GeneralInformation

Hostnames	wwwcache.10219.com wwwhost-ox001.10219.com anqi9988.1688.com axjanja.1688.com fvzebogs.1688.com shog1419612529462.1688.com shog1442508391642.1688.com shog3078o27060063.1688.com shop47797351729o3.1688.com shop6239730h56062.1688.com szdyyyxs.1688.com vidigod.1688.com xiaofen17.1688.com xvsheng0710.1688.com yhnkwj.1688.com ysn1288.1688.com ytenrvbber.1688.com config.56xiniao.com attg.ojibobo-ina.aon.alibaba-inc.com bvddho.ojibobo-ina.aon.alibaba-inc.com dotov.ojibobo-ina.aon.alibaba-inc.com ornor.ojibobo-ina.aon.alibaba-inc.com heno.stors.ojibobo-ina.aon.alibaba-inc.com svnort.stors.ojibobo-ina.aon.alibaba-inc.com xbootogs.ojibobo-ina.aon.alibaba-inc.com buc-test-qier.alibaba-inc.com dsq.alibaba-inc.com iperformance2.alibaba-inc.com hhpai-dsw-dsw56392-80.pcs-svr.alibaba-inc.com bvahvon.en.alibaba.com 123.fn.alibaba.com qt-changeplatform.alibaba.net acs-mum.alibabachengdun.com ens-network-sqos-hybrid.alicdn.com 119152.aliexpress.com connect.aliexpress.com merrys.pt.aliexpress.com 1111.alimama.com sec.alimama.com www22.aliwork.com ob-gre.ojiyvn-ina.aon.aliyun-inc.com soghon-event.ojiyvn-ina.aon.aliyun-inc.com gre.netria-ans.v3.ojiyvn-ina.aon.aliyun-inc.com yvndvn-idi-server.ojiyvn-ina.aon.aliyun-inc.com adsprobe.aliyun.com ai-op.aliyun.com alimama2.aliyun.com aloc-offline.aliyun.com dns.aonsoje.aliyun.com iot.ap-southeast-1.aliyun.com api.aliyun.com aurora2.aliyun.com bi.aliyun.com 08yt.blog.china.aliyun.com bff-cn-shanghai-finance-1.data.aliyun.com huagangshoushi.aliyun.com linkgn-useast-internal.aliyun.com moss-resource-api-tisplus-online.aliyun.com odins.aliyun.com zb-dsw-dsw50440-80.pcs-svr.aliyun.com poctest-qwerasdf.aliyun.com pre-quanxi-qa-tlog.aliyun.com shop2b0883416a7i9.aliyun.com shop36489204.aliyun.com shop382882869.aliyun.com das.base.shuju.aliyun.com auth.wms.aliyun.com ajovdovth-intj.an-shonghoi.aliyuncs.com eci-vpc.ap-southeast-1.aliyuncs.com doahejg.aliyuncs.com netriahvb-ans-an-beijing.aliyuncs.com cn-beijing.oss.aliyuncs.com qtnetria-shore.aliyuncs.com og-sovtheost-1.ron-internoj.aliyuncs.com m5-zb.amap.com nextci.amap.com xmap-alg-deploy-prepub.amap.com pre-apollo.cainiao-inc.com services-iss-sh.cainiao-inc.com b-manage.gfn.cainiao.com manage-cmscn.gfn.cainiao.com task.cainiao.com win.cainiao.com link.wt.cainiao.com hm1.cnzz.com ops.danniao.com api.dingtalk.com lpdv5.ele.me www.zqlgzly-9.fliggy.com www.yx.fusion.design survey.goofish.com api.ascp-fresh-produce.hemayx.cn huasuzx.com mail.hzqzhcs.com astore-alsc-l100crm.koubei.com api-th.lazada-seller.cn sellercenter-vn.lazada-seller.cn acs-m-sg.lazada.co.id admin.lazada.co.id new-university.lazada.co.id lighthouse.lazada.co.th alimebot.lazada.com booking-th.lazada.com p-p.dev-arise.lazada.com pre-ids-gpcb.lazada.com least.lazada.com.my logistics.lazada.com.my psc-alimebot.lazada.com.my sellercenter.lazada.com.my login.sellercenter.lazada.com.my u.lazada.com.my psc-alimebot.lazada.com.ph m.sellercenter.lazada.com.ph filebroker-src-staging.lazada.sg p-p.lazada.sg stp.lazada.sg sug.lazada.sg admin-p.lazada.vn university.lazada.vn map-vn.lel.asia www.lex.co.id 10yuankaihutiyanjin-okta-network-drookings-mirror.accept.lex.vn nrcm.lydaas.com www2s.mashort.cn console-fc.alpha.redmart.com stars.shuqireader.com cloudinter-linkgateway.sto.cn mail.sunwayworld.com dod-tiger.taobao.com gigsijk.taobao.com gvonghe.taobao.com hovonojogin.taobao.com nedretoij.norketingbox.taobao.com ojiaert.taobao.com shog36236233.taobao.com shog36237394.taobao.com shog36308341.taobao.com shog36315220.taobao.com shog36346889.taobao.com shog36600642.taobao.com shog36621603.taobao.com shog36639928.taobao.com shog36977584.taobao.com shop36441480.taobao.com shop36579394.taobao.com shop36674442.taobao.com shop36820160.taobao.com ajiak.nz.sinbo.taobao.com vjond.taobao.com yqza.taobao.com ocache.taobao.net opsx.vip.tbsite.net brito.tmall.com detoij.tmall.com fengyvsn.tmall.com jielitushu.tmall.com survey.tmall.com txd-goge-bvijder.tmall.com h5api.m.tmall.hk mail.wondfo.com.cn www4.bubastis.xixikf.cn www8.crayola.xixikf.cn www8.cwh.xixikf.cn zhijinbao.net
Domains	10219.com 1688.com 56xiniao.com alibaba-inc.com alibaba.com alibaba.net alibabachengdun.com alicdn.com aliexpress.com alimama.com aliwork.com aliyun-inc.com aliyun.com aliyuncs.com amap.com cainiao-inc.com cainiao.com cnzz.com danniao.com dingtalk.com ele.me fliggy.com fusion.design goofish.com hemayx.cn huasuzx.com hzqzhcs.com koubei.com lazada-seller.cn lazada.co.id lazada.co.th lazada.com lazada.com.my lazada.com.ph lazada.sg lazada.vn lel.asia lex.co.id lex.vn lydaas.com mashort.cn redmart.com shuqireader.com sto.cn sunwayworld.com taobao.com taobao.net tbsite.net tmall.com tmall.hk wondfo.com.cn xixikf.cn zhijinbao.net
Country	China
City	Beijing
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

JavaScript frameworks

Prototype

JavaScript libraries

YUI

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2024-23897	7.5Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
CVE-2023-5824	Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug.
CVE-2023-51767	OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
CVE-2023-51385	In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
CVE-2023-51384	In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
CVE-2023-50269	Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to perform Denial of Service attack by sending a large X-Forwarded-For header when the follow_x_forwarded_for feature is configured. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives.
CVE-2023-49288	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with "collapsed_forwarding on" are vulnerable. Configurations with "collapsed_forwarding off" or without a "collapsed_forwarding" directive are not vulnerable. This bug is fixed by Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should remove all collapsed_forwarding lines from their squid.conf.
CVE-2023-49286	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-49285	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-48795	The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
CVE-2023-46847	Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
CVE-2023-46846	SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.
CVE-2023-46728	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1. Responses triggering this bug are possible to be received from any gopher server, even those without malicious intent. Gopher support has been removed in Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should reject all gopher URL requests.
CVE-2023-46724	Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages.
CVE-2023-38408	The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
CVE-2023-37582	The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. When NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. It is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.
CVE-2023-33246	9.8RocketMQ versions 5.1.0 and below are vulnerable to Arbitrary Code Injection
CVE-2022-41318	A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a client. This is fixed in 5.7.
CVE-2021-46784	In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
CVE-2021-41617	4.4sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
CVE-2021-36368	2.6An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.
CVE-2021-33620	4.0Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.
CVE-2021-31808	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this.
CVE-2021-31807	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent.
CVE-2021-31806	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy) via HTTP Range request processing.
CVE-2021-28652	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short query string. This attack is limited to clients with Cache Manager API access privilege.
CVE-2021-28651	5.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that can easily trigger a large amount of memory consumption.
CVE-2021-28116	4.3Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.
CVE-2020-8517	5.0An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being terminated unexpectedly. This leads to the Squid process also terminating and a denial of service for all clients using the proxy.
CVE-2020-8450	7.5An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.
CVE-2020-8449	5.0An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.
CVE-2020-25097	5.0An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.
CVE-2020-24606	7.1Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF.
CVE-2020-15811	4.0An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the browser cache and any downstream caches with content from an arbitrary source. Squid uses a string search instead of parsing the Transfer-Encoding header to find chunked encoding. This allows an attacker to hide a second request inside Transfer-Encoding: it is interpreted by Squid as chunked and split out into a second request delivered upstream. Squid will then deliver two distinct responses to the client, corrupting any downstream caches.
CVE-2020-15810	3.5An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the proxy cache and any downstream caches with content from an arbitrary source. When configured for relaxed header parsing (the default), Squid relays headers containing whitespace characters to upstream servers. When this occurs as a prefix to a Content-Length header, the frame length specified will be ignored by Squid (allowing for a conflicting length to be used from another Content-Length header) but relayed upstream.
CVE-2020-15778	6.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."
CVE-2020-15049	6.5An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an uncommon shell whitespace character prefix to the length field-value.
CVE-2020-14145	4.3The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
CVE-2020-14058	5.0An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. This occurs because unrecognized error values are mapped to NULL, but later code expects that each error value is mapped to a valid error string.
CVE-2020-11945	7.5An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if the pooled token credentials are freed (instead of replayed as valid credentials).
CVE-2019-6111	5.8An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
CVE-2019-6110	4.0In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
CVE-2019-6109	4.0An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
CVE-2019-18860	4.3Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.
CVE-2019-18679	5.0An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
CVE-2019-18678	5.0An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon.
CVE-2019-18677	5.8An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to.
CVE-2019-18676	5.0An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote client that can reach the proxy port can trivially perform the attack via a crafted URI scheme.
CVE-2019-16905	4.4OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.
CVE-2019-13345	4.3The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.
CVE-2019-12529	4.3An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checking its table. The length is then used to start decoding the string. There are no checks to ensure that the length it calculates isn't greater than the input buffer. This leads to adjacent memory being decoded as well. An attacker would not be able to retrieve the decoded data unless the Squid maintainer had configured the display of usernames on error pages.
CVE-2019-12528	5.0An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.
CVE-2019-12526	7.5An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data overflowing in the heap.
CVE-2019-12525	7.5An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.
CVE-2019-12524	7.5An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource.
CVE-2019-12523	6.4An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e.g., an attacker can connect to HTTP servers that only listen on localhost.
CVE-2019-12522	4.4An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.
CVE-2019-12521	4.3An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing.
CVE-2019-12520	5.0An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo (username and password) for certain protocols. This decoded info is prepended to the domain. This allows an attacker to provide a username that has special characters to delimit the domain, and treat the rest of the URL as a path or query string. An attacker could first make a request to their domain using an encoded username, then when a request for the target domain comes in that decodes to the exact URL, it will serve the attacker's HTML instead of the real HTML. On Squid servers that also act as reverse proxies, this allows an attacker to gain access to features that only reverse proxies can use, such as ESI.
CVE-2019-12519	7.5An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.
CVE-2018-20685	2.6In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2018-19132	4.3Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.
CVE-2018-19131	4.3Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.
CVE-2018-15919	5.0Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'
CVE-2018-15473	5.0OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
CVE-2018-1000027	5.0The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.
CVE-2018-1000024	5.0The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.
CVE-2017-15906	5.0The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
CVE-2016-4556	5.0Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.
CVE-2016-4555	5.0client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.
CVE-2016-4554	5.0mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.
CVE-2016-4553	5.0client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.
CVE-2016-4054	6.8Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses.
CVE-2016-4053	4.3Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.
CVE-2016-4052	6.8Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes (ESI) responses.
CVE-2016-4051	6.8Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data.
CVE-2016-3948	5.0Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.
CVE-2016-3947	7.5Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log files via an ICMPv6 packet.
CVE-2016-3115	5.5Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.
CVE-2016-2390	4.3The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows remote attackers to cause a denial of service (application crash) via a plaintext HTTP message.
CVE-2016-20012	4.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product
CVE-2016-1908	7.5The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
CVE-2016-10708	5.0sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
CVE-2016-10012	7.2The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.
CVE-2016-10011	2.1authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
CVE-2016-10010	6.9sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
CVE-2016-10009	7.5Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
CVE-2016-10003	5.0Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.
CVE-2016-10002	5.0Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information.
CVE-2016-0777	4.0The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
CVE-2015-6564	6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.
CVE-2015-6563	1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.
CVE-2015-5600	8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.
CVE-2015-5352	4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.
CVE-2014-2653	5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
CVE-2014-2532	5.8sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
CVE-2014-1692	7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.
CVE-2012-0814	3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
CVE-2011-5000	3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
CVE-2011-4327	2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
CVE-2010-5107	5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
CVE-2010-4755	4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
CVE-2010-4478	7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
CVE-2008-3844	9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
CVE-2007-2768	4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 15 17 19 21 23 25 37 43 49 70 79 80 81 82 83 91 102 110 111 113 119 135 143 175 179 195 211 221 264 311 389 427 443 444 502 503 515 548 554 587 593 631 636 666 771 789 830 873 902 992 993 995 1023 1024 1025 1099 1153 1177 1200 1234 1337 1400 1433 1494 1515 1521 1599 1604 1723 1800 1883 1911 1926 1962 2000 2002 2006 2008 2062 2067 2081 2082 2083 2087 2121 2181 2222 2223 2323 2332 2345 2351 2376 2404 2455 2506 2548 2549 2559 2569 2628 2761 2762 3001 3050 3061 3062 3068 3069 3073 3077 3101 3104 3260 3268 3269 3299 3301 3306 3310 3388 3389 3402 3542 3550 3551 3552 3562 3563 3689 3780 4000 4022 4040 4063 4064 4157 4242 4282 4321 4369 4433 4443 4444 4500 4505 4506 4524 4643 4646 4782 4786 4840 4848 4899 4911 4949 5001 5004 5005 5006 5007 5009 5010 5172 5201 5222 5269 5400 5432 5435 5542 5560 5568 5592 5598 5599 5601 5603 5608 5672 5853 5858 5938 5984 5986 6000 6001 6002 6080 6379 6443 6503 6550 6590 6605 6633 6653 6664 6666 6667 6668 6697 7001 7002 7010 7022 7071 7171 7218 7415 7434 7443 7474 7493 7547 7548 7634 7776 8001 8005 8006 8009 8026 8028 8033 8035 8064 8080 8081 8082 8083 8085 8086 8087 8089 8097 8099 8100 8101 8112 8118 8126 8139 8140 8181 8200 8236 8241 8249 8291 8333 8401 8404 8420 8429 8443 8448 8500 8545 8554 8586 8649 8728 8801 8808 8811 8819 8824 8834 8871 8874 8876 8880 8889 8988 9001 9002 9011 9018 9030 9036 9037 9042 9047 9048 9051 9088 9091 9092 9095 9100 9104 9105 9107 9111 9151 9160 9201 9203 9210 9216 9220 9295 9300 9305 9306 9418 9530 9595 9600 9633 9761 9876 9943 9950 9966 9981 9992 9998 9999 10000 10001 10134 10250 10443 10554 10909 10911 11000 11112 11210 11211 11300 11371 12000 12345 13579 14147 14265 14344 16010 16030 16993 18081 18245 18553 19000 19071 20000 20256 20547 21025 21379 23023 23424 25001 25565 27015 27017 28015 28017 30002 31337 32400 32764 33060 35000 37777 41800 44158 44818 49152 50000 50070 50100 51106 51235 54138 55000 55443 55553 55554 60001 60010 60129 61613 61616 62078 65522

