GeneralInformation

Hostnames	www2.10219.com godstines.1688.com qjdz001.1688.com shog1396630962861.1688.com shog1s893824f6185.1688.com shog2a6250868e917.1688.com shog36364149d47b0.1688.com shop2353p5p94s250.1688.com shop3926e82x21044.1688.com shop653nn34615206.1688.com yhnkdj.1688.com config.56xiniao.com open.9game.cn upload.open.9game.cn a.ojibobo-ina.aon.alibaba-inc.com doyv-dork.ojibobo-ina.aon.alibaba-inc.com saa-dsd-dsd59466-80.gas-svr.ojibobo-ina.aon.alibaba-inc.com goi-dono.ojibobo-ina.aon.alibaba-inc.com gre-bgns.ojibobo-ina.aon.alibaba-inc.com gre-ogi-resovrae-noss.ojibobo-ina.aon.alibaba-inc.com fether.n.ojibobo-ina.aon.alibaba-inc.com nneto.ojibobo-ina.aon.alibaba-inc.com noijhejg.ojibobo-ina.aon.alibaba-inc.com tb-notifiaotion.oone.ojibobo-ina.aon.alibaba-inc.com sdg.ojibobo-ina.aon.alibaba-inc.com troae2.sn.ojibobo-ina.aon.alibaba-inc.com heimdall-donkey.alibaba-inc.com teamix.alibaba-inc.com 085.bjog.ahino.alibaba.com 100troding.en.alibaba.com rfqgosting.alibaba.com n.rvssion.alibaba.com pip.alibaba.net tesla-server.alibaba.net sima-land.aliexpress.com superdeals.aliexpress.com 105.aliexpress.ru base.aligames.com pkfcth.aliwork.com sahedvjerogi-an-beijing02.doto.ojiyvn-ina.aon.aliyun-inc.com e.ojiyvn-ina.aon.aliyun-inc.com eai-doto-an-dvjonahobv.ojiyvn-ina.aon.aliyun-inc.com gog.ojiyvn-ina.aon.aliyun-inc.com ok-an-hongzhov-shore.ojiyvn-ina.aon.aliyun-inc.com ok-ev-aentroj-1-vig.ojiyvn-ina.aon.aliyun-inc.com tnodnin.ojiyvn-ina.aon.aliyun-inc.com 088446.aliyun.com 10086hb.aliyun.com api-mld.aliyun.com mc.atm.aliyun.com imm.cn-hangzhou.aliyun.com devogs.aliyun.com dh-ap-south-1.aliyun.com dh-cn-shanghai-int-vpc.aliyun.com eois-notebook.doto.aliyun.com face-paimai.aliyun.com grafana-kafka-shenma.aliyun.com jbjyts.aliyun.com service.cn-beijing.maxcompute.aliyun.com mds-portal.aliyun.com ndbmall.aliyun.com oaaovnt.ose.aliyun.com zb-dsw-dsw57685-80.pcs-svr.aliyun.com poimerge.aliyun.com quark.aliyun.com shop1352360546336.aliyun.com shop395919529.aliyun.com shop44973224o1x10.aliyun.com shop95x1h744x5080.aliyun.com survey.aliyun.com channel.oxs.tesla.aliyun.com workorder-share.aliyun.com www.aliyun.com nse-vga.an-shonghoi.aliyuncs.com onsnqtt.an-shonghoi.aliyuncs.com oxt-shore.an-shonghoi.aliyuncs.com ecs-openapi-share.cn-hangzhou.aliyuncs.com oaaovnt-session-shore.ev-aentroj-1.aliyuncs.com serverjess.og-sovtheost-1.aliyuncs.com cn-heyuan.oss.aliyuncs.com tingdv-ogs-debhook.aliyuncs.com eci-vpc.us-east-1.aliyuncs.com wym.amap.com xmap-statistics.amap.com linkgn-de-internal.cainiao-inc.com birdsbase-api.cainiao.com tpm.dms.cainiao.com sso-e.gfn.cainiao.com iot-cnne.cainiao.com tian.confong.cn passport.diantao.cn hulk.dianwoda.cn app87328.eapps.dingtalkcloud.com wwwclick.faas.ele.me www.zb-h5.faas.ele.me survey.xy.ele.me faburuanwen.com empsharing.hemaos.com merchant.hemayx.cn cnpassport.jingguan.ai jlwb.net api-th.lazada-seller.cn h5-alimebot.lazada.co.id jmacs-m.lazada.co.id partners.lazada.co.th lazada.com gcp.lazada.com cs.lazada.com.ph member.lazada.com.ph member-m.lazada.sg data-portal.lydaas.com quick-note.quark.cn www.zakelijk.saee.org.cn test-feed.sm.cn test-ucnews.sm.cn chajian.sto.cn sunfire.sto.cn 8528hhg.taobao.com xiongqing.donggv.taobao.com shog552439733.dorjd.taobao.com iajovdbridge.taobao.com market.m.taobao.com shog36245103.taobao.com shog36388902.taobao.com shog36623201.taobao.com shog36837249.taobao.com shog36842827.taobao.com shop36240870.taobao.com shop36745251.taobao.com svrvey.taobao.com vga.taobao.com zscenter.taobao.com barney.taobao.org 10.tmall.com center-h5api.m.tmall.com mingxin.tmall.com gernission-o.san.tmall.com vps.uc.cn www4.bubastis.xixikf.cn mc.atm.youku.com
Domains	10219.com 1688.com 56xiniao.com 9game.cn alibaba-inc.com alibaba.com alibaba.net aliexpress.com aliexpress.ru aligames.com aliwork.com aliyun-inc.com aliyun.com aliyuncs.com amap.com cainiao-inc.com cainiao.com confong.cn diantao.cn dianwoda.cn dingtalkcloud.com ele.me faburuanwen.com hemaos.com hemayx.cn jingguan.ai jlwb.net lazada-seller.cn lazada.co.id lazada.co.th lazada.com lazada.com.ph lazada.sg lydaas.com quark.cn saee.org.cn sm.cn sto.cn taobao.com taobao.org tmall.com uc.cn xixikf.cn youku.com
Cloud Provider	Alibaba Cloud
Country	China
City	Guangzhou
Organization	Aliyun Computing Co.LTD
ISP	Hangzhou Alibaba Advertising Co.,Ltd.
ASN	AS37963

WebTechnologies

IaaS

Alibaba Cloud Object Storage Service

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-5824	Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug.
CVE-2023-51767	OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
CVE-2023-51385	In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
CVE-2023-51384	In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
CVE-2023-50269	Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 through 5.9, and versions 6.0.1 through 6.5, Squid may be vulnerable to a Denial of Service attack against HTTP Request parsing. This problem allows a remote client to perform Denial of Service attack by sending a large X-Forwarded-For header when the follow_x_forwarded_for feature is configured. This bug is fixed by Squid version 6.6. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives.
CVE-2023-49288	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a a Use-After-Free bug which can lead to a Denial of Service attack via collapsed forwarding. All versions of Squid from 3.5 up to and including 5.9 configured with "collapsed_forwarding on" are vulnerable. Configurations with "collapsed_forwarding off" or without a "collapsed_forwarding" directive are not vulnerable. This bug is fixed by Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should remove all collapsed_forwarding lines from their squid.conf.
CVE-2023-49286	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug Squid is vulnerable to a Denial of Service attack against its Helper process management. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-49285	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-48795	The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
CVE-2023-46847	Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
CVE-2023-46846	SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.
CVE-2023-46728	Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1. Responses triggering this bug are possible to be received from any gopher server, even those without malicious intent. Gopher support has been removed in Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should reject all gopher URL requests.
CVE-2023-46724	Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages.
CVE-2023-38408	The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
CVE-2022-41318	A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a client. This is fixed in 5.7.
CVE-2021-46784	In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.
CVE-2021-41617	4.4sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
CVE-2021-36368	2.6An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.
CVE-2021-33620	4.0Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server.
CVE-2021-31808	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this.
CVE-2021-31807	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve Denial of Service when delivering responses to HTTP Range requests. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent.
CVE-2021-31806	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy) via HTTP Range request processing.
CVE-2021-28652	4.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Service attack against the Cache Manager API. This allows a trusted client to trigger memory leaks that. over time, lead to a Denial of Service via an unspecified short query string. This attack is limited to clients with Cache Manager API access privilege.
CVE-2021-28651	5.0An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a request with the urn: scheme, the parser leaks a small amount of memory. However, there is an unspecified attack methodology that can easily trigger a large amount of memory consumption.
CVE-2021-28116	4.3Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.
CVE-2020-8517	5.0An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being terminated unexpectedly. This leads to the Squid process also terminating and a denial of service for all clients using the proxy.
CVE-2020-8450	7.5An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.
CVE-2020-8449	5.0An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.
CVE-2020-25097	5.0An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings.
CVE-2020-24606	7.1Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF.
CVE-2020-15811	4.0An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the browser cache and any downstream caches with content from an arbitrary source. Squid uses a string search instead of parsing the Transfer-Encoding header to find chunked encoding. This allows an attacker to hide a second request inside Transfer-Encoding: it is interpreted by Squid as chunked and split out into a second request delivered upstream. Squid will then deliver two distinct responses to the client, corrupting any downstream caches.
CVE-2020-15810	3.5An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the proxy cache and any downstream caches with content from an arbitrary source. When configured for relaxed header parsing (the default), Squid relays headers containing whitespace characters to upstream servers. When this occurs as a prefix to a Content-Length header, the frame length specified will be ignored by Squid (allowing for a conflicting length to be used from another Content-Length header) but relayed upstream.
CVE-2020-15778	6.8scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."
CVE-2020-15049	6.5An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an uncommon shell whitespace character prefix to the length field-value.
CVE-2020-14145	4.3The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
CVE-2020-14058	5.0An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. This occurs because unrecognized error values are mapped to NULL, but later code expects that each error value is mapped to a valid error string.
CVE-2020-11945	7.5An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if the pooled token credentials are freed (instead of replayed as valid credentials).
CVE-2019-6111	5.8An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
CVE-2019-6110	4.0In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
CVE-2019-6109	4.0An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
CVE-2019-18860	4.3Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.
CVE-2019-18679	5.0An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.
CVE-2019-18678	5.0An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon.
CVE-2019-18677	5.8An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to.
CVE-2019-18676	5.0An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote client that can reach the proxy port can trivially perform the attack via a crafted URI scheme.
CVE-2019-16905	4.4OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.
CVE-2019-13345	4.3The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.
CVE-2019-12529	4.3An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checking its table. The length is then used to start decoding the string. There are no checks to ensure that the length it calculates isn't greater than the input buffer. This leads to adjacent memory being decoded as well. An attacker would not be able to retrieve the decoded data unless the Squid maintainer had configured the display of usernames on error pages.
CVE-2019-12528	5.0An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.
CVE-2019-12526	7.5An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data overflowing in the heap.
CVE-2019-12525	7.5An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.
CVE-2019-12524	7.5An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource.
CVE-2019-12523	6.4An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e.g., an attacker can connect to HTTP servers that only listen on localhost.
CVE-2019-12522	4.4An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.
CVE-2019-12521	4.3An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing.
CVE-2019-12520	5.0An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo (username and password) for certain protocols. This decoded info is prepended to the domain. This allows an attacker to provide a username that has special characters to delimit the domain, and treat the rest of the URL as a path or query string. An attacker could first make a request to their domain using an encoded username, then when a request for the target domain comes in that decodes to the exact URL, it will serve the attacker's HTML instead of the real HTML. On Squid servers that also act as reverse proxies, this allows an attacker to gain access to features that only reverse proxies can use, such as ESI.
CVE-2019-12519	7.5An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.
CVE-2018-20685	2.6In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2018-19132	4.3Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.
CVE-2018-19131	4.3Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.
CVE-2018-15919	5.0Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'
CVE-2018-15473	5.0OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
CVE-2018-1000027	5.0The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.
CVE-2018-1000024	5.0The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.
CVE-2017-15906	5.0The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
CVE-2016-4556	5.0Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.
CVE-2016-4555	5.0client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.
CVE-2016-4554	5.0mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.
CVE-2016-4553	5.0client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.
CVE-2016-4054	6.8Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes (ESI) responses.
CVE-2016-4053	4.3Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.
CVE-2016-4052	6.8Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial of service or execute arbitrary code via crafted Edge Side Includes (ESI) responses.
CVE-2016-4051	6.8Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a denial of service or execute arbitrary code by seeding manager reports with crafted data.
CVE-2016-3948	5.0Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial of service via a crafted HTTP response, related to Vary headers.
CVE-2016-3947	7.5Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service (performance degradation or transition failures) or write sensitive information to log files via an ICMPv6 packet.
CVE-2016-3115	5.5Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.
CVE-2016-2390	4.3The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows remote attackers to cause a denial of service (application crash) via a plaintext HTTP message.
CVE-2016-20012	4.3OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product
CVE-2016-1908	7.5The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
CVE-2016-10708	5.0sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
CVE-2016-10012	7.2The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.
CVE-2016-10011	2.1authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
CVE-2016-10010	6.9sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
CVE-2016-10009	7.5Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
CVE-2016-10003	5.0Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.
CVE-2016-10002	5.0Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information.
CVE-2016-0777	4.0The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
CVE-2015-6564	6.9Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.
CVE-2015-6563	1.9The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.
CVE-2015-5600	8.5The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.
CVE-2015-5352	4.3The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.
CVE-2014-2653	5.8The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
CVE-2014-2532	5.8sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
CVE-2014-1692	7.5The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.
CVE-2012-0814	3.5The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
CVE-2011-5000	3.5The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
CVE-2011-4327	2.1ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
CVE-2010-5107	5.0The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
CVE-2010-4755	4.0The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632.
CVE-2010-4478	7.5OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
CVE-2008-3844	9.3Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
CVE-2007-2768	4.3OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.

