Returning 10 result(s) out of 37,046 in 0.020 second(s)

  • 102.134.56.39:16992 (tcp/http) - last seen on 2024-11-07 at 03:23:14 UTC

    • IP
      102.134.56.39
      Network
      102.134.56.0/22
      Domain(s)
      imidc.com
      Device

      <enterprise field>: device.class

      URL

      http://102.134.56.39:16992/ 200

      Reverse DNS
      unknown.imidc.com
      ASN
      AS328543
      Organization
      sun-asn
      Protocol
      http
      Source
      datascan
    • Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      d6e9a4d3e7ff5c8482a7dfb181f24fbb
      HTTP Header MD5
      db929ee95f62f99728d840d6c0c11e00
      HTTP Body MD5
      e10c23498f9c639e27f50f4978f01802
    • HTTP/1.1 200 OK
      Server: nginx
      Date: Thu, 07 Nov 2024 03:23:14 GMT
      Content-Type: text/html
      Content-Length: 1099
      Last-Modified: Sun, 03 Nov 2024 06:18:12 GMT
      Connection: close
      Vary: Accept-Encoding
      ETag: "672715a4-44b"
      Accept-Ranges: bytes
      
      <!DOCTYPE html>
      <html>
      <head>
          <meta charset="utf-8">
          <meta http-equiv="X-UA-Compatible" content="IE=edge">
          <meta name="renderer" content="webkit|ie-comp|ie-stand">
          <meta http-equiv="X-UA-Compatible" content="IE =edge,chrome =1" />
          <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no, minimum-scale=1.0, maximum-scale=1.0">
          <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
          <title></title>
      </head>
      <body>
          <script type="text/javascript">
          window._MICHAT = window._MICHAT || function () { (_MICHAT.a = _MICHAT.a || []).push(arguments) };
          _MICHAT("cptid", "cb8e62a4e958");
          _MICHAT("host", "asd.yepqpo.cn");
          (function (m, d, q, j, s) {
              j = d.createElement(q),s = d.getElementsByTagName(q)[0];
              j.async = true;
              j.charset ="UTF-8";
              j.src = ("https:" == document.location.protocol ? "https://" : "http://") + "asd.yepqpo.cn/Web/js/loader.js";
              s.parentNode.insertBefore(j, s);
          })(window, document, "script");
          </script>
          </body >
        </html >
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:23:14.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "e10c23498f9c639e27f50f4978f01802",
               "bodymmh3" : 1676455977,
               "header" : [
                  {
                     "value" : "Sun, 03 Nov 2024 06:18:12 GMT",
                     "name" : "Last-Modified"
                  },
                  {
                     "name" : "ETag",
                     "value" : "672715a4-44b"
                  }
               ],
               "headermd5" : "db929ee95f62f99728d840d6c0c11e00",
               "headermmh3" : 1294536046
            },
            "length" : 1349
         },
         "asn" : "AS328543",
         "country" : "ZA",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 03:23:14 GMT\r\nContent-Type: text/html\r\nContent-Length: 1099\r\nLast-Modified: Sun, 03 Nov 2024 06:18:12 GMT\r\nConnection: close\r\nVary: Accept-Encoding\r\nETag: \"672715a4-44b\"\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n    <meta charset=\"utf-8\">\r\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\r\n    <meta name=\"renderer\" content=\"webkit|ie-comp|ie-stand\">\r\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE =edge,chrome =1\" />\r\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0, user-scalable=no, minimum-scale=1.0, maximum-scale=1.0\">\r\n    <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\r\n    <title></title>\n</head>\n<body>\n    <script type=\"text/javascript\">\r\n    window._MICHAT = window._MICHAT || function () { (_MICHAT.a = _MICHAT.a || []).push(arguments) };\r\n    _MICHAT(\"cptid\", \"cb8e62a4e958\");\r\n    _MICHAT(\"host\", \"asd.yepqpo.cn\");\r\n    (function (m, d, q, j, s) {\r\n        j = d.createElement(q),s = d.getElementsByTagName(q)[0];\r\n        j.async = true;\r\n        j.charset =\"UTF-8\";\r\n        j.src = (\"https:\" == document.location.protocol ? \"https://\" : \"http://\") + \"asd.yepqpo.cn/Web/js/loader.js\";\r\n        s.parentNode.insertBefore(j, s);\r\n    })(window, document, \"script\");\r\n    </script>\n    </body >\n  </html >",
         "datamd5" : "d6e9a4d3e7ff5c8482a7dfb181f24fbb",
         "datammh3" : -1152390401,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "imidc.com"
         ],
         "geolocus" : {
            "asn" : "AS40065",
            "continent" : "AF",
            "continentname" : "Africa",
            "country" : "ZA",
            "countryname" : "South Africa",
            "domain" : [
               "gmail.com",
               "imidc.com",
               "naaficorp.co.za"
            ],
            "isineu" : "false",
            "latitude" : "-30.559482",
            "location" : "-30.559482,22.937506",
            "longitude" : "22.937506",
            "netname" : "SUN-NETWORK-COMPANY-NET2",
            "organization" : "Enterprise network",
            "subnet" : "102.134.56.0/23"
         },
         "host" : [
            "unknown"
         ],
         "hostname" : [
            "unknown.imidc.com"
         ],
         "ip" : "102.134.56.39",
         "ipv6" : "false",
         "latitude" : "-28.9984",
         "location" : "-28.9984,23.9888",
         "longitude" : "23.9888",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "sun-asn",
         "port" : 16992,
         "product" : "Nginx",
         "productvendor" : "F5",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "reverse" : [
            "unknown.imidc.com"
         ],
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 200,
         "subnet" : "102.134.56.0/22",
         "tld" : [
            "com"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 47.92.248.86:16992 (tcp/http) - last seen on 2024-11-07 at 03:22:56 UTC

    • IP
      47.92.248.86
      Network
      47.92.0.0/14
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux sUse
      URL

      http://47.92.248.86:16992/ 200

      HTTP Title
      Broadband Router
      HTTP Keyword(s)
      voip vos3000
      HTTP Copyright
      www.linknat.com, 昆石网络
      ASN
      AS37963
      Organization
      Hangzhou Alibaba Advertising Co.,Ltd.
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux sUse
      HTTP Component(s)
      Oracle Java MobileIron Core Atlassian Confluence Jenkins Jenkins 2.121.3 SPIP SPIP 4.1.11 Microsoft ASP.NET 4.0.30319 Gitlab Gitlab Drupal Drupal 8
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      4267feb2a54b55977f76532dfce2d451
      HTTP Header MD5
      9b6d56dcb77b8bd35fe946ac322288ba
      HTTP Body MD5
      24d360b9e53bfc327a165e8c23debda3
    • HTTP/1.1 200 OK
      Composed-By: SPIP 4.1.11 @ www.spip.net
      Content-Length: 105433
      Content-Type: text/html;charset=utf-8
      Last-Modified: Fri, 29 Jul 2022 16:53:01 GMT
      Loginip: <srcip>
      Nel: {'report_to': 'network-errors', 'max_age': 2592000, 'failure_fraction': 0.01, 'success_fraction': 0.0001}
      Pragma: private
      Proxy-Authenticate: Basic realm="Tinyproxy"
      Server: Restlet-Framework/3.0m1
      Set-Cookie: SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;
      Set-Cookie: akaunting_session=7b22; Path=/;
      Set-Cookie: JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;
      Set-Cookie: CLIENT_ID=7214
      Set-Cookie: zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly
      Set-Cookie: samlPreauthSessionHash=; path=/; secure;
      Set-Cookie: id=A67B8F9C;
      Set-Cookie: session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax
      Set-Cookie: adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;
      Set-Cookie: SESSID=22363a2bf; path=/;
      Set-Cookie: RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;
      Set-Cookie: webvpn_as=; path=/; secure;
      Set-Cookie: sesskey=21263a2bf; path=/;
      Set-Cookie: ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly
      Set-Cookie: _zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;
      Set-Cookie: sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;
      Set-Cookie: swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs=; path=/; secure; HttpOnly;
      Set-Cookie: acSamlv2Token=; path=/; secure;
      X-Akaunting: Free Accounting Software
      X-Alternate-Cache-Key: cacheable:ba92b39be043e3c90d2fd075057dd3e5
      X-Aspnet-Version: 4.0.30319
      X-Cache: miss
      X-Cache-Lookup: MISS from Hello:8080
      X-Content-Powered-By: K2 v2.8.0 (by JoomlaWor
      X-Content-Type-Options: nosniff
      X-Dc: gcp-us-east1,gcp-us-central1,gcp-us-central1
      X-Drupal-Cache: HIT
      X-Drupal-Dynamic-Cache: MISS
      X-Frame-Options: SAMEORIGIN
      X-Generator: Drupal 8 (https://www.drupal.org)
      X-Hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
      X-Jenkins: 2.121.3
      X-Jenkins-Session: f72d6619
      X-Page-Speed: 1.13.35.2-0
      X-Src-Webcache: fe05
      X-Xss-Protection: 1; mode=block
      Date: Thu, 07 Nov 2024 03:22:56 GMT
      Connection: close
      