1492413928 | 2024-04-26T15:14:17.299061

11 / tcp

SSH-2.0-OpenSSH_7.5

291723434 | 2024-05-01T07:30:21.966647

13 / tcp


Lantronix MSS100 Version V118/523(045538937)

Type HELP at the 'Local_61349> ' prompt for assistance.



Username>

819727972 | 2024-05-09T07:08:52.865206

15 / tcp

SSH-2.0-OpenSSH_7.4

5698739 | 2024-05-09T14:33:40.394136

17 / tcp

"We have no more right to consume happiness without producing it than to
 consume wealth without producing it." George Bernard Shaw (1856-1950)
\x00

829384519 | 2024-04-23T10:45:42.752522

19 / tcp

 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefg
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUV

1564456597 | 2024-05-10T21:10:52.129074

21 / tcp

220 Firewall Authentication required before proceeding with service

-2107996212 | 2024-05-07T08:28:49.634624

23 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

-2089734047 | 2024-05-10T17:37:42.160114

25 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1288534451 | 2024-05-08T14:50:06.266048

37 / tcp

\\xe9XuK

1412519768 | 2024-05-01T17:56:22.534102

43 / tcp

"AP0F1D85"
Connection: close

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR

-801484042 | 2024-05-11T17:43:45.140520

49 / tcp

ERR 27

-1056270173 | 2024-05-03T05:02:22.660879

70 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close

-746345752 | 2024-05-12T00:42:50.393712

79 / tcp

¥A\x01,\x02L\x08Connectx\x0857222

910877335 | 2024-05-02T10:03:22.047285

80 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Thu, 02 May 2024 10:03:21 GMT
Content-Type: application/xml
Content-Length: 366
Connection: keep-alive
x-oss-request-id: 663364E9352E0D3831AF0CF8
x-oss-server-time: 23
x-oss-ec: 0003-00000905

-1665643483 | 2024-05-06T12:28:36.033145

81 / tcp

HTTP/1.1 200 
Accept-Ranges: bytes
Content-Type: text/html;charset=UTF-8
Content-Length: 391
Connect-To: https://qd-gatway.aliyuncs.com/table/tree-land/nacos/

2033888749 | 2024-04-17T01:59:49.856390

82 / tcp

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

-321444299 | 2024-05-02T04:47:46.328640

83 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

-1327660293 | 2024-04-25T22:12:35.770525

91 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

-653033013 | 2024-05-05T03:43:37.467053

102 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

165188539 | 2024-05-06T21:01:38.570696

110 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-53360811 | 2024-04-16T23:15:38.045747

111 / tcp

Portmap
Program	Version	Protocol	Port
1633904741	759394158	1953656684	975203951
1751452228	172191598	1852138356	1768910394
1936002314	1131376244	1701737517	1417244773

455076604 | 2024-05-09T11:45:24.198181

113 / tcp

!\x07version\x04bind7 t{RPowerDNS Recursor 410

-2107996212 | 2024-04-29T13:09:25.501769

119 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

-646274631 | 2024-04-20T18:37:46.708486

135 / tcp

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: user-PC\n IP2: 192.168.1.104\n IP3: 220.129.89.73\n IP4: 2001:b011:3009:904e:d83e:3f80:66e3:747\n IP5: 2001:b011:3009:904e:901d:7e1d:524b:cf68\n IP6: 2001:b011:3009:ec00:d8a9:208f:6a7e:b9c3\n\nNTLMSSP:\nTarget_Name: USER-PC\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: USER-PC\nNetBIOS_Computer_Name: USER-PC\nDNS_Domain_Name:

-829824006 | 2024-05-06T04:45:37.397521

143 / tcp

* OK Coremail System IMap Server Ready(mispb-5f781434-d784-4cb6-b7ab-91be09a0f2d6-peony.cn[ccf14d07de0680199ac3995dd82c09e7])\r\n

-1248408558 | 2024-04-13T10:58:41.392960

175 / tcp

220 MikroTik FTP server (MikroTik 6.44.3) ready

945910976 | 2024-05-10T23:28:30.548951

179 / tcp

* OK TeamXchange IMAP4rev1 server (otyUg) ready.\r\n

-1316398834 | 2024-04-30T04:54:47.269954

195 / tcp

ÿ

1623746877 | 2024-05-11T06:32:43.180659

211 / tcp

500 Permission denied - closing connection.\r\n

-1428621233 | 2024-05-07T04:14:09.492874

221 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

1672388472 | 2024-05-07T17:56:26.691442

264 / tcp

CheckPoint\nFirewall Host: ADAPCN156FW02\nSmartCenter Host: adluprdfwmgt01..zjz4qa\\x00\n

-1547976805 | 2024-05-06T11:10:03.225376

311 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: close

-1743283776 | 2024-04-24T21:28:01.839402

389 / tcp

0\x0c\\x02\\x01\\x01a\\x07\n\\x01\\x04\\x04

-826599962 | 2024-05-06T20:05:38.550181

427 / tcp

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://localhost.localdomain\nScopeList: default\nAttrributeList: \n\n

-1746318326 | 2024-05-02T13:52:53.210938

443 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Thu, 02 May 2024 13:52:52 GMT
Content-Type: application/xml
Content-Length: 366
Connection: keep-alive
x-oss-request-id: 66339AB4AF1C2D30304AC428
x-oss-server-time: 14
x-oss-ec: 0003-00000905