OpenPorts

11 13 17 19 23 25 26 43 49 53 70 79 80 81 83 84 102 104 110 111 113 119 122 135 139 143 154 175 179 195 221 264 311 389 427 443 444 447 448 465 502 503 515 548 554 593 631 636 646 771 772 789 873 880 902 992 993 995 1023 1024 1025 1119 1153 1167 1200 1234 1311 1337 1433 1500 1515 1521 1599 1604 1723 1741 1800 1801 1883 1911 1925 1926 1962 2000 2002 2008 2020 2049 2052 2055 2059 2065 2067 2081 2082 2083 2087 2121 2154 2181 2221 2222 2250 2323 2332 2345 2376 2404 2455 2480 2506 2548 2550 2558 2560 2598 2628 2761 2762 3001 3002 3048 3049 3050 3057 3070 3077 3091 3096 3102 3107 3111 3118 3221 3260 3268 3269 3299 3301 3306 3310 3388 3389 3402 3403 3407 3541 3542 3551 3555 3566 3567 3569 3780 3790 4000 4022 4040 4043 4063 4064 4100 4157 4190 4242 4282 4321 4369 4433 4500 4506 4664 4747 4782 4786 4808 4840 4899 4911 4949 5001 5003 5005 5006 5007 5009 5010 5025 5172 5201 5269 5435 5443 5446 5590 5591 5601 5605 5606 5608 5609 5672 5858 5900 5938 5984 5986 6001 6002 6036 6363 6379 6443 6510 6633 6653 6662 6666 6667 6668 6697 7005 7010 7071 7171 7218 7415 7434 7443 7474 7493 7548 7634 7788 7989 8001 8002 8003 8004 8009 8011 8019 8036 8050 8060 8081 8083 8087 8089 8090 8096 8099 8104 8106 8123 8126 8139 8140 8181 8184 8200 8249 8291 8334 8401 8407 8410 8412 8415 8424 8429 8431 8432 8443 8446 8448 8500 8545 8554 8575 8585 8602 8637 8649 8728 8765 8782 8789 8790 8791 8812 8816 8817 8819 8834 8835 8836 8847 8858 8860 8863 8866 8868 8873 8875 8877 8880 8881 8888 8889 9000 9001 9002 9013 9015 9018 9019 9026 9028 9031 9034 9042 9051 9088 9090 9092 9094 9095 9104 9110 9111 9160 9191 9209 9212 9306 9308 9389 9418 9443 9530 9595 9633 9704 9743 9761 9800 9876 9943 9992 9993 9994 9997 9998 9999 10000 10001 10134 10250 10443 10554 10909 11000 11112 11210 11211 11300 12000 12345 13579 14147 14265 14344 16992 16993 17000 18081 18245 18553 20000 20256 20547 21025 21379 23023 25001 27015 27017 28015 28080 28107 30002 30003 31337 32400 32764 33060 35000 37777 41800 44158 44818 47990 49152 49153 50000 50100 51235 54138 55000 55443 55553 55554 60030 60129 61613 61616 62078 65522

2087396567 | 2024-04-16T13:30:50.096373

11 / tcp

kjnkjabhbanc283ubcsbhdc72

-1835577706 | 2024-04-24T04:44:27.173068

13 / tcp

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset="UTF-8"
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Vary: Accept-Encoding
Cache-control: no-store
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

134472555 | 2024-04-30T22:42:41.635846

17 / tcp

K\x02%~)J/\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

676476721 | 2024-04-25T11:19:27.245392

19 / tcp

ELM Enterprise Manager _l
Copyright © 18668511-928641920 TNT Software, Inc.

-1816600103 | 2024-04-15T09:34:17.449064

23 / tcp

tc login:

-1189269828 | 2024-05-05T01:59:20.889221

25 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\xc2\x80\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

639175818 | 2024-04-14T19:28:33.477021

26 / tcp

\r\nSurnom.\r\nSorry, that nickname format is invalid.\r\n

-68075478 | 2024-04-17T12:13:26.305162

43 / tcp

1685693176 | 2024-04-22T14:36:33.227697

49 / tcp

HTTP/1.1 200 OK
X-Powered-By: PHP/5.5.9-1ubuntu4.21
Server: cisco-CPA

-42462918 | 2024-04-29T20:39:25.624447

53 / tcp

9
\x81\x05\x00\x01\x00\x00\x00\x00\x00\x00\x08clients1\x06google\x03com\x00\x00\x01\x00\x01
\x00\x06\x85\x00\x00\x01\x00\x01\x00\x01\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03\xc0\x00\x10\x00\x03\x00\x00\x00\x00\x00\x05\x04none\xc0\x00\x02\x00\x03\

1738069263 | 2024-04-25T08:04:52.191346

70 / tcp

\x01remshd: Kerberos Authentication not enabled.

-746345752 | 2024-04-30T13:08:23.534309

79 / tcp

¥A\x01,\x02L\x08Connectx\x0857222

-504975533 | 2024-05-05T11:56:58.528874

80 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Sun, 05 May 2024 11:56:58 GMT
Content-Type: application/xml
Content-Length: 345
Connection: keep-alive
x-oss-request-id: 6637740ABFFA023236A95373
x-oss-server-time: 0
x-oss-ec: 0003-00001201

233634112 | 2024-04-15T04:46:40.671363

81 / tcp

SSH-98.60-SysaxSSH_81885..42

808560482 | 2024-04-11T16:01:32.411617

83 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP
 : USERID : UNIX : Cr8

-1729629024 | 2024-04-23T21:48:23.470357

84 / tcp

101 imqbroker =unV

1948301213 | 2024-05-05T00:54:23.436812

102 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

-1399940268 | 2024-05-03T17:25:24.635007

104 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1911457608 | 2024-05-05T10:37:07.385192

110 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-2017887953 | 2024-04-24T19:26:58.769748

111 / tcp

SSH-2.0-OpenSSH_7.9

-1713467553 | 2024-04-30T19:53:59.623455

113 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Connection: close

141730637 | 2024-04-25T07:45:17.607000

119 / tcp

HTTP/1.0 200 OK
Server: Proxy

-1327660293 | 2024-04-24T02:09:28.962879

122 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

1141948216 | 2024-05-03T05:59:19.429962

135 / tcp

\\x05\\x00\r\\x03\\x10\\x00\\x00\\x00\\x18\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x04\\x00\\x01\\x05\\x00\\x00\\x00\\x00\n\nServerAlive2: \n IP1: DESKTOP-HL59G5J\n IP2: 169.254.93.199\n IP3: 175.180.100.187\n\nNTLMSSP:\nTarget_Name: DESKTOP-HL59G5J\nProduct_Version: 10.0.19041 Ntlm 15\nOS: Windows 10, Version 2004/Windows Server, Version 2004\nNetBIOS_Domain_Name: DESKTOP-HL59G5J\nNetBIOS_Computer_Name: DESKTOP-HL59G5J\nDNS_Domain_Name: DESKTOP-HL59G5J\nDNS_Computer_Name: DESKTOP-HL59G5J\nSystem_Time: 2024-01-22 06:04:34 +0000 UTC\n\nDCERPC Dump:\n954

-52803170 | 2024-04-08T15:52:44.867588

139 / tcp

Version: 6.1Build 0\nTarget Name : LUSHOME\n

-398621179 | 2024-05-03T11:09:56.123470

143 / tcp

* OK everfull.com.cn IMAP4rev1 MDaemon 12.5.6 ready\r\n

1134517380 | 2024-04-18T12:11:14.524086

154 / tcp

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

-1399940268 | 2024-05-06T08:15:31.459854

175 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-399606100 | 2024-05-05T19:19:04.502485

179 / tcp

BGP Message\nType: 3\nMajor error Code: 6\nMinor error Code: 5\n

-1559123399 | 2024-05-04T16:28:28.881257

195 / tcp

500 Permission denied - closing connection.

-2089734047 | 2024-05-06T06:32:29.227161

221 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

1672388472 | 2024-04-26T19:49:22.533958

264 / tcp

CheckPoint\nFirewall Host: ADAPCN156FW02\nSmartCenter Host: adluprdfwmgt01..zjz4qa\\x00\n

1975288991 | 2024-04-23T22:36:08.496402

311 / tcp

OPTI

-1639129386 | 2024-05-02T13:35:00.144752

389 / tcp

0%\\x02\\x01\\x01a \n\\x010\\x04\\x00\\x04\\x19anonymous bind disallowed

-661950041 | 2024-05-04T22:36:25.263991

427 / tcp

SAAdvert Response:\nVersion: 2\nFunction: SA Advertisement (11)\nURL: service:service-agent://*.*.*.*\nScopeList: default\nAttrributeList: \n\n\nserviceTypes:\nservice:cdserver\nservice:fdserver\nservice:hdserver\nservice:rmedia\nservice:adviser\nservice:lighttpd\nB://l:87/x\n\nResponse of service:cdserver SrvReq:\nVersion: 2\nFunction: Service Reply (2)\nErrorCode: SUCCESS (0)\nURL Entries:\n  Lifetime: 65535\n  URL: service:cdserver://IEIB4055D60C037:5120\n\n\nResponse of service:cdserver AttrRqst:\nVersion: 2\nFunction: Attribute R

1778226997 | 2024-05-06T11:41:29.916977

443 / tcp

HTTP/1.1 403 Forbidden
Server: AliyunOSS
Date: Mon, 06 May 2024 11:41:29 GMT
Content-Type: application/xml
Content-Length: 345
Connection: keep-alive
x-oss-request-id: 6638C1E9A7C6F735382F3907
x-oss-server-time: 0
x-oss-ec: 0003-00001201

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:63:21:9e:05:a6:3d:80:09:42:22:29
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G3
        Validity
            Not Before: Mar 15 08:50:03 2024 GMT
            Not After : Oct 26 02:16:02 2024 GMT
        Subject: C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=cn-heyuan.oss.aliyuncs.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a7:31:41:56:c8:d6:f7:83:a4:ca:20:42:3e:1f:
                    6e:46:4b:f9:dd:4a:ba:b0:46:89:9c:d2:82:78:61:
                    9e:cb:23:97:4e:62:67:1b:2a:6f:a0:fc:50:dc:fb:
                    93:95:c7:fb:c8:6a:43:2c:75:d1:d5:6f:2b:77:d9:
                    0a:3b:1b:44:65:1e:4e:84:26:0e:4f:fa:20:e5:7f:
                    8c:05:4e:56:09:59:c1:54:6b:85:14:fb:92:10:6f:
                    90:53:73:94:aa:ef:66:83:dd:a4:c6:5c:28:36:77:
                    6b:ef:5f:f1:78:8f:18:7b:51:17:a8:62:68:00:5c:
                    a8:44:20:9e:1e:e4:35:f1:b3:a2:76:54:02:8d:f6:
                    9c:0c:f1:27:5d:96:68:27:dc:a6:de:3a:32:a4:fb:
                    70:52:96:6a:6d:21:33:f3:e6:6a:30:98:58:18:c9:
                    f8:41:d9:4b:64:3e:1c:51:84:45:2d:4d:7d:5e:e5:
                    e0:f8:e5:bf:20:6d:31:ac:d9:1e:2c:e7:c6:92:90:
                    7e:11:ab:c8:52:68:ff:0c:df:61:2e:1f:bb:77:d8:
                    15:6f:1b:42:5c:79:16:94:83:8e:9d:e5:0a:76:9b:
                    c9:67:b4:76:42:69:91:e3:17:a7:81:84:b0:54:66:
                    53:2b:3b:99:27:8f:11:62:be:ad:b2:78:bf:41:8c:
                    61:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g3.crt
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g3
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gsorganizationvalsha2g3.crl
            X509v3 Subject Alternative Name: 
                DNS:cn-heyuan.oss.aliyuncs.com, DNS:*.cn-heyuan.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-heyuan.aliyuncs.com, DNS:*.s3.oss-cn-heyuan-internal.aliyuncs.com, DNS:*.cn-heyuan.mgw.aliyuncs.com, DNS:*.oss.cn-heyuan.privatelink.aliyuncs.com, DNS:*.oss-cn-heyuan.oss-object-process.aliyuncs.com, DNS:*.oss-cn-heyuan-internal.oss-object-process.aliyuncs.com, DNS:*.oss-cn-heyuan.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-heyuan-internal.oss-accesspoint.aliyuncs.com, DNS:*.oss-accesspoint.aliyuncs.com, DNS:*.cn-heyuan.oss.aliyuncs.com, DNS:*.oss-cn-heyuan-internal.aliyuncs.com, DNS:*.oss-cn-heyuan-cross.aliyuncs.com, DNS:*.oss-cn-heyuan.aliyuncs.com, DNS:*.oss-cn-heyuan-acdr-1.aliyuncs.com, DNS:*.oss-cn-heyuan-acdr-1-internal.aliyuncs.com, DNS:*.oss-cn-heyuan-acdr-1-cross.aliyuncs.com, DNS:*.cn-heyuan-acdr-1.oss.aliyuncs.com, DNS:*.aliyuncs.com, DNS:*.oss-enet.aliyuncs.com, DNS:*.oss-internal.aliyuncs.com, DNS:*.oss-internal.aliyun-inc.com, DNS:*.oss-accelerate.aliyuncs.com, DNS:*.oss-accelerate-overseas.aliyuncs.com, DNS:*.oss-cn-guangzhou.aliyuncs.com, DNS:*.oss-cn-guangzhou-cross.aliyuncs.com, DNS:*.oss-cn-guangzhou-internal.aliyuncs.com, DNS:*.cn-guangzhou.oss.aliyuncs.com, DNS:*.oss-cn-guangzhou.oss-accesspoint.aliyuncs.com, DNS:*.oss-cn-guangzhou-internal.oss-accesspoint.aliyuncs.com, DNS:*.cn-guangzhou.oss-console.aliyuncs.com, DNS:*.s3.oss-cn-guangzhou.aliyuncs.com, DNS:*.s3.oss-cn-guangzhou-internal.aliyuncs.com, DNS:*.cn-guangzhou.mgw.aliyuncs.com, DNS:*.oss.cn-guangzhou.privatelink.aliyuncs.com, DNS:*.oss-cn-guangzhou.oss-object-process.aliyuncs.com, DNS:*.oss-cn-guangzhou-internal.oss-object-process.aliyuncs.com, DNS:*.s3.oss-accelerate.aliyuncs.com, DNS:*.s3.oss-accelerate-overseas.aliyuncs.com, DNS:*.cn-guangzhou-cross.mgw.aliyuncs.com, DNS:*.oss-console.aliyuncs.com
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Authority Key Identifier: 
                68:86:B8:7D:7A:D9:6D:49:6B:87:2F:18:8B:15:34:6C:D7:B4:7A:0E
            X509v3 Subject Key Identifier: 
                BE:B3:1F:4C:0B:EE:76:4A:F1:8E:8A:10:AB:F1:DD:B4:AD:07:FF:4C
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Mar 15 08:50:05.680 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:39:90:C4:C9:27:94:40:14:9F:D5:C7:C0:
                                87:6A:C3:27:FD:B5:DE:13:7F:0C:42:8A:75:F7:8C:75:
                                A1:37:87:7A:02:21:00:E0:FF:5B:EB:FA:01:D7:20:1B:
                                F4:00:0B:95:C5:42:55:10:8B:52:59:4C:61:72:86:22:
                                4B:0D:6D:7A:5A:19:50
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 19:98:10:71:09:F0:D6:52:2E:30:80:D2:9E:3F:64:BB:
                                83:6E:28:CC:F9:0F:52:8E:EE:DF:CE:4A:3F:16:B4:CA
                    Timestamp : Mar 15 08:50:06.408 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:E2:75:D0:F8:7A:3C:3C:CE:0E:11:53:
                                8D:04:21:B3:F0:42:23:56:D8:F9:19:A0:1D:22:87:9F:
                                E3:7C:E7:48:88:02:21:00:A0:08:7A:4B:1B:33:AC:CE:
                                0B:77:C3:89:17:8F:DC:00:23:6A:26:7A:F3:A2:F4:8C:
                                8E:5F:5B:D8:2B:C1:AE:F2
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Mar 15 08:50:06.416 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:F3:90:FB:5F:CA:7F:4D:C2:91:76:20:
                                7D:D8:E5:C4:DE:06:D4:CB:DC:8A:21:6E:2B:8A:75:C7:
                                A0:32:75:8A:5C:02:21:00:EB:0E:2D:4E:C0:5D:86:E7:
                                52:98:F1:C9:D1:F0:0C:2B:2B:02:52:7E:C3:BC:12:0A:
                                AD:B6:26:CF:72:75:3F:5B
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        90:50:5b:9b:89:d2:c7:96:7b:cb:d2:26:41:7d:c1:56:7d:6f:
        f6:d5:b2:87:22:9f:d3:91:7b:d0:b9:7b:aa:03:93:0f:3e:85:
        1a:26:53:6d:75:c0:60:69:7b:13:82:e7:eb:41:07:f7:5a:eb:
        89:7c:80:46:78:4b:39:7e:73:45:3f:6a:83:43:70:07:a6:09:
        75:60:a8:78:2d:53:53:26:c5:b6:29:76:e1:5e:50:33:1b:d5:
        83:11:2c:2d:d1:89:33:8a:8a:56:29:de:2e:22:3f:2c:1b:56:
        66:62:70:14:fd:a8:27:bc:47:d6:02:60:85:ce:c8:58:4c:c1:
        91:aa:31:86:50:18:a9:4f:d2:44:dd:69:4e:d1:6f:15:8c:ba:
        76:53:94:91:46:96:d1:97:32:80:73:9f:ef:6e:60:4d:e8:47:
        ce:10:d0:2e:ab:5d:11:e4:cb:b6:32:f1:32:3a:76:2a:6f:59:
        35:ac:2b:ec:0b:5a:a2:7a:51:d7:6d:6d:b2:8f:8d:da:b0:2f:
        9c:59:58:9f:63:76:ad:ec:5d:98:30:a8:13:0f:11:cf:20:70:
        71:ff:46:aa:47:6f:32:56:3f:47:68:0d:36:f6:5a:d5:fc:9c:
        6d:00:d1:c5:49:ae:e1:db:32:75:e2:01:f2:b0:5e:3f:22:3c:
        2a:ce:b2:4b

