GeneralInformation

Hostnames	18026237757.1688.com jhdz18664135873.1688.com jingyonnjnj.1688.com jvtenghvi.1688.com nojj.1688.com shjonso.1688.com shog637356dv869h0.1688.com shop84659y5567125.1688.com svdor.1688.com afc.alibaba-inc.com anns-serviae.ojibobo-ina.aon.alibaba-inc.com oji-ndn.ojibobo-ina.aon.alibaba-inc.com san-ogi.ojibobo-ina.aon.alibaba-inc.com troae2.sn.ojibobo-ina.aon.alibaba-inc.com ahonnej.oxs.tesjo.ojibobo-ina.aon.alibaba-inc.com whitewalkers.alibaba-inc.com 08dong.bjog.ahino.alibaba.com btaorogjost.en.alibaba.com filebroker-lzd-id.alibaba.com fito.alibaba.com knsbvijd.fn.alibaba.com jobs.rmap.alibaba.net hanhenthh.aliexpress.com ckmonitor.alimama.com cicmav.aliwork.com goocan.aliwork.com orns-gortioj-an-hongzhov.as.ojiyvn-ina.aon.aliyun-inc.com bidding.devoto.ojiyvn-ina.aon.aliyun-inc.com viger.ojiyvn-ina.aon.aliyun-inc.com aliyun.com 107.aliyun.com 27home.aliyun.com adcluster.aliyun.com batit.aliyun.com bjcyhy.aliyun.com edas-internal-ap-southeast-1.aliyun.com 10101979.fm.aliyun.com fpfx3f.aliyun.com mxjinpu.aliyun.com netriahvb-an-shenzhen.aliyun.com os.aliyun.com passport.aliyun.com pre-sp-doorkeeper.aliyun.com repo.aliyun.com shop1468860913243.aliyun.com shop36904827.aliyun.com shop428746655.aliyun.com cloud.video.aliyun.com jdsdts.world.aliyun.com xnet2-terminator.aliyun.com vga-shore.an-qingdoo.aliyuncs.com ecm.cn-shanghai.aliyuncs.com dionond-inner.aliyuncs.com ogisgea-shore.aliyuncs.com cn-beijing.oss.aliyuncs.com fui.amap.com ae-wms.sg.cainiao.com oa.capinfo.com.cn www.cfradio.cn acs-m.confong.cn app118505.eapps.dingtalkcloud.com app16962.eapps.dingtalkcloud.com app4860.eapps.dingtalkcloud.com app58920.eapps.dingtalkcloud.com wwwsigned.faas.ele.me lpdv5.ele.me g-acs.m.goofish.com passport.hemarket.cn sellercenter-sg.lazada-seller.cn member-p.lazada.co.id s360.lazada.com eco-acc.lazada.com.my c.lazada.com.ph mail.porsche-wenzhou-binhai.com partners-api.redmart.com bata.carie.saee.org.cn bata.pop.saee.org.cn stars.shuqireader.com doshion.taobao.com fds.taobao.com qihong.taobao.com shod.re.taobao.com shog36299507.taobao.com shog36502625.taobao.com shog36910373.taobao.com shog393605640.taobao.com shop36481895.taobao.com stotvs.taobao.com edith.wapa.taobao.com scp-xunxi.taobao.net toojs.abbs.tmall.com purchase.cbbs.tmall.com genoisi.tmall.com grsr.tmall.com iflow-tb.uc.cn errlogos.umeng.com apros.yunos.com mail.zjxgchem.com
Domains	1688.com alibaba-inc.com alibaba.com alibaba.net aliexpress.com alimama.com aliwork.com aliyun-inc.com aliyun.com aliyuncs.com amap.com cainiao.com capinfo.com.cn cfradio.cn confong.cn dingtalkcloud.com ele.me goofish.com hemarket.cn lazada-seller.cn lazada.co.id lazada.com lazada.com.my lazada.com.ph porsche-wenzhou-binhai.com redmart.com saee.org.cn shuqireader.com taobao.com taobao.net tmall.com uc.cn umeng.com yunos.com zjxgchem.com
Country	China
City	Beijing
Organization	Aliyun Computing Co., LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-51767	OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
CVE-2023-51385	In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
CVE-2023-51384	In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
CVE-2023-48795	The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
CVE-2023-38408	The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
CVE-2021-41617	4.4sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
CVE-2021-36368	2.6An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.
CVE-2020-15778	6.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."
CVE-2020-14145	4.3The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
CVE-2019-6111	5.8An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
CVE-2019-6110	4.0In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
CVE-2019-6109	4.0An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
CVE-2019-16905	4.4OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.
CVE-2018-20685	2.6In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2018-15919	5.0Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'
CVE-2018-15473	5.0OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
CVE-2017-15906	5.0The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
CVE-2016-3115	6.4Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.
CVE-2016-20012	4.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product
CVE-2016-1908	9.8The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
CVE-2016-10708	7.5sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
CVE-2016-10012	7.8The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.
CVE-2016-10011	5.5authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
CVE-2016-10010	7.0sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
CVE-2016-10009	7.3Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
CVE-2016-0777	6.5The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
CVE-2015-6564	Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.
CVE-2015-6563	The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.
CVE-2015-5600	The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.
CVE-2015-5352	The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.
CVE-2014-2653	The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
CVE-2014-2532	4.9sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
CVE-2014-1692	The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.
CVE-2012-0814	The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
CVE-2011-5000	The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
CVE-2011-4327	ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
CVE-2010-5107	The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
CVE-2010-4755	The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
CVE-2010-4478	OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
CVE-2008-3844	9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
CVE-2007-2768	4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 15 17 19 20 21 22 23 25 37 43 49 53 70 79 80 86 102 104 111 113 119 135 143 175 179 195 221 264 311 389 427 443 444 465 502 515 548 554 593 631 771 789 873 880 992 993 995 1023 1025 1080 1099 1153 1177 1200 1234 1250 1311 1337 1433 1471 1494 1515 1521 1599 1604 1723 1800 1801 1833 1883 1911 1926 1947 1962 2000 2002 2008 2021 2052 2053 2060 2063 2067 2068 2081 2083 2086 2087 2095 2121 2154 2181 2222 2233 2323 2332 2345 2376 2404 2455 2548 2549 2628 2761 2762 2985 3001 3050 3053 3056 3071 3088 3100 3106 3129 3200 3268 3269 3299 3301 3306 3337 3388 3389 3503 3551 3556 3557 3566 3568 3569 3689 3690 3749 3780 4000 4022 4063 4064 4100 4242 4282 4321 4369 4433 4443 4444 4500 4506 4550 4786 4840 4899 4911 5006 5007 5009 5010 5025 5172 5201 5222 5269 5400 5432 5590 5597 5603 5858 5938 5984 5985 5986 6001 6002 6080 6102 6264 6379 6464 6550 6633 6666 6667 7001 7090 7171 7218 7415 7434 7443 7548 7634 7700 7989 8001 8009 8010 8017 8039 8051 8056 8058 8069 8081 8083 8087 8088 8089 8090 8099 8105 8118 8139 8140 8200 8239 8291 8333 8404 8408 8416 8423 8432 8442 8448 8500 8545 8554 8575 8637 8649 8728 8787 8788 8812 8834 8835 8847 8849 8852 8866 8871 8889 9000 9001 9002 9003 9024 9027 9028 9042 9043 9045 9051 9091 9092 9095 9099 9100 9151 9160 9206 9207 9213 9215 9306 9418 9443 9527 9530 9606 9633 9761 9876 9943 9981 9988 9998 9999 10001 10134 10250 10443 10554 10909 10911 11000 11210 11211 11300 11434 12000 12345 13443 14147 14344 16993 18081 18245 18553 19000 20000 20256 20547 21025 21379 22443 25001 25565 27015 27017 28015 28080 30002 30003 31337 32400 32764 33060 37215 37777 41800 44158 44818 47990 48226 50000 50100 52869 54138 55000 55443 55554 60030 60129 61613 61616 62078

1261582754 | 2024-04-15T04:26:26.613071

11 / tcp

unknown command 
unknown command

-1036370807 | 2024-04-08T20:10:30.654014

13 / tcp

JDWP-Handshake

-1733645023 | 2024-04-10T00:00:59.609574

15 / tcp

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

268196945 | 2024-04-11T21:09:20.138176

17 / tcp

AB\x01

676476721 | 2024-04-15T21:56:00.529860

19 / tcp

ELM Enterprise Manager _l
Copyright © 18668511-928641920 TNT Software, Inc.

