GeneralInformation

Hostnames	anqi9988.1688.com axjanja.1688.com fvzebogs.1688.com shog1442508391642.1688.com shog2a6250868e917.1688.com shog3078o27060063.1688.com shop6239730h56062.1688.com szdyyyxs.1688.com szrobotine.1688.com vidigod.1688.com yhnkwj.1688.com attg.ojibobo-ina.aon.alibaba-inc.com dotodorks-nonoger-ogi.dd.ojibobo-ina.aon.alibaba-inc.com dotaher.ojibobo-ina.aon.alibaba-inc.com hhgoi-dsd-dsd44826-80.gas-svr.ojibobo-ina.aon.alibaba-inc.com gd-dork.ojibobo-ina.aon.alibaba-inc.com gre-oah2.ojibobo-ina.aon.alibaba-inc.com heno.stors.ojibobo-ina.aon.alibaba-inc.com svnort.stors.ojibobo-ina.aon.alibaba-inc.com test-aenter.ojibobo-ina.aon.alibaba-inc.com vot.ojibobo-ina.aon.alibaba-inc.com xbootogs.ojibobo-ina.aon.alibaba-inc.com buc-test-qier.alibaba-inc.com hhpai-dsw-dsw56392-80.pcs-svr.alibaba-inc.com qt-changeplatform.alibaba.net ens-network-sqos-hybrid.alicdn.com 119152.aliexpress.com connect.aliexpress.com 1111.alimama.com sec.alimama.com www22.aliwork.com ob-gre.ojiyvn-ina.aon.aliyun-inc.com yvndvn-idi-server.ojiyvn-ina.aon.aliyun-inc.com aliyun.com adsprobe.aliyun.com alimama2.aliyun.com aloc-offline.aliyun.com iot.ap-southeast-1.aliyun.com api.aliyun.com bi.aliyun.com cn.aliyun.com gre-stvdio.iot.aliyun.com pre-cockpit-test.aliyun.com regort.aliyun.com shop1432140437765.aliyun.com shop2b0883416a7i9.aliyun.com das.base.shuju.aliyun.com auth.wms.aliyun.com yjgts.aliyun.com aliyuncs.com ajovdovth-intj.an-shonghoi.aliyuncs.com eci-vpc.ap-southeast-1.aliyuncs.com ar-grivote-shore.ev-aentroj-1.aliyuncs.com netriahvb-ans-an-beijing.aliyuncs.com sts.og-northeost-1.aliyuncs.com qtnetria-shore.aliyuncs.com og-sovtheost-1.ron-internoj.aliyuncs.com m5-zb.amap.com nextci.amap.com xmap-alg-deploy-prepub.amap.com services-iss-sh.cainiao-inc.com b-manage.gfn.cainiao.com manage-cmscn.gfn.cainiao.com link.wt.cainiao.com hm1.cnzz.com api.dingtalk.com www.yx.fusion.design login.portal.hemaos.com api.ascp-fresh-produce.hemayx.cn lazada.cn acs-m-sg.lazada.co.id admin.lazada.co.id new-university.lazada.co.id lighthouse.lazada.co.th pre-ids-gpcb.lazada.com sellercenter.lazada.com.my solution.lazada.com.my u.lazada.com.my webim.lazada.com.my m.sellercenter.lazada.com.ph admin-p.lazada.vn university.lazada.vn www.lex.co.id 10yuankaihutiyanjin-okta-network-drookings-mirror.accept.lex.vn nrcm.lydaas.com www2s.mashort.cn console-fc.alpha.redmart.com stars.shuqireader.com dod-tiger.taobao.com gigsijk.taobao.com gvonghe.taobao.com hovonojogin.taobao.com ojiaert.taobao.com shog36236233.taobao.com shog36244836.taobao.com shog36315220.taobao.com shog36346889.taobao.com shog36600642.taobao.com shog36621603.taobao.com shog36977584.taobao.com shop36579394.taobao.com shop36674442.taobao.com sell.xiangqing.taobao.com yqza.taobao.com ocache.taobao.net opsx.vip.tbsite.net detoij.tmall.com gjon-3d.tmall.com jielitushu.tmall.com item.publish.tmall.com mail.wondfo.com.cn operate-api.yiupin.com
Domains	1688.com alibaba-inc.com alibaba.net alicdn.com aliexpress.com alimama.com aliwork.com aliyun-inc.com aliyun.com aliyuncs.com amap.com cainiao-inc.com cainiao.com cnzz.com dingtalk.com fusion.design hemaos.com hemayx.cn lazada.cn lazada.co.id lazada.co.th lazada.com lazada.com.my lazada.com.ph lazada.vn lex.co.id lex.vn lydaas.com mashort.cn redmart.com shuqireader.com taobao.com taobao.net tbsite.net tmall.com wondfo.com.cn yiupin.com
Cloud Provider	Alibaba Cloud
Country	China
City	Shanghai
Organization	Aliyun Computing Co.LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

JavaScript frameworks

Prototype

JavaScript libraries

YUI

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2024-23897	7.5Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
CVE-2023-5824	Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug.
CVE-2023-51767	OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
CVE-2023-51385	In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
CVE-2023-51384	In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
CVE-2023-50269	Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to perform Denial of Service attack by sending a large X-Forwarded-For header when the follow_x_forwarded_for feature is configured. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives.
CVE-2023-49288	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with "collapsed_forwarding on" are vulnerable. Configurations with "collapsed_forwarding off" or without a "collapsed_forwarding" directive are not vulnerable. This bug is fixed by Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should remove all collapsed_forwarding lines from their squid.conf.
CVE-2023-49286	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-49285	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-48795	The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
CVE-2023-46847	Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
CVE-2023-46846	SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.
CVE-2023-46728	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1. Responses triggering this bug are possible to be received from any gopher server, even those without malicious intent. Gopher support has been removed in Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should reject all gopher URL requests.
CVE-2023-46724	Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages.
CVE-2023-38408	The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
CVE-2022-41318	A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a client. This is fixed in 5.7.
CVE-2021-46784	In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
CVE-2021-41617	4.4sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
CVE-2021-36368	2.6An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.
CVE-2021-33620	4.0Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.
CVE-2021-31808	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this.
CVE-2021-31807	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent.
CVE-2021-31806	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy) via HTTP Range request processing.
CVE-2021-28652	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short query string. This attack is limited to clients with Cache Manager API access privilege.
CVE-2021-28651	5.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that can easily trigger a large amount of memory consumption.
CVE-2021-28116	4.3Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.
CVE-2020-8517	5.0An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being terminated unexpectedly. This leads to the Squid process also terminating and a denial of service for all clients using the proxy.
CVE-2020-8450	7.5An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.
CVE-2020-8449	5.0An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.
CVE-2020-25097	5.0An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.
CVE-2020-24606	7.1Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF.
CVE-2020-15811	4.0An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the browser cache and any downstream caches with content from an arbitrary source. Squid uses a string search instead of parsing the Transfer-Encoding header to find chunked encoding. This allows an attacker to hide a second request inside Transfer-Encoding: it is interpreted by Squid as chunked and split out into a second request delivered upstream. Squid will then deliver two distinct responses to the client, corrupting any downstream caches.
CVE-2020-15810	3.5An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the proxy cache and any downstream caches with content from an arbitrary source. When configured for relaxed header parsing (the default), Squid relays headers containing whitespace characters to upstream servers. When this occurs as a prefix to a Content-Length header, the frame length specified will be ignored by Squid (allowing for a conflicting length to be used from another Content-Length header) but relayed upstream.
CVE-2020-15778	6.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."
CVE-2020-15049	6.5An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an uncommon shell whitespace character prefix to the length field-value.
CVE-2020-14145	4.3The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
CVE-2020-14058	5.0An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. This occurs because unrecognized error values are mapped to NULL, but later code expects that each error value is mapped to a valid error string.
CVE-2020-11945	7.5An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if the pooled token credentials are freed (instead of replayed as valid credentials).
CVE-2019-6111	5.8An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
CVE-2019-6110	4.0In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
CVE-2019-6109	4.0An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
CVE-2019-18860	4.3Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.
CVE-2019-18679	5.0An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
CVE-2019-18678	5.0An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon.
CVE-2019-18677	5.8An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to.
CVE-2019-18676	5.0An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote client that can reach the proxy port can trivially perform the attack via a crafted URI scheme.
CVE-2019-16905	4.4OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.
CVE-2019-13345	4.3The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.
CVE-2019-12529	4.3An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checking its table. The length is then used to start decoding the string. There are no checks to ensure that the length it calculates isn't greater than the input buffer. This leads to adjacent memory being decoded as well. An attacker would not be able to retrieve the decoded data unless the Squid maintainer had configured the display of usernames on error pages.
CVE-2019-12528	5.0An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.
CVE-2019-12526	7.5An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data overflowing in the heap.
CVE-2019-12525	7.5An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.
CVE-2019-12524	7.5An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource.
CVE-2019-12523	6.4An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e.g., an attacker can connect to HTTP servers that only listen on localhost.
CVE-2019-12522	4.4An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.
CVE-2019-12521	4.3An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing.
CVE-2019-12520	5.0An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo (username and password) for certain protocols. This decoded info is prepended to the domain. This allows an attacker to provide a username that has special characters to delimit the domain, and treat the rest of the URL as a path or query string. An attacker could first make a request to their domain using an encoded username, then when a request for the target domain comes in that decodes to the exact URL, it will serve the attacker's HTML instead of the real HTML. On Squid servers that also act as reverse proxies, this allows an attacker to gain access to features that only reverse proxies can use, such as ESI.
CVE-2019-12519	7.5An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.
CVE-2018-20685	2.6In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2018-19132	4.3Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.
CVE-2018-19131	4.3Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.
CVE-2018-15919	5.0Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'
CVE-2018-15473	5.0OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
CVE-2018-1000027	5.0The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.
CVE-2018-1000024	5.0The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.
CVE-2017-15906	5.0The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
CVE-2016-4556	5.0Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.
CVE-2016-4555	5.0client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.
CVE-2016-4554	5.0mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.
CVE-2016-4553	5.0client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.
CVE-2016-4054	6.8Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses.
CVE-2016-4053	4.3Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.
CVE-2016-4052	6.8Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes (ESI) responses.
CVE-2016-4051	6.8Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data.
CVE-2016-3948	5.0Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.
CVE-2016-3947	7.5Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log files via an ICMPv6 packet.
CVE-2016-2390	4.3The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows remote attackers to cause a denial of service (application crash) via a plaintext HTTP message.
CVE-2016-20012	4.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product
CVE-2016-10003	5.0Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.
CVE-2016-10002	5.0Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information.
CVE-2008-3844	9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
CVE-2007-2768	4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 15 17 19 21 23 25 26 37 43 49 70 79 80 81 83 84 89 92 102 104 111 113 119 135 143 175 179 221 222 264 389 427 443 444 465 502 503 515 548 554 593 636 666 685 771 801 873 888 992 993 995 1023 1024 1025 1029 1080 1099 1111 1153 1200 1234 1290 1311 1337 1433 1515 1521 1599 1604 1650 1723 1741 1800 1801 1883 1911 1926 1962 1990 2000 2002 2008 2018 2021 2059 2067 2083 2086 2087 2111 2121 2122 2154 2181 2222 2323 2332 2345 2376 2404 2455 2559 2628 2761 2762 3001 3050 3055 3081 3087 3107 3108 3110 3112 3116 3118 3119 3121 3129 3260 3268 3269 3299 3301 3306 3310 3388 3389 3405 3479 3503 3542 3551 3552 3567 3790 4000 4022 4063 4064 4242 4282 4321 4369 4433 4443 4444 4500 4506 4545 4782 4840 4899 4911 4949 5001 5002 5003 5005 5007 5009 5010 5025 5122 5172 5201 5222 5269 5400 5432 5435 5494 5500 5542 5603 5604 5609 5672 5673 5801 5858 5984 5985 5986 6000 6001 6002 6007 6036 6080 6379 6443 6560 6588 6603 6633 6653 6666 6667 6668 6697 6789 7000 7001 7071 7171 7218 7415 7434 7510 7547 7548 7634 7657 7887 7999 8001 8005 8006 8009 8012 8015 8024 8032 8047 8050 8055 8066 8080 8083 8085 8087 8089 8090 8093 8094 8096 8098 8099 8102 8109 8123 8126 8139 8140 8200 8241 8243 8291 8333 8401 8427 8443 8447 8500 8545 8554 8575 8585 8649 8700 8728 8802 8810 8814 8823 8834 8845 8856 8857 8877 8880 8888 8889 8899 8991 8999 9000 9001 9002 9018 9022 9029 9030 9036 9040 9042 9051 9090 9091 9095 9100 9111 9119 9151 9160 9211 9218 9299 9301 9306 9418 9443 9500 9530 9595 9600 9633 9690 9704 9761 9869 9898 9899 9943 9981 9999 10000 10001 10134 10250 10443 10554 10909 11112 11210 11211 11300 11371 12000 12345 13579 14147 14265 14344 16010 16993 18081 18245 19000 19071 20000 20547 21025 21379 23023 25001 25565 27015 27017 27210 28015 30002 30003 31337 33060 35000 37215 37777 41800 44158 44818 47990 50000 50100 51106 51235 52869 55000 55442 55443 55553 55554 60001 60129 61613 61616 62078