-1369334533 | 2024-04-22T09:12:34.990729

444 / tcp

HTTP/1.1 400 Bad Request
Server: nginx/1.22.1
Date: Mon, 22 Apr 2024 09:12:34 GMT
Content-Type: text/html
Content-Length: 157
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.22.1</center>
</body>
</html>

1911457608 | 2024-04-25T02:51:37.428529

447 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1835475271 | 2024-04-19T20:37:25.678439

448 / tcp

200 NOD32SS 99 (3318497116)\r\n

897328069 | 2024-05-04T06:37:43.830342

465 / tcp

220 mail.scott000.com ESMTP

1911457608 | 2024-04-28T22:09:45.737093

502 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1278527606 | 2024-04-22T02:01:48.629526

503 / tcp

SSH-2.0-Teleport

1077013874 | 2024-04-25T21:13:20.228122

515 / tcp

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

1801869778 | 2024-04-29T13:15:39.617097

548 / tcp

Fast Copy: Yes\nExtended Sleep: Yes\nUUIDs: Yes\nUTF8 Server Name: Yes\nDirectory Services: Yes\nReconnect: No\nServer Notifications: Yes\nTCP/IP: Yes\nServer Signature: Yes\nServer Message: No\nPassword Saving Prohibited: No\nPassword Changing: No\nCopy File: Yes\nServer Name: DS1019Plus\nMachine Type: \rNetatalk3.1.8\nAFP Versions: AFP2.2, AFPX03, AFP3.1, AFP3.2, AFP3.3, AFP3.4\nUAMs: Cleartxt Passwrd\\x04,DHX2\t,DHCAST128\\x00\nServer Signature: 00000000008002000180030002800280

1060450357 | 2024-04-21T02:25:03.455144

554 / tcp

RTSP/1.0 200 OK
CSeq: 1
Keep-Alive: timeout=10, max=1000
Public: DESCRIBE, SETUP, TEARDOWN, PLAY, PAUSE, SET_PARAMETER, GET_PARAMETER
Connection: Keep-Alive

1308377066 | 2024-05-02T09:57:34.702335

593 / tcp

ncacn_http/1.0

233634112 | 2024-05-03T18:27:59.415233

631 / tcp

SSH-98.60-SysaxSSH_81885..42

1255568492 | 2024-04-29T05:40:18.336309

636 / tcp

HTTP/1.1 400 Bad Request
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: close
X-Iinfo: 12-56308661-0 0NNN RT(1705912410675 113) q(-1 -1 -1 -1) r(0 -1) b1

-2057351484 | 2024-04-29T08:40:25.270013

646 / tcp

\\x00\\x01\\x00\\x1c\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\x00\\x12\\x00\t\\xba\\xfd\\x03\\x00\\x00\n\\x80\\x00\\x00\\x03\\x00\\x00\\x00\\x00\\x00\\x00

1996932384 | 2024-05-05T04:55:20.759883

771 / tcp

"raop" nonce

-1059554316 | 2024-04-25T06:14:42.898702

772 / tcp

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

1308377066 | 2024-04-24T17:09:32.355758

789 / tcp

ncacn_http/1.0

-1970692834 | 2024-05-04T06:47:44.550402

873 / tcp

@RSYNCD: 31.0\n@RSYNCD: EXIT\n

-1256415508 | 2024-04-18T13:33:00.112137

880 / tcp

HTTP/1.1 404 Not Found
Server: TornadoServer/6.1
Content-Type: text/html; charset=UTF-8

1956828827 | 2024-04-24T17:37:54.455173

902 / tcp

220 VMware Authentication Daemon Version 1.10: SSL Required, Se
rverDaemonProtocol:SOAP, MKSDisplayProtocol:VNC , , NFCSSL supported/t

-1835475271 | 2024-05-02T15:55:44.349406

992 / tcp

200 NOD32SS 99 (3318497116)\r\n

321971019 | 2024-04-24T01:39:12.379756

993 / tcp

-ERR client ip is not in whitelist\r

1685649979 | 2024-05-03T06:02:09.096442

995 / tcp

+OK Dovecot ready.\r\n

841014058 | 2024-04-19T07:44:11.836288

1023 / tcp

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

550048729 | 2024-04-27T12:23:48.872334

1024 / tcp

ÿÿÿ
0 ...

2063598737 | 2024-05-05T10:35:01.822641

1025 / tcp

/0 0 L\r\n/0 0 HUH\r\n

-1547976805 | 2024-05-05T08:09:17.346891

1119 / tcp

HTTP/1.1 403 Forbidden
Server: nginx
Content-Type: text/html
Connection: close

819727972 | 2024-05-05T07:38:55.079932

1153 / tcp

SSH-2.0-OpenSSH_7.4

1308377066 | 2024-04-17T21:17:42.720353

1167 / tcp

ncacn_http/1.0

472902042 | 2024-04-25T17:15:16.431955

1200 / tcp

"Magic:ActiveMQ
Version:12
<ActiveMQ*TcpNoDelayEnabledSizePrefixDisabled CacheSizeProviderName ActiveMQStackTraceEnabledPlatformDetails JavaCacheEnabledTightEncodingEnabledMaxFrameSize@MaxInac

-1327660293 | 2024-04-25T11:56:42.462443

1234 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

751496153 | 2024-04-14T03:22:03.929427

1311 / tcp

* OK TeamXchange IMAP4rev1 server (otyUg) ready.

474736340 | 2024-05-04T21:48:27.705330

1337 / tcp

431 Unable to negotiate secure command connection.

637263328 | 2024-04-28T13:56:56.336422

1433 / tcp

MSSQL Server\nVersion: 171050560 (0xa320640)\nSub-Build: 0\nEncryption:Not available\n\nMSSQL NTLM Info:\nTarget_Name: SERVER\nProduct_Version: 10.0.19041 Ntlm 15\nOS: Windows 10, Version 2004/Windows Server, Version 2004\nNetBIOS_Domain_Name: SERVER\nNetBIOS_Computer_Name: SERVER\nDNS_Domain_Name: server\nDNS_Computer_Name: server\nSystem_Time: 2024-01-22 01:21:33 +0000 UTC\n\n

-1636685759 | 2024-04-29T02:18:42.083537

1500 / tcp

HTTP/1.1 302 FOUND
Content-Type: text/html; charset=utf-8
Location: http://121.4.195.214:1500/login
Server: nginx

-1881409212 | 2024-04-23T20:53:39.911081

1515 / tcp

[ò

1869192275 | 2024-04-19T12:05:30.623142

1521 / tcp

\n

2087396567 | 2024-04-17T03:48:24.526290

1599 / tcp

kjnkjabhbanc283ubcsbhdc72

171352214 | 2024-05-02T22:45:18.575682

1604 / tcp

-ERR client ip is not in whitelist

1103582599 | 2024-04-24T11:15:31.322908

1723 / tcp

Firmware: 1\nHostname: Vigor\nVendor: DrayTek\n

-805362002 | 2024-04-17T18:49:42.219795

1741 / tcp

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

-2089734047 | 2024-05-02T13:58:12.607206

1800 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-1299899661 | 2024-04-28T17:18:39.288200

1801 / tcp

\\x10Z\x0b\\x00LIOR<\\x02\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x12\\x00a36a0e421af47074\\x97W\\xcd[\\x98\\xc4\\x1aJ\\xa5\xd1\xbf\\xf9\\xbd\\xc7\\xce\\xfd92d3\\x10\\x01\\x00\\x00ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

-2096652808 | 2024-04-29T16:00:07.217755

1883 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1632932802 | 2024-05-01T09:13:16.202394

1911 / tcp

-1441741890 | 2024-04-09T14:55:35.257111

1925 / tcp

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2
0181212])

-142686627 | 2024-04-26T18:37:49.164312

1926 / tcp

\x00[\xc2\xba\x7fs\x7f\x00\x00

740837454 | 2024-04-23T19:45:34.224091

1962 / tcp

SSH-2.0-OpenSSH_5.3

921225407 | 2024-05-06T05:33:57.749342

2000 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

1632932802 | 2024-04-27T15:06:53.756855

2002 / tcp

1794594071 | 2024-04-30T18:38:05.371710

2008 / tcp

[sÅÓ

1230697277 | 2024-05-03T04:41:59.627203

2020 / tcp

HTTP/1.1 200 OK
Server: Monkey/1.7.0
Transfer-Encoding: chunked

-1013082686 | 2024-04-11T23:30:32.622487

2049 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0
Co
ntent-Type: text/plain

1161309183 | 2024-04-25T19:44:22.353828

2052 / tcp

ProxyServer is ready

-1839934832 | 2024-05-05T02:14:37.533189

2055 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-1399940268 | 2024-04-17T00:33:48.209047

2059 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-42767839 | 2024-05-05T21:25:09.439894

2065 / tcp

RFB 005.000

VNC:
  Protocol Version: 5.0

1842524259 | 2024-05-05T07:56:21.478845

2067 / tcp

165188539 | 2024-04-27T17:03:15.661769

2081 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1729629024 | 2024-04-18T03:31:39.128423

2082 / tcp

101 imqbroker =unV

660175493 | 2024-05-03T23:08:14.907054

2083 / tcp

171352214 | 2024-05-04T01:56:02.853837

2087 / tcp

-ERR client ip is not in whitelist

-459998123 | 2024-05-05T18:06:13.712830

2121 / tcp

220-FileZilla Server version 0.9.46 beta\r\n

2087396567 | 2024-05-01T17:44:36.503918

2154 / tcp

kjnkjabhbanc283ubcsbhdc72

546151771 | 2024-05-04T04:10:04.103406

2181 / tcp

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC
Clients:
/*.*.*.*:11264[0](queued=0,recved=1,sent=0)

Latency min/avg/max: 0/0.0/0
Received: 8557
Sent: 11410
Connections: 1
Outstanding: 0
Zxid: 0x332907ad3391
Mode: follower
Node count: 104618

-2089734047 | 2024-04-14T09:42:26.274922

2221 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

372433470 | 2024-05-05T13:50:17.211524

2222 / tcp

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm=""

-1888448627 | 2024-04-18T13:49:10.995525

2250 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

1662205251 | 2024-04-26T16:55:42.705721

2323 / tcp

HTTP/1.0 404 FAIL
Content-length:5
Connection:Close

-1045760528 | 2024-05-03T23:42:07.685145

2332 / tcp

HTTP/1.1 302 Found
Connection: close
Location: http://*.*.*.*/solr/

820958131 | 2024-05-05T04:34:21.180630

2345 / tcp

kjnkjabhbanc283ubcsbhdc72\x02

1077013874 | 2024-04-28T16:38:26.876918

2376 / tcp

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

-1399940268 | 2024-05-04T20:27:52.722059

2404 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1142844482 | 2024-05-06T04:59:13.116247

2455 / tcp

ÿûSOYO_SIP VBNQyQSKc settings
Password:

-1142844482 | 2024-05-03T13:49:31.388180

2480 / tcp

ÿûSOYO_SIP VBNQyQSKc settings
Password:

-1026951088 | 2024-04-13T06:10:09.130412

2506 / tcp

erro ip

321971019 | 2024-04-28T16:31:52.461054

2548 / tcp

-ERR client ip is not in whitelist\r

-1399940268 | 2024-04-26T18:28:43.062562

2550 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-05-06T02:48:56.716431

2558 / tcp

SSH-2.0-OpenSSH_7.4

1363464823 | 2024-05-01T17:42:09.306259

2560 / tcp

\x00[|ox\x7f\x00\x00

921225407 | 2024-05-02T02:15:45.635880

2598 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

-984990168 | 2024-05-04T10:17:13.147495

2628 / tcp


0ÿñ

1911457608 | 2024-04-25T11:45:47.561928

2761 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-122096153 | 2024-04-25T05:46:36.904299