1632932802 | 2024-04-09T22:32:16.280100

20 / tcp

1210838212 | 2024-04-18T01:59:05.181611

21 / tcp

220 DiskStation FTP server ready.

210087843 | 2024-04-18T00:07:31.058742

22 / tcp

SSH-1.99-RGOS_SSH\r\n

460589547 | 2024-04-17T22:23:21.292554

23 / tcp

ZyXEL VDSL Router

-1986594217 | 2024-04-19T03:04:08.674584

25 / tcp

"AP0F1D85"\r\nConnection: close\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR

-886440009 | 2024-04-18T23:54:01.401464

37 / tcp

\\xeb\\xd1~B

117101543 | 2024-04-08T21:01:38.258647

43 / tcp

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

1160472910 | 2024-04-17T15:18:20.424434

49 / tcp

\xc2\xa5A\\x01,\\x02L\\x08Connectx\\x0857222

1024248778 | 2024-04-09T11:52:55.786577

53 / tcp

9
\x81\x80\x00\x01\x00\x02\x00\x00\x00\x00\x08clients1\x06google\x03com\x00\x00\x01\x00\x01\xc0\x00\x05\x00\x01\x00\x00\x00\xbd\x00\x07clients\x01l\xc0\x15\xc01\x00\x01\x00\x01\x00\x00\x00\xa2\x00\x04\xac٣.
\x00\x06\x85\x80\x00\x01\x00\x01\x00\x00\x00

-1056270173 | 2024-03-22T19:40:46.369031

70 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close

-1264324149 | 2024-04-17T23:15:19.584294

79 / tcp

Siemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready
ÿû\x01ÿû\x03ÿý\x01ÿþ\x01Username:

-625912760 | 2024-04-13T06:36:36.477114

80 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Sat, 13 Apr 2024 06:36:36 GMT
Content-Type: application/xml
Content-Length: 346
Connection: keep-alive
x-oss-request-id: 661A27F4818C7A30370FCAA7
x-oss-server-time: 1
x-oss-ec: 0003-00001201

-1399940268 | 2024-04-18T01:45:19.757388

86 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1139539254 | 2024-03-26T23:02:26.040637

102 / tcp

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

410249975 | 2024-04-18T08:59:49.968310

104 / tcp

LNS READY<>

-1327660293 | 2024-04-04T01:15:20.621062

111 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

-414819019 | 2024-04-16T01:33:29.300259

113 / tcp

HTTP/1.1 200 OK
Content-type: text/html
Connection: close

141730637 | 2024-04-11T19:52:15.529818

119 / tcp

HTTP/1.0 200 OK
Server: Proxy

1302177452 | 2024-04-17T00:04:07.754389

135 / tcp

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: Lou\n IP2: 192.168.5.66\n IP3: 240e:381:1b0a:900:40eb:cce6:2dc1:4045\n IP4: 240e:381:1b0a:900:504f:3a1f:a682:9ab5\n IP5: 240e:381:1b0a:900::2e6\n\nNTLMSSP:\nTarget_Name: LOU\nProduct_Version: 10.0.22621 Ntlm 15\nOS: Windows 11, Version 22H2\nNetBIOS_Domain_Name: LOU\nNetBIOS_Computer_Name: LOU\nDNS_Domain_Name: Lou\nDNS_Computer_Name: Lou\nMsvAvFlags: 01000000\nSystem_Time: 2024-01-22 04:06:53 +0000 UTC\n\nDCE

-382990917 | 2024-03-28T03:22:24.657334

143 / tcp

* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.\r\n

-1399940268 | 2024-04-18T23:00:39.659880

175 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-399606100 | 2024-04-12T19:14:01.123160

179 / tcp

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

-754988795 | 2024-04-11T12:25:36.293643

195 / tcp

[výC

165188539 | 2024-04-13T01:22:06.290152

221 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1180827859 | 2024-04-17T02:31:39.410310

264 / tcp

CheckPoint\nFirewall Host: SKIET_LIBS1_INT_FW_SG5400_1\nSmartCenter Host: SKIET_LIBS1_MGMT_FW_NGSM10..umxpwy\\x00\n

-1547976805 | 2024-03-23T10:50:15.682251

311 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: close

-1907080992 | 2024-04-19T08:19:47.945226

389 / tcp

0\x0c\\x02\\x01\\x01a\\x07\n\\x01\\x00\\x04\\x00\\x04\\x00

1327409218 | 2024-04-15T04:44:46.025024

427 / tcp

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://localhost.localdomain\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:VMwareInfrastructure\n\nResponse of service:VMwareInfrastructure SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:VMwareInfrastructure://localhost.localdomain\n\n\nResponse of service:VMwareInfrastructure AttrRqst:\nVersion: 2\nFunction: Attribute Reply (7)\nErrorCode: SUCCESS (0

-1746241814 | 2024-04-14T16:01:22.324649

443 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Sun, 14 Apr 2024 16:01:22 GMT
Content-Type: application/xml
Content-Length: 346
Connection: keep-alive
x-oss-request-id: 661BFDD2921FBB303339660E
x-oss-server-time: 0
x-oss-ec: 0003-00001201

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:c2:fa:4a:79:04:be:34:6d:b7:91:6b
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: Feb 18 11:45:02 2024 GMT
            Not After : Oct 15 03:16:01 2024 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=cn-beijing.oss.aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:cb:fd:cb:7f:5f:49:ee:e8:d9:d0:d6:53:d0:a5:
                    88:fd:fc:56:3c:06:76:2d:ad:ee:c9:65:e1:8c:fd:
                    ee:ef:a1:a2:34:db:d3:65:1e:4a:9c:f7:9d:a6:ad:
                    fa:a7:b3:1a:8b:45:f7:13:2a:26:24:9c:50:28:92:
                    25:54:45:fc:d2:2e:17:7d:c1:47:45:a1:39:bf:ce:
                    7e:f2:8b:d7:69:2c:b6:94:3f:5c:fc:a9:6e:c3:bd:
                    a5:a9:f3:6e:65:55:50:ba:b2:8a:df:ee:e9:50:a7:
                    81:b5:5f:3a:96:f9:74:c3:8a:54:51:d7:eb:02:1c:
                    58:33:e6:a0:ea:12:10:52:63:c9:df:03:84:cf:a3:
                    15:9c:50:7b:5e:6e:42:0f:3d:bd:33:3c:f6:6a:eb:
                    be:30:24:30:72:cb:84:a8:e9:17:aa:6a:45:f8:12:
                    c2:a1:78:0d:31:f0:45:2b:32:2f:ff:98:a3:03:a2:
                    5a:b0:8d:e2:d5:ce:e1:35:56:0b:0a:f8:11:bf:18:
                    44:f7:b8:7b:a0:a0:eb:1d:8d:cf:e8:cc:cf:c4:c5:
                    54:69:59:53:e1:ee:51:79:04:67:86:cf:8b:e5:c6:
                    88:a8:cc:9e:61:75:91:90:b5:8a:af:4c:a2:8d:57:
                    14:8a:f6:54:fb:1e:71:e5:09:e3:0a:12:df:34:8d:
                    d5:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
            X509v3 Subject Alternative Name: 
                DNS:cn-beijing.oss.aliyuncs.com, DNS:*.cn-beijing.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-beijing.aliyuncs.com, DNS:*.s3.oss-cn-beijing-internal.aliyuncs.com, DNS:*.cn-beijing.mgw.aliyuncs.com, DNS:*.oss.cn-beijing.privatelink.aliyuncs.com, DNS:*.oss-cn-beijing.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-object-process.aliyuncs.com, DNS:*.oss-cn-beijing.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing-internal.oss-accesspoint.aliyuncs.com, DNS:*.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-beijing.aliyuncs.com, DNS:*.img-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-internal-cross.aliyuncs.com, DNS:*.oss-cn-beijing-internal.aliyuncs.com, DNS:*.oss-cn-beijing-cross.aliyuncs.com, DNS:*.img-cn-beijing.aliyuncs.com, DNS:*.vpc100-oss-cn-beijing.aliyuncs.com, DNS:*.cn-beijing.oss.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h.aliyuncs.com, DNS:*.oss-cache-cn-beijing-h-cross.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-pub.aliyuncs.com, DNS:*.cn-beijing-finance.oss.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1-internal.aliyuncs.com, DNS:*.oss-cn-beijing-finance-1.aliyuncs.com, DNS:*.cn-beijing-finance-1.oss.aliyuncs.com, DNS:*.cn-beijing-vpc.oss.aliyuncs.com, DNS:*.oss-enet-cm.aliyuncs.com, DNS:*.oss-enet-cu.aliyuncs.com, DNS:*.oss-enet-ct.aliyuncs.com, DNS:*.oss-enet-cn-north.aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.oss-enet.aliyuncs.com, DNS:*.oss-internal.aliyuncs.com, DNS:*.oss-internal.aliyun-inc.com, DNS:*.oss-accelerate.aliyuncs.com, DNS:*.oss-accelerate-overseas.aliyuncs.com, DNS:*.s3.oss-accelerate.aliyuncs.com, DNS:*.s3.oss-accelerate-overseas.aliyuncs.com, DNS:*.cn-beijing-cross.mgw.aliyuncs.com, DNS:*.oss.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            X509v3 Subject Key Identifier: 
                C1:58:AC:32:69:71:BB:67:42:6C:42:FE:14:E5:57:72:91:C1:82:D6
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Feb 18 11:45:04.957 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:15:EB:B8:83:D7:F7:A8:EA:1C:1D:44:69:
                                0D:C2:0C:E6:46:F3:EA:4D:D4:BA:C1:F1:33:E5:11:01:
                                3F:3A:60:1F:02:21:00:F9:E3:AA:10:52:02:17:D8:C9:
                                82:69:E9:8F:02:B9:E4:87:FD:81:43:CE:C5:3F:1E:8E:
                                3B:D2:A2:8F:D6:D8:B0
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Feb 18 11:45:04.981 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:83:A9:BA:8E:BC:5C:65:C7:88:3F:9A:
                                1C:0A:68:2A:7B:FE:05:7E:89:8E:C1:AB:BA:6A:D4:41:
                                EF:3D:31:99:EE:02:20:04:46:7E:3B:0A:E2:A2:6F:6B:
                                81:66:9A:A1:A3:D7:9C:5E:BF:EA:7E:1F:D6:F9:28:17:
                                D6:E5:CA:A9:B7:0D:63
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Feb 18 11:45:04.953 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:E2:B8:E4:4E:C3:59:23:E0:DB:E4:31:
                                DA:74:71:16:E3:26:46:8F:CA:EB:B2:3F:8D:0B:2F:0D:
                                EF:0A:DA:39:98:02:20:3D:8B:BE:C4:24:72:BE:51:B0:
                                B0:C1:B7:90:B3:9E:C8:F8:75:8C:0D:12:5A:12:87:6E:
                                71:52:1D:BE:A8:3B:96
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        14:86:2a:78:c4:ab:69:86:d0:b2:ec:6c:bf:6f:33:ac:c1:d8:
        18:c7:3e:da:d9:ca:01:a5:54:67:a8:fb:7d:41:6b:f5:9e:ea:
        e3:98:63:ee:3e:b8:87:69:3a:98:8d:dc:62:af:02:c3:0a:b4:
        75:52:90:7e:ae:18:1b:5e:88:27:69:de:15:c1:76:37:96:3b:
        db:c4:ac:43:0b:5b:36:fb:62:b3:d7:8c:66:8f:d3:da:b4:6b:
        86:f5:c6:02:06:3d:dd:5b:01:99:a8:74:7f:af:c3:9c:bb:d6:
        9d:98:cb:3c:3d:12:6e:b1:53:29:1d:6d:a7:0f:4c:82:f7:84:
        4f:57:15:9c:9b:a5:91:4b:1d:33:55:c8:f5:06:7d:74:92:63:
        5c:a8:33:ea:25:43:5d:08:10:87:94:a9:92:b3:13:d2:ce:8d:
        6d:8f:31:ac:5d:06:b9:eb:f7:e1:a7:36:4f:14:4e:3e:a4:e6:
        d2:4d:f8:74:a8:62:a4:84:4a:04:7e:c4:6e:b4:84:83:2c:cc:
        c3:ff:54:0d:9c:3c:8b:5a:22:af:12:b5:7d:e6:24:9d:f5:a6:
        28:60:8b:ff:f2:ce:62:85:c3:4a:a8:40:29:85:07:2e:0b:a4:
        c1:d0:dc:23:02:f4:24:1d:f5:84:c8:73:3e:bf:f9:3d:63:06:
        9f:10:1b:e8

