:03.184199

8112 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0

1911457608 | 2024-05-03T23:06:19.958038

8118 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-2081419599 | 2024-05-07T13:11:09.548190

8123 / tcp

@
03d

-1839934832 | 2024-05-21T04:25:48.853553

8126 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

1278527606 | 2024-05-22T05:04:53.227863

8139 / tcp

SSH-2.0-Teleport

2087396567 | 2024-05-10T13:12:36.400365

8140 / tcp

kjnkjabhbanc283ubcsbhdc72

-2046514463 | 2024-05-22T05:30:43.383856

8143 / tcp

AB\x01\t

-678709746 | 2024-05-14T00:47:05.123283

8200 / tcp

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
Deny-Reason: hotload rechange server uri format error!!
Request-Id: 65ae2777f948604810dc8a1cf13fe8d2

117101543 | 2024-05-18T08:17:48.044819

8291 / tcp

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

-1300025046 | 2024-05-04T07:08:49.959865

8333 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705941025.555-waf01bjtp3

-1730858130 | 2024-05-02T20:06:15.443495

8405 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

165188539 | 2024-05-14T23:27:24.106719

8408 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-585940771 | 2024-05-13T07:55:38.275692

8410 / tcp

Unknown command\r\n

-1899074860 | 2024-04-28T08:10:06.049282

8415 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

-1399940268 | 2024-05-07T00:32:41.166923

8416 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-616720387 | 2024-04-27T06:45:29.263118

8433 / tcp

SSH-2.0-SSHD_0.7.6

1753236315 | 2024-04-24T07:18:02.254918

8443 / tcp

HTTP/1.1 200 OK
Referrer-Policy: no-referrer
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Robots-Tag: none
Cache-Control: no-cache, must-revalidate, no-transform, no-store
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html;charset=utf-8
content-length: 3870

-1455149952 | 2024-05-21T13:24:51.026671

8500 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1e27_PS-000-01sNY99_31294-28028

819727972 | 2024-05-04T01:21:54.289781

8545 / tcp

SSH-2.0-OpenSSH_7.4

2087396567 | 2024-05-22T00:36:56.016979

8554 / tcp

kjnkjabhbanc283ubcsbhdc72

-1399940268 | 2024-05-15T20:48:18.901576

8575 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

103159425 | 2024-04-26T19:20:00.975389

8585 / tcp

SSH-1.99-RGOS_SSH

321971019 | 2024-05-18T19:53:16.569475

8637 / tcp

-ERR client ip is not in whitelist\r

842535728 | 2024-05-13T18:42:14.638340

8649 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

-1399940268 | 2024-04-29T01:12:55.398292

8666 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-358801646 | 2024-05-18T14:59:33.420391

8728 / tcp

SSH-2.0-OpenSSH_6.6.1

1911457608 | 2024-05-05T07:57:11.272205

8803 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1911457608 | 2024-05-13T17:24:22.647832

8810 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1911457608 | 2024-05-06T13:34:05.062313

8820 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-616720387 | 2024-05-16T00:10:34.271237

8834 / tcp

SSH-2.0-SSHD_0.7.6

-1399940268 | 2024-05-16T20:04:00.896974

8856 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1615193817 | 2024-05-10T20:36:44.371224

8863 / tcp

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

-2017887953 | 2024-04-24T07:59:34.628322

8864 / tcp

SSH-2.0-OpenSSH_7.9

-1476017887 | 2024-05-23T13:56:15.786964

8872 / tcp

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

-2089734047 | 2024-05-05T08:58:07.218599

8874 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-653033013 | 2024-05-07T09:46:39.572967