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:c2:fa:4a:79:04:be:34:6d:b7:91:6b
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: Feb 18 11:45:02 2024 GMT
            Not After : Oct 15 03:16:01 2024 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=cn-beijing.oss.aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cb:fd:cb:7f:5f:49:ee:e8:d9:d0:d6:53:d0:a5:
                    88:fd:fc:56:3c:06:76:2d:ad:ee:c9:65:e1:8c:fd:
                    ee:ef:a1:a2:34:db:d3:65:1e:4a:9c:f7:9d:a6:ad:
                    fa:a7:b3:1a:8b:45:f7:13:2a:26:24:9c:50:28:92:
                    25:54:45:fc:d2:2e:17:7d:c1:47:45:a1:39:bf:ce:
                    7e:f2:8b:d7:69:2c:b6:94:3f:5c:fc:a9:6e:c3:bd:
                    a5:a9:f3:6e:65:55:50:ba:b2:8a:df:ee:e9:50:a7:
                    81:b5:5f:3a:96:f9:74:c3:8a:54:51:d7:eb:02:1c:
                    58:33:e6:a0:ea:12:10:52:63:c9:df:03:84:cf:a3:
                    15:9c:50:7b:5e:6e:42:0f:3d:bd:33:3c:f6:6a:eb:
                    be:30:24:30:72:cb:84:a8:e9:17:aa:6a:45:f8:12:
                    c2:a1:78:0d:31:f0:45:2b:32:2f:ff:98:a3:03:a2:
                    5a:b0:8d:e2:d5:ce:e1:35:56:0b:0a:f8:11:bf:18:
                    44:f7:b8:7b:a0:a0:eb:1d:8d:cf:e8:cc:cf:c4:c5:
                    54:69:59:53:e1:ee:51:79:04:67:86:cf:8b:e5:c6:
                    88:a8:cc:9e:61:75:91:90:b5:8a:af:4c:a2:8d:57:
                    14:8a:f6:54:fb:1e:71:e5:09:e3:0a:12:df:34:8d:
                    d5:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
            X509v3 Subject Alternative Name: 
                DNS:cn-beijing.oss.aliyuncs.com, DNS:*.cn-beijing.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-beijing.aliyuncs.com, DNS:*.s3.oss-cn-beijing-internal.aliyuncs.com, DNS:*.cn-beijing.mgw.aliyuncs.com, DNS:*.oss.cn-beijing.privatelink.aliyuncs.com, DNS:*.oss-cn-beijing.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-accesspoint.aliyuncs.com, DNS:*.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing.aliyuncs.com, DNS:*.img-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-internal-cross.aliyuncs.com, DNS:*.oss-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-cross.aliyuncs.com, DNS:*.img-cn-beijing.aliyuncs.com, DNS:*.vpc100-oss-cn-beijing.aliyuncs.com, DNS:*.cn-beijing.oss.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h-cross.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub.aliyuncs.com, DNS:*.cn-beijing-finance.oss.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1.aliyuncs.com, DNS:*.cn-beijing-finance-1.oss.aliyuncs.com, DNS:*.cn-beijing-vpc.oss.aliyuncs.com, DNS:*.oss-enet-cm.aliyuncs.com, DNS:*.oss-enet-cu.aliyuncs.com, DNS:*.oss-enet-ct.aliyuncs.com, DNS:*.oss-enet-cn-north.aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.oss-enet.aliyuncs.com, DNS:*.oss-internal.aliyuncs.com, DNS:*.oss-internal.aliyun-inc.com, DNS:*.oss-accelerate.aliyuncs.com, DNS:*.oss-accelerate-overseas.aliyuncs.com, DNS:*.s3.oss-accelerate.aliyuncs.com, DNS:*.s3.oss-accelerate-overseas.aliyuncs.com, DNS:*.cn-beijing-cross.mgw.aliyuncs.com, DNS:*.oss.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            X509v3 Subject Key Identifier: 
                C1:58:AC:32:69:71:BB:67:42:6C:42:FE:14:E5:57:72:91:C1:82:D6
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Feb 18 11:45:04.957 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:15:EB:B8:83:D7:F7:A8:EA:1C:1D:44:69:
                                0D:C2:0C:E6:46:F3:EA:4D:D4:BA:C1:F1:33:E5:11:01:
                                3F:3A:60:1F:02:21:00:F9:E3:AA:10:52:02:17:D8:C9:
                                82:69:E9:8F:02:B9:E4:87:FD:81:43:CE:C5:3F:1E:8E:
                                3B:D2:A2:8F:D6:D8:B0
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Feb 18 11:45:04.981 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:83:A9:BA:8E:BC:5C:65:C7:88:3F:9A:
                                1C:0A:68:2A:7B:FE:05:7E:89:8E:C1:AB:BA:6A:D4:41:
                                EF:3D:31:99:EE:02:20:04:46:7E:3B:0A:E2:A2:6F:6B:
                                81:66:9A:A1:A3:D7:9C:5E:BF:EA:7E:1F:D6:F9:28:17:
                                D6:E5:CA:A9:B7:0D:63
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Feb 18 11:45:04.953 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E2:B8:E4:4E:C3:59:23:E0:DB:E4:31:
                                DA:74:71:16:E3:26:46:8F:CA:EB:B2:3F:8D:0B:2F:0D:
                                EF:0A:DA:39:98:02:20:3D:8B:BE:C4:24:72:BE:51:B0:
                                B0:C1:B7:90:B3:9E:C8:F8:75:8C:0D:12:5A:12:87:6E:
                                71:52:1D:BE:A8:3B:96
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        14:86:2a:78:c4:ab:69:86:d0:b2:ec:6c:bf:6f:33:ac:c1:d8:
        18:c7:3e:da:d9:ca:01:a5:54:67:a8:fb:7d:41:6b:f5:9e:ea:
        e3:98:63:ee:3e:b8:87:69:3a:98:8d:dc:62:af:02:c3:0a:b4:
        75:52:90:7e:ae:18:1b:5e:88:27:69:de:15:c1:76:37:96:3b:
        db:c4:ac:43:0b:5b:36:fb:62:b3:d7:8c:66:8f:d3:da:b4:6b:
        86:f5:c6:02:06:3d:dd:5b:01:99:a8:74:7f:af:c3:9c:bb:d6:
        9d:98:cb:3c:3d:12:6e:b1:53:29:1d:6d:a7:0f:4c:82:f7:84:
        4f:57:15:9c:9b:a5:91:4b:1d:33:55:c8:f5:06:7d:74:92:63:
        5c:a8:33:ea:25:43:5d:08:10:87:94:a9:92:b3:13:d2:ce:8d:
        6d:8f:31:ac:5d:06:b9:eb:f7:e1:a7:36:4f:14:4e:3e:a4:e6:
        d2:4d:f8:74:a8:62:a4:84:4a:04:7e:c4:6e:b4:84:83:2c:cc:
        c3:ff:54:0d:9c:3c:8b:5a:22:af:12:b5:7d:e6:24:9d:f5:a6:
        28:60:8b:ff:f2:ce:62:85:c3:4a:a8:40:29:85:07:2e:0b:a4:
        c1:d0:dc:23:02:f4:24:1d:f5:84:c8:73:3e:bf:f9:3d:63:06:
        9f:10:1b:e8

-153948442 | 2024-05-05T04:56:45.480403

444 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.22.1
Date: Sun, 05 May 2024 04:56:27 GMT
Content-Type: text/html
Content-Length: 157
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

1726594447 | 2024-05-04T21:10:15.279643

502 / tcp

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

745343730 | 2024-05-11T13:37:32.369864

503 / tcp

220 smtp.qq.com Esmtp QQ Mail Server

1690634669 | 2024-05-03T06:42:10.626980

515 / tcp

-1769206458 | 2024-05-03T12:27:01.500762

548 / tcp

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: NASDF59D2\nMachine Type: \\x10Netatalk3.1.9.q2\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: DHX2\\x0f,No User Authent\\x10,Cleartxt Passwrd\\x00\nServer Signature: 00000000008002000180030002800280

285770450 | 2024-04-24T19:57:34.355416

554 / tcp

RTSP/1.0 401 Unauthorized
CSeq: 1

-1387531546 | 2024-05-08T10:21:19.681058

587 / tcp

220 ESMTP MAIL Server\r\n250-mail.sunnywheel.com.tw\r\n250-PIPELINING\r\n250-SIZE 25600000\r\n250-VRFY\r\n250-ETRN\r\n250-STARTTLS\r\n250-AUTH PLAIN LOGIN\r\n250-ENHANCEDSTATUSCODES\r\n250-8BITMIME\r\n250-DSN\r\n250-SMTPUTF8\r\n250 CHUNKING\r\n502 5.5.2 Error: command not recognized\r\n

1308377066 | 2024-05-10T11:07:36.688563

593 / tcp

ncacn_http/1.0

178736976 | 2024-05-01T13:32:32.896112

631 / tcp

SSH-58-Ingrian_SSH

-1036370807 | 2024-05-08T00:28:58.361105

636 / tcp

JDWP-Handshake

-1420968138 | 2024-05-06T22:10:50.117680

666 / tcp

HTTP/1.0 200 OK
Server: SonicWALL
Expires: -1
Cache-Control: no-cache
Content-type: text/html; charset=UTF-8;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains

921225407 | 2024-05-11T14:51:09.234167

771 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

-1888448627 | 2024-05-03T02:30:38.618855

789 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

103159425 | 2024-04-25T03:10:25.966035

830 / tcp

SSH-1.99-RGOS_SSH

-1970692834 | 2024-05-10T03:11:53.507405

873 / tcp

@RSYNCD: 31.0\n@RSYNCD: EXIT\n

1956828827 | 2024-04-13T14:54:07.830762

902 / tcp

220 VMware Authentication Daemon Version 1.10: SSL Required, Se
rverDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t

-936692830 | 2024-04-28T02:38:27.516273

992 / tcp

HTTP/1.1 202 OK
Connection: Keep-Alive
Content-Type: text/html
Keep-Alive: timeout=15; max=19

-1699556818 | 2024-04-26T16:49:05.911142

993 / tcp

\x01remshd: Kerberos Authentication not enabled.\n

-1489591880 | 2024-05-04T04:58:14.625569

995 / tcp

+OK MS OK\r\n

1632932802 | 2024-05-07T17:50:17.197193

1023 / tcp

-1316491703 | 2024-05-12T00:18:54.188476

1024 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready

-339084706 | 2024-05-03T12:47:23.787067

1025 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

-1399940268 | 2024-04-27T03:56:48.755978

1099 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1986594217 | 2024-05-01T20:56:16.387564

1153 / tcp

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

2087396567 | 2024-04-30T17:00:02.837281

1177 / tcp

kjnkjabhbanc283ubcsbhdc72

1830697416 | 2024-05-10T04:14:02.548620

1200 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

1574088840 | 2024-05-10T02:51:55.432165

1234 / tcp

">Application and Content Networking Software 3.9</a>)\n</BODY><

2087396567 | 2024-05-05T06:36:16.343533

1337 / tcp

kjnkjabhbanc283ubcsbhdc72

-1023516719 | 2024-05-09T10:33:56.769251

1400 / tcp

ã

KvInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

-325802316 | 2024-05-09T20:06:59.513523

1433 / tcp

MSSQL Server\nVersion: 134219767 (0x80007f7)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: PC-20150816MQOM\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: PC-20150816MQOM\nNetBIOS_Computer_Name: PC-20150816MQOM\nDNS_Domain_Name: PC-20150816MQOM\nDNS_Computer_Name: PC-20150816MQOM\nMsvAvFlags: 01000000\nSystem_Time: 2024-01-22 04:03:26 +0000 UTC\n\n

-42767839 | 2024-05-06T21:53:24.144384

1494 / tcp

RFB 005.000

VNC:
  Protocol Version: 5.0

2087396567 | 2024-05-08T15:01:02.607471

1515 / tcp

kjnkjabhbanc283ubcsbhdc72

-186520940 | 2024-05-11T01:44:19.761743

1521 / tcp

HTTP/1.1

1332894250 | 2024-05-07T19:46:01.105872

1599 / tcp

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

-971970408 | 2024-05-08T13:32:46.366737

1604 / tcp

1103582599 | 2024-04-27T17:34:56.335872

1723 / tcp

Firmware: 1\nHostname: Vigor\nVendor: DrayTek\n

-903067560 | 2024-04-28T03:52:26.646625

1800 / tcp

\x00[\x13)\xc2\x81\x7f\x00\x00

1642597142 | 2024-05-11T10:14:44.657136

1883 / tcp

\x00y\xc3\x90\x02\xc3\xbf\xc3\xbf\x00s\x12L\x00\x06\x11I\x00\x08\x00N\x11S\x00\xc3\x93

-1327660293 | 2024-05-06T09:02:03.435310

1911 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

2087396567 | 2024-04-24T12:28:11.003609

1926 / tcp

kjnkjabhbanc283ubcsbhdc72

1830697416 | 2024-04-30T12:20:50.261590

1962 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

1911457608 | 2024-05-09T15:44:05.906626

2000 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-358801646 | 2024-05-09T14:01:05.628582

2002 / tcp

SSH-2.0-OpenSSH_6.6.1

-1399940268 | 2024-04-27T03:11:53.725621

2006 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

401555314 | 2024-05-10T07:24:59.783493

2008 / tcp

NB[GFXjA^R

-1399940268 | 2024-04-16T20:13:39.243179

2062 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-05-07T17:00:24.986640

2067 / tcp

SSH-2.0-OpenSSH_7.4

-1026951088 | 2024-05-07T23:48:42.731783

2081 / tcp

erro ip

291723434 | 2024-05-08T03:15:38.207627

2082 / tcp


Lantronix MSS100 Version V118/523(045538937)

Type HELP at the 'Local_61349> ' prompt for assistance.



Username>

-2031152423 | 2024-05-09T17:13:34.304227

2083 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

2087396567 | 2024-05-09T03:22:49.563112

2087 / tcp

kjnkjabhbanc283ubcsbhdc72

141730637 | 2024-05-10T13:23:12.205353

2121 / tcp

HTTP/1.0 200 OK
Server: Proxy

546151771 | 2024-05-10T20:11:22.421039

2181 / tcp

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

372433470 | 2024-05-10T20:56:00.375310

2222 / tcp

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

-1476017887 | 2024-04-23T17:34:27.854122

2223 / tcp

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

1662205251 | 2024-05-01T02:08:18.045491

2323 / tcp

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

921225407 | 2024-05-10T02:33:09.301306

2332 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

-1399940268 | 2024-05-03T06:30:58.438345

2345 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-05-06T20:52:11.429050

2351 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-154107716 | 2024-05-09T17:31:22.994020

2376 / tcp

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

-801484042 | 2024-05-11T09:08:30.193725

2404 / tcp

ERR 27

1574088840 | 2024-04-20T03:39:21.600664

2455 / tcp

">Application and Content Networking Software 3.9</a>)\n</BODY><

1282941221 | 2024-05-11T11:06:37.512058

2506 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

-1399940268 | 2024-04-30T11:03:56.932508

2548 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-04-25T22:39:32.987865

2549 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

677934968 | 2024-04-18T16:31:27.232561

2559 / tcp

lm^)Q

819727972 | 2024-04-23T15:35:40.226261

2569 / tcp

SSH-2.0-OpenSSH_7.4

-438503381 | 2024-05-01T16:18:20.446791

2628 / tcp

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

-1013082686 | 2024-05-07T13:01:30.435950

2761 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

-1399940268 | 2024-05-06T21:41:42.436168

2762 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

165188539 | 2024-05-06T07:40:32.741113

3001 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

819727972 | 2024-05-05T23:17:20.845799

3050 / tcp

SSH-2.0-OpenSSH_7.4

1911457608 | 2024-04-26T23:44:26.020491

3061 / tcp

\x00[\x00\x00\x00\x00\x00\x00

410249975 | 2024-05-11T08:22:44.137808

3062 / tcp

LNS READY<>

-1399940268 | 2024-05-03T03:48:15.180838

3068 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

597764502 | 2024-05-02T08:41:04.118182

3069 / tcp

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

1655023012 | 2024-05-09T14:01:25.461884

3073 / tcp

athinfod: invalid query.\n

198844676 | 2024-04-19T18:40:53.623020

3077 / tcp

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

1911457608 | 2024-04-16T18:12:29.925418

3101 / tcp

\x00[\x00\x00\x00\x00\x00\x00

639175818 | 2024-04-26T11:09:14.402437

3104 / tcp

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

-862070606 | 2024-05-04T17:34:16.886994

3260 / tcp

Login Response Success(0x0000)\nKey/Value Pairs\nAuthMethod=None\nTargetAlias=LIO Target\nTargetPortalGroupTag=1\n\n