1880683805 | 2024-04-14T18:54:12.504637

444 / tcp

ÿ

897328069 | 2024-04-13T22:13:38.817919

465 / tcp

220 mail.scott000.com ESMTP

921225407 | 2024-03-28T04:17:38.402947

502 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

1690634669 | 2024-04-18T02:51:02.661125

515 / tcp

1801869778 | 2024-04-09T08:45:47.617841

548 / tcp

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: DS1019Plus\nMachine Type: \rNetatalk3.1.8\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: Cleartxt Passwrd\\x04,DHX2\t,DHCAST128\\x00\nServer Signature: 00000000008002000180030002800280

448214121 | 2024-04-08T11:41:25.615239

554 / tcp

RTSP/1.0 200 OK
Server: TVT RTSP Server/1.0.0
CSeq: 1
Public: OPTIONS, DESCRIBE, SETUP, TEARDOWN, PLAY, GET_PARAMETER, SET_PARAMETER

1308377066 | 2024-04-17T05:59:15.474243

593 / tcp

ncacn_http/1.0

-1316491703 | 2024-04-13T16:48:30.714497

631 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready

1911457608 | 2024-04-04T14:15:15.161852

771 / tcp

\x00[\x00\x00\x00\x00\x00\x00

819727972 | 2024-04-19T04:28:14.281065

789 / tcp

SSH-2.0-OpenSSH_7.4

-1970692834 | 2024-04-12T07:18:32.163318

873 / tcp

@RSYNCD: 31.0\n@RSYNCD: EXIT\n

-1256415508 | 2024-04-04T20:43:03.420444

880 / tcp

HTTP/1.1 404 Not Found
Server: TornadoServer/6.1
Content-Type: text/html; charset=UTF-8

-936692830 | 2024-04-08T21:51:39.438412

992 / tcp

HTTP/1.1 202 OK
Connection: Keep-Alive
Content-Type: text/html
Keep-Alive: timeout=15; max=19

669849225 | 2024-04-04T07:02:40.315972

993 / tcp

SSH-98.60-SysaxSSH_81885..42\r\n

-1199842642 | 2024-04-05T12:39:23.972533

995 / tcp

+OK Welcome to RaidenMAILD POP3 SSL service v4902, Mon, 22 Jan 2024 14:24:46 +0800, (C)2001-2023 <1044592421@raidenmaild>\r\n

751496153 | 2024-04-09T03:49:30.057961

1023 / tcp

* OK TeamXchange IMAP4rev1 server (otyUg) ready.

-2033111675 | 2024-04-11T11:30:38.961042

1025 / tcp

~djb

1362344524 | 2024-03-25T16:34:39.467215

1080 / tcp

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7

165188539 | 2024-04-09T15:14:03.063278

1099 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-784071826 | 2024-04-17T23:25:04.732201

1153 / tcp

SSH-2.0-OpenSSH_8.0

-971970408 | 2024-04-19T08:10:38.169618

1177 / tcp

-441419608 | 2024-04-19T21:20:31.076116

1200 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

-1399940268 | 2024-04-13T02:46:45.268390

1234 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

103159425 | 2024-04-17T03:23:57.965022

1250 / tcp

SSH-1.99-RGOS_SSH

1852418385 | 2024-04-10T12:25:19.738038

1311 / tcp

RTSP/1.0 453 Not Enough Bandwidth
Server: AirTunes/7l_wZ

171352214 | 2024-04-15T04:18:24.183021

1337 / tcp

-ERR client ip is not in whitelist

555056254 | 2024-04-15T19:28:14.214321

1433 / tcp

MSSQL Server\nVersion: 171050560 (0xa320640)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: 3NXCU7QCCJGSTII\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: 3NXCU7QCCJGSTII\nNetBIOS_Computer_Name: 3NXCU7QCCJGSTII\nDNS_Domain_Name: 3NXCU7QCCJGSTII\nDNS_Computer_Name: 3NXCU7QCCJGSTII\nMsvAvFlags: 01000000\nSystem_Time: 2024-01-22 01:19:47 +0000 UTC\n\n

660175493 | 2024-04-08T10:21:12.970019

1471 / tcp

-1049213899 | 2024-03-27T03:28:40.027308

1494 / tcp

\\x7f\\x7fICA

-971970408 | 2024-04-16T19:06:37.955554

1515 / tcp

-541815454 | 2024-04-11T04:57:14.288422

1521 / tcp

Version:11.2.0.1.0\n"\\x00\\x00Y(DESCRIPTION=(TMP=)(VSNNUM=186646784)(ERR=1189)(ERROR_STACK=(ERROR=(CODE=1189)(EMFI=4))))

2087396567 | 2024-04-17T12:58:49.942545

1599 / tcp

kjnkjabhbanc283ubcsbhdc72

2087396567 | 2024-03-28T08:06:19.599925

1604 / tcp

kjnkjabhbanc283ubcsbhdc72

1103582599 | 2024-04-09T05:14:33.494952

1723 / tcp

Firmware: 1\nHostname: Vigor\nVendor: DrayTek\n

-980525298 | 2024-04-14T17:37:19.173976

1800 / tcp

\x01\x00\x00\x00\n\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1266492139 | 2024-04-18T20:37:03.784220

1801 / tcp

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074q\\xc0\\x86\xd9\xb0\\xc1hG\\xbf\\xbd\\x9f\\x89tx%\\x8892d3\\x10\\x03\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

-1598265216 | 2024-04-14T07:28:48.773693

1833 / tcp

@RSYNCD: 31.0

808560482 | 2024-04-17T05:47:48.320295

1883 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP
 : USERID : UNIX : Cr8

-616720387 | 2024-04-17T07:45:16.582428

1911 / tcp

SSH-2.0-SSHD_0.7.6

-786044033 | 2024-04-02T23:02:39.287730

1926 / tcp

OK Welcome <299685> on DirectUpdate server 7286

-1435414831 | 2024-03-21T18:05:20.006132

1947 / tcp

roku: ready\r\n

-1399940268 | 2024-04-13T18:32:59.454776

1962 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1730858130 | 2024-04-04T21:19:36.346399

2000 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

819727972 | 2024-04-14T02:25:12.029240

2002 / tcp

SSH-2.0-OpenSSH_7.4

2087396567 | 2024-04-11T00:34:24.833484

2008 / tcp

kjnkjabhbanc283ubcsbhdc72

-891714208 | 2024-04-20T11:54:08.555818

2021 / tcp

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

-1399940268 | 2024-04-14T20:08:08.458786

2052 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1327660293 | 2024-04-08T07:57:30.806003

2053 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

-1399940268 | 2024-04-18T01:36:50.216732

2060 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-136006866 | 2024-04-12T10:27:47.784430

2063 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

1126993057 | 2024-04-18T14:42:42.568660

2067 / tcp

* OK [CAPABILITY a2,M\\] nBwXk2pPP IMAP4rev1 20qx at

-42767839 | 2024-04-09T00:54:06.476494

2068 / tcp

RFB 005.000

VNC:
  Protocol Version: 5.0

334289483 | 2024-04-20T03:52:47.789718

2081 / tcp

Invalid request string: Request string is: "\r"