8878 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

-1476017887 | 2024-05-08T22:31:46.959358

8879 / tcp

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

233634112 | 2024-04-24T20:42:26.369230

8880 / tcp

SSH-98.60-SysaxSSH_81885..42

1282941221 | 2024-05-22T12:01:52.220878

8889 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

-454087041 | 2024-05-22T18:08:35.592866

8969 / tcp

\x1e\xc3\x80\x010\x02\x00\xc2\xa8\xc3\xa3\x00\x00\x00\x00

1887224352 | 2024-05-22T06:48:57.722866

9000 / tcp

-1026951088 | 2024-05-04T09:20:50.501194

9001 / tcp

erro ip

539065883 | 2024-05-16T16:23:40.976353

9002 / tcp

-1428621233 | 2024-05-15T19:43:37.970822

9006 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

-1114821551 | 2024-05-02T17:18:46.414609

9020 / tcp

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

1189133115 | 2024-05-10T04:20:08.096548

9022 / tcp

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

1911457608 | 2024-05-17T22:29:22.936969

9024 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-653033013 | 2024-05-18T03:46:48.576656

9030 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

-1013082686 | 2024-05-23T16:52:03.534478

9036 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

-1031019485 | 2024-05-06T17:37:09.062338

9042 / tcp

[l¶Ð

-1139539254 | 2024-05-10T07:38:25.974842

9048 / tcp

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

-1230049476 | 2024-05-23T14:49:03.944849

9051 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

1492413928 | 2024-05-17T20:56:38.429709

9082 / tcp

SSH-2.0-OpenSSH_7.5

-348760142 | 2024-05-02T09:19:03.475103

9090 / tcp

HTTP/1.1 200 OK
Content-Language: zh-CN
Content-Length: 4825
Content-Type: text/html;charset=utf-8
Date: Thu, 02 May 2024 09:19:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: JSESSIONID=node01j7s1u1o0at6hnfxo3uyj2gbo1322.node0; Path=/; HttpOnly
Set-Cookie: csrf=Qz06dP8azXYgCWO; Path=/; HttpOnly
X-Frame-Options: SAMEORIGIN

1544300041 | 2024-05-11T01:34:12.618512

9091 / tcp

SSH-25453-Cisco-3524665.35

-1399940268 | 2024-05-23T06:38:22.163589

9092 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-2017887953 | 2024-05-21T07:29:02.864340

9095 / tcp

SSH-2.0-OpenSSH_7.9

307999478 | 2024-05-01T06:33:22.705108

9097 / tcp

unknown command \r\nunknown command \r\n

1911457608 | 2024-05-17T11:23:25.794098

9100 / tcp

\x00[\x00\x00\x00\x00\x00\x00

398077695 | 2024-05-13T02:06:18.591332

9107 / tcp

-1399940268 | 2024-05-15T02:12:16.870854

9151 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-05-17T01:28:52.012699

9160 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-05-21T18:34:43.447968

9189 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1163346640 | 2024-04-24T22:24:20.082426

9200 / tcp

HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
content-length: 215

-747911285 | 2024-05-13T23:38:24.759255

9202 / tcp

\xc2\xaa

-1428621233 | 2024-05-15T17:23:45.209241

9210 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

1911457608 | 2024-05-10T03:07:07.193782

9212 / tcp

\x00[\x00\x00\x00\x00\x00\x00

722711397 | 2024-05-12T04:18:45.585266

9221 / tcp

\x00[M\xc3\xba\xc3\x9a\x7f\x00\x00

-1810987450 | 2024-05-09T12:08:38.139639

9251 / tcp

\xc3\xbf

-2140303521 | 2024-05-10T18:46:11.952593

9306 / tcp

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

694512854 | 2024-05-10T21:31:52.612314

9418 / tcp

220-FileZilla Server 中文版 0.9.60 beta
220-written by Tim Kosse (tim.kosse@filezilla-project.org)
220 Please visit https://filezilla-project.org/

-971970408 | 2024-05-21T06:21:15.896232

9443 / tcp

-1399940268 | 2024-05-23T02:11:29.364941

9530 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1428621233 | 2024-05-14T23:59:59.847952

9600 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

-1990350878 | 2024-05-17T01:10:54.272048

9633 / tcp

 
04 \...