2762 / tcp

Zookeeper version: 3.7.0-e3704b390a6697bfdf4b0bef79e3da7a4f6bac4b, built on 2021-09-17 18:36 UTC\nClients:\n/*.*.*.*:11264[0](queued=0,recved=1,sent=0)\n\nLatency min/avg/max: 0/0.0/0\nReceived: 8557\nSent: 11410\nConnections: 1\nOutstanding: 0\nZxid: 0x332907ad3391\nMode: follower\nNode count: 104618

119860953 | 2024-05-01T00:10:15.445616

3001 / tcp

* OK ArGoSoft Mail Server IMAP Module v.YW at

-2096652808 | 2024-05-05T21:33:29.761302

3002 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-1139539254 | 2024-04-18T00:06:17.913437

3048 / tcp

\xc3\xbf\xc3\xbb\x01\n\rno data rcvd for version string\n\rrecv version id unsuccessful\n\rSSH Session task 0xY: Version Exchange Failed\n\r

669849225 | 2024-04-17T14:10:33.262724

3049 / tcp

SSH-98.60-SysaxSSH_81885..42\r\n

819727972 | 2024-04-21T02:09:14.357374

3050 / tcp

SSH-2.0-OpenSSH_7.4

819727972 | 2024-04-30T04:30:10.679342

3057 / tcp

SSH-2.0-OpenSSH_7.4

921225407 | 2024-04-16T08:15:23.996739

3070 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

198844676 | 2024-04-17T18:58:31.584753

3077 / tcp

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

1911457608 | 2024-05-06T12:28:18.229391

3091 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1504401647 | 2024-04-29T04:50:52.637507

3096 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

1911457608 | 2024-04-20T03:05:09.410541

3102 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1763259671 | 2024-04-13T17:16:00.149337

3107 / tcp

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

-339084706 | 2024-04-17T20:28:16.364437

3111 / tcp

200 ArGoSoft News Server for WinNT/2000/XP v 59869648 ready\r\n

819727972 | 2024-04-15T18:29:31.463456

3118 / tcp

SSH-2.0-OpenSSH_7.4

-1987260456 | 2024-04-22T14:00:13.956318

3221 / tcp

<?xml version="1.0" encoding="us-ascii"?>\n<junoscript xmlns="http://xml.juniper.net/xnm/1.1/xnm" xmlns:junos="http://xml.juniper.net/junos/15.1X49/junos" schemaLocation="http://xml.juniper.net/junos/15.1X49/junos junos/15.1X49/junos.xsd" os="JUNOS" release="15.1X49-D70.3" hostname="CA802056Sec" version="1.0">\n<!-- session start at 2024-01-19 06:48:47 HKT -->\n<rpc-reply xmlns:junos="http://xml.juniper.net/junos/15.1X49/junos">\n\n<authentication-response>\n<status>fail</status>\n<message>Unexpected XML tag type<

175679309 | 2024-04-28T13:27:24.885189

3260 / tcp

Login Response Success(0x0000)\nKey/Value Pairs\nAuthMethod=None\nTargetAlias=QNAP Target\nTargetPortalGroupTag=1\n

-2031078612 | 2024-05-06T02:41:46.898952

3268 / tcp

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: http://proxy.ces.org.tw:3000/login?url=http%3A%2F%2Floginbyurl.wanfangdata.com.cn%2F

599074451 | 2024-04-22T20:10:01.965692

3269 / tcp

msg

-971970408 | 2024-04-22T00:18:52.751871

3299 / tcp

1189133115 | 2024-04-25T23:30:08.287054

3301 / tcp

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

1801207137 | 2024-05-04T15:20:42.975319

3306 / tcp

F\\x00\\x00\\x00\\xffj\\x04Host \'106.75.96.125\' is not allowed to connect to this MySQL server

632542934 | 2024-04-12T05:18:13.850692

3310 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

165188539 | 2024-04-20T22:58:04.941505

3388 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

521595461 | 2024-04-30T15:35:06.728431

3389 / tcp

Remote Desktop Protocol\n\\x03\\x00\\x00\\x13\\x0e\\xd0\\x00\\x00\\x124\\x00\\x03\\x00\\x08\\x00\\x02\\x00\\x00\\x00\n\nGuess_OS:Windows Server 2003 or 2008\nFlag: PROTOCOL_HYBRID\n

-2140303521 | 2024-04-08T22:24:35.471377

3402 / tcp

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected\n

-438503381 | 2024-04-24T09:17:07.547225

3403 / tcp

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

1911457608 | 2024-04-08T03:43:54.206955

3407 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1119512965 | 2024-05-05T19:56:48.730554

3541 / tcp

HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
content-encoding: gzip
content-length: 171

770016595 | 2024-04-17T17:58:04.664889

3542 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache

198844676 | 2024-05-04T16:21:53.889770

3551 / tcp

HTTP/1.1 404 Not Found
Server: Jetty/9.4.31.v20200723
Content-Type: text/plain; charset=utf-8
Connection: close

-1329831334 | 2024-04-20T20:48:32.367842

3555 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00 \x00\x00\n04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00\\...\n

165188539 | 2024-04-29T15:26:28.544130

3566 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1399940268 | 2024-05-03T16:37:22.672852

3567 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1428621233 | 2024-05-06T15:38:38.293337

3569 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

819727972 | 2024-04-26T03:59:33.835804

3780 / tcp

SSH-2.0-OpenSSH_7.4

819727972 | 2024-05-01T04:05:24.136131

3790 / tcp

SSH-2.0-OpenSSH_7.4

1123187653 | 2024-04-29T13:41:36.005702

4000 / tcp

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN

1543809371 | 2024-05-01T00:17:20.222838

4022 / tcp

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2\n0181212])

550048729 | 2024-04-27T09:43:49.867516

4040 / tcp

ÿÿÿ
0 ...

320677201 | 2024-04-18T07:14:14.209303

4043 / tcp

H\x00\x00\x00\xc3\xbfj\x04Host \'101.133.140.114\' is not allowed to \nconnect to this MySQL server

1741579575 | 2024-04-29T11:57:09.311262

4063 / tcp

-1399940268 | 2024-04-29T07:51:10.848015

4064 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

2143387245 | 2024-04-20T17:05:51.155150

4100 / tcp

HTTP/1.1 408 Request Timeout
content-length: 0
co
nnection: close
date: Fri, 26 Nov 2021 07:46:40 GMT

-358801646 | 2024-05-04T08:17:05.343510

4157 / tcp

SSH-2.0-OpenSSH_6.6.1

1308377066 | 2024-04-29T05:05:59.894008

4190 / tcp

ncacn_http/1.0

-1341662640 | 2024-04-25T19:36:04.890281

4242 / tcp

HTTP/1.1 301 Moved Permanently
Server: Zope/(2.13.23, python 1.7.18, linux2) ZServer/1.1
Content-Type: text/plain; charset=utf-8
Connection: close

-527005584 | 2024-05-01T03:48:22.712302

4282 / tcp

/0 0 L
/0 0 HUH

-1250504565 | 2024-05-04T06:03:27.929200

4321 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\x08\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\x08\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01

-142686627 | 2024-05-03T16:37:29.739237

4369 / tcp

\x00[\xc2\xba\x7fs\x7f\x00\x00

539065883 | 2024-04-30T12:04:24.641101

4433 / tcp

1911457608 | 2024-05-05T12:39:32.925193

4500 / tcp

\x00[\x00\x00\x00\x00\x00\x00

171352214 | 2024-05-01T11:43:50.903191

4506 / tcp

-ERR client ip is not in whitelist

-79865617 | 2024-05-04T19:16:04.598819

4664 / tcp

( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries com
mit-revprops depth log-revprops partial-replay ) ) )

921225407 | 2024-04-14T11:21:24.197315

4747 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

1072892569 | 2024-04-12T06:03:03.564384

4782 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

-1297953727 | 2024-04-29T08:53:59.625672

4786 / tcp

\x02\x00\x00\x00\x00\x00\x06\x04\x00\x00\x00\x00\x00\x0c\x00\x00\n0\x00\x1c

-1428621233 | 2024-04-12T05:59:08.481108

4808 / tcp

\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x04\x00@\x00\x00\x00\x00\n05\x00@\x00\x00\x00\x06\x00\x00 \x00\xc3\xbe\x03\x00\x00\x00\x01\x00\x00...\n

-1399940268 | 2024-04-14T17:15:03.726680

4840 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-358801646 | 2024-04-16T16:58:26.390754

4899 / tcp

SSH-2.0-OpenSSH_6.6.1

1911457608 | 2024-05-05T07:00:38.314455

4911 / tcp

\x00[\x00\x00\x00\x00\x00\x00

841014058 | 2024-04-27T16:04:08.228353

4949 / tcp

Hello, this is FRRouting (version 4.0).

Copyright 19
96-2005 Kunihiro Ishiguro, et al.




Use...

971933601 | 2024-05-06T07:18:14.507712

5001 / tcp

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

819727972 | 2024-04-22T20:45:04.165916

5003 / tcp

SSH-2.0-OpenSSH_7.4

2009276894 | 2024-04-13T21:10:30.418236

5005 / tcp

N
5.6.40-logÅTUNEgVX2
¢!xlB...

-746114901 | 2024-05-03T13:31:33.562008

5006 / tcp

[KpU

321971019 | 2024-05-02T14:08:23.283756

5007 / tcp

-ERR client ip is not in whitelist\r

1472866667 | 2024-05-01T07:09:11.792843

5009 / tcp

AB\\x01\t

819727972 | 2024-05-05T01:02:01.696759

5010 / tcp

SSH-2.0-OpenSSH_7.4

-984990168 | 2024-05-06T11:30:24.967350

5025 / tcp


0ÿñ

819727972 | 2024-05-05T00:19:53.239089

5172 / tcp

SSH-2.0-OpenSSH_7.4

-1888448627 | 2024-05-05T03:43:03.147342

5201 / tcp

\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00

564972781 | 2024-05-03T19:29:39.110102

5269 / tcp

HTTP/1.1 400 Bad Request
Server: CWAP-waf
Content-Type: text/html
Connection: close
WZWS-RAY: 1249-1705937967.102-w-waf03tjgt

1332894250 | 2024-05-05T00:56:08.219232

5435 / tcp

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

1189133115 | 2024-04-28T18:12:36.088266

5443 / tcp

SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8

-1538260461 | 2024-04-08T09:28:42.298914

5446 / tcp

\x01\x00\x00\x00

103159425 | 2024-05-02T07:15:42.220680

5590 / tcp

SSH-1.99-RGOS_SSH

1519486042 | 2024-05-04T10:37:14.915560

5591 / tcp

<KU_goodbye>Protocol Error: XML data is not well-formed.</KU_goodbye>

-119996482 | 2024-04-30T02:47:12.311886

5601 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0

-1399940268 | 2024-05-03T18:28:44.319237

5605 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-04-16T06:47:41.511038

5606 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

165188539 | 2024-05-02T02:25:43.968119

5608 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1282941221 | 2024-04-29T03:13:53.211283

5609 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

575925250 | 2024-05-02T02:10:31.574484

5672 / tcp

AMQP:\ncluster_name:rabbit@rabbitmq-0.rabbitmq-headless.rabbitmq.svc.cluster.local\ncopyright:Copyright (c) 2007-2021 VMware, Inc. or its affiliates.\ninformation:Licensed under the MPL 2.0. Website: https://rabbitmq.com\nplatform:Erlang/OTP 24.1\nproduct:RabbitMQ\nversion:3.9.7\nCapabilities:\npublisher_confirms:true\nexchange_exchange_bindings:true\nbasic.nack:true\nconsumer_cancel_notify:true\nconnection.blocked:true\nconsumer_priorities:true\nauthentication_failure_close:true\nper_consumer_qos:true\ndirect_reply_to:tru

-358801646 | 2024-04-26T11:32:41.733992

5858 / tcp

SSH-2.0-OpenSSH_6.6.1

-670840277 | 2024-04-20T11:15:43.458445

5900 / tcp

RFB 004.001

VNC:
  Protocol Version: 4.1

1911457608 | 2024-04-29T13:34:39.081870

5938 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1999272906 | 2024-04-30T01:27:32.875603

5984 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

-746114901 | 2024-05-06T02:19:28.228125

5986 / tcp

[KpU

-1399940268 | 2024-04-30T21:48:43.081012

6001 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1681927087 | 2024-04-27T02:39:51.688752

6002 / tcp

kjnkjabhbanc283ubcsbhdc72

165188539 | 2024-05-01T21:17:28.337229

6036 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1279886438 | 2024-04-11T09:18:06.781192

6363 / tcp

GET / HTTP/1.0 : USERID : UNIX : TKUXZmP\r\n : USERID : UNIX : Cr8\r\n

321971019 | 2024-05-06T05:23:40.697696

6379 / tcp

-ERR client ip is not in whitelist\r

401555314 | 2024-05-01T06:05:21.711393

6443 / tcp

NB[GFXjA^R

-636134902 | 2024-04-23T15:31:25.923634

6510 / tcp

HTTP/1.1 200 OK
Server:Cross Web Server
Content-length: 3233
Content-type: text/html

-142686627 | 2024-04-24T10:06:59.699906

6633 / tcp

\x00[\xc2\xba\x7fs\x7f\x00\x00

165188539 | 2024-05-05T19:38:59.176847

6653 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1148066627 | 2024-04-20T09:50:47.856412

6662 / tcp

\x00[\xc2\x84\xc2\x86\xc3\xb2\x7f\x00\x00

4935895 | 2024-04-23T17:43:15.192895

6666 / tcp

HTTP/1.1 400 Bad Request
Server: CloudWAF

1852418385 | 2024-05-02T20:47:15.601221

6667 / tcp

RTSP/1.0 453 Not Enough Bandwidth
Server: AirTunes/7l_wZ

599074451 | 2024-04-29T02:41:31.596962

6668 / tcp

msg

-358801646 | 2024-04-20T09:21:20.900567

6697 / tcp

SSH-2.0-OpenSSH_6.6.1

165188539 | 2024-04-18T00:22:21.613558

7005 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1911457608 | 2024-05-03T20:26:55.784187

7010 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-801484042 | 2024-04-27T07:10:13.938869

7071 / tcp

ERR 27

-1327660293 | 2024-05-06T04:27:04.088132

7171 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

1632932802 | 2024-05-06T04:14:41.856104

7218 / tcp

1492413928 | 2024-05-06T15:56:54.120438

7415 / tcp

SSH-2.0-OpenSSH_7.5

-142686627 | 2024-04-29T19:48:18.579504

7434 / tcp

\x00[\xc2\xba\x7fs\x7f\x00\x00

-584993230 | 2024-04-23T08:32:24.460574

7443 / tcp

HTTP/1.1 400 Bad Request
Server:  
Content-Type: text/html
Connection: close

-1344535834 | 2024-04-23T08:56:52.224773

7474 / tcp

HTTP/1.0 200 OK
Server: Proxy

-1399940268 | 2024-04-30T20:28:51.906412

7493 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

819727972 | 2024-05-06T05:27:53.571958

7548 / tcp

SSH-2.0-OpenSSH_7.4

745343730 | 2024-05-02T17:02:38.768116

7634 / tcp

220 smtp.qq.com Esmtp QQ Mail Server

-441419608 | 2024-04-30T14:30:46.199062

7788 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

-984990168 | 2024-04-28T05:29:04.245015

7989 / tcp


0ÿñ

1072892569 | 2024-05-06T04:41:49.493297

8001 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

820958131 | 2024-05-06T01:47:55.409513

8002 / tcp

kjnkjabhbanc283ubcsbhdc72\x02

-358801646 | 2024-04-27T08:07:21.056256

8003 / tcp

SSH-2.0-OpenSSH_6.6.1

1504401647 | 2024-04-23T01:28:55.579956

8004 / tcp

:dircproxy NOTICE AUTH :Looking up your hostname...\r\n:dircproxy NOTICE AUTH :Got your hostname.\r\n

1761482307 | 2024-04-25T23:57:29.198311

8009 / tcp

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

-1399940268 | 2024-04-19T19:07:42.754935

8011 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1839934832 | 2024-04-11T09:48:54.568935

8019 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-903067560 | 2024-04-19T08:09:24.946521

8036 / tcp

\x00[\x13)\xc2\x81\x7f\x00\x00

1134517380 | 2024-04-18T02:16:37.882661

8050 / tcp

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

550048729 | 2024-04-29T22:50:01.624244

8060 / tcp

ÿÿÿ
0 ...