      <!DOCTYPE html>
      <html>
      <head>
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
      <meta http-equiv="X-UA-Compatible" content="IE=edge">
      <meta http-equiv="Pragma" content="no-cache" />
      <meta charset="utf-8">
      <meta content="IE=edge" http-equiv="X-UA-Compatible">
      <meta content="object" property="og:type">
      <meta content="GitLab" property="og:site_name">
      <meta content="Help" property="og:title">
      <meta content="GitLab Community Edition" property="og:description">
      <meta content="summary" property="twitter:card">
      <meta content="Help" property="twitter:title">
      <meta content="GitLab Community Edition" property="twitter:description">
      <meta content="GitLab Community Edition" name="description">
      <meta content="#474D57" name="theme-color">
      <meta content="#30353E" name="msapplication-TileColor">
      <meta name="csrf-param" content="authenticity_token" />
      <meta name="csrf-token" content="8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e0cb6ed03ba384e2fac23e0d==" />
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
      <meta http-equiv="expires" content="-1"/>
      <meta name="keywords" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/>
      <meta name="author" content="www.linknat.com, 昆石网络"/>
      <meta name="copyright" content="www.linknat.com, 昆石网络"/>
      <meta name="generator" content="SPIP 4.1.11" />
      <script src="/jquery.min.js"></script> 
      <title>Broadband Router</title>
      </head>
      <body>
      <div style="display: none;">
      <script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"THtoAUxH4sS9","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script>
      <SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last="1">fritzr</User></Users></SessionInfo>
      <Account>
      <Entry0 Active="Yes" username="CMCCAdmin" web_passwd="CmcC4dm1n5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
      <Entry1 Active="Yes" username="useradmin" web_passwd="Gu4ngx1pd5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
      <Entry2 Active="Yes" username="CUAdmin"   web_passwd="CUAdmin5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
      <TelnetEntry Active="Yes" telnet_username="Admin" telnet_passwd="cxx4dm1n5591" telnet_port="23"/>
      <FtpEntry Active="Yes" ftp_right="1" ftp_auth="1" ftp_username="Admin" ftp_passwd="cxx4dm1n5591" ftp_port="21" />
      <SambaEntry Active="Yes" smb_right="1" smb_auth="1" smb_username="Admin" smb_passwd="cxx4dm1n5591" />
      <ConsoleEntry Active="Yes" console_username="Admin" console_passwd="cxx4dm1n5591"/>
      <CTDefParaEntry setDefValueFlag="1" />
      </Account>
      <div>8.5.5 (Build:20200530.307-TEMP)</div>
      <span class="greyNote version"><span class="vWord">Version</span> 2023.11.3 (build 147512)</span>
      <h1>Logged in as <strong>admin</strong></h1><input type="hidden" name="csrfmiddlewaretoken" value="e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y"><textarea id="3revi" name="revi" rows="4" cols="50">server1 Ubuntu 22.04 LTS</textarea>
      <ca status="disabled" href="/+CSCOCA+/login.html" />
      <form action="/login/vpnSdef" enctype="multipart/form-data" method="post" name="login">
          <div data-user="root" data-module="package-updates"></div>
          <code>The zip file did not contain an entry exportDescriptor.properties</code>
          <span class="form-hidden"><input name="page" value="login" type="hidden"/><input name="formulaire_action" type="hidden" value="login" /><input name="formulaire_action_args" type="hidden" value="dzdNV0MzUGFDV0NHemR6bWorekNEWHY=" /><input name="formulaire_action_sign" type="hidden" value="" /></span>
          <message>Please enter your username and password.</message>
          <input name="formid" type="hidden" value="012afed" />
          <input name="javax.faces.ViewState" type="hidden" value="012afed" />
          <input name="queryString" type="hidden" value="1406192" />
          <div class="versionInfo">The Cacti Group Version 1.2.25</div>
          <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>
          <input type="hidden" name="token" value="0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec">
          <input type='hidden' name='__csrf_magic' value="key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654" />
          <input type="hidden" name="tokenid"  value="1804289383" >
          <input type="hidden" name="name"  value="1804289383" >
          <input type="hidden" name="csrfKey" value="621aec6b886ff81169bed7de5d47b5ed">
          <input type="hidden" name="csrf_token" value="621aec6b886ff81169bed7de5d47b5ed">
      	<input type="hidden" name="ref" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" name="username_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" name="password_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" id="csrf" name="csrf" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" id="csrf" name="xd_check" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" id="give-form-id" name="give-form-id" value="621aec6b886ff81169bed7de5d47b5ed">
      	<input type="hidden" id="give-form-hash" name="give-form-hash" value="621aec6b886ff81169bed7de5d47b5ed">
          <input type="text" name="username" label="Username:" value="admin" />
          <input type="password" name="password" label="Password:" value="123456" />
          <input type="hidden" name="tgroup" value="DefaultADMINGroup" />
          <input type="submit" name="Login" value="Login" />
          <input type="reset" name="Clear" value="Clear" />
      </form>
      <input type="hidden" value="Maintain/cloud_index.php" id="cloud_addr">
      <li class="lisel" onclick="location.href='index.php'">日志系统</li>
      <li class="linormal" onclick="location.href='Maintain/cloud_index.php'" style="margin-left:1px;">云平台</li>
      <button type="button" data-price-id=True>sb</button>
      <div class="prod_madelName">RT-AC5300</div>
      <div class="p1 title_gap">Sign in with your ASUS router account</div>
      <tr class="h"><th>PHP Group</th></tr>
      <tr><td class="e">upload_tmp_dir</td><td class="v">/etc/httpd/_tmp</td><td class="v">/etc/httpd/_tmp</td></tr>
      <tr><td class="e">$_SERVER['DOCUMENT_ROOT']</td><td class="v">/mnt/HDD2/web/</td></tr>
      <var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>
      <span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>
      <div class="text" id="jive-loginVersion"> Openfire, Version: 3.6.0a</div>
      <a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>
      <div id="mcname">LoadMaster</div>
      <p><br/><span>出厂IP:192.168.1.1</span><br/><span>用户名、密码:admin admin</span></p>
      <td colspan="2">Please enter your Cacti user name and password below:</td>
      <meta id="confluence-context-path" name="confluence-context-path" content="">
      <meta id="confluence-base-url" name="confluence-base-url" content="https://192.168.1.4">
      <meta id="atlassian-token" name="atlassian-token" content="d78e2b977d28428e411e31b958c9c502c2425083">
      <script id="frontend-js-extra">var hashform_vars = {"ajaxurl":"\/wp-admin\/admin-ajax.php","ajax_nounce":"d78e2b97","preview_img":""};</script>
      <div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>
      <B>SonicWall Universal Management Suite v9.3</B>
      <br>OK<br>
      <script type="text/javascript">var csrfMagicToken = "sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646";var csrfMagicName = "__vtrftk";</script>
      <select id="cars" name="name">
      <option value="olvo">olvo</option>
      </select>
      <a href="/VICIdial/phone">MODIFY</a>
      <input type="hidden" name="extension"  value="1804289383" >
      <input type="hidden" name="pass"  value="1804289383" >
      <input type="hidden" name="recording_exten"  value="1804289383" >
      <script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>
      <input type='hidden' name='LDCSA_CSRF' value="sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985" />
      <script type='text/javascript'>
      	var cactiVersion='1.2.27';
      	var cactiServerOS='unix';
      	var cactiAction='';
      	var theme='modern';
      	var refreshIsLogout=true;
      	var refreshPage='/logout.php?action=timeout';
      	var refreshMSeconds=1440000;
      	var urlPath='/';
      	var previousPage='';
      	var sessionMessage=[];
      	var csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';
      </script>
      