1911457608 | 2024-05-10T20:38:38.719190

9663 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-05-05T01:50:25.390945

9761 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

770016595 | 2024-05-14T10:58:07.648324

9981 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

-1730858130 | 2024-05-05T17:42:02.859496

9994 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-1340128872 | 2024-05-23T10:53:46.771235

9998 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae25d2_PS-PEK-010xV14_15533-12109

1161309183 | 2024-05-22T11:48:04.344816

9999 / tcp

ProxyServer is ready

1690634669 | 2024-05-13T17:58:09.682914

10000 / tcp

1492413928 | 2024-05-20T10:40:18.591520

10001 / tcp

SSH-2.0-OpenSSH_7.5

-1140468363 | 2024-05-15T18:19:11.054939

10134 / tcp

\x02\t\x01

119860953 | 2024-05-17T21:39:56.929982

10250 / tcp

* OK ArGoSoft Mail Server IMAP Module v.YW at

-971970408 | 2024-05-17T02:43:12.107968

10443 / tcp

2087396567 | 2024-05-23T16:39:29.992701

10554 / tcp

kjnkjabhbanc283ubcsbhdc72

1948301213 | 2024-04-24T10:49:53.160643

10909 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

-1265999252 | 2024-05-04T08:33:00.248344

11112 / tcp

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

819727972 | 2024-05-10T02:56:14.297296

11210 / tcp

SSH-2.0-OpenSSH_7.4

-136006866 | 2024-05-22T04:31:53.220819

11211 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

-1399940268 | 2024-05-12T02:11:31.352429

11300 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-446385447 | 2024-05-14T17:29:30.225020

12000 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1efa_PS-CKG-01vQy48_16235-38870

878900329 | 2024-05-15T11:36:48.267694

12345 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae24ba_PStjkgwtss75_22411-43255

1865391109 | 2024-05-04T09:02:17.691517

13579 / tcp

HTTP/1.1 408 Request Timeout
content-length: 0

-1013082686 | 2024-05-01T12:09:43.425300

14147 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

-1729629024 | 2024-05-17T03:27:59.856646

14265 / tcp

101 imqbroker =unV

-1399940268 | 2024-05-20T08:05:47.102339

14344 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2087396567 | 2024-04-28T16:44:38.191755

16030 / tcp

kjnkjabhbanc283ubcsbhdc72

-1118605404 | 2024-05-03T01:59:00.636570

16992 / tcp

220 barracuda.dhc.com.cn ESMTP (0985ecb3f26d489aa5d50a88583d05e6)

1542849631 | 2024-05-20T18:00:44.548380

16993 / tcp

* OK [CAPABILITY a2,M\] nBwXk2pPP IMAP4rev1 20qx at

401555314 | 2024-05-07T16:41:38.015815

18081 / tcp

NB[GFXjA^R

1363464823 | 2024-05-19T13:31:50.703323

18245 / tcp

\x00[|ox\x7f\x00\x00

-1399940268 | 2024-05-06T22:48:30.193940

19000 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1900503736 | 2024-05-10T22:46:56.713048

20000 / tcp

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

819727972 | 2024-05-22T01:10:39.688552

20256 / tcp

SSH-2.0-OpenSSH_7.4

165188539 | 2024-05-02T04:39:09.142037

20547 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

2087396567 | 2024-05-14T05:49:37.251066

21025 / tcp

kjnkjabhbanc283ubcsbhdc72

321971019 | 2024-05-21T03:12:14.307828

21379 / tcp

-ERR client ip is not in whitelist\r

-1681927087 | 2024-05-22T10:14:35.468882

23023 / tcp

kjnkjabhbanc283ubcsbhdc72

1778988322 | 2024-05-14T23:11:57.122651

25105 / tcp

* OK GroupWise IMAP4rev1 Server Ready

820958131 | 2024-05-18T04:04:49.853944

25565 / tcp

kjnkjabhbanc283ubcsbhdc72\x02

1090831270 | 2024-05-05T04:32:48.775925

27015 / tcp

Command: None
Size: 1347703880
ID: 808333615
Type: 858797088

1763259671 | 2024-05-07T16:18:32.055092

27017 / tcp

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

-1399940268 | 2024-05-22T13:19:18.281411

28015 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

585675468 | 2024-05-22T23:43:52.002384

28017 / tcp

@
05@ þ...