-971970408 | 2024-04-09T23:21:11.501469

2083 / tcp

2033888749 | 2024-04-15T18:44:22.611429

2086 / tcp

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

819727972 | 2024-04-15T16:03:34.684165

2087 / tcp

SSH-2.0-OpenSSH_7.4

-1947777893 | 2024-03-22T03:20:38.463617

2095 / tcp

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

141730637 | 2024-04-09T15:50:47.236572

2121 / tcp

HTTP/1.0 200 OK
Server: Proxy

-971970408 | 2024-04-17T05:10:29.905355

2154 / tcp

546151771 | 2024-04-02T17:58:43.774932

2181 / tcp

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

-1152923582 | 2024-04-14T11:01:08.340203

2222 / tcp

SSH-2.0-dropbear\r\n\\x00\\x00\\x01\\x84\\x07\\x14\\x82q\\xf3\\x1aG*9\\xe9\\xf7O\xc9\xad#\\xbbpG\\x00\\x00\\x00\\x82curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,kexguess2@matt.ucc.asn.au\\x00\\x00\\x00 ssh-ed25519,rsa-sha2-256,ssh-rsa\\x00\\x00\\x003chacha20-poly1305@openssh.com,aes128-ctr,aes256-ctr\\x00\\x00\\x003chacha20-poly1305@openssh.com,aes128-ctr,aes256-ctr\\x00\\x00\\x00\\x17hmac-sha1,hmac-sha2-256\\x00\\x00\\x00\\x17hmac-sha1,hmac-sha2-256\\x00\\x00\\x00\\x04none\\x00\\x00\\x00\\x04non

671605376 | 2024-04-09T03:46:39.979142

2233 / tcp

SSH-2.0-OpenSSH_X.X

1662205251 | 2024-04-16T09:38:45.282903

2323 / tcp

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

1887224352 | 2024-04-18T04:40:58.143550

2332 / tcp

1911457608 | 2024-04-03T18:17:52.407308

2345 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1392039491 | 2024-04-14T20:13:29.954765

2376 / tcp

"Broadband Router"

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

740837454 | 2024-04-13T02:29:18.030680

2404 / tcp

SSH-2.0-OpenSSH_5.3

1308377066 | 2024-04-12T16:43:50.967574

2455 / tcp

ncacn_http/1.0

1332894250 | 2024-04-12T00:44:03.650600

2548 / tcp

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

921225407 | 2024-04-01T13:25:32.713246

2549 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

550048729 | 2024-04-01T06:08:41.217244

2628 / tcp

ÿÿÿ
0 ...

-1399940268 | 2024-04-09T22:25:15.964727

2761 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-04-12T10:11:26.858749

2762 / tcp

SSH-2.0-OpenSSH_7.4

-1730858130 | 2024-04-14T14:45:43.357462

2985 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-1399940268 | 2024-04-19T02:05:15.996034

3001 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-2096652808 | 2024-04-19T19:07:22.217824

3050 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1615193817 | 2024-04-17T06:40:26.838732

3053 / tcp

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

1911457608 | 2024-04-01T20:30:06.505006

3056 / tcp

\x00[\x00\x00\x00\x00\x00\x00

198844676 | 2024-04-08T09:17:53.548230

3071 / tcp

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

819727972 | 2024-04-10T04:17:10.960876

3088 / tcp

SSH-2.0-OpenSSH_7.4

-1611764932 | 2024-04-09T00:12:25.761790

3100 / tcp

\x03\x00\x00\x10\x08\x02\xc2\x80\x00}\x08\x02\xc2\x80\xc3\xa2\x14\x01\x00

-1399940268 | 2024-04-16T15:26:56.176455

3106 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-04-10T01:15:08.258723

3129 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-04-09T21:54:31.699270

3200 / tcp

SSH-2.0-OpenSSH_7.4

-2031078612 | 2024-04-11T09:08:01.552008

3268 / tcp

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: http://proxy.ces.org.tw:3000/login?url=http%3A%2F%2Floginbyurl.wanfangdata.com.cn%2F

1911457608 | 2024-04-14T18:39:54.333344

3269 / tcp

\x00[\x00\x00\x00\x00\x00\x00

819727972 | 2024-04-04T21:43:44.122478

3299 / tcp

SSH-2.0-OpenSSH_7.4

-2089734047 | 2024-04-10T14:13:20.218846

3301 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

849822411 | 2024-04-08T22:21:30.800436

3306 / tcp

Mysql Version: 5.7.44-log \r\nN\\x00\\x00\\x00\n5.7.44-log\\x00s/\\x06\\x00(o>\\x1c`\\x18*a\\x00\\xff\\xff-\\x02\\x00\\xff\\xc1\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00fFU\\x07_\\x1ay\\x14i}\\x02E\\x00mysql_native_password\\x00

-1059554316 | 2024-03-25T22:43:42.240542

3337 / tcp

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

-1648456501 | 2024-04-12T01:15:24.896857

3388 / tcp

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

848680996 | 2024-04-16T02:57:55.728557

3389 / tcp

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x02\t\\x08\\x00\\x02\\x00\\x00\\x00\n\nFlag: PROTOCOL_HYBRID\nTarget_Name: WINCTYU-KTI28LG\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: WINCTYU-KTI28LG\nNetBIOS_Computer_Name: WINCTYU-KTI28LG\nDNS_Domain_Name: WINCTYU-KTI28LG\nDNS_Computer_Name: WINCTYU-KTI28LG\nSystem_Time: 2024-01-22 08:43:05 +0000 UTC\n\n

1210754493 | 2024-04-04T19:15:32.994444

3503 / tcp

0\x0c\x02\x01\x01a\x07\n\x01\x00\x04\x00\x04\x00

198844676 | 2024-04-18T01:49:53.924898

3551 / tcp

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

-2096652808 | 2024-03-24T04:26:57.839987

3556 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-358707605 | 2024-04-18T19:23:25.992747

3557 / tcp

HTTP/1.1 200
Accept-Ranges: bytes
Content-Type: text/html;charset=UTF-8
Content-Length: 391
Connect-To: https://qd-gatway.aliyuncs.com/table/tree-land/nacos/

<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="UTF-8">
	<title>Nacos</title>
	<link rel="shortcut icon" href="/nacos/console-ui/public/img/nacos-logo.png" type="image/x-icon">

<link href="./css/main.css" rel="stylesheet"></head>
<body>
	<div id="root" style="overflow:hidden"></div>
	<div id="app"></div>
	<div id="other"></div>

</body>

-1399940268 | 2024-04-17T08:03:37.783175

3566 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

205347087 | 2024-03-29T19:05:40.678349

3568 / tcp

SSH-25453-Cisco-3524665.35\n

-1399940268 | 2024-04-02T01:03:39.080526

3569 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

808560482 | 2024-04-13T16:04:36.806023

3689 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP
 : USERID : UNIX : Cr8

-891714208 | 2024-04-13T23:53:16.734293

3690 / tcp

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

89282912 | 2024-04-15T09:10:28.031232

3749 / tcp

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto
col:SOAP, MKSDisplayProtocol:VNC , ,

-1428621233 | 2024-04-14T22:23:17.312926

3780 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

-801484042 | 2024-04-03T20:48:06.785732

4000 / tcp

ERR 27

-784071826 | 2024-04-17T02:12:27.309891

4022 / tcp

SSH-2.0-OpenSSH_8.0

-786044033 | 2024-04-03T00:20:58.079593

4063 / tcp

OK Welcome <299685> on DirectUpdate server 7286

1911457608 | 2024-04-03T14:33:57.909202

4064 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1013082686 | 2024-04-12T08:09:29.197632

4100 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

-1879056922 | 2024-04-15T09:15:00.745217

4242 / tcp

HTTP/1.1 403 Forbidden
Server: Apache/2.4.41 (Unix) OpenSSL/1.1.1d TST PHP/7.3.11
Content-Type: text/plain; charset=utf-8
Connection: close

366084633 | 2024-04-17T04:10:23.384717

4282 / tcp

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

-1250504565 | 2024-04-17T00:03:21.390065

4321 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

-1399940268 | 2024-04-19T09:12:56.024130

4369 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-653033013 | 2024-03-21T16:34:55.807466

4433 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

285437346 | 2024-04-11T17:24:48.666626

4443 / tcp

HTTP/1.1 200 OK
Content-Type: text/xml
X-Transcend-Version: 1
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Frame-Options: deny
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
Clear-Site-Data: "cache","cookies","storage"
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
X-XSS-Protection: 0

1911457608 | 2024-04-14T20:40:09.668871

4444 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-04-05T02:17:47.557798

4500 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

550048729 | 2024-04-09T20:46:01.321268

4506 / tcp

ÿÿÿ
0 ...

-1153110624 | 2024-03-21T22:48:34.507319

4550 / tcp

\\xfc!\\x00\\x00

1911457608 | 2024-04-05T20:21:50.012559

4786 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1332894250 | 2024-03-23T19:09:09.033443

4840 / tcp

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

819727972 | 2024-04-19T10:04:37.784708

4899 / tcp

SSH-2.0-OpenSSH_7.4

-1399940268 | 2024-04-04T13:42:38.664585

4911 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1741579575 | 2024-03-27T09:36:53.287958

5006 / tcp

1911457608 | 2024-04-09T22:33:27.146240

5007 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1338936697 | 2024-04-10T01:06:11.177834

5009 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2109_PStjdxtk16_38957-48596

-2089734047 | 2024-04-01T11:18:54.214186

5010 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-971970408 | 2024-04-19T04:13:08.862813

5025 / tcp

-971970408 | 2024-03-26T13:37:21.388769

5172 / tcp

1911457608 | 2024-04-18T00:26:13.062469

5201 / tcp

\x00[\x00\x00\x00\x00\x00\x00

2087396567 | 2024-04-14T07:39:47.405228

5222 / tcp

kjnkjabhbanc283ubcsbhdc72

-1854630806 | 2024-04-18T02:44:18.982795

5269 / tcp

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705937491.237-w-waf01tjgt

2063598737 | 2024-04-18T02:37:33.777295

5400 / tcp

/0 0 L\r\n/0 0 HUH\r\n

1212285915 | 2024-04-19T20:13:08.986490

5432 / tcp

\x00K\x00\x00\x02\x00\x00\x00%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