      <!--
      <Username Level="40/40" Dispatch="account">admin</Username><User1><Password Level="40/40" Dispatch="account">admin</Password></User1>
      /var/pinglog
      <TITLE>Login</TITLE>
      <a href="jpg.html">LIVE JPEG</a><br>
      <a href="liveie.html">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>
      <a href="DVRRemoteAP.exe">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
      <a href="DVRRemoteAP_X64.exe">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
      <a href="DVFPlayer.zip">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>
      <\?xml version="1.0" encoding="utf-8"?><base64Binary xmlns="http://micros-hosting.com/EGateway/">
      Location: /admin
      <meta name="generator" content="vBulletin 5.5.4" />
      Location: http://<ip>:80/relogin.htm?_t=3541144909
      Location: http://<ip>:80/syscmd.htm" Location: /ui/login
      /cgi-bin/webctrl.cgi?action=index_page
      PDR-M800
      function btnPing()
      <HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF="http://<ip>:80/relogin.htm?_t=179439949">here</A></BODY></HTML>
      <link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_shortcut.png">
      <link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_logo.png">
      <td class="Copyright" colspan="2" style="text-align:justify" height="20" valign="bottom">© 2017 Cisco Systems, Inc. All Rights Reserved.
      <br>Cisco, Cisco Systems, and the Cisco Systems logo are registered
      trademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates
      in the United States and certain other countries.
      </td>
      :
      #
      >
      $
      SSH key is good
      is not a valid ref and may not be archived
      pcPassword2
      '&sessionKey=790148060;'
      name="sessionKey" value="790148060"
      Set-Cookie: loginName=admin
      var fgt_lang = /dev/cmdb/sslvpn_websession
      php 8.1.0-dev exit
      springframework
      Tomcat
      DEVICE.ACCOUNT=admin
      AUTHORIZED_GROUP=1
      <uid></uid>
      <name>Admin</name>
      <usrid></usrid>
      <password>admin</password>
      <group></group>
      cpto /tmp/"root"
      Model=AC1450
      Firmware=V1.0.0.36_10.0.17
      "exceptionMessageValue":"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found."
      BIG-IP release 15.0.0
      user:root
      12345admin123'
      Failed to process image
      
      Location: http://192.168.0.1:52869/picsdesc.xml
      You don't have permission to access /vpns/ on this server.
      [global]
          workgroup = intranet
          encrypt passwords = Yes
          update encrypted = Yes
      
      funcionando
      system_sofia
      name resolve order
      InfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo
      <b>File Uploaded !!!</b><br>
      ant=951d11e51392117311602d0c25435d7f
      38ee63071a04dc5e04ed22624c38e648
      6f3249aa304055d63828af3bfab778f6
      <h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>
      [local]
       tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGUwY2I2ZWQwM2JhMzg0ZTJmYWMyM2UwZD09
       addr = <ip>
      "Powered by vBulletin Version 5.5.4"
      789551
      Linear eMerge
      SuperSign
      ubiq
      Yacht
      Zeroshell
      FastWeb
      AuthInfo:
      loadingIndicator_bk
      Zyxel
      skyrouter
      WAP54
      org.apache.spark.ui
      
      
      
      ID: "00af", version: "7.7.31.1", AddItem: function (a, item, c) {}
      <insert implant configuration content here>
      Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api
      Copyright (c) 2015-2020 by Cisco Systems, Inc.
      All rights reserved.
      SSL VPN Service
      wsConvertPptResponse
      <input id="txtUserName" class="txt-input" type="text" name="userName" value="" />
      <input id="txtPassword" class="txt-input" type="password" name="password" value="" />
      <button id="btnLogin" lc="html" lk="IDCS_LOGIN_NBSP">
      <span lc="html" lk="IDCS_BS_PLUGIN_DOWNLOAD" style="line-height: 30px; vertical-align: top;"></span>
      <script src="../Scripts/login.htm.js?v={JS_CSS_V}" type="text/javascript"></script>
      <LegacyDN>eD2bxe4</LegacyDN>
      <title class="_ctxstxt_NetscalerGateway">
      SAML Assertion verification failed; Please contact your administrator
      v=2b46554c087d2d5516559e9b8bc1875d
      /vpn/images/AccessGateway.ico
      frame-busting
      /vpn/js/logout_view.js?v=
      _ctxstxt_NetscalerAAA
      lib.min20200813.js
      401 Unauthorized Basic realm=
      sName='1';onTest(this);
      var passadm = "admin";
      OPMODE_BRIDGE
      document.all.cmd_result
      <input id="key" type="text" style="width: 200px" value="02108CB9-2200D5A4">
      <input id="date" type="text" style="width: 200px" value="12/25/2023">
      main page cgi-bin/login.cgi
      var sessionKey='030ff030ff88';
      loc += '&sessionKey=19dec20030ff8dcb2';
      }
      
      var code = 'location="' + loc + '"';
      
      Password change successful
      J2100N GPON ONT
      /cgi-bin/webui/admin
      sesskey
      name=admin pass=123 priv=ppp
      service=www.dlinkddns.com
      sysCmdType
      Content-Type: auth/request
      