1075793816 | 2024-05-06T07:50:27.580667

8081 / tcp

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Mon, 06 May 2024 07:50:27 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
K-App-Host: https://cmpgtest.aliyuncs.com/rating-wrap/begin-sink/join
Server: Jetty(9.2.z-SNAPSHOT)
Set-Cookie: JSESSIONID.3deb4c5c=1lx8ks7pxsgi81000zof8f4jf6;Path=/;HttpOnly
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Hudson: 1.395
X-Hudson-Cli-Port: 44723
X-Hudson-Theme: default
X-Instance-Identity: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUfx8b9D9EahOva3gp5HxSClqkJv8cBTQgpIusRKH0njrh1k1oUJWcsXSDkL8ULsGXKzBAcM1uaO2Wlw+W1e94ADDlxwVaH/5x3u/8dFKtSSke2bHC7jcwdmAQ0I8HvGQL3DV/dXWgVmq36VvA2afkCKX3YnxX/fu8O8GayASjB72H5PaVd1WAZSczENTS9tebvNJK/RVUGfCuRAjT62s4ek0FXLfVfjjV5kFPI2VfGp068SdtTpu2FZnr0DuY96lA23f0Dy9XT0AOnNI9SsTQM4XDfYs+3njvdx8motkpIXZthol3zBT1WkxzZ68t/3hK+6SoaRcHYxtmRDWJlB7wIDAQAB
X-Jenkins: 2.46.1
X-Jenkins-Cli-Port: 44723
X-Jenkins-Cli2-Port: 44723
X-Jenkins-Session: fd1b1568
X-Ssh-Endpoint: 8.134.16.105:33099
Transfer-Encoding: chunked

20b4




  
  <!DOCTYPE html><html><head resURL="/static/fd1b1568" data-rooturl="" data-resurl="/static/fd1b1568">
    

    <title>Dashboard [Jenkins]</title><link rel="stylesheet" href="/static/fd1b1568/css/layout-common.css" type="text/css" /><link rel="stylesheet" href="/static/fd1b1568/css/style.css" type="text/css" /><link rel="stylesheet" href="/static/fd1b1568/css/color.css" type="text/css" /><link rel="stylesheet" href="/static/fd1b1568/css/responsive-grid.css" type="text/css" /><link rel="shortcut icon" href="/static/fd1b1568/favicon.ico" type="image/vnd.microsoft.icon" /><link color="black" rel="mask-icon" href="/images/mask-icon.svg" /><script>var isRunAsTest=false; var rootURL=""; var resURL="/static/fd1b1568";</script><script src="/static/fd1b1568/scripts/prototype.js" type="text/javascript"></script><script src="/static/fd1b1568/scripts/behavior.js" type="text/javascript"></script><script src='/adjuncts/fd1b1568/org/kohsuke/stapler/bind.js' type='text/javascript'></script><script src="/static/fd1b1568/scripts/yui/yahoo/yahoo-min.js"></script><script src="/static/fd1b1568/scripts/yui/dom/dom-min.js"></script><script src="/static/fd1b1568/scripts/yui/event/event-min.js"></script><script src="/static/fd1b1568/scripts/yui/animation/animation-min.js"></script><script src="/static/fd1b1568/scripts/yui/dragdrop/dragdrop-min.js"></script><script src="/static/fd1b1568/scripts/yui/container/container-min.js"></script><script src="/static/fd1b1568/scripts/yui/connection/connection-min.js"></script><script src="/static/fd1b1568/scripts/yui/datasource/datasource-min.js"></script><script src="/static/fd1b1568/scripts/yui/autocomplete/autocomplete-min.js"></script><script src="/static/fd1b1568/scripts/yui/menu/menu-min.js"></script><script src="/static/fd1b1568/scripts/yui/element/element-min.js"></script><script src="/static/fd1b1568/scripts/yui/button/button-min.js"></script><script src="/static/fd1b1568/scripts/yui/storage/storage-min.js"></script><script src="/static/fd1b1568/scripts/hudson-behavior.js" type="text/javascript"></script><script src="/static/fd1b1568/scripts/sortable.js" type="text/javascript"></script><script>crumb.init("", "");</script><link rel="stylesheet" href="/static/fd1b1568/scripts/yui/container/assets/container.css" type="text/css" /><link rel="stylesheet" href="/static/fd1b1568/scripts/yui/assets/skins/sam/skin.css" type="text/css" /><link rel="stylesheet" href="/static/fd1b1568/scripts/yui/container/assets/skins/sam/container.css" type="text/css" /><link rel="stylesheet" href="/static/fd1b1568/scripts/yui/button/assets/skins/sam/button.css" type="text/css" /><link rel="stylesheet" href="/static/fd1b1568/scripts/yui/menu/assets/skins/sam/menu.css" type="text/css" /><link rel="search" href="/opensearch.xml" type="application/opensearchdescription+xml" title="Jenkins" /><meta name="ROBOTS" content="INDEX,NOFOLLOW" /><meta name="viewport" content="width=device-width, initial-scale=1" /><link rel="alternate" href="/rssAll" title="Jenkins:all (all builds)" type="application/rss+xml" /><link rel="alternate" href="/rssAll?flavor=rss20" title="Jenkins:all (all builds) (RSS 2.0)" type="application/rss+xml" /><link rel="alternate" href="/rssFailed" title="Jenkins:all (failed builds)" type="application/rss+xml" /><link rel="alternate" href="/rssFailed?flavor=rss20" title="Jenkins:all (failed builds) (RSS 2.0)" type="application/rss+xml" /><script src="/static/fd1b1568/scripts/yui/cookie/cookie-min.js"></script><script>
              YAHOO.util.Cookie.set("screenResolution", screen.width+"x"+screen.height);
            </script><script src="/static/fd1b1568/jsbundles/page-init.js" type="text/javascript"></script></head><body data-model-type="hudson.model.AllView" id="jenkins" class="yui-skin-sam jenkins-2.46.1 two-column" data-version="2.46.1"><a href="#skip2content" class="skiplink">Skip to content</a><div id="page-head"><div id="header"><div class="logo"><a id="jenkins-home-link" href="/"><img src="/static/fd1b1568/images/headshot.png" alt="title" id=

-1559123399 | 2024-04-23T19:42:10.884458

8083 / tcp

500 Permission denied - closing connection.

819727972 | 2024-05-05T05:12:25.116842

8087 / tcp

SSH-2.0-OpenSSH_7.4

-971970408 | 2024-04-08T22:33:22.696357

8089 / tcp

-2118655245 | 2024-04-22T20:18:03.303521

8090 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20

-1453516345 | 2024-04-26T18:35:20.287079

8096 / tcp

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

1115736665 | 2024-05-03T11:30:08.368671

8099 / tcp

HTTP/1.1 403 Forbidden
Server: openresty
Content-Type: text/html
Connection: keep-alive
via: CHN-GDdongguan-AREACMCC2-CACHE15[8]
X-CCDN-FORBID-CODE: 040001

819727972 | 2024-04-18T12:31:29.226812

8104 / tcp

SSH-2.0-OpenSSH_7.4

-2096652808 | 2024-04-24T13:37:51.056342

8106 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-1559123399 | 2024-04-16T06:11:28.508732

8123 / tcp

500 Permission denied - closing connection.

2087396567 | 2024-05-02T09:23:45.500187

8126 / tcp

kjnkjabhbanc283ubcsbhdc72

1690634669 | 2024-04-22T20:36:41.726306

8139 / tcp

-971970408 | 2024-05-03T18:21:40.645245

8140 / tcp

-1760806421 | 2024-05-01T15:39:40.336714

8181 / tcp

protocolErrorInf error=Missing hw string from : null. Check hardware state=disconnected

-1032713145 | 2024-04-25T15:43:20.780781

8184 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x04\x08\x00\x00\x00\n0\x00\x00\x00\x0e\xc3\xbf\xc3\xb1

1320285193 | 2024-05-02T00:46:46.529328

8200 / tcp

HTTP/1.1 404 Not Found
Server: CloudWAF
Content-Type: text/html
Connection: keep-alive

-2089734047 | 2024-04-25T18:47:40.750643

8249 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-1453516345 | 2024-05-01T19:12:26.903588

8291 / tcp

HTTP/1.1 200 OK
Connection: close
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

-119996482 | 2024-04-18T15:52:21.288277

8334 / tcp

HTTP/1.1 408 Request Timeout
Content-Length: 0

-2089734047 | 2024-04-23T13:01:40.663429

8401 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-2089734047 | 2024-05-02T02:23:41.378233

8407 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-585940771 | 2024-04-20T10:24:16.894903

8410 / tcp

Unknown command\r\n

165188539 | 2024-04-23T23:19:53.186487

8412 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-616720387 | 2024-04-10T07:00:20.373405

8415 / tcp

SSH-2.0-SSHD_0.7.6

-1399940268 | 2024-04-19T09:26:42.980605

8424 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1399940268 | 2024-04-22T18:45:47.468123

8429 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-2096652808 | 2024-04-24T08:31:23.434229

8431 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

1911457608 | 2024-05-03T16:53:37.859732

8432 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1273248176 | 2024-05-04T20:31:30.271476

8443 / tcp

HTTP/1.1 303 See Other
Server: sw-cp-server
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 28 May 1999 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Location: https://61.219.16.209:8443/login.php

165188539 | 2024-05-06T15:08:46.937091

8446 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1839934832 | 2024-04-08T21:28:23.456443

8448 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-918002969 | 2024-05-02T09:29:13.902205

8500 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae1f0c_CS-000-01n4m185_5018-27088

-358801646 | 2024-05-04T20:50:27.412865

8545 / tcp

SSH-2.0-OpenSSH_6.6.1

819727972 | 2024-05-03T04:40:26.330869

8554 / tcp

SSH-2.0-OpenSSH_7.4

165188539 | 2024-04-27T15:49:41.143948

8575 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

-1399940268 | 2024-04-23T09:29:22.083489

8585 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1746074029 | 2024-04-22T09:10:25.172790

8602 / tcp

101 imqbroker =unV\r\n

1948301213 | 2024-04-23T05:58:28.669662

8637 / tcp

RFB 003.003
VNC:
  Protocol Version: 3.3

842535728 | 2024-04-25T03:41:26.042493

8649 / tcp

<?xml version="1.0" encoding="ISO-8859-1" standalone="yes"?>
A<!DOCTYPE GANGLIA_XML [
   <!ELEMENT GANGLIA_XML (GRID|CLUSTER|H...

-1399940268 | 2024-04-10T08:38:41.218581

8728 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1830697416 | 2024-05-02T05:45:05.369021

8765 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

-1839934832 | 2024-04-16T18:43:14.472963

8782 / tcp

HTTP/1.0 408 Request Time-out
Cache-Control: no-cache
D
Connection: close
Content-Type: text/html

...