-1327660293 | 2024-04-14T12:29:07.942074

5590 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

-1888448627 | 2024-04-16T19:15:29.755019

5597 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1911457608 | 2024-03-31T08:24:20.825975

5603 / tcp

\x00[\x00\x00\x00\x00\x00\x00

2087396567 | 2024-04-16T12:15:53.777606

5858 / tcp

kjnkjabhbanc283ubcsbhdc72

-792826324 | 2024-04-20T06:22:50.113106

5938 / tcp

220 FTP server ready - login please

1999272906 | 2024-04-18T09:31:38.799260

5984 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

996960436 | 2024-04-02T05:07:12.352747

5985 / tcp

572 Relay not authorized

819727972 | 2024-04-15T01:34:20.929093

5986 / tcp

SSH-2.0-OpenSSH_7.4

120534451 | 2024-04-11T20:26:04.234649

6001 / tcp

X11 access denied

1830187220 | 2024-04-08T12:18:54.474970

6002 / tcp

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

201984321 | 2024-03-23T23:42:08.294157

6080 / tcp

ÿû
Welcome to NetLinx v94 Copyright AMX Corp. 34395-49007
>

945910976 | 2024-03-25T15:18:40.460279

6102 / tcp

* OK TeamXchange IMAP4rev1 server (otyUg) ready.\r\n

597764502 | 2024-04-12T03:38:37.489173

6264 / tcp

\x00[\xc2\x86\xc2\x9f\xc3\x9d\x7f\x00\x00

321971019 | 2024-03-23T15:37:27.080352

6379 / tcp

-ERR client ip is not in whitelist\r

165188539 | 2024-04-02T15:04:39.030164

6464 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

165188539 | 2024-04-12T13:43:35.541938

6550 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-136006866 | 2024-04-10T09:30:03.122544

6633 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

-365662216 | 2024-04-02T05:40:34.403632

6666 / tcp

\x05\xff

1544300041 | 2024-04-16T20:00:05.881445

6667 / tcp

SSH-25453-Cisco-3524665.35

641070437 | 2024-04-20T05:09:35.505845

7001 / tcp

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
Deny-Reason: hotload rechange server uri format error!!
Request-Id: 65ae2576b8dddc78c2c56b6d959693af

-1059554316 | 2024-03-21T23:50:45.694552

7090 / tcp

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

-1641514916 | 2024-04-08T11:48:52.544046

7171 / tcp

* OK Merak 1dFUa2 IMAP4rev1

1632932802 | 2024-04-11T01:53:20.786055

7218 / tcp

321971019 | 2024-04-18T19:50:32.264638

7415 / tcp

-ERR client ip is not in whitelist\r

1077013874 | 2024-04-03T16:50:31.314258

7434 / tcp

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

1342763855 | 2024-04-18T16:56:09.604339

7443 / tcp

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
Connection: close
Server: Nginx
Expires: 0
Pragma: no-cache
Cache-Control: no-cache
X-LANG: 1
X-Timezone: 0800
X-Timestamp: 1705912071
X-Arch: x86
X-Sysbit: x64
X-Enterprise: 0
X-Support-i18n: 0
X-Support-wifi: 0
Location: /login

2087396567 | 2024-04-18T14:53:35.459242

7548 / tcp

kjnkjabhbanc283ubcsbhdc72

-1045760528 | 2024-04-16T07:56:57.654429

7634 / tcp

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

-1399940268 | 2024-03-31T18:05:57.750637

7700 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1872120160 | 2024-04-18T16:05:30.572853

7989 / tcp

">Application and Content Networking Software 3.9</a>)
</BODY><

1072892569 | 2024-04-12T05:32:11.146206

8001 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

-971970408 | 2024-04-13T07:15:06.748885

8009 / tcp

2067064333 | 2024-04-18T09:23:43.238001

8010 / tcp

athinfod: invalid query.

-2089734047 | 2024-03-22T08:57:48.118529

8017 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-03-26T06:25:20.489224

8039 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

897328069 | 2024-04-09T22:29:49.863898

8051 / tcp

220 mail.scott000.com ESMTP

2104674482 | 2024-03-22T02:42:26.236978

8056 / tcp

K\x02%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

1911457608 | 2024-04-05T03:15:08.040746

8058 / tcp

\x00[\x00\x00\x00\x00\x00\x00

873425297 | 2024-03-26T07:21:23.387250

8069 / tcp

200 NOD32SS 99 (3318497116)

-146605374 | 2024-04-19T22:11:27.210562

8081 / tcp

\x00[\xc2\x81\xc2\x8b\xc3\xa7\x7f\x00\x00

-971970408 | 2024-03-29T00:08:35.454561

8083 / tcp

-1899074860 | 2024-04-05T01:08:04.897899

8087 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00\x00\x00\n03\x00\x00\x00d\x00\x04\x00\x01\x00\x00\x00\x00\x04\x08\x00\x00\x00\n

165188539 | 2024-04-10T02:27:25.595163

8088 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

671605376 | 2024-04-10T19:23:18.494465

8089 / tcp

SSH-2.0-OpenSSH_X.X

-79865617 | 2024-04-19T05:00:15.828045

8090 / tcp

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com
mit-revprops depth log-revprops partial-replay ) ) )

-1416565584 | 2024-04-17T19:05:31.726529

8099 / tcp

HTTP/1.1 500 Internal Server Error
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Connection: close

-1888448627 | 2024-04-15T06:55:19.218318

8105 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

321971019 | 2024-04-11T22:29:10.561310

8118 / tcp

-ERR client ip is not in whitelist\r

2087396567 | 2024-04-19T10:02:30.512293

8139 / tcp

kjnkjabhbanc283ubcsbhdc72

-1230049476 | 2024-04-17T16:50:58.640257

8140 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

1320285193 | 2024-04-14T06:46:34.179581

8200 / tcp

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

320677201 | 2024-04-08T20:13:27.623632

8239 / tcp

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

632542934 | 2024-04-05T14:33:22.805211

8291 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

1335782347 | 2024-04-14T11:27:17.773343

8333 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
WZWS-RAY: 1249-1705940700.09-waf02bjtp3

1726594447 | 2024-04-15T04:49:09.958354

8404 / tcp

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

1911457608 | 2024-04-14T09:47:29.326719

8408 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1036370807 | 2024-04-13T13:51:40.054356

8416 / tcp

JDWP-Handshake

-1888448627 | 2024-04-09T19:47:32.969137

8423 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-04-09T15:14:40.660602

8432 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-358801646 | 2024-04-12T02:42:45.901234

8442 / tcp

SSH-2.0-OpenSSH_6.6.1

366084633 | 2024-03-30T00:17:08.334401

8448 / tcp

<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY><H1>Error</H1>Bad request or resource not found.</BODY></HTML>

1529351907 | 2024-04-12T19:08:27.547746

8500 / tcp

HTTP/1.1 407 OK
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

please add white ip *.*.*.*

-2096652808 | 2024-04-03T19:37:12.009071

8545 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

676476721 | 2024-04-19T04:21:02.398539

8554 / tcp

ELM Enterprise Manager _l
Copyright © 18668511-928641920 TNT Software, Inc.

504717326 | 2024-04-12T00:49:57.965990

8575 / tcp

SSH-2.0-OpenSSH_8.6

819727972 | 2024-03-28T17:39:31.342028

8637 / tcp

SSH-2.0-OpenSSH_7.4

1489954473 | 2024-03-28T03:16:21.220425

8649 / tcp

HTTP/1.1 410 Gone
Server: openresty
Transfer-Encoding: chunked
Connection: keep-alive
Via: 1.1 google

-1399940268 | 2024-04-16T00:36:42.365571

8728 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1911457608 | 2024-04-15T11:20:00.108468

8787 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1375131644 | 2024-04-13T07:38:36.675485

8788 / tcp

\x00[v\xc3\xbdC\x7f\x00\x00

15018106 | 2024-03-26T08:59:34.679929

8812 / tcp

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

2087396567 | 2024-04-17T23:04:21.811095

8834 / tcp

kjnkjabhbanc283ubcsbhdc72

921225407 | 2024-03-30T03:37:42.159973

8835 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

117101543 | 2024-03-22T16:58:03.115288

8847 / tcp

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

-1105333987 | 2024-04-15T22:05:00.158984

8849 / tcp

\x00[KpU\x7f\x00\x00

-653033013 | 2024-04-05T16:10:34.091858

8852 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

1911457608 | 2024-04-18T00:54:07.093807

8866 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-2107996212 | 2024-04-12T07:31:33.728367

8871 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

-1045760528 | 2024-04-18T20:54:11.154281

8889 / tcp

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

-2067028711 | 2024-04-08T09:10:10.300796

9000 / tcp

\x15\x03\x01\x00\x02\x02F

-1026951088 | 2024-04-03T17:13:31.290933

9001 / tcp

erro ip

474736340 | 2024-04-09T13:44:03.682205

9002 / tcp

431 Unable to negotiate secure command connection.

-1399940268 | 2024-04-14T16:58:02.239109

9003 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

820958131 | 2024-03-23T16:03:10.878287

9024 / tcp

kjnkjabhbanc283ubcsbhdc72\x02

1911457608 | 2024-04-14T23:38:05.828586

9027 / tcp

\x00[\x00\x00\x00\x00\x00\x00

820958131 | 2024-03-24T15:07:50.439476

9028 / tcp

kjnkjabhbanc283ubcsbhdc72\x02

-971970408 | 2024-03-23T21:32:22.534443

9042 / tcp

410249975 | 2024-04-18T10:35:55.567113

9043 / tcp

LNS READY<>

819727972 | 2024-03-26T01:56:50.456500

9045 / tcp

SSH-2.0-OpenSSH_7.4

1690634669 | 2024-04-19T08:00:52.188216

9051 / tcp

-2096652808 | 2024-04-01T07:24:54.724566

9091 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-2089734047 | 2024-04-16T17:20:54.560323