      
      Content-Type: command/reply
      
      Reply-Text: +OK accepted
      
      
      X-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)
      007b2000-007c1000 rw-p 00000000 00:00 0
      Size:                 60 kB
      Rss:                  52 kB
      Pss:                  52 kB
      Shared_Clean:          0 kB
      Shared_Dirty:          0 kB
      Private_Clean:         0 kB
      Private_Dirty:        52 kB
      Referenced:           52 kB
      Anonymous:            52 kB
      AnonHugePages:         0 kB
      Swap:                  8 kB
      KernelPageSize:   
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:22:56.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "micros-hosting.com",
                  "drupal.org"
               ],
               "file" : [
                  "index.php",
                  "admin-ajax.php",
                  "dvrremoteap_x64.exe",
                  "dvrremoteap.exe",
                  "dvfplayer.zip",
                  "cloud_index.php"
               ],
               "hostname" : [
                  "micros-hosting.com",
                  "www.drupal.org"
               ],
               "ip" : [
                  "192.168.1.10",
                  "1.13.35.2",
                  "7.7.31.1",
                  "192.168.1.1",
                  "192.168.0.1",
                  "1.0.0.36",
                  "192.168.1.4"
               ],
               "url" : [
                  "http://192.168.0.1:52869/picsdesc.xml",
                  "http://micros-hosting.com/EGateway/",
                  "https://192.168.1.4",
                  "https://www.drupal.org"
               ]
            },
            "http" : {
               "bodymd5" : "24d360b9e53bfc327a165e8c23debda3",
               "bodymmh3" : -535549425,
               "component" : [
                  {
                     "productvendor" : "Gitlab",
                     "product" : "Gitlab"
                  },
                  {
                     "product" : "Drupal",
                     "productversion" : "8",
                     "productvendor" : "Drupal"
                  },
                  {
                     "product" : "Confluence",
                     "productvendor" : "Atlassian"
                  },
                  {
                     "product" : "SPIP",
                     "productversion" : "4.1.11",
                     "productvendor" : "SPIP"
                  },
                  {
                     "product" : "Jenkins",
                     "productversion" : "2.121.3",
                     "productvendor" : "Jenkins"
                  },
                  {
                     "product" : "Java",
                     "productvendor" : "Oracle"
                  },
                  {
                     "productversion" : "4.0.30319",
                     "productvendor" : "Microsoft",
                     "product" : "ASP.NET"
                  },
                  {
                     "product" : "Core",
                     "productvendor" : "MobileIron"
                  }
               ],
               "copyright" : "www.linknat.com, \u6606\u77f3\u7f51\u7edc",
               "header" : [
                  {
                     "name" : "Last-Modified",
                     "value" : "Fri, 29 Jul 2022 16:53:01 GMT"
                  }
               ],
               "headermd5" : "9b6d56dcb77b8bd35fe946ac322288ba",
               "headermmh3" : 2139633712,
               "keywords" : [
                  "voip",
                  "vos3000"
               ],
               "realm" : "Tinyproxy",
               "title" : "Broadband Router"
            },
            "length" : 16307
         },
         "asn" : "AS37963",
         "city" : "Beijing",
         "country" : "CN",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nComposed-By: SPIP 4.1.11 @ www.spip.net\r\nContent-Length: 105433\r\nContent-Type: text/html;charset=utf-8\r\nLast-Modified: Fri, 29 Jul 2022 16:53:01 GMT\r\nLoginip: <srcip>\r\nNel: {'report_to': 'network-errors', 'max_age': 2592000, 'failure_fraction': 0.01, 'success_fraction': 0.0001}\r\nPragma: private\r\nProxy-Authenticate: Basic realm=\"Tinyproxy\"\r\nServer: Restlet-Framework/3.0m1\r\nSet-Cookie: SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;\r\nSet-Cookie: akaunting_session=7b22; Path=/;\r\nSet-Cookie: JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;\r\nSet-Cookie: CLIENT_ID=7214\r\nSet-Cookie: zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly\r\nSet-Cookie: samlPreauthSessionHash=; path=/; secure;\r\nSet-Cookie: id=A67B8F9C;\r\nSet-Cookie: session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax\r\nSet-Cookie: adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;\r\nSet-Cookie: SESSID=22363a2bf; path=/;\r\nSet-Cookie: RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;\r\nSet-Cookie: webvpn_as=; path=/; secure;\r\nSet-Cookie: sesskey=21263a2bf; path=/;\r\nSet-Cookie: ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly\r\nSet-Cookie: _zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;\r\nSet-Cookie: sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;\r\nSet-Cookie: swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs=; path=/; secure; HttpOnly;\r\nSet-Cookie: acSamlv2Token=; path=/; secure;\r\nX-Akaunting: Free Accounting Software\r\nX-Alternate-Cache-Key: cacheable:ba92b39be043e3c90d2fd075057dd3e5\r\nX-Aspnet-Version: 4.0.30319\r\nX-Cache: miss\r\nX-Cache-Lookup: MISS from Hello:8080\r\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWor\r\nX-Content-Type-Options: nosniff\r\nX-Dc: gcp-us-east1,gcp-us-central1,gcp-us-central1\r\nX-Drupal-Cache: HIT\r\nX-Drupal-Dynamic-Cache: MISS\r\nX-Frame-Options: SAMEORIGIN\r\nX-Generator: Drupal 8 (https://www.drupal.org)\r\nX-Hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.\r\nX-Jenkins: 2.121.3\r\nX-Jenkins-Session: f72d6619\r\nX-Page-Speed: 1.13.35.2-0\r\nX-Src-Webcache: fe05\r\nX-Xss-Protection: 1; mode=block\r\nDate: Thu, 07 Nov 2024 03:22:56 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta charset=\"utf-8\">\n<meta content=\"IE=edge\" http-equiv=\"X-UA-Compatible\">\n<meta content=\"object\" property=\"og:type\">\n<meta content=\"GitLab\" property=\"og:site_name\">\n<meta content=\"Help\" property=\"og:title\">\n<meta content=\"GitLab Community Edition\" property=\"og:description\">\n<meta content=\"summary\" property=\"twitter:card\">\n<meta content=\"Help\" property=\"twitter:title\">\n<meta content=\"GitLab Community Edition\" property=\"twitter:description\">\n<meta content=\"GitLab Community Edition\" name=\"description\">\n<meta content=\"#474D57\" name=\"theme-color\">\n<meta content=\"#30353E\" name=\"msapplication-TileColor\">\n<meta name=\"csrf-param\" content=\"authenticity_token\" />\n<meta name=\"csrf-token\" content=\"8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e0cb6ed03ba384e2fac23e0d==\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n<meta http-equiv=\"expires\" content=\"-1\"/>\n<meta name=\"keywords\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"author\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"copyright\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"generator\" content=\"SPIP 4.1.11\" />\n<script src=\"/jquery.min.js\"></script> \n<title>Broadband Router</title>\n</head>\n<body>\n<div style=\"display: none;\">\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"THtoAUxH4sS9\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last=\"1\">fritzr</User></Users></SessionInfo>\n<Account>\n<Entry0 Active=\"Yes\" username=\"CMCCAdmin\" web_passwd=\"CmcC4dm1n5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry1 Active=\"Yes\" username=\"useradmin\" web_passwd=\"Gu4ngx1pd5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry2 Active=\"Yes\" username=\"CUAdmin\"   web_passwd=\"CUAdmin5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<TelnetEntry Active=\"Yes\" telnet_username=\"Admin\" telnet_passwd=\"cxx4dm1n5591\" telnet_port=\"23\"/>\n<FtpEntry Active=\"Yes\" ftp_right=\"1\" ftp_auth=\"1\" ftp_username=\"Admin\" ftp_passwd=\"cxx4dm1n5591\" ftp_port=\"21\" />\n<SambaEntry Active=\"Yes\" smb_right=\"1\" smb_auth=\"1\" smb_username=\"Admin\" smb_passwd=\"cxx4dm1n5591\" />\n<ConsoleEntry Active=\"Yes\" console_username=\"Admin\" console_passwd=\"cxx4dm1n5591\"/>\n<CTDefParaEntry setDefValueFlag=\"1\" />\n</Account>\n<div>8.5.5 (Build:20200530.307-TEMP)</div>\n<span class=\"greyNote version\"><span class=\"vWord\">Version</span> 2023.11.3 (build 147512)</span>\n<h1>Logged in as <strong>admin</strong></h1><input type=\"hidden\" name=\"csrfmiddlewaretoken\" value=\"e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y\"><textarea id=\"3revi\" name=\"revi\" rows=\"4\" cols=\"50\">server1 Ubuntu 22.04 LTS</textarea>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n<form action=\"/login/vpnSdef\" enctype=\"multipart/form-data\" method=\"post\" name=\"login\">\n    <div data-user=\"root\" data-module=\"package-updates\"></div>\n    <code>The zip file did not contain an entry exportDescriptor.properties</code>\n    <span class=\"form-hidden\"><input name=\"page\" value=\"login\" type=\"hidden\"/><input name=\"formulaire_action\" type=\"hidden\" value=\"login\" /><input name=\"formulaire_action_args\" type=\"hidden\" value=\"dzdNV0MzUGFDV0NHemR6bWorekNEWHY=\" /><input name=\"formulaire_action_sign\" type=\"hidden\" value=\"\" /></span>\n    <message>Please enter your username and password.