-1888448627 | 2024-05-22T05:49:52.822162

11 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1297354658 | 2024-05-21T23:01:28.953085

13 / tcp

J\x00\x00\x00
8.0.23\x00%\xc6\xec\x0e\x12X&/&?\x00\xff\xff-\x02\x00\xff\xcf\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00jde\x1d.9S\"\x1d:#\x00caching_sha2_password\x00

819727972 | 2024-05-29T01:37:35.035675

15 / tcp

SSH-2.0-OpenSSH_7.4

344087494 | 2024-05-28T09:39:01.010397

17 / tcp

"When a stupid man is doing something he is ashamed of, he always declares
 that it is his duty." George Bernard Shaw (1856-1950)
\x00

-1760806421 | 2024-05-25T11:53:57.232127

19 / tcp

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected

-731285715 | 2024-06-02T11:54:24.615483

21 / tcp

220 (vsFTPd 1.2.2)

-1288412979 | 2024-05-27T15:11:30.423309

23 / tcp

Connection refused

-303199180 | 2024-05-28T23:49:09.837593

25 / tcp

Content-Type: text/rude-rejection\nContent-Length: 24\n\n\nAccess Denied, go away.\nContent-Type: text/disconnect-notice\nC...\n

-1839934832 | 2024-05-18T18:55:32.300735

26 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-886440009 | 2024-05-31T04:48:02.157861

37 / tcp

\\xeb\\xd1~B

-1013082686 | 2024-05-20T01:29:33.502886

43 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

1160472910 | 2024-06-02T07:03:54.793026

49 / tcp

\xc2\xa5A\\x01,\\x02L\\x08Connectx\\x0857222

1412519768 | 2024-05-31T13:49:54.693094

70 / tcp

"AP0F1D85"
Connection: close

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR

-1264324149 | 2024-05-29T20:23:24.524233

79 / tcp

Siemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready
ÿû\x01ÿû\x03ÿý\x01ÿþ\x01Username:

-2070429970 | 2024-05-29T12:53:21.380739

80 / tcp

HTTP/1.1 404 Not Found
Server: Tengine
Date: Wed, 29 May 2024 12:53:21 GMT
Content-Type: text/xml; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=25

2033888749 | 2024-05-09T04:11:39.907410

81 / tcp

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

770016595 | 2024-05-18T20:04:12.561434

83 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

-2081419599 | 2024-05-15T21:07:53.027220

84 / tcp

@
03d

-1399940268 | 2024-05-21T10:15:27.938291

89 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-339084706 | 2024-06-01T07:17:21.452009

92 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

-2089734047 | 2024-05-28T18:02:47.056906

102 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

401555314 | 2024-05-29T04:13:27.857427

104 / tcp

NB[GFXjA^R

1187188851 | 2024-05-31T19:50:50.086856

111 / tcp

Portmap
Program	Version	Protocol	Port

-527005584 | 2024-05-22T02:05:45.929067

113 / tcp

/0 0 L
/0 0 HUH

141730637 | 2024-05-30T20:00:01.789564

119 / tcp

HTTP/1.0 200 OK
Server: Proxy

-1589645334 | 2024-06-02T12:29:57.089090

135 / tcp

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: C56L_POS01\n IP2: 60.251.195.90\n IP3: C56L_POS01\n\nNTLMSSP:\nTarget_Name: C56L_POS01\nProduct_Version: 5.1.2600 Ntlm 15\nOS: Windows XP/Windows XP, Service Pack 3\nNetBIOS_Domain_Name: C56L_POS01\nNetBIOS_Computer_Name: C56L_POS01\nDNS_Domain_Name: C56L_POS01\nDNS_Computer_Name: C56L_POS01\n\nDCERPC Dump:\n1088a980-eae5-11d0-8d9b-00a02453c337 ([MS-MQQP]: Message Queuing (MSMQ):):\n  - NCACN: 60.251.195.90:

-829824006 | 2024-05-16T07:06:26.436639

143 / tcp

* OK Coremail System IMap Server Ready(mispb-5f781434-d784-4cb6-b7ab-91be09a0f2d6-peony.cn[ccf14d07de0680199ac3995dd82c09e7])\r\n

-1399940268 | 2024-05-17T21:07:42.218847

175 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-399606100 | 2024-05-25T10:19:47.834689

179 / tcp

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

-1399940268 | 2024-06-02T16:37:51.698363

221 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-05-06T11:02:43.794171

222 / tcp

SSH-2.0-OpenSSH_7.4

-1718229072 | 2024-05-31T00:21:04.835379

264 / tcp

CheckPoint\nFirewall Host: gw2\nSmartCenter Host: SMS..6sxmht\\x00\n

-1743283776 | 2024-06-01T06:56:35.437875

389 / tcp

0\x0c\\x02\\x01\\x01a\\x07\n\\x01\\x04\\x04

-661950041 | 2024-06-02T03:30:04.173123

427 / tcp

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://*.*.*.*\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:cdserver\nservice:fdserver\nservice:hdserver\nservice:rmedia\nservice:adviser\nservice:lighttpd\nB://l:87/x\n\nResponse of service:cdserver SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:cdserver://IEIB4055D60C037:5120\n\n\nResponse of service:cdserver AttrRqst:\nVersion: 2\nFunction: Attribute R

-208800914 | 2024-05-18T15:59:20.948691

443 / tcp

HTTP/1.1 404 Not Found
Server: Tengine
Date: Sat, 18 May 2024 15:59:20 GMT
Content-Type: text/xml; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=25

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:25:05:ef:ce:3e:f1:d6:34:67:6e:b9
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: Feb  2 06:21:01 2024 GMT
            Not After : Mar  5 06:21:00 2025 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:36:16:8f:d4:e0:6c:a8:a8:ca:47:18:cc:50:70:
                    68:a3:3b:95:10:6e:f2:85:bd:36:a2:b5:d6:1c:63:
                    aa:df:a1:1a:1a:0a:42:a6:09:03:a5:0c:ce:a5:24:
                    a0:9b:97:85:1b:f2:de:39:2b:95:83:60:4e:b6:42:
                    4c:1a:84:1b:f3
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
            X509v3 Subject Alternative Name: 
                DNS:aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.ap-hochiminh-ant.aliyuncs.com, DNS:*.ap-northeast-1.aliyuncs.com, DNS:*.ap-northeast-2.aliyuncs.com, DNS:*.ap-singapore-cloudstone.aliyuncs.com, DNS:*.ap-south-1.aliyuncs.com, DNS:*.ap-southeast-1.aliyuncs.com, DNS:*.ap-southeast-2.aliyuncs.com, DNS:*.ap-southeast-3.aliyuncs.com, DNS:*.ap-southeast-5.aliyuncs.com, DNS:*.ap-southeast-6.aliyuncs.com, DNS:*.ap-southeast-7.aliyuncs.com, DNS:*.cn-beijing-cloudstone.aliyuncs.com, DNS:*.cn-beijing-finance-1.aliyuncs.com, DNS:*.cn-beijing.aliyuncs.com, DNS:*.cn-changsha.aliyuncs.com, DNS:*.cn-chengdu-acdr-ut-1.aliyuncs.com, DNS:*.cn-chengdu-smarthosting-1.aliyuncs.com, DNS:*.cn-chengdu.aliyuncs.com, DNS:*.cn-dalian.aliyuncs.com, DNS:*.cn-fuzhou.aliyuncs.com, DNS:*.cn-guangzhou.aliyuncs.com, DNS:*.cn-hangzhou-cloudstone.aliyuncs.com, DNS:*.cn-hangzhou-finance.aliyuncs.com, DNS:*.cn-hangzhou-mybk.aliyuncs.com, DNS:*.cn-hangzhou.aliyuncs.com, DNS:*.cn-heyuan-acdr-1.aliyuncs.com, DNS:*.cn-heyuan.aliyuncs.com, DNS:*.cn-hongkong.aliyuncs.com, DNS:*.cn-huhehaote-nebula-1.aliyuncs.com, DNS:*.cn-huhehaote.aliyuncs.com, DNS:*.cn-jinan.aliyuncs.com, DNS:*.cn-nanjing.aliyuncs.com, DNS:*.cn-nantong.aliyuncs.com, DNS:*.cn-ningbo-smt-nbyd.aliyuncs.com, DNS:*.cn-north-2-gov-1.aliyuncs.com, DNS:*.cn-qingdao-acdr-ut-1.aliyuncs.com, DNS:*.cn-qingdao-nebula.aliyuncs.com, DNS:*.cn-qingdao.aliyuncs.com, DNS:*.cn-shanghai-ant.aliyuncs.com, DNS:*.cn-shanghai-finance-1.aliyuncs.com, DNS:*.cn-shanghai-mybk.aliyuncs.com, DNS:*.cn-shanghai-smt-huat.aliyuncs.com, DNS:*.cn-shanghai.aliyuncs.com, DNS:*.cn-shenzhen-cloudstone-ut.aliyuncs.com, DNS:*.cn-shenzhen-cloudstone.aliyuncs.com, DNS:*.cn-shenzhen-finance-1.aliyuncs.com, DNS:*.cn-shenzhen.aliyuncs.com, DNS:*.cn-taiyuan.aliyuncs.com, DNS:*.cn-tianjin.aliyuncs.com, DNS:*.cn-wuhan-lr.aliyuncs.com, DNS:*.cn-wulanchabu-cloudstone-ut.aliyuncs.com, DNS:*.cn-wulanchabu.aliyuncs.com, DNS:*.cn-xian.aliyuncs.com, DNS:*.cn-zhangjiakou-spe.aliyuncs.com, DNS:*.cn-zhangjiakou.aliyuncs.com, DNS:*.cn-zhengzhou-jva.aliyuncs.com, DNS:*.cn-zhengzhou.aliyuncs.com, DNS:*.eu-central-1.aliyuncs.com, DNS:*.eu-west-1.aliyuncs.com, DNS:*.me-central-1.aliyuncs.com, DNS:*.me-east-1.aliyuncs.com, DNS:*.rus-west-1.aliyuncs.com, DNS:*.us-east-1.aliyuncs.com, DNS:*.us-west-1.aliyuncs.com, DNS:*.vpc-proxy.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            X509v3 Subject Key Identifier: 
                2C:5A:76:11:1C:5B:71:57:E8:75:A7:5F:4B:49:8F:FA:59:16:33:F5
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Feb  2 06:21:03.730 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:2D:00:AD:78:5A:5D:87:5E:F8:6E:3F:1F:
                                56:78:0C:09:5B:EC:14:4F:B8:67:CA:53:20:42:CC:CF:
                                D4:DC:28:CE:02:21:00:94:5A:D0:78:B5:CD:C9:AE:05:
                                DA:AA:66:77:B8:89:13:7A:95:90:71:CC:19:1C:F0:8D:
                                1D:57:9E:0E:72:1F:75
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Feb  2 06:21:04.458 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:23:2C:2F:99:1F:84:D3:4B:C6:CF:58:04:
                                3F:2C:CC:1D:DC:1A:D0:FE:29:A8:BD:CF:37:80:3C:C8:
                                5B:26:40:CE:02:20:23:D2:66:0D:1B:CD:0F:75:CA:FC:
                                41:56:8C:60:CD:78:96:D3:2C:86:AB:0D:6D:A0:EC:16:
                                73:4F:C0:A1:FB:A0
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E0:92:B3:FC:0C:1D:C8:E7:68:36:1F:DE:61:B9:96:4D:
                                0A:52:78:19:8A:72:D6:72:C4:B0:4D:A5:6D:6F:54:04
                    Timestamp : Feb  2 06:21:03.892 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:07:FF:06:71:1C:EE:11:2C:18:BC:51:B5:
                                FE:FF:8B:35:9D:C3:90:4C:38:13:3C:E9:86:71:78:AF:
                                D7:7B:D3:89:02:20:12:95:58:62:A2:2B:B5:E1:43:7D:
                                4C:85:7D:9E:1F:BD:FD:AC:6F:D6:32:60:76:1E:F8:5F:
                                A7:32:DC:7B:1B:4D
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        06:5e:35:c4:e1:26:b0:da:9c:7a:36:ea:b6:82:f7:3f:7c:59:
        58:e3:9a:5e:b5:40:b9:08:26:79:83:78:9e:b4:fe:0b:c9:f0:
        83:6b:ac:6b:ef:c1:99:8a:34:c3:8c:33:6d:3f:f2:ae:3e:f5:
        68:a9:59:40:0e:53:a7:3f:f1:d0:00:5e:aa:76:90:26:7a:55:
        56:dd:ff:4e:e6:94:e7:01:cb:2c:36:9d:d4:ef:41:af:1f:9e:
        d8:32:41:bf:1f:32:55:c0:2f:cf:9a:af:29:96:65:e3:10:a4:
        fa:8a:1c:61:1e:40:18:d0:51:6c:6f:bb:ba:f2:f5:14:5b:bd:
        cb:53:41:43:12:d6:c5:11:e6:a1:db:8e:f9:21:a1:32:09:09:
        e2:76:2f:4d:22:d7:89:c9:02:58:9d:1e:30:d8:8b:4d:40:0b:
        9a:c1:0c:40:a4:01:23:14:ba:bf:f0:1e:be:91:80:ae:d5:12:
        4b:43:17:54:f0:61:d5:38:8e:e2:6f:6b:98:26:b0:e2:7d:db:
        39:c0:99:db:04:6f:a0:31:90:1d:a6:7a:d0:ea:44:31:c3:e1:
        4c:b7:59:b6:ce:8c:ed:b4:6e:71:2a:6b:a3:88:dc:3f:8a:93:
        29:fe:31:20:63:1e:1b:85:24:49:a6:39:3e:b5:ce:0e:ae:5a:
        91:a9:b4:f2