-358801646 | 2024-04-08T22:27:57.063146

8789 / tcp

SSH-2.0-OpenSSH_6.6.1

-653033013 | 2024-04-30T14:07:32.063744

8790 / tcp

\xc3\xbf\x00\x00\x00\x00\x00\x00\x00\x01\x7f

119860953 | 2024-05-03T02:35:29.889109

8791 / tcp

* OK ArGoSoft Mail Server IMAP Module v.YW at

819727972 | 2024-05-06T12:14:48.827304

8812 / tcp

SSH-2.0-OpenSSH_7.4

-1114821551 | 2024-04-26T16:47:20.910469

8816 / tcp

\xc3\xa3\r\n\r\n\x00\x01\x00K\x00vInvalid protocol verification, illegal ORMI request or request performed with an incompatible version of this protocol

-1019343788 | 2024-04-29T06:49:09.212481

8817 / tcp

W!\x00\x00\x00\x00

-2089734047 | 2024-04-17T01:22:59.977472

8819 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

117101543 | 2024-04-26T12:58:23.759209

8834 / tcp

\x18\x01\x00\x00\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\n0\x0c\x00\x04\x00\x00\x00\x08\x00\n\x00\x00\x00d\x04\x00\x00\xc3\xb8\x00...\n

-1059554316 | 2024-04-26T17:30:49.106028

8835 / tcp

\xc2\xa5A\x00\x01\x00\x00\x00,\x00\x00\x00\x02\x00\x00\x00L\x00\x00\x00\x08Connect\x00\x00\x00\x00x\x00\x00\x00\x0857222\x00\x00\x00

945910976 | 2024-04-20T10:25:27.514084

8836 / tcp

* OK TeamXchange IMAP4rev1 server (otyUg) ready.\r\n

1208318993 | 2024-04-19T17:23:49.635060

8847 / tcp

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

1332894250 | 2024-04-17T17:09:16.058670

8858 / tcp

\xc3\xbf\xc3\xbb\x01SOYO_SIP VBNQyQSKc settings\r\nPassword:

669849225 | 2024-04-19T04:46:48.887179

8860 / tcp

SSH-98.60-SysaxSSH_81885..42\r\n

-1265999252 | 2024-04-22T06:29:14.291527

8863 / tcp

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto\ncol:SOAP, MKSDisplayProtocol:VNC , ,

-1399940268 | 2024-05-01T16:47:02.474256

8866 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1911457608 | 2024-04-18T13:02:56.968350

8868 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1153858743 | 2024-05-04T10:40:07.663614

8873 / tcp

@RSYNCD: 31.0\n

-438503381 | 2024-04-27T00:34:58.583729

8875 / tcp

WORLD OF WARCRAFT CONNECTION - SERVER TO CLIENT - V2

632542934 | 2024-04-08T06:34:40.167508

8877 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

2087396567 | 2024-05-01T04:43:56.314881

8880 / tcp

kjnkjabhbanc283ubcsbhdc72

1212285915 | 2024-04-13T02:16:28.498429

8881 / tcp

\x00K\x00\x00\x02\x00\x00\x00%~)J/\\tHjU(IAGENT = (AGENT_VERSION = 2388790170)(RPC_VERSION = 5..722))

250824264 | 2024-04-29T13:50:45.559499

8888 / tcp

HTTP/1.1 408 Request Timeout

-1713437100 | 2024-05-03T00:29:31.295533

8889 / tcp

\xc3\xbf\xc3\xbb\x01\r\nWelcome to NetLinx v94 Copyright AMX Corp. 34395-49007\r\n>

-2067028711 | 2024-04-29T16:05:32.558714

9000 / tcp

\x15\x03\x01\x00\x02\x02F

-1026951088 | 2024-04-29T21:55:34.624291

9001 / tcp

erro ip

-445721795 | 2024-04-30T14:32:03.866301

9002 / tcp

\x00[\xc3\xaed\x1a\x7f\x00\x00

819727972 | 2024-05-04T07:28:08.192504

9013 / tcp

SSH-2.0-OpenSSH_7.4

971933601 | 2024-05-01T00:01:57.747953

9015 / tcp

HTTP/1.0 404 Not Found
Content-Length: 0
Server: HTTPD
Connection: close
Content-Type: text/html

707919486 | 2024-04-30T09:22:45.079253

9018 / tcp

\x00\x06\xc2\x81\xc2\x81\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03

1830697416 | 2024-04-30T17:04:59.841098

9019 / tcp

HTTP/1.0 200 OK
Cache-Control: must-revalidate
Content-Length: 243
Content-Type: application/json
Server: CouchDB/3.2.0 (Erlang OTP/20)
X-Cloudant-Action: cloudantnosqldb.account-meta-info.read
X-Couch-Request-ID: a2da79eef6
X-Content-Type-Options: nosniff
X-Cloudant-Request-Class: unlimited
X-Cloudant-Backend: bm-cc-uk-01
Via: 1.0 lb1.bm-cc-uk-01 (Glum/1.101.1)

819727972 | 2024-04-15T08:15:28.887838

9026 / tcp

SSH-2.0-OpenSSH_7.4

-1399940268 | 2024-05-05T04:43:21.010380

9028 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1911457608 | 2024-04-16T04:18:48.298321

9031 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-441419608 | 2024-04-25T08:41:40.156271

9034 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

-786044033 | 2024-05-04T04:43:41.276850

9042 / tcp

OK Welcome <299685> on DirectUpdate server 7286

660175493 | 2024-05-03T18:28:20.414955

9051 / tcp

-2017887953 | 2024-04-15T11:13:07.912688

9088 / tcp

SSH-2.0-OpenSSH_7.9

1082239536 | 2024-05-06T13:08:39.953225

9090 / tcp

HTTP/1.1 302 Found
Content-Length: 0
Date: Mon, 06 May 2024 13:08:39 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://upload.aliyun.com/delete-column
Set-Cookie: JSESSIONID=node0va3yo8k1tzrb14pi3n720au0w1943.node0; Path=/; HttpOnly
X-Frame-Options: SAMEORIGIN

-1099385124 | 2024-05-05T12:41:29.305437

9092 / tcp

"Magic:ActiveMQ\nVersion:12\n\x00\x00\x01<\x01ActiveMQ\x00\x00\x00\x0c\x01\x00\x00\x01*\x00\x00\x00\x0c\x00\x11TcpNoDelayEnabled\x01\x01\x00\x12SizePrefixDisabled\x01\x00\x00 CacheSize\x05\x00\x00\x04\x00\x00\x0cProviderName \x00\x08ActiveMQ\x00\x11StackTraceEnabled\x01\x01\x00\x0fPlatformDetails \x00\x04Java\x00\x0cCacheEnabled\x01\x01\x00\x14TightEncodingEnabled\x01\x01\x00\x0cMaxFrameSize\x06\x00\x00\x00\x00\x06@\x00\x00\x00\x15MaxInac

-2096652808 | 2024-04-10T12:49:30.898557

9094 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

-971970408 | 2024-05-06T13:54:12.271588

9095 / tcp

-1399940268 | 2024-04-22T19:14:11.402491

9104 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

88628486 | 2024-04-22T10:37:19.541769

9110 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 657beb90_CS-NKG-01Hep254_64458-38078

-1399940268 | 2024-04-17T13:02:57.034888

9111 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1308377066 | 2024-04-30T02:36:07.222177

9160 / tcp

ncacn_http/1.0

-154107716 | 2024-04-23T21:58:43.666613

9191 / tcp

220 Microsoft FTP Service
530 User cannot log in.
214-The following commands are recognized (* ==>'s unimplemented).
    ABOR 
    ACCT 
    ADAT *
    ALLO 
    APPE 
    AUTH 
    CCC 
    CDUP 
    CWD 
    DELE 
    ENC *
    EPRT 
    EPSV 
    FEAT 
    HELP 
    HOST 
    LANG 
    LIST ...

1989907056 | 2024-04-19T14:19:47.965361

9209 / tcp

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

1989907056 | 2024-04-10T11:34:56.421961

9212 / tcp

RTSP/1.0 453 Not Enough Bandwidth\r\nServer: AirTunes/7l_wZ\r\n\r\n

-1399940268 | 2024-04-27T04:10:52.913887

9306 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-407828767 | 2024-05-01T18:43:24.560632

9308 / tcp

\x00[\xc2\xbc/\xc2\x9f\x7f\x00\x00

-2046514463 | 2024-04-17T06:26:19.019848

9389 / tcp

AB\x01\t

1529351907 | 2024-05-03T21:50:27.567209

9418 / tcp

HTTP/1.1 407 OK
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

please add white ip *.*.*.*

920422207 | 2024-04-26T05:11:29.154486

9443 / tcp

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 05:11:29 GMT
Content-Type: application/json
Content-Length: 2175
Connection: keep-alive
Ali-Swift-Global-Savetime: 1714108289
Eagleeye-Traceid: e42ce61d8bb3522e42d351251b
Eagleid: e42ce61d8bb3522e42d351251b
S_group: tao-session
S_ip: b0e04a17d7b353280133b73853b936c0
S_status: STATUS_SYS_ERR
S_tag: 245269178813899|710997101^|^^
S_tid: e42ce61d8bb3522e42d351251b
S_ucode: CN:CENTER
S_v: 2.0.0.9
Server: Tengine
Strict-Transport-Security: max-age=0
Timing-Allow-Origin: *, *
Location: https://pingce.cainiao.com
Ufe-Result: A3
Via: kunlun64.36kunlun7[326,524,377-0,M], kunlun36.kunlun91[387,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-Cachetime: 0
X-Swift-Savetime: Fri, 26 Apr 2024 05:11:29 GMT

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:a7:27:29:07:10:52:7c:ae:c7:4a:96
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2
        Validity
            Not Before: Sep 12 07:56:08 2023 GMT
            Not After : Feb 20 10:00:00 2024 GMT
        Subject: CN=*.aliyuncs.com, O=Alibaba (China) Technology Co., Ltd., L=Hangzhou, ST=Zhejiang, C=CN
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e8:b1:b8:29:57:a1:f9:9f:8a:46:90:0b:2b:cd:
                    93:87:7e:a6:d9:0f:19:3d:f4:24:c4:cb:c6:ce:ad:
                    76:93:00:c1:16:99:ff:2f:f7:75:cb:91:48:7c:0b:
                    bb:db:53:52:3f:04:ab:33:69:e8:87:ef:36:c6:c1:
                    e3:47:2b:ec:96:b7:f0:e9:ef:8f:b8:a6:03:51:8d:
                    45:34:10:41:e1:5f:a1:cc:2a:ef:f7:33:8c:44:e7:
                    c6:13:27:df:13:2e:e4:ea:84:c2:b8:cf:ab:92:d7:
                    3f:66:80:4a:d8:43:5a:53:7d:1c:6a:6a:4b:1c:98:
                    db:47:7f:3f:ad:bf:0d:41:81:01:6e:05:21:5f:15:
                    8e:e8:28:24:a1:d3:5a:4e:d3:1a:74:4c:30:7a:7e:
                    2f:eb:f3:92:34:26:9f:2c:f0:af:5d:65:78:17:e8:
                    13:e2:20:17:48:5c:10:25:ad:b1:4e:cc:86:07:50:
                    75:9e:79:5e:d3:6b:36:90:b1:36:08:42:c8:90:b3:
                    1f:5e:02:4a:9a:b6:a2:98:60:67:fe:8d:d6:3e:29:
                    53:fd:3b:8d:97:6a:0e:ae:96:18:d2:fc:26:33:b5:
                    7d:fb:d3:04:f1:ff:ef:c8:18:5c:78:22:f6:01:2a:
                    6b:dc:d6:a7:ac:aa:37:e6:65:45:05:8b:06:6a:74:
                    56:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                BD:22:FF:00:93:D9:9B:FA:87:FC:C5:14:21:44:0A:DD:BF:4A:AA:A6
            X509v3 Authority Key Identifier: 
                96:DE:61:F1:BD:1C:16:29:53:1C:C0:CC:7D:3B:83:00:40:E6:1A:7C
            Authority Information Access: 
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g2
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt
            X509v3 Subject Alternative Name: 
                DNS:*.aliyuncs.com, DNS:*.cn-hangzhou-mybk.aliyuncs.com, DNS:*.cn-nantong.aliyuncs.com, DNS:*.cn-shenzhen-finance-1.aliyuncs.com, DNS:*.cn-sichuan.aliyuncs.com, DNS:*.jp-fudao.aliyuncs.com, DNS:*.ap-south-1.aliyuncs.com, DNS:*.cn-wulanchabu.aliyuncs.com, DNS:*.cn-huhehaote.aliyuncs.com, DNS:*.cn-chengdu.aliyuncs.com, DNS:*.rus-west-1.aliyuncs.com, DNS:*.ap-southeast-1.aliyuncs.com, DNS:*.in-mumbai.aliyuncs.com, DNS:*.cn-guangzhou.aliyuncs.com, DNS:*.cn-hangzhou.aliyuncs.com, DNS:[2408:4001:f00::1f7], DNS:member.lazada.com.ph, DNS:ndbmall.aliyun.com, DNS:mingxin.tmall.com, DNS:partners.lazada.co.th, DNS:vps.uc.cn, DNS:dh-cn-shanghai-int-vpc.aliyun.com, DNS:shog36623201.taobao.com, DNS:saa-dsd-dsd59466-80.gas-svr.ojibobo-ina.aon.alibaba-inc.com, DNS:wwwclick.faas.ele.me, DNS:gernission-o.san.tmall.com, DNS:merchant.hemayx.cn, DNS:doyv-dork.ojibobo-ina.aon.alibaba-inc.com, DNS:shop653nn34615206.1688.com, DNS:n.rvssion.alibaba.com, DNS:jlwb.net, DNS:api-mld.aliyun.com, DNS:nse-vga.an-shonghoi.aliyuncs.com, DNS:app87328.eapps.dingtalkcloud.com, DNS:channel.oxs.tesla.aliyun.com, DNS:test-feed.sm.cn, DNS:jmacs-m.lazada.co.id, DNS:www.aliyun.com, DNS:100troding.en.alibaba.com, DNS:wym.amap.com, DNS:shog552439733.dorjd.taobao.com, DNS:oaaovnt.ose.aliyun.com, DNS:ok-ev-aentroj-1-vig.ojiyvn-ina.aon.aliyun-inc.com, DNS:grafana-kafka-shenma.aliyun.com, DNS:imm.cn-hangzhou.aliyun.com, DNS:h5-alimebot.lazada.co.id, DNS:shog36245103.taobao.com, DNS:ecs-openapi-share.cn-hangzhou.aliyuncs.com, DNS:survey.xy.ele.me, DNS:service.cn-beijing.maxcompute.aliyun.com, DNS:085.bjog.ahino.alibaba.com, DNS:upload.open.9game.cn, DNS:troae2.sn.ojibobo-ina.aon.alibaba-inc.com, DNS:test-ucnews.sm.cn, DNS:center-h5api.m.tmall.com, DNS:gog.ojiyvn-ina.aon.aliyun-inc.com, DNS:088446.aliyun.com, DNS:eci-vpc.us-east-1.aliyuncs.com, DNS:shop1352360546336.aliyun.com, DNS:sdg.ojibobo-ina.aon.alibaba-inc.com, DNS:onsnqtt.an-shonghoi.aliyuncs.com, DNS:sima-land.aliexpress.com, DNS:tingdv-ogs-debhook.aliyuncs.com, DNS:goi-dono.ojibobo-ina.aon.alibaba-inc.com, DNS:birdsbase-api.cainiao.com, DNS:bst-monitor.amap.test, DNS:mc.atm.youku.com, DNS:config.56xiniao.com, DNS:shop395919529.aliyun.com, DNS:heimdall-donkey.alibaba-inc.com, DNS:passport.diantao.cn, DNS:lazada.com, DNS:open.9game.cn, DNS:eai-doto-an-dvjonahobv.ojiyvn-ina.aon.aliyun-inc.com, DNS:shop3926e82x21044.1688.com, DNS:oxt-shore.an-shonghoi.aliyuncs.com, DNS:superdeals.aliexpress.com, DNS:shop95x1h744x5080.aliyun.com, DNS:dh-ap-south-1.aliyun.com, DNS:www2.10219.com, DNS:mds-portal.aliyun.com, DNS:tian.confong.cn, DNS:cnpassport.jingguan.ai, DNS:shog36842827.taobao.com, DNS:base.aligames.com, DNS:workorder-share.aliyun.com, DNS:vga.taobao.com, DNS:rfqgosting.alibaba.com, DNS:shop2353p5p94s250.1688.com, DNS:105.aliexpress.ru, DNS:open.9game.cn, DNS:empsharing.hemaos.com, DNS:8528hhg.taobao.com, DNS:shop36240870.taobao.com, DNS:shog36837249.taobao.com, DNS:gre-ogi-resovrae-noss.ojibobo-ina.aon.alibaba-inc.com, DNS:tnodnin.ojiyvn-ina.aon.aliyun-inc.com, DNS:mc.atm.aliyun.com, DNS:faburuanwen.com, DNS:shop44973224o1x10.aliyun.com, DNS:chajian.sto.cn, DNS:xmap-statistics.amap.com, DNS:barney.taobao.org, DNS:shop36745251.taobao.com, DNS:www4.bubastis.xixikf.cn, DNS:cs.lazada.com.ph, DNS:market.m.taobao.com, DNS:www.zb-h5.faas.ele.me, DNS:a.ojibobo-ina.aon.alibaba-inc.com, DNS:tpm.dms.cainiao.com, DNS:sso-e.gfn.cainiao.com, DNS:zb-dsw-dsw57685-80.pcs-svr.aliyun.com, DNS:shog2a6250868e917.1688.com, DNS:pip.alibaba.net, DNS:shog36364149d47b0.1688.com, DNS:oaaovnt-session-shore.ev-aentroj-1.aliyuncs.com, DNS:sahedvjerogi-an-beijing02.doto.ojiyvn-ina.aon.aliyun-inc.com, DNS:quick-note.quark.cn, DNS:hulk.dianwoda.cn, DNS:svrvey.taobao.com, DNS:gre-bgns.ojibobo-ina.aon.alibaba-inc.com, DNS:survey.aliyun.com, DNS:iajovdbridge.taobao.com, DNS:api-th.lazada-seller.cn, DNS:10.tmall.com, DNS:quark.aliyun.com, DNS:linkgn-de-internal.cainiao-inc.com, DNS:shog1396630962861.1688.com, DNS:tesla-server.alibaba.net, DNS:nneto.ojibobo-ina.aon.alibaba-inc.com, DNS:serverjess.og-sovtheost-1.aliyuncs.com, DNS:iot-cnne.cainiao.com, DNS:member-m.lazada.sg, DNS:www.zakelijk.saee.org.cn, DNS:teamix.alibaba-inc.com, DNS:data-portal.lydaas.com, DNS:noijhejg.ojibobo-ina.aon.alibaba-inc.com, DNS:fether.n.ojibobo-ina.aon.alibaba-inc.com, DNS:face-paimai.aliyun.com, DNS:e.ojiyvn-ina.aon.aliyun-inc.com, DNS:godstines.1688.com, DNS:ok-an-hongzhov-shore.ojiyvn-ina.aon.aliyun-inc.com, DNS:yhnkdj.1688.com, DNS:qjdz001.1688.com, DNS:poimerge.aliyun.com, DNS:10086hb.aliyun.com, DNS:xiongqing.donggv.taobao.com, DNS:tb-notifiaotion.oone.ojibobo-ina.aon.alibaba-inc.com, DNS:eois-notebook.doto.aliyun.com, DNS:devogs.aliyun.com, DNS:zscenter.taobao.com, DNS:jbjyts.aliyun.com, DNS:pkfcth.aliwork.com, DNS:sunfire.sto.cn, DNS:gcp.lazada.com, DNS:shog1s893824f6185.1688.com, DNS:shog36388902.taobao.com
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                Policy: 2.23.140.1.2.2
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a5:5d:38:99:a9:f4:3d:17:5a:7a:4e:a2:f8:4c:19:37:4b:1e:
        27:7b:d7:51:09:d4:0b:bd:9d:e1:4b:8a:05:8d:72:60:e6:83:
        2f:6e:00:8c:34:a5:7a:02:f5:a3:da:ae:c8:ca:36:7f:9a:a2:
        51:33:e3:d8:8a:a7:d4:8a:91:fb:ea:de:f5:7b:79:5a:42:fa:
        4a:52:f3:89:4e:0c:de:61:6c:67:c2:03:61:4e:81:74:d6:28:
        86:e3:30:b1:ba:1c:96:6d:77:3b:47:44:9c:d7:8e:92:e7:16:
        c0:5d:3e:b0:6a:c7:c4:6b:56:d9:41:a0:d2:86:89:08:52:a5:
        2b:56:2e:67:a5:a5:84:dd:b7:ce:84:50:aa:6b:ea:c7:0c:05:
        00:0a:25:91:76:98:aa:56:24:a9:5f:fc:3e:32:d5:c7:4c:7b:
        63:61:ad:d0:c3:8e:2c:91:2f:4a:9f:94:29:39:e2:cf:5f:ca:
        c3:4b:16:4d:f2:20:7c:aa:27:83:c7:e0:dd:2d:77:4a:c8:ec:
        48:2d:e5:53:56:42:e5:d4:f0:f7:1b:8b:0e:bd:b1:d2:f3:37:
        44:a4:74:94:bb:c9:cc:5e:0f:c2:18:6f:e3:4c:42:33:f8:84:
        cf:f4:14:98:79:4e:6e:6e:4d:c8:cd:62:60:24:06:41:ea:80:
        7b:dc:1c:09

632542934 | 2024-05-01T20:36:00.365415

9530 / tcp

\x0f\x00\x02\x00\x05\x00\r\x00\x00\x00\x00\x00\x01\x00\x00\x00\n0\x00

1072892569 | 2024-04-15T00:07:45.613820

9595 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

1690634669 | 2024-04-30T19:08:48.486033

9633 / tcp

921225407 | 2024-04-16T10:01:32.095923

9704 / tcp

\x00\x00\x00\x04\x00\x00\x00\x00\x00

1761482307 | 2024-04-13T04:16:28.158784

9743 / tcp

\x00[\xc2\xa5\t\xc2\xbe\x7f\x00\x00

-249504111 | 2024-05-04T16:55:46.825793

9761 / tcp

\x00[xU-\x7f\x00\x00

1286504516 | 2024-04-29T13:11:34.425292

9800 / tcp

CP2E Control Console
Connected to Host: gZI

-255236012 | 2024-04-18T08:53:11.763087

9876 / tcp

HTTP/1.1 302
X-Frame-Options: SAMEORIGIN

-659335736 | 2024-04-24T21:55:49.529169

9943 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae2864_xyd119_11675-57009

165188539 | 2024-04-27T05:58:09.509689

9992 / tcp

\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x05\x00\x00@\x00

1208318993 | 2024-04-13T06:54:10.164088

9993 / tcp

\x01\x00\x0b\x00\x00\x00=\x00\x01\x00\x00\x00\x00\x00\xc3\x80\x06\xc3\xbf\xc3\xbf?"<Z\x00DECWINDOWS Digital Equipment Corporation Digital UNIX V2eT03T7w_Q6\x00\x00\x01\x01

51259122 | 2024-04-29T14:12:45.095761

9994 / tcp

\r\nCP2E Control Console\r\nConnected to Host: gZI\r\n

-1476017887 | 2024-04-12T04:21:06.838588

9997 / tcp

N\x00\x00\x00\n5.6.40-log\x00\xc3\x85\x00\x00\x00TUNEgVX2\x00\x0c\n\xc2\xa2!\x02\x00\x08\x00\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00xlB...\n

-1223770960 | 2024-04-20T06:55:02.090884

9998 / tcp

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: text/html
Connection: close
x-ws-request-id: 65ae28e5_PS-PEK-01Whk40_31773-63705

1161309183 | 2024-04-28T12:31:12.543537

9999 / tcp

ProxyServer is ready

819727972 | 2024-05-03T05:11:23.557711

10000 / tcp

SSH-2.0-OpenSSH_7.4

1492413928 | 2024-05-01T20:05:28.407777

10001 / tcp

SSH-2.0-OpenSSH_7.5

-1810987450 | 2024-04-30T02:15:04.108963

10134 / tcp

\xc3\xbf

410249975 | 2024-05-05T17:37:04.900749

10250 / tcp

LNS READY<>

-801484042 | 2024-04-21T20:39:18.056466

10443 / tcp

ERR 27

539065883 | 2024-04-17T03:37:26.883210

10554 / tcp

1911457608 | 2024-05-05T12:52:43.735151

10909 / tcp

\x00[\x00\x00\x00\x00\x00\x00

-1026951088 | 2024-04-29T02:09:44.617136

11000 / tcp

erro ip

-2089734047 | 2024-04-17T23:08:05.202763

11112 / tcp

\x02\t\x00\x01\x00\x00\x00\x00\x00\x00

-1399940268 | 2024-04-10T23:41:32.689607

11210 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-136006866 | 2024-05-04T03:24:31.337549

11211 / tcp

STAT pid 1660\nSTAT uptime 28884\nSTAT time 1641290377\nSTAT version 1.2.1\nSTAT pointer_size 32\nSTAT curr_items 14\nSTAT total_items 3533\nSTAT bytes 30524\nSTAT curr_connections 1\nSTAT total_connections 3542\nSTAT connection_structures 3\nSTAT cmd_get 3533\nSTAT cmd_set 3533\nSTAT get_hits 3519\nSTAT get_misses 14\nSTAT bytes_read 7927780\nSTAT bytes_written 7848552\nSTAT limit_maxbytes 67108864\nEND

1134517380 | 2024-04-20T14:38:12.985200

11300 / tcp

welcome to Pandora console!\r\n----------------------------\n-------------------------\n|     Login Time     |     2021-12-08 1...\n

-1461540015 | 2024-05-06T10:38:06.071660

12000 / tcp

audio 0 RTP/AVP 18 4 3 8 0 101
a

296364507 | 2024-05-03T21:08:20.747472

12345 / tcp

HTTP/1.1 500 Internal Server Error
SERVER: Trend Chip UPnP/1.0 DMS
CONNECTION: close
CONTENT-LENGTH: 60
CONTENT-TYPE: text/html

89282912 | 2024-04-19T22:16:39.029962

13579 / tcp

220 VMware Authentication Daemon Version 1.0, ServerDaemonProto
col:SOAP, MKSDisplayProtocol:VNC , ,

-1399940268 | 2024-04-30T14:18:49.552736

14147 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1838060081 | 2024-04-26T22:47:00.370577

14265 / tcp

unknown command

-1795027372 | 2024-05-06T08:26:50.730181

14344 / tcp

\xc3\xbf\xc3\xbd"\r\nLinuxNode v06953 (ggfks)\r\n\r\nlogin:

-1118605404 | 2024-05-04T03:13:29.127338

16992 / tcp

220 barracuda.dhc.com.cn ESMTP (0985ecb3f26d489aa5d50a88583d05e6)

-319440554 | 2024-05-03T03:51:57.118586

16993 / tcp

-1810987450 | 2024-04-22T07:54:14.063541

17000 / tcp

\xc3\xbf

-1036370807 | 2024-04-24T12:26:09.674538

18081 / tcp

JDWP-Handshake

-805362002 | 2024-04-30T02:02:20.581342

18245 / tcp

ICAP/1.0 501 Other
Server: Traffic Spicer 7788179225

539065883 | 2024-04-08T18:19:43.999008

18553 / tcp

1900503736 | 2024-05-05T22:48:56.296369

20000 / tcp

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-HTTPAPI/2.0

1911457608 | 2024-05-06T13:32:34.507593

20256 / tcp

\x00[\x00\x00\x00\x00\x00\x00

1077013874 | 2024-05-03T04:13:50.320325

20547 / tcp

HTTP/1.1 400 Bad Request
Server: squid/3.5.8
Mime-Version: 1.0
Content-Length: 3510
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from p1
Via: 1.1 p1 (squid/3.5.8)
Connection: close

422524323 | 2024-05-03T04:29:07.419820

21025 / tcp

{
"Version": "3.4.18",
"VersionArray": [
3,
4,
18,
0
],
"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",
"OpenSSLVersion": "",
"SysInfo": "",
"Bits": 64,
"Debug": false,
"MaxObjectSize": 16777216
}

-784071826 | 2024-05-04T17:46:38.988238

21379 / tcp

SSH-2.0-OpenSSH_8.0

1082732927 | 2024-04-18T02:23:50.315020

23023 / tcp

STAT pid 1660
STAT uptime 28884
STAT time 1641290377
STAT version 1.2.1
STAT pointer_size 32
STAT curr_items 14
STAT total_items 3533
STAT bytes 30524
STAT curr_connections 1
STAT total_connections 3542
STAT connection_structures 3
STAT cmd_get 3533
STAT cmd_set 3533
STAT get_hits 3519
STAT get_misses 14
STAT bytes_read 7927780
STAT bytes_written 7848552
STAT limit_maxbytes 67108864
END

-1399940268 | 2024-04-30T06:55:52.249677

25001 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

1161211798 | 2024-04-27T14:23:42.175985

27015 / tcp

Command: None
Size: 68288512
ID: 0
Type: 2130903040

1763259671 | 2024-05-06T09:43:49.916173

27017 / tcp

{\n"Version": "3.4.18",\n"VersionArray": [\n3,\n4,\n18,\n0\n],\n"GitVersion": "4410706bef6463369ea2f42399e9843903b31923",\n"OpenSSLVersion": "",\n"SysInfo": "",\n"Bits": 64,\n"Debug": false,\n"MaxObjectSize": 16777216\n}\n\n

493955023 | 2024-04-17T03:59:42.077057

28015 / tcp

\x00\x00\x0c\x04\x00\x00\x00\x00\x00\x00\x04\x00\x10\x00\x00\x00\n0\x05\x00\x00@\x00

-445721795 | 2024-05-02T01:44:12.226837

28080 / tcp

\x00[\xc3\xaed\x1a\x7f\x00\x00

-1441741890 | 2024-04-22T21:29:23.986377

28107 / tcp

220 corpease.net Anti-spam GT for Coremail System (icmhosting[2
0181212])

-1681927087 | 2024-05-05T12:38:41.604081

30002 / tcp

kjnkjabhbanc283ubcsbhdc72

171352214 | 2024-05-03T21:15:42.379515

30003 / tcp

-ERR client ip is not in whitelist

-147424911 | 2024-04-11T06:51:32.338665

31337 / tcp

HTTP/1.1 404 Not Found
Content Length: 0

550048729 | 2024-05-02T21:59:49.399255

32400 / tcp

ÿÿÿ
0 ...