</message>\n    <input name=\"formid\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"javax.faces.ViewState\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"queryString\" type=\"hidden\" value=\"1406192\" />\n    <div class=\"versionInfo\">The Cacti Group Version 1.2.25</div>\n    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>\n    <input type=\"hidden\" name=\"token\" value=\"0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec\">\n    <input type='hidden' name='__csrf_magic' value=\"key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654\" />\n    <input type=\"hidden\" name=\"tokenid\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"name\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"csrfKey\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"hidden\" name=\"csrf_token\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" name=\"ref\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"username_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"password_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"csrf\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"xd_check\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"give-form-id\" name=\"give-form-id\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" id=\"give-form-hash\" name=\"give-form-hash\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"text\" name=\"username\" label=\"Username:\" value=\"admin\" />\n    <input type=\"password\" name=\"password\" label=\"Password:\" value=\"123456\" />\n    <input type=\"hidden\" name=\"tgroup\" value=\"DefaultADMINGroup\" />\n    <input type=\"submit\" name=\"Login\" value=\"Login\" />\n    <input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n</form>\n<input type=\"hidden\" value=\"Maintain/cloud_index.php\" id=\"cloud_addr\">\n<li class=\"lisel\" onclick=\"location.href='index.php'\">\u65e5\u5fd7\u7cfb\u7edf</li>\n<li class=\"linormal\" onclick=\"location.href='Maintain/cloud_index.php'\" style=\"margin-left:1px;\">\u4e91\u5e73\u53f0</li>\n<button type=\"button\" data-price-id=True>sb</button>\n<div class=\"prod_madelName\">RT-AC5300</div>\n<div class=\"p1 title_gap\">Sign in with your ASUS router account</div>\n<tr class=\"h\"><th>PHP Group</th></tr>\n<tr><td class=\"e\">upload_tmp_dir</td><td class=\"v\">/etc/httpd/_tmp</td><td class=\"v\">/etc/httpd/_tmp</td></tr>\n<tr><td class=\"e\">$_SERVER['DOCUMENT_ROOT']</td><td class=\"v\">/mnt/HDD2/web/</td></tr>\n<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>\n<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>\n<div class=\"text\" id=\"jive-loginVersion\"> Openfire, Version: 3.6.0a</div>\n<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>\n<div id=\"mcname\">LoadMaster</div>\n<p><br/><span>\u51fa\u5382IP\uff1a192.168.1.1</span><br/><span>\u7528\u6237\u540d\u3001\u5bc6\u7801\uff1aadmin admin</span></p>\n<td colspan=\"2\">Please enter your Cacti user name and password below:</td>\n<meta id=\"confluence-context-path\" name=\"confluence-context-path\" content=\"\">\n<meta id=\"confluence-base-url\" name=\"confluence-base-url\" content=\"https://192.168.1.4\">\n<meta id=\"atlassian-token\" name=\"atlassian-token\" content=\"d78e2b977d28428e411e31b958c9c502c2425083\">\n<script id=\"frontend-js-extra\">var hashform_vars = {\"ajaxurl\":\"\\/wp-admin\\/admin-ajax.php\",\"ajax_nounce\":\"d78e2b97\",\"preview_img\":\"\"};</script>\n<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>\n<B>SonicWall Universal Management Suite v9.3</B>\n<br>OK<br>\n<script type=\"text/javascript\">var csrfMagicToken = \"sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646\";var csrfMagicName = \"__vtrftk\";</script>\n<select id=\"cars\" name=\"name\">\n<option value=\"olvo\">olvo</option>\n</select>\n<a href=\"/VICIdial/phone\">MODIFY</a>\n<input type=\"hidden\" name=\"extension\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"pass\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"recording_exten\"  value=\"1804289383\" >\n<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>\n<input type='hidden' name='LDCSA_CSRF' value=\"sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985\" />\n<script type='text/javascript'>\n\tvar cactiVersion='1.2.27';\n\tvar cactiServerOS='unix';\n\tvar cactiAction='';\n\tvar theme='modern';\n\tvar refreshIsLogout=true;\n\tvar refreshPage='/logout.php?action=timeout';\n\tvar refreshMSeconds=1440000;\n\tvar urlPath='/';\n\tvar previousPage='';\n\tvar sessionMessage=[];\n\tvar csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';\n</script>\n\n<!--\n<Username Level=\"40/40\" Dispatch=\"account\">admin</Username><User1><Password Level=\"40/40\" Dispatch=\"account\">admin</Password></User1>\n/var/pinglog\n<TITLE>Login</TITLE>\n<a href=\"jpg.html\">LIVE JPEG</a><br>\n<a href=\"liveie.html\">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>\n<a href=\"DVRRemoteAP.exe\">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVRRemoteAP_X64.exe\">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVFPlayer.zip\">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>\n<\\?xml version=\"1.0\" encoding=\"utf-8\"?><base64Binary xmlns=\"http://micros-hosting.com/EGateway/\">\nLocation: /admin\n<meta name=\"generator\" content=\"vBulletin 5.5.4\" />\nLocation: http://<ip>:80/relogin.htm?_t=3541144909\nLocation: http://<ip>:80/syscmd.htm\" Location: /ui/login\n/cgi-bin/webctrl.cgi?action=index_page\nPDR-M800\nfunction btnPing()\n<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF=\"http://<ip>:80/relogin.htm?_t=179439949\">here</A></BODY></HTML>\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_shortcut.png\">\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_logo.png\">\n<td class=\"Copyright\" colspan=\"2\" style=\"text-align:justify\" height=\"20\" valign=\"bottom\">\u00a9 2017 Cisco Systems, Inc. All Rights Reserved.\n<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered\ntrademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates\nin the United States and certain other countries.\n</td>\n:\n#\n>\n$\nSSH key is good\nis not a valid ref and may not be archived\npcPassword2\n'&sessionKey=790148060;'\nname=\"sessionKey\" value=\"790148060\"\nSet-Cookie: loginName=admin\nvar fgt_lang = /dev/cmdb/sslvpn_websession\nphp 8.1.0-dev exit\nspringframework\nTomcat\nDEVICE.ACCOUNT=admin\nAUTHORIZED_GROUP=1\n<uid></uid>\n<name>Admin</name>\n<usrid></usrid>\n<password>admin</password>\n<group></group>\ncpto /tmp/\"root\"\nModel=AC1450\r\nFirmware=V1.0.0.36_10.0.17\r\n\"exceptionMessageValue\":\"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found.\"\nBIG-IP release 15.0.0\nuser:root\n12345admin123'\nFailed to process image\n\nLocation: http://192.168.0.1:52869/picsdesc.xml\nYou don't have permission to access /vpns/ on this server.\n[global]\n    workgroup = intranet\n    encrypt passwords = Yes\n    update encrypted = Yes\n\nfuncionando\nsystem_sofia\nname resolve order\nInfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo\n<b>File Uploaded !!!</b><br>\nant=951d11e51392117311602d0c25435d7f\n38ee63071a04dc5e04ed22624c38e648\n6f3249aa304055d63828af3bfab778f6\n<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>\n[local]\n tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGUwY2I2ZWQwM2JhMzg0ZTJmYWMyM2UwZD09\n addr = <ip>\n\"Powered by vBulletin Version 5.5.4\"\n789551\nLinear eMerge\nSuperSign\nubiq\nYacht\nZeroshell\nFastWeb\nAuthInfo:\nloadingIndicator_bk\nZyxel\nskyrouter\nWAP54\norg.apache.spark.ui\n\n\n\nID: \"00af\", version: \"7.7.31.1\", AddItem: function (a, item, c) {}\n<insert implant configuration content here>\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api\nCopyright (c) 2015-2020 by Cisco Systems, Inc.\nAll rights reserved.\nSSL VPN Service\nwsConvertPptResponse\n<input id=\"txtUserName\" class=\"txt-input\" type=\"text\" name=\"userName\" value=\"\" />\n<input id=\"txtPassword\" class=\"txt-input\" type=\"password\" name=\"password\" value=\"\" />\n<button id=\"btnLogin\" lc=\"html\" lk=\"IDCS_LOGIN_NBSP\">\n<span lc=\"html\" lk=\"IDCS_BS_PLUGIN_DOWNLOAD\" style=\"line-height: 30px; vertical-align: top;\"></span>\n<script src=\"../Scripts/login.htm.js?v={JS_CSS_V}\" type=\"text/javascript\"></script>\n<LegacyDN>eD2bxe4</LegacyDN>\n<title class=\"_ctxstxt_NetscalerGateway\">\nSAML Assertion verification failed; Please contact your administrator\nv=2b46554c087d2d5516559e9b8bc1875d\n/vpn/images/AccessGateway.ico\nframe-busting\n/vpn/js/logout_view.js?v=\n_ctxstxt_NetscalerAAA\nlib.min20200813.js\n401 Unauthorized Basic realm=\nsName='1';onTest(this);\nvar passadm = \"admin\";\nOPMODE_BRIDGE\ndocument.all.cmd_result\n<input id=\"key\" type=\"text\" style=\"width: 200px\" value=\"02108CB9-2200D5A4\">\n<input id=\"date\" type=\"text\" style=\"width: 200px\" value=\"12/25/2023\">\nmain page cgi-bin/login.cgi\nvar sessionKey='030ff030ff88';\nloc += '&sessionKey=19dec20030ff8dcb2';\n}\n\nvar code = 'location=\"' + loc + '\"';\n\nPassword change successful\nJ2100N GPON ONT\n/cgi-bin/webui/admin\nsesskey\nname=admin pass=123 priv=ppp\nservice=www.dlinkddns.com\nsysCmdType\nContent-Type: auth/request\n\n\nContent-Type: command/reply\n\nReply-Text: +OK accepted\n\n\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)\n007b2000-007c1000 rw-p 00000000 00:00 0\nSize:                 60 kB\nRss:                  52 kB\nPss:                  52 kB\nShared_Clean:          0 kB\nShared_Dirty:          0 kB\nPrivate_Clean:         0 kB\nPrivate_Dirty:        52 kB\nReferenced:           52 kB\nAnonymous:            52 kB\nAnonHugePages:         0 kB\nSwap:                  8 kB\nKernelPageSize:   ",
         "datamd5" : "4267feb2a54b55977f76532dfce2d451",
         "datammh3" : 383378677,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS37963",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "CN",
            "countryname" : "China",
            "domain" : [
               "alibaba-inc.com",
               "cnnic.cn"
            ],
            "isineu" : "false",
            "latitude" : "35.86166",
            "location" : "35.86166,104.195397",
            "longitude" : "104.195397",
            "netname" : "ALISOFT",
            "organization" : "Hangzhou Alibaba Advertising Co.,Ltd.",
            "subnet" : "47.92.0.0/14"
         },
         "ip" : "47.92.248.86",
         "ipv6" : "false",
         "latitude" : "39.9110",
         "location" : "39.9110,116.3950",
         "longitude" : "116.3950",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Hangzhou Alibaba Advertising Co.,Ltd.",
         "os" : "Linux",
         "osdistribution" : "sUse",
         "osvendor" : "Linux",
         "port" : 16992,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 200,
         "subnet" : "47.92.0.0/14",
         "tag" : "<enterprise field>: tag",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 35.182.155.120:16992 (tcp/http) - last seen on 2024-11-07 at 03:22:03 UTC