-42972075 | 2024-05-29T10:10:35.717514

444 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.22.1
Date: Wed, 29 May 2024 10:10:35 GMT
Content-Type: text/html
Content-Length: 157
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

897328069 | 2024-06-03T00:23:11.162791

465 / tcp

220 mail.scott000.com ESMTP

-2089734047 | 2024-05-26T17:57:19.007981

502 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1911457608 | 2024-05-21T22:13:35.500707

503 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1767345577 | 2024-06-01T20:13:11.138076

515 / tcp

Hello, this is Quagga (version 0T).
Copyright 1996-200

-2035415184 | 2024-06-01T05:38:39.365307

548 / tcp

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: Landisk2\nMachine Type: \rNetatalk3.1.8\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: Cleartxt Passwrd\\x04,DHX2\t,DHCAST128\\x00\nServer Signature: 00000000008002000180030002800280

1060450357 | 2024-05-11T19:51:15.161014

554 / tcp

RTSP/1.0 200 OK
CSeq: 1
Keep-Alive: timeout=10, max=1000
Public: DESCRIBE, SETUP, TEARDOWN, PLAY, PAUSE, SET_PARAMETER, GET_PARAMETER
Connection: Keep-Alive

1308377066 | 2024-05-25T21:14:57.985566

593 / tcp

ncacn_http/1.0

-2023550675 | 2024-05-28T23:41:43.191877

636 / tcp

\\x01\x0b=\\x01\xc3\x80\\x06\xc3\xbf\xc3\xbf?"<ZDECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\\x01\\x01

-1960639992 | 2024-06-01T07:15:33.213303

666 / tcp

HTTP/1.1 401 Unauthorized

1492413928 | 2024-06-02T18:47:46.827634

685 / tcp

SSH-2.0-OpenSSH_7.5

-1947777893 | 2024-05-31T21:36:23.850054

771 / tcp

"Broadband Router"\r\n\r\n<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

165188539 | 2024-05-07T10:59:40.902569

801 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1970692834 | 2024-05-21T21:34:39.494570

873 / tcp

@RSYNCD: 31.0\n@RSYNCD: EXIT\n

-262532376 | 2024-05-19T13:30:36.832457

888 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: keep-alive

-1835475271 | 2024-05-31T00:27:42.770952

992 / tcp

200 NOD32SS 99 (3318497116)\r\n

-891714208 | 2024-06-02T05:38:14.288915

993 / tcp

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

-1489591880 | 2024-05-25T18:00:49.503842

995 / tcp

+OK MS OK\r\n

-1230049476 | 2024-05-26T14:23:36.481955

1023 / tcp

HTTP/1.0 200 OK
Connection: close
X-Powered-By: Undertow/1
Server: JBoss-EAP/7
Content-Type: text/html
Content-Length: 98
Accept-Ranges: bytes

550048729 | 2024-05-09T18:48:54.444281

1024 / tcp

ÿÿÿ
0 ...

-136006866 | 2024-06-02T18:54:38.555485

1025 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

165188539 | 2024-05-26T15:40:55.484263

1029 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1362344524 | 2024-05-16T06:26:31.106913

1080 / tcp

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.7

1911457608 | 2024-05-31T09:04:00.742892

1099 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-358801646 | 2024-05-13T21:43:17.083048

1111 / tcp

SSH-2.0-OpenSSH_6.6.1

-358801646 | 2024-05-22T22:03:11.403597

1153 / tcp

SSH-2.0-OpenSSH_6.6.1

-971970408 | 2024-06-02T02:54:17.270806

1200 / tcp

-407828767 | 2024-05-31T05:38:51.832355

1234 / tcp

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

-441419608 | 2024-05-10T12:40:24.894325

1290 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

-1665643483 | 2024-05-25T22:37:09.755961

1311 / tcp

HTTP/1.1 200 
Accept-Ranges: bytes
Content-Type: text/html;charset=UTF-8
Content-Length: 391
Connect-To: https://qd-gatway.aliyuncs.com/table/tree-land/nacos/

1426971893 | 2024-05-29T21:49:38.687920

1337 / tcp

\x00[s\xc3\x85\xc3\x93\x7f\x00\x00

-325802316 | 2024-05-26T23:33:54.975789

1433 / tcp

MSSQL Server\nVersion: 134219767 (0x80007f7)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: PC-20150816MQOM\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: PC-20150816MQOM\nNetBIOS_Computer_Name: PC-20150816MQOM\nDNS_Domain_Name: PC-20150816MQOM\nDNS_Computer_Name: PC-20150816MQOM\nMsvAvFlags: 01000000\nSystem_Time: 2024-01-22 04:03:26 +0000 UTC\n\n

1212921144 | 2024-05-26T08:38:49.635366

1515 / tcp

0@

-186520940 | 2024-05-04T21:19:30.522229

1521 / tcp

HTTP/1.1

-1681927087 | 2024-05-27T01:09:58.257513

1599 / tcp

kjnkjabhbanc283ubcsbhdc72

401555314 | 2024-05-21T09:29:18.078827

1604 / tcp

NB[GFXjA^R

-2107996212 | 2024-05-30T16:57:46.543378

1650 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

1103582599 | 2024-05-31T04:07:45.545605

1723 / tcp

Firmware: 1\nHostname: Vigor\nVendor: DrayTek\n

-1665643483 | 2024-05-19T11:21:58.112558

1741 / tcp

HTTP/1.1 200 
Accept-Ranges: bytes
Content-Type: text/html;charset=UTF-8
Content-Length: 391
Connect-To: https://qd-gatway.aliyuncs.com/table/tree-land/nacos/

1975288991 | 2024-05-29T15:12:49.065792

1800 / tcp

OPTI

1745717579 | 2024-05-11T08:59:49.091143

1801 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae224e_PS-CSX-01CvJ183_33983-2857

493955023 | 2024-05-20T21:17:57.314715

1883 / tcp

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

-2089734047 | 2024-05-31T11:00:32.413221

1911 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-1392039491 | 2024-05-14T08:31:33.832147

1926 / tcp

"Broadband Router"

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

-1032713145 | 2024-06-02T01:03:34.136998

1962 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

671605376 | 2024-05-25T22:05:52.267273

1990 / tcp

SSH-2.0-OpenSSH_X.X

-653033013 | 2024-05-17T02:06:33.999001

2000 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

165188539 | 2024-05-27T22:09:14.859204

2002 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

2087396567 | 2024-05-30T08:53:51.756934

2008 / tcp

kjnkjabhbanc283ubcsbhdc72

-457235091 | 2024-05-20T14:31:05.912473

2018 / tcp

audio 0 RTP/AVP 18 4 3 8 0 101\r\na

819727972 | 2024-05-21T07:12:54.833230

2021 / tcp

SSH-2.0-OpenSSH_7.4

-1626979812 | 2024-05-31T23:18:54.971728

2059 / tcp

220 Service ready for new user.

550048729 | 2024-05-31T20:07:54.612881

2067 / tcp

ÿÿÿ
0 ...

-321444299 | 2024-05-15T18:30:54.861752

2083 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...
:dircproxy NOTICE AUTH :Got your hostname.