921482974 | 2024-05-08T05:08:20.304084

3268 / tcp

HTTP/1.1 301 Moved Permanently
Location: /web/index.html
Server: HTTPD
Connection: close
Content-Type: text/html

-358801646 | 2024-05-09T22:25:40.539506

3269 / tcp

SSH-2.0-OpenSSH_6.6.1

2032091466 | 2024-05-10T21:09:08.038246

3299 / tcp

\x01\x0b=\x01\xc3\x80\x06\xc3\xbf\xc3\xbf?"<ZDECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x01\x01

-1045760528 | 2024-05-10T07:55:37.449228

3301 / tcp

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

1801207137 | 2024-04-24T04:16:50.002963

3306 / tcp

F\\x00\\x00\\x00\\xffj\\x04Host \'106.75.96.125\' is not allowed to connect to this MySQL server

321971019 | 2024-05-11T00:23:36.535291

3310 / tcp

-ERR client ip is not in whitelist\r

320677201 | 2024-05-10T08:10:12.428179

3388 / tcp

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

-2036484723 | 2024-05-07T22:08:53.162116

3389 / tcp

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x02\\x1f\\x08\\x00\\x08\\x00\\x00\\x00\n\nGuess_OS:Windows Server 2016 or 2019 or 2022\nFlag: PROTOCOL_HYBRID_EX\n

-2089734047 | 2024-04-23T01:09:33.456568

3402 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1119512965 | 2024-04-27T15:48:25.934897

3542 / tcp

HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
content-encoding: gzip
content-length: 171

-1476017887 | 2024-04-30T20:15:59.707533

3550 / tcp

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

198844676 | 2024-04-15T09:14:47.674915

3551 / tcp

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

1353260875 | 2024-05-03T11:32:43.573003

3552 / tcp

\x00[g\xc2\x95N\x7f\x00\x00

1911457608 | 2024-05-02T04:36:00.097910

3562 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1911457608 | 2024-04-30T01:46:51.667463

3563 / tcp

\x00[\x00\x00\x00\x00\x00\x00

459162008 | 2024-04-17T00:35:11.994436

3689 / tcp

Notify

996960436 | 2024-05-04T01:25:15.375228

3780 / tcp

572 Relay not authorized

-1101712668 | 2024-04-23T05:27:11.172295

4000 / tcp

\\x1e\xc3\x80\\x010\\x02\xc2\xa8\xc3\xa3

2110865978 | 2024-05-06T01:32:34.277434

4022 / tcp

HTTP/1.0 408 Request Timeout
Content-Length: 0

-1344535834 | 2024-05-07T00:15:20.886282

4040 / tcp

HTTP/1.0 200 OK
Server: Proxy

1542849631 | 2024-05-10T16:49:32.400258

4063 / tcp

* OK [CAPABILITY a2,M\] nBwXk2pPP IMAP4rev1 20qx at

740837454 | 2024-04-25T05:52:03.561549

4064 / tcp

SSH-2.0-OpenSSH_5.3

-971970408 | 2024-05-10T09:20:40.408870

4157 / tcp

-1341662640 | 2024-05-04T22:22:09.644260

4242 / tcp

HTTP/1.1 301 Moved Permanently
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

-1900404274 | 2024-05-09T18:28:33.509006

4282 / tcp

Unknown command

-1250504565 | 2024-05-02T17:39:06.907635

4321 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

-2089734047 | 2024-05-04T10:44:16.736107

4369 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-1810987450 | 2024-05-05T08:14:05.472137

4433 / tcp

\xc3\xbf

285437346 | 2024-05-06T16:11:48.220298

4443 / tcp

HTTP/1.1 200 OK
Content-Type: text/xml
X-Transcend-Version: 1
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Frame-Options: deny
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
Clear-Site-Data: "cache","cookies","storage"
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
X-XSS-Protection: 0

819727972 | 2024-05-08T22:00:35.973126

4444 / tcp

SSH-2.0-OpenSSH_7.4

-345718689 | 2024-04-14T22:15:08.157219

4500 / tcp

Vty password is not set.

-1399940268 | 2024-05-09T17:28:38.085131

4505 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1316398834 | 2024-04-27T18:54:36.817163

4506 / tcp

ÿ

-1019343788 | 2024-05-11T22:30:23.042000

4524 / tcp

W!\x00\x00\x00\x00

-1399940268 | 2024-04-23T19:50:59.104470

4643 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1810987450 | 2024-05-08T04:53:04.703318

4646 / tcp

\xc3\xbf

-1344535834 | 2024-05-09T02:29:26.064136

4782 / tcp

HTTP/1.0 200 OK
Server: Proxy

-1230049476 | 2024-05-02T11:37:24.646780

4786 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

-1399940268 | 2024-04-24T11:06:58.287657

4840 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1153991024 | 2024-05-02T12:11:15.205104

4848 / tcp

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic

1741579575 | 2024-05-10T22:33:17.315610

4899 / tcp

1353260875 | 2024-05-11T15:23:34.538580

4911 / tcp

\x00[g\xc2\x95N\x7f\x00\x00

1690634669 | 2024-04-29T13:43:00.124648

4949 / tcp

1741579575 | 2024-04-17T07:14:04.608296

5001 / tcp

819727972 | 2024-05-10T07:25:23.738876

5004 / tcp

SSH-2.0-OpenSSH_7.4

-2140303521 | 2024-05-04T05:04:09.006454

5005 / tcp

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

745343730 | 2024-05-09T03:28:47.882654

5006 / tcp

220 smtp.qq.com Esmtp QQ Mail Server

1911457608 | 2024-05-02T08:50:05.692858

5007 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1182822286 | 2024-04-21T07:45:44.145719

5009 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae237b_dianxun172_7460-1469

-1733645023 | 2024-05-08T04:17:23.721106

5010 / tcp

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

-358801646 | 2024-05-09T10:20:12.604672

5172 / tcp

SSH-2.0-OpenSSH_6.6.1

2063598737 | 2024-04-25T03:37:14.047739

5201 / tcp

/0 0 L\r\n/0 0 HUH\r\n

-971970408 | 2024-05-11T01:50:46.321608

5222 / tcp

1743272246 | 2024-04-16T12:28:01.929741

5269 / tcp

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705940324.547-w-waf01nbzt

-1399940268 | 2024-04-14T13:09:21.548238

5400 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1655023012 | 2024-05-04T21:51:39.018878

5432 / tcp

athinfod: invalid query.\n

-1428621233 | 2024-05-09T01:16:26.516234

5435 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

819727972 | 2024-04-23T23:23:07.260953

5542 / tcp

SSH-2.0-OpenSSH_7.4

60948681 | 2024-05-10T20:33:42.827490

5560 / tcp

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).

-1399940268 | 2024-04-23T22:48:11.775632

5568 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-05-09T21:34:30.186664

5592 / tcp

SSH-2.0-OpenSSH_7.4

1911457608 | 2024-04-22T12:08:55.453192

5598 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1308377066 | 2024-05-10T22:20:17.731072

5599 / tcp

ncacn_http/1.0

-786044033 | 2024-05-02T03:43:12.479167

5601 / tcp

OK Welcome <299685> on DirectUpdate server 7286

-2107996212 | 2024-04-29T13:28:38.454334

5603 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

1830187220 | 2024-05-07T11:52:41.334834

5608 / tcp

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

575925250 | 2024-05-07T22:42:03.819055

5672 / tcp

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

119860953 | 2024-05-05T20:34:54.711521

5853 / tcp

* OK ArGoSoft Mail Server IMAP Module v.YW at

-971970408 | 2024-04-29T03:24:53.636848

5858 / tcp

1911457608 | 2024-05-08T03:22:06.906245

5938 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1999272906 | 2024-04-26T05:01:43.704918

5984 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

1690634669 | 2024-05-07T07:42:44.323856

5986 / tcp

-1835475271 | 2024-05-08T19:24:24.997349

6000 / tcp

200 NOD32SS 99 (3318497116)\r\n

-1835475271 | 2024-05-11T00:40:44.341060

6001 / tcp

200 NOD32SS 99 (3318497116)\r\n

-1311598826 | 2024-05-11T16:05:59.911182

6002 / tcp

AMQP:
cluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local
copyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.
information:Licensed under the MPL 2.0. Website: https://rabbitmq.com
platform:Erlang/OTP 24.1
product:RabbitMQ
version:3.9.7
Capabilities:
publisher_confirms:true
exchange_exchange_bindings:true
basic.nack:true
consumer_cancel_notify:true
connection.blocked:true
consumer_priorities:true
authentication_failure_close:true
per_consumer_qos:true
direct_reply_to:tru

1072892569 | 2024-05-10T18:14:43.389520

6080 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

1813977069 | 2024-04-13T16:20:52.849732

6379 / tcp

-ERR wrong number of arguments for 'get' command

-1559123399 | 2024-04-21T17:57:46.076310

6443 / tcp

500 Permission denied - closing connection.

-1399940268 | 2024-04-28T09:22:50.294843

6503 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-358801646 | 2024-05-01T07:47:18.923892

6550 / tcp

SSH-2.0-OpenSSH_6.6.1

1830187220 | 2024-05-06T04:24:46.819161

6590 / tcp

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

-891714208 | 2024-04-24T16:59:59.443815

6605 / tcp

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

-1399940268 | 2024-05-06T13:14:05.319307

6633 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

707919486 | 2024-05-07T14:03:39.521357

6653 / tcp

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

1984588611 | 2024-05-10T06:24:45.182178

6664 / tcp

4935895 | 2024-04-27T15:35:48.932833

6666 / tcp

HTTP/1.1 400 Bad Request
Server: CloudWAF

1690634669 | 2024-04-22T15:59:50.378733

6667 / tcp

-142686627 | 2024-05-09T00:32:21.610172

6668 / tcp

\x00[\xc2\xba\x7fs\x7f\x00\x00

1282941221 | 2024-05-03T21:40:44.989561

6697 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

1220127183 | 2024-04-26T10:22:10.014816

7001 / tcp

HTTP/1.1 400 Bad Request
Connection: keep-alive
Connection: close
X-Via-JSL: 6958812,-
X-Cache: error

-1399940268 | 2024-04-18T07:39:06.726250

7002 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-2096652808 | 2024-04-22T22:09:24.975908

7010 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1767345577 | 2024-05-01T21:33:17.137239

7022 / tcp

Hello, this is Quagga (version 0T).
Copyright 1996-200

-345718689 | 2024-05-09T18:47:45.366303

7071 / tcp

Vty password is not set.

-1746074029 | 2024-04-16T12:50:04.444773

7171 / tcp

101 imqbroker =unV\r\n

-1626979812 | 2024-04-23T01:01:13.996920

7218 / tcp

220 Service ready for new user.

-1810987450 | 2024-05-09T10:20:05.040101

7415 / tcp

\xc3\xbf

2087396567 | 2024-05-04T20:02:39.685692

7434 / tcp

kjnkjabhbanc283ubcsbhdc72

1612309769 | 2024-05-06T16:20:58.946691

7443 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae28e1_CS-000-01SZh112_7344-42222

-984990168 | 2024-05-08T03:27:15.824113

7474 / tcp


0ÿñ

1911457608 | 2024-05-08T04:08:26.466644

7493 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1441741890 | 2024-05-03T10:11:22.632861

7547 / tcp

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2
0181212])

-971970408 | 2024-05-10T05:57:54.022848

7548 / tcp

1469043098 | 2024-05-06T07:25:38.163781

7634 / tcp

hddtemp
	: :  
	: :

819727972 | 2024-04-26T17:27:18.257849

7776 / tcp

SSH-2.0-OpenSSH_7.4

1072892569 | 2024-04-28T00:11:58.758385

8001 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

1077013874 | 2024-05-10T03:53:16.174806

8005 / tcp

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

1948301213 | 2024-04-21T07:08:02.984421

8006 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

339872247 | 2024-05-09T16:10:59.764741

8009 / tcp


0 ...