    • IP
      35.182.155.120
      Network
      35.176.0.0/13
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://35.182.155.120:16992/ 200

      Reverse DNS
      ec2-35-182-155-120.ca-central-1.compute.amazonaws.com
      ASN
      AS16509
      Organization
      AMAZON-02
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      841ef049931f2abf64cb8efe40b3361a
      HTTP Header MD5
      9f060a9cb1b31c417a3a68e629ae97e3
      HTTP Body MD5
      7247f7a69fe8c58679f8e1859605c9b1
    • HTTP/1.1 200 OK
      Connection: close
      Date: Thu, 07 Nov 2024 03:22:03 GMT
      Server: nginx
      Content-Length: 88
      Content-Type: text/html
      
      <HTML><HEAD><script>window.top.location.href='/Main_Login.asp';</script>
      </HEAD></HTML>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:22:03.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "7247f7a69fe8c58679f8e1859605c9b1",
               "bodymmh3" : -1161513703,
               "headermd5" : "9f060a9cb1b31c417a3a68e629ae97e3",
               "headermmh3" : -2087509071
            },
            "length" : 223
         },
         "asn" : "AS16509",
         "city" : "Montreal",
         "country" : "CA",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 03:22:03 GMT\r\nServer: nginx\r\nContent-Length: 88\r\nContent-Type: text/html\r\n\r\n<HTML><HEAD><script>window.top.location.href='/Main_Login.asp';</script>\n</HEAD></HTML>\n",
         "datamd5" : "841ef049931f2abf64cb8efe40b3361a",
         "datammh3" : -116911898,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "amazonaws.com"
         ],
         "geolocus" : {
            "asn" : "AS16509",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "CA",
            "countryname" : "Canada",
            "domain" : [
               "amazon.com",
               "amazonaws.com",
               "aws.com"
            ],
            "isineu" : "false",
            "latitude" : "56.130366",
            "location" : "56.130366,-106.346771",
            "longitude" : "-106.346771",
            "netname" : "AMAZON-YUL",
            "organization" : "Amazon Data Services Canada",
            "subnet" : "35.182.0.0/15"
         },
         "host" : [
            "ec2-35-182-155-120"
         ],
         "hostname" : [
            "ec2-35-182-155-120.ca-central-1.compute.amazonaws.com"
         ],
         "ip" : "35.182.155.120",
         "ipv6" : "false",
         "latitude" : "45.5075",
         "location" : "45.5075,-73.5887",
         "longitude" : "-73.5887",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "AMAZON-02",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 16992,
         "product" : "Nginx",
         "productvendor" : "F5",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "reverse" : [
            "ec2-35-182-155-120.ca-central-1.compute.amazonaws.com"
         ],
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 200,
         "subdomains" : [
            "ca-central-1.compute.amazonaws.com",
            "compute.amazonaws.com"
         ],
         "subnet" : "35.176.0.0/13",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "com"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 121.121.91.184:16992 (tcp/ftp) - last seen on 2024-11-07 at 03:21:51 UTC

    • IP
      121.121.91.184
      Network
      121.120.0.0/14
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      ASN
      AS9534
      Organization
      Binariang Berhad
      Protocol
      ftp
      Source
      datascan
    • Operating System
      Microsoft Windows
      Product
      FileZilla FileZilla 0.9.41
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      11e681df6d2694527f858225475cf8f1
    • 220-FileZilla Server version 0.9.41 beta
      220-written by Tim Kosse (Tim.Kosse@gmx.de)
      220 Please visit http://sourceforge.net/projects/filezilla/
      500 Syntax error, command unrecognized.
      500 Syntax error, command unrecognized.
      500 Syntax error, command unrecognized.
      500 Syntax error, command unrecognized.
      500 Syntax error, command unrecognized.
      500 Syntax error, command unrecognized.
      331 Password required for anonymous
      530 Login or password incorrect!
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:21:51.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "sourceforge.net"
               ],
               "hostname" : [
                  "sourceforge.net"
               ],
               "url" : [
                  "http://sourceforge.net/projects/filezilla/"
               ]
            },
            "ftp" : {
               "anonymous" : "false"
            },
            "length" : 463
         },
         "asn" : "AS9534",
         "city" : "Kuala Lumpur",
         "country" : "MY",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "220-FileZilla Server version 0.9.41 beta\r\n220-written by Tim Kosse (Tim.Kosse@gmx.de)\r\n220 Please visit http://sourceforge.net/projects/filezilla/\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n500 Syntax error, command unrecognized.\r\n331 Password required for anonymous\n530 Login or password incorrect!\n",
         "datamd5" : "11e681df6d2694527f858225475cf8f1",
         "datammh3" : -1176742652,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS9534",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "MY",
            "countryname" : "Malaysia",
            "domain" : [
               "maxis.com.my"
            ],
            "isineu" : "false",
            "latitude" : "4.210484",
            "location" : "4.210484,101.975766",
            "longitude" : "101.975766",
            "netname" : "MAXISNET-HSDPA",
            "organization" : "Maxis Broadband Sdn.Bhd",
            "subnet" : "121.121.0.0/16"
         },
         "ip" : "121.121.91.184",
         "ipv6" : "false",
         "latitude" : "3.1458",
         "location" : "3.1458,101.6406",
         "longitude" : "101.6406",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Binariang Berhad",
         "os" : "Windows",
         "osvendor" : "Microsoft",
         "port" : 16992,
         "product" : "FileZilla",
         "productvendor" : "FileZilla",
         "productversion" : "0.9.41",
         "protocol" : "ftp",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "subnet" : "121.120.0.0/14",
         "tag" : "<enterprise field>: tag",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 193.5.250.225:16992 (tcp/http) - last seen on 2024-11-07 at 03:21:42 UTC

    • IP
      193.5.250.225
      Network
      193.5.250.0/24
      Device

      <enterprise field>: device.class

      Operating System
      FreeBSD FreeBSD
      URL

      http://193.5.250.225:16992/ 501

      HTTP Title
      501 Not Implemented
      ASN
      AS29066
      Organization
      velia.net Internetdienste GmbH
      Protocol
      http
      Source
      datascan
    • Operating System
      FreeBSD FreeBSD
      Product
      Tinyproxy Project Tinyproxy 1.11.1
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      967dde30a7367c50bafccd546aa6f39b
      HTTP Header MD5
      29244a77e81fee56b57c34bc9825e2d0
      HTTP Body MD5
      13528e1b3386da4e1dcd345673b59637
    • HTTP/1.1 501 Not Implemented
      Server: tinyproxy/1.11.1
      Content-Type: text/html
      Connection: close
      