-984990168 | 2024-05-10T08:24:09.688546

2086 / tcp


0ÿñ

1842524259 | 2024-06-01T15:16:27.443625

2087 / tcp

372433470 | 2024-05-19T05:14:39.211307

2111 / tcp

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

141730637 | 2024-05-30T16:52:28.337001

2121 / tcp

HTTP/1.0 200 OK
Server: Proxy

-1626979812 | 2024-06-02T16:06:10.144511

2122 / tcp

220 Service ready for new user.

-971970408 | 2024-05-31T18:29:19.956235

2154 / tcp

546151771 | 2024-05-25T01:08:22.395358

2181 / tcp

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

-1659353189 | 2024-06-01T03:03:53.415200

2222 / tcp

SSH-2.0-ssh-server\r\n\\x00\\x00\\x02\\x14\x0b\\x14\x0b\\xed\\x16\\xae\\x96\t\\xc5En\\xbd\\x1cgn\\xff\\xad\\xd7\\x00\\x00\\x00\\xbbcurve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group14-sha256,diffie-hellman-gr

1662205251 | 2024-06-01T14:33:57.782199

2323 / tcp

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

-1888448627 | 2024-06-01T05:38:33.269038

2332 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1911457608 | 2024-06-01T12:43:07.229438

2345 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-971970408 | 2024-05-20T20:32:03.263540

2376 / tcp

165188539 | 2024-05-28T18:40:41.829432

2404 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

660175493 | 2024-05-19T07:19:14.657531

2455 / tcp

819727972 | 2024-05-05T14:17:18.725806

2559 / tcp

SSH-2.0-OpenSSH_7.4

1996932384 | 2024-05-21T03:58:07.259036

2628 / tcp

"raop" nonce

51259122 | 2024-06-02T21:45:16.249616

2761 / tcp

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

819727972 | 2024-06-01T13:49:55.452590

2762 / tcp

SSH-2.0-OpenSSH_7.4

-2089734047 | 2024-06-02T16:31:01.993894

3001 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

971933601 | 2024-05-24T23:32:47.555983

3050 / tcp

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

-1810987450 | 2024-05-29T18:15:31.339333

3055 / tcp

\xc3\xbf

1189133115 | 2024-05-10T17:10:12.488561

3081 / tcp

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

1830697416 | 2024-05-13T00:15:57.824353

3087 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

-1399940268 | 2024-05-29T05:39:20.199959

3107 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1730858130 | 2024-05-20T00:45:23.302721

3108 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

51259122 | 2024-05-08T09:16:40.410696

3110 / tcp

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

819727972 | 2024-05-23T14:35:52.140410

3112 / tcp

SSH-2.0-OpenSSH_7.4

1911457608 | 2024-05-16T10:07:31.764479

3116 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-05-22T19:58:37.577274

3118 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-2089734047 | 2024-05-29T20:36:12.705686

3119 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-1099385124 | 2024-05-13T22:22:58.930539

3121 / tcp

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

-653033013 | 2024-05-31T08:56:26.921325

3129 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

-862070606 | 2024-05-31T10:23:22.287925

3260 / tcp

Login Response Success(0x0000)\nKey/Value Pairs\nAuthMethod=None\nTargetAlias=LIO Target\nTargetPortalGroupTag=1\n\n

247702477 | 2024-05-31T10:32:23.760976

3268 / tcp

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 9-54370107-0 0NNN RT(1701565466051 0) q(0 -1 -1 -1) r(0 -1)

-1399940268 | 2024-05-31T08:22:13.198682

3269 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-641479109 | 2024-05-31T18:25:46.972293

3299 / tcp

[xU-

15018106 | 2024-05-31T00:37:40.896566

3301 / tcp

\x00\x19\x02\x00\x02\x00\x07\x00Protocol version mismatch\x00

-1036944024 | 2024-05-11T14:56:04.657780

3306 / tcp

F\\x00\\x00\\x00\\xffj\\x04Host \'*.*.*.*\' is not allowed to connect to this MySQL server

-1626979812 | 2024-05-29T23:31:12.624966

3310 / tcp

220 Service ready for new user.

2098371729 | 2024-05-16T13:11:21.386255

3388 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

848680996 | 2024-06-03T05:29:42.832020

3389 / tcp

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x02\t\\x08\\x00\\x02\\x00\\x00\\x00\n\nFlag: PROTOCOL_HYBRID\nTarget_Name: WINCTYU-KTI28LG\nProduct_Version: 6.1.7601 Ntlm 15\nOS: Windows 7, Service Pack 1/Windows Server 2008 R2, Service Pack 1\nNetBIOS_Domain_Name: WINCTYU-KTI28LG\nNetBIOS_Computer_Name: WINCTYU-KTI28LG\nDNS_Domain_Name: WINCTYU-KTI28LG\nDNS_Computer_Name: WINCTYU-KTI28LG\nSystem_Time: 2024-01-22 08:43:05 +0000 UTC\n\n

45131230 | 2024-05-17T14:10:33.334527

3405 / tcp

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

1623746877 | 2024-05-08T06:48:53.990901

3479 / tcp

500 Permission denied - closing connection.\r\n

45131230 | 2024-05-17T14:47:24.727354

3503 / tcp

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

1778988322 | 2024-05-16T17:51:12.043582

3542 / tcp

* OK GroupWise IMAP4rev1 Server Ready

198844676 | 2024-05-26T13:13:20.338966

3551 / tcp

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

1615193817 | 2024-05-20T10:57:54.003322

3552 / tcp

Hello, this is FRRouting (version 4.0).\r\r\nCopyright 19\n96-2005 Kunihiro Ishiguro, et al.\r\r\n\r\r\n\r\nUse...\n

921225407 | 2024-05-25T19:55:43.060668

3567 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

-1839934832 | 2024-05-15T10:44:53.388127

3790 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-1960639992 | 2024-06-02T04:36:42.268262

4000 / tcp

HTTP/1.1 401 Unauthorized

-891714208 | 2024-05-30T13:24:26.214448

4022 / tcp

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com\nmit-revprops depth log-revprops partial-replay ) ) )

2087396567 | 2024-05-05T23:39:45.570712

4063 / tcp

kjnkjabhbanc283ubcsbhdc72

-2096652808 | 2024-05-31T10:23:54.479482

4064 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

198844676 | 2024-05-27T02:24:18.721804

4242 / tcp

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

819727972 | 2024-05-31T06:07:54.235991

4282 / tcp

SSH-2.0-OpenSSH_7.4

-1250504565 | 2024-05-20T01:11:40.698446

4321 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

-1399940268 | 2024-05-30T23:57:54.681342

4369 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1681927087 | 2024-05-13T18:40:59.195788

4433 / tcp

kjnkjabhbanc283ubcsbhdc72

2140295939 | 2024-05-27T03:14:44.844886

4443 / tcp

HTTP/1.1 200 
Server: nginx
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache

-2096652808 | 2024-05-21T03:41:02.198352

4444 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1282941221 | 2024-05-18T00:06:29.432335

4500 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

1689518693 | 2024-05-27T17:54:51.091397

4506 / tcp

[¼/

-1327660293 | 2024-05-18T14:42:43.565301

4545 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

-314039103 | 2024-05-07T09:48:58.321225

4782 / tcp

Surnom.
Sorry, that nickname format is invalid.

-2031152423 | 2024-06-03T02:09:05.408938

4840 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

819727972 | 2024-05-09T12:11:56.356884

4899 / tcp

SSH-2.0-OpenSSH_7.4

-122096153 | 2024-05-22T23:17:26.262365

4911 / tcp

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

819727972 | 2024-06-02T16:37:18.973143

4949 / tcp

SSH-2.0-OpenSSH_7.4

2087396567 | 2024-05-22T16:45:40.978066

5001 / tcp

kjnkjabhbanc283ubcsbhdc72

1911457608 | 2024-05-26T20:35:34.886879

5002 / tcp

\x00[\x00\x00\x00\x00\x00\x00

2098371729 | 2024-05-26T21:17:39.048336

5003 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>\nA<!DOCTYPE GANGLIA_XML [\n   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...\n

-1344535834 | 2024-05-11T17:44:50.602587

5005 / tcp

HTTP/1.0 200 OK
Server: Proxy

-2096652808 | 2024-05-28T15:30:59.575240

5007 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

567505242 | 2024-05-23T10:28:46.065846

5009 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1a3c_wdx20_40557-6922

-1399940268 | 2024-06-01T19:22:07.799059

5010 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

119860953 | 2024-05-29T06:41:10.561333

5025 / tcp

* OK ArGoSoft Mail Server IMAP Module v.YW at

1282941221 | 2024-05-22T23:12:52.236750

5122 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

863754335 | 2024-05-26T01:45:41.750895

5172 / tcp

0a

-747911285 | 2024-05-23T11:39:39.675264

5201 / tcp

\xc2\xaa

1690634669 | 2024-05-22T22:10:40.984527

5222 / tcp

-1074907534 | 2024-05-26T22:14:34.047353

5269 / tcp

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705938603.82-w-waf02tjgt

819727972 | 2024-06-01T08:49:18.481574

5400 / tcp

SSH-2.0-OpenSSH_7.4

-1399940268 | 2024-05-29T09:43:42.289818

5432 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-05-22T18:29:52.068003

5435 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-05-16T10:55:34.689366

5494 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1023953321 | 2024-05-24T08:36:58.798621

5500 / tcp

HTTP/1.0 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm="proxy"
Connection: close
Content-type: text/html; charset=utf-8

-1279886438 | 2024-05-18T07:24:39.806369

5542 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

819727972 | 2024-05-07T13:19:34.028156

5603 / tcp

SSH-2.0-OpenSSH_7.4

1911457608 | 2024-05-06T12:40:50.393271

5604 / tcp

\x00[\x00\x00\x00\x00\x00\x00

819727972 | 2024-05-13T21:14:37.864316

5609 / tcp

SSH-2.0-OpenSSH_7.4

575925250 | 2024-05-21T01:49:14.118911

5672 / tcp

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

-1013082686 | 2024-05-17T04:01:16.739823

5673 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

565044707 | 2024-05-31T13:44:30.385637

5801 / tcp

HTTP/1.1 200 
Accept-Ranges: bytes
Content-Type: text/html;charset=UTF-8
Content-Length: 670
S-Host: https://sukz-mc-u.aliyuncs.com/checkout/share/admit-import/unblend-deactivate/nacos/

1282941221 | 2024-05-28T19:12:38.237079

5858 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

1999272906 | 2024-05-31T02:44:40.345776

5984 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

1412519768 | 2024-05-20T13:40:56.883042

5985 / tcp

"AP0F1D85"
Connection: close

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR

-971970408 | 2024-05-09T01:42:34.070679

5986 / tcp

1632932802 | 2024-05-30T18:33:34.461729

6000 / tcp

-904840257 | 2024-05-13T19:38:01.607178

6001 / tcp

572 Relay not authorized\r\n

1632932802 | 2024-05-22T06:18:04.668494

6002 / tcp

1911457608 | 2024-05-24T15:35:07.278818

6007 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-05-24T22:13:10.987880

6036 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

550048729 | 2024-05-29T01:19:24.976407

6080 / tcp

ÿÿÿ
0 ...

321971019 | 2024-05-25T02:56:14.772702

6379 / tcp

-ERR client ip is not in whitelist\r

-1251717736 | 2024-05-06T05:37:37.726236

6443 / tcp

HTTP/1.1 200 OK
Date: Mon, 06 May 2024 05:37:37 GMT
Content-Type: application/json
Content-Length: 2660
Connection: keep-alive
Ali-Swift-Global-Savetime: 1714973857
Eagleeye-Traceid: 07483dfd88b1ae3d5c8c161bb3
Eagleid: 07483dfd88b1ae3d5c8c161bb3
S_group: tao-session
S_ip: 23c0101e7bad02278248e591292a0585
S_status: STATUS_SYS_ERR
S_tag: 418700501096465|962893628^|^^
S_tid: 07483dfd88b1ae3d5c8c161bb3
S_ucode: CN:CENTER
S_v: 5.3.0.2
Server: Tengine
Strict-Transport-Security: max-age=0
Timing-Allow-Origin: *, *
Location: https://aliyun-workplace.alibaba-inc.com
Ufe-Result: A1
Via: vcache00.19vcache2[397,806,990-0,M], vcache77.vcache66[521,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-Cachetime: 0
X-Swift-Savetime: Mon, 06 May 2024 05:37:37 GMT