9092 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

171352214 | 2024-04-16T03:26:07.779782

9095 / tcp

-ERR client ip is not in whitelist

-1935084432 | 2024-04-15T12:28:37.536898

9099 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1a9e_PS-000-01POS17_13673-52973

-1059554316 | 2024-04-09T18:00:25.933785

9100 / tcp

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

819727972 | 2024-04-18T12:29:49.801750

9151 / tcp

SSH-2.0-OpenSSH_7.4

1948301213 | 2024-04-09T04:08:53.117021

9160 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

-1399940268 | 2024-04-18T18:41:37.165824

9206 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1278527606 | 2024-03-27T09:19:59.975610

9207 / tcp

SSH-2.0-Teleport

1308377066 | 2024-03-21T14:41:53.943063

9213 / tcp

ncacn_http/1.0

-1399940268 | 2024-03-25T12:28:43.032480

9215 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-04-16T17:30:27.505237

9306 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

694512854 | 2024-04-14T00:00:35.400956

9418 / tcp

220-FileZilla Server 中文版 0.9.60 beta
220-written by Tim Kosse (tim.kosse@filezilla-project.org)
220 Please visit https://filezilla-project.org/

-262660721 | 2024-04-16T14:38:51.667818

9443 / tcp

HTTP/1.1 403 Forbidden
Date: Tue, 16 Apr 2024 14:38:43 GMT
Content-Type: text/html
Content-Length: 238
Connection: keep-alive
Server: Tengine
Location: https://dataq-cn-shenzhen.console.aliyun.com
Via: cache4.cn6376[,0]

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:49:b2:86:90:3c:9b:46:7a:60:5b:87
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: May  5 06:21:16 2023 GMT
            Not After : Jun  5 06:21:15 2024 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.aliyun.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a6:ef:21:03:32:87:cf:fe:71:dd:e3:77:1a:02:
                    e4:99:61:4d:d7:0e:61:ad:0c:01:46:50:25:b8:17:
                    9e:64:9d:ae:7a:06:3d:0c:5d:15:a3:fd:38:d9:e9:
                    30:f0:ee:95:9a:39:ce:3f:f0:b6:4b:3d:c9:03:e6:
                    e2:61:a2:a5:fc:09:f5:47:8b:31:8c:14:3e:36:0e:
                    a0:8a:5d:a6:af:cb:79:6a:1b:9c:d0:31:ec:e2:e4:
                    97:6c:20:a4:d8:bb:30:38:89:67:ec:8b:96:44:e3:
                    ef:a3:49:e8:93:13:87:44:c7:11:b9:80:37:6a:74:
                    69:33:4a:0b:50:29:43:60:59:37:80:12:90:15:35:
                    52:49:30:a9:56:df:86:eb:ca:2f:d2:40:84:7c:df:
                    8f:f9:28:6b:58:b3:3b:d7:5d:3f:18:3e:b7:77:01:
                    d0:b2:76:f1:6d:52:71:17:4f:c6:a3:78:88:d5:67:
                    20:77:1d:58:34:2e:21:be:69:21:d9:85:3c:be:15:
                    88:31:e7:32:40:51:8d:0a:0b:af:76:36:b9:c6:57:
                    0b:56:7b:c9:28:0a:18:86:49:e8:d7:e0:63:e1:c6:
                    e5:5d:bc:f6:e9:b7:8c:70:b3:46:42:8a:f1:28:66:
                    7e:f6:5e:04:b4:88:bd:75:97:27:b0:d5:3f:23:c9:
                    00:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FB:43:61:72:DB:90:9F:67:07:2E:AE:74:FB:66:90:A2:E9:C4:FC:15
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            Authority Information Access: 
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
            X509v3 Subject Alternative Name: 
                DNS:*.aliyun.com, DNS:aliyun.com, DNS:doshion.taobao.com, DNS:repo.aliyun.com, DNS:toojs.abbs.tmall.com, DNS:filebroker-lzd-id.alibaba.com, DNS:27home.aliyun.com, DNS:qihong.taobao.com, DNS:troae2.sn.ojibobo-ina.aon.alibaba-inc.com, DNS:purchase.cbbs.tmall.com, DNS:shod.re.taobao.com, DNS:jobs.rmap.alibaba.net, DNS:shog36910373.taobao.com, DNS:mail.zjxgchem.com, DNS:passport.hemarket.cn, DNS:shop84659y5567125.1688.com, DNS:app118505.eapps.dingtalkcloud.com, DNS:orns-gortioj-an-hongzhov.as.ojiyvn-ina.aon.aliyun-inc.com, DNS:shop36904827.aliyun.com, DNS:goocan.aliwork.com, DNS:acs-m.confong.cn, DNS:errlogos.umeng.com, DNS:shjonso.1688.com, DNS:ae-wms.sg.cainiao.com, DNS:afc.alibaba-inc.com, DNS:san-ogi.ojibobo-ina.aon.alibaba-inc.com, DNS:fui.amap.com, DNS:whitewalkers.alibaba-inc.com, DNS:bidding.devoto.ojiyvn-ina.aon.aliyun-inc.com, DNS:pre-sp-doorkeeper.aliyun.com, DNS:genoisi.tmall.com, DNS:adcluster.aliyun.com, DNS:stars.shuqireader.com, DNS:xnet2-terminator.aliyun.com, DNS:partners-api.redmart.com, DNS:btaorogjost.en.alibaba.com, DNS:viger.ojiyvn-ina.aon.aliyun-inc.com, DNS:107.aliyun.com, DNS:mxjinpu.aliyun.com, DNS:nojj.1688.com, DNS:hanhenthh.aliexpress.com, DNS:g-acs.m.goofish.com, DNS:s360.lazada.com, DNS:fito.alibaba.com, DNS:edith.wapa.taobao.com, DNS:stotvs.taobao.com, DNS:bata.pop.saee.org.cn, DNS:shop1468860913243.aliyun.com, DNS:app4860.eapps.dingtalkcloud.com, DNS:scp-xunxi.taobao.net, DNS:sellercenter-sg.lazada-seller.cn, DNS:app16962.eapps.dingtalkcloud.com, DNS:lpdv5.ele.me, DNS:grsr.tmall.com, DNS:apros.yunos.com, DNS:c.lazada.com.ph, DNS:os.aliyun.com, DNS:iflow-tb.uc.cn, DNS:shog637356dv869h0.1688.com, DNS:passport.aliyun.com, DNS:member-p.lazada.co.id, DNS:bjcyhy.aliyun.com, DNS:fds.taobao.com, DNS:ckmonitor.alimama.com, DNS:cloud.video.aliyun.com, DNS:shop36481895.taobao.com, DNS:18026237757.1688.com, DNS:anns-serviae.ojibobo-ina.aon.alibaba-inc.com, DNS:edas-internal-ap-southeast-1.aliyun.com, DNS:shog393605640.taobao.com, DNS:shog637356dv869h0.1688.com, DNS:jhdz18664135873.1688.com, DNS:jingyonnjnj.1688.com, DNS:mail.porsche-wenzhou-binhai.com, DNS:ogisgea-shore.aliyuncs.com, DNS:oji-ndn.ojibobo-ina.aon.alibaba-inc.com, DNS:batit.aliyun.com, DNS:wwwsigned.faas.ele.me, DNS:08dong.bjog.ahino.alibaba.com, DNS:svdor.1688.com, DNS:knsbvijd.fn.alibaba.com, DNS:ahonnej.oxs.tesjo.ojibobo-ina.aon.alibaba-inc.com, DNS:ecm.cn-shanghai.aliyuncs.com, DNS:jdsdts.world.aliyun.com, DNS:netriahvb-an-shenzhen.aliyun.com, DNS:shop428746655.aliyun.com, DNS:shog36502625.taobao.com, DNS:vga-shore.an-qingdoo.aliyuncs.com, DNS:app58920.eapps.dingtalkcloud.com, DNS:oa.capinfo.com.cn, DNS:www.cfradio.cn, DNS:jvtenghvi.1688.com, DNS:eco-acc.lazada.com.my, DNS:scp-xunxi.taobao.net, DNS:dionond-inner.aliyuncs.com, DNS:cicmav.aliwork.com, DNS:fpfx3f.aliyun.com, DNS:10101979.fm.aliyun.com, DNS:shog36299507.taobao.com, DNS:bata.carie.saee.org.cn
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        59:3e:1d:cf:51:d8:45:d2:f5:c8:6b:1b:ea:78:06:20:ff:e5:
        e7:63:b6:7a:72:a4:bc:6b:0c:3c:33:bd:bc:0c:0a:38:3b:7a:
        71:f3:1b:5c:8d:14:81:68:9a:b1:e0:14:81:65:b1:ad:d9:37:
        d4:e8:15:27:de:55:0f:83:53:ae:b2:2b:b9:e2:8a:94:b2:95:
        5b:a6:f9:33:3a:5a:e5:54:cc:a8:c5:ad:52:4f:61:1b:73:d5:
        2c:f3:76:33:de:1f:19:5d:21:89:4d:cb:ee:f3:2b:b6:94:0e:
        e8:5c:5e:5d:95:51:c9:48:4e:aa:ed:a9:f1:5f:3c:b7:c7:5a:
        b9:dc:26:7f:64:73:dc:9b:a0:c9:65:1c:c5:07:ab:3c:5c:7e:
        6d:77:24:15:a8:1d:84:ba:00:44:ee:ed:f8:41:4e:fb:d3:32:
        aa:d7:f7:7b:85:6a:90:8f:7d:98:1e:af:84:28:5c:6b:2b:8b:
        84:f5:51:43:d2:7a:bd:09:ad:af:35:34:73:0c:6f:f6:33:58:
        f6:84:7f:ea:ae:ad:c1:32:30:e6:1c:37:9b:0f:8f:d4:1d:36:
        c8:2f:bd:ef:c9:89:dd:6a:56:86:8e:e4:16:59:72:91:dd:ce:
        aa:b4:80:fb:c0:94:62:4e:1f:b6:ce:22:cd:a3:e9:b6:b3:2a:
        8a:a9:a1:a8