1077013874 | 2024-04-23T10:38:24.632412

8026 / tcp

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

-1399940268 | 2024-05-03T12:23:44.425752

8028 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

165188539 | 2024-04-13T02:52:41.639463

8033 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1911457608 | 2024-04-27T00:57:31.348260

8035 / tcp

\x00[\x00\x00\x00\x00\x00\x00

165188539 | 2024-04-15T13:32:15.425268

8064 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-2097352191 | 2024-04-26T16:42:38.554550

8080 / tcp

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate
Content-Length: 8373
Content-Type: text/html;charset=UTF-8
Date: Fri, 26 Apr 2024 16:42:38 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Jetty(9.2.z-SNAPSHOT)
Set-Cookie: JSESSIONID.68aebc19=ks8wzj9adka41eqd312p7ep5s;Path=/;HttpOnly
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Hudson: 1.395
X-Hudson-Cli-Port: 34255
X-Hudson-Theme: default
X-Instance-Identity: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmfMcEUCqpsfNM7LdWRGXQzwwGF41W6yfe6wWVkdLDYy7QHsEK+/8wQdtrt6rokKXdbcmIA6r5goaw5jgx1KYHEVshQpljzX79oLDK+EMn5Nq5gnyMe8N3jUALJiiYN2W2lUqlIxG6+9hfXE3o7tvvfJS7iAPHQrtetoVPI9bGfi/BLLncm9I82Z4SDJloIJmfkfDqOg5ivg5sPjabQVvZQKu0EeeVl6PhHG68Vyei8HC/Z5KAEl5CIuI2s7StJVhXJUvfkgkk8cGN6Sp7bsjuv7IADg3EV+OEoWqyzTRYsnUZ/vjHx9jeJo9DRYIECxhx/mGVVSgtBtXyiZqqo9VwIDAQAB
X-Jenkins: 2.46.1
X-Jenkins-Cli-Port: 34255
X-Jenkins-Cli2-Port: 34255
X-Jenkins-Session: f7c72f83
X-Ssh-Endpoint: 59.110.185.226:39067

132449631 | 2024-05-05T20:32:19.151097

8081 / tcp

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Sun, 05 May 2024 20:32:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
J-Access-Policy: https://sell.aliyuncs.com/echo/elapsed/delete/gallery
Server: Jetty(9.2.z-SNAPSHOT)
Set-Cookie: JSESSIONID.3deb4c5c=1s0muxlgo4hzqne97j6b8dzv6;Path=/;HttpOnly
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Hudson: 1.395
X-Hudson-Cli-Port: 44723
X-Hudson-Theme: default
X-Instance-Identity: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUfx8b9D9EahOva3gp5HxSClqkJv8cBTQgpIusRKH0njrh1k1oUJWcsXSDkL8ULsGXKzBAcM1uaO2Wlw+W1e94ADDlxwVaH/5x3u/8dFKtSSke2bHC7jcwdmAQ0I8HvGQL3DV/dXWgVmq36VvA2afkCKX3YnxX/fu8O8GayASjB72H5PaVd1WAZSczENTS9tebvNJK/RVUGfCuRAjT62s4ek0FXLfVfjjV5kFPI2VfGp068SdtTpu2FZnr0DuY96lA23f0Dy9XT0AOnNI9SsTQM4XDfYs+3njvdx8motkpIXZthol3zBT1WkxzZ68t/3hK+6SoaRcHYxtmRDWJlB7wIDAQAB
X-Jenkins: 2.46.1
X-Jenkins-Cli-Port: 44723
X-Jenkins-Cli2-Port: 44723
X-Jenkins-Session: fd1b1568
X-Ssh-Endpoint: 59.110.185.226:33099
Transfer-Encoding: chunked

20b4




  
  <!DOCTYPE html><html><head resURL="/static/fd1b1568" data-rooturl="" data-resurl="/static/fd1b1568">
    

    <title>Dashboard [Jenkins]</title><link rel="stylesheet" href="/static/fd1b1568/css/layout-common.css" type="text/css" /><link rel="stylesheet" href="/static/fd1b1568/css/style.css" type="text/css" /><link rel="stylesheet" href="/static/fd1b1568/css/color.css" type="text/css" /><link rel="stylesheet" href="/static/fd1b1568/css/responsive-grid.css" type="text/css" /><link rel="shortcut icon" href="/static/fd1b1568/favicon.ico" type="image/vnd.microsoft.icon" /><link color="black" rel="mask-icon" href="/images/mask-icon.svg" /><script>var isRunAsTest=false; var rootURL=""; var resURL="/static/fd1b1568";</script><script src="/static/fd1b1568/scripts/prototype.js" type="text/javascript"></script><script src="/static/fd1b1568/scripts/behavior.js" type="text/javascript"></script><script src='/adjuncts/fd1b1568/org/kohsuke/stapler/bind.js'

819727972 | 2024-05-02T23:10:49.637538

8082 / tcp

SSH-2.0-OpenSSH_7.4

1830187220 | 2024-04-28T23:03:10.258713

8083 / tcp

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

-441419608 | 2024-05-05T17:59:10.972492

8085 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

841014058 | 2024-04-28T09:12:44.378966

8086 / tcp

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

1353260875 | 2024-05-05T21:57:52.778194

8087 / tcp

\x00[g\xc2\x95N\x7f\x00\x00

1286504516 | 2024-05-11T21:21:39.829073

8089 / tcp

CP2E Control Console
Connected to Host: gZI

-1730858130 | 2024-04-29T19:22:33.738829

8097 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

648174097 | 2024-05-07T11:29:19.046075

8099 / tcp

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

-1399940268 | 2024-04-26T08:19:40.203648

8100 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1261090339 | 2024-05-06T06:02:18.052209

8101 / tcp

\x00[l\xc2\xb6\xc3\x90\x7f\x00\x00

1286504516 | 2024-05-07T18:52:10.843048

8112 / tcp

CP2E Control Console
Connected to Host: gZI

971933601 | 2024-04-20T13:13:22.745266

8118 / tcp

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

1690634669 | 2024-05-10T00:58:07.234494

8126 / tcp

504717326 | 2024-05-10T00:49:31.837189

8139 / tcp

SSH-2.0-OpenSSH_8.6

-1392039491 | 2024-05-04T22:43:45.557377

8140 / tcp

"Broadband Router"

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

819727972 | 2024-05-06T22:08:21.735225

8181 / tcp

SSH-2.0-OpenSSH_7.4

-1264324149 | 2024-05-08T17:33:36.700707

8200 / tcp

Siemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready
ÿû\x01ÿû\x03ÿý\x01ÿþ\x01Username:

-1399940268 | 2024-05-06T16:07:26.451248

8236 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

677934968 | 2024-04-20T17:02:18.179461

8241 / tcp

lm^)Q

-1730858130 | 2024-04-19T20:04:19.116726

8249 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-1230049476 | 2024-05-10T15:56:34.378578

8291 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

-1713467553 | 2024-04-23T02:25:00.963392

8333 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Connection: close

820958131 | 2024-05-06T05:47:07.254022

8401 / tcp

kjnkjabhbanc283ubcsbhdc72\x02

1308377066 | 2024-04-23T01:10:42.623644

8404 / tcp

ncacn_http/1.0

-1013082686 | 2024-04-20T05:32:56.150176

8420 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

-1435414831 | 2024-04-29T12:42:40.407664

8429 / tcp

roku: ready\r\n

186468908 | 2024-04-25T18:11:06.246149

8443 / tcp

HTTP/1.1 404 Not Found
Date: Thu, 25 Apr 2024 18:11:06 GMT
Content-Type: text/html
Content-Length: 238
Connection: keep-alive
Server: Tengine
Location: https://eu-central-1.axt.aliyun.com

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:a7:27:29:07:10:52:7c:ae:c7:4a:96
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2
        Validity
            Not Before: Sep 12 07:56:08 2023 GMT
            Not After : Feb 20 10:00:00 2024 GMT
        Subject: CN=*.aliyuncs.com, O=Alibaba (China) Technology Co., Ltd., L=Hangzhou, ST=Zhejiang, C=CN
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:dd:4b:74:ed:c6:5a:af:d8:ec:b8:00:f8:be:09:
                    34:31:59:b1:d9:1b:77:36:69:8b:27:30:12:a2:ff:
                    69:4e:58:2b:8d:98:ed:55:24:6a:9b:b3:5a:6b:54:
                    68:b8:b7:af:ee:8b:2d:5b:86:f0:92:f6:ef:ba:25:
                    40:b6:ac:30:eb:0c:b4:35:17:25:82:6f:84:57:5b:
                    d7:d9:0c:eb:9d:09:dc:bd:17:bf:92:98:db:b9:3b:
                    d3:70:74:bc:b4:ad:55:c7:e2:85:17:3e:f7:03:ce:
                    a3:7a:d4:61:4b:27:99:3c:8a:b8:7f:bd:f0:02:67:
                    55:75:cc:b7:cd:2b:91:3f:d9:11:a0:74:0c:9d:8a:
                    4a:b9:b8:5a:bc:1e:97:a1:b3:79:5b:5d:30:ea:a5:
                    8b:a2:23:05:02:22:9b:d4:f8:25:e6:99:c0:6d:4b:
                    d6:e0:ad:f0:01:a3:c9:e2:db:c2:bc:66:5e:3f:1b:
                    cd:c9:01:ad:68:50:77:ca:41:b9:a2:cf:58:9b:d9:
                    5c:1d:f2:b4:9c:9e:f9:c7:84:fe:65:8f:68:b5:e3:
                    2c:43:31:a0:a6:5c:65:eb:67:63:da:9b:0a:91:f8:
                    c1:f2:ba:0f:4e:48:53:f7:12:ca:6c:35:4e:4b:96:
                    02:d7:bc:3b:77:ad:80:17:9b:7a:4d:37:a1:e3:8c:
                    85:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                BD:22:FF:00:93:D9:9B:FA:87:FC:C5:14:21:44:0A:DD:BF:4A:AA:A6
            X509v3 Authority Key Identifier: 
                96:DE:61:F1:BD:1C:16:29:53:1C:C0:CC:7D:3B:83:00:40:E6:1A:7C
            Authority Information Access: 
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g2
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt
            X509v3 Subject Alternative Name: 
                DNS:*.aliyuncs.com, DNS:*.cn-hangzhou-mybk.aliyuncs.com, DNS:*.cn-nantong.aliyuncs.com, DNS:*.cn-shenzhen-finance-1.aliyuncs.com, DNS:*.cn-sichuan.aliyuncs.com, DNS:*.jp-fudao.aliyuncs.com, DNS:*.ap-south-1.aliyuncs.com, DNS:*.cn-wulanchabu.aliyuncs.com, DNS:*.cn-huhehaote.aliyuncs.com, DNS:*.cn-chengdu.aliyuncs.com, DNS:*.rus-west-1.aliyuncs.com, DNS:*.ap-southeast-1.aliyuncs.com, DNS:*.in-mumbai.aliyuncs.com, DNS:*.cn-guangzhou.aliyuncs.com, DNS:*.cn-hangzhou.aliyuncs.com, DNS:dod-tiger.taobao.com, DNS:yqza.taobao.com, DNS:sec.alimama.com, DNS:buc-test-qier.alibaba-inc.com, DNS:heno.stors.ojibobo-ina.aon.alibaba-inc.com, DNS:stars.shuqireader.com, DNS:www2s.mashort.cn, DNS:opsx.vip.tbsite.net, DNS:shog36977584.taobao.com, DNS:szdyyyxs.1688.com, DNS:hovonojogin.taobao.com, DNS:shop36674442.taobao.com, DNS:svnort.stors.ojibobo-ina.aon.alibaba-inc.com, DNS:xbootogs.ojibobo-ina.aon.alibaba-inc.com, DNS:university.lazada.vn, DNS:shog36621603.taobao.com, DNS:api.dingtalk.com, DNS:shog36600642.taobao.com, DNS:admin-p.lazada.vn, DNS:ocache.taobao.net, DNS:10yuankaihutiyanjin-okta-network-drookings-mirror.accept.lex.vn, DNS:lighthouse.lazada.co.th, DNS:api.aliyun.com, DNS:admin.lazada.co.id, DNS:ajovdovth-intj.an-shonghoi.aliyuncs.com, DNS:ob-gre.ojiyvn-ina.aon.aliyun-inc.com, DNS:shop2b0883416a7i9.aliyun.com, DNS:acs-m-sg.lazada.co.id, DNS:auth.wms.aliyun.com, DNS:qtnetria-shore.aliyuncs.com, DNS:m5-zb.amap.com, DNS:mail.wondfo.com.cn, DNS:m.sellercenter.lazada.com.ph, DNS:yvndvn-idi-server.ojiyvn-ina.aon.aliyun-inc.com, DNS:xmap-alg-deploy-prepub.amap.com, DNS:qt-changeplatform.alibaba.net, DNS:yhnkwj.1688.com, DNS:www22.aliwork.com, DNS:eci-vpc.ap-southeast-1.aliyuncs.com, DNS:b-manage.gfn.cainiao.com, DNS:sellercenter.lazada.com.my, DNS:aloc-offline.aliyun.com, DNS:hhpai-dsw-dsw56392-80.pcs-svr.alibaba-inc.com, DNS:attg.ojibobo-ina.aon.alibaba-inc.com, DNS:shop6239730h56062.1688.com, DNS:api.ascp-fresh-produce.hemayx.cn, DNS:console-fc.alpha.redmart.com, DNS:shog1442508391642.1688.com, DNS:fvzebogs.1688.com, DNS:das.base.shuju.aliyun.com, DNS:ojiaert.taobao.com, DNS:og-sovtheost-1.ron-internoj.aliyuncs.com, DNS:119152.aliexpress.com, DNS:shog36315220.taobao.com, DNS:nextci.amap.com, DNS:shop36579394.taobao.com, DNS:ens-network-sqos-hybrid.alicdn.com, DNS:manage-cmscn.gfn.cainiao.com, DNS:detoij.tmall.com, DNS:jielitushu.tmall.com, DNS:new-university.lazada.co.id, DNS:bi.aliyun.com, DNS:shog3078o27060063.1688.com, DNS:www.yx.fusion.design, DNS:hm1.cnzz.com, DNS:u.lazada.com.my, DNS:pre-ids-gpcb.lazada.com, DNS:adsprobe.aliyun.com, DNS:services-iss-sh.cainiao-inc.com, DNS:gigsijk.taobao.com, DNS:nrcm.lydaas.com, DNS:connect.aliexpress.com, DNS:vidigod.1688.com, DNS:axjanja.1688.com, DNS:alimama2.aliyun.com, DNS:shog36236233.taobao.com, DNS:anqi9988.1688.com, DNS:www.lex.co.id, DNS:shog36346889.taobao.com, DNS:gvonghe.taobao.com, DNS:iot.ap-southeast-1.aliyun.com, DNS:1111.alimama.com, DNS:netriahvb-ans-an-beijing.aliyuncs.com, DNS:link.wt.cainiao.com
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        55:c0:12:7a:04:5a:dd:93:46:07:dd:96:3f:75:3b:dd:07:3b:
        c0:4a:2e:56:65:f3:86:e1:0a:0a:4b:a4:e1:ca:e2:19:2c:ee:
        e3:f8:4f:06:c4:bb:bc:c8:20:28:67:7e:a2:69:d1:b5:7e:d7:
        bc:34:4f:11:9c:4f:74:37:b8:57:b4:05:45:cf:c8:87:24:ed:
        0c:ee:f6:7d:05:6c:98:f1:72:b7:e4:f3:2a:1a:64:4d:13:be:
        4e:e6:ff:c6:84:3b:4a:2d:3f:5a:1b:4d:77:21:38:e3:68:fd:
        a8:93:fb:2a:f4:ea:c7:89:f0:28:68:ea:3d:f2:ae:0e:31:f7:
        77:fa:01:a4:af:1e:6a:75:8e:6b:17:8d:ba:7b:35:70:3a:6e:
        c8:1c:dd:7a:4e:60:0f:f9:3f:3e:38:7c:39:2a:57:3c:83:ca:
        c5:5c:f8:d8:f3:8d:79:d2:4d:d6:37:63:d8:05:6d:86:91:ce:
        8b:bb:75:ee:92:af:e0:96:94:0f:d6:70:f6:55:62:91:21:10:
        e9:19:0e:23:75:04:d8:13:d9:5a:94:19:24:ac:52:10:b7:5a:
        cc:b2:9e:28:9c:70:21:65:c8:a8:c4:1d:e9:07:57:19:ee:75:
        91:2d:7a:28:52:db:b8:1f:28:78:16:13:f6:4d:ea:ff:79:3d:
        ab:a5:ec:59