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:a7:27:29:07:10:52:7c:ae:c7:4a:96
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2
        Validity
            Not Before: Sep 12 07:56:08 2023 GMT
            Not After : Feb 20 10:00:00 2024 GMT
        Subject: CN=*.aliyuncs.com, O=Alibaba (China) Technology Co., Ltd., L=Hangzhou, ST=Zhejiang, C=CN
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:dd:4b:74:ed:c6:5a:af:d8:ec:b8:00:f8:be:09:
                    34:31:59:b1:d9:1b:77:36:69:8b:27:30:12:a2:ff:
                    69:4e:58:2b:8d:98:ed:55:24:6a:9b:b3:5a:6b:54:
                    68:b8:b7:af:ee:8b:2d:5b:86:f0:92:f6:ef:ba:25:
                    40:b6:ac:30:eb:0c:b4:35:17:25:82:6f:84:57:5b:
                    d7:d9:0c:eb:9d:09:dc:bd:17:bf:92:98:db:b9:3b:
                    d3:70:74:bc:b4:ad:55:c7:e2:85:17:3e:f7:03:ce:
                    a3:7a:d4:61:4b:27:99:3c:8a:b8:7f:bd:f0:02:67:
                    55:75:cc:b7:cd:2b:91:3f:d9:11:a0:74:0c:9d:8a:
                    4a:b9:b8:5a:bc:1e:97:a1:b3:79:5b:5d:30:ea:a5:
                    8b:a2:23:05:02:22:9b:d4:f8:25:e6:99:c0:6d:4b:
                    d6:e0:ad:f0:01:a3:c9:e2:db:c2:bc:66:5e:3f:1b:
                    cd:c9:01:ad:68:50:77:ca:41:b9:a2:cf:58:9b:d9:
                    5c:1d:f2:b4:9c:9e:f9:c7:84:fe:65:8f:68:b5:e3:
                    2c:43:31:a0:a6:5c:65:eb:67:63:da:9b:0a:91:f8:
                    c1:f2:ba:0f:4e:48:53:f7:12:ca:6c:35:4e:4b:96:
                    02:d7:bc:3b:77:ad:80:17:9b:7a:4d:37:a1:e3:8c:
                    85:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                BD:22:FF:00:93:D9:9B:FA:87:FC:C5:14:21:44:0A:DD:BF:4A:AA:A6
            X509v3 Authority Key Identifier: 
                96:DE:61:F1:BD:1C:16:29:53:1C:C0:CC:7D:3B:83:00:40:E6:1A:7C
            Authority Information Access: 
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g2
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt
            X509v3 Subject Alternative Name: 
                DNS:*.aliyuncs.com, DNS:*.cn-hangzhou-mybk.aliyuncs.com, DNS:*.cn-nantong.aliyuncs.com, DNS:*.cn-shenzhen-finance-1.aliyuncs.com, DNS:*.cn-sichuan.aliyuncs.com, DNS:*.jp-fudao.aliyuncs.com, DNS:*.ap-south-1.aliyuncs.com, DNS:*.cn-wulanchabu.aliyuncs.com, DNS:*.cn-huhehaote.aliyuncs.com, DNS:*.cn-chengdu.aliyuncs.com, DNS:*.rus-west-1.aliyuncs.com, DNS:*.ap-southeast-1.aliyuncs.com, DNS:*.in-mumbai.aliyuncs.com, DNS:*.cn-guangzhou.aliyuncs.com, DNS:*.cn-hangzhou.aliyuncs.com, DNS:dod-tiger.taobao.com, DNS:yqza.taobao.com, DNS:sec.alimama.com, DNS:buc-test-qier.alibaba-inc.com, DNS:heno.stors.ojibobo-ina.aon.alibaba-inc.com, DNS:stars.shuqireader.com, DNS:www2s.mashort.cn, DNS:opsx.vip.tbsite.net, DNS:shog36977584.taobao.com, DNS:szdyyyxs.1688.com, DNS:hovonojogin.taobao.com, DNS:shop36674442.taobao.com, DNS:svnort.stors.ojibobo-ina.aon.alibaba-inc.com, DNS:xbootogs.ojibobo-ina.aon.alibaba-inc.com, DNS:university.lazada.vn, DNS:shog36621603.taobao.com, DNS:api.dingtalk.com, DNS:shog36600642.taobao.com, DNS:admin-p.lazada.vn, DNS:ocache.taobao.net, DNS:10yuankaihutiyanjin-okta-network-drookings-mirror.accept.lex.vn, DNS:lighthouse.lazada.co.th, DNS:api.aliyun.com, DNS:admin.lazada.co.id, DNS:ajovdovth-intj.an-shonghoi.aliyuncs.com, DNS:ob-gre.ojiyvn-ina.aon.aliyun-inc.com, DNS:shop2b0883416a7i9.aliyun.com, DNS:acs-m-sg.lazada.co.id, DNS:auth.wms.aliyun.com, DNS:qtnetria-shore.aliyuncs.com, DNS:m5-zb.amap.com, DNS:mail.wondfo.com.cn, DNS:m.sellercenter.lazada.com.ph, DNS:yvndvn-idi-server.ojiyvn-ina.aon.aliyun-inc.com, DNS:xmap-alg-deploy-prepub.amap.com, DNS:qt-changeplatform.alibaba.net, DNS:yhnkwj.1688.com, DNS:www22.aliwork.com, DNS:eci-vpc.ap-southeast-1.aliyuncs.com, DNS:b-manage.gfn.cainiao.com, DNS:sellercenter.lazada.com.my, DNS:aloc-offline.aliyun.com, DNS:hhpai-dsw-dsw56392-80.pcs-svr.alibaba-inc.com, DNS:attg.ojibobo-ina.aon.alibaba-inc.com, DNS:shop6239730h56062.1688.com, DNS:api.ascp-fresh-produce.hemayx.cn, DNS:console-fc.alpha.redmart.com, DNS:shog1442508391642.1688.com, DNS:fvzebogs.1688.com, DNS:das.base.shuju.aliyun.com, DNS:ojiaert.taobao.com, DNS:og-sovtheost-1.ron-internoj.aliyuncs.com, DNS:119152.aliexpress.com, DNS:shog36315220.taobao.com, DNS:nextci.amap.com, DNS:shop36579394.taobao.com, DNS:ens-network-sqos-hybrid.alicdn.com, DNS:manage-cmscn.gfn.cainiao.com, DNS:detoij.tmall.com, DNS:jielitushu.tmall.com, DNS:new-university.lazada.co.id, DNS:bi.aliyun.com, DNS:shog3078o27060063.1688.com, DNS:www.yx.fusion.design, DNS:hm1.cnzz.com, DNS:u.lazada.com.my, DNS:pre-ids-gpcb.lazada.com, DNS:adsprobe.aliyun.com, DNS:services-iss-sh.cainiao-inc.com, DNS:gigsijk.taobao.com, DNS:nrcm.lydaas.com, DNS:connect.aliexpress.com, DNS:vidigod.1688.com, DNS:axjanja.1688.com, DNS:alimama2.aliyun.com, DNS:shog36236233.taobao.com, DNS:anqi9988.1688.com, DNS:www.lex.co.id, DNS:shog36346889.taobao.com, DNS:gvonghe.taobao.com, DNS:iot.ap-southeast-1.aliyun.com, DNS:1111.alimama.com, DNS:netriahvb-ans-an-beijing.aliyuncs.com, DNS:link.wt.cainiao.com
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        55:c0:12:7a:04:5a:dd:93:46:07:dd:96:3f:75:3b:dd:07:3b:
        c0:4a:2e:56:65:f3:86:e1:0a:0a:4b:a4:e1:ca:e2:19:2c:ee:
        e3:f8:4f:06:c4:bb:bc:c8:20:28:67:7e:a2:69:d1:b5:7e:d7:
        bc:34:4f:11:9c:4f:74:37:b8:57:b4:05:45:cf:c8:87:24:ed:
        0c:ee:f6:7d:05:6c:98:f1:72:b7:e4:f3:2a:1a:64:4d:13:be:
        4e:e6:ff:c6:84:3b:4a:2d:3f:5a:1b:4d:77:21:38:e3:68:fd:
        a8:93:fb:2a:f4:ea:c7:89:f0:28:68:ea:3d:f2:ae:0e:31:f7:
        77:fa:01:a4:af:1e:6a:75:8e:6b:17:8d:ba:7b:35:70:3a:6e:
        c8:1c:dd:7a:4e:60:0f:f9:3f:3e:38:7c:39:2a:57:3c:83:ca:
        c5:5c:f8:d8:f3:8d:79:d2:4d:d6:37:63:d8:05:6d:86:91:ce:
        8b:bb:75:ee:92:af:e0:96:94:0f:d6:70:f6:55:62:91:21:10:
        e9:19:0e:23:75:04:d8:13:d9:5a:94:19:24:ac:52:10:b7:5a:
        cc:b2:9e:28:9c:70:21:65:c8:a8:c4:1d:e9:07:57:19:ee:75:
        91:2d:7a:28:52:db:b8:1f:28:78:16:13:f6:4d:ea:ff:79:3d:
        ab:a5:ec:59

-1327660293 | 2024-05-16T09:03:12.969215

6560 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

1911457608 | 2024-05-23T13:51:15.803770

6588 / tcp

\x00[\x00\x00\x00\x00\x00\x00

575925250 | 2024-06-02T03:55:31.595702

6603 / tcp

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

-1839934832 | 2024-05-13T12:32:00.239934

6633 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-358707605 | 2024-05-05T02:58:34.982741

6653 / tcp

HTTP/1.1 200
Accept-Ranges: bytes
Content-Type: text/html;charset=UTF-8
Content-Length: 391
Connect-To: https://qd-gatway.aliyuncs.com/table/tree-land/nacos/

<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="UTF-8">
	<title>Nacos</title>
	<link rel="shortcut icon" href="/nacos/console-ui/public/img/nacos-logo.png" type="image/x-icon">

<link href="./css/main.css" rel="stylesheet"></head>
<body>
	<div id="root" style="overflow:hidden"></div>
	<div id="app"></div>
	<div id="other"></div>

</body>

4935895 | 2024-05-24T13:29:23.078366

6666 / tcp

HTTP/1.1 400 Bad Request
Server: CloudWAF

-438503381 | 2024-05-24T15:57:03.915641

6667 / tcp

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

819727972 | 2024-05-25T13:39:32.058616

6668 / tcp

SSH-2.0-OpenSSH_7.4

1504401647 | 2024-05-11T21:11:31.000024

6697 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

-2089734047 | 2024-06-02T10:45:35.959926

6789 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-579195550 | 2024-06-02T21:17:05.734350

7000 / tcp

HTTP/1.1 407 Proxy Authentication Required 
Content-Type: text/plain; charset=utf-8
Proxy-Authenticate: Basic realm="proxy"

-274925451 | 2024-05-26T21:54:21.241688

7001 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2914_PSzqstdxnz35_3380-26211

-1839934832 | 2024-05-22T13:35:04.880259

7071 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-2089734047 | 2024-05-27T21:41:06.897732

7171 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

290819026 | 2024-05-25T21:40:21.755494

7218 / tcp

welcome to Pandora console!
----------------------------
-------------------------
|     Login Time     |     2021-12-08 1...

819727972 | 2024-05-11T02:01:58.116022

7415 / tcp

SSH-2.0-OpenSSH_7.4

1690634669 | 2024-05-06T01:38:10.138009

7434 / tcp

1911457608 | 2024-05-04T14:02:20.574340

7510 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1072892569 | 2024-05-30T17:01:53.277156

7547 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

-992671574 | 2024-05-23T12:12:04.163851

7548 / tcp

@RSYNCD: 26

1741579575 | 2024-05-10T07:29:42.080578

7634 / tcp

2033888749 | 2024-05-25T20:59:59.651291

7657 / tcp

Content-Type: text/rude-rejection
Content-Length: 24


Access Denied, go away.
Content-Type: text/disconnect-notice
C...