-992671574 | 2024-03-25T21:17:22.168690

9527 / tcp

@RSYNCD: 26

1208318993 | 2024-04-09T05:13:37.058342

9530 / tcp

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

-1538260461 | 2024-03-31T22:28:48.544711

9606 / tcp

\x01\x00\x00\x00

1842524259 | 2024-04-18T18:58:31.710021

9633 / tcp

-1399940268 | 2024-03-24T17:54:38.599899

9761 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1977569953 | 2024-04-18T09:19:28.070622

9876 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2987_PS-SHA-01Jtm19_12756-43634

-659335736 | 2024-04-16T08:56:03.751792

9943 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2864_xyd119_11675-57009

841014058 | 2024-03-26T23:34:31.923479

9981 / tcp

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

1911457608 | 2024-03-24T09:03:25.628089

9988 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1223770960 | 2024-04-02T17:00:22.387874

9998 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae28e5_PS-PEK-01Whk40_31773-63705

1161309183 | 2024-04-20T00:37:41.099491

9999 / tcp

ProxyServer is ready

1492413928 | 2024-03-22T09:19:20.077691

10001 / tcp

SSH-2.0-OpenSSH_7.5

632542934 | 2024-04-19T13:48:06.039607

10134 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

2087396567 | 2024-04-17T20:17:17.544130

10250 / tcp

kjnkjabhbanc283ubcsbhdc72

-971970408 | 2024-03-25T23:32:06.715906

10443 / tcp

1741579575 | 2024-04-09T04:56:56.584622

10554 / tcp

1208318993 | 2024-04-15T09:47:19.935722

10909 / tcp

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

-1399940268 | 2024-04-19T02:36:10.913973

10911 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1996280214 | 2024-03-28T15:45:01.410885

11000 / tcp

\x06\x04\x05@

1830697416 | 2024-04-17T09:58:53.730485

11210 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

-136006866 | 2024-04-14T07:54:11.478883

11211 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

1134517380 | 2024-04-04T14:09:17.644584

11300 / tcp

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

-1730858130 | 2024-03-22T10:38:52.313568

11434 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-1723613895 | 2024-04-13T23:20:46.396387

12000 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2232_PS-HAK-01h6h34_6336-63973

1748152518 | 2024-04-13T21:32:07.192303

12345 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae26f8_hwt112_4105-46187

1208318993 | 2024-03-22T02:48:12.222067

13443 / tcp

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

-249504111 | 2024-04-17T10:06:09.062384

14147 / tcp

\x00[xU-\x7f\x00\x00

1308377066 | 2024-04-10T11:51:10.600477

14344 / tcp

ncacn_http/1.0

1991883981 | 2024-04-18T09:57:16.861531

16993 / tcp

B\x00\x00\x00\xc3\xbfn\x04Too many connections

-303199180 | 2024-03-26T10:38:57.877160

18081 / tcp

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

819727972 | 2024-04-16T01:37:03.200569

18245 / tcp

SSH-2.0-OpenSSH_7.4

2087396567 | 2024-04-08T19:49:19.574136

18553 / tcp

kjnkjabhbanc283ubcsbhdc72

-1399940268 | 2024-04-01T18:50:32.379005

19000 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1900503736 | 2024-04-11T09:10:40.245172

20000 / tcp

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

-314039103 | 2024-04-04T08:02:49.212062

20256 / tcp

Surnom.
Sorry, that nickname format is invalid.

-1839934832 | 2024-04-18T23:09:28.353199

20547 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-10442315 | 2024-04-13T10:44:46.363479

21025 / tcp

ª

-832380282 | 2024-04-13T21:34:18.588540

21379 / tcp

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).\n

660175493 | 2024-03-21T20:51:40.790564

22443 / tcp

-2031152423 | 2024-04-19T19:53:15.339312

25001 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

410249975 | 2024-04-11T17:43:32.789609

25565 / tcp

LNS READY<>

1911457608 | 2024-04-19T06:09:52.316034

27015 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1763259671 | 2024-04-05T20:08:02.010813

27017 / tcp

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

-1888448627 | 2024-04-14T11:19:01.308436

28015 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

2087396567 | 2024-04-05T22:41:46.311576

28080 / tcp

kjnkjabhbanc283ubcsbhdc72

-1681927087 | 2024-04-15T08:24:23.889891

30002 / tcp

kjnkjabhbanc283ubcsbhdc72

1077013874 | 2024-04-04T09:13:25.912635

30003 / tcp

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

-147424911 | 2024-04-20T06:39:44.406125

31337 / tcp

HTTP/1.1 404 Not Found
Content Length: 0

422524323 | 2024-03-28T23:28:55.327003

32400 / tcp

{
"Version": "3.4.18",
"VersionArray": [
3,
4,
18,
0
],
"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",
"OpenSSLVersion": "",
"SysInfo": "",
"Bits": 64,
"Debug": false,
"MaxObjectSize": 16777216
}

104385780 | 2024-04-11T00:50:48.830298

32764 / tcp

ceph v2

1975288991 | 2024-04-18T15:23:16.448212

33060 / tcp

OPTI

-119996482 | 2024-04-11T17:10:19.061232

37215 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0

-1746074029 | 2024-04-19T16:56:11.591792

37777 / tcp

101 imqbroker =unV\r\n

-1810987450 | 2024-04-15T15:54:11.576495

41800 / tcp

\xc3\xbf

-433302150 | 2024-04-03T18:32:17.707385

44158 / tcp

/multistream/1.0.0

-1329831334 | 2024-04-14T03:45:33.514910

44818 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

-971970408 | 2024-04-20T03:37:58.285974

47990 / tcp

-1428621233 | 2024-03-27T10:18:47.264974

48226 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

-1529979118 | 2024-04-20T03:55:21.363306

50000 / tcp

inv2W

1632932802 | 2024-04-19T09:50:33.096600

50100 / tcp

-1840324437 | 2024-04-15T08:23:49.665630

52869 / tcp

2098371729 | 2024-04-14T09:52:24.224853

54138 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

1370263973 | 2024-04-17T03:13:57.530347

55000 / tcp

dubbo>

-1013082686 | 2024-03-24T22:14:36.619846

55443 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

398077695 | 2024-04-17T21:38:16.054230

55554 / tcp

-1729629024 | 2024-04-14T14:32:00.405300

60030 / tcp

101 imqbroker =unV

474736340 | 2024-03-29T00:56:39.437918

60129 / tcp

431 Unable to negotiate secure command connection.

-1248408558 | 2024-03-30T03:42:15.342198

61613 / tcp

220 MikroTik FTP server (MikroTik 6.44.3) ready

740837454 | 2024-04-15T05:42:14.465996

61616 / tcp

SSH-2.0-OpenSSH_5.3

-1113435755 | 2024-04-15T20:46:42.408900

62078 / tcp

/1.1 404 Not Found
Content Length: 0

59.110.185.69

Last Seen: 2024-04-20

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1261582754 | 2024-04-15T04:26:26.613071 11 / tcp

