Cyber Defense Search Engine

datascan ctl threatlist sniffer vulnscan riskscan

1
2
3
4
...
next >

IP
102.134.56.39

Network
102.134.56.0/22

Domain(s)
imidc.com

Device

<enterprise field>: device.class

URL

http://102.134.56.39:16992/ 200

Reverse DNS
unknown.imidc.com

ASN
AS328543

Organization
sun-asn

Protocol
http

Source
datascan
Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
d6e9a4d3e7ff5c8482a7dfb181f24fbb

HTTP Header MD5
db929ee95f62f99728d840d6c0c11e00

HTTP Body MD5
e10c23498f9c639e27f50f4978f01802

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 07 Nov 2024 03:23:14 GMT
Content-Type: text/html
Content-Length: 1099
Last-Modified: Sun, 03 Nov 2024 06:18:12 GMT
Connection: close
Vary: Accept-Encoding
ETag: "672715a4-44b"
Accept-Ranges: bytes

<!DOCTYPE html>
<html>
<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="renderer" content="webkit|ie-comp|ie-stand">
    <meta http-equiv="X-UA-Compatible" content="IE =edge,chrome =1" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no, minimum-scale=1.0, maximum-scale=1.0">
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title></title>
</head>
<body>
    <script type="text/javascript">
    window._MICHAT = window._MICHAT || function () { (_MICHAT.a = _MICHAT.a || []).push(arguments) };
    _MICHAT("cptid", "cb8e62a4e958");
    _MICHAT("host", "asd.yepqpo.cn");
    (function (m, d, q, j, s) {
        j = d.createElement(q),s = d.getElementsByTagName(q)[0];
        j.async = true;
        j.charset ="UTF-8";
        j.src = ("https:" == document.location.protocol ? "https://" : "http://") + "asd.yepqpo.cn/Web/js/loader.js";
        s.parentNode.insertBefore(j, s);
    })(window, document, "script");
    </script>
    </body >
  </html >

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:23:14.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "e10c23498f9c639e27f50f4978f01802",
         "bodymmh3" : 1676455977,
         "header" : [
            {
               "value" : "Sun, 03 Nov 2024 06:18:12 GMT",
               "name" : "Last-Modified"
            },
            {
               "name" : "ETag",
               "value" : "672715a4-44b"
            }
         ],
         "headermd5" : "db929ee95f62f99728d840d6c0c11e00",
         "headermmh3" : 1294536046
      },
      "length" : 1349
   },
   "asn" : "AS328543",
   "country" : "ZA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 03:23:14 GMT\r\nContent-Type: text/html\r\nContent-Length: 1099\r\nLast-Modified: Sun, 03 Nov 2024 06:18:12 GMT\r\nConnection: close\r\nVary: Accept-Encoding\r\nETag: \"672715a4-44b\"\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n    <meta charset=\"utf-8\">\r\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\r\n    <meta name=\"renderer\" content=\"webkit|ie-comp|ie-stand\">\r\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE =edge,chrome =1\" />\r\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0, user-scalable=no, minimum-scale=1.0, maximum-scale=1.0\">\r\n    <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\r\n    <title></title>\n</head>\n<body>\n    <script type=\"text/javascript\">\r\n    window._MICHAT = window._MICHAT || function () { (_MICHAT.a = _MICHAT.a || []).push(arguments) };\r\n    _MICHAT(\"cptid\", \"cb8e62a4e958\");\r\n    _MICHAT(\"host\", \"asd.yepqpo.cn\");\r\n    (function (m, d, q, j, s) {\r\n        j = d.createElement(q),s = d.getElementsByTagName(q)[0];\r\n        j.async = true;\r\n        j.charset =\"UTF-8\";\r\n        j.src = (\"https:\" == document.location.protocol ? \"https://\" : \"http://\") + \"asd.yepqpo.cn/Web/js/loader.js\";\r\n        s.parentNode.insertBefore(j, s);\r\n    })(window, document, \"script\");\r\n    </script>\n    </body >\n  </html >",
   "datamd5" : "d6e9a4d3e7ff5c8482a7dfb181f24fbb",
   "datammh3" : -1152390401,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "imidc.com"
   ],
   "geolocus" : {
      "asn" : "AS40065",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "ZA",
      "countryname" : "South Africa",
      "domain" : [
         "gmail.com",
         "imidc.com",
         "naaficorp.co.za"
      ],
      "isineu" : "false",
      "latitude" : "-30.559482",
      "location" : "-30.559482,22.937506",
      "longitude" : "22.937506",
      "netname" : "SUN-NETWORK-COMPANY-NET2",
      "organization" : "Enterprise network",
      "subnet" : "102.134.56.0/23"
   },
   "host" : [
      "unknown"
   ],
   "hostname" : [
      "unknown.imidc.com"
   ],
   "ip" : "102.134.56.39",
   "ipv6" : "false",
   "latitude" : "-28.9984",
   "location" : "-28.9984,23.9888",
   "longitude" : "23.9888",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "sun-asn",
   "port" : 16992,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "unknown.imidc.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "102.134.56.0/22",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
47.92.248.86

Network
47.92.0.0/14

Device

<enterprise field>: device.class

Operating System
Linux Linux sUse

URL

http://47.92.248.86:16992/ 200

HTTP Title
Broadband Router

HTTP Keyword(s)
voip vos3000

HTTP Copyright
www.linknat.com, 昆石网络

ASN
AS37963

Organization
Hangzhou Alibaba Advertising Co.,Ltd.

Protocol
http

Source
datascan
Operating System
Linux Linux sUse

HTTP Component(s)
Oracle Java MobileIron Core Atlassian Confluence Jenkins Jenkins 2.121.3 SPIP SPIP 4.1.11 Microsoft ASP.NET 4.0.30319 Gitlab Gitlab Drupal Drupal 8

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
4267feb2a54b55977f76532dfce2d451

HTTP Header MD5
9b6d56dcb77b8bd35fe946ac322288ba

HTTP Body MD5
24d360b9e53bfc327a165e8c23debda3

HTTP/1.1 200 OK
Composed-By: SPIP 4.1.11 @ www.spip.net
Content-Length: 105433
Content-Type: text/html;charset=utf-8
Last-Modified: Fri, 29 Jul 2022 16:53:01 GMT
Loginip: <srcip>
Nel: {'report_to': 'network-errors', 'max_age': 2592000, 'failure_fraction': 0.01, 'success_fraction': 0.0001}
Pragma: private
Proxy-Authenticate: Basic realm="Tinyproxy"
Server: Restlet-Framework/3.0m1
Set-Cookie: SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;
Set-Cookie: akaunting_session=7b22; Path=/;
Set-Cookie: JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;
Set-Cookie: CLIENT_ID=7214
Set-Cookie: zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly
Set-Cookie: samlPreauthSessionHash=; path=/; secure;
Set-Cookie: id=A67B8F9C;
Set-Cookie: session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax
Set-Cookie: adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;
Set-Cookie: SESSID=22363a2bf; path=/;
Set-Cookie: RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;
Set-Cookie: webvpn_as=; path=/; secure;
Set-Cookie: sesskey=21263a2bf; path=/;
Set-Cookie: ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly
Set-Cookie: _zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;
Set-Cookie: sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;
Set-Cookie: swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs=; path=/; secure; HttpOnly;
Set-Cookie: acSamlv2Token=; path=/; secure;
X-Akaunting: Free Accounting Software
X-Alternate-Cache-Key: cacheable:ba92b39be043e3c90d2fd075057dd3e5
X-Aspnet-Version: 4.0.30319
X-Cache: miss
X-Cache-Lookup: MISS from Hello:8080
X-Content-Powered-By: K2 v2.8.0 (by JoomlaWor
X-Content-Type-Options: nosniff
X-Dc: gcp-us-east1,gcp-us-central1,gcp-us-central1
X-Drupal-Cache: HIT
X-Drupal-Dynamic-Cache: MISS
X-Frame-Options: SAMEORIGIN
X-Generator: Drupal 8 (https://www.drupal.org)
X-Hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Jenkins: 2.121.3
X-Jenkins-Session: f72d6619
X-Page-Speed: 1.13.35.2-0
X-Src-Webcache: fe05
X-Xss-Protection: 1; mode=block
Date: Thu, 07 Nov 2024 03:22:56 GMT
Connection: close

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta http-equiv="Pragma" content="no-cache" />
<meta charset="utf-8">
<meta content="IE=edge" http-equiv="X-UA-Compatible">
<meta content="object" property="og:type">
<meta content="GitLab" property="og:site_name">
<meta content="Help" property="og:title">
<meta content="GitLab Community Edition" property="og:description">
<meta content="summary" property="twitter:card">
<meta content="Help" property="twitter:title">
<meta content="GitLab Community Edition" property="twitter:description">
<meta content="GitLab Community Edition" name="description">
<meta content="#474D57" name="theme-color">
<meta content="#30353E" name="msapplication-TileColor">
<meta name="csrf-param" content="authenticity_token" />
<meta name="csrf-token" content="8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e0cb6ed03ba384e2fac23e0d==" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta http-equiv="expires" content="-1"/>
<meta name="keywords" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/>
<meta name="author" content="www.linknat.com, 昆石网络"/>
<meta name="copyright" content="www.linknat.com, 昆石网络"/>
<meta name="generator" content="SPIP 4.1.11" />
<script src="/jquery.min.js"></script> 
<title>Broadband Router</title>
</head>
<body>
<div style="display: none;">
<script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"THtoAUxH4sS9","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script>
<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last="1">fritzr</User></Users></SessionInfo>
<Account>
<Entry0 Active="Yes" username="CMCCAdmin" web_passwd="CmcC4dm1n5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry1 Active="Yes" username="useradmin" web_passwd="Gu4ngx1pd5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry2 Active="Yes" username="CUAdmin"   web_passwd="CUAdmin5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<TelnetEntry Active="Yes" telnet_username="Admin" telnet_passwd="cxx4dm1n5591" telnet_port="23"/>
<FtpEntry Active="Yes" ftp_right="1" ftp_auth="1" ftp_username="Admin" ftp_passwd="cxx4dm1n5591" ftp_port="21" />
<SambaEntry Active="Yes" smb_right="1" smb_auth="1" smb_username="Admin" smb_passwd="cxx4dm1n5591" />
<ConsoleEntry Active="Yes" console_username="Admin" console_passwd="cxx4dm1n5591"/>
<CTDefParaEntry setDefValueFlag="1" />
</Account>
<div>8.5.5 (Build:20200530.307-TEMP)</div>
<span class="greyNote version"><span class="vWord">Version</span> 2023.11.3 (build 147512)</span>
<h1>Logged in as <strong>admin</strong></h1><input type="hidden" name="csrfmiddlewaretoken" value="e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y"><textarea id="3revi" name="revi" rows="4" cols="50">server1 Ubuntu 22.04 LTS</textarea>
<ca status="disabled" href="/+CSCOCA+/login.html" />
<form action="/login/vpnSdef" enctype="multipart/form-data" method="post" name="login">
    <div data-user="root" data-module="package-updates"></div>
    <code>The zip file did not contain an entry exportDescriptor.properties</code>
    <span class="form-hidden"><input name="page" value="login" type="hidden"/><input name="formulaire_action" type="hidden" value="login" /><input name="formulaire_action_args" type="hidden" value="dzdNV0MzUGFDV0NHemR6bWorekNEWHY=" /><input name="formulaire_action_sign" type="hidden" value="" /></span>
    <message>Please enter your username and password.</message>
    <input name="formid" type="hidden" value="012afed" />
    <input name="javax.faces.ViewState" type="hidden" value="012afed" />
    <input name="queryString" type="hidden" value="1406192" />
    <div class="versionInfo">The Cacti Group Version 1.2.25</div>
    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>
    <input type="hidden" name="token" value="0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec">
    <input type='hidden' name='__csrf_magic' value="key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654" />
    <input type="hidden" name="tokenid"  value="1804289383" >
    <input type="hidden" name="name"  value="1804289383" >
    <input type="hidden" name="csrfKey" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="hidden" name="csrf_token" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" name="ref" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="username_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="password_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="csrf" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="xd_check" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="give-form-id" name="give-form-id" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" id="give-form-hash" name="give-form-hash" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="text" name="username" label="Username:" value="admin" />
    <input type="password" name="password" label="Password:" value="123456" />
    <input type="hidden" name="tgroup" value="DefaultADMINGroup" />
    <input type="submit" name="Login" value="Login" />
    <input type="reset" name="Clear" value="Clear" />
</form>
<input type="hidden" value="Maintain/cloud_index.php" id="cloud_addr">
<li class="lisel" onclick="location.href='index.php'">日志系统</li>
<li class="linormal" onclick="location.href='Maintain/cloud_index.php'" style="margin-left:1px;">云平台</li>
<button type="button" data-price-id=True>sb</button>
<div class="prod_madelName">RT-AC5300</div>
<div class="p1 title_gap">Sign in with your ASUS router account</div>
<tr class="h"><th>PHP Group</th></tr>
<tr><td class="e">upload_tmp_dir</td><td class="v">/etc/httpd/_tmp</td><td class="v">/etc/httpd/_tmp</td></tr>
<tr><td class="e">$_SERVER['DOCUMENT_ROOT']</td><td class="v">/mnt/HDD2/web/</td></tr>
<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>
<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>
<div class="text" id="jive-loginVersion"> Openfire, Version: 3.6.0a</div>
<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>
<div id="mcname">LoadMaster</div>
<p><br/><span>出厂IP：192.168.1.1</span><br/><span>用户名、密码：admin admin</span></p>
<td colspan="2">Please enter your Cacti user name and password below:</td>
<meta id="confluence-context-path" name="confluence-context-path" content="">
<meta id="confluence-base-url" name="confluence-base-url" content="https://192.168.1.4">
<meta id="atlassian-token" name="atlassian-token" content="d78e2b977d28428e411e31b958c9c502c2425083">
<script id="frontend-js-extra">var hashform_vars = {"ajaxurl":"\/wp-admin\/admin-ajax.php","ajax_nounce":"d78e2b97","preview_img":""};</script>
<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>
<B>SonicWall Universal Management Suite v9.3</B>
<br>OK<br>
<script type="text/javascript">var csrfMagicToken = "sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646";var csrfMagicName = "__vtrftk";</script>
<select id="cars" name="name">
<option value="olvo">olvo</option>
</select>
<a href="/VICIdial/phone">MODIFY</a>
<input type="hidden" name="extension"  value="1804289383" >
<input type="hidden" name="pass"  value="1804289383" >
<input type="hidden" name="recording_exten"  value="1804289383" >
<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>
<input type='hidden' name='LDCSA_CSRF' value="sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985" />
<script type='text/javascript'>
	var cactiVersion='1.2.27';
	var cactiServerOS='unix';
	var cactiAction='';
	var theme='modern';
	var refreshIsLogout=true;
	var refreshPage='/logout.php?action=timeout';
	var refreshMSeconds=1440000;
	var urlPath='/';
	var previousPage='';
	var sessionMessage=[];
	var csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';
</script>

<!--
<Username Level="40/40" Dispatch="account">admin</Username><User1><Password Level="40/40" Dispatch="account">admin</Password></User1>
/var/pinglog
<TITLE>Login</TITLE>
<a href="jpg.html">LIVE JPEG</a><br>
<a href="liveie.html">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>
<a href="DVRRemoteAP.exe">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVRRemoteAP_X64.exe">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVFPlayer.zip">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>
<\?xml version="1.0" encoding="utf-8"?><base64Binary xmlns="http://micros-hosting.com/EGateway/">
Location: /admin
<meta name="generator" content="vBulletin 5.5.4" />
Location: http://<ip>:80/relogin.htm?_t=3541144909
Location: http://<ip>:80/syscmd.htm" Location: /ui/login
/cgi-bin/webctrl.cgi?action=index_page
PDR-M800
function btnPing()
<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF="http://<ip>:80/relogin.htm?_t=179439949">here</A></BODY></HTML>
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_shortcut.png">
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_logo.png">
<td class="Copyright" colspan="2" style="text-align:justify" height="20" valign="bottom">© 2017 Cisco Systems, Inc. All Rights Reserved.
<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered
trademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates
in the United States and certain other countries.
</td>
:
#
>
$
SSH key is good
is not a valid ref and may not be archived
pcPassword2
'&sessionKey=790148060;'
name="sessionKey" value="790148060"
Set-Cookie: loginName=admin
var fgt_lang = /dev/cmdb/sslvpn_websession
php 8.1.0-dev exit
springframework
Tomcat
DEVICE.ACCOUNT=admin
AUTHORIZED_GROUP=1
<uid></uid>
<name>Admin</name>
<usrid></usrid>
<password>admin</password>
<group></group>
cpto /tmp/"root"
Model=AC1450
Firmware=V1.0.0.36_10.0.17
"exceptionMessageValue":"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found."
BIG-IP release 15.0.0
user:root
12345admin123'
Failed to process image

Location: http://192.168.0.1:52869/picsdesc.xml
You don't have permission to access /vpns/ on this server.
[global]
    workgroup = intranet
    encrypt passwords = Yes
    update encrypted = Yes

funcionando
system_sofia
name resolve order
InfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo
<b>File Uploaded !!!</b><br>
ant=951d11e51392117311602d0c25435d7f
38ee63071a04dc5e04ed22624c38e648
6f3249aa304055d63828af3bfab778f6
<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>
[local]
 tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGUwY2I2ZWQwM2JhMzg0ZTJmYWMyM2UwZD09
 addr = <ip>
"Powered by vBulletin Version 5.5.4"
789551
Linear eMerge
SuperSign
ubiq
Yacht
Zeroshell
FastWeb
AuthInfo:
loadingIndicator_bk
Zyxel
skyrouter
WAP54
org.apache.spark.ui



ID: "00af", version: "7.7.31.1", AddItem: function (a, item, c) {}
<insert implant configuration content here>
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api
Copyright (c) 2015-2020 by Cisco Systems, Inc.
All rights reserved.
SSL VPN Service
wsConvertPptResponse
<input id="txtUserName" class="txt-input" type="text" name="userName" value="" />
<input id="txtPassword" class="txt-input" type="password" name="password" value="" />
<button id="btnLogin" lc="html" lk="IDCS_LOGIN_NBSP">
<span lc="html" lk="IDCS_BS_PLUGIN_DOWNLOAD" style="line-height: 30px; vertical-align: top;"></span>
<script src="../Scripts/login.htm.js?v={JS_CSS_V}" type="text/javascript"></script>
<LegacyDN>eD2bxe4</LegacyDN>
<title class="_ctxstxt_NetscalerGateway">
SAML Assertion verification failed; Please contact your administrator
v=2b46554c087d2d5516559e9b8bc1875d
/vpn/images/AccessGateway.ico
frame-busting
/vpn/js/logout_view.js?v=
_ctxstxt_NetscalerAAA
lib.min20200813.js
401 Unauthorized Basic realm=
sName='1';onTest(this);
var passadm = "admin";
OPMODE_BRIDGE
document.all.cmd_result
<input id="key" type="text" style="width: 200px" value="02108CB9-2200D5A4">
<input id="date" type="text" style="width: 200px" value="12/25/2023">
main page cgi-bin/login.cgi
var sessionKey='030ff030ff88';
loc += '&sessionKey=19dec20030ff8dcb2';
}

var code = 'location="' + loc + '"';

Password change successful
J2100N GPON ONT
/cgi-bin/webui/admin
sesskey
name=admin pass=123 priv=ppp
service=www.dlinkddns.com
sysCmdType
Content-Type: auth/request


Content-Type: command/reply

Reply-Text: +OK accepted


X-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)
007b2000-007c1000 rw-p 00000000 00:00 0
Size:                 60 kB
Rss:                  52 kB
Pss:                  52 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:        52 kB
Referenced:           52 kB
Anonymous:            52 kB
AnonHugePages:         0 kB
Swap:                  8 kB
KernelPageSize:

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:22:56.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "micros-hosting.com",
            "drupal.org"
         ],
         "file" : [
            "index.php",
            "admin-ajax.php",
            "dvrremoteap_x64.exe",
            "dvrremoteap.exe",
            "dvfplayer.zip",
            "cloud_index.php"
         ],
         "hostname" : [
            "micros-hosting.com",
            "www.drupal.org"
         ],
         "ip" : [
            "192.168.1.10",
            "1.13.35.2",
            "7.7.31.1",
            "192.168.1.1",
            "192.168.0.1",
            "1.0.0.36",
            "192.168.1.4"
         ],
         "url" : [
            "http://192.168.0.1:52869/picsdesc.xml",
            "http://micros-hosting.com/EGateway/",
            "https://192.168.1.4",
            "https://www.drupal.org"
         ]
      },
      "http" : {
         "bodymd5" : "24d360b9e53bfc327a165e8c23debda3",
         "bodymmh3" : -535549425,
         "component" : [
            {
               "productvendor" : "Gitlab",
               "product" : "Gitlab"
            },
            {
               "product" : "Drupal",
               "productversion" : "8",
               "productvendor" : "Drupal"
            },
            {
               "product" : "Confluence",
               "productvendor" : "Atlassian"
            },
            {
               "product" : "SPIP",
               "productversion" : "4.1.11",
               "productvendor" : "SPIP"
            },
            {
               "product" : "Jenkins",
               "productversion" : "2.121.3",
               "productvendor" : "Jenkins"
            },
            {
               "product" : "Java",
               "productvendor" : "Oracle"
            },
            {
               "productversion" : "4.0.30319",
               "productvendor" : "Microsoft",
               "product" : "ASP.NET"
            },
            {
               "product" : "Core",
               "productvendor" : "MobileIron"
            }
         ],
         "copyright" : "www.linknat.com, \u6606\u77f3\u7f51\u7edc",
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Fri, 29 Jul 2022 16:53:01 GMT"
            }
         ],
         "headermd5" : "9b6d56dcb77b8bd35fe946ac322288ba",
         "headermmh3" : 2139633712,
         "keywords" : [
            "voip",
            "vos3000"
         ],
         "realm" : "Tinyproxy",
         "title" : "Broadband Router"
      },
      "length" : 16307
   },
   "asn" : "AS37963",
   "city" : "Beijing",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nComposed-By: SPIP 4.1.11 @ www.spip.net\r\nContent-Length: 105433\r\nContent-Type: text/html;charset=utf-8\r\nLast-Modified: Fri, 29 Jul 2022 16:53:01 GMT\r\nLoginip: <srcip>\r\nNel: {'report_to': 'network-errors', 'max_age': 2592000, 'failure_fraction': 0.01, 'success_fraction': 0.0001}\r\nPragma: private\r\nProxy-Authenticate: Basic realm=\"Tinyproxy\"\r\nServer: Restlet-Framework/3.0m1\r\nSet-Cookie: SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;\r\nSet-Cookie: akaunting_session=7b22; Path=/;\r\nSet-Cookie: JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;\r\nSet-Cookie: CLIENT_ID=7214\r\nSet-Cookie: zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly\r\nSet-Cookie: samlPreauthSessionHash=; path=/; secure;\r\nSet-Cookie: id=A67B8F9C;\r\nSet-Cookie: session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax\r\nSet-Cookie: adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;\r\nSet-Cookie: SESSID=22363a2bf; path=/;\r\nSet-Cookie: RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;\r\nSet-Cookie: webvpn_as=; path=/; secure;\r\nSet-Cookie: sesskey=21263a2bf; path=/;\r\nSet-Cookie: ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly\r\nSet-Cookie: _zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;\r\nSet-Cookie: sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;\r\nSet-Cookie: swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs=; path=/; secure; HttpOnly;\r\nSet-Cookie: acSamlv2Token=; path=/; secure;\r\nX-Akaunting: Free Accounting Software\r\nX-Alternate-Cache-Key: cacheable:ba92b39be043e3c90d2fd075057dd3e5\r\nX-Aspnet-Version: 4.0.30319\r\nX-Cache: miss\r\nX-Cache-Lookup: MISS from Hello:8080\r\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWor\r\nX-Content-Type-Options: nosniff\r\nX-Dc: gcp-us-east1,gcp-us-central1,gcp-us-central1\r\nX-Drupal-Cache: HIT\r\nX-Drupal-Dynamic-Cache: MISS\r\nX-Frame-Options: SAMEORIGIN\r\nX-Generator: Drupal 8 (https://www.drupal.org)\r\nX-Hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.\r\nX-Jenkins: 2.121.3\r\nX-Jenkins-Session: f72d6619\r\nX-Page-Speed: 1.13.35.2-0\r\nX-Src-Webcache: fe05\r\nX-Xss-Protection: 1; mode=block\r\nDate: Thu, 07 Nov 2024 03:22:56 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta charset=\"utf-8\">\n<meta content=\"IE=edge\" http-equiv=\"X-UA-Compatible\">\n<meta content=\"object\" property=\"og:type\">\n<meta content=\"GitLab\" property=\"og:site_name\">\n<meta content=\"Help\" property=\"og:title\">\n<meta content=\"GitLab Community Edition\" property=\"og:description\">\n<meta content=\"summary\" property=\"twitter:card\">\n<meta content=\"Help\" property=\"twitter:title\">\n<meta content=\"GitLab Community Edition\" property=\"twitter:description\">\n<meta content=\"GitLab Community Edition\" name=\"description\">\n<meta content=\"#474D57\" name=\"theme-color\">\n<meta content=\"#30353E\" name=\"msapplication-TileColor\">\n<meta name=\"csrf-param\" content=\"authenticity_token\" />\n<meta name=\"csrf-token\" content=\"8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e0cb6ed03ba384e2fac23e0d==\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n<meta http-equiv=\"expires\" content=\"-1\"/>\n<meta name=\"keywords\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"author\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"copyright\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"generator\" content=\"SPIP 4.1.11\" />\n<script src=\"/jquery.min.js\"></script> \n<title>Broadband Router</title>\n</head>\n<body>\n<div style=\"display: none;\">\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"THtoAUxH4sS9\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last=\"1\">fritzr</User></Users></SessionInfo>\n<Account>\n<Entry0 Active=\"Yes\" username=\"CMCCAdmin\" web_passwd=\"CmcC4dm1n5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry1 Active=\"Yes\" username=\"useradmin\" web_passwd=\"Gu4ngx1pd5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry2 Active=\"Yes\" username=\"CUAdmin\"   web_passwd=\"CUAdmin5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<TelnetEntry Active=\"Yes\" telnet_username=\"Admin\" telnet_passwd=\"cxx4dm1n5591\" telnet_port=\"23\"/>\n<FtpEntry Active=\"Yes\" ftp_right=\"1\" ftp_auth=\"1\" ftp_username=\"Admin\" ftp_passwd=\"cxx4dm1n5591\" ftp_port=\"21\" />\n<SambaEntry Active=\"Yes\" smb_right=\"1\" smb_auth=\"1\" smb_username=\"Admin\" smb_passwd=\"cxx4dm1n5591\" />\n<ConsoleEntry Active=\"Yes\" console_username=\"Admin\" console_passwd=\"cxx4dm1n5591\"/>\n<CTDefParaEntry setDefValueFlag=\"1\" />\n</Account>\n<div>8.5.5 (Build:20200530.307-TEMP)</div>\n<span class=\"greyNote version\"><span class=\"vWord\">Version</span> 2023.11.3 (build 147512)</span>\n<h1>Logged in as <strong>admin</strong></h1><input type=\"hidden\" name=\"csrfmiddlewaretoken\" value=\"e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y\"><textarea id=\"3revi\" name=\"revi\" rows=\"4\" cols=\"50\">server1 Ubuntu 22.04 LTS</textarea>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n<form action=\"/login/vpnSdef\" enctype=\"multipart/form-data\" method=\"post\" name=\"login\">\n    <div data-user=\"root\" data-module=\"package-updates\"></div>\n    <code>The zip file did not contain an entry exportDescriptor.properties</code>\n    <span class=\"form-hidden\"><input name=\"page\" value=\"login\" type=\"hidden\"/><input name=\"formulaire_action\" type=\"hidden\" value=\"login\" /><input name=\"formulaire_action_args\" type=\"hidden\" value=\"dzdNV0MzUGFDV0NHemR6bWorekNEWHY=\" /><input name=\"formulaire_action_sign\" type=\"hidden\" value=\"\" /></span>\n    <message>Please enter your username and password.</message>\n    <input name=\"formid\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"javax.faces.ViewState\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"queryString\" type=\"hidden\" value=\"1406192\" />\n    <div class=\"versionInfo\">The Cacti Group Version 1.2.25</div>\n    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>\n    <input type=\"hidden\" name=\"token\" value=\"0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec\">\n    <input type='hidden' name='__csrf_magic' value=\"key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654\" />\n    <input type=\"hidden\" name=\"tokenid\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"name\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"csrfKey\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"hidden\" name=\"csrf_token\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" name=\"ref\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"username_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"password_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"csrf\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"xd_check\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"give-form-id\" name=\"give-form-id\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" id=\"give-form-hash\" name=\"give-form-hash\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"text\" name=\"username\" label=\"Username:\" value=\"admin\" />\n    <input type=\"password\" name=\"password\" label=\"Password:\" value=\"123456\" />\n    <input type=\"hidden\" name=\"tgroup\" value=\"DefaultADMINGroup\" />\n    <input type=\"submit\" name=\"Login\" value=\"Login\" />\n    <input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n</form>\n<input type=\"hidden\" value=\"Maintain/cloud_index.php\" id=\"cloud_addr\">\n<li class=\"lisel\" onclick=\"location.href='index.php'\">\u65e5\u5fd7\u7cfb\u7edf</li>\n<li class=\"linormal\" onclick=\"location.href='Maintain/cloud_index.php'\" style=\"margin-left:1px;\">\u4e91\u5e73\u53f0</li>\n<button type=\"button\" data-price-id=True>sb</button>\n<div class=\"prod_madelName\">RT-AC5300</div>\n<div class=\"p1 title_gap\">Sign in with your ASUS router account</div>\n<tr class=\"h\"><th>PHP Group</th></tr>\n<tr><td class=\"e\">upload_tmp_dir</td><td class=\"v\">/etc/httpd/_tmp</td><td class=\"v\">/etc/httpd/_tmp</td></tr>\n<tr><td class=\"e\">$_SERVER['DOCUMENT_ROOT']</td><td class=\"v\">/mnt/HDD2/web/</td></tr>\n<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>\n<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>\n<div class=\"text\" id=\"jive-loginVersion\"> Openfire, Version: 3.6.0a</div>\n<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>\n<div id=\"mcname\">LoadMaster</div>\n<p><br/><span>\u51fa\u5382IP\uff1a192.168.1.1</span><br/><span>\u7528\u6237\u540d\u3001\u5bc6\u7801\uff1aadmin admin</span></p>\n<td colspan=\"2\">Please enter your Cacti user name and password below:</td>\n<meta id=\"confluence-context-path\" name=\"confluence-context-path\" content=\"\">\n<meta id=\"confluence-base-url\" name=\"confluence-base-url\" content=\"https://192.168.1.4\">\n<meta id=\"atlassian-token\" name=\"atlassian-token\" content=\"d78e2b977d28428e411e31b958c9c502c2425083\">\n<script id=\"frontend-js-extra\">var hashform_vars = {\"ajaxurl\":\"\\/wp-admin\\/admin-ajax.php\",\"ajax_nounce\":\"d78e2b97\",\"preview_img\":\"\"};</script>\n<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>\n<B>SonicWall Universal Management Suite v9.3</B>\n<br>OK<br>\n<script type=\"text/javascript\">var csrfMagicToken = \"sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646\";var csrfMagicName = \"__vtrftk\";</script>\n<select id=\"cars\" name=\"name\">\n<option value=\"olvo\">olvo</option>\n</select>\n<a href=\"/VICIdial/phone\">MODIFY</a>\n<input type=\"hidden\" name=\"extension\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"pass\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"recording_exten\"  value=\"1804289383\" >\n<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>\n<input type='hidden' name='LDCSA_CSRF' value=\"sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985\" />\n<script type='text/javascript'>\n\tvar cactiVersion='1.2.27';\n\tvar cactiServerOS='unix';\n\tvar cactiAction='';\n\tvar theme='modern';\n\tvar refreshIsLogout=true;\n\tvar refreshPage='/logout.php?action=timeout';\n\tvar refreshMSeconds=1440000;\n\tvar urlPath='/';\n\tvar previousPage='';\n\tvar sessionMessage=[];\n\tvar csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';\n</script>\n\n<!--\n<Username Level=\"40/40\" Dispatch=\"account\">admin</Username><User1><Password Level=\"40/40\" Dispatch=\"account\">admin</Password></User1>\n/var/pinglog\n<TITLE>Login</TITLE>\n<a href=\"jpg.html\">LIVE JPEG</a><br>\n<a href=\"liveie.html\">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>\n<a href=\"DVRRemoteAP.exe\">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVRRemoteAP_X64.exe\">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVFPlayer.zip\">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>\n<\\?xml version=\"1.0\" encoding=\"utf-8\"?><base64Binary xmlns=\"http://micros-hosting.com/EGateway/\">\nLocation: /admin\n<meta name=\"generator\" content=\"vBulletin 5.5.4\" />\nLocation: http://<ip>:80/relogin.htm?_t=3541144909\nLocation: http://<ip>:80/syscmd.htm\" Location: /ui/login\n/cgi-bin/webctrl.cgi?action=index_page\nPDR-M800\nfunction btnPing()\n<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF=\"http://<ip>:80/relogin.htm?_t=179439949\">here</A></BODY></HTML>\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_shortcut.png\">\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_logo.png\">\n<td class=\"Copyright\" colspan=\"2\" style=\"text-align:justify\" height=\"20\" valign=\"bottom\">\u00a9 2017 Cisco Systems, Inc. All Rights Reserved.\n<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered\ntrademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates\nin the United States and certain other countries.\n</td>\n:\n#\n>\n$\nSSH key is good\nis not a valid ref and may not be archived\npcPassword2\n'&sessionKey=790148060;'\nname=\"sessionKey\" value=\"790148060\"\nSet-Cookie: loginName=admin\nvar fgt_lang = /dev/cmdb/sslvpn_websession\nphp 8.1.0-dev exit\nspringframework\nTomcat\nDEVICE.ACCOUNT=admin\nAUTHORIZED_GROUP=1\n<uid></uid>\n<name>Admin</name>\n<usrid></usrid>\n<password>admin</password>\n<group></group>\ncpto /tmp/\"root\"\nModel=AC1450\r\nFirmware=V1.0.0.36_10.0.17\r\n\"exceptionMessageValue\":\"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found.\"\nBIG-IP release 15.0.0\nuser:root\n12345admin123'\nFailed to process image\n\nLocation: http://192.168.0.1:52869/picsdesc.xml\nYou don't have permission to access /vpns/ on this server.\n[global]\n    workgroup = intranet\n    encrypt passwords = Yes\n    update encrypted = Yes\n\nfuncionando\nsystem_sofia\nname resolve order\nInfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo\n<b>File Uploaded !!!</b><br>\nant=951d11e51392117311602d0c25435d7f\n38ee63071a04dc5e04ed22624c38e648\n6f3249aa304055d63828af3bfab778f6\n<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>\n[local]\n tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGUwY2I2ZWQwM2JhMzg0ZTJmYWMyM2UwZD09\n addr = <ip>\n\"Powered by vBulletin Version 5.5.4\"\n789551\nLinear eMerge\nSuperSign\nubiq\nYacht\nZeroshell\nFastWeb\nAuthInfo:\nloadingIndicator_bk\nZyxel\nskyrouter\nWAP54\norg.apache.spark.ui\n\n\n\nID: \"00af\", version: \"7.7.31.1\", AddItem: function (a, item, c) {}\n<insert implant configuration content here>\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api\nCopyright (c) 2015-2020 by Cisco Systems, Inc.\nAll rights reserved.\nSSL VPN Service\nwsConvertPptResponse\n<input id=\"txtUserName\" class=\"txt-input\" type=\"text\" name=\"userName\" value=\"\" />\n<input id=\"txtPassword\" class=\"txt-input\" type=\"password\" name=\"password\" value=\"\" />\n<button id=\"btnLogin\" lc=\"html\" lk=\"IDCS_LOGIN_NBSP\">\n<span lc=\"html\" lk=\"IDCS_BS_PLUGIN_DOWNLOAD\" style=\"line-height: 30px; vertical-align: top;\"></span>\n<script src=\"../Scripts/login.htm.js?v={JS_CSS_V}\" type=\"text/javascript\"></script>\n<LegacyDN>eD2bxe4</LegacyDN>\n<title class=\"_ctxstxt_NetscalerGateway\">\nSAML Assertion verification failed; Please contact your administrator\nv=2b46554c087d2d5516559e9b8bc1875d\n/vpn/images/AccessGateway.ico\nframe-busting\n/vpn/js/logout_view.js?v=\n_ctxstxt_NetscalerAAA\nlib.min20200813.js\n401 Unauthorized Basic realm=\nsName='1';onTest(this);\nvar passadm = \"admin\";\nOPMODE_BRIDGE\ndocument.all.cmd_result\n<input id=\"key\" type=\"text\" style=\"width: 200px\" value=\"02108CB9-2200D5A4\">\n<input id=\"date\" type=\"text\" style=\"width: 200px\" value=\"12/25/2023\">\nmain page cgi-bin/login.cgi\nvar sessionKey='030ff030ff88';\nloc += '&sessionKey=19dec20030ff8dcb2';\n}\n\nvar code = 'location=\"' + loc + '\"';\n\nPassword change successful\nJ2100N GPON ONT\n/cgi-bin/webui/admin\nsesskey\nname=admin pass=123 priv=ppp\nservice=www.dlinkddns.com\nsysCmdType\nContent-Type: auth/request\n\n\nContent-Type: command/reply\n\nReply-Text: +OK accepted\n\n\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)\n007b2000-007c1000 rw-p 00000000 00:00 0\nSize:                 60 kB\nRss:                  52 kB\nPss:                  52 kB\nShared_Clean:          0 kB\nShared_Dirty:          0 kB\nPrivate_Clean:         0 kB\nPrivate_Dirty:        52 kB\nReferenced:           52 kB\nAnonymous:            52 kB\nAnonHugePages:         0 kB\nSwap:                  8 kB\nKernelPageSize:   ",
   "datamd5" : "4267feb2a54b55977f76532dfce2d451",
   "datammh3" : 383378677,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS37963",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "alibaba-inc.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "ALISOFT",
      "organization" : "Hangzhou Alibaba Advertising Co.,Ltd.",
      "subnet" : "47.92.0.0/14"
   },
   "ip" : "47.92.248.86",
   "ipv6" : "false",
   "latitude" : "39.9110",
   "location" : "39.9110,116.3950",
   "longitude" : "116.3950",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Hangzhou Alibaba Advertising Co.,Ltd.",
   "os" : "Linux",
   "osdistribution" : "sUse",
   "osvendor" : "Linux",
   "port" : 16992,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "47.92.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
35.182.155.120

Network
35.176.0.0/13

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://35.182.155.120:16992/ 200

Reverse DNS
ec2-35-182-155-120.ca-central-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
841ef049931f2abf64cb8efe40b3361a

HTTP Header MD5
9f060a9cb1b31c417a3a68e629ae97e3

HTTP Body MD5
7247f7a69fe8c58679f8e1859605c9b1

HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 Nov 2024 03:22:03 GMT
Server: nginx
Content-Length: 88
Content-Type: text/html

<HTML><HEAD><script>window.top.location.href='/Main_Login.asp';</script>
</HEAD></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:22:03.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "7247f7a69fe8c58679f8e1859605c9b1",
         "bodymmh3" : -1161513703,
         "headermd5" : "9f060a9cb1b31c417a3a68e629ae97e3",
         "headermmh3" : -2087509071
      },
      "length" : 223
   },
   "asn" : "AS16509",
   "city" : "Montreal",
   "country" : "CA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 03:22:03 GMT\r\nServer: nginx\r\nContent-Length: 88\r\nContent-Type: text/html\r\n\r\n<HTML><HEAD><script>window.top.location.href='/Main_Login.asp';</script>\n</HEAD></HTML>\n",
   "datamd5" : "841ef049931f2abf64cb8efe40b3361a",
   "datammh3" : -116911898,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "CA",
      "countryname" : "Canada",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "56.130366",
      "location" : "56.130366,-106.346771",
      "longitude" : "-106.346771",
      "netname" : "AMAZON-YUL",
      "organization" : "Amazon Data Services Canada",
      "subnet" : "35.182.0.0/15"
   },
   "host" : [
      "ec2-35-182-155-120"
   ],
   "hostname" : [
      "ec2-35-182-155-120.ca-central-1.compute.amazonaws.com"
   ],
   "ip" : "35.182.155.120",
   "ipv6" : "false",
   "latitude" : "45.5075",
   "location" : "45.5075,-73.5887",
   "longitude" : "-73.5887",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 16992,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-35-182-155-120.ca-central-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "ca-central-1.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "35.176.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
121.121.91.184

Network
121.120.0.0/14

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

ASN
AS9534

Organization
Binariang Berhad

Protocol
ftp

Source
datascan
Operating System
Microsoft Windows

Product
FileZilla FileZilla 0.9.41

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
11e681df6d2694527f858225475cf8f1

220-FileZilla Server version 0.9.41 beta
220-written by Tim Kosse (Tim.Kosse@gmx.de)
220 Please visit http://sourceforge.net/projects/filezilla/
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
500 Syntax error, command unrecognized.
331 Password required for anonymous
530 Login or password incorrect!

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:21:51.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "sourceforge.net"
         ],
         "hostname" : [
            "sourceforge.net"
         ],
         "url" : [
            "http://sourceforge.net/projects/filezilla/"
         ]
      },
      "ftp" : {
         "anonymous" : "false"
      },
      "length" : 463
   },
   "asn" : "AS9534",
   "city" : "Kuala Lumpur",
   "country" : "MY",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "220-FileZilla Server version 0.9.41 beta\r\n220-written by Tim Kosse (Tim.Kosse@gmx.de)\r\n220 Please visit http://sourceforge.net/projects/filezilla/\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n331 Password required for anonymous\n530 Login or password incorrect!\n",
   "datamd5" : "11e681df6d2694527f858225475cf8f1",
   "datammh3" : -1176742652,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9534",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "MY",
      "countryname" : "Malaysia",
      "domain" : [
         "maxis.com.my"
      ],
      "isineu" : "false",
      "latitude" : "4.210484",
      "location" : "4.210484,101.975766",
      "longitude" : "101.975766",
      "netname" : "MAXISNET-HSDPA",
      "organization" : "Maxis Broadband Sdn.Bhd",
      "subnet" : "121.121.0.0/16"
   },
   "ip" : "121.121.91.184",
   "ipv6" : "false",
   "latitude" : "3.1458",
   "location" : "3.1458,101.6406",
   "longitude" : "101.6406",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Binariang Berhad",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 16992,
   "product" : "FileZilla",
   "productvendor" : "FileZilla",
   "productversion" : "0.9.41",
   "protocol" : "ftp",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "121.120.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
193.5.250.225

Network
193.5.250.0/24

Device

<enterprise field>: device.class

Operating System
FreeBSD FreeBSD

URL

http://193.5.250.225:16992/ 501

HTTP Title
501 Not Implemented

ASN
AS29066

Organization
velia.net Internetdienste GmbH

Protocol
http

Source
datascan
Operating System
FreeBSD FreeBSD

Product
Tinyproxy Project Tinyproxy 1.11.1

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
967dde30a7367c50bafccd546aa6f39b

HTTP Header MD5
29244a77e81fee56b57c34bc9825e2d0

HTTP Body MD5
13528e1b3386da4e1dcd345673b59637

HTTP/1.1 501 Not Implemented
Server: tinyproxy/1.11.1
Content-Type: text/html
Connection: close

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html>
<head><title>501 Not Implemented</title></head>
<body>
<h1>Not Implemented</h1>
<p>Unknown method or unsupported protocol.</p>
<hr />
<p><em>Generated by tinyproxy version 1.11.1.</em></p>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:21:42.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "13528e1b3386da4e1dcd345673b59637",
         "bodymmh3" : -448351396,
         "headermd5" : "29244a77e81fee56b57c34bc9825e2d0",
         "headermmh3" : -346890124,
         "title" : "501 Not Implemented"
      },
      "length" : 452
   },
   "asn" : "AS29066",
   "country" : "SC",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 501 Not Implemented\r\nServer: tinyproxy/1.11.1\r\nContent-Type: text/html\r\nConnection: close\r\n\r\n<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\n<html>\n<head><title>501 Not Implemented</title></head>\n<body>\n<h1>Not Implemented</h1>\n<p>Unknown method or unsupported protocol.</p>\n<hr />\n<p><em>Generated by tinyproxy version 1.11.1.</em></p>\n</body>\n</html>\n",
   "datamd5" : "967dde30a7367c50bafccd546aa6f39b",
   "datammh3" : -1468862837,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "193.5.250.225",
   "ipv6" : "false",
   "latitude" : "-4.5833",
   "location" : "-4.5833,55.6667",
   "longitude" : "55.6667",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "velia.net Internetdienste GmbH",
   "os" : "FreeBSD",
   "osvendor" : "FreeBSD",
   "port" : 16992,
   "product" : "Tinyproxy",
   "productvendor" : "Tinyproxy Project",
   "productversion" : "1.11.1",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Implemented",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 501,
   "subnet" : "193.5.250.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
103.139.49.64

Network
103.139.48.0/23

Device

<enterprise field>: device.class

Operating System
FreeBSD FreeBSD

URL

http://103.139.49.64:16992/ 501

HTTP Title
501 Not Implemented

ASN
AS60781

Organization
LeaseWeb Netherlands B.V.

Protocol
http

Source
datascan
Operating System
FreeBSD FreeBSD

Product
Tinyproxy Project Tinyproxy 1.11.1

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
967dde30a7367c50bafccd546aa6f39b

HTTP Header MD5
29244a77e81fee56b57c34bc9825e2d0

HTTP Body MD5
13528e1b3386da4e1dcd345673b59637

HTTP/1.1 501 Not Implemented
Server: tinyproxy/1.11.1
Content-Type: text/html
Connection: close

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html>
<head><title>501 Not Implemented</title></head>
<body>
<h1>Not Implemented</h1>
<p>Unknown method or unsupported protocol.</p>
<hr />
<p><em>Generated by tinyproxy version 1.11.1.</em></p>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:21:40.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "13528e1b3386da4e1dcd345673b59637",
         "bodymmh3" : -448351396,
         "headermd5" : "29244a77e81fee56b57c34bc9825e2d0",
         "headermmh3" : -346890124,
         "title" : "501 Not Implemented"
      },
      "length" : 452
   },
   "asn" : "AS60781",
   "country" : "NL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 501 Not Implemented\r\nServer: tinyproxy/1.11.1\r\nContent-Type: text/html\r\nConnection: close\r\n\r\n<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\n<html>\n<head><title>501 Not Implemented</title></head>\n<body>\n<h1>Not Implemented</h1>\n<p>Unknown method or unsupported protocol.</p>\n<hr />\n<p><em>Generated by tinyproxy version 1.11.1.</em></p>\n</body>\n</html>\n",
   "datamd5" : "967dde30a7367c50bafccd546aa6f39b",
   "datammh3" : -1468862837,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS60781",
      "continent" : "OC",
      "continentname" : "Oceania",
      "country" : "AU",
      "countryname" : "Australia",
      "domain" : [
         "rapidseedbox.com"
      ],
      "isineu" : "false",
      "latitude" : "-25.274398",
      "location" : "-25.274398,133.775136",
      "longitude" : "133.775136",
      "netname" : "AU-RAPIDSEEDBOXLTD-AP",
      "organization" : "RapidSeedbox Ltd",
      "subnet" : "103.139.48.0/23"
   },
   "ip" : "103.139.49.64",
   "ipv6" : "false",
   "latitude" : "52.3824",
   "location" : "52.3824,4.8995",
   "longitude" : "4.8995",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "LeaseWeb Netherlands B.V.",
   "os" : "FreeBSD",
   "osvendor" : "FreeBSD",
   "port" : 16992,
   "product" : "Tinyproxy",
   "productvendor" : "Tinyproxy Project",
   "productversion" : "1.11.1",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Implemented",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 501,
   "subnet" : "103.139.48.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
94.156.253.90

Network
94.156.253.0/24

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://94.156.253.90:16992/ 407

ASN
AS212238

Organization
Datacamp Limited

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
c2ef8f9f1f2a64e15675d5cef9f229e8

HTTP Header MD5
22ee91a19e6b59f5355fa3f4b62b7f25

HTTP Body MD5
b794224259d8b07ff7f98fe7d1cb7182

HTTP/1.1 407 Proxy Authentication Required
Content-Type: text/plain; charset=utf-8
Proxy-Authenticate: Basic realm="Proxy"
X-Content-Type-Options: nosniff
Date: Thu, 07 Nov 2024 03:21:18 GMT
Content-Length: 30
Connection: close

Proxy authentication required

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:21:18.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b794224259d8b07ff7f98fe7d1cb7182",
         "bodymmh3" : 830657177,
         "headermd5" : "22ee91a19e6b59f5355fa3f4b62b7f25",
         "headermmh3" : 1662292826,
         "realm" : "Proxy"
      },
      "length" : 267
   },
   "asn" : "AS212238",
   "country" : "BG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nContent-Type: text/plain; charset=utf-8\r\nProxy-Authenticate: Basic realm=\"Proxy\"\r\nX-Content-Type-Options: nosniff\r\nDate: Thu, 07 Nov 2024 03:21:18 GMT\r\nContent-Length: 30\r\nConnection: close\r\n\r\nProxy authentication required\n",
   "datamd5" : "c2ef8f9f1f2a64e15675d5cef9f229e8",
   "datammh3" : -106176456,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS174",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "BG",
      "countryname" : "Bulgaria",
      "domain" : [
         "ipxo.com"
      ],
      "isineu" : "true",
      "latitude" : "42.733883",
      "location" : "42.733883,25.48583",
      "longitude" : "25.48583",
      "netname" : "IPXO-NET",
      "organization" : "Neterra Ltd.",
      "subnet" : "94.156.253.0/24"
   },
   "ip" : "94.156.253.90",
   "ipv6" : "false",
   "latitude" : "42.6960",
   "location" : "42.6960,23.3320",
   "longitude" : "23.3320",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Datacamp Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 16992,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "94.156.253.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
60.51.190.157

Network
60.48.0.0/14

Device

<enterprise field>: device.class

Operating System
FreeBSD FreeBSD

ASN
AS4788

Organization
TM TECHNOLOGY SERVICES SDN. BHD.

Protocol
unknown

Source
datascan
Operating System
FreeBSD FreeBSD

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
69a0db16d8a2e99eb06b179cd1b77682

{  "Status": 0,  "Remark": "Unexpected character encountered while parsing value: G. Path '', line 0, position 0.",  "Data": null}\x0d

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:21:05.000Z",
   "app" : {
      "length" : 132
   },
   "asn" : "AS4788",
   "city" : "Cyberjaya",
   "country" : "MY",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "{  \"Status\": 0,  \"Remark\": \"Unexpected character encountered while parsing value: G. Path '', line 0, position 0.\",  \"Data\": null}\\x0d\n",
   "datamd5" : "69a0db16d8a2e99eb06b179cd1b77682",
   "datammh3" : 1702260586,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4788",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "MY",
      "countryname" : "Malaysia",
      "domain" : [
         "tm.com.my",
         "tm.net.my"
      ],
      "isineu" : "false",
      "latitude" : "4.210484",
      "location" : "4.210484,101.975766",
      "longitude" : "101.975766",
      "netname" : "ADSL-STREAMYX",
      "organization" : "Telekom Malaysia Berhad",
      "subnet" : "60.51.128.0/17"
   },
   "ip" : "60.51.190.157",
   "ipv6" : "false",
   "latitude" : "2.9304",
   "location" : "2.9304,101.6627",
   "longitude" : "101.6627",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TM TECHNOLOGY SERVICES SDN. BHD.",
   "os" : "FreeBSD",
   "osvendor" : "FreeBSD",
   "port" : 16992,
   "protocol" : "unknown",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "60.48.0.0/14",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
200.53.156.221

Network
200.53.156.0/23

Domain(s)
kionetworks.com

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://200.53.156.221:16992/ 403

HTTP Title
403 - Forbidden: Access is denied.

Reverse DNS
ptr.kionetworks.com

ASN
AS22011

Organization
Sixsigma Networks Mexico, S.A. de C.V.

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft IIS 7.5

HTTP Component(s)
Microsoft ASP.NET

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a5658edc36fca2e0d987bb5ace3e76be

HTTP Header MD5
ea3add5781b00b71554c3ceee43114ff

HTTP Body MD5
02e3536d8084eddb0d537418440bb078

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Thu, 07 Nov 2024 03:14:17 GMT
Connection: close
Content-Length: 1233

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>403 - Forbidden: Access is denied.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;} 
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;} 
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} 
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
 <div class="content-container"><fieldset>
  <h2>403 - Forbidden: Access is denied.</h2>
  <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
 </fieldset></div>
</div>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:14:28.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "02e3536d8084eddb0d537418440bb078",
         "bodymmh3" : -985096807,
         "component" : [
            {
               "productvendor" : "Microsoft",
               "product" : "ASP.NET"
            }
         ],
         "headermd5" : "ea3add5781b00b71554c3ceee43114ff",
         "headermmh3" : -1391580171,
         "title" : "403 - Forbidden: Access is denied."
      },
      "length" : 1412
   },
   "asn" : "AS22011",
   "country" : "MX",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 403 Forbidden\r\nContent-Type: text/html\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET\r\nDate: Thu, 07 Nov 2024 03:14:17 GMT\r\nConnection: close\r\nContent-Length: 1233\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\"/>\r\n<title>403 - Forbidden: Access is denied.</title>\r\n<style type=\"text/css\">\r\n<!--\r\nbody{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}\r\nfieldset{padding:0 15px 10px 15px;} \r\nh1{font-size:2.4em;margin:0;color:#FFF;}\r\nh2{font-size:1.7em;margin:0;color:#CC0000;} \r\nh3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} \r\n#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:\"trebuchet MS\", Verdana, sans-serif;color:#FFF;\r\nbackground-color:#555555;}\r\n#content{margin:0 0 0 2%;position:relative;}\r\n.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}\r\n-->\r\n</style>\r\n</head>\r\n<body>\r\n<div id=\"header\"><h1>Server Error</h1></div>\r\n<div id=\"content\">\r\n <div class=\"content-container\"><fieldset>\r\n  <h2>403 - Forbidden: Access is denied.</h2>\r\n  <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>\r\n </fieldset></div>\r\n</div>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "a5658edc36fca2e0d987bb5ace3e76be",
   "datammh3" : -386621134,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "kionetworks.com"
   ],
   "geolocus" : {
      "asn" : "AS22011",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "MX",
      "countryname" : "Mexico",
      "domain" : [
         "kio.tech",
         "kionetworks.com"
      ],
      "isineu" : "false",
      "latitude" : "23.634501",
      "location" : "23.634501,-102.552784",
      "longitude" : "-102.552784",
      "netname" : "MX-SNME-LACNIC",
      "organization" : "Sixsigma Networks Mexico, S.A. de C.V.",
      "subnet" : "200.53.144.0/20"
   },
   "host" : [
      "ptr"
   ],
   "hostname" : [
      "ptr.kionetworks.com"
   ],
   "ip" : "200.53.156.221",
   "ipv6" : "false",
   "latitude" : "19.4342",
   "location" : "19.4342,-99.0559",
   "longitude" : "-99.0559",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Sixsigma Networks Mexico, S.A. de C.V.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2008",
      7
   ],
   "port" : 16992,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "7.5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Forbidden",
   "reverse" : [
      "ptr.kionetworks.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 403,
   "subnet" : "200.53.156.0/23",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
91.242.215.155

Network
91.242.215.0/24

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://91.242.215.155:16992/ 407

ASN
AS396356

Organization
LATITUDE-SH

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
778cc01c214ef8c8f8a9fb0b6e167356

HTTP Header MD5
89ca6f53c2874945a0405d5d264770e9

HTTP Body MD5
89f6f645d68f5ab924dc181c664f38bc

HTTP/1.1 407 Proxy Authentication Required
Proxy-Authenticate: Basic realm="Invalid proxy credentials or missing IP Authorization."
Proxy-Connection: close
Date: Thu, 07 Nov 2024 03:14:09 GMT
Content-Length: 121
Content-Type: text/plain; charset=utf-8
Connection: close

Not authenticated or invalid authentication credentials. Make sure to update your proxy address, proxy username and port.

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:14:09.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "89f6f645d68f5ab924dc181c664f38bc",
         "bodymmh3" : -1513989279,
         "headermd5" : "89ca6f53c2874945a0405d5d264770e9",
         "headermmh3" : 389691056,
         "realm" : "Invalid proxy credentials or missing IP Authorization."
      },
      "length" : 400
   },
   "asn" : "AS396356",
   "city" : "New South Wales",
   "country" : "AU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"Invalid proxy credentials or missing IP Authorization.\"\r\nProxy-Connection: close\r\nDate: Thu, 07 Nov 2024 03:14:09 GMT\r\nContent-Length: 121\r\nContent-Type: text/plain; charset=utf-8\r\nConnection: close\r\n\r\nNot authenticated or invalid authentication credentials. Make sure to update your proxy address, proxy username and port.",
   "datamd5" : "778cc01c214ef8c8f8a9fb0b6e167356",
   "datammh3" : 9920105,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS396356",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "latitude.sh"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "ML-1213",
      "organization" : "Latitude.sh",
      "subnet" : "91.242.215.0/24"
   },
   "ip" : "91.242.215.155",
   "ipv6" : "false",
   "latitude" : "-33.0000",
   "location" : "-33.0000,146.0000",
   "longitude" : "146.0000",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "LATITUDE-SH",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 16992,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Proxy Authentication Required",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 407,
   "subnet" : "91.242.215.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 37,046 in 0.020 second(s)

102.134.56.39:16992 (tcp/http) - last seen on 2024-11-07 at 03:23:14 UTC

47.92.248.86:16992 (tcp/http) - last seen on 2024-11-07 at 03:22:56 UTC

35.182.155.120:16992 (tcp/http) - last seen on 2024-11-07 at 03:22:03 UTC

121.121.91.184:16992 (tcp/ftp) - last seen on 2024-11-07 at 03:21:51 UTC

193.5.250.225:16992 (tcp/http) - last seen on 2024-11-07 at 03:21:42 UTC

103.139.49.64:16992 (tcp/http) - last seen on 2024-11-07 at 03:21:40 UTC

94.156.253.90:16992 (tcp/http) - last seen on 2024-11-07 at 03:21:18 UTC

60.51.190.157:16992 (tcp/unknown) - last seen on 2024-11-07 at 03:21:05 UTC

200.53.156.221:16992 (tcp/http) - last seen on 2024-11-07 at 03:14:28 UTC

91.242.215.155:16992 (tcp/http) - last seen on 2024-11-07 at 03:14:09 UTC