45131230 | 2024-05-04T08:20:22.257085

7887 / tcp

inv2W\x04\x0f\x00\x00\x00\x01\x00\t\x00\x00\x00

-1259524839 | 2024-06-02T18:48:13.489798

7999 / tcp

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

1072892569 | 2024-05-30T13:42:30.852552

8001 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

-1139539254 | 2024-05-11T09:10:24.290271

8005 / tcp

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

-445721795 | 2024-05-22T19:12:05.622099

8006 / tcp

\x00[\xc3\xaed\x1a\x7f\x00\x00

1077013874 | 2024-05-22T23:08:23.030825

8009 / tcp

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

-1399940268 | 2024-05-29T17:34:58.455843

8012 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

677934968 | 2024-05-23T13:00:48.452885

8015 / tcp

lm^)Q

1911457608 | 2024-05-15T06:35:59.803469

8024 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1839934832 | 2024-05-09T05:58:35.202416

8032 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-2096652808 | 2024-05-28T08:09:20.066049

8047 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1975288991 | 2024-05-31T13:18:02.681195

8050 / tcp

OPTI

-358707605 | 2024-06-03T02:28:16.647732

8055 / tcp

HTTP/1.1 200
Accept-Ranges: bytes
Content-Type: text/html;charset=UTF-8
Content-Length: 391
Connect-To: https://qd-gatway.aliyuncs.com/table/tree-land/nacos/

<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="UTF-8">
	<title>Nacos</title>
	<link rel="shortcut icon" href="/nacos/console-ui/public/img/nacos-logo.png" type="image/x-icon">

<link href="./css/main.css" rel="stylesheet"></head>
<body>
	<div id="root" style="overflow:hidden"></div>
	<div id="app"></div>
	<div id="other"></div>

</body>

1911457608 | 2024-05-06T01:20:40.801529

8066 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-228983283 | 2024-05-29T03:42:56.861926

8080 / tcp

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate
Content-Length: 8373
Content-Type: text/html;charset=UTF-8
Date: Wed, 29 May 2024 03:42:51 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Jetty(9.2.z-SNAPSHOT)
Set-Cookie: JSESSIONID.325bbeee=adldmy1dw0a71qzc5gp2fvu4m;Path=/;HttpOnly
X-Content-Type-Options: nosniff
X-Data-Content: https://baseinfo-usercenterservice.aliyuncs.com/products-schedule
X-Frame-Options: sameorigin
X-Hudson: 1.395
X-Hudson-Cli-Port: 38239
X-Hudson-Theme: default
X-Instance-Identity: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjtLEGekVD1CV1wPIDFhM6c1MaG9onmKBc/hBL6S7zkAYBpNnx1DfJJjiOCj8Xc/fC2cHlUdXVLeqBesJIZzHnZG+Nn/5X8R2uctF025n6LXkOIwJejqMtPcG5QoAdYLgCzRngZGLU9dltp3hQaQOSTZpOVFLDME2KL/Pwqoxiz1G+1ZQIgy/8xeDXMgdzr3ze/yzMpj6GyMdz4uest7geOzagBK2Dq2ynTNhPmWcwo6SctPZDjE3hBK9TUGxyHlSLJurvod3crpgjl8Q2S+Wh4QiYeb0rgES8pihG5/YoGYSZoa+/rCrBcLwd6P1PIRm1d+2mjIwb2TVfgaHwDW8QIDAQAB
X-Jenkins: 2.46.1
X-Jenkins-Cli-Port: 38239
X-Jenkins-Cli2-Port: 38239
X-Jenkins-Session: 99a7b9b0
X-Ssh-Endpoint: 8.132.220.5:44279

1767345577 | 2024-05-22T00:18:25.365919

8083 / tcp

Hello, this is Quagga (version 0T).
Copyright 1996-200

1492413928 | 2024-05-31T21:13:42.396771

8085 / tcp

SSH-2.0-OpenSSH_7.5

1948301213 | 2024-05-17T00:07:10.769139

8087 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

819727972 | 2024-05-22T16:27:41.776784

8089 / tcp

SSH-2.0-OpenSSH_7.4

841014058 | 2024-05-20T22:59:02.439692

8090 / tcp

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

-1311886953 | 2024-05-08T05:39:34.329761

8093 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2207_hlj44_14026-32895

-2096652808 | 2024-05-23T09:03:53.169989

8094 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-1139539254 | 2024-05-05T23:46:23.230789

8096 / tcp

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

1375509841 | 2024-06-01T16:58:31.249687

8098 / tcp

ÿû

no data rcvd for version string

recv version id unsuccessful

SSH Session task 0xY: Version Exchange Failed

623236583 | 2024-05-31T03:30:32.503733

8099 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae293a_dedxin34_19677-349

-2089734047 | 2024-05-31T14:37:21.106266

8102 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

165188539 | 2024-05-09T18:16:04.978361

8109 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1344535834 | 2024-06-02T17:07:55.096296

8123 / tcp

HTTP/1.0 200 OK
Server: Proxy

-2107996212 | 2024-05-19T11:10:44.758174

8126 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

-784071826 | 2024-05-20T07:34:52.895329

8139 / tcp

SSH-2.0-OpenSSH_8.0

-1529979118 | 2024-05-23T14:49:19.230509

8140 / tcp

inv2W

-1264324149 | 2024-05-17T09:30:59.792234

8200 / tcp

Siemens 2766190798 T1E1 [COMBO] Router (7-382-) v13708 Ready
ÿû\x01ÿû\x03ÿý\x01ÿþ\x01Username:

-1399940268 | 2024-05-19T11:13:48.875090

8241 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-05-15T03:31:09.315838

8243 / tcp

SSH-2.0-OpenSSH_7.4

165188539 | 2024-05-29T01:24:52.918596

8291 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1713467553 | 2024-05-14T20:45:50.080025

8333 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Connection: close

-653033013 | 2024-05-12T10:44:45.354332

8401 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

-1888448627 | 2024-05-12T09:42:00.383044

8427 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1753236315 | 2024-05-30T17:41:18.100720

8443 / tcp

HTTP/1.1 200 OK
Referrer-Policy: no-referrer
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Robots-Tag: none
Cache-Control: no-cache, must-revalidate, no-transform, no-store
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html;charset=utf-8
content-length: 3870

-1399940268 | 2024-05-07T00:10:15.820551

8447 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1529351907 | 2024-05-17T17:24:46.782635

8500 / tcp

HTTP/1.1 407 OK
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

please add white ip *.*.*.*

-1399940268 | 2024-05-07T06:02:37.568934

8545 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-05-11T13:34:22.006745

8554 / tcp

SSH-2.0-OpenSSH_7.4

-1399940268 | 2024-05-24T17:11:45.115142

8575 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1911457608 | 2024-05-23T07:47:04.045784

8585 / tcp

\x00[\x00\x00\x00\x00\x00\x00

842535728 | 2024-05-20T04:19:33.179311

8649 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

1767345577 | 2024-05-18T03:33:09.078222

8700 / tcp

Hello, this is Quagga (version 0T).
Copyright 1996-200

-1399940268 | 2024-05-27T09:50:25.136725

8728 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

921225407 | 2024-05-11T13:55:01.210484

8802 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

-1399940268 | 2024-05-12T20:48:03.325228

8810 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-358801646 | 2024-05-28T10:37:56.732918

8814 / tcp

SSH-2.0-OpenSSH_6.6.1

-2096652808 | 2024-05-24T17:49:53.455439

8823 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-971970408 | 2024-05-29T09:50:50.433570

8834 / tcp

-1399940268 | 2024-05-28T23:16:47.997481

8845 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-784071826 | 2024-05-22T19:37:49.045119

8856 / tcp

SSH-2.0-OpenSSH_8.0

-1477838366 | 2024-05-07T12:31:32.213273

8857 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4

819727972 | 2024-05-30T23:21:50.138783

8877 / tcp

SSH-2.0-OpenSSH_7.4

-1839934832 | 2024-05-17T13:48:10.381617

8880 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

250824264 | 2024-06-02T07:08:05.478780

8888 / tcp

HTTP/1.1 408 Request Timeout

-1733645023 | 2024-05-31T22:40:29.422690

8889 / tcp

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

-1487943323 | 2024-05-24T13:07:17.150819

8899 / tcp

431 Unable to negotiate secure command connection.\r\n

1911457608 | 2024-05-28T14:18:39.496797

8991 / tcp

\x00[\x00\x00\x00\x00\x00\x00

307999478 | 2024-05-07T06:51:59.021852

8999 / tcp

unknown command \r\nunknown command \r\n

-2067028711 | 2024-05-16T20:15:29.620675

9000 / tcp

\x15\x03\x01\x00\x02\x02F

-1026951088 | 2024-05-31T20:34:21.377274

9001 / tcp

erro ip

60948681 | 2024-05-20T08:51:17.374684

9002 / tcp

lpd [@Boyk]: Print-services are not available to your host (aF2qXkQ2m).

-1045760528 | 2024-05-09T15:15:39.045938

9018 / tcp

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

-1470145161 | 2024-05-08T04:28:34.513886

9022 / tcp

SSH-2.0-ROSSSH\r\n

-1730858130 | 2024-05-11T03:44:41.347896

9029 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-2089734047 | 2024-05-11T22:40:44.687241

9030 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-904840257 | 2024-05-07T00:35:22.441405

9036 / tcp

572 Relay not authorized\r\n

-753880919 | 2024-06-02T00:01:56.754704

9040 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65aa1486_PSbjzwdx5ru23_18019-51618

-2107996212 | 2024-05-27T13:35:44.562665

9042 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

819727972 | 2024-05-17T09:41:34.392917

9051 / tcp

SSH-2.0-OpenSSH_7.4

1082239536 | 2024-05-20T00:22:31.393136

9090 / tcp

HTTP/1.1 302 Found
Content-Length: 0
Date: Mon, 20 May 2024 00:22:30 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://cmpgtest.aliyuncs.com/analytics/admin/memory-variables/update/storage
Set-Cookie: JSESSIONID=node01bgia46csvfdik9qim17jbvd7836.node0; Path=/; HttpOnly
X-Frame-Options: SAMEORIGIN

-1760806421 | 2024-05-27T03:52:47.337022

9091 / tcp

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected

-971970408 | 2024-05-30T04:20:37.716554

9095 / tcp

-2046514463 | 2024-05-22T07:16:38.521324

9100 / tcp

AB\x01\t

-2096652808 | 2024-05-27T10:16:39.562701

9111 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

165188539 | 2024-05-23T07:30:13.272273

9119 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

819727972 | 2024-05-18T19:09:11.670571

9151 / tcp

SSH-2.0-OpenSSH_7.4

-1139539254 | 2024-05-22T22:42:54.756813

9160 / tcp

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

1911457608 | 2024-05-22T07:23:50.819269

9211 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1911457608 | 2024-05-23T13:26:15.195340

9218 / tcp

\x00[\x00\x00\x00\x00\x00\x00

205347087 | 2024-05-08T06:56:51.950260

9299 / tcp

SSH-25453-Cisco-3524665.35\n

819727972 | 2024-05-26T07:44:07.830580

9301 / tcp

SSH-2.0-OpenSSH_7.4

-1399940268 | 2024-05-30T06:12:31.747287

9306 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1004056929 | 2024-05-25T01:07:50.491472

9418 / tcp

Invalid request string: Request string is: "
"

842535728 | 2024-05-22T08:46:41.952699

9443 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

-1991224470 | 2024-05-27T20:43:22.950156

9500 / tcp

\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x14TP/1.1\r\n\\x00\\x00\\x00\\x00&

-1648456501 | 2024-06-01T09:07:33.367480

9530 / tcp

\n\r\xc3\xbf\xc3\xbbUDo you want ANSI color? (Y/n)

1778988322 | 2024-05-08T00:49:54.021561

9595 / tcp

* OK GroupWise IMAP4rev1 Server Ready

1911457608 | 2024-06-01T17:36:52.102635

9600 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1370263973 | 2024-05-10T09:08:54.741193

9633 / tcp

dubbo>

-2089734047 | 2024-05-09T04:39:50.814598

9690 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-05-07T08:16:48.861386

9704 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1726594447 | 2024-05-30T18:11:30.156086

9761 / tcp

\r\n\nLantronix MSS100 Version V118/523(045538937)\n\r\nType HELP at the \'Local_61349> \' prompt for assistance.\n\r\n\r\n\nUsername>

104385780 | 2024-05-17T01:33:03.776428

9869 / tcp

ceph v2

1320285193 | 2024-06-02T11:18:27.315967

9898 / tcp

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

819727972 | 2024-05-24T09:56:04.362385

9899 / tcp

SSH-2.0-OpenSSH_7.4

-1839864261 | 2024-05-29T19:17:10.616134

9943 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae25a5_PS-TNH-01Vm9154_3387-14536