-1733645023 | 2024-04-30T15:20:20.694959

32764 / tcp

SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10

1282941221 | 2024-04-13T10:34:08.544135

33060 / tcp

HTTP/1.0 500 Internal Server Error
Content-Length: 20
D
Connection: close

Command server error

-1036370807 | 2024-04-28T19:18:54.767440

35000 / tcp

JDWP-Handshake

-1248408558 | 2024-04-09T05:41:28.576670

37777 / tcp

220 MikroTik FTP server (MikroTik 6.44.3) ready

-1399940268 | 2024-04-29T09:13:36.306999

41800 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-433302150 | 2024-04-29T12:51:16.763448

44158 / tcp

/multistream/1.0.0

-1730858130 | 2024-04-26T21:19:48.129021

44818 / tcp

RFB 003.008
VNC:
  Protocol Version: 3.8

-358801646 | 2024-04-25T15:26:16.619574

47990 / tcp

SSH-2.0-OpenSSH_6.6.1

1758994290 | 2024-04-24T04:09:02.047158

49152 / tcp

HTTP/1.1 500 Internal Server Error
CONTENT-LENGTH: 411
CONTENT-TYPE: text/xml; charset="utf-8"
DATE: Mon, 22 Jan 2024 14:56:01 GMT
EXT:
SERVER: Linux/3.10.0, UPnP/1.0, Portable SDK for UPnP devices/1.6.18
X-User-Agent: redsonic

-314039103 | 2024-05-05T04:14:09.340921

49153 / tcp

Surnom.
Sorry, that nickname format is invalid.

-786044033 | 2024-04-25T17:30:42.440585

50000 / tcp

OK Welcome <299685> on DirectUpdate server 7286

1632932802 | 2024-04-28T14:46:23.338873

50100 / tcp

-1327660293 | 2024-05-03T21:23:40.005769

51235 / tcp

ceph v2\n\x10\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00\x00\x00\x00

-441419608 | 2024-04-22T13:35:51.420435

54138 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

2103111368 | 2024-04-09T18:17:39.184173

55000 / tcp

HTTP/1.0 403 Access denied
Server: tinyproxy/1.8.3
0AContent-Type: text/html
Connection: close

<?...

-971970408 | 2024-04-18T11:34:09.412692

55443 / tcp

-971970408 | 2024-05-04T12:55:59.774929

55553 / tcp

819727972 | 2024-04-26T01:17:39.720329

55554 / tcp

SSH-2.0-OpenSSH_7.4

-1111515360 | 2024-04-28T04:43:34.031971

60030 / tcp

remshd: Kerberos Authentication not enabled.

1842524259 | 2024-05-03T13:22:32.048347

60129 / tcp

-1399940268 | 2024-04-25T20:06:48.646556

61613 / tcp

kjnkjabhbanc283ubcsbhdc72\x00\x00\x00\x02

-1136600457 | 2024-05-03T20:45:59.042304

61616 / tcp

HELO:10.3.6.0.false
AS:2048
HL:19

980478633 | 2024-04-09T10:50:55.050556

62078 / tcp

rry, that nickname format is invalid.

-2096652808 | 2024-05-03T07:22:51.650753

65522 / tcp

\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x7f\xc3\xbf\xc3\xbf\xc3\xbf\x00\n0\x04\x00\x10\x00\x00\x00\x06\x00\x00 \x00\x00\x00\x04\x08\x00\x00\x00...\n

8.134.16.105

Last Seen: 2024-05-06

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

2087396567 | 2024-04-16T13:30:50.096373 11 / tcp

-1835577706 | 2024-04-24T04:44:27.173068 13 / tcp

134472555 | 2024-04-30T22:42:41.635846 17 / tcp

676476721 | 2024-04-25T11:19:27.245392 19 / tcp

-1816600103 | 2024-04-15T09:34:17.449064 23 / tcp

-1189269828 | 2024-05-05T01:59:20.889221 25 / tcp

639175818 | 2024-04-14T19:28:33.477021 26 / tcp

-68075478 | 2024-04-17T12:13:26.305162 43 / tcp

1685693176 | 2024-04-22T14:36:33.227697 49 / tcp

-42462918 | 2024-04-29T20:39:25.624447 53 / tcp

1738069263 | 2024-04-25T08:04:52.191346 70 / tcp

-746345752 | 2024-04-30T13:08:23.534309 79 / tcp

-504975533 | 2024-05-05T11:56:58.528874 80 / tcp

233634112 | 2024-04-15T04:46:40.671363 81 / tcp

808560482 | 2024-04-11T16:01:32.411617 83 / tcp

-1729629024 | 2024-04-23T21:48:23.470357 84 / tcp

1948301213 | 2024-05-05T00:54:23.436812 102 / tcp

-1399940268 | 2024-05-03T17:25:24.635007 104 / tcp

1911457608 | 2024-05-05T10:37:07.385192 110 / tcp

-2017887953 | 2024-04-24T19:26:58.769748 111 / tcp

-1713467553 | 2024-04-30T19:53:59.623455 113 / tcp

141730637 | 2024-04-25T07:45:17.607000 119 / tcp

-1327660293 | 2024-04-24T02:09:28.962879 122 / tcp

1141948216 | 2024-05-03T05:59:19.429962 135 / tcp

-52803170 | 2024-04-08T15:52:44.867588 139 / tcp

-398621179 | 2024-05-03T11:09:56.123470 143 / tcp

1134517380 | 2024-04-18T12:11:14.524086 154 / tcp

-1399940268 | 2024-05-06T08:15:31.459854 175 / tcp

-399606100 | 2024-05-05T19:19:04.502485 179 / tcp

-1559123399 | 2024-05-04T16:28:28.881257 195 / tcp

-2089734047 | 2024-05-06T06:32:29.227161 221 / tcp

1672388472 | 2024-04-26T19:49:22.533958 264 / tcp

1975288991 | 2024-04-23T22:36:08.496402 311 / tcp

-1639129386 | 2024-05-02T13:35:00.144752 389 / tcp

-661950041 | 2024-05-04T22:36:25.263991 427 / tcp

1778226997 | 2024-05-06T11:41:29.916977 443 / tcp

-1369334533 | 2024-04-22T09:12:34.990729 444 / tcp

1911457608 | 2024-04-25T02:51:37.428529 447 / tcp

-1835475271 | 2024-04-19T20:37:25.678439 448 / tcp

897328069 | 2024-05-04T06:37:43.830342 465 / tcp

1911457608 | 2024-04-28T22:09:45.737093 502 / tcp

1278527606 | 2024-04-22T02:01:48.629526 503 / tcp

1077013874 | 2024-04-25T21:13:20.228122 515 / tcp

1801869778 | 2024-04-29T13:15:39.617097 548 / tcp

1060450357 | 2024-04-21T02:25:03.455144 554 / tcp

1308377066 | 2024-05-02T09:57:34.702335 593 / tcp

233634112 | 2024-05-03T18:27:59.415233 631 / tcp

1255568492 | 2024-04-29T05:40:18.336309 636 / tcp

-2057351484 | 2024-04-29T08:40:25.270013 646 / tcp

1996932384 | 2024-05-05T04:55:20.759883 771 / tcp

-1059554316 | 2024-04-25T06:14:42.898702 772 / tcp

1308377066 | 2024-04-24T17:09:32.355758 789 / tcp

-1970692834 | 2024-05-04T06:47:44.550402 873 / tcp

-1256415508 | 2024-04-18T13:33:00.112137 880 / tcp

1956828827 | 2024-04-24T17:37:54.455173 902 / tcp

-1835475271 | 2024-05-02T15:55:44.349406 992 / tcp

321971019 | 2024-04-24T01:39:12.379756 993 / tcp

1685649979 | 2024-05-03T06:02:09.096442 995 / tcp

841014058 | 2024-04-19T07:44:11.836288 1023 / tcp

550048729 | 2024-04-27T12:23:48.872334 1024 / tcp

2063598737 | 2024-05-05T10:35:01.822641 1025 / tcp

-1547976805 | 2024-05-05T08:09:17.346891 1119 / tcp

819727972 | 2024-05-05T07:38:55.079932 1153 / tcp

1308377066 | 2024-04-17T21:17:42.720353 1167 / tcp

472902042 | 2024-04-25T17:15:16.431955 1200 / tcp

-1327660293 | 2024-04-25T11:56:42.462443 1234 / tcp

751496153 | 2024-04-14T03:22:03.929427 1311 / tcp

474736340 | 2024-05-04T21:48:27.705330 1337 / tcp

637263328 | 2024-04-28T13:56:56.336422 1433 / tcp

-1636685759 | 2024-04-29T02:18:42.083537 1500 / tcp

-1881409212 | 2024-04-23T20:53:39.911081 1515 / tcp

1869192275 | 2024-04-19T12:05:30.623142 1521 / tcp

2087396567 | 2024-04-17T03:48:24.526290 1599 / tcp

2087396567 | 2024-04-16T13:30:50.096373
11 / tcp

-1835577706 | 2024-04-24T04:44:27.173068
13 / tcp

134472555 | 2024-04-30T22:42:41.635846
17 / tcp

676476721 | 2024-04-25T11:19:27.245392
19 / tcp

-1816600103 | 2024-04-15T09:34:17.449064
23 / tcp

-1189269828 | 2024-05-05T01:59:20.889221
25 / tcp

639175818 | 2024-04-14T19:28:33.477021
26 / tcp

-68075478 | 2024-04-17T12:13:26.305162
43 / tcp

1685693176 | 2024-04-22T14:36:33.227697
49 / tcp

-42462918 | 2024-04-29T20:39:25.624447
53 / tcp

1738069263 | 2024-04-25T08:04:52.191346
70 / tcp

-746345752 | 2024-04-30T13:08:23.534309
79 / tcp

-504975533 | 2024-05-05T11:56:58.528874
80 / tcp

233634112 | 2024-04-15T04:46:40.671363
81 / tcp

808560482 | 2024-04-11T16:01:32.411617
83 / tcp

-1729629024 | 2024-04-23T21:48:23.470357
84 / tcp

1948301213 | 2024-05-05T00:54:23.436812
102 / tcp

-1399940268 | 2024-05-03T17:25:24.635007
104 / tcp

1911457608 | 2024-05-05T10:37:07.385192
110 / tcp

-2017887953 | 2024-04-24T19:26:58.769748
111 / tcp

-1713467553 | 2024-04-30T19:53:59.623455
113 / tcp

141730637 | 2024-04-25T07:45:17.607000
119 / tcp

-1327660293 | 2024-04-24T02:09:28.962879
122 / tcp

1141948216 | 2024-05-03T05:59:19.429962
135 / tcp

-52803170 | 2024-04-08T15:52:44.867588
139 / tcp

-398621179 | 2024-05-03T11:09:56.123470
143 / tcp

1134517380 | 2024-04-18T12:11:14.524086
154 / tcp

-1399940268 | 2024-05-06T08:15:31.459854
175 / tcp

-399606100 | 2024-05-05T19:19:04.502485
179 / tcp

-1559123399 | 2024-05-04T16:28:28.881257
195 / tcp

-2089734047 | 2024-05-06T06:32:29.227161
221 / tcp

1672388472 | 2024-04-26T19:49:22.533958
264 / tcp

1975288991 | 2024-04-23T22:36:08.496402
311 / tcp

-1639129386 | 2024-05-02T13:35:00.144752
389 / tcp

-661950041 | 2024-05-04T22:36:25.263991
427 / tcp

1778226997 | 2024-05-06T11:41:29.916977
443 / tcp

-1369334533 | 2024-04-22T09:12:34.990729
444 / tcp

1911457608 | 2024-04-25T02:51:37.428529
447 / tcp

-1835475271 | 2024-04-19T20:37:25.678439
448 / tcp

897328069 | 2024-05-04T06:37:43.830342
465 / tcp

1911457608 | 2024-04-28T22:09:45.737093
502 / tcp

1278527606 | 2024-04-22T02:01:48.629526
503 / tcp

1077013874 | 2024-04-25T21:13:20.228122
515 / tcp

1801869778 | 2024-04-29T13:15:39.617097
548 / tcp

1060450357 | 2024-04-21T02:25:03.455144
554 / tcp

1308377066 | 2024-05-02T09:57:34.702335
593 / tcp

233634112 | 2024-05-03T18:27:59.415233
631 / tcp

1255568492 | 2024-04-29T05:40:18.336309
636 / tcp

-2057351484 | 2024-04-29T08:40:25.270013
646 / tcp

1996932384 | 2024-05-05T04:55:20.759883
771 / tcp

-1059554316 | 2024-04-25T06:14:42.898702
772 / tcp

1308377066 | 2024-04-24T17:09:32.355758
789 / tcp

-1970692834 | 2024-05-04T06:47:44.550402
873 / tcp

-1256415508 | 2024-04-18T13:33:00.112137
880 / tcp

1956828827 | 2024-04-24T17:37:54.455173
902 / tcp

-1835475271 | 2024-05-02T15:55:44.349406
992 / tcp

321971019 | 2024-04-24T01:39:12.379756
993 / tcp

1685649979 | 2024-05-03T06:02:09.096442
995 / tcp

841014058 | 2024-04-19T07:44:11.836288
1023 / tcp

550048729 | 2024-04-27T12:23:48.872334
1024 / tcp

2063598737 | 2024-05-05T10:35:01.822641
1025 / tcp

-1547976805 | 2024-05-05T08:09:17.346891
1119 / tcp

819727972 | 2024-05-05T07:38:55.079932
1153 / tcp

1308377066 | 2024-04-17T21:17:42.720353
1167 / tcp

472902042 | 2024-04-25T17:15:16.431955
1200 / tcp

-1327660293 | 2024-04-25T11:56:42.462443
1234 / tcp

751496153 | 2024-04-14T03:22:03.929427
1311 / tcp

474736340 | 2024-05-04T21:48:27.705330
1337 / tcp

637263328 | 2024-04-28T13:56:56.336422
1433 / tcp

-1636685759 | 2024-04-29T02:18:42.083537
1500 / tcp

-1881409212 | 2024-04-23T20:53:39.911081
1515 / tcp

1869192275 | 2024-04-19T12:05:30.623142
1521 / tcp

2087396567 | 2024-04-17T03:48:24.526290
1599 / tcp

171352214 | 2024-05-02T22:45:18.575682
1604 / tcp

1103582599 | 2024-04-24T11:15:31.322908
1723 / tcp

-805362002 | 2024-04-17T18:49:42.219795
1741 / tcp

-2089734047 | 2024-05-02T13:58:12.607206
1800 / tcp

-1299899661 | 2024-04-28T17:18:39.288200
1801 / tcp

-2096652808 | 2024-04-29T16:00:07.217755
1883 / tcp

1632932802 | 2024-05-01T09:13:16.202394
1911 / tcp