-1399940268 | 2024-04-24T17:11:22.292681

8448 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-684625978 | 2024-05-04T10:51:52.801060

8500 / tcp

{Datacenter:dc1 NodeName:consul-dev NodeID:e61aec6b-e338-67fa-3b08-f8185bd5b528 Revision:db839f18b Server:true Version:1.10.1}

1282941221 | 2024-05-10T11:40:56.962200

8545 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

842535728 | 2024-04-16T05:02:15.303001

8554 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

-1399940268 | 2024-04-19T00:48:57.285277

8586 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

842535728 | 2024-05-07T15:47:04.589591

8649 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

820958131 | 2024-05-10T19:24:20.468388

8728 / tcp

kjnkjabhbanc283ubcsbhdc72\x02

321971019 | 2024-05-07T00:33:53.158072

8801 / tcp

-ERR client ip is not in whitelist\r

1126993057 | 2024-05-03T08:11:09.550103

8808 / tcp

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

1911457608 | 2024-04-24T05:54:15.916049

8811 / tcp

\x00[\x00\x00\x00\x00\x00\x00

819727972 | 2024-04-25T18:16:26.784356

8819 / tcp

SSH-2.0-OpenSSH_7.4

1911457608 | 2024-05-10T21:48:44.262409

8824 / tcp

\x00[\x00\x00\x00\x00\x00\x00

539065883 | 2024-05-05T07:42:17.466595

8834 / tcp

-653033013 | 2024-04-30T17:32:59.763719

8871 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

1991883981 | 2024-05-06T03:14:17.079077

8874 / tcp

B\x00\x00\x00\xc3\xbfn\x04Too many connections

1911457608 | 2024-04-16T06:38:21.972570

8876 / tcp

\x00[\x00\x00\x00\x00\x00\x00

671605376 | 2024-05-04T00:13:37.876998

8880 / tcp

SSH-2.0-OpenSSH_X.X

1741579575 | 2024-05-09T20:46:33.773142

8889 / tcp

-2107996212 | 2024-05-11T06:43:41.384403

8988 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

-1026951088 | 2024-05-03T11:40:00.944900

9001 / tcp

erro ip

745343730 | 2024-04-28T17:35:59.715942

9002 / tcp

220 smtp.qq.com Esmtp QQ Mail Server

1011407350 | 2024-05-06T22:43:02.942827

9011 / tcp

* OK GroupWise IMAP4rev1 Server Ready\r\n

-146605374 | 2024-05-05T10:43:48.080127

9018 / tcp

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

-1327660293 | 2024-04-22T15:41:31.368816

9030 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

632542934 | 2024-04-24T07:27:04.145147

9036 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

320677201 | 2024-05-08T15:17:41.505410

9037 / tcp

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

2087396567 | 2024-05-02T21:52:22.365998

9042 / tcp

kjnkjabhbanc283ubcsbhdc72

408230060 | 2024-05-01T18:04:12.419237

9047 / tcp

\r\nSorry, that nickname format is invalid.\r\n

1911457608 | 2024-05-07T00:11:25.031829

9048 / tcp

\x00[\x00\x00\x00\x00\x00\x00

2087396567 | 2024-05-03T20:21:27.967459

9051 / tcp

kjnkjabhbanc283ubcsbhdc72

580340387 | 2024-04-20T16:17:38.837901

9088 / tcp

220 Microsoft FTP Service\n530 User cannot log in.\n214-The following commands are recognized (* ==>\'s unimplemented).\n    ABOR \n    ACCT \n    ADAT *\n    ALLO \n    APPE \n    AUTH \n    CCC \n    CDUP \n    CWD \n    DELE \n    ENC *\n    EPRT \n    EPSV \n    FEAT \n    HELP \n    HOST \n    LANG \n    LIST ...

819727972 | 2024-05-05T11:55:39.345391

9091 / tcp

SSH-2.0-OpenSSH_7.4

1948301213 | 2024-04-28T20:31:03.319004

9092 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

-1248408558 | 2024-05-11T00:49:50.970323

9095 / tcp

220 MikroTik FTP server (MikroTik 6.44.3) ready

1911457608 | 2024-05-05T22:01:46.404843

9100 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-445721795 | 2024-05-01T14:38:29.985507

9104 / tcp

\x00[\xc3\xaed\x1a\x7f\x00\x00

1763259671 | 2024-04-19T05:30:16.921265

9105 / tcp

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

-249504111 | 2024-05-08T21:42:03.572707

9107 / tcp

\x00[xU-\x7f\x00\x00

-1538260461 | 2024-04-20T04:34:36.975208

9111 / tcp

\x01\x00\x00\x00

-971970408 | 2024-05-09T16:09:47.679527

9151 / tcp

1911457608 | 2024-04-25T16:06:31.761218

9160 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1230049476 | 2024-05-11T20:31:35.457492

9201 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

-904840257 | 2024-05-04T17:14:19.096928

9203 / tcp

572 Relay not authorized\r\n

-1399940268 | 2024-04-12T15:19:33.577066

9210 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1989907056 | 2024-04-26T11:21:03.437785

9216 / tcp

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

-1476017887 | 2024-04-30T14:59:24.318093

9220 / tcp

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

770016595 | 2024-05-03T11:00:24.345984

9295 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

504717326 | 2024-05-09T17:33:15.634144

9300 / tcp

SSH-2.0-OpenSSH_8.6

-1839934832 | 2024-05-02T01:05:07.615886

9305 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-1399940268 | 2024-05-11T01:35:42.063759

9306 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

233634112 | 2024-05-11T22:12:10.413288

9418 / tcp

SSH-98.60-SysaxSSH_81885..42

-1888448627 | 2024-04-21T17:05:20.935436

9530 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

-1990350878 | 2024-05-08T01:34:50.119888

9595 / tcp

 
04 \...

-784071826 | 2024-05-06T03:01:40.909342

9600 / tcp

SSH-2.0-OpenSSH_8.0

2084412416 | 2024-05-07T16:45:26.137124

9633 / tcp

yÐÿÿsLINSÓ

-358801646 | 2024-05-09T07:22:11.302174

9761 / tcp

SSH-2.0-OpenSSH_6.6.1

-1947221304 | 2024-04-28T21:02:06.112233

9876 / tcp

\x00\x00\x01j\x00\x00\x00_{"code":0,"flag":1,"language":"JAVA","opaque":1,"serializeTypeCurrentRPC":"JSON","version":433}{"brokerDatas":[{"brokerAddrs":{"0":"65.179.123.68:10911"},"brokerName":"broker-a","cluster":"DefaultCluster","enableActingMaster":false}],"filterServerTable":{},"queueDatas":[{"brokerName":"broker-a","perm":7,"readQueueNums":8,"topicSysFlag":0,"writeQueueNums":8}]}

248249138 | 2024-05-06T11:29:48.051240

9943 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae24d3_xyd116_25356-2749

-1399940268 | 2024-04-19T21:11:46.269669

9950 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1538260461 | 2024-05-03T00:49:09.929898

9966 / tcp

\x01\x00\x00\x00

-1990350878 | 2024-05-11T06:12:38.785022

9981 / tcp

 
04 \...