808560482 | 2024-05-21T16:19:12.823024

30002 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP
 : USERID : UNIX : Cr8

-1854351412 | 2024-04-26T14:47:36.523164

30003 / tcp

[îd

1662811133 | 2024-05-18T23:21:16.773270

31337 / tcp

MudNames 77 - (C) 1997-2001 Ragnar Hojland Espinosa <ragnar@ragnar-hojland.com>

819727972 | 2024-05-12T14:12:31.451156

32764 / tcp

SSH-2.0-OpenSSH_7.4

-971970408 | 2024-05-20T20:57:23.511573

33060 / tcp

-445721795 | 2024-05-08T20:36:51.306416

35000 / tcp

\x00[\xc3\xaed\x1a\x7f\x00\x00

-1142844482 | 2024-05-20T08:29:55.144295

37215 / tcp

ÿûSOYO_SIP VBNQyQSKc settings
Password:

-2031152423 | 2024-05-18T17:40:10.091316

37777 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

597764502 | 2024-04-30T15:04:54.600040

41800 / tcp

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

2054287019 | 2024-05-22T17:42:00.161873

44158 / tcp

\x13/multistream/1.0.0

1623746877 | 2024-05-18T12:04:42.907542

44818 / tcp

500 Permission denied - closing connection.\r\n

2087396567 | 2024-05-11T02:57:01.491717

47990 / tcp

kjnkjabhbanc283ubcsbhdc72

-1591825093 | 2024-05-05T11:42:14.419627

49152 / tcp

HTTP/1.1 500 Internal Server Error
CONTENT-LENGTH: 411
CONTENT-TYPE: text/xml; charset="utf-8"
DATE: Mon, 22 Jan 2024 08:04:18 GMT
EXT:
SERVER: Linux/3.3.0, UPnP/1.0, Portable SDK for UPnP devices/1.6.18
X-User-Agent: redsonic

1690634669 | 2024-05-21T03:47:01.955342

50000 / tcp

745343730 | 2024-05-09T13:13:26.373325

50100 / tcp

220 smtp.qq.com Esmtp QQ Mail Server

-1142844482 | 2024-05-09T04:09:52.960828

51106 / tcp

ÿûSOYO_SIP VBNQyQSKc settings
Password:

707919486 | 2024-05-15T21:49:14.187697

51235 / tcp

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

408230060 | 2024-04-25T04:53:03.992588

54138 / tcp

\r\nSorry, that nickname format is invalid.\r\n

819727972 | 2024-04-26T15:57:57.643113

55000 / tcp

SSH-2.0-OpenSSH_7.4

474736340 | 2024-05-02T16:48:22.546653

55442 / tcp

431 Unable to negotiate secure command connection.

1082732927 | 2024-05-12T17:47:33.960822

55443 / tcp

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

-1729629024 | 2024-05-23T03:16:17.103543

55553 / tcp

101 imqbroker =unV

-1729629024 | 2024-05-10T20:53:04.501941

55554 / tcp

101 imqbroker =unV

-805362002 | 2024-05-07T19:31:55.501924

60010 / tcp

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

-314039103 | 2024-05-21T04:22:52.130628

60030 / tcp

Surnom.
Sorry, that nickname format is invalid.