      <?xml version="1.0" encoding="UTF-8" ?>
      <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
      <html>
      <head><title>501 Not Implemented</title></head>
      <body>
      <h1>Not Implemented</h1>
      <p>Unknown method or unsupported protocol.</p>
      <hr />
      <p><em>Generated by tinyproxy version 1.11.1.</em></p>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:21:42.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "w3.org"
               ],
               "hostname" : [
                  "www.w3.org"
               ],
               "url" : [
                  "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"
               ]
            },
            "http" : {
               "bodymd5" : "13528e1b3386da4e1dcd345673b59637",
               "bodymmh3" : -448351396,
               "headermd5" : "29244a77e81fee56b57c34bc9825e2d0",
               "headermmh3" : -346890124,
               "title" : "501 Not Implemented"
            },
            "length" : 452
         },
         "asn" : "AS29066",
         "country" : "SC",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 501 Not Implemented\r\nServer: tinyproxy/1.11.1\r\nContent-Type: text/html\r\nConnection: close\r\n\r\n<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\n<html>\n<head><title>501 Not Implemented</title></head>\n<body>\n<h1>Not Implemented</h1>\n<p>Unknown method or unsupported protocol.</p>\n<hr />\n<p><em>Generated by tinyproxy version 1.11.1.</em></p>\n</body>\n</html>\n",
         "datamd5" : "967dde30a7367c50bafccd546aa6f39b",
         "datammh3" : -1468862837,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "ip" : "193.5.250.225",
         "ipv6" : "false",
         "latitude" : "-4.5833",
         "location" : "-4.5833,55.6667",
         "longitude" : "55.6667",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "velia.net Internetdienste GmbH",
         "os" : "FreeBSD",
         "osvendor" : "FreeBSD",
         "port" : 16992,
         "product" : "Tinyproxy",
         "productvendor" : "Tinyproxy Project",
         "productversion" : "1.11.1",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Not Implemented",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 501,
         "subnet" : "193.5.250.0/24",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 103.139.49.64:16992 (tcp/http) - last seen on 2024-11-07 at 03:21:40 UTC

    • IP
      103.139.49.64
      Network
      103.139.48.0/23
      Device

      <enterprise field>: device.class

      Operating System
      FreeBSD FreeBSD
      URL

      http://103.139.49.64:16992/ 501

      HTTP Title
      501 Not Implemented
      ASN
      AS60781
      Organization
      LeaseWeb Netherlands B.V.
      Protocol
      http
      Source
      datascan
    • Operating System
      FreeBSD FreeBSD
      Product
      Tinyproxy Project Tinyproxy 1.11.1
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      967dde30a7367c50bafccd546aa6f39b
      HTTP Header MD5
      29244a77e81fee56b57c34bc9825e2d0
      HTTP Body MD5
      13528e1b3386da4e1dcd345673b59637
    • HTTP/1.1 501 Not Implemented
      Server: tinyproxy/1.11.1
      Content-Type: text/html
      Connection: close
      
      <?xml version="1.0" encoding="UTF-8" ?>
      <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
      <html>
      <head><title>501 Not Implemented</title></head>
      <body>
      <h1>Not Implemented</h1>
      <p>Unknown method or unsupported protocol.</p>
      <hr />
      <p><em>Generated by tinyproxy version 1.11.1.</em></p>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:21:40.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "w3.org"
               ],
               "hostname" : [
                  "www.w3.org"
               ],
               "url" : [
                  "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"
               ]
            },
            "http" : {
               "bodymd5" : "13528e1b3386da4e1dcd345673b59637",
               "bodymmh3" : -448351396,
               "headermd5" : "29244a77e81fee56b57c34bc9825e2d0",
               "headermmh3" : -346890124,
               "title" : "501 Not Implemented"
            },
            "length" : 452
         },
         "asn" : "AS60781",
         "country" : "NL",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 501 Not Implemented\r\nServer: tinyproxy/1.11.1\r\nContent-Type: text/html\r\nConnection: close\r\n\r\n<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\n<html>\n<head><title>501 Not Implemented</title></head>\n<body>\n<h1>Not Implemented</h1>\n<p>Unknown method or unsupported protocol.</p>\n<hr />\n<p><em>Generated by tinyproxy version 1.11.1.</em></p>\n</body>\n</html>\n",
         "datamd5" : "967dde30a7367c50bafccd546aa6f39b",
         "datammh3" : -1468862837,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS60781",
            "continent" : "OC",
            "continentname" : "Oceania",
            "country" : "AU",
            "countryname" : "Australia",
            "domain" : [
               "rapidseedbox.com"
            ],
            "isineu" : "false",
            "latitude" : "-25.274398",
            "location" : "-25.274398,133.775136",
            "longitude" : "133.775136",
            "netname" : "AU-RAPIDSEEDBOXLTD-AP",
            "organization" : "RapidSeedbox Ltd",
            "subnet" : "103.139.48.0/23"
         },
         "ip" : "103.139.49.64",
         "ipv6" : "false",
         "latitude" : "52.3824",
         "location" : "52.3824,4.8995",
         "longitude" : "4.8995",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "LeaseWeb Netherlands B.V.",
         "os" : "FreeBSD",
         "osvendor" : "FreeBSD",
         "port" : 16992,
         "product" : "Tinyproxy",
         "productvendor" : "Tinyproxy Project",
         "productversion" : "1.11.1",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Not Implemented",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 501,
         "subnet" : "103.139.48.0/23",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 94.156.253.90:16992 (tcp/http) - last seen on 2024-11-07 at 03:21:18 UTC

    • IP
      94.156.253.90
      Network
      94.156.253.0/24
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://94.156.253.90:16992/ 407

      ASN
      AS212238
      Organization
      Datacamp Limited
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      c2ef8f9f1f2a64e15675d5cef9f229e8
      HTTP Header MD5
      22ee91a19e6b59f5355fa3f4b62b7f25
      HTTP Body MD5
      b794224259d8b07ff7f98fe7d1cb7182
    • HTTP/1.1 407 Proxy Authentication Required
      Content-Type: text/plain; charset=utf-8
      Proxy-Authenticate: Basic realm="Proxy"
      X-Content-Type-Options: nosniff
      Date: Thu, 07 Nov 2024 03:21:18 GMT
      Content-Length: 30
      Connection: close
      
      Proxy authentication required
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:21:18.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "b794224259d8b07ff7f98fe7d1cb7182",
               "bodymmh3" : 830657177,
               "headermd5" : "22ee91a19e6b59f5355fa3f4b62b7f25",
               "headermmh3" : 1662292826,
               "realm" : "Proxy"
            },
            "length" : 267
         },
         "asn" : "AS212238",
         "country" : "BG",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nContent-Type: text/plain; charset=utf-8\r\nProxy-Authenticate: Basic realm=\"Proxy\"\r\nX-Content-Type-Options: nosniff\r\nDate: Thu, 07 Nov 2024 03:21:18 GMT\r\nContent-Length: 30\r\nConnection: close\r\n\r\nProxy authentication required\n",
         "datamd5" : "c2ef8f9f1f2a64e15675d5cef9f229e8",
         "datammh3" : -106176456,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS174",
            "continent" : "EU",
            "continentname" : "Europe",
            "country" : "BG",
            "countryname" : "Bulgaria",
            "domain" : [
               "ipxo.com"
            ],
            "isineu" : "true",
            "latitude" : "42.733883",
            "location" : "42.733883,25.48583",
            "longitude" : "25.48583",
            "netname" : "IPXO-NET",
            "organization" : "Neterra Ltd.",
            "subnet" : "94.156.253.0/24"
         },
         "ip" : "94.156.253.90",
         "ipv6" : "false",
         "latitude" : "42.6960",
         "location" : "42.6960,23.3320",
         "longitude" : "23.3320",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Datacamp Limited",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 16992,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Proxy Authentication Required",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 407,
         "subnet" : "94.156.253.0/24",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 60.51.190.157:16992 (tcp/unknown) - last seen on 2024-11-07 at 03:21:05 UTC

    • IP
      60.51.190.157
      Network
      60.48.0.0/14
      Device

      <enterprise field>: device.class

      Operating System
      FreeBSD FreeBSD
      ASN
      AS4788
      Organization
      TM TECHNOLOGY SERVICES SDN. BHD.
      Protocol
      unknown
      Source
      datascan
    • Operating System
      FreeBSD FreeBSD
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      69a0db16d8a2e99eb06b179cd1b77682
    • {  "Status": 0,  "Remark": "Unexpected character encountered while parsing value: G. Path '', line 0, position 0.",  "Data": null}\x0d
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:21:05.000Z",
         "app" : {
            "length" : 132
         },
         "asn" : "AS4788",
         "city" : "Cyberjaya",
         "country" : "MY",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "{  \"Status\": 0,  \"Remark\": \"Unexpected character encountered while parsing value: G. Path '', line 0, position 0.\",  \"Data\": null}\\x0d\n",
         "datamd5" : "69a0db16d8a2e99eb06b179cd1b77682",
         "datammh3" : 1702260586,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS4788",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "MY",
            "countryname" : "Malaysia",
            "domain" : [
               "tm.com.my",
               "tm.net.my"
            ],
            "isineu" : "false",
            "latitude" : "4.210484",
            "location" : "4.210484,101.975766",
            "longitude" : "101.975766",
            "netname" : "ADSL-STREAMYX",
            "organization" : "Telekom Malaysia Berhad",
            "subnet" : "60.51.128.0/17"
         },
         "ip" : "60.51.190.157",
         "ipv6" : "false",
         "latitude" : "2.9304",
         "location" : "2.9304,101.6627",
         "longitude" : "101.6627",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "TM TECHNOLOGY SERVICES SDN. BHD.",
         "os" : "FreeBSD",
         "osvendor" : "FreeBSD",
         "port" : 16992,
         "protocol" : "unknown",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "subnet" : "60.48.0.0/14",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 200.53.156.221:16992 (tcp/http) - last seen on 2024-11-07 at 03:14:28 UTC