472902042 | 2024-05-16T20:19:24.751713

9981 / tcp

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

1161309183 | 2024-05-30T07:07:47.122827

9999 / tcp

ProxyServer is ready

1396488228 | 2024-06-02T11:11:07.851679

10000 / tcp

HTTP/1.1 200 OK
Content-Length: 2037
Cache-Control: private, max-age=300
Content-Type: text/html

1492413928 | 2024-05-12T00:28:06.476254

10001 / tcp

SSH-2.0-OpenSSH_7.5

-1996280214 | 2024-05-18T05:20:24.702488

10134 / tcp

\x06\x04\x05@

819727972 | 2024-05-28T02:28:50.241898

10250 / tcp

SSH-2.0-OpenSSH_7.4

1593427995 | 2024-05-08T12:21:08.007596

10443 / tcp

HTTP/1.1 403 Forbidden
Date: Wed, 08 May 2024 12:21:07 GMT
Content-Type: text/html
Content-Length: 238
Connection: keep-alive
Server: Tengine
Location: https://addr-common-internal.edas.aliyun.com
Via: vcache28.cn8516[,0]

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:49:b2:86:90:3c:9b:46:7a:60:5b:87
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: May  5 06:21:16 2023 GMT
            Not After : Jun  5 06:21:15 2024 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.aliyun.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c7:cb:8c:48:08:48:af:89:01:66:08:4b:53:ed:
                    2a:fd:70:b2:61:40:46:9b:98:19:49:b9:9f:64:c8:
                    60:d6:2c:47:85:56:ca:c2:31:94:d2:3a:d3:c1:24:
                    91:c6:70:be:6f:53:3c:fb:ae:f2:e5:cf:3d:c5:6a:
                    95:ee:f3:5d:37:62:25:51:fb:69:dd:37:93:00:a3:
                    cf:dd:18:a9:af:5c:f7:6f:96:a2:92:27:65:21:92:
                    de:ff:c2:ec:d9:52:42:06:cd:84:44:20:f4:c1:15:
                    4b:13:27:c5:3d:f1:c3:e8:61:b2:41:f7:22:4d:3e:
                    08:20:b0:7c:b3:38:9c:ab:d6:fc:49:6b:b4:92:88:
                    16:2e:c7:62:23:33:43:a0:36:86:ca:80:8a:9e:b0:
                    73:01:50:54:33:06:4c:b9:a3:73:71:09:98:72:22:
                    6f:a7:9c:c3:3e:bd:ea:7f:57:dd:c2:d2:a0:85:21:
                    ae:a8:fb:16:d7:ef:a2:5b:8d:75:cf:b0:e5:cb:34:
                    78:cc:28:e6:27:13:6a:d4:96:f5:ac:de:f3:38:d5:
                    cc:7a:ba:c2:78:b9:5e:db:f8:2d:14:d1:4b:e0:6f:
                    31:e2:c9:5c:56:bd:31:2d:1c:94:d4:54:11:05:5f:
                    0f:54:cd:63:c3:98:af:33:c4:2e:ed:36:61:1a:66:
                    4b:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FB:43:61:72:DB:90:9F:67:07:2E:AE:74:FB:66:90:A2:E9:C4:FC:15
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            Authority Information Access: 
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
            X509v3 Subject Alternative Name: 
                DNS:*.aliyun.com, DNS:aliyun.com, DNS:hhgoi-dsd-dsd44826-80.gas-svr.ojibobo-ina.aon.alibaba-inc.com, DNS:ar-grivote-shore.ev-aentroj-1.aliyuncs.com, DNS:dotodorks-nonoger-ogi.dd.ojibobo-ina.aon.alibaba-inc.com, DNS:operate-api.yiupin.com, DNS:gd-dork.ojibobo-ina.aon.alibaba-inc.com, DNS:cn.aliyun.com, DNS:vot.ojibobo-ina.aon.alibaba-inc.com, DNS:pre-cockpit-test.aliyun.com, DNS:shop1432140437765.aliyun.com, DNS:gjon-3d.tmall.com, DNS:sell.xiangqing.taobao.com, DNS:gre-oah2.ojibobo-ina.aon.alibaba-inc.com, DNS:gre-stvdio.iot.aliyun.com, DNS:szrobotine.1688.com, DNS:dotaher.ojibobo-ina.aon.alibaba-inc.com, DNS:test-aenter.ojibobo-ina.aon.alibaba-inc.com, DNS:shog2a6250868e917.1688.com, DNS:solution.lazada.com.my, DNS:yjgts.aliyun.com, DNS:webim.lazada.com.my, DNS:regort.aliyun.com, DNS:shog36244836.taobao.com, DNS:login.portal.hemaos.com, DNS:lazada.cn, DNS:sts.og-northeost-1.aliyuncs.com, DNS:item.publish.tmall.com
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        46:8d:d5:3f:27:1b:ce:a8:1b:e1:d7:1b:99:f8:ca:ba:e6:33:
        d1:64:df:65:bb:34:91:1c:f5:08:f9:18:d7:14:e0:9b:70:d0:
        36:1b:c4:4d:88:bf:81:a5:6a:59:44:33:7e:99:66:01:99:5c:
        84:0d:e1:af:44:a7:58:25:d7:77:98:62:08:e2:53:0e:d6:6c:
        3a:d9:90:f6:ed:72:06:1a:2d:bb:d3:5f:c9:00:6f:48:c5:a7:
        ea:2b:7b:42:0b:12:e3:be:cf:c6:f8:39:68:25:ff:e2:6d:67:
        c2:13:29:7b:81:ea:67:83:66:b6:d2:e1:14:f1:45:75:0d:b5:
        53:0f:32:5a:f3:4c:61:c0:d1:03:82:9f:b7:d0:a4:3c:92:da:
        d1:28:c3:51:70:43:1e:aa:d8:51:76:4e:e7:5f:04:cb:56:c1:
        b8:b4:22:e1:3d:87:85:ea:81:c1:3a:bc:12:68:ac:d1:28:1d:
        ca:d0:cd:e8:be:62:34:62:2b:e8:d1:20:1e:c5:7c:9b:b2:41:
        09:81:d9:6c:7c:9c:5b:f4:55:4a:b8:67:41:d1:f7:6f:ce:b2:
        39:43:c2:5b:25:ec:08:67:51:51:b7:9c:85:40:27:eb:77:78:
        4e:35:7c:19:a5:b6:1a:92:0e:06:9a:7c:67:88:46:74:71:21:
        81:5f:47:41

-2081419599 | 2024-06-01T20:09:28.219446

10554 / tcp

@
03d

-1746074029 | 2024-05-23T02:11:21.134912

10909 / tcp

101 imqbroker =unV\r\n

-1399940268 | 2024-06-02T10:27:07.648461

11112 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1730858130 | 2024-05-16T21:29:10.693438

11210 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-136006866 | 2024-05-31T00:23:19.306248

11211 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

-1399940268 | 2024-05-22T08:07:56.799758

11300 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2067064333 | 2024-05-15T13:13:36.168068

11371 / tcp

athinfod: invalid query.

-1461540015 | 2024-05-19T02:59:49.718722

12000 / tcp

audio 0 RTP/AVP 18 4 3 8 0 101
a

296364507 | 2024-05-30T16:14:24.820067

12345 / tcp

HTTP/1.1 500 Internal Server Error
SERVER: Trend Chip UPnP/1.0 DMS
CONNECTION: close
CONTENT-LENGTH: 60
CONTENT-TYPE: text/html

550048729 | 2024-06-01T12:32:59.566730

13579 / tcp

ÿÿÿ
0 ...

-1839934832 | 2024-05-31T05:01:19.119693

14147 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-1839934832 | 2024-06-02T20:00:24.742801

14265 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-1538260461 | 2024-06-01T06:25:25.047398

14344 / tcp

\x01\x00\x00\x00

-79865617 | 2024-05-21T00:13:37.374848

16010 / tcp

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com
mit-revprops depth log-revprops partial-replay ) ) )

-1461540015 | 2024-05-31T23:20:55.549876

16993 / tcp

audio 0 RTP/AVP 18 4 3 8 0 101
a

819727972 | 2024-05-06T21:40:10.727070

18081 / tcp

SSH-2.0-OpenSSH_7.4

819727972 | 2024-05-17T06:30:59.459815

18245 / tcp

SSH-2.0-OpenSSH_7.4

165188539 | 2024-05-30T12:04:16.034766

19000 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

660175493 | 2024-05-05T20:52:54.473964

19071 / tcp

1900503736 | 2024-05-16T22:55:02.020394

20000 / tcp

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

-616720387 | 2024-05-22T02:44:26.732874

20547 / tcp

SSH-2.0-SSHD_0.7.6

2087396567 | 2024-05-04T08:43:00.272783

21025 / tcp

kjnkjabhbanc283ubcsbhdc72

-274082663 | 2024-05-10T11:48:55.822090

21379 / tcp

\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01

1492413928 | 2024-05-23T13:06:20.993232

23023 / tcp

SSH-2.0-OpenSSH_7.5

-1399940268 | 2024-06-01T13:19:56.117236

25001 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1363464823 | 2024-06-02T18:56:29.034465

25565 / tcp

\x00[|ox\x7f\x00\x00

1090831270 | 2024-05-18T17:25:27.594344

27015 / tcp

Command: None
Size: 1347703880
ID: 808333615
Type: 858797088

1763259671 | 2024-05-11T01:21:19.671705

27017 / tcp

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

1830187220 | 2024-05-29T23:46:37.981574

27210 / tcp

\xc3\xbf\xc3\xbb\x01\r\n-> GET / HTTP/1.0\r\nGET / HTTP/1.0\r\nundefined symbol: GET\r\n-> \r\n->

819727972 | 2024-06-01T15:30:56.316175

28015 / tcp

SSH-2.0-OpenSSH_7.4

1492413928 | 2024-05-29T10:15:42.223542

30002 / tcp

SSH-2.0-OpenSSH_7.5

-2107996212 | 2024-05-30T18:16:35.583206

30003 / tcp

HTTP/1.0 200 OK
Server: Proxy

Unauthorized ...

IP Address:

-147424911 | 2024-06-01T07:56:35.153346

31337 / tcp

HTTP/1.1 404 Not Found
Content Length: 0

1189133115 | 2024-05-18T06:09:21.175175

33060 / tcp

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

-1399940268 | 2024-05-28T17:23:16.032304

35000 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1119512965 | 2024-05-10T10:39:54.793092

37215 / tcp

HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
content-encoding: gzip
content-length: 171

-1713437100 | 2024-06-01T09:26:34.489803

37777 / tcp

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

-1329831334 | 2024-05-20T03:21:42.434748

41800 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

-433302150 | 2024-05-23T07:47:35.570002

44158 / tcp

/multistream/1.0.0

1996932384 | 2024-06-02T18:08:02.573673

44818 / tcp

"raop" nonce

-358801646 | 2024-05-13T18:59:43.476733

47990 / tcp

SSH-2.0-OpenSSH_6.6.1

1996932384 | 2024-06-02T07:59:30.234186

50000 / tcp

"raop" nonce

1308377066 | 2024-05-23T01:34:16.748775

50100 / tcp

ncacn_http/1.0

550048729 | 2024-05-09T13:54:04.842069

51106 / tcp

ÿÿÿ
0 ...

1282941221 | 2024-05-30T00:27:34.180896

51235 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

-1840324437 | 2024-05-12T08:49:15.280092

52869 / tcp

-441419608 | 2024-05-22T05:06:15.618190

55000 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

1082732927 | 2024-05-18T09:58:10.516135

55442 / tcp

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

-1392039491 | 2024-06-03T01:16:20.093291

55443 / tcp

"Broadband Router"

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY onLoad

-2031152423 | 2024-05-31T13:29:42.893988

55553 / tcp

SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3

2087396567 | 2024-05-12T02:04:40.135601

55554 / tcp

kjnkjabhbanc283ubcsbhdc72

-2118655245 | 2024-05-29T11:14:31.059517

60001 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20

1690634669 | 2024-05-28T05:17:42.759802

60129 / tcp

-1399940268 | 2024-05-11T14:42:32.614183

61613 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1741579575 | 2024-05-09T10:17:42.805370

61616 / tcp

-1113435755 | 2024-05-23T17:14:42.448127

62078 / tcp

/1.1 404 Not Found
Content Length: 0

8.132.220.5

Last Seen: 2024-06-03

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1888448627 | 2024-05-22T05:49:52.822162 11 / tcp

1297354658 | 2024-05-21T23:01:28.953085 13 / tcp

819727972 | 2024-05-29T01:37:35.035675 15 / tcp

344087494 | 2024-05-28T09:39:01.010397 17 / tcp

-1760806421 | 2024-05-25T11:53:57.232127 19 / tcp

-731285715 | 2024-06-02T11:54:24.615483 21 / tcp

-1288412979 | 2024-05-27T15:11:30.423309 23 / tcp

-303199180 | 2024-05-28T23:49:09.837593 25 / tcp

-1839934832 | 2024-05-18T18:55:32.300735 26 / tcp

-886440009 | 2024-05-31T04:48:02.157861 37 / tcp

-1013082686 | 2024-05-20T01:29:33.502886 43 / tcp

1160472910 | 2024-06-02T07:03:54.793026 49 / tcp

1412519768 | 2024-05-31T13:49:54.693094 70 / tcp

-1264324149 | 2024-05-29T20:23:24.524233 79 / tcp

-2070429970 | 2024-05-29T12:53:21.380739 80 / tcp

2033888749 | 2024-05-09T04:11:39.907410 81 / tcp

770016595 | 2024-05-18T20:04:12.561434 83 / tcp

-2081419599 | 2024-05-15T21:07:53.027220 84 / tcp

-1399940268 | 2024-05-21T10:15:27.938291 89 / tcp

-339084706 | 2024-06-01T07:17:21.452009 92 / tcp

-2089734047 | 2024-05-28T18:02:47.056906 102 / tcp

401555314 | 2024-05-29T04:13:27.857427 104 / tcp

1187188851 | 2024-05-31T19:50:50.086856 111 / tcp

-527005584 | 2024-05-22T02:05:45.929067 113 / tcp

141730637 | 2024-05-30T20:00:01.789564 119 / tcp

-1589645334 | 2024-06-02T12:29:57.089090 135 / tcp

-829824006 | 2024-05-16T07:06:26.436639 143 / tcp

-1399940268 | 2024-05-17T21:07:42.218847 175 / tcp

-399606100 | 2024-05-25T10:19:47.834689 179 / tcp

-1399940268 | 2024-06-02T16:37:51.698363 221 / tcp

819727972 | 2024-05-06T11:02:43.794171 222 / tcp

-1718229072 | 2024-05-31T00:21:04.835379 264 / tcp

-1743283776 | 2024-06-01T06:56:35.437875 389 / tcp

-661950041 | 2024-06-02T03:30:04.173123 427 / tcp

-208800914 | 2024-05-18T15:59:20.948691 443 / tcp

-42972075 | 2024-05-29T10:10:35.717514 444 / tcp

897328069 | 2024-06-03T00:23:11.162791 465 / tcp

-2089734047 | 2024-05-26T17:57:19.007981 502 / tcp

1911457608 | 2024-05-21T22:13:35.500707 503 / tcp

1767345577 | 2024-06-01T20:13:11.138076 515 / tcp

-2035415184 | 2024-06-01T05:38:39.365307 548 / tcp

1060450357 | 2024-05-11T19:51:15.161014 554 / tcp

1308377066 | 2024-05-25T21:14:57.985566 593 / tcp

-2023550675 | 2024-05-28T23:41:43.191877 636 / tcp

-1960639992 | 2024-06-01T07:15:33.213303 666 / tcp

1492413928 | 2024-06-02T18:47:46.827634 685 / tcp

-1947777893 | 2024-05-31T21:36:23.850054 771 / tcp

165188539 | 2024-05-07T10:59:40.902569 801 / tcp

-1970692834 | 2024-05-21T21:34:39.494570 873 / tcp

-262532376 | 2024-05-19T13:30:36.832457 888 / tcp

-1835475271 | 2024-05-31T00:27:42.770952 992 / tcp

-891714208 | 2024-06-02T05:38:14.288915 993 / tcp

-1489591880 | 2024-05-25T18:00:49.503842 995 / tcp

-1230049476 | 2024-05-26T14:23:36.481955 1023 / tcp

550048729 | 2024-05-09T18:48:54.444281 1024 / tcp

-136006866 | 2024-06-02T18:54:38.555485 1025 / tcp

165188539 | 2024-05-26T15:40:55.484263 1029 / tcp

1362344524 | 2024-05-16T06:26:31.106913 1080 / tcp

1911457608 | 2024-05-31T09:04:00.742892 1099 / tcp

-358801646 | 2024-05-13T21:43:17.083048 1111 / tcp

-358801646 | 2024-05-22T22:03:11.403597 1153 / tcp

-971970408 | 2024-06-02T02:54:17.270806 1200 / tcp

-407828767 | 2024-05-31T05:38:51.832355 1234 / tcp

-441419608 | 2024-05-10T12:40:24.894325 1290 / tcp

-1665643483 | 2024-05-25T22:37:09.755961 1311 / tcp

1426971893 | 2024-05-29T21:49:38.687920 1337 / tcp

-325802316 | 2024-05-26T23:33:54.975789 1433 / tcp

1212921144 | 2024-05-26T08:38:49.635366 1515 / tcp

-186520940 | 2024-05-04T21:19:30.522229 1521 / tcp

-1681927087 | 2024-05-27T01:09:58.257513 1599 / tcp

401555314 | 2024-05-21T09:29:18.078827 1604 / tcp

-2107996212 | 2024-05-30T16:57:46.543378 1650 / tcp

1103582599 | 2024-05-31T04:07:45.545605 1723 / tcp

-1888448627 | 2024-05-22T05:49:52.822162
11 / tcp

1297354658 | 2024-05-21T23:01:28.953085
13 / tcp

819727972 | 2024-05-29T01:37:35.035675
15 / tcp

344087494 | 2024-05-28T09:39:01.010397
17 / tcp

-1760806421 | 2024-05-25T11:53:57.232127
19 / tcp

-731285715 | 2024-06-02T11:54:24.615483
21 / tcp

-1288412979 | 2024-05-27T15:11:30.423309
23 / tcp

-303199180 | 2024-05-28T23:49:09.837593
25 / tcp

-1839934832 | 2024-05-18T18:55:32.300735
26 / tcp

-886440009 | 2024-05-31T04:48:02.157861
37 / tcp

-1013082686 | 2024-05-20T01:29:33.502886
43 / tcp

1160472910 | 2024-06-02T07:03:54.793026
49 / tcp

1412519768 | 2024-05-31T13:49:54.693094
70 / tcp

-1264324149 | 2024-05-29T20:23:24.524233
79 / tcp

-2070429970 | 2024-05-29T12:53:21.380739
80 / tcp

2033888749 | 2024-05-09T04:11:39.907410
81 / tcp

770016595 | 2024-05-18T20:04:12.561434
83 / tcp

-2081419599 | 2024-05-15T21:07:53.027220
84 / tcp

-1399940268 | 2024-05-21T10:15:27.938291
89 / tcp

-339084706 | 2024-06-01T07:17:21.452009
92 / tcp

-2089734047 | 2024-05-28T18:02:47.056906
102 / tcp

401555314 | 2024-05-29T04:13:27.857427
104 / tcp

1187188851 | 2024-05-31T19:50:50.086856
111 / tcp

-527005584 | 2024-05-22T02:05:45.929067
113 / tcp

141730637 | 2024-05-30T20:00:01.789564
119 / tcp

-1589645334 | 2024-06-02T12:29:57.089090
135 / tcp

-829824006 | 2024-05-16T07:06:26.436639
143 / tcp

-1399940268 | 2024-05-17T21:07:42.218847
175 / tcp

-399606100 | 2024-05-25T10:19:47.834689
179 / tcp

-1399940268 | 2024-06-02T16:37:51.698363
221 / tcp

819727972 | 2024-05-06T11:02:43.794171
222 / tcp

-1718229072 | 2024-05-31T00:21:04.835379
264 / tcp

-1743283776 | 2024-06-01T06:56:35.437875
389 / tcp

-661950041 | 2024-06-02T03:30:04.173123
427 / tcp

-208800914 | 2024-05-18T15:59:20.948691
443 / tcp

-42972075 | 2024-05-29T10:10:35.717514
444 / tcp

897328069 | 2024-06-03T00:23:11.162791
465 / tcp

-2089734047 | 2024-05-26T17:57:19.007981
502 / tcp

1911457608 | 2024-05-21T22:13:35.500707
503 / tcp

1767345577 | 2024-06-01T20:13:11.138076
515 / tcp

-2035415184 | 2024-06-01T05:38:39.365307
548 / tcp

1060450357 | 2024-05-11T19:51:15.161014
554 / tcp

1308377066 | 2024-05-25T21:14:57.985566
593 / tcp

-2023550675 | 2024-05-28T23:41:43.191877
636 / tcp

-1960639992 | 2024-06-01T07:15:33.213303
666 / tcp

1492413928 | 2024-06-02T18:47:46.827634
685 / tcp

-1947777893 | 2024-05-31T21:36:23.850054
771 / tcp

165188539 | 2024-05-07T10:59:40.902569
801 / tcp

-1970692834 | 2024-05-21T21:34:39.494570
873 / tcp

-262532376 | 2024-05-19T13:30:36.832457
888 / tcp

-1835475271 | 2024-05-31T00:27:42.770952
992 / tcp

-891714208 | 2024-06-02T05:38:14.288915
993 / tcp

-1489591880 | 2024-05-25T18:00:49.503842
995 / tcp

-1230049476 | 2024-05-26T14:23:36.481955
1023 / tcp

550048729 | 2024-05-09T18:48:54.444281
1024 / tcp

-136006866 | 2024-06-02T18:54:38.555485
1025 / tcp

165188539 | 2024-05-26T15:40:55.484263
1029 / tcp

1362344524 | 2024-05-16T06:26:31.106913
1080 / tcp

1911457608 | 2024-05-31T09:04:00.742892
1099 / tcp

-358801646 | 2024-05-13T21:43:17.083048
1111 / tcp

-358801646 | 2024-05-22T22:03:11.403597
1153 / tcp

-971970408 | 2024-06-02T02:54:17.270806
1200 / tcp

-407828767 | 2024-05-31T05:38:51.832355
1234 / tcp

-441419608 | 2024-05-10T12:40:24.894325
1290 / tcp

-1665643483 | 2024-05-25T22:37:09.755961
1311 / tcp

1426971893 | 2024-05-29T21:49:38.687920
1337 / tcp

-325802316 | 2024-05-26T23:33:54.975789
1433 / tcp

1212921144 | 2024-05-26T08:38:49.635366
1515 / tcp

-186520940 | 2024-05-04T21:19:30.522229
1521 / tcp

-1681927087 | 2024-05-27T01:09:58.257513
1599 / tcp

401555314 | 2024-05-21T09:29:18.078827
1604 / tcp

-2107996212 | 2024-05-30T16:57:46.543378
1650 / tcp

1103582599 | 2024-05-31T04:07:45.545605
1723 / tcp

-1665643483 | 2024-05-19T11:21:58.112558
1741 / tcp

1975288991 | 2024-05-29T15:12:49.065792
1800 / tcp

1745717579 | 2024-05-11T08:59:49.091143
1801 / tcp

493955023 | 2024-05-20T21:17:57.314715
1883 / tcp

-2089734047 | 2024-05-31T11:00:32.413221
1911 / tcp

-1392039491 | 2024-05-14T08:31:33.832147
1926 / tcp

-1032713145 | 2024-06-02T01:03:34.136998
1962 / tcp