819727972 | 2024-05-12T00:27:40.110132

60129 / tcp

SSH-2.0-OpenSSH_7.4

1991883981 | 2024-05-17T17:10:24.706844

61613 / tcp

B\x00\x00\x00\xc3\xbfn\x04Too many connections

1278527606 | 2024-05-18T02:56:17.178828

61616 / tcp

SSH-2.0-Teleport

-860824904 | 2024-05-23T20:55:07.639011

62078 / tcp

\x00\x01)

59.110.185.124

Last Seen: 2024-05-23

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1999117212 | 2024-05-20T06:55:52.839413 11 / tcp

1412519768 | 2024-05-14T05:06:06.415063 13 / tcp

-971970408 | 2024-05-20T05:25:43.173556 15 / tcp

-1296032851 | 2024-05-21T15:33:56.048544 17 / tcp

1978059005 | 2024-05-20T16:14:07.437274 19 / tcp

179309064 | 2024-04-25T11:54:06.884277 21 / tcp

-2107996212 | 2024-05-16T15:33:42.599648 23 / tcp

-1399940268 | 2024-04-29T11:19:52.202727 24 / tcp

-1316491703 | 2024-05-22T15:19:09.409707 25 / tcp

1518650537 | 2024-05-13T11:45:54.178470 37 / tcp

1690634669 | 2024-05-21T00:10:39.753044 43 / tcp

-1056270173 | 2024-04-28T02:12:10.501420 49 / tcp

1369632081 | 2024-05-06T08:13:27.740177 53 / tcp

-972699072 | 2024-04-27T08:08:25.645975 70 / tcp

-1264324149 | 2024-05-13T22:33:18.517582 79 / tcp

-1986916590 | 2024-05-05T23:51:11.099656 80 / tcp

-1392039491 | 2024-04-27T11:01:52.269150 81 / tcp

996960436 | 2024-05-19T09:59:10.213844 82 / tcp

1286504516 | 2024-04-26T13:31:54.444291 84 / tcp

1911457608 | 2024-05-05T09:48:37.182931 90 / tcp

380146262 | 2024-05-23T08:43:47.152285 102 / tcp

401555314 | 2024-05-13T23:41:09.617809 104 / tcp

1830187220 | 2024-05-17T18:14:32.078971 110 / tcp

996960436 | 2024-05-08T19:43:24.215363 111 / tcp

-832380282 | 2024-05-12T03:37:05.546360 113 / tcp

-1958992631 | 2024-05-17T06:54:29.142854 119 / tcp

819727972 | 2024-05-17T18:07:49.168537 122 / tcp

-382990917 | 2024-05-21T16:50:02.971529 143 / tcp

-1399940268 | 2024-05-06T00:42:50.334596 175 / tcp

-399606100 | 2024-05-21T16:59:15.645595 179 / tcp

2087396567 | 2024-05-22T14:07:38.357445 195 / tcp

-1140468363 | 2024-05-10T20:21:33.103479 221 / tcp

-1022036431 | 2024-05-22T10:53:54.961751 264 / tcp

-1547976805 | 2024-05-20T02:30:05.387575 311 / tcp

-802714280 | 2024-05-09T04:16:56.470526 340 / tcp

-1907080992 | 2024-05-22T15:53:50.464803 389 / tcp

-349937125 | 2024-05-16T11:39:51.640382 427 / tcp

1349873352 | 2024-05-10T03:43:32.520343 443 / tcp

-1607991612 | 2024-05-06T23:52:35.645291 444 / tcp

897328069 | 2024-05-19T15:22:28.190128 465 / tcp

-1888448627 | 2024-05-21T23:09:20.405333 491 / tcp

1911457608 | 2024-05-23T07:03:45.296520 502 / tcp

-1888448627 | 2024-05-14T12:28:30.581738 503 / tcp

-375604792 | 2024-05-01T02:52:50.952474 515 / tcp

444328471 | 2024-05-18T12:31:53.213954 548 / tcp

-927382641 | 2024-05-23T13:20:22.235051 554 / tcp