-1399940268 | 2024-05-02T08:38:04.679528

9992 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1917695220 | 2024-05-06T13:03:42.525470

9998 / tcp

HTTP/1.1 200 OK
Server: Jetty(9.4.8.v20171121)

1161309183 | 2024-04-20T22:03:05.042606

9999 / tcp

ProxyServer is ready

-1230049476 | 2024-05-08T00:07:19.612057

10000 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

1492413928 | 2024-04-25T09:32:47.849660

10001 / tcp

SSH-2.0-OpenSSH_7.5

-1399940268 | 2024-04-30T19:24:35.611730

10134 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2103111368 | 2024-05-01T11:19:16.044658

10250 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

-201045030 | 2024-05-09T22:29:43.769481

10443 / tcp

HTTP/1.1 301 Moved Permanently
Date: Thu, 09 May 2024 22:29:43 GMT
Content-Type: text/html
Content-Length: 224
Connection: keep-alive
Eagleeye-Traceid: 5b82400c1c861fd5235737ca7b92ad
Location: https://pai-cn-shanghai-finance-1.console.aliyun.com
Server: Tengine/Aserver
Timing-Allow-Origin: *

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:e4:36:78:7d:ba:5a:13:e3:9b:fd:03
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: Jun  2 06:02:03 2023 GMT
            Not After : Jul  3 05:56:05 2024 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.tanx.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:11:73:62:8b:68:ca:84:cd:cd:d0:f7:05:62:09:
                    4c:81:d9:d3:23:ba:f2:65:53:70:57:71:2b:c0:ce:
                    70:b3:ba:c4:45:b7:87:ba:06:e1:67:06:86:7b:14:
                    5b:1e:93:2c:eb:df:1d:05:3d:9a:e1:69:80:79:45:
                    8d:91:d3:d6:25
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                0B:5E:80:D7:DA:75:94:A4:FE:20:AD:A4:ED:06:5C:63:34:13:08:23
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            Authority Information Access: 
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
            X509v3 Subject Alternative Name: 
                DNS:*.tanx.com, DNS:*.45E.alibaba-inc.com, DNS:*.8.shareyouli.com, DNS:*.9game.cn, DNS:*.a-map.cn, DNS:*.a-map.co, DNS:*.a-map.link, DNS:*.a-map.vip, DNS:*.abs-sign.amap.com, DNS:*.ac.uc.cn, DNS:*.acis.amap.com, DNS:*.admin.alihealth.cn, DNS:*.admin.hemaos.com, DNS:*.aikit.alibaba-inc.com, DNS:*.ailab.alibaba-inc.com, DNS:acs-mum.alibabachengdun.com, DNS:zhijinbao.net, DNS:psc-alimebot.lazada.com.my, DNS:www.zqlgzly-9.fliggy.com, DNS:psc-alimebot.lazada.com.ph, DNS:sug.lazada.sg, DNS:ops.danniao.com, DNS:shop47797351729o3.1688.com, DNS:pre-quanxi-qa-tlog.aliyun.com, DNS:poctest-qwerasdf.aliyun.com, DNS:cloudinter-linkgateway.sto.cn, DNS:astore-alsc-l100crm.koubei.com, DNS:h5api.m.tmall.hk, DNS:merrys.pt.aliexpress.com, DNS:linkgn-useast-internal.aliyun.com, DNS:huasuzx.com, DNS:shop36441480.taobao.com, DNS:soghon-event.ojiyvn-ina.aon.aliyun-inc.com, DNS:dsq.alibaba-inc.com, DNS:wwwcache.10219.com, DNS:www8.crayola.xixikf.cn, DNS:mail.sunwayworld.com, DNS:zb-dsw-dsw50440-80.pcs-svr.aliyun.com, DNS:least.lazada.com.my, DNS:vjond.taobao.com, DNS:ysn1288.1688.com, DNS:stp.lazada.sg, DNS:txd-goge-bvijder.tmall.com, DNS:bff-cn-shanghai-finance-1.data.aliyun.com, DNS:xvsheng0710.1688.com, DNS:dns.aonsoje.aliyun.com, DNS:123.fn.alibaba.com, DNS:login.sellercenter.lazada.com.my, DNS:ajiak.nz.sinbo.taobao.com, DNS:dotov.ojibobo-ina.aon.alibaba-inc.com, DNS:lpdv5.ele.me, DNS:survey.goofish.com, DNS:doahejg.aliyuncs.com, DNS:08yt.blog.china.aliyun.com, DNS:survey.tmall.com, DNS:booking-th.lazada.com, DNS:ytenrvbber.1688.com, DNS:huagangshoushi.aliyun.com, DNS:bvahvon.en.alibaba.com, DNS:brito.tmall.com, DNS:iperformance2.alibaba-inc.com, DNS:odins.aliyun.com, DNS:shop382882869.aliyun.com, DNS:shog36308341.taobao.com, DNS:task.cainiao.com, DNS:shog1419612529462.1688.com, DNS:shop36489204.aliyun.com, DNS:www8.cwh.xixikf.cn, DNS:wwwhost-ox001.10219.com, DNS:p-p.dev-arise.lazada.com, DNS:www4.bubastis.xixikf.cn, DNS:bvddho.ojibobo-ina.aon.alibaba-inc.com, DNS:alimebot.lazada.com, DNS:pre-apollo.cainiao-inc.com, DNS:xiaofen17.1688.com, DNS:p-p.lazada.sg, DNS:fengyvsn.tmall.com, DNS:config.56xiniao.com, DNS:mail.hzqzhcs.com, DNS:shog36237394.taobao.com, DNS:moss-resource-api-tisplus-online.aliyun.com, DNS:sellercenter-vn.lazada-seller.cn, DNS:gre.netria-ans.v3.ojiyvn-ina.aon.aliyun-inc.com, DNS:logistics.lazada.com.my, DNS:ornor.ojibobo-ina.aon.alibaba-inc.com, DNS:nedretoij.norketingbox.taobao.com, DNS:ai-op.aliyun.com, DNS:filebroker-src-staging.lazada.sg, DNS:map-vn.lel.asia, DNS:shop36820160.taobao.com, DNS:shog36639928.taobao.com, DNS:api-th.lazada-seller.cn, DNS:aurora2.aliyun.com, DNS:win.cainiao.com
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        09:38:73:d5:7b:61:17:4a:91:0e:ef:ca:52:61:1c:1b:e1:08:
        14:50:c8:a5:cf:87:64:e6:de:3b:58:22:e6:3c:88:f8:a9:8e:
        24:08:20:e1:fa:86:95:12:2a:8e:f1:0e:82:e5:47:80:5b:4f:
        5b:dd:f0:22:df:e1:29:55:b2:3e:47:37:ca:6e:28:77:1d:ed:
        d5:7a:40:37:a7:d9:68:5a:50:72:bc:ef:2e:6c:8b:74:de:af:
        32:8d:5b:e5:38:c3:01:25:eb:39:82:e0:55:6d:5a:fa:1a:b5:
        a8:77:cc:af:67:f7:42:27:ca:a3:3d:48:69:c1:ed:c2:eb:47:
        2a:3d:a7:77:9b:2e:5f:05:13:d7:e1:b1:37:3d:f4:98:80:c4:
        94:8e:b9:3f:eb:f7:7d:ce:fe:f2:ce:1d:f7:5f:94:67:d8:cf:
        1b:1f:1c:88:3d:6c:64:22:f4:49:ab:b1:e8:ce:69:60:1b:33:
        aa:a0:64:4c:09:5d:d6:08:3b:98:aa:f0:64:75:d2:f8:eb:a9:
        24:2a:af:e7:36:9d:48:b1:5e:bf:ee:2e:31:1d:d3:37:b9:2c:
        3c:6f:33:5e:21:73:74:fc:2a:38:18:65:a0:73:1a:4c:05:0a:
        92:58:fc:1c:28:27:e4:e0:65:53:cf:d0:b2:aa:89:f0:05:5d:
        0d:29:d5:ca

-1111515360 | 2024-04-18T07:13:41.871159

10554 / tcp

remshd: Kerberos Authentication not enabled.

1761482307 | 2024-04-23T00:15:57.203245

10909 / tcp

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

455076604 | 2024-04-19T10:09:51.130489

10911 / tcp

!\x07version\x04bind7 t{RPowerDNS Recursor 410

-1888448627 | 2024-05-10T02:08:07.458629

11000 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1911457608 | 2024-05-03T00:59:27.993646

11112 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-339084706 | 2024-05-10T16:29:13.883268

11210 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

-136006866 | 2024-04-23T18:50:00.179782

11211 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

-1399940268 | 2024-05-11T21:43:05.282644

11300 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

550048729 | 2024-04-28T01:19:03.518873

11371 / tcp

ÿÿÿ
0 ...

368820174 | 2024-04-22T22:51:14.255381

12000 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1d94_PS-TNA-01jC465_21028-55111

488204803 | 2024-05-08T03:19:03.167908

12345 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae263c_CS-000-01Avv40_829-3172

1261582754 | 2024-04-12T18:30:32.590774

13579 / tcp

unknown command 
unknown command

-1713437100 | 2024-05-06T12:33:54.856970

14147 / tcp

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

-1399940268 | 2024-05-06T20:14:57.500209

14265 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-04-25T02:21:38.473631

14344 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1230049476 | 2024-05-04T17:12:59.979678

16010 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

1921398876 | 2024-05-08T21:49:36.554998

16030 / tcp

ÿý"
LinuxNode v06953 (ggfks)

login:

-358801646 | 2024-05-04T03:34:01.748475

16993 / tcp

SSH-2.0-OpenSSH_6.6.1

1911457608 | 2024-05-04T13:23:19.102369

18081 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-2089734047 | 2024-05-11T17:46:44.399958

18245 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-2107996212 | 2024-05-01T19:28:33.193232

18553 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

321971019 | 2024-05-06T05:12:47.370740

19000 / tcp

-ERR client ip is not in whitelist\r

-222277909 | 2024-04-18T15:57:32.952464

19071 / tcp

0@@

1900503736 | 2024-04-15T04:10:56.665124

20000 / tcp

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

-1399940268 | 2024-04-27T09:07:34.877619

20256 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-05-02T15:46:42.124308

20547 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-992671574 | 2024-04-23T02:14:31.240536

21025 / tcp

@RSYNCD: 26

-1428621233 | 2024-05-11T03:21:34.247643

21379 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

171352214 | 2024-05-11T03:09:58.698716

23023 / tcp

-ERR client ip is not in whitelist

-319440554 | 2024-05-03T21:56:33.012553

23424 / tcp

1723769361 | 2024-05-10T16:37:42.588261

25001 / tcp

ELM Enterprise Manager _l\r\nCopyright \xc2\xa9 18668511-928641920 TNT Software, Inc.\r\n

366084633 | 2024-05-10T01:18:44.076974

25565 / tcp

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

1684872706 | 2024-04-25T13:03:40.242818

27015 / tcp

Command: None
Size: 66
ID: 74366915
Type: 544173908

1763259671 | 2024-05-07T10:45:38.614831

27017 / tcp

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

740837454 | 2024-05-08T00:39:43.406528

28015 / tcp

SSH-2.0-OpenSSH_5.3

-138733098 | 2024-04-16T02:18:46.106709

28017 / tcp

roku: ready

1423431314 | 2024-05-10T04:36:01.566794

30002 / tcp

 
04 \...

-1992519278 | 2024-05-03T04:14:02.637581

31337 / tcp

\xc3\xbf\xc3\xbb\\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

-1729629024 | 2024-05-05T17:28:06.007956

32400 / tcp

101 imqbroker =unV

-754988795 | 2024-05-02T00:57:47.857610

32764 / tcp

[výC

660175493 | 2024-04-19T12:17:52.922671

33060 / tcp

-653033013 | 2024-04-25T20:05:45.055918

35000 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

-2089734047 | 2024-04-23T10:59:05.864278

37777 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1210754493 | 2024-04-17T06:02:27.213954

41800 / tcp

0\x0c\x02\x01\x01a\x07\n\x01\x00\x04\x00\x04\x00

-433302150 | 2024-04-25T14:43:43.829348

44158 / tcp

/multistream/1.0.0

-1648456501 | 2024-05-05T10:26:13.633257

44818 / tcp

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

2041641476 | 2024-05-08T21:25:25.556064

49152 / tcp

HTTP/1.1 500 Internal Server Error
CONTENT-LENGTH: 411
CONTENT-TYPE: text/xml; charset="utf-8"
DATE: Mon, 22 Jan 2024 16:46:55 GMT
EXT:
SERVER: Linux/3.18.20, UPnP/1.0, Portable SDK for UPnP devices/1.6.18
X-User-Agent: redsonic

366084633 | 2024-05-04T17:36:14.010525

50000 / tcp

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

233634112 | 2024-04-17T12:00:13.550642

50070 / tcp

SSH-98.60-SysaxSSH_81885..42

921225407 | 2024-04-23T22:48:33.669616

50100 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

-2118655245 | 2024-05-01T07:56:33.926176

51106 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20

-1045760528 | 2024-04-25T20:46:07.561275

51235 / tcp

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

-2096652808 | 2024-05-09T21:48:42.242521

54138 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-1399940268 | 2024-04-28T13:50:45.007772

55000 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1139539254 | 2024-04-24T04:48:24.659217

55443 / tcp

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

1842524259 | 2024-05-02T03:36:45.103487

55553 / tcp

1267517148 | 2024-04-15T05:53:58.439332

55554 / tcp

=Àÿÿ?"<ZDECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6

1544300041 | 2024-04-12T16:52:42.534972

60001 / tcp

SSH-25453-Cisco-3524665.35

459162008 | 2024-05-02T02:04:33.916303

60010 / tcp

Notify

-1733645023 | 2024-05-07T04:41:08.113258

60129 / tcp

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

1396488228 | 2024-05-05T09:30:52.867877

61613 / tcp

HTTP/1.1 200 OK
Content-Length: 2037
Cache-Control: private, max-age=300
Content-Type: text/html

-1529979118 | 2024-05-10T15:14:39.148653

61616 / tcp

inv2W

-860824904 | 2024-05-04T13:54:10.747665

62078 / tcp

\x00\x01)

1134517380 | 2024-05-03T05:19:44.270804

65522 / tcp

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

59.110.185.226

Last Seen: 2024-05-12

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1492413928 | 2024-04-26T15:14:17.299061 11 / tcp

291723434 | 2024-05-01T07:30:21.966647 13 / tcp

819727972 | 2024-05-09T07:08:52.865206 15 / tcp

5698739 | 2024-05-09T14:33:40.394136 17 / tcp

829384519 | 2024-04-23T10:45:42.752522 19 / tcp

1564456597 | 2024-05-10T21:10:52.129074 21 / tcp

-2107996212 | 2024-05-07T08:28:49.634624 23 / tcp

-2089734047 | 2024-05-10T17:37:42.160114 25 / tcp

1288534451 | 2024-05-08T14:50:06.266048 37 / tcp

1412519768 | 2024-05-01T17:56:22.534102 43 / tcp

-801484042 | 2024-05-11T17:43:45.140520 49 / tcp

-1056270173 | 2024-05-03T05:02:22.660879 70 / tcp

-746345752 | 2024-05-12T00:42:50.393712 79 / tcp

910877335 | 2024-05-02T10:03:22.047285 80 / tcp

-1665643483 | 2024-05-06T12:28:36.033145 81 / tcp

2033888749 | 2024-04-17T01:59:49.856390 82 / tcp

-321444299 | 2024-05-02T04:47:46.328640 83 / tcp

-1327660293 | 2024-04-25T22:12:35.770525 91 / tcp

-653033013 | 2024-05-05T03:43:37.467053 102 / tcp

165188539 | 2024-05-06T21:01:38.570696 110 / tcp

-53360811 | 2024-04-16T23:15:38.045747 111 / tcp

455076604 | 2024-05-09T11:45:24.198181 113 / tcp

-2107996212 | 2024-04-29T13:09:25.501769 119 / tcp

-646274631 | 2024-04-20T18:37:46.708486 135 / tcp

-829824006 | 2024-05-06T04:45:37.397521 143 / tcp

-1248408558 | 2024-04-13T10:58:41.392960 175 / tcp

945910976 | 2024-05-10T23:28:30.548951 179 / tcp

-1316398834 | 2024-04-30T04:54:47.269954 195 / tcp

1623746877 | 2024-05-11T06:32:43.180659 211 / tcp

-1428621233 | 2024-05-07T04:14:09.492874 221 / tcp

1672388472 | 2024-05-07T17:56:26.691442 264 / tcp

-1547976805 | 2024-05-06T11:10:03.225376 311 / tcp

-1743283776 | 2024-04-24T21:28:01.839402 389 / tcp

-826599962 | 2024-05-06T20:05:38.550181 427 / tcp

-1746318326 | 2024-05-02T13:52:53.210938 443 / tcp

-153948442 | 2024-05-05T04:56:45.480403 444 / tcp

1726594447 | 2024-05-04T21:10:15.279643 502 / tcp

745343730 | 2024-05-11T13:37:32.369864 503 / tcp

1690634669 | 2024-05-03T06:42:10.626980 515 / tcp

-1769206458 | 2024-05-03T12:27:01.500762 548 / tcp

285770450 | 2024-04-24T19:57:34.355416 554 / tcp

-1387531546 | 2024-05-08T10:21:19.681058 587 / tcp

1308377066 | 2024-05-10T11:07:36.688563 593 / tcp

178736976 | 2024-05-01T13:32:32.896112 631 / tcp

-1036370807 | 2024-05-08T00:28:58.361105 636 / tcp

-1420968138 | 2024-05-06T22:10:50.117680 666 / tcp

921225407 | 2024-05-11T14:51:09.234167 771 / tcp

-1888448627 | 2024-05-03T02:30:38.618855 789 / tcp

103159425 | 2024-04-25T03:10:25.966035 830 / tcp

-1970692834 | 2024-05-10T03:11:53.507405 873 / tcp

1956828827 | 2024-04-13T14:54:07.830762 902 / tcp

-936692830 | 2024-04-28T02:38:27.516273 992 / tcp

-1699556818 | 2024-04-26T16:49:05.911142 993 / tcp

-1489591880 | 2024-05-04T04:58:14.625569 995 / tcp

1632932802 | 2024-05-07T17:50:17.197193 1023 / tcp

-1316491703 | 2024-05-12T00:18:54.188476 1024 / tcp

-339084706 | 2024-05-03T12:47:23.787067 1025 / tcp

-1399940268 | 2024-04-27T03:56:48.755978 1099 / tcp

-1986594217 | 2024-05-01T20:56:16.387564 1153 / tcp

2087396567 | 2024-04-30T17:00:02.837281 1177 / tcp

1830697416 | 2024-05-10T04:14:02.548620 1200 / tcp

1574088840 | 2024-05-10T02:51:55.432165 1234 / tcp

2087396567 | 2024-05-05T06:36:16.343533 1337 / tcp

-1023516719 | 2024-05-09T10:33:56.769251 1400 / tcp

-325802316 | 2024-05-09T20:06:59.513523 1433 / tcp

-42767839 | 2024-05-06T21:53:24.144384 1494 / tcp

2087396567 | 2024-05-08T15:01:02.607471 1515 / tcp

-186520940 | 2024-05-11T01:44:19.761743 1521 / tcp

1332894250 | 2024-05-07T19:46:01.105872 1599 / tcp

-971970408 | 2024-05-08T13:32:46.366737 1604 / tcp

1103582599 | 2024-04-27T17:34:56.335872 1723 / tcp

-903067560 | 2024-04-28T03:52:26.646625 1800 / tcp

1642597142 | 2024-05-11T10:14:44.657136 1883 / tcp

1492413928 | 2024-04-26T15:14:17.299061
11 / tcp

291723434 | 2024-05-01T07:30:21.966647
13 / tcp

819727972 | 2024-05-09T07:08:52.865206
15 / tcp

5698739 | 2024-05-09T14:33:40.394136
17 / tcp

829384519 | 2024-04-23T10:45:42.752522
19 / tcp

1564456597 | 2024-05-10T21:10:52.129074
21 / tcp

-2107996212 | 2024-05-07T08:28:49.634624
23 / tcp

-2089734047 | 2024-05-10T17:37:42.160114
25 / tcp

1288534451 | 2024-05-08T14:50:06.266048
37 / tcp

1412519768 | 2024-05-01T17:56:22.534102
43 / tcp

-801484042 | 2024-05-11T17:43:45.140520
49 / tcp

-1056270173 | 2024-05-03T05:02:22.660879
70 / tcp

-746345752 | 2024-05-12T00:42:50.393712
79 / tcp

910877335 | 2024-05-02T10:03:22.047285
80 / tcp

-1665643483 | 2024-05-06T12:28:36.033145
81 / tcp

2033888749 | 2024-04-17T01:59:49.856390
82 / tcp

-321444299 | 2024-05-02T04:47:46.328640
83 / tcp

-1327660293 | 2024-04-25T22:12:35.770525
91 / tcp

-653033013 | 2024-05-05T03:43:37.467053
102 / tcp

165188539 | 2024-05-06T21:01:38.570696
110 / tcp

-53360811 | 2024-04-16T23:15:38.045747
111 / tcp

455076604 | 2024-05-09T11:45:24.198181
113 / tcp

-2107996212 | 2024-04-29T13:09:25.501769
119 / tcp

-646274631 | 2024-04-20T18:37:46.708486
135 / tcp

-829824006 | 2024-05-06T04:45:37.397521
143 / tcp

-1248408558 | 2024-04-13T10:58:41.392960
175 / tcp

945910976 | 2024-05-10T23:28:30.548951
179 / tcp

-1316398834 | 2024-04-30T04:54:47.269954
195 / tcp

1623746877 | 2024-05-11T06:32:43.180659
211 / tcp

-1428621233 | 2024-05-07T04:14:09.492874
221 / tcp

1672388472 | 2024-05-07T17:56:26.691442
264 / tcp

-1547976805 | 2024-05-06T11:10:03.225376
311 / tcp

-1743283776 | 2024-04-24T21:28:01.839402
389 / tcp

-826599962 | 2024-05-06T20:05:38.550181
427 / tcp

-1746318326 | 2024-05-02T13:52:53.210938
443 / tcp

-153948442 | 2024-05-05T04:56:45.480403
444 / tcp

1726594447 | 2024-05-04T21:10:15.279643
502 / tcp

745343730 | 2024-05-11T13:37:32.369864
503 / tcp

1690634669 | 2024-05-03T06:42:10.626980
515 / tcp

-1769206458 | 2024-05-03T12:27:01.500762
548 / tcp

285770450 | 2024-04-24T19:57:34.355416
554 / tcp

-1387531546 | 2024-05-08T10:21:19.681058
587 / tcp

1308377066 | 2024-05-10T11:07:36.688563
593 / tcp

178736976 | 2024-05-01T13:32:32.896112
631 / tcp

-1036370807 | 2024-05-08T00:28:58.361105
636 / tcp

-1420968138 | 2024-05-06T22:10:50.117680
666 / tcp

921225407 | 2024-05-11T14:51:09.234167
771 / tcp

-1888448627 | 2024-05-03T02:30:38.618855
789 / tcp

103159425 | 2024-04-25T03:10:25.966035
830 / tcp

-1970692834 | 2024-05-10T03:11:53.507405
873 / tcp

1956828827 | 2024-04-13T14:54:07.830762
902 / tcp

-936692830 | 2024-04-28T02:38:27.516273
992 / tcp

-1699556818 | 2024-04-26T16:49:05.911142
993 / tcp

-1489591880 | 2024-05-04T04:58:14.625569
995 / tcp

1632932802 | 2024-05-07T17:50:17.197193
1023 / tcp

-1316491703 | 2024-05-12T00:18:54.188476
1024 / tcp

-339084706 | 2024-05-03T12:47:23.787067
1025 / tcp

-1399940268 | 2024-04-27T03:56:48.755978
1099 / tcp

-1986594217 | 2024-05-01T20:56:16.387564
1153 / tcp

2087396567 | 2024-04-30T17:00:02.837281
1177 / tcp

1830697416 | 2024-05-10T04:14:02.548620
1200 / tcp

1574088840 | 2024-05-10T02:51:55.432165
1234 / tcp

2087396567 | 2024-05-05T06:36:16.343533
1337 / tcp

-1023516719 | 2024-05-09T10:33:56.769251
1400 / tcp

-325802316 | 2024-05-09T20:06:59.513523
1433 / tcp

-42767839 | 2024-05-06T21:53:24.144384
1494 / tcp

2087396567 | 2024-05-08T15:01:02.607471
1515 / tcp

-186520940 | 2024-05-11T01:44:19.761743
1521 / tcp

1332894250 | 2024-05-07T19:46:01.105872
1599 / tcp

-971970408 | 2024-05-08T13:32:46.366737
1604 / tcp

1103582599 | 2024-04-27T17:34:56.335872
1723 / tcp

-903067560 | 2024-04-28T03:52:26.646625
1800 / tcp

1642597142 | 2024-05-11T10:14:44.657136
1883 / tcp

-1327660293 | 2024-05-06T09:02:03.435310
1911 / tcp

2087396567 | 2024-04-24T12:28:11.003609
1926 / tcp

1830697416 | 2024-04-30T12:20:50.261590
1962 / tcp

1911457608 | 2024-05-09T15:44:05.906626
2000 / tcp

-358801646 | 2024-05-09T14:01:05.628582
2002 / tcp

-1399940268 | 2024-04-27T03:11:53.725621
2006 / tcp

401555314 | 2024-05-10T07:24:59.783493
2008 / tcp