-1036370807 | 2024-04-08T20:10:30.654014 13 / tcp

-1733645023 | 2024-04-10T00:00:59.609574 15 / tcp

268196945 | 2024-04-11T21:09:20.138176 17 / tcp

676476721 | 2024-04-15T21:56:00.529860 19 / tcp

1632932802 | 2024-04-09T22:32:16.280100 20 / tcp

1210838212 | 2024-04-18T01:59:05.181611 21 / tcp

210087843 | 2024-04-18T00:07:31.058742 22 / tcp

460589547 | 2024-04-17T22:23:21.292554 23 / tcp

-1986594217 | 2024-04-19T03:04:08.674584 25 / tcp

-886440009 | 2024-04-18T23:54:01.401464 37 / tcp

117101543 | 2024-04-08T21:01:38.258647 43 / tcp

1160472910 | 2024-04-17T15:18:20.424434 49 / tcp

1024248778 | 2024-04-09T11:52:55.786577 53 / tcp

-1056270173 | 2024-03-22T19:40:46.369031 70 / tcp

-1264324149 | 2024-04-17T23:15:19.584294 79 / tcp

-625912760 | 2024-04-13T06:36:36.477114 80 / tcp

-1399940268 | 2024-04-18T01:45:19.757388 86 / tcp

-1139539254 | 2024-03-26T23:02:26.040637 102 / tcp

410249975 | 2024-04-18T08:59:49.968310 104 / tcp

-1327660293 | 2024-04-04T01:15:20.621062 111 / tcp

-414819019 | 2024-04-16T01:33:29.300259 113 / tcp

141730637 | 2024-04-11T19:52:15.529818 119 / tcp

1302177452 | 2024-04-17T00:04:07.754389 135 / tcp

-382990917 | 2024-03-28T03:22:24.657334 143 / tcp

-1399940268 | 2024-04-18T23:00:39.659880 175 / tcp

-399606100 | 2024-04-12T19:14:01.123160 179 / tcp

-754988795 | 2024-04-11T12:25:36.293643 195 / tcp

165188539 | 2024-04-13T01:22:06.290152 221 / tcp

-1180827859 | 2024-04-17T02:31:39.410310 264 / tcp

-1547976805 | 2024-03-23T10:50:15.682251 311 / tcp

-1907080992 | 2024-04-19T08:19:47.945226 389 / tcp

1327409218 | 2024-04-15T04:44:46.025024 427 / tcp

-1746241814 | 2024-04-14T16:01:22.324649 443 / tcp

1880683805 | 2024-04-14T18:54:12.504637 444 / tcp

897328069 | 2024-04-13T22:13:38.817919 465 / tcp

921225407 | 2024-03-28T04:17:38.402947 502 / tcp

1690634669 | 2024-04-18T02:51:02.661125 515 / tcp

1801869778 | 2024-04-09T08:45:47.617841 548 / tcp

448214121 | 2024-04-08T11:41:25.615239 554 / tcp

1308377066 | 2024-04-17T05:59:15.474243 593 / tcp

-1316491703 | 2024-04-13T16:48:30.714497 631 / tcp

1911457608 | 2024-04-04T14:15:15.161852 771 / tcp

819727972 | 2024-04-19T04:28:14.281065 789 / tcp

-1970692834 | 2024-04-12T07:18:32.163318 873 / tcp

-1256415508 | 2024-04-04T20:43:03.420444 880 / tcp

-936692830 | 2024-04-08T21:51:39.438412 992 / tcp

669849225 | 2024-04-04T07:02:40.315972 993 / tcp

-1199842642 | 2024-04-05T12:39:23.972533 995 / tcp

751496153 | 2024-04-09T03:49:30.057961 1023 / tcp

-2033111675 | 2024-04-11T11:30:38.961042 1025 / tcp

1362344524 | 2024-03-25T16:34:39.467215 1080 / tcp

165188539 | 2024-04-09T15:14:03.063278 1099 / tcp

-784071826 | 2024-04-17T23:25:04.732201 1153 / tcp

-971970408 | 2024-04-19T08:10:38.169618 1177 / tcp

-441419608 | 2024-04-19T21:20:31.076116 1200 / tcp

-1399940268 | 2024-04-13T02:46:45.268390 1234 / tcp

103159425 | 2024-04-17T03:23:57.965022 1250 / tcp

1852418385 | 2024-04-10T12:25:19.738038 1311 / tcp

171352214 | 2024-04-15T04:18:24.183021 1337 / tcp

555056254 | 2024-04-15T19:28:14.214321 1433 / tcp

660175493 | 2024-04-08T10:21:12.970019 1471 / tcp

-1049213899 | 2024-03-27T03:28:40.027308 1494 / tcp

-971970408 | 2024-04-16T19:06:37.955554 1515 / tcp

-541815454 | 2024-04-11T04:57:14.288422 1521 / tcp

2087396567 | 2024-04-17T12:58:49.942545 1599 / tcp

2087396567 | 2024-03-28T08:06:19.599925 1604 / tcp

1103582599 | 2024-04-09T05:14:33.494952 1723 / tcp

-980525298 | 2024-04-14T17:37:19.173976 1800 / tcp

1266492139 | 2024-04-18T20:37:03.784220 1801 / tcp

-1598265216 | 2024-04-14T07:28:48.773693 1833 / tcp

808560482 | 2024-04-17T05:47:48.320295 1883 / tcp

-616720387 | 2024-04-17T07:45:16.582428 1911 / tcp

1261582754 | 2024-04-15T04:26:26.613071
11 / tcp

-1036370807 | 2024-04-08T20:10:30.654014
13 / tcp

-1733645023 | 2024-04-10T00:00:59.609574
15 / tcp

268196945 | 2024-04-11T21:09:20.138176
17 / tcp

676476721 | 2024-04-15T21:56:00.529860
19 / tcp

1632932802 | 2024-04-09T22:32:16.280100
20 / tcp

1210838212 | 2024-04-18T01:59:05.181611
21 / tcp

210087843 | 2024-04-18T00:07:31.058742
22 / tcp

460589547 | 2024-04-17T22:23:21.292554
23 / tcp

-1986594217 | 2024-04-19T03:04:08.674584
25 / tcp

-886440009 | 2024-04-18T23:54:01.401464
37 / tcp

117101543 | 2024-04-08T21:01:38.258647
43 / tcp

1160472910 | 2024-04-17T15:18:20.424434
49 / tcp

1024248778 | 2024-04-09T11:52:55.786577
53 / tcp

-1056270173 | 2024-03-22T19:40:46.369031
70 / tcp

-1264324149 | 2024-04-17T23:15:19.584294
79 / tcp

-625912760 | 2024-04-13T06:36:36.477114
80 / tcp

-1399940268 | 2024-04-18T01:45:19.757388
86 / tcp

-1139539254 | 2024-03-26T23:02:26.040637
102 / tcp

410249975 | 2024-04-18T08:59:49.968310
104 / tcp

-1327660293 | 2024-04-04T01:15:20.621062
111 / tcp

-414819019 | 2024-04-16T01:33:29.300259
113 / tcp

141730637 | 2024-04-11T19:52:15.529818
119 / tcp

1302177452 | 2024-04-17T00:04:07.754389
135 / tcp

-382990917 | 2024-03-28T03:22:24.657334
143 / tcp

-1399940268 | 2024-04-18T23:00:39.659880
175 / tcp

-399606100 | 2024-04-12T19:14:01.123160
179 / tcp

-754988795 | 2024-04-11T12:25:36.293643
195 / tcp

165188539 | 2024-04-13T01:22:06.290152
221 / tcp

-1180827859 | 2024-04-17T02:31:39.410310
264 / tcp

-1547976805 | 2024-03-23T10:50:15.682251
311 / tcp

-1907080992 | 2024-04-19T08:19:47.945226
389 / tcp

1327409218 | 2024-04-15T04:44:46.025024
427 / tcp

-1746241814 | 2024-04-14T16:01:22.324649
443 / tcp

1880683805 | 2024-04-14T18:54:12.504637
444 / tcp

897328069 | 2024-04-13T22:13:38.817919
465 / tcp

921225407 | 2024-03-28T04:17:38.402947
502 / tcp

1690634669 | 2024-04-18T02:51:02.661125
515 / tcp

1801869778 | 2024-04-09T08:45:47.617841
548 / tcp

448214121 | 2024-04-08T11:41:25.615239
554 / tcp

1308377066 | 2024-04-17T05:59:15.474243
593 / tcp

-1316491703 | 2024-04-13T16:48:30.714497
631 / tcp

1911457608 | 2024-04-04T14:15:15.161852
771 / tcp

819727972 | 2024-04-19T04:28:14.281065
789 / tcp

-1970692834 | 2024-04-12T07:18:32.163318
873 / tcp

-1256415508 | 2024-04-04T20:43:03.420444
880 / tcp

-936692830 | 2024-04-08T21:51:39.438412
992 / tcp

669849225 | 2024-04-04T07:02:40.315972
993 / tcp

-1199842642 | 2024-04-05T12:39:23.972533
995 / tcp

751496153 | 2024-04-09T03:49:30.057961
1023 / tcp

-2033111675 | 2024-04-11T11:30:38.961042
1025 / tcp

1362344524 | 2024-03-25T16:34:39.467215
1080 / tcp

165188539 | 2024-04-09T15:14:03.063278
1099 / tcp

-784071826 | 2024-04-17T23:25:04.732201
1153 / tcp

-971970408 | 2024-04-19T08:10:38.169618
1177 / tcp

-441419608 | 2024-04-19T21:20:31.076116
1200 / tcp

-1399940268 | 2024-04-13T02:46:45.268390
1234 / tcp

103159425 | 2024-04-17T03:23:57.965022
1250 / tcp

1852418385 | 2024-04-10T12:25:19.738038
1311 / tcp

171352214 | 2024-04-15T04:18:24.183021
1337 / tcp

555056254 | 2024-04-15T19:28:14.214321
1433 / tcp

660175493 | 2024-04-08T10:21:12.970019
1471 / tcp

-1049213899 | 2024-03-27T03:28:40.027308
1494 / tcp

-971970408 | 2024-04-16T19:06:37.955554
1515 / tcp

-541815454 | 2024-04-11T04:57:14.288422
1521 / tcp

2087396567 | 2024-04-17T12:58:49.942545
1599 / tcp

2087396567 | 2024-03-28T08:06:19.599925
1604 / tcp

1103582599 | 2024-04-09T05:14:33.494952
1723 / tcp

-980525298 | 2024-04-14T17:37:19.173976
1800 / tcp

1266492139 | 2024-04-18T20:37:03.784220
1801 / tcp

-1598265216 | 2024-04-14T07:28:48.773693
1833 / tcp

808560482 | 2024-04-17T05:47:48.320295
1883 / tcp

-616720387 | 2024-04-17T07:45:16.582428
1911 / tcp

-786044033 | 2024-04-02T23:02:39.287730
1926 / tcp

-1435414831 | 2024-03-21T18:05:20.006132
1947 / tcp

-1399940268 | 2024-04-13T18:32:59.454776
1962 / tcp

-1730858130 | 2024-04-04T21:19:36.346399
2000 / tcp

819727972 | 2024-04-14T02:25:12.029240
2002 / tcp

2087396567 | 2024-04-11T00:34:24.833484
2008 / tcp

-891714208 | 2024-04-20T11:54:08.555818
2021 / tcp