745343730 | 2024-05-19T07:48:43.019060 587 / tcp

-1805329632 | 2024-04-28T19:53:01.749641 593 / tcp

178736976 | 2024-05-11T09:35:59.334212 631 / tcp

1732481781 | 2024-05-20T15:41:48.788356 636 / tcp

1300162323 | 2024-05-18T00:57:01.113190 666 / tcp

-1810987450 | 2024-05-19T22:03:51.623985 771 / tcp

-1099385124 | 2024-04-28T20:30:19.153872 789 / tcp

1911457608 | 2024-05-22T19:23:58.952443 805 / tcp

-1970692834 | 2024-05-14T09:15:08.693614 873 / tcp

1956828827 | 2024-05-13T00:05:36.856846 902 / tcp

-936692830 | 2024-05-10T15:00:14.992580 992 / tcp

819727972 | 2024-05-14T13:05:44.047415 993 / tcp

-740312032 | 2024-05-16T20:58:13.029972 995 / tcp

-1681927087 | 2024-05-21T00:51:00.932811 1023 / tcp

2033888749 | 2024-05-05T18:56:14.482036 1024 / tcp

599074451 | 2024-05-23T16:59:23.272641 1025 / tcp

1911457608 | 2024-05-13T08:42:19.172420 1029 / tcp

1396488228 | 2024-04-28T18:01:43.187934 1099 / tcp

819727972 | 2024-05-18T12:56:29.364072 1153 / tcp

996960436 | 2024-05-23T06:10:29.909903 1177 / tcp

660175493 | 2024-05-10T04:06:53.287579 1200 / tcp

-1399940268 | 2024-05-19T18:17:21.334311 1234 / tcp

-1760806421 | 2024-05-21T23:05:58.706661 1337 / tcp

1615193817 | 2024-05-03T17:20:31.677229 1344 / tcp

49107754 | 2024-05-06T16:19:26.245254 1433 / tcp

-1453516345 | 2024-05-23T09:53:20.262102 1471 / tcp

819727972 | 2024-05-21T17:47:28.066957 1515 / tcp

-1999117212 | 2024-05-20T06:55:52.839413
11 / tcp

1412519768 | 2024-05-14T05:06:06.415063
13 / tcp

-971970408 | 2024-05-20T05:25:43.173556
15 / tcp

-1296032851 | 2024-05-21T15:33:56.048544
17 / tcp

1978059005 | 2024-05-20T16:14:07.437274
19 / tcp

179309064 | 2024-04-25T11:54:06.884277
21 / tcp

-2107996212 | 2024-05-16T15:33:42.599648
23 / tcp

-1399940268 | 2024-04-29T11:19:52.202727
24 / tcp

-1316491703 | 2024-05-22T15:19:09.409707
25 / tcp

1518650537 | 2024-05-13T11:45:54.178470
37 / tcp

1690634669 | 2024-05-21T00:10:39.753044
43 / tcp

-1056270173 | 2024-04-28T02:12:10.501420
49 / tcp

1369632081 | 2024-05-06T08:13:27.740177
53 / tcp

-972699072 | 2024-04-27T08:08:25.645975
70 / tcp

-1264324149 | 2024-05-13T22:33:18.517582
79 / tcp

-1986916590 | 2024-05-05T23:51:11.099656
80 / tcp

-1392039491 | 2024-04-27T11:01:52.269150
81 / tcp

996960436 | 2024-05-19T09:59:10.213844
82 / tcp

1286504516 | 2024-04-26T13:31:54.444291
84 / tcp

1911457608 | 2024-05-05T09:48:37.182931
90 / tcp

380146262 | 2024-05-23T08:43:47.152285
102 / tcp

401555314 | 2024-05-13T23:41:09.617809
104 / tcp

1830187220 | 2024-05-17T18:14:32.078971
110 / tcp

996960436 | 2024-05-08T19:43:24.215363
111 / tcp

-832380282 | 2024-05-12T03:37:05.546360
113 / tcp

-1958992631 | 2024-05-17T06:54:29.142854
119 / tcp

819727972 | 2024-05-17T18:07:49.168537
122 / tcp

-382990917 | 2024-05-21T16:50:02.971529
143 / tcp

-1399940268 | 2024-05-06T00:42:50.334596
175 / tcp

-399606100 | 2024-05-21T16:59:15.645595
179 / tcp

2087396567 | 2024-05-22T14:07:38.357445
195 / tcp

-1140468363 | 2024-05-10T20:21:33.103479
221 / tcp

-1022036431 | 2024-05-22T10:53:54.961751
264 / tcp

-1547976805 | 2024-05-20T02:30:05.387575
311 / tcp

-802714280 | 2024-05-09T04:16:56.470526
340 / tcp

-1907080992 | 2024-05-22T15:53:50.464803
389 / tcp

-349937125 | 2024-05-16T11:39:51.640382
427 / tcp

1349873352 | 2024-05-10T03:43:32.520343
443 / tcp

-1607991612 | 2024-05-06T23:52:35.645291
444 / tcp

897328069 | 2024-05-19T15:22:28.190128
465 / tcp

-1888448627 | 2024-05-21T23:09:20.405333
491 / tcp

1911457608 | 2024-05-23T07:03:45.296520
502 / tcp

-1888448627 | 2024-05-14T12:28:30.581738
503 / tcp

-375604792 | 2024-05-01T02:52:50.952474
515 / tcp

444328471 | 2024-05-18T12:31:53.213954
548 / tcp

-927382641 | 2024-05-23T13:20:22.235051
554 / tcp

745343730 | 2024-05-19T07:48:43.019060
587 / tcp

-1805329632 | 2024-04-28T19:53:01.749641
593 / tcp

178736976 | 2024-05-11T09:35:59.334212
631 / tcp

1732481781 | 2024-05-20T15:41:48.788356
636 / tcp

1300162323 | 2024-05-18T00:57:01.113190
666 / tcp

-1810987450 | 2024-05-19T22:03:51.623985
771 / tcp

-1099385124 | 2024-04-28T20:30:19.153872
789 / tcp

1911457608 | 2024-05-22T19:23:58.952443
805 / tcp

-1970692834 | 2024-05-14T09:15:08.693614
873 / tcp

1956828827 | 2024-05-13T00:05:36.856846
902 / tcp

-936692830 | 2024-05-10T15:00:14.992580
992 / tcp

819727972 | 2024-05-14T13:05:44.047415
993 / tcp

-740312032 | 2024-05-16T20:58:13.029972
995 / tcp

-1681927087 | 2024-05-21T00:51:00.932811
1023 / tcp

2033888749 | 2024-05-05T18:56:14.482036
1024 / tcp

599074451 | 2024-05-23T16:59:23.272641
1025 / tcp

1911457608 | 2024-05-13T08:42:19.172420
1029 / tcp

1396488228 | 2024-04-28T18:01:43.187934
1099 / tcp

819727972 | 2024-05-18T12:56:29.364072
1153 / tcp

996960436 | 2024-05-23T06:10:29.909903
1177 / tcp

660175493 | 2024-05-10T04:06:53.287579
1200 / tcp

-1399940268 | 2024-05-19T18:17:21.334311
1234 / tcp

-1760806421 | 2024-05-21T23:05:58.706661
1337 / tcp

1615193817 | 2024-05-03T17:20:31.677229
1344 / tcp

49107754 | 2024-05-06T16:19:26.245254
1433 / tcp

-1453516345 | 2024-05-23T09:53:20.262102
1471 / tcp

819727972 | 2024-05-21T17:47:28.066957
1515 / tcp

1975288991 | 2024-05-20T08:46:32.021969
1521 / tcp

-1626979812 | 2024-05-22T20:53:37.224983
1599 / tcp

-971970408 | 2024-05-16T21:54:06.109843
1604 / tcp

921225407 | 2024-05-20T14:41:48.454514
1650 / tcp

1103582599 | 2024-05-23T18:15:19.688054
1723 / tcp

-1399940268 | 2024-05-23T09:54:25.085964
1800 / tcp

1692069329 | 2024-05-22T05:11:45.965296
1801 / tcp