    • IP
      200.53.156.221
      Network
      200.53.156.0/23
      Domain(s)
      kionetworks.com
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://200.53.156.221:16992/ 403

      HTTP Title
      403 - Forbidden: Access is denied.
      Reverse DNS
      ptr.kionetworks.com
      ASN
      AS22011
      Organization
      Sixsigma Networks Mexico, S.A. de C.V.
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows
      Product
      Microsoft IIS 7.5
      HTTP Component(s)
      Microsoft ASP.NET
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      a5658edc36fca2e0d987bb5ace3e76be
      HTTP Header MD5
      ea3add5781b00b71554c3ceee43114ff
      HTTP Body MD5
      02e3536d8084eddb0d537418440bb078
    • HTTP/1.1 403 Forbidden
      Content-Type: text/html
      Server: Microsoft-IIS/7.5
      X-Powered-By: ASP.NET
      Date: Thu, 07 Nov 2024 03:14:17 GMT
      Connection: close
      Content-Length: 1233
      
      <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
      <html xmlns="http://www.w3.org/1999/xhtml">
      <head>
      <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
      <title>403 - Forbidden: Access is denied.</title>
      <style type="text/css">
      <!--
      body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
      fieldset{padding:0 15px 10px 15px;} 
      h1{font-size:2.4em;margin:0;color:#FFF;}
      h2{font-size:1.7em;margin:0;color:#CC0000;} 
      h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} 
      #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
      background-color:#555555;}
      #content{margin:0 0 0 2%;position:relative;}
      .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
      -->
      </style>
      </head>
      <body>
      <div id="header"><h1>Server Error</h1></div>
      <div id="content">
       <div class="content-container"><fieldset>
        <h2>403 - Forbidden: Access is denied.</h2>
        <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
       </fieldset></div>
      </div>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:14:28.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "w3.org"
               ],
               "hostname" : [
                  "www.w3.org"
               ],
               "url" : [
                  "http://www.w3.org/1999/xhtml",
                  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
               ]
            },
            "http" : {
               "bodymd5" : "02e3536d8084eddb0d537418440bb078",
               "bodymmh3" : -985096807,
               "component" : [
                  {
                     "productvendor" : "Microsoft",
                     "product" : "ASP.NET"
                  }
               ],
               "headermd5" : "ea3add5781b00b71554c3ceee43114ff",
               "headermmh3" : -1391580171,
               "title" : "403 - Forbidden: Access is denied."
            },
            "length" : 1412
         },
         "asn" : "AS22011",
         "country" : "MX",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 403 Forbidden\r\nContent-Type: text/html\r\nServer: Microsoft-IIS/7.5\r\nX-Powered-By: ASP.NET\r\nDate: Thu, 07 Nov 2024 03:14:17 GMT\r\nConnection: close\r\nContent-Length: 1233\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\"/>\r\n<title>403 - Forbidden: Access is denied.</title>\r\n<style type=\"text/css\">\r\n<!--\r\nbody{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}\r\nfieldset{padding:0 15px 10px 15px;} \r\nh1{font-size:2.4em;margin:0;color:#FFF;}\r\nh2{font-size:1.7em;margin:0;color:#CC0000;} \r\nh3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} \r\n#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:\"trebuchet MS\", Verdana, sans-serif;color:#FFF;\r\nbackground-color:#555555;}\r\n#content{margin:0 0 0 2%;position:relative;}\r\n.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}\r\n-->\r\n</style>\r\n</head>\r\n<body>\r\n<div id=\"header\"><h1>Server Error</h1></div>\r\n<div id=\"content\">\r\n <div class=\"content-container\"><fieldset>\r\n  <h2>403 - Forbidden: Access is denied.</h2>\r\n  <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>\r\n </fieldset></div>\r\n</div>\r\n</body>\r\n</html>\r\n",
         "datamd5" : "a5658edc36fca2e0d987bb5ace3e76be",
         "datammh3" : -386621134,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "kionetworks.com"
         ],
         "geolocus" : {
            "asn" : "AS22011",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "MX",
            "countryname" : "Mexico",
            "domain" : [
               "kio.tech",
               "kionetworks.com"
            ],
            "isineu" : "false",
            "latitude" : "23.634501",
            "location" : "23.634501,-102.552784",
            "longitude" : "-102.552784",
            "netname" : "MX-SNME-LACNIC",
            "organization" : "Sixsigma Networks Mexico, S.A. de C.V.",
            "subnet" : "200.53.144.0/20"
         },
         "host" : [
            "ptr"
         ],
         "hostname" : [
            "ptr.kionetworks.com"
         ],
         "ip" : "200.53.156.221",
         "ipv6" : "false",
         "latitude" : "19.4342",
         "location" : "19.4342,-99.0559",
         "longitude" : "-99.0559",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Sixsigma Networks Mexico, S.A. de C.V.",
         "os" : "Windows",
         "osvendor" : "Microsoft",
         "osversion" : [
            "Server 2008",
            7
         ],
         "port" : 16992,
         "product" : "IIS",
         "productvendor" : "Microsoft",
         "productversion" : "7.5",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Forbidden",
         "reverse" : [
            "ptr.kionetworks.com"
         ],
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 403,
         "subnet" : "200.53.156.0/23",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "com"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 91.242.215.155:16992 (tcp/http) - last seen on 2024-11-07 at 03:14:09 UTC

    • IP
      91.242.215.155
      Network
      91.242.215.0/24
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://91.242.215.155:16992/ 407

      ASN
      AS396356
      Organization
      LATITUDE-SH
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      778cc01c214ef8c8f8a9fb0b6e167356
      HTTP Header MD5
      89ca6f53c2874945a0405d5d264770e9
      HTTP Body MD5
      89f6f645d68f5ab924dc181c664f38bc
    • HTTP/1.1 407 Proxy Authentication Required
      Proxy-Authenticate: Basic realm="Invalid proxy credentials or missing IP Authorization."
      Proxy-Connection: close
      Date: Thu, 07 Nov 2024 03:14:09 GMT
      Content-Length: 121
      Content-Type: text/plain; charset=utf-8
      Connection: close
      
      Not authenticated or invalid authentication credentials. Make sure to update your proxy address, proxy username and port.
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:14:09.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "89f6f645d68f5ab924dc181c664f38bc",
               "bodymmh3" : -1513989279,
               "headermd5" : "89ca6f53c2874945a0405d5d264770e9",
               "headermmh3" : 389691056,
               "realm" : "Invalid proxy credentials or missing IP Authorization."
            },
            "length" : 400
         },
         "asn" : "AS396356",
         "city" : "New South Wales",
         "country" : "AU",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"Invalid proxy credentials or missing IP Authorization.\"\r\nProxy-Connection: close\r\nDate: Thu, 07 Nov 2024 03:14:09 GMT\r\nContent-Length: 121\r\nContent-Type: text/plain; charset=utf-8\r\nConnection: close\r\n\r\nNot authenticated or invalid authentication credentials. Make sure to update your proxy address, proxy username and port.",
         "datamd5" : "778cc01c214ef8c8f8a9fb0b6e167356",
         "datammh3" : 9920105,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS396356",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "latitude.sh"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "ML-1213",
            "organization" : "Latitude.sh",
            "subnet" : "91.242.215.0/24"
         },
         "ip" : "91.242.215.155",
         "ipv6" : "false",
         "latitude" : "-33.0000",
         "location" : "-33.0000,146.0000",
         "longitude" : "146.0000",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "LATITUDE-SH",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 16992,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Proxy Authentication Required",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 407,
         "subnet" : "91.242.215.0/24",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }