Cyber Defense Search Engine

datascan ctl threatlist sniffer vulnscan riskscan

1
2
...
next >

IP
54.38.116.47

Network
54.36.0.0/14

Domain(s)
ip-54-38-116.eu

Device

<enterprise field>: device.class

URL

http://54.38.116.47:212/ 401

HTTP Title
401 Authorization Required

Reverse DNS
ip47.ip-54-38-116.eu

ASN
AS16276

Organization
OVH SAS

Protocol
http

Source
datascan
Product
F5 Nginx 1.14.2

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
f98bfec3260c333a27ad9e2e1c09301a

HTTP Header MD5
89cafcaaedd0bc3bcf85aef78c0ca50e

HTTP Body MD5
00bcd41dd5371c570b7b4a46f2d7ec4d

HTTP/1.1 401 Unauthorized
Server: nginx/1.14.2
Date: Thu, 7 Nov 2024 03:14:55 +0000
Content-Type: text/html
Content-Length: 188
Connection: keep-alive
WWW-Authenticate: Basic realm="Access to admin page"

<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.14.2</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:15:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "00bcd41dd5371c570b7b4a46f2d7ec4d",
         "bodymmh3" : -369667210,
         "headermd5" : "89cafcaaedd0bc3bcf85aef78c0ca50e",
         "headermmh3" : 2013627302,
         "realm" : "Access to admin page",
         "title" : "401 Authorization Required"
      },
      "length" : 394
   },
   "asn" : "AS16276",
   "country" : "CZ",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\nServer: nginx/1.14.2\nDate: Thu, 7 Nov 2024 03:14:55 +0000\nContent-Type: text/html\nContent-Length: 188\nConnection: keep-alive\nWWW-Authenticate: Basic realm=\"Access to admin page\"\n\n<html>\n<head><title>401 Authorization Required</title></head>\n<body bgcolor=\"white\">\n<center><h1>401 Authorization Required</h1></center>\n<hr><center>nginx/1.14.2</center>\n</body>\n</html>\n\n",
   "datamd5" : "f98bfec3260c333a27ad9e2e1c09301a",
   "datammh3" : -1457514271,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ip-54-38-116.eu"
   ],
   "geolocus" : {
      "asn" : "AS16276",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "FR",
      "countryname" : "France",
      "domain" : [
         "ovh.net"
      ],
      "isineu" : "true",
      "latitude" : "46.227638",
      "location" : "46.227638,2.213749",
      "longitude" : "2.213749",
      "netname" : "SD-RBX2-SDAGG2-1-2",
      "organization" : "OVH SAS",
      "subnet" : "54.38.112.0/20"
   },
   "host" : [
      "ip47"
   ],
   "hostname" : [
      "ip47.ip-54-38-116.eu"
   ],
   "ip" : "54.38.116.47",
   "ipv6" : "false",
   "latitude" : "50.0853",
   "location" : "50.0853,14.4110",
   "longitude" : "14.4110",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "OVH SAS",
   "port" : 212,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.2",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "ip47.ip-54-38-116.eu"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 401,
   "subnet" : "54.36.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "eu"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
5.15.185.171

Network
5.12.0.0/14

Domain(s)
rdsnet.ro

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://5.15.185.171:212/ 200

HTTP Title
HydroSystem

Reverse DNS
5-15-185-171.residential.rdsnet.ro

ASN
AS8708

Organization
Digi Romania S.A.

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx 1.14.2

HTTP Component(s)
Bootstrap Bootstrap jQuery jQuery 2.2.3

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
dd5e82cb14cdf6fca580f3b2dbc3616d

HTTP Header MD5
dfade0fcdefad5532e3b25d7e2e59cd7

HTTP Body MD5
1933a6f05d28fbd27cd040c43f586e54

HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Tue, 05 Nov 2024 11:24:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 3528
Connection: close

<!doctype html>
<html>
    <head>
		<title>HydroSystem</title>
	
		<!-- Jquery -->
		<script type=text/javascript src="/static/jquery/js/jquery-2.2.3.min.js"></script>	


		<!--  Bootstrap -->
		<link rel="stylesheet" media="screen" href = "/static/bootstrap/css/bootstrap.min.css">
		<link rel="stylesheet" media="screen" href = "/static/bootstrap/css/bootstrap-theme.min.css">
		<link rel="stylesheet" media="screen" href = "/static/bootstrap/css/custom.css">
		<script type=text/javascript src="/static/bootstrap/js/bootstrap.min.js"></script>
		<!--<script type=text/javascript src="/static/bootstrap/js/transition.js"></script>
		<script type=text/javascript src="/static/bootstrap/js/collapse.js"></script>
		<script type=text/javascript src="/static/bootstrap/js/dropdown.js"></script>-->

		<!-- Custom Fonts font awesome-->
		<link rel="stylesheet" type="text/css" href = "/static/bootstrap/font-awesome/css/font-awesome.min.css">


	




		<!--  Set webpage to the screen size -->
		<!-- <meta id="Viewport" name="viewport" charset="utf-8" content="width=600, user-scalable=yes"/> -->
		<meta name="viewport" content="width = device-width, initial-scale = 1.0"> 
    
    </head>
  <body>

		<script type="text/javascript">

		var $SCRIPT_ROOT = "";
		</script>  
		
		









		  

  

  
  
  
  <div class="container-fluid">

        <div class="row">
          <div class="col-lg-12">
            <div class="page-header">
              <h3 id="forms">Hydrosys4</h3>
            </div>
          </div>
        </div>

        <div class="row">
          <div class="col-lg-6">
            <div class="well bs-component">
              <form class="form-horizontal" action="/login" method=post>
                <fieldset>
                  <legend>LOG IN</legend>
                  <div class="form-group">
                    <label for="inputEmail" class="col-lg-2 control-label">Username</label>
                    <div class="col-lg-10">
                      <input type="text" class="form-control" id="inputusername" placeholder="Username" name=username>
                    </div>
                  </div>
                  
                  
                  <div class="form-group">
                    <label for="inputPassword" class="col-lg-2 control-label">Password</label>
                    <div class="col-lg-10">
                      <input type="password" class="form-control" id="inputPassword" placeholder="Password" name=password>
                      
                    </div>
                  </div>
				  


                  
                  <div class="form-group">
                    <div class="col-lg-10">
                      <!--<button type="reset" class="btn btn-default">Cancel</button> -->
                      
                      
                      <button name="button" type="submit" class="btn btn-primary" value="login">Login</button>
					                        
                      
						<button name="button" type="submit" class="btn btn-primary" value="change">Change Password</button>
                      
					  <button name="button" type="submit" class="btn btn-default" value="cancel">Cancel</button>
                      
                    </div>
                  
                  
                  
                  
                </fieldset>
              </form>
            </div>
          </div>
 
        </div>
      </div>
 <!-- end form --> 
 </div>  




	<!--</div><!-- end of container -->
	
	


	</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T11:25:05.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "1933a6f05d28fbd27cd040c43f586e54",
         "bodymmh3" : 2077324010,
         "component" : [
            {
               "productvendor" : "Bootstrap",
               "product" : "Bootstrap"
            },
            {
               "product" : "jQuery",
               "productversion" : "2.2.3",
               "productvendor" : "jQuery"
            }
         ],
         "headermd5" : "dfade0fcdefad5532e3b25d7e2e59cd7",
         "headermmh3" : -1926944695,
         "title" : "HydroSystem"
      },
      "length" : 3687
   },
   "asn" : "AS8708",
   "city" : "T\u00e2rgu Mure\u015f",
   "country" : "RO",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Tue, 05 Nov 2024 11:24:49 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 3528\r\nConnection: close\r\n\r\n<!doctype html>\n<html>\n    <head>\n\t\t<title>HydroSystem</title>\n\t\n\t\t<!-- Jquery -->\n\t\t<script type=text/javascript src=\"/static/jquery/js/jquery-2.2.3.min.js\"></script>\t\n\n\n\t\t<!--  Bootstrap -->\n\t\t<link rel=\"stylesheet\" media=\"screen\" href = \"/static/bootstrap/css/bootstrap.min.css\">\n\t\t<link rel=\"stylesheet\" media=\"screen\" href = \"/static/bootstrap/css/bootstrap-theme.min.css\">\n\t\t<link rel=\"stylesheet\" media=\"screen\" href = \"/static/bootstrap/css/custom.css\">\n\t\t<script type=text/javascript src=\"/static/bootstrap/js/bootstrap.min.js\"></script>\n\t\t<!--<script type=text/javascript src=\"/static/bootstrap/js/transition.js\"></script>\n\t\t<script type=text/javascript src=\"/static/bootstrap/js/collapse.js\"></script>\n\t\t<script type=text/javascript src=\"/static/bootstrap/js/dropdown.js\"></script>-->\n\n\t\t<!-- Custom Fonts font awesome-->\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href = \"/static/bootstrap/font-awesome/css/font-awesome.min.css\">\n\n\n\t\n\n\n\n\n\t\t<!--  Set webpage to the screen size -->\n\t\t<!-- <meta id=\"Viewport\" name=\"viewport\" charset=\"utf-8\" content=\"width=600, user-scalable=yes\"/> -->\n\t\t<meta name=\"viewport\" content=\"width = device-width, initial-scale = 1.0\"> \n    \n    </head>\n  <body>\n\n\t\t<script type=\"text/javascript\">\n\n\t\tvar $SCRIPT_ROOT = \"\";\n\t\t</script>  \n\t\t\n\t\t\n\n\n\n\n\n\n\n\n\n\t\t  \n\n  \n\n  \n  \n  \n  <div class=\"container-fluid\">\n\n        <div class=\"row\">\n          <div class=\"col-lg-12\">\n            <div class=\"page-header\">\n              <h3 id=\"forms\">Hydrosys4</h3>\n            </div>\n          </div>\n        </div>\n\n        <div class=\"row\">\n          <div class=\"col-lg-6\">\n            <div class=\"well bs-component\">\n              <form class=\"form-horizontal\" action=\"/login\" method=post>\n                <fieldset>\n                  <legend>LOG IN</legend>\n                  <div class=\"form-group\">\n                    <label for=\"inputEmail\" class=\"col-lg-2 control-label\">Username</label>\n                    <div class=\"col-lg-10\">\n                      <input type=\"text\" class=\"form-control\" id=\"inputusername\" placeholder=\"Username\" name=username>\n                    </div>\n                  </div>\n                  \n                  \n                  <div class=\"form-group\">\n                    <label for=\"inputPassword\" class=\"col-lg-2 control-label\">Password</label>\n                    <div class=\"col-lg-10\">\n                      <input type=\"password\" class=\"form-control\" id=\"inputPassword\" placeholder=\"Password\" name=password>\n                      \n                    </div>\n                  </div>\n\t\t\t\t  \n\n\n                  \n                  <div class=\"form-group\">\n                    <div class=\"col-lg-10\">\n                      <!--<button type=\"reset\" class=\"btn btn-default\">Cancel</button> -->\n                      \n                      \n                      <button name=\"button\" type=\"submit\" class=\"btn btn-primary\" value=\"login\">Login</button>\n\t\t\t\t\t                        \n                      \n\t\t\t\t\t\t<button name=\"button\" type=\"submit\" class=\"btn btn-primary\" value=\"change\">Change Password</button>\n                      \n\t\t\t\t\t  <button name=\"button\" type=\"submit\" class=\"btn btn-default\" value=\"cancel\">Cancel</button>\n                      \n                    </div>\n                  \n                  \n                  \n                  \n                </fieldset>\n              </form>\n            </div>\n          </div>\n \n        </div>\n      </div>\n <!-- end form --> \n </div>  \n\n\n\n\n\t<!--</div><!-- end of container -->\n\t\n\t\n\n\n\t</body>\n</html>\n\n",
   "datamd5" : "dd5e82cb14cdf6fca580f3b2dbc3616d",
   "datammh3" : -1815484773,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "rdsnet.ro"
   ],
   "geolocus" : {
      "asn" : "AS8708",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "RO",
      "countryname" : "Romania",
      "domain" : [
         "rcs-rds.ro",
         "rdsnet.ro"
      ],
      "isineu" : "true",
      "latitude" : "45.943161",
      "location" : "45.943161,24.96676",
      "longitude" : "24.96676",
      "netname" : "RO-RESIDENTIAL",
      "organization" : "SC Infogate Telecom SRL",
      "subnet" : "5.14.0.0/15"
   },
   "host" : [
      "5-15-185-171"
   ],
   "hostname" : [
      "5-15-185-171.residential.rdsnet.ro"
   ],
   "ip" : "5.15.185.171",
   "ipv6" : "false",
   "latitude" : "46.5428",
   "location" : "46.5428,24.5692",
   "longitude" : "24.5692",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Digi Romania S.A.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 212,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.2",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "5-15-185-171.residential.rdsnet.ro"
   ],
   "seen_date" : "2024-11-05",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "residential.rdsnet.ro"
   ],
   "subnet" : "5.12.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "ro"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
39.104.57.170

Network
39.104.0.0/14

Device

<enterprise field>: device.class

Operating System
Linux Linux sUse

URL

http://39.104.57.170:212/ 200

HTTP Title
XBR-55X700D

HTTP Keyword(s)
voip vos3000

HTTP Copyright
www.linknat.com, 昆石网络

ASN
AS37963

Organization
Hangzhou Alibaba Advertising Co.,Ltd.

Protocol
http

Source
datascan
Operating System
Linux Linux sUse

Product
F5 Nginx 1.14.2

HTTP Component(s)
Atlassian Confluence Gitlab Gitlab PHP PHP Drupal Drupal 8 Jenkins Jenkins 2.121.3 SPIP SPIP 4.1.11

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
8227d6a881453dd87e7437e611ec2d0d

HTTP Header MD5
3c8495e84a086bcd29a79f572218d47f

HTTP Body MD5
95ae2b8117eae7540ac0b2473041093e

HTTP/1.1 200 OK
Cf-Ray: 55611f709b975f5b-LAS
Composed-By: SPIP 4.1.11 @ www.spip.net
Content-Length: 105447
Content-Type: text/html;charset=utf-8
Last-Modified: Fri, 29 Jul 2022 16:53:01 GMT
Loginip: <srcip>
Nel: {'report_to': 'network-errors', 'max_age': 2592000, 'failure_fraction': 0.01, 'success_fraction': 0.0001}
Pragma: private
Proxy-Authenticate: Basic realm="Tinyproxy"
Server: nginx/1.14.2
Set-Cookie: DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure;
Set-Cookie: adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;
Set-Cookie: __s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/
Set-Cookie: token=21263a2bf; path=/;
Set-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;
Set-Cookie: PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/
Set-Cookie: acSamlv2Error=; path=/; secure;
Set-Cookie: csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains
Set-Cookie: webvpn_as=; path=/; secure;
Set-Cookie: webvpnaac=1; path=/; secure;
Set-Cookie: jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/
Set-Cookie: SUPPORTCHROMEOS=1; path=/; secure;
Set-Cookie: laravel_session=a0ffeb;
Set-Cookie: ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly
Set-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;
Set-Cookie: sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;
Set-Cookie: did=A67B8F9C;
Set-Cookie: acSamlv2Token=; path=/; secure;
X-Amz-Cf-Id: CtsEH7KQ5yf2LQM4TNLiEjUavO2mWjwAez9sPj8Ws5MUdPUz2A==
X-Cache: MISS from Hello
X-Cache-Lookup: MISS from Hello:8080
X-Check: 3112dc4d54f8e22d666785b733b0052100c53444
X-Content-Powered-By: K2 v2.8.0 (by JoomlaWor
X-Content-Type-Options: nosniff
X-Drupal-Cache: xHIT
X-Drupal-Dynamic-Cache: MISS
X-Frame-Options: SAMEORIGIN
X-Generator: Drupal 8 (https://www.drupal.org)
X-Hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Jenkins: 2.121.3
X-Jenkins-Session: f72d6619
X-Nginx-Cache-Status: MISS
X-Powered-By: BoidCMS
X-Powered-By-Plesk: PleskWin
X-Redirect-By: WordPress
X-Served-By: cache-xsp21434-XSP
X-Xss-Protection: 1; mode=block
Date: Sat, 02 Nov 2024 12:45:08 GMT
Connection: close

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta http-equiv="Pragma" content="no-cache" />
<meta charset="utf-8">
<meta content="IE=edge" http-equiv="X-UA-Compatible">
<meta content="object" property="og:type">
<meta content="GitLab" property="og:site_name">
<meta content="Help" property="og:title">
<meta content="GitLab Community Edition" property="og:description">
<meta content="summary" property="twitter:card">
<meta content="Help" property="twitter:title">
<meta content="GitLab Community Edition" property="twitter:description">
<meta content="GitLab Community Edition" name="description">
<meta content="#474D57" name="theme-color">
<meta content="#30353E" name="msapplication-TileColor">
<meta name="csrf-param" content="authenticity_token" />
<meta name="csrf-token" content="8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e0cb6ed03ba384e2fac2390b==" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta http-equiv="expires" content="-1"/>
<meta name="keywords" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/>
<meta name="author" content="www.linknat.com, 昆石网络"/>
<meta name="copyright" content="www.linknat.com, 昆石网络"/>
<meta name="generator" content="SPIP 4.1.11" />
<script src="/jquery.min.js"></script> 
<title>XBR-55X700D</title>
</head>
<body>
<div style="display: none;">
<script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"THtoAUxH4sS9","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script>
<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last="1">fritzr</User></Users></SessionInfo>
<Account>
<Entry0 Active="Yes" username="CMCCAdmin" web_passwd="CmcC4dm1n5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry1 Active="Yes" username="useradmin" web_passwd="Gu4ngx1pd5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry2 Active="Yes" username="CUAdmin"   web_passwd="CUAdmin5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<TelnetEntry Active="Yes" telnet_username="Admin" telnet_passwd="cxx4dm1n5591" telnet_port="23"/>
<FtpEntry Active="Yes" ftp_right="1" ftp_auth="1" ftp_username="Admin" ftp_passwd="cxx4dm1n5591" ftp_port="21" />
<SambaEntry Active="Yes" smb_right="1" smb_auth="1" smb_username="Admin" smb_passwd="cxx4dm1n5591" />
<ConsoleEntry Active="Yes" console_username="Admin" console_passwd="cxx4dm1n5591"/>
<CTDefParaEntry setDefValueFlag="1" />
</Account>
<div>8.5.5 (Build:20200530.307-TEMP)</div>
<span class="greyNote version"><span class="vWord">Version</span> 2023.11.3 (build 147512)</span>
<h1>Logged in as <strong>admin</strong></h1><input type="hidden" name="csrfmiddlewaretoken" value="e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y"><textarea id="3revi" name="revi" rows="4" cols="50">server1 Ubuntu 22.04 LTS</textarea>
<ca status="disabled" href="/+CSCOCA+/login.html" />
<form action="/login/vpnSdef" enctype="multipart/form-data" method="post" name="login">
    <div data-user="root" data-module="package-updates"></div>
    <code>The zip file did not contain an entry exportDescriptor.properties</code>
    <span class="form-hidden"><input name="page" value="login" type="hidden"/><input name="formulaire_action" type="hidden" value="login" /><input name="formulaire_action_args" type="hidden" value="dzdNV0MzUGFDV0NHemR6bWorekNEWHY=" /><input name="formulaire_action_sign" type="hidden" value="" /></span>
    <message>Please enter your username and password.</message>
    <input name="formid" type="hidden" value="012afed" />
    <input name="javax.faces.ViewState" type="hidden" value="012afed" />
    <input name="queryString" type="hidden" value="1406192" />
    <div class="versionInfo">The Cacti Group Version 1.2.25</div>
    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>
    <input type="hidden" name="token" value="0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec">
    <input type='hidden' name='__csrf_magic' value="key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654" />
    <input type="hidden" name="tokenid"  value="1804289383" >
    <input type="hidden" name="name"  value="1804289383" >
    <input type="hidden" name="csrfKey" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="hidden" name="csrf_token" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" name="ref" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="username_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="password_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="csrf" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="xd_check" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="give-form-id" name="give-form-id" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" id="give-form-hash" name="give-form-hash" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="text" name="username" label="Username:" value="admin" />
    <input type="password" name="password" label="Password:" value="123456" />
    <input type="hidden" name="tgroup" value="DefaultADMINGroup" />
    <input type="submit" name="Login" value="Login" />
    <input type="reset" name="Clear" value="Clear" />
</form>
<input type="hidden" value="Maintain/cloud_index.php" id="cloud_addr">
<li class="lisel" onclick="location.href='index.php'">日志系统</li>
<li class="linormal" onclick="location.href='Maintain/cloud_index.php'" style="margin-left:1px;">云平台</li>
<button type="button" data-price-id=True>sb</button>
<div class="prod_madelName">RT-AC5300</div>
<div class="p1 title_gap">Sign in with your ASUS router account</div>
<tr class="h"><th>PHP Group</th></tr>
<tr><td class="e">upload_tmp_dir</td><td class="v">/etc/httpd/_tmp</td><td class="v">/etc/httpd/_tmp</td></tr>
<tr><td class="e">$_SERVER['DOCUMENT_ROOT']</td><td class="v">/mnt/HDD2/web/</td></tr>
<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>
<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>
<div class="text" id="jive-loginVersion"> Openfire, Version: 3.6.0a</div>
<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>
<div id="mcname">LoadMaster</div>
<p><br/><span>出厂IP：192.168.1.1</span><br/><span>用户名、密码：admin admin</span></p>
<td colspan="2">Please enter your Cacti user name and password below:</td>
<meta id="confluence-context-path" name="confluence-context-path" content="">
<meta id="confluence-base-url" name="confluence-base-url" content="https://192.168.1.4">
<meta id="atlassian-token" name="atlassian-token" content="d78e2b977d28428e411e31b958c9c502c2425083">
<script id="frontend-js-extra">var hashform_vars = {"ajaxurl":"\/wp-admin\/admin-ajax.php","ajax_nounce":"d78e2b97","preview_img":""};</script>
<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>
<B>SonicWall Universal Management Suite v9.3</B>
<br>OK<br>
<script type="text/javascript">var csrfMagicToken = "sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646";var csrfMagicName = "__vtrftk";</script>
<select id="cars" name="name">
<option value="olvo">olvo</option>
</select>
<a href="/VICIdial/phone">MODIFY</a>
<input type="hidden" name="extension"  value="1804289383" >
<input type="hidden" name="pass"  value="1804289383" >
<input type="hidden" name="recording_exten"  value="1804289383" >
<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>
<input type='hidden' name='LDCSA_CSRF' value="sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985" />
<script type='text/javascript'>
	var cactiVersion='1.2.27';
	var cactiServerOS='unix';
	var cactiAction='';
	var theme='modern';
	var refreshIsLogout=true;
	var refreshPage='/logout.php?action=timeout';
	var refreshMSeconds=1440000;
	var urlPath='/';
	var previousPage='';
	var sessionMessage=[];
	var csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';
</script>

<!--
<Username Level="40/40" Dispatch="account">admin</Username><User1><Password Level="40/40" Dispatch="account">admin</Password></User1>
/var/pinglog
<TITLE>Login</TITLE>
<a href="jpg.html">LIVE JPEG</a><br>
<a href="liveie.html">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>
<a href="DVRRemoteAP.exe">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVRRemoteAP_X64.exe">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVFPlayer.zip">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>
<\?xml version="1.0" encoding="utf-8"?><base64Binary xmlns="http://micros-hosting.com/EGateway/">
Location: /admin
<meta name="generator" content="vBulletin 5.5.4" />
Location: http://<ip>:80/relogin.htm?_t=3541144909
Location: http://<ip>:80/syscmd.htm" Location: /ui/login
/cgi-bin/webctrl.cgi?action=index_page
PDR-M800
function btnPing()
<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF="http://<ip>:80/relogin.htm?_t=179439949">here</A></BODY></HTML>
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_shortcut.png">
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_logo.png">
<td class="Copyright" colspan="2" style="text-align:justify" height="20" valign="bottom">© 2017 Cisco Systems, Inc. All Rights Reserved.
<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered
trademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates
in the United States and certain other countries.
</td>
:
#
>
$
SSH key is good
is not a valid ref and may not be archived
pcPassword2
'&sessionKey=790148060;'
name="sessionKey" value="790148060"
Set-Cookie: loginName=admin
var fgt_lang = /dev/cmdb/sslvpn_websession
php 8.1.0-dev exit
springframework
Tomcat
DEVICE.ACCOUNT=admin
AUTHORIZED_GROUP=1
<uid></uid>
<name>Admin</name>
<usrid></usrid>
<password>admin</password>
<group></group>
cpto /tmp/"root"
Model=AC1450
Firmware=V1.0.0.36_10.0.17
"exceptionMessageValue":"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found."
BIG-IP release 15.0.0
user:root
12345admin123'
Failed to process image

Location: http://192.168.0.1:52869/picsdesc.xml
You don't have permission to access /vpns/ on this server.
[global]
    workgroup = intranet
    encrypt passwords = Yes
    update encrypted = Yes

funcionando
system_sofia
name resolve order
InfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo
<b>File Uploaded !!!</b><br>
ant=951d11e51392117311602d0c25435d7f
38ee63071a04dc5e04ed22624c38e648
6f3249aa304055d63828af3bfab778f6
<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>
[local]
 tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGUwY2I2ZWQwM2JhMzg0ZTJmYWMyMzkwYj09
 addr = <ip>
"Powered by vBulletin Version 5.5.4"
789551
Linear eMerge
SuperSign
ubiq
Yacht
Zeroshell
FastWeb
AuthInfo:
loadingIndicator_bk
Zyxel
skyrouter
WAP54
org.apache.spark.ui



ID: "00af", version: "7.7.31.1", AddItem: function (a, item, c) {}
<insert implant configuration content here>
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api
Copyright (c) 2015-2020 by Cisco Systems, Inc.
All rights reserved.
SSL VPN Service
wsConvertPptResponse
<input id="txtUserName" class="txt-input" type="text" name="userName" value="" />
<input id="txtPassword" class="txt-input" type="password" name="password" value="" />
<button id="btnLogin" lc="html" lk="IDCS_LOGIN_NBSP">
<span lc="html" lk="IDCS_BS_PLUGIN_DOWNLOAD" style="line-height: 30px; vertical-align: top;"></span>
<script src="../Scripts/login.htm.js?v={JS_CSS_V}" type="text/javascript"></script>
<LegacyDN>eD2bxe4</LegacyDN>
<title class="_ctxstxt_NetscalerGateway">
SAML Assertion verification failed; Please contact your administrator
v=2b46554c087d2d5516559e9b8bc1875d
/vpn/images/AccessGateway.ico
frame-busting
/vpn/js/logout_view.js?v=
_ctxstxt_NetscalerAAA
lib.min20200813.js
401 Unauthorized Basic realm=
sName='1';onTest(this);
var passadm = "admin";
OPMODE_BRIDGE
document.all.cmd_result
<input id="key" type="text" style="width: 200px" value="02108CB9-2200D5A4">
<input id="date" type="text" style="width: 200px" value="12/25/2023">
main page cgi-bin/login.cgi
var sessionKey='030ff030ff88';
loc += '&sessionKey=19dec20030ff8dcb2';
}

var code = 'location="' + loc + '"';

Password change successful
J2100N GPON ONT
/cgi-bin/webui/admin
sesskey
name=admin pass=123 priv=ppp
service=www.dlinkddns.com
sysCmdType
Content-Type: auth/request


Content-Type: command/reply

Reply-Text: +OK accepted


X-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)
007b2000-007c1000 rw-p 00000000 00:00 0
Size:                 60 kB
Rss:                  52 kB
Pss:                  52 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:        52 kB
Referenced:           52 kB
Anonymous:            52 kB
AnonHugePages:

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-02T12:45:08.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "micros-hosting.com",
            "drupal.org"
         ],
         "file" : [
            "admin-ajax.php",
            "dvfplayer.zip",
            "index.php",
            "cloud_index.php",
            "dvrremoteap_x64.exe",
            "dvrremoteap.exe"
         ],
         "hostname" : [
            "micros-hosting.com",
            "www.drupal.org"
         ],
         "ip" : [
            "7.7.31.1",
            "192.168.0.1",
            "192.168.1.10",
            "192.168.1.1",
            "1.0.0.36",
            "192.168.1.4"
         ],
         "url" : [
            "http://192.168.0.1:52869/picsdesc.xml",
            "http://micros-hosting.com/EGateway/",
            "https://192.168.1.4",
            "https://www.drupal.org"
         ]
      },
      "http" : {
         "bodymd5" : "95ae2b8117eae7540ac0b2473041093e",
         "bodymmh3" : -190406205,
         "component" : [
            {
               "productvendor" : "SPIP",
               "productversion" : "4.1.11",
               "product" : "SPIP"
            },
            {
               "product" : "PHP",
               "productvendor" : "PHP"
            },
            {
               "productvendor" : "Jenkins",
               "productversion" : "2.121.3",
               "product" : "Jenkins"
            },
            {
               "product" : "Gitlab",
               "productvendor" : "Gitlab"
            },
            {
               "productversion" : "8",
               "productvendor" : "Drupal",
               "product" : "Drupal"
            },
            {
               "productvendor" : "Atlassian",
               "product" : "Confluence"
            }
         ],
         "copyright" : "www.linknat.com, \u6606\u77f3\u7f51\u7edc",
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Fri, 29 Jul 2022 16:53:01 GMT"
            }
         ],
         "headermd5" : "3c8495e84a086bcd29a79f572218d47f",
         "headermmh3" : -891589002,
         "keywords" : [
            "voip",
            "vos3000"
         ],
         "realm" : "Tinyproxy",
         "title" : "XBR-55X700D"
      },
      "length" : 16298
   },
   "asn" : "AS37963",
   "city" : "Beijing",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nCf-Ray: 55611f709b975f5b-LAS\r\nComposed-By: SPIP 4.1.11 @ www.spip.net\r\nContent-Length: 105447\r\nContent-Type: text/html;charset=utf-8\r\nLast-Modified: Fri, 29 Jul 2022 16:53:01 GMT\r\nLoginip: <srcip>\r\nNel: {'report_to': 'network-errors', 'max_age': 2592000, 'failure_fraction': 0.01, 'success_fraction': 0.0001}\r\nPragma: private\r\nProxy-Authenticate: Basic realm=\"Tinyproxy\"\r\nServer: nginx/1.14.2\r\nSet-Cookie: DSIVS=; path=/; expires=Thu, 01 Jan 1970 22:00:00 GMT; secure;\r\nSet-Cookie: adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;\r\nSet-Cookie: __s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/\r\nSet-Cookie: token=21263a2bf; path=/;\r\nSet-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;\r\nSet-Cookie: PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/\r\nSet-Cookie: acSamlv2Error=; path=/; secure;\r\nSet-Cookie: csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains\r\nSet-Cookie: webvpn_as=; path=/; secure;\r\nSet-Cookie: webvpnaac=1; path=/; secure;\r\nSet-Cookie: jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/\r\nSet-Cookie: SUPPORTCHROMEOS=1; path=/; secure;\r\nSet-Cookie: laravel_session=a0ffeb;\r\nSet-Cookie: ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly\r\nSet-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;\r\nSet-Cookie: sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;\r\nSet-Cookie: did=A67B8F9C;\r\nSet-Cookie: acSamlv2Token=; path=/; secure;\r\nX-Amz-Cf-Id: CtsEH7KQ5yf2LQM4TNLiEjUavO2mWjwAez9sPj8Ws5MUdPUz2A==\r\nX-Cache: MISS from Hello\r\nX-Cache-Lookup: MISS from Hello:8080\r\nX-Check: 3112dc4d54f8e22d666785b733b0052100c53444\r\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWor\r\nX-Content-Type-Options: nosniff\r\nX-Drupal-Cache: xHIT\r\nX-Drupal-Dynamic-Cache: MISS\r\nX-Frame-Options: SAMEORIGIN\r\nX-Generator: Drupal 8 (https://www.drupal.org)\r\nX-Hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.\r\nX-Jenkins: 2.121.3\r\nX-Jenkins-Session: f72d6619\r\nX-Nginx-Cache-Status: MISS\r\nX-Powered-By: BoidCMS\r\nX-Powered-By-Plesk: PleskWin\r\nX-Redirect-By: WordPress\r\nX-Served-By: cache-xsp21434-XSP\r\nX-Xss-Protection: 1; mode=block\r\nDate: Sat, 02 Nov 2024 12:45:08 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta charset=\"utf-8\">\n<meta content=\"IE=edge\" http-equiv=\"X-UA-Compatible\">\n<meta content=\"object\" property=\"og:type\">\n<meta content=\"GitLab\" property=\"og:site_name\">\n<meta content=\"Help\" property=\"og:title\">\n<meta content=\"GitLab Community Edition\" property=\"og:description\">\n<meta content=\"summary\" property=\"twitter:card\">\n<meta content=\"Help\" property=\"twitter:title\">\n<meta content=\"GitLab Community Edition\" property=\"twitter:description\">\n<meta content=\"GitLab Community Edition\" name=\"description\">\n<meta content=\"#474D57\" name=\"theme-color\">\n<meta content=\"#30353E\" name=\"msapplication-TileColor\">\n<meta name=\"csrf-param\" content=\"authenticity_token\" />\n<meta name=\"csrf-token\" content=\"8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e0cb6ed03ba384e2fac2390b==\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n<meta http-equiv=\"expires\" content=\"-1\"/>\n<meta name=\"keywords\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"author\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"copyright\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"generator\" content=\"SPIP 4.1.11\" />\n<script src=\"/jquery.min.js\"></script> \n<title>XBR-55X700D</title>\n</head>\n<body>\n<div style=\"display: none;\">\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"THtoAUxH4sS9\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last=\"1\">fritzr</User></Users></SessionInfo>\n<Account>\n<Entry0 Active=\"Yes\" username=\"CMCCAdmin\" web_passwd=\"CmcC4dm1n5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry1 Active=\"Yes\" username=\"useradmin\" web_passwd=\"Gu4ngx1pd5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry2 Active=\"Yes\" username=\"CUAdmin\"   web_passwd=\"CUAdmin5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<TelnetEntry Active=\"Yes\" telnet_username=\"Admin\" telnet_passwd=\"cxx4dm1n5591\" telnet_port=\"23\"/>\n<FtpEntry Active=\"Yes\" ftp_right=\"1\" ftp_auth=\"1\" ftp_username=\"Admin\" ftp_passwd=\"cxx4dm1n5591\" ftp_port=\"21\" />\n<SambaEntry Active=\"Yes\" smb_right=\"1\" smb_auth=\"1\" smb_username=\"Admin\" smb_passwd=\"cxx4dm1n5591\" />\n<ConsoleEntry Active=\"Yes\" console_username=\"Admin\" console_passwd=\"cxx4dm1n5591\"/>\n<CTDefParaEntry setDefValueFlag=\"1\" />\n</Account>\n<div>8.5.5 (Build:20200530.307-TEMP)</div>\n<span class=\"greyNote version\"><span class=\"vWord\">Version</span> 2023.11.3 (build 147512)</span>\n<h1>Logged in as <strong>admin</strong></h1><input type=\"hidden\" name=\"csrfmiddlewaretoken\" value=\"e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y\"><textarea id=\"3revi\" name=\"revi\" rows=\"4\" cols=\"50\">server1 Ubuntu 22.04 LTS</textarea>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n<form action=\"/login/vpnSdef\" enctype=\"multipart/form-data\" method=\"post\" name=\"login\">\n    <div data-user=\"root\" data-module=\"package-updates\"></div>\n    <code>The zip file did not contain an entry exportDescriptor.properties</code>\n    <span class=\"form-hidden\"><input name=\"page\" value=\"login\" type=\"hidden\"/><input name=\"formulaire_action\" type=\"hidden\" value=\"login\" /><input name=\"formulaire_action_args\" type=\"hidden\" value=\"dzdNV0MzUGFDV0NHemR6bWorekNEWHY=\" /><input name=\"formulaire_action_sign\" type=\"hidden\" value=\"\" /></span>\n    <message>Please enter your username and password.</message>\n    <input name=\"formid\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"javax.faces.ViewState\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"queryString\" type=\"hidden\" value=\"1406192\" />\n    <div class=\"versionInfo\">The Cacti Group Version 1.2.25</div>\n    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>\n    <input type=\"hidden\" name=\"token\" value=\"0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec\">\n    <input type='hidden' name='__csrf_magic' value=\"key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654\" />\n    <input type=\"hidden\" name=\"tokenid\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"name\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"csrfKey\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"hidden\" name=\"csrf_token\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" name=\"ref\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"username_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"password_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"csrf\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"xd_check\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"give-form-id\" name=\"give-form-id\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" id=\"give-form-hash\" name=\"give-form-hash\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"text\" name=\"username\" label=\"Username:\" value=\"admin\" />\n    <input type=\"password\" name=\"password\" label=\"Password:\" value=\"123456\" />\n    <input type=\"hidden\" name=\"tgroup\" value=\"DefaultADMINGroup\" />\n    <input type=\"submit\" name=\"Login\" value=\"Login\" />\n    <input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n</form>\n<input type=\"hidden\" value=\"Maintain/cloud_index.php\" id=\"cloud_addr\">\n<li class=\"lisel\" onclick=\"location.href='index.php'\">\u65e5\u5fd7\u7cfb\u7edf</li>\n<li class=\"linormal\" onclick=\"location.href='Maintain/cloud_index.php'\" style=\"margin-left:1px;\">\u4e91\u5e73\u53f0</li>\n<button type=\"button\" data-price-id=True>sb</button>\n<div class=\"prod_madelName\">RT-AC5300</div>\n<div class=\"p1 title_gap\">Sign in with your ASUS router account</div>\n<tr class=\"h\"><th>PHP Group</th></tr>\n<tr><td class=\"e\">upload_tmp_dir</td><td class=\"v\">/etc/httpd/_tmp</td><td class=\"v\">/etc/httpd/_tmp</td></tr>\n<tr><td class=\"e\">$_SERVER['DOCUMENT_ROOT']</td><td class=\"v\">/mnt/HDD2/web/</td></tr>\n<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>\n<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>\n<div class=\"text\" id=\"jive-loginVersion\"> Openfire, Version: 3.6.0a</div>\n<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>\n<div id=\"mcname\">LoadMaster</div>\n<p><br/><span>\u51fa\u5382IP\uff1a192.168.1.1</span><br/><span>\u7528\u6237\u540d\u3001\u5bc6\u7801\uff1aadmin admin</span></p>\n<td colspan=\"2\">Please enter your Cacti user name and password below:</td>\n<meta id=\"confluence-context-path\" name=\"confluence-context-path\" content=\"\">\n<meta id=\"confluence-base-url\" name=\"confluence-base-url\" content=\"https://192.168.1.4\">\n<meta id=\"atlassian-token\" name=\"atlassian-token\" content=\"d78e2b977d28428e411e31b958c9c502c2425083\">\n<script id=\"frontend-js-extra\">var hashform_vars = {\"ajaxurl\":\"\\/wp-admin\\/admin-ajax.php\",\"ajax_nounce\":\"d78e2b97\",\"preview_img\":\"\"};</script>\n<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>\n<B>SonicWall Universal Management Suite v9.3</B>\n<br>OK<br>\n<script type=\"text/javascript\">var csrfMagicToken = \"sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646\";var csrfMagicName = \"__vtrftk\";</script>\n<select id=\"cars\" name=\"name\">\n<option value=\"olvo\">olvo</option>\n</select>\n<a href=\"/VICIdial/phone\">MODIFY</a>\n<input type=\"hidden\" name=\"extension\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"pass\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"recording_exten\"  value=\"1804289383\" >\n<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>\n<input type='hidden' name='LDCSA_CSRF' value=\"sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985\" />\n<script type='text/javascript'>\n\tvar cactiVersion='1.2.27';\n\tvar cactiServerOS='unix';\n\tvar cactiAction='';\n\tvar theme='modern';\n\tvar refreshIsLogout=true;\n\tvar refreshPage='/logout.php?action=timeout';\n\tvar refreshMSeconds=1440000;\n\tvar urlPath='/';\n\tvar previousPage='';\n\tvar sessionMessage=[];\n\tvar csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';\n</script>\n\n<!--\n<Username Level=\"40/40\" Dispatch=\"account\">admin</Username><User1><Password Level=\"40/40\" Dispatch=\"account\">admin</Password></User1>\n/var/pinglog\n<TITLE>Login</TITLE>\n<a href=\"jpg.html\">LIVE JPEG</a><br>\n<a href=\"liveie.html\">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>\n<a href=\"DVRRemoteAP.exe\">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVRRemoteAP_X64.exe\">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVFPlayer.zip\">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>\n<\\?xml version=\"1.0\" encoding=\"utf-8\"?><base64Binary xmlns=\"http://micros-hosting.com/EGateway/\">\nLocation: /admin\n<meta name=\"generator\" content=\"vBulletin 5.5.4\" />\nLocation: http://<ip>:80/relogin.htm?_t=3541144909\nLocation: http://<ip>:80/syscmd.htm\" Location: /ui/login\n/cgi-bin/webctrl.cgi?action=index_page\nPDR-M800\nfunction btnPing()\n<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF=\"http://<ip>:80/relogin.htm?_t=179439949\">here</A></BODY></HTML>\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_shortcut.png\">\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_logo.png\">\n<td class=\"Copyright\" colspan=\"2\" style=\"text-align:justify\" height=\"20\" valign=\"bottom\">\u00a9 2017 Cisco Systems, Inc. All Rights Reserved.\n<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered\ntrademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates\nin the United States and certain other countries.\n</td>\n:\n#\n>\n$\nSSH key is good\nis not a valid ref and may not be archived\npcPassword2\n'&sessionKey=790148060;'\nname=\"sessionKey\" value=\"790148060\"\nSet-Cookie: loginName=admin\nvar fgt_lang = /dev/cmdb/sslvpn_websession\nphp 8.1.0-dev exit\nspringframework\nTomcat\nDEVICE.ACCOUNT=admin\nAUTHORIZED_GROUP=1\n<uid></uid>\n<name>Admin</name>\n<usrid></usrid>\n<password>admin</password>\n<group></group>\ncpto /tmp/\"root\"\nModel=AC1450\r\nFirmware=V1.0.0.36_10.0.17\r\n\"exceptionMessageValue\":\"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found.\"\nBIG-IP release 15.0.0\nuser:root\n12345admin123'\nFailed to process image\n\nLocation: http://192.168.0.1:52869/picsdesc.xml\nYou don't have permission to access /vpns/ on this server.\n[global]\n    workgroup = intranet\n    encrypt passwords = Yes\n    update encrypted = Yes\n\nfuncionando\nsystem_sofia\nname resolve order\nInfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo\n<b>File Uploaded !!!</b><br>\nant=951d11e51392117311602d0c25435d7f\n38ee63071a04dc5e04ed22624c38e648\n6f3249aa304055d63828af3bfab778f6\n<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>\n[local]\n tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGUwY2I2ZWQwM2JhMzg0ZTJmYWMyMzkwYj09\n addr = <ip>\n\"Powered by vBulletin Version 5.5.4\"\n789551\nLinear eMerge\nSuperSign\nubiq\nYacht\nZeroshell\nFastWeb\nAuthInfo:\nloadingIndicator_bk\nZyxel\nskyrouter\nWAP54\norg.apache.spark.ui\n\n\n\nID: \"00af\", version: \"7.7.31.1\", AddItem: function (a, item, c) {}\n<insert implant configuration content here>\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api\nCopyright (c) 2015-2020 by Cisco Systems, Inc.\nAll rights reserved.\nSSL VPN Service\nwsConvertPptResponse\n<input id=\"txtUserName\" class=\"txt-input\" type=\"text\" name=\"userName\" value=\"\" />\n<input id=\"txtPassword\" class=\"txt-input\" type=\"password\" name=\"password\" value=\"\" />\n<button id=\"btnLogin\" lc=\"html\" lk=\"IDCS_LOGIN_NBSP\">\n<span lc=\"html\" lk=\"IDCS_BS_PLUGIN_DOWNLOAD\" style=\"line-height: 30px; vertical-align: top;\"></span>\n<script src=\"../Scripts/login.htm.js?v={JS_CSS_V}\" type=\"text/javascript\"></script>\n<LegacyDN>eD2bxe4</LegacyDN>\n<title class=\"_ctxstxt_NetscalerGateway\">\nSAML Assertion verification failed; Please contact your administrator\nv=2b46554c087d2d5516559e9b8bc1875d\n/vpn/images/AccessGateway.ico\nframe-busting\n/vpn/js/logout_view.js?v=\n_ctxstxt_NetscalerAAA\nlib.min20200813.js\n401 Unauthorized Basic realm=\nsName='1';onTest(this);\nvar passadm = \"admin\";\nOPMODE_BRIDGE\ndocument.all.cmd_result\n<input id=\"key\" type=\"text\" style=\"width: 200px\" value=\"02108CB9-2200D5A4\">\n<input id=\"date\" type=\"text\" style=\"width: 200px\" value=\"12/25/2023\">\nmain page cgi-bin/login.cgi\nvar sessionKey='030ff030ff88';\nloc += '&sessionKey=19dec20030ff8dcb2';\n}\n\nvar code = 'location=\"' + loc + '\"';\n\nPassword change successful\nJ2100N GPON ONT\n/cgi-bin/webui/admin\nsesskey\nname=admin pass=123 priv=ppp\nservice=www.dlinkddns.com\nsysCmdType\nContent-Type: auth/request\n\n\nContent-Type: command/reply\n\nReply-Text: +OK accepted\n\n\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)\n007b2000-007c1000 rw-p 00000000 00:00 0\nSize:                 60 kB\nRss:                  52 kB\nPss:                  52 kB\nShared_Clean:          0 kB\nShared_Dirty:          0 kB\nPrivate_Clean:         0 kB\nPrivate_Dirty:        52 kB\nReferenced:           52 kB\nAnonymous:            52 kB\nAnonHugePages: ",
   "datamd5" : "8227d6a881453dd87e7437e611ec2d0d",
   "datammh3" : 1005906705,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS37963",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "alibaba-inc.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "ALISOFT",
      "organization" : "Hangzhou Alibaba Advertising Co.,Ltd.",
      "subnet" : "39.104.0.0/14"
   },
   "ip" : "39.104.57.170",
   "ipv6" : "false",
   "latitude" : "39.9110",
   "location" : "39.9110,116.3950",
   "longitude" : "116.3950",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Hangzhou Alibaba Advertising Co.,Ltd.",
   "os" : "Linux",
   "osdistribution" : "sUse",
   "osvendor" : "Linux",
   "port" : 212,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.2",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-02",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "39.104.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
139.99.117.0

Network
139.99.0.0/16

Domain(s)
ip-139-99-117.net

Device

<enterprise field>: device.class

URL

http://139.99.117.0:212/ 401

HTTP Title
401 Authorization Required

Reverse DNS
ip0.ip-139-99-117.net

ASN
AS16276

Organization
OVH SAS

Protocol
http

Source
datascan
Product
F5 Nginx 1.14.2

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
f98bfec3260c333a27ad9e2e1c09301a

HTTP Header MD5
89cafcaaedd0bc3bcf85aef78c0ca50e

HTTP Body MD5
00bcd41dd5371c570b7b4a46f2d7ec4d

HTTP/1.1 401 Unauthorized
Server: nginx/1.14.2
Date: Fri, 18 Oct 2024 14:35:05 +0000
Content-Type: text/html
Content-Length: 188
Connection: keep-alive
WWW-Authenticate: Basic realm="Access to admin page"

<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.14.2</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-18T14:35:15.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "00bcd41dd5371c570b7b4a46f2d7ec4d",
         "bodymmh3" : -369667210,
         "headermd5" : "89cafcaaedd0bc3bcf85aef78c0ca50e",
         "headermmh3" : -1137297508,
         "realm" : "Access to admin page",
         "title" : "401 Authorization Required"
      },
      "length" : 395
   },
   "asn" : "AS16276",
   "city" : "Singapore",
   "country" : "SG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\nServer: nginx/1.14.2\nDate: Fri, 18 Oct 2024 14:35:05 +0000\nContent-Type: text/html\nContent-Length: 188\nConnection: keep-alive\nWWW-Authenticate: Basic realm=\"Access to admin page\"\n\n<html>\n<head><title>401 Authorization Required</title></head>\n<body bgcolor=\"white\">\n<center><h1>401 Authorization Required</h1></center>\n<hr><center>nginx/1.14.2</center>\n</body>\n</html>\n\n",
   "datamd5" : "f98bfec3260c333a27ad9e2e1c09301a",
   "datammh3" : -1457514271,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ip-139-99-117.net"
   ],
   "geolocus" : {
      "asn" : "AS16276",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "SG",
      "countryname" : "Singapore",
      "domain" : [
         "marketsfunnel.net",
         "ovh.ca",
         "ovh.net"
      ],
      "isineu" : "false",
      "latitude" : "1.352083",
      "location" : "1.352083,103.819836",
      "longitude" : "103.819836",
      "netname" : "OVH-CUST-340724841",
      "organization" : "OVH Singapore PTE. LTD",
      "subnet" : "139.99.64.0/18"
   },
   "host" : [
      "ip0"
   ],
   "hostname" : [
      "ip0.ip-139-99-117.net"
   ],
   "ip" : "139.99.117.0",
   "ipv6" : "false",
   "latitude" : "1.2868",
   "location" : "1.2868,103.8503",
   "longitude" : "103.8503",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "OVH SAS",
   "port" : 212,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.2",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "ip0.ip-139-99-117.net"
   ],
   "seen_date" : "2024-10-18",
   "source" : "datascan",
   "status" : 401,
   "subnet" : "139.99.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
84.236.145.76

Network
84.236.144.0/20

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://84.236.145.76:212/ 200

HTTP Title
Njg4YWYzMWViZTE

ASN
AS29119

Organization
Aire Networks Del Mediterraneo Sl Unipersonal

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx 1.14.2

HTTP Component(s)
jQuery jQuery 1.9.1 PHP PHP

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ebf35613e2bc186ac4283021467171c3

HTTP Header MD5
f065362cb3feac1e1ca3a7095070d61b

HTTP Body MD5
7c5b65951d750d0cd233618185ddc748

HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Fri, 18 Oct 2024 01:08:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: PHPSESSID=vutr8o18nnsellttkp1sad6995; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

1e66
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="es" lang="es">
<head>

<title>Njg4YWYzMWViZTE</title>

<meta http-equiv="content-type" content="text/html; charset=utf-8" />

  <!-- Load jQuery and jQuery UI -->
  <script src="libs/jquery/js/jquery-1.9.1.js"></script>
  <script src="libs/jquery/js/jquery-ui-1.10.3.custom.min.js"></script>


    <!-- Load the jQuery UI CSS -->
  <link rel="stylesheet" href="libs/jquery/css/ui-lightness/jquery-ui-1.10.3.custom.css" />
  
<!-- X lib -->
<script type='text/javascript' src='libs/x/x_core.js'></script>
<script type='text/javascript' src='libs/x/x_event.js'></script>
<script type='text/javascript' src='libs/x/x_dom.js'></script>
<script type='text/javascript' src='libs/x/lib/xtooltipgroup.js'></script>
<script type='text/javascript' src="libs/x/x_win.js"></script>
<script type='text/javascript' src="libs/x/x_anim.js"></script>
<script type='text/javascript' src='libs/x/x_slide.js'></script>
<script type='text/javascript' src='libs/x/lib/xpopup.js'></script>
<script type='text/javascript' src='libs/x/lib/xtimer.js'></script>
<script type='text/javascript' src='libs/x/x_misc.js'></script>
<script type='text/javascript' src='libs/x/x_slide.js'></script>
<script type='text/javascript' src='libs/x/lib/xenabledrag.js'></script>
<script type='text/javascript' src='libs/x/lib/xdisabledrag.js'></script>
<script type='text/javascript' src='libs/x/lib/xenabledrop.js'></script>
<script type='text/javascript' src='libs/x/lib/xdisabledrop.js'></script>

<!-- Help: tooltips, messages, etc. -->
<script type='text/javascript' src='scripts/help.js'></script>

<script type='text/javascript' src='libs/windows_js_1.2.1/javascripts/debug.js'></script>
<script type='text/javascript' src='libs/windows_js_1.2.1/javascripts/extended_debug.js'></script>
<script type='text/javascript' src='libs/windows_js_1.2.1/javascripts/prototype.js'></script>
<script type='text/javascript' src='libs/windows_js_1.2.1/javascripts/effects.js'></script>
<script type='text/javascript' src='libs/windows_js_1.2.1/javascripts/tooltip.js'></script>
<script type='text/javascript' src='libs/windows_js_1.2.1/javascripts/window_effects.js'></script>
<script type='text/javascript' src='libs/windows_js_1.2.1/javascripts/window_ext.js'></script>
<script type='text/javascript' src='libs/windows_js_1.2.1/javascripts/window.js'></script>

<link href="libs/windows_js_1.2.1/themes/default.css" rel="stylesheet" type="text/css"/>
<link href="libs/windows_js_1.2.1/themes/alphacube.css" rel="stylesheet" type="text/css"/>

<link href="libs/windows_js_1.2.1/themes/alert.css" rel="stylesheet" type="text/css"/>
<link href="libs/windows_js_1.2.1/themes/alert_lite.css" rel="stylesheet" type="text/css"/>
<link href="libs/windows_js_1.2.1/themes/debug.css" rel="stylesheet" type="text/css"/>


<link href="libs/windows_js_1.2.1/themes/mac_os_x_dialog.css" rel="stylesheet" type="text/css"/>

<!-- Alarms: avisos de nuevas alarmas (popup interno y externo) -->
<script type='text/javascript' src='scripts/alarm.js'></script>
<script type='text/javascript' src='scripts/periodicTasks.js'></script>
<script type='text/javascript' src='scripts/mobileContent.js'></script>
<script type='text/javascript' src='scripts/videoPreview.js'></script>
<script type='text/javascript' src='scripts/notificationPreview.js'></script>

<link rel="stylesheet" href="css/vifence.css" type="text/css" media="screen" />

<script type='text/javascript' src='libs/cjLib/utils.js'></script>


<script type="text/javascript">
<!--
	/*********** PeriodicTask **********/
	/** Indicates the loaded section */
	var g_section = '';
	
	/**  Variable generic usage*/
	var g_args = '';
	
	function periodicTasksCall() {
		xajax_execute_DataObjectProc("auth", "periodicTasks", [g_section, g_args]);
	}
	/***************************************/

	/********* Strings *********************/
	

	//date.js
	 
	//calendarDateInput.js
		
	
	/***************************************/
	


				var g_debug_mode = false;
		


	function load() {
		try {
    
                    // help.js
                    show_message_submit_button = "Accept";

                        
                    if (g_debug_mode) {
                            //debug XAJAX
                            if (xajax) {
                                    xajax.loadingFunction = function() {
                                            _debug("loadingFunction");
                                    };
                                    xajax.doneLoadingFunction = function() {
                                            _debug("doneLoadingFunction");
                                    };
                            }
                    }

                    //cada tpl puede tener un manejador
                    if (typeof(onLoadTpl) != "undefined") {
                            onLoadTpl();
                    }
                    //showAlarmIPopUp(0);
		}
		catch(e) {
			console.log("load() EE Exception: " + e.message);
		}
	}

	function unload() {
		try {
			stopPeriodicTasks();
	
			//cada tpl puede tener un manejador
			if (typeof(onUnloadTpl) != "undefined") {
				onUnloadTpl();
			}
		}
		catch(e) {
			console.log("unload() EE Exception: " + e.message);
		}
	}

	function onResize() {
		try {
			//cada tpl puede tener un manejador
			if (typeof(onResizeTpl) != "undefined") {
				onResizeTpl();
			}
		}
		catch(e) {
			console.log("onResize() EE Exception: " + e.message);
		}
	}

	var g_focused = true;

	function onFocus() {
		g_focused = true;
		if (g_debug_mode)
			_debug('Window focus gained');
	}

	function onBlur() {
		g_focused = false;
		if (g_debug_mode)
			_debug('Window focus lost');
	}

	xAddEventListener(window,"focus",onFocus,false);
	xAddEventListener(window,"blur",onBlur,false);

-->
</script>



<style type="text/css">
	@import "libs/dojo/dijit/themes/tundra/tundra.css";
	@import "libs/dojo/dojo/resources/dojo.css";
</style>


</head>

<body onload="load()" onunload="unload()" onresize="onResize()">
<div id="container">
<div id="wrap">


<script type="text/javascript">
<!--

function onLoadTpl() {
	if (document.all) {
		document.getElementById('imgLinks').style.display = "";
	}
}

function myvalidate_login(frm) {
var errors = new Array();

	if(frm.username.value == ''){
	
		errors.push("A user name is mandatory.");
	
	}
	if(frm.password.value == ''){
	
		errors.push("Password is a required field.");
	
	}
	if(errors.length>0){
	
		var msg="The following error(s) occurred:\\n";
	
		var msg2="";
		for(var i=0;i<errors.length; i++){
			msg+=errors[i] + "\n";
			msg2 += errors[i] + "<br>";
		}
		//alert(msg);
		$('message01').innerHTML = msg2;
		return (false);
	}else return(true);
}

-->
</script>



<div class="center">
<div class="login-formatted-div">

	<form action="index.php" method="post"
		onsubmit="return(myvalidate_login(this))">
                <img src="img/logo-big.png" style="width: 350px">
		<table style="width: 100%">
			<tr>
				<td style="text-align: right">Username&nbsp;</td>
				<td><input type="text" class="formatted-input" value="" name="username" maxlength='20' style="border:1px solid #c0c0c0"/></td>
			</tr>
			<tr>
				<td style="text-align: right">Password&nbsp;</td>
				<td><input type="password" class="formatted-input" value="" name="password" maxlength='20' style="border:1px solid #c0c0c0"/></td>
			</tr>
			<tr>
				<td>&nbsp;</td>
				<td>&nbsp;</td>
			</tr>
			<tr>
				<td colspan="2"><input class="btn btn-primary" style="width: 150px" type="submit" name="save" value="Log in" /></td>
			</tr>
		</table>
	</form>
    <p id="message01"></p>
</div>
</div>
0

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-18T01:08:42.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "file" : [
            "index.php"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "7c5b65951d750d0cd233618185ddc748",
         "bodymmh3" : -1677930712,
         "component" : [
            {
               "product" : "jQuery",
               "productvendor" : "jQuery",
               "productversion" : "1.9.1"
            },
            {
               "product" : "PHP",
               "productvendor" : "PHP"
            }
         ],
         "headermd5" : "f065362cb3feac1e1ca3a7095070d61b",
         "headermmh3" : -1860215312,
         "title" : "Njg4YWYzMWViZTE"
      },
      "length" : 8155
   },
   "asn" : "AS29119",
   "city" : "Daimiel",
   "country" : "ES",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx/1.14.2\r\nDate: Fri, 18 Oct 2024 01:08:42 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: close\r\nSet-Cookie: PHPSESSID=vutr8o18nnsellttkp1sad6995; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\n\r\n1e66\r\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\"\n        \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"es\" lang=\"es\">\n<head>\n\n<title>Njg4YWYzMWViZTE</title>\n\n<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\" />\n\n  <!-- Load jQuery and jQuery UI -->\n  <script src=\"libs/jquery/js/jquery-1.9.1.js\"></script>\n  <script src=\"libs/jquery/js/jquery-ui-1.10.3.custom.min.js\"></script>\n\n\n    <!-- Load the jQuery UI CSS -->\n  <link rel=\"stylesheet\" href=\"libs/jquery/css/ui-lightness/jquery-ui-1.10.3.custom.css\" />\n  \n<!-- X lib -->\n<script type='text/javascript' src='libs/x/x_core.js'></script>\n<script type='text/javascript' src='libs/x/x_event.js'></script>\n<script type='text/javascript' src='libs/x/x_dom.js'></script>\n<script type='text/javascript' src='libs/x/lib/xtooltipgroup.js'></script>\n<script type='text/javascript' src=\"libs/x/x_win.js\"></script>\n<script type='text/javascript' src=\"libs/x/x_anim.js\"></script>\n<script type='text/javascript' src='libs/x/x_slide.js'></script>\n<script type='text/javascript' src='libs/x/lib/xpopup.js'></script>\n<script type='text/javascript' src='libs/x/lib/xtimer.js'></script>\n<script type='text/javascript' src='libs/x/x_misc.js'></script>\n<script type='text/javascript' src='libs/x/x_slide.js'></script>\n<script type='text/javascript' src='libs/x/lib/xenabledrag.js'></script>\n<script type='text/javascript' src='libs/x/lib/xdisabledrag.js'></script>\n<script type='text/javascript' src='libs/x/lib/xenabledrop.js'></script>\n<script type='text/javascript' src='libs/x/lib/xdisabledrop.js'></script>\n\n<!-- Help: tooltips, messages, etc. -->\n<script type='text/javascript' src='scripts/help.js'></script>\n\n<script type='text/javascript' src='libs/windows_js_1.2.1/javascripts/debug.js'></script>\n<script type='text/javascript' src='libs/windows_js_1.2.1/javascripts/extended_debug.js'></script>\n<script type='text/javascript' src='libs/windows_js_1.2.1/javascripts/prototype.js'></script>\n<script type='text/javascript' src='libs/windows_js_1.2.1/javascripts/effects.js'></script>\n<script type='text/javascript' src='libs/windows_js_1.2.1/javascripts/tooltip.js'></script>\n<script type='text/javascript' src='libs/windows_js_1.2.1/javascripts/window_effects.js'></script>\n<script type='text/javascript' src='libs/windows_js_1.2.1/javascripts/window_ext.js'></script>\n<script type='text/javascript' src='libs/windows_js_1.2.1/javascripts/window.js'></script>\n\n<link href=\"libs/windows_js_1.2.1/themes/default.css\" rel=\"stylesheet\" type=\"text/css\"/>\n<link href=\"libs/windows_js_1.2.1/themes/alphacube.css\" rel=\"stylesheet\" type=\"text/css\"/>\n\n<link href=\"libs/windows_js_1.2.1/themes/alert.css\" rel=\"stylesheet\" type=\"text/css\"/>\n<link href=\"libs/windows_js_1.2.1/themes/alert_lite.css\" rel=\"stylesheet\" type=\"text/css\"/>\n<link href=\"libs/windows_js_1.2.1/themes/debug.css\" rel=\"stylesheet\" type=\"text/css\"/>\n\n\n<link href=\"libs/windows_js_1.2.1/themes/mac_os_x_dialog.css\" rel=\"stylesheet\" type=\"text/css\"/>\n\n<!-- Alarms: avisos de nuevas alarmas (popup interno y externo) -->\n<script type='text/javascript' src='scripts/alarm.js'></script>\n<script type='text/javascript' src='scripts/periodicTasks.js'></script>\n<script type='text/javascript' src='scripts/mobileContent.js'></script>\n<script type='text/javascript' src='scripts/videoPreview.js'></script>\n<script type='text/javascript' src='scripts/notificationPreview.js'></script>\n\n<link rel=\"stylesheet\" href=\"css/vifence.css\" type=\"text/css\" media=\"screen\" />\n\n<script type='text/javascript' src='libs/cjLib/utils.js'></script>\n\n\n<script type=\"text/javascript\">\n<!--\n\t/*********** PeriodicTask **********/\n\t/** Indicates the loaded section */\n\tvar g_section = '';\n\t\n\t/**  Variable generic usage*/\n\tvar g_args = '';\n\t\n\tfunction periodicTasksCall() {\n\t\txajax_execute_DataObjectProc(\"auth\", \"periodicTasks\", [g_section, g_args]);\n\t}\n\t/***************************************/\n\n\t/********* Strings *********************/\n\t\n\n\t//date.js\n\t \n\t//calendarDateInput.js\n\t\t\n\t\n\t/***************************************/\n\t\n\n\n\t\t\t\tvar g_debug_mode = false;\n\t\t\n\n\n\tfunction load() {\n\t\ttry {\n    \n                    // help.js\n                    show_message_submit_button = \"Accept\";\n\n                        \n                    if (g_debug_mode) {\n                            //debug XAJAX\n                            if (xajax) {\n                                    xajax.loadingFunction = function() {\n                                            _debug(\"loadingFunction\");\n                                    };\n                                    xajax.doneLoadingFunction = function() {\n                                            _debug(\"doneLoadingFunction\");\n                                    };\n                            }\n                    }\n\n                    //cada tpl puede tener un manejador\n                    if (typeof(onLoadTpl) != \"undefined\") {\n                            onLoadTpl();\n                    }\n                    //showAlarmIPopUp(0);\n\t\t}\n\t\tcatch(e) {\n\t\t\tconsole.log(\"load() EE Exception: \" + e.message);\n\t\t}\n\t}\n\n\tfunction unload() {\n\t\ttry {\n\t\t\tstopPeriodicTasks();\n\t\n\t\t\t//cada tpl puede tener un manejador\n\t\t\tif (typeof(onUnloadTpl) != \"undefined\") {\n\t\t\t\tonUnloadTpl();\n\t\t\t}\n\t\t}\n\t\tcatch(e) {\n\t\t\tconsole.log(\"unload() EE Exception: \" + e.message);\n\t\t}\n\t}\n\n\tfunction onResize() {\n\t\ttry {\n\t\t\t//cada tpl puede tener un manejador\n\t\t\tif (typeof(onResizeTpl) != \"undefined\") {\n\t\t\t\tonResizeTpl();\n\t\t\t}\n\t\t}\n\t\tcatch(e) {\n\t\t\tconsole.log(\"onResize() EE Exception: \" + e.message);\n\t\t}\n\t}\n\n\tvar g_focused = true;\n\n\tfunction onFocus() {\n\t\tg_focused = true;\n\t\tif (g_debug_mode)\n\t\t\t_debug('Window focus gained');\n\t}\n\n\tfunction onBlur() {\n\t\tg_focused = false;\n\t\tif (g_debug_mode)\n\t\t\t_debug('Window focus lost');\n\t}\n\n\txAddEventListener(window,\"focus\",onFocus,false);\n\txAddEventListener(window,\"blur\",onBlur,false);\n\n-->\n</script>\n\n\n\n<style type=\"text/css\">\n\t@import \"libs/dojo/dijit/themes/tundra/tundra.css\";\n\t@import \"libs/dojo/dojo/resources/dojo.css\";\n</style>\n\n\n</head>\n\n<body onload=\"load()\" onunload=\"unload()\" onresize=\"onResize()\">\n<div id=\"container\">\n<div id=\"wrap\">\n\n\n<script type=\"text/javascript\">\n<!--\n\nfunction onLoadTpl() {\n\tif (document.all) {\n\t\tdocument.getElementById('imgLinks').style.display = \"\";\n\t}\n}\n\nfunction myvalidate_login(frm) {\nvar errors = new Array();\n\n\tif(frm.username.value == ''){\n\t\n\t\terrors.push(\"A user name is mandatory.\");\n\t\n\t}\n\tif(frm.password.value == ''){\n\t\n\t\terrors.push(\"Password is a required field.\");\n\t\n\t}\n\tif(errors.length>0){\n\t\n\t\tvar msg=\"The following error(s) occurred:\\\\n\";\n\t\n\t\tvar msg2=\"\";\n\t\tfor(var i=0;i<errors.length; i++){\n\t\t\tmsg+=errors[i] + \"\\n\";\n\t\t\tmsg2 += errors[i] + \"<br>\";\n\t\t}\n\t\t//alert(msg);\n\t\t$('message01').innerHTML = msg2;\n\t\treturn (false);\n\t}else return(true);\n}\n\n-->\n</script>\n\n\n\n<div class=\"center\">\n<div class=\"login-formatted-div\">\n\n\t<form action=\"index.php\" method=\"post\"\n\t\tonsubmit=\"return(myvalidate_login(this))\">\n                <img src=\"img/logo-big.png\" style=\"width: 350px\">\n\t\t<table style=\"width: 100%\">\n\t\t\t<tr>\n\t\t\t\t<td style=\"text-align: right\">Username&nbsp;</td>\n\t\t\t\t<td><input type=\"text\" class=\"formatted-input\" value=\"\" name=\"username\" maxlength='20' style=\"border:1px solid #c0c0c0\"/></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td style=\"text-align: right\">Password&nbsp;</td>\n\t\t\t\t<td><input type=\"password\" class=\"formatted-input\" value=\"\" name=\"password\" maxlength='20' style=\"border:1px solid #c0c0c0\"/></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td>&nbsp;</td>\n\t\t\t\t<td>&nbsp;</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td colspan=\"2\"><input class=\"btn btn-primary\" style=\"width: 150px\" type=\"submit\" name=\"save\" value=\"Log in\" /></td>\n\t\t\t</tr>\n\t\t</table>\n\t</form>\n    <p id=\"message01\"></p>\n</div>\n</div>\r\n0\r\n\r\n",
   "datamd5" : "ebf35613e2bc186ac4283021467171c3",
   "datammh3" : -1969186818,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "84.236.145.76",
   "ipv6" : "false",
   "latitude" : "39.0733",
   "location" : "39.0733,-3.6068",
   "longitude" : "-3.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Aire Networks Del Mediterraneo Sl Unipersonal",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 212,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.2",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-10-18",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "84.236.144.0/20",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
185.218.155.146

Network
185.218.152.0/22

Domain(s)
as47608.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://185.218.155.146:212/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

Reverse DNS
146.155.218.185.rev.as47608.net

ASN
AS47608

Organization
SM Etude Devel Sces Reseaux Com

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx 1.14.2

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab02f48b964ee86e9025e17626ea721c

HTTP Header MD5
c032d719f0bb3a18f39ae8622c1cb001

HTTP Body MD5
a96af466e25c4c8966828107b5af6a8b

HTTP/1.1 400 Bad Request
Server: nginx/1.14.2
Date: Thu, 17 Oct 2024 01:12:16 GMT
Content-Type: text/html
Content-Length: 271
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.14.2</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-17T02:02:50.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "a96af466e25c4c8966828107b5af6a8b",
         "bodymmh3" : 1451379092,
         "headermd5" : "c032d719f0bb3a18f39ae8622c1cb001",
         "headermmh3" : -1398531511,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 423
   },
   "asn" : "AS47608",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.14.2\r\nDate: Thu, 17 Oct 2024 01:12:16 GMT\r\nContent-Type: text/html\r\nContent-Length: 271\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.14.2</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "ab02f48b964ee86e9025e17626ea721c",
   "datammh3" : 362456294,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "as47608.net"
   ],
   "host" : [
      146
   ],
   "hostname" : [
      "146.155.218.185.rev.as47608.net"
   ],
   "ip" : "185.218.155.146",
   "ipv6" : "false",
   "latitude" : "48.8582",
   "location" : "48.8582,2.3387",
   "longitude" : "2.3387",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "SM Etude Devel Sces Reseaux Com",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 212,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.2",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "146.155.218.185.rev.as47608.net"
   ],
   "seen_date" : "2024-10-17",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "218.185.rev.as47608.net",
      "185.rev.as47608.net",
      "rev.as47608.net",
      "155.218.185.rev.as47608.net"
   ],
   "subnet" : "185.218.152.0/22",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
66.228.59.243

Network
66.228.32.0/19

Domain(s)
linodeusercontent.com

Device

<enterprise field>: device.class

Operating System
Linux Linux sUse

URL

http://66.228.59.243:212/ 200

HTTP Title
OptMyCare

HTTP Description
VOS3000, VoIP, VoIP运营支撑系统, 软交换

HTTP Keyword(s)
voip vos3000

HTTP Copyright
www.linknat.com, 昆石网络

Reverse DNS
66-228-59-243.ip.linodeusercontent.com

ASN
AS63949

Organization
Akamai Connected Cloud

Protocol
http

Source
datascan
Operating System
Linux Linux sUse

Product
F5 Nginx 1.14.2

HTTP Component(s)
Gitlab Gitlab Apache org.apache.sling.servlets.post 3.0 VOS3000 VOS3000 Jenkins Jenkins 2.121.3 SPIP SPIP 4.1.11 Drupal Drupal 7 MobileIron Core Oracle Java Metabase Metabase Atlassian Confluence

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
444f1d08ab448f16b850cdfd64496fed

HTTP Header MD5
d7177fc56d4db74f27ccb35ed650495d

HTTP Body MD5
f59beb9d1febca7dbb087931086f2c33

HTTP/1.1 200 OK
Composed-By: SPIP 4.1.11 @ www.spip.net
Content-Length: 104765
Content-Type: text/html;charset=utf-8
Last-Modified: Fri, 29 Jul 2022 16:53:01 GMT
Loginip: <srcip>
P3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Pragma: private
Server: nginx/1.14.2
Set-Cookie: XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Fri, 14-Mar-2092 22:32:26 GMT; Path=/; HttpOnly;
Set-Cookie: webvpnaac=1; path=/; secure;
Set-Cookie: jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/
Set-Cookie: __s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/
Set-Cookie: X-Qlik-Session=35263a2bf; path=/;
Set-Cookie: TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;
Set-Cookie: swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs=; path=/; secure; HttpOnly;
Set-Cookie: USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly
Set-Cookie: acSamlv2Error=; path=/; secure;
Set-Cookie: JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;
Set-Cookie: csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;
Set-Cookie: rememberMe=deleteMe; path=/;
Set-Cookie: metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Mon, 25 Apr 2044 03:55:44 +0200;SameSite=None;Secure
Set-Cookie: akaunting_session=7b22; Path=/;
Set-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;
Set-Cookie: UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;
Set-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;
Set-Cookie: SESSID=22363a2bf; path=/;
X-Aspnetmvc-Version: 5.2
X-Cache: MISS from Hello
X-Cache-Lookup: MISS from Hello:8080
X-Content-Powered-By: K2 v2.8.0 (by JoomlaWor
X-Content-Type-Options: nosniff
X-Drupal-Cache: xHIT
X-Drupal-Dynamic-Cache: MISS
X-Frame-Options: SAMEORIGIN
X-Generator: Drupal 7 (http://drupal.org)
X-Jenkins: 2.121.3
X-Jenkins-Session: f72d6619
X-Powered-By: Servlet/3.0; JBossAS-6
X-Proxy-Cache: MISS
X-Request-Id: ecff8573-23ca-4dbc-a0a9-e8af7876c4ae
X-Robots-Tag: none
X-Root: root
X-Shopid: 25693290577
X-Shopify-Stage: production
X-Xss-Protection: 1; mode=block
Date: Wed, 16 Oct 2024 18:02:55 GMT
Connection: close

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta http-equiv="Pragma" content="no-cache" />
<meta charset="utf-8">
<meta content="IE=edge" http-equiv="X-UA-Compatible">
<meta content="object" property="og:type">
<meta content="GitLab" property="og:site_name">
<meta content="Help" property="og:title">
<meta content="GitLab Community Edition" property="og:description">
<meta content="summary" property="twitter:card">
<meta content="Help" property="twitter:title">
<meta content="GitLab Community Edition" property="twitter:description">
<meta content="GitLab Community Edition" name="description">
<meta content="#474D57" name="theme-color">
<meta content="#30353E" name="msapplication-TileColor">
<meta name="csrf-param" content="authenticity_token" />
<meta name="csrf-token" content="8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e0cb6ed03ba384e2fac23e09==" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta http-equiv="expires" content="-1"/>
<meta name="keywords" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/>
<meta name="description" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/>
<meta name="author" content="www.linknat.com, 昆石网络"/>
<meta name="copyright" content="www.linknat.com, 昆石网络"/>
<meta name="generator" content="SPIP 4.1.11" />
<script src="/jquery.min.js"></script> 
<title>OptMyCare</title>
</head>
<body>
<div style="display: none;">
<script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"THtoAUxH4sS9","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script>
<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last="1">fritzr</User></Users></SessionInfo>
<Account>
<Entry0 Active="Yes" username="CMCCAdmin" web_passwd="CmcC4dm1n5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry1 Active="Yes" username="useradmin" web_passwd="Gu4ngx1pd5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry2 Active="Yes" username="CUAdmin"   web_passwd="CUAdmin5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<TelnetEntry Active="Yes" telnet_username="Admin" telnet_passwd="cxx4dm1n5591" telnet_port="23"/>
<FtpEntry Active="Yes" ftp_right="1" ftp_auth="1" ftp_username="Admin" ftp_passwd="cxx4dm1n5591" ftp_port="21" />
<SambaEntry Active="Yes" smb_right="1" smb_auth="1" smb_username="Admin" smb_passwd="cxx4dm1n5591" />
<ConsoleEntry Active="Yes" console_username="Admin" console_passwd="cxx4dm1n5591"/>
<CTDefParaEntry setDefValueFlag="1" />
</Account>
<div>8.5.5 (Build:20200530.307-TEMP)</div>
<span class="greyNote version"><span class="vWord">Version</span> 2023.11.3 (build 147512)</span>
<h1>Logged in as <strong>admin</strong></h1><input type="hidden" name="csrfmiddlewaretoken" value="e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y"><textarea id="3revi" name="revi" rows="4" cols="50">server1 Ubuntu 22.04 LTS</textarea>
<ca status="disabled" href="/+CSCOCA+/login.html" />
<form action="/login/vpnSdef" enctype="multipart/form-data" method="post" name="login">
    <div data-user="root" data-module="package-updates"></div>
    <code>The zip file did not contain an entry exportDescriptor.properties</code>
    <span class="form-hidden"><input name="page" value="login" type="hidden"/><input name="formulaire_action" type="hidden" value="login" /><input name="formulaire_action_args" type="hidden" value="dzdNV0MzUGFDV0NHemR6bWorekNEWHY=" /><input name="formulaire_action_sign" type="hidden" value="" /></span>
    <message>Please enter your username and password.</message>
    <input name="formid" type="hidden" value="012afed" />
    <input name="javax.faces.ViewState" type="hidden" value="012afed" />
    <input name="queryString" type="hidden" value="1406192" />
    <div class="versionInfo">The Cacti Group Version 1.2.25</div>
    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>
    <input type="hidden" name="token" value="0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec">
    <input type='hidden' name='__csrf_magic' value="key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654" />
    <input type="hidden" name="tokenid"  value="1804289383" >
    <input type="hidden" name="name"  value="1804289383" >
    <input type="hidden" name="csrfKey" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="hidden" name="csrf_token" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" name="ref" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="username_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="password_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="csrf" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="xd_check" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="give-form-id" name="give-form-id" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" id="give-form-hash" name="give-form-hash" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="text" name="username" label="Username:" value="admin" />
    <input type="password" name="password" label="Password:" value="123456" />
    <input type="hidden" name="tgroup" value="DefaultADMINGroup" />
    <input type="submit" name="Login" value="Login" />
    <input type="reset" name="Clear" value="Clear" />
</form>
<input type="hidden" value="Maintain/cloud_index.php" id="cloud_addr">
<li class="lisel" onclick="location.href='index.php'">日志系统</li>
<li class="linormal" onclick="location.href='Maintain/cloud_index.php'" style="margin-left:1px;">云平台</li>
<button type="button" data-price-id=True>sb</button>
<div class="prod_madelName">RT-AC5300</div>
<div class="p1 title_gap">Sign in with your ASUS router account</div>
<tr class="h"><th>PHP Group</th></tr>
<tr><td class="e">upload_tmp_dir</td><td class="v">/etc/httpd/_tmp</td><td class="v">/etc/httpd/_tmp</td></tr>
<tr><td class="e">$_SERVER['DOCUMENT_ROOT']</td><td class="v">/mnt/HDD2/web/</td></tr>
<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>
<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>
<div class="text" id="jive-loginVersion"> Openfire, Version: 3.6.0a</div>
<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>
<div id="mcname">LoadMaster</div>
<p><br/><span>出厂IP：192.168.1.1</span><br/><span>用户名、密码：admin admin</span></p>
<td colspan="2">Please enter your Cacti user name and password below:</td>
<meta id="confluence-context-path" name="confluence-context-path" content="">
<meta id="confluence-base-url" name="confluence-base-url" content="https://192.168.1.4">
<meta id="atlassian-token" name="atlassian-token" content="d78e2b977d28428e411e31b958c9c502c2425083">
<script id="frontend-js-extra">var hashform_vars = {"ajaxurl":"\/wp-admin\/admin-ajax.php","ajax_nounce":"d78e2b97","preview_img":""};</script>
<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>
<B>SonicWall Universal Management Suite v9.3</B>
<br>OK<br>
<script type="text/javascript">var csrfMagicToken = "sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646";var csrfMagicName = "__vtrftk";</script>
<select id="cars" name="name">
<option value="olvo">olvo</option>
</select>
<a href="/VICIdial/phone">MODIFY</a>
<input type="hidden" name="extension"  value="1804289383" >
<input type="hidden" name="pass"  value="1804289383" >
<input type="hidden" name="recording_exten"  value="1804289383" >
<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>
<input type='hidden' name='LDCSA_CSRF' value="sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985" />
<script type='text/javascript'>
	var cactiVersion='1.2.27';
	var cactiServerOS='unix';
	var cactiAction='';
	var theme='modern';
	var refreshIsLogout=true;
	var refreshPage='/logout.php?action=timeout';
	var refreshMSeconds=1440000;
	var urlPath='/';
	var previousPage='';
	var sessionMessage=[];
	var csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';
</script>

<!--
<Username Level="40/40" Dispatch="account">admin</Username><User1><Password Level="40/40" Dispatch="account">admin</Password></User1>
/var/pinglog
<TITLE>Login</TITLE>
<a href="jpg.html">LIVE JPEG</a><br>
<a href="liveie.html">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>
<a href="DVRRemoteAP.exe">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVRRemoteAP_X64.exe">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVFPlayer.zip">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>
<\?xml version="1.0" encoding="utf-8"?><base64Binary xmlns="http://micros-hosting.com/EGateway/">
Location: /admin
<meta name="generator" content="vBulletin 5.5.4" />
Location: http://<ip>:80/relogin.htm?_t=3541144909
Location: http://<ip>:80/syscmd.htm" Location: /ui/login
/cgi-bin/webctrl.cgi?action=index_page
PDR-M800
function btnPing()
<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF="http://<ip>:80/relogin.htm?_t=179439949">here</A></BODY></HTML>
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_shortcut.png">
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_logo.png">
<td class="Copyright" colspan="2" style="text-align:justify" height="20" valign="bottom">© 2017 Cisco Systems, Inc. All Rights Reserved.
<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered
trademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates
in the United States and certain other countries.
</td>
:
#
>
$
SSH key is good
is not a valid ref and may not be archived
pcPassword2
'&sessionKey=790148060;'
name="sessionKey" value="790148060"
Set-Cookie: loginName=admin
var fgt_lang = /dev/cmdb/sslvpn_websession
php 8.1.0-dev exit
springframework
Tomcat
DEVICE.ACCOUNT=admin
AUTHORIZED_GROUP=1
<uid></uid>
<name>Admin</name>
<usrid></usrid>
<password>admin</password>
<group></group>
cpto /tmp/"root"
Model=AC1450
Firmware=V1.0.0.36_10.0.17
"exceptionMessageValue":"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found."
BIG-IP release 15.0.0
user:root
12345admin123'
Failed to process image

Location: http://192.168.0.1:52869/picsdesc.xml
You don't have permission to access /vpns/ on this server.
[global]
    workgroup = intranet
    encrypt passwords = Yes
    update encrypted = Yes

funcionando
system_sofia
name resolve order
InfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo
<b>File Uploaded !!!</b><br>
ant=951d11e51392117311602d0c25435d7f
38ee63071a04dc5e04ed22624c38e648
6f3249aa304055d63828af3bfab778f6
<h1> 5196abbb2d9bda158de8baa496da6dd6 </h1>
[local]
 tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGUwY2I2ZWQwM2JhMzg0ZTJmYWMyM2UwOT09
 addr = <ip>
"Powered by vBulletin Version 5.5.4"
789551
Linear eMerge
SuperSign
ubiq
Yacht
Zeroshell
FastWeb
AuthInfo:
loadingIndicator_bk
Zyxel
skyrouter
WAP54
org.apache.spark.ui



ID: "00af", version: "7.7.31.1", AddItem: function (a, item, c) {}
<insert implant configuration content here>
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api
Copyright (c) 2015-2020 by Cisco Systems, Inc.
All rights reserved.
SSL VPN Service
wsConvertPptResponse
<input id="txtUserName" class="txt-input" type="text" name="userName" value="" />
<input id="txtPassword" class="txt-input" type="password" name="password" value="" />
<button id="btnLogin" lc="html" lk="IDCS_LOGIN_NBSP">
<span lc="html" lk="IDCS_BS_PLUGIN_DOWNLOAD" style="line-height: 30px; vertical-align: top;"></span>
<script src="../Scripts/login.htm.js?v={JS_CSS_V}" type="text/javascript"></script>
<LegacyDN>eD2bxe4</LegacyDN>
<title class="_ctxstxt_NetscalerGateway">
SAML Assertion verification failed; Please contact your administrator
v=2b46554c087d2d5516559e9b8bc1875d
/vpn/images/AccessGateway.ico
frame-busting
/vpn/js/logout_view.js?v=
_ctxstxt_NetscalerAAA
lib.min20200813.js
401 Unauthorized Basic realm=
sName='1';onTest(this);
var passadm = "admin";
OPMODE_BRIDGE
document.all.cmd_result
<input id="key" type="text" style="width: 200px" value="02108CB9-2200D5A4">
<input id="date" type="text" style="width: 200px" value="12/25/2023">
main page cgi-bin/login.cgi
var sessionKey='030ff030ff88';
loc += '&sessionKey=19dec20030ff8dcb2';
}

var code = 'location="' + loc + '"';

Password change successful
J2100N GPON ONT
/cgi-bin/webui/admin
sesskey
name=admin pass=123 priv=ppp
service=www.dlinkddns.com
sysCmdType
Content-Type: auth/request


Content-Type: command/reply

Reply-Text: +OK accepted


X-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)
007b2000-007c1000 rw-p 00000000 00:00 0
Size:                 60 kB
Rss:                  52 kB
Pss:                  52 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:        52 kB
Referenced:           52 kB
Anonymous:            52 kB
AnonHugePages:         0 kB
Swap:                  8 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-16T18:02:55.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "drupal.org",
            "micros-hosting.com"
         ],
         "file" : [
            "cloud_index.php",
            "dvfplayer.zip",
            "dvrremoteap.exe",
            "admin-ajax.php",
            "dvrremoteap_x64.exe",
            "index.php",
            "p3p.xml"
         ],
         "hostname" : [
            "drupal.org",
            "micros-hosting.com"
         ],
         "ip" : [
            "192.168.1.10",
            "7.7.31.1",
            "1.0.0.36",
            "192.168.1.1",
            "192.168.1.4",
            "192.168.0.1"
         ],
         "url" : [
            "http://192.168.0.1:52869/picsdesc.xml",
            "http://drupal.org",
            "http://micros-hosting.com/EGateway/",
            "https://192.168.1.4"
         ]
      },
      "http" : {
         "bodymd5" : "f59beb9d1febca7dbb087931086f2c33",
         "bodymmh3" : -30183546,
         "component" : [
            {
               "product" : "Core",
               "productvendor" : "MobileIron"
            },
            {
               "productversion" : "4.1.11",
               "productvendor" : "SPIP",
               "product" : "SPIP"
            },
            {
               "product" : "Metabase",
               "productvendor" : "Metabase"
            },
            {
               "productvendor" : "Drupal",
               "productversion" : "7",
               "product" : "Drupal"
            },
            {
               "product" : "Gitlab",
               "productvendor" : "Gitlab"
            },
            {
               "product" : "Confluence",
               "productvendor" : "Atlassian"
            },
            {
               "productversion" : "2.121.3",
               "productvendor" : "Jenkins",
               "product" : "Jenkins"
            },
            {
               "productversion" : "3.0",
               "productvendor" : "Apache",
               "product" : "org.apache.sling.servlets.post"
            },
            {
               "product" : "VOS3000",
               "productvendor" : "VOS3000"
            },
            {
               "product" : "Java",
               "productvendor" : "Oracle"
            }
         ],
         "copyright" : "www.linknat.com, \u6606\u77f3\u7f51\u7edc",
         "description" : "VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362",
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Fri, 29 Jul 2022 16:53:01 GMT"
            }
         ],
         "headermd5" : "d7177fc56d4db74f27ccb35ed650495d",
         "headermmh3" : -98318537,
         "keywords" : [
            "voip",
            "vos3000"
         ],
         "title" : "OptMyCare"
      },
      "length" : 16298
   },
   "asn" : "AS63949",
   "city" : "Atlanta",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nComposed-By: SPIP 4.1.11 @ www.spip.net\r\nContent-Length: 104765\r\nContent-Type: text/html;charset=utf-8\r\nLast-Modified: Fri, 29 Jul 2022 16:53:01 GMT\r\nLoginip: <srcip>\r\nP3p: policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\"\r\nPragma: private\r\nServer: nginx/1.14.2\r\nSet-Cookie: XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Fri, 14-Mar-2092 22:32:26 GMT; Path=/; HttpOnly;\r\nSet-Cookie: webvpnaac=1; path=/; secure;\r\nSet-Cookie: jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c; path=/\r\nSet-Cookie: __s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/\r\nSet-Cookie: X-Qlik-Session=35263a2bf; path=/;\r\nSet-Cookie: TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;\r\nSet-Cookie: swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs=; path=/; secure; HttpOnly;\r\nSet-Cookie: USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly\r\nSet-Cookie: acSamlv2Error=; path=/; secure;\r\nSet-Cookie: JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;\r\nSet-Cookie: csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;\r\nSet-Cookie: rememberMe=deleteMe; path=/;\r\nSet-Cookie: metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Mon, 25 Apr 2044 03:55:44 +0200;SameSite=None;Secure\r\nSet-Cookie: akaunting_session=7b22; Path=/;\r\nSet-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;\r\nSet-Cookie: UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;\r\nSet-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;\r\nSet-Cookie: SESSID=22363a2bf; path=/;\r\nX-Aspnetmvc-Version: 5.2\r\nX-Cache: MISS from Hello\r\nX-Cache-Lookup: MISS from Hello:8080\r\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWor\r\nX-Content-Type-Options: nosniff\r\nX-Drupal-Cache: xHIT\r\nX-Drupal-Dynamic-Cache: MISS\r\nX-Frame-Options: SAMEORIGIN\r\nX-Generator: Drupal 7 (http://drupal.org)\r\nX-Jenkins: 2.121.3\r\nX-Jenkins-Session: f72d6619\r\nX-Powered-By: Servlet/3.0; JBossAS-6\r\nX-Proxy-Cache: MISS\r\nX-Request-Id: ecff8573-23ca-4dbc-a0a9-e8af7876c4ae\r\nX-Robots-Tag: none\r\nX-Root: root\r\nX-Shopid: 25693290577\r\nX-Shopify-Stage: production\r\nX-Xss-Protection: 1; mode=block\r\nDate: Wed, 16 Oct 2024 18:02:55 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta charset=\"utf-8\">\n<meta content=\"IE=edge\" http-equiv=\"X-UA-Compatible\">\n<meta content=\"object\" property=\"og:type\">\n<meta content=\"GitLab\" property=\"og:site_name\">\n<meta content=\"Help\" property=\"og:title\">\n<meta content=\"GitLab Community Edition\" property=\"og:description\">\n<meta content=\"summary\" property=\"twitter:card\">\n<meta content=\"Help\" property=\"twitter:title\">\n<meta content=\"GitLab Community Edition\" property=\"twitter:description\">\n<meta content=\"GitLab Community Edition\" name=\"description\">\n<meta content=\"#474D57\" name=\"theme-color\">\n<meta content=\"#30353E\" name=\"msapplication-TileColor\">\n<meta name=\"csrf-param\" content=\"authenticity_token\" />\n<meta name=\"csrf-token\" content=\"8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e0cb6ed03ba384e2fac23e09==\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n<meta http-equiv=\"expires\" content=\"-1\"/>\n<meta name=\"keywords\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"description\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"author\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"copyright\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"generator\" content=\"SPIP 4.1.11\" />\n<script src=\"/jquery.min.js\"></script> \n<title>OptMyCare</title>\n</head>\n<body>\n<div style=\"display: none;\">\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"THtoAUxH4sS9\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last=\"1\">fritzr</User></Users></SessionInfo>\n<Account>\n<Entry0 Active=\"Yes\" username=\"CMCCAdmin\" web_passwd=\"CmcC4dm1n5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry1 Active=\"Yes\" username=\"useradmin\" web_passwd=\"Gu4ngx1pd5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry2 Active=\"Yes\" username=\"CUAdmin\"   web_passwd=\"CUAdmin5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<TelnetEntry Active=\"Yes\" telnet_username=\"Admin\" telnet_passwd=\"cxx4dm1n5591\" telnet_port=\"23\"/>\n<FtpEntry Active=\"Yes\" ftp_right=\"1\" ftp_auth=\"1\" ftp_username=\"Admin\" ftp_passwd=\"cxx4dm1n5591\" ftp_port=\"21\" />\n<SambaEntry Active=\"Yes\" smb_right=\"1\" smb_auth=\"1\" smb_username=\"Admin\" smb_passwd=\"cxx4dm1n5591\" />\n<ConsoleEntry Active=\"Yes\" console_username=\"Admin\" console_passwd=\"cxx4dm1n5591\"/>\n<CTDefParaEntry setDefValueFlag=\"1\" />\n</Account>\n<div>8.5.5 (Build:20200530.307-TEMP)</div>\n<span class=\"greyNote version\"><span class=\"vWord\">Version</span> 2023.11.3 (build 147512)</span>\n<h1>Logged in as <strong>admin</strong></h1><input type=\"hidden\" name=\"csrfmiddlewaretoken\" value=\"e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y\"><textarea id=\"3revi\" name=\"revi\" rows=\"4\" cols=\"50\">server1 Ubuntu 22.04 LTS</textarea>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n<form action=\"/login/vpnSdef\" enctype=\"multipart/form-data\" method=\"post\" name=\"login\">\n    <div data-user=\"root\" data-module=\"package-updates\"></div>\n    <code>The zip file did not contain an entry exportDescriptor.properties</code>\n    <span class=\"form-hidden\"><input name=\"page\" value=\"login\" type=\"hidden\"/><input name=\"formulaire_action\" type=\"hidden\" value=\"login\" /><input name=\"formulaire_action_args\" type=\"hidden\" value=\"dzdNV0MzUGFDV0NHemR6bWorekNEWHY=\" /><input name=\"formulaire_action_sign\" type=\"hidden\" value=\"\" /></span>\n    <message>Please enter your username and password.</message>\n    <input name=\"formid\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"javax.faces.ViewState\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"queryString\" type=\"hidden\" value=\"1406192\" />\n    <div class=\"versionInfo\">The Cacti Group Version 1.2.25</div>\n    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>\n    <input type=\"hidden\" name=\"token\" value=\"0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec\">\n    <input type='hidden' name='__csrf_magic' value=\"key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654\" />\n    <input type=\"hidden\" name=\"tokenid\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"name\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"csrfKey\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"hidden\" name=\"csrf_token\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" name=\"ref\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"username_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"password_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"csrf\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"xd_check\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"give-form-id\" name=\"give-form-id\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" id=\"give-form-hash\" name=\"give-form-hash\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"text\" name=\"username\" label=\"Username:\" value=\"admin\" />\n    <input type=\"password\" name=\"password\" label=\"Password:\" value=\"123456\" />\n    <input type=\"hidden\" name=\"tgroup\" value=\"DefaultADMINGroup\" />\n    <input type=\"submit\" name=\"Login\" value=\"Login\" />\n    <input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n</form>\n<input type=\"hidden\" value=\"Maintain/cloud_index.php\" id=\"cloud_addr\">\n<li class=\"lisel\" onclick=\"location.href='index.php'\">\u65e5\u5fd7\u7cfb\u7edf</li>\n<li class=\"linormal\" onclick=\"location.href='Maintain/cloud_index.php'\" style=\"margin-left:1px;\">\u4e91\u5e73\u53f0</li>\n<button type=\"button\" data-price-id=True>sb</button>\n<div class=\"prod_madelName\">RT-AC5300</div>\n<div class=\"p1 title_gap\">Sign in with your ASUS router account</div>\n<tr class=\"h\"><th>PHP Group</th></tr>\n<tr><td class=\"e\">upload_tmp_dir</td><td class=\"v\">/etc/httpd/_tmp</td><td class=\"v\">/etc/httpd/_tmp</td></tr>\n<tr><td class=\"e\">$_SERVER['DOCUMENT_ROOT']</td><td class=\"v\">/mnt/HDD2/web/</td></tr>\n<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>\n<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>\n<div class=\"text\" id=\"jive-loginVersion\"> Openfire, Version: 3.6.0a</div>\n<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>\n<div id=\"mcname\">LoadMaster</div>\n<p><br/><span>\u51fa\u5382IP\uff1a192.168.1.1</span><br/><span>\u7528\u6237\u540d\u3001\u5bc6\u7801\uff1aadmin admin</span></p>\n<td colspan=\"2\">Please enter your Cacti user name and password below:</td>\n<meta id=\"confluence-context-path\" name=\"confluence-context-path\" content=\"\">\n<meta id=\"confluence-base-url\" name=\"confluence-base-url\" content=\"https://192.168.1.4\">\n<meta id=\"atlassian-token\" name=\"atlassian-token\" content=\"d78e2b977d28428e411e31b958c9c502c2425083\">\n<script id=\"frontend-js-extra\">var hashform_vars = {\"ajaxurl\":\"\\/wp-admin\\/admin-ajax.php\",\"ajax_nounce\":\"d78e2b97\",\"preview_img\":\"\"};</script>\n<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>\n<B>SonicWall Universal Management Suite v9.3</B>\n<br>OK<br>\n<script type=\"text/javascript\">var csrfMagicToken = \"sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646\";var csrfMagicName = \"__vtrftk\";</script>\n<select id=\"cars\" name=\"name\">\n<option value=\"olvo\">olvo</option>\n</select>\n<a href=\"/VICIdial/phone\">MODIFY</a>\n<input type=\"hidden\" name=\"extension\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"pass\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"recording_exten\"  value=\"1804289383\" >\n<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>\n<input type='hidden' name='LDCSA_CSRF' value=\"sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985\" />\n<script type='text/javascript'>\n\tvar cactiVersion='1.2.27';\n\tvar cactiServerOS='unix';\n\tvar cactiAction='';\n\tvar theme='modern';\n\tvar refreshIsLogout=true;\n\tvar refreshPage='/logout.php?action=timeout';\n\tvar refreshMSeconds=1440000;\n\tvar urlPath='/';\n\tvar previousPage='';\n\tvar sessionMessage=[];\n\tvar csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';\n</script>\n\n<!--\n<Username Level=\"40/40\" Dispatch=\"account\">admin</Username><User1><Password Level=\"40/40\" Dispatch=\"account\">admin</Password></User1>\n/var/pinglog\n<TITLE>Login</TITLE>\n<a href=\"jpg.html\">LIVE JPEG</a><br>\n<a href=\"liveie.html\">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>\n<a href=\"DVRRemoteAP.exe\">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVRRemoteAP_X64.exe\">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVFPlayer.zip\">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>\n<\\?xml version=\"1.0\" encoding=\"utf-8\"?><base64Binary xmlns=\"http://micros-hosting.com/EGateway/\">\nLocation: /admin\n<meta name=\"generator\" content=\"vBulletin 5.5.4\" />\nLocation: http://<ip>:80/relogin.htm?_t=3541144909\nLocation: http://<ip>:80/syscmd.htm\" Location: /ui/login\n/cgi-bin/webctrl.cgi?action=index_page\nPDR-M800\nfunction btnPing()\n<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF=\"http://<ip>:80/relogin.htm?_t=179439949\">here</A></BODY></HTML>\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_shortcut.png\">\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_logo.png\">\n<td class=\"Copyright\" colspan=\"2\" style=\"text-align:justify\" height=\"20\" valign=\"bottom\">\u00a9 2017 Cisco Systems, Inc. All Rights Reserved.\n<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered\ntrademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates\nin the United States and certain other countries.\n</td>\n:\n#\n>\n$\nSSH key is good\nis not a valid ref and may not be archived\npcPassword2\n'&sessionKey=790148060;'\nname=\"sessionKey\" value=\"790148060\"\nSet-Cookie: loginName=admin\nvar fgt_lang = /dev/cmdb/sslvpn_websession\nphp 8.1.0-dev exit\nspringframework\nTomcat\nDEVICE.ACCOUNT=admin\nAUTHORIZED_GROUP=1\n<uid></uid>\n<name>Admin</name>\n<usrid></usrid>\n<password>admin</password>\n<group></group>\ncpto /tmp/\"root\"\nModel=AC1450\r\nFirmware=V1.0.0.36_10.0.17\r\n\"exceptionMessageValue\":\"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found.\"\nBIG-IP release 15.0.0\nuser:root\n12345admin123'\nFailed to process image\n\nLocation: http://192.168.0.1:52869/picsdesc.xml\nYou don't have permission to access /vpns/ on this server.\n[global]\n    workgroup = intranet\n    encrypt passwords = Yes\n    update encrypted = Yes\n\nfuncionando\nsystem_sofia\nname resolve order\nInfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo\n<b>File Uploaded !!!</b><br>\nant=951d11e51392117311602d0c25435d7f\n38ee63071a04dc5e04ed22624c38e648\n6f3249aa304055d63828af3bfab778f6\n<h1> 5196abbb2d9bda158de8baa496da6dd6 </h1>\n[local]\n tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGUwY2I2ZWQwM2JhMzg0ZTJmYWMyM2UwOT09\n addr = <ip>\n\"Powered by vBulletin Version 5.5.4\"\n789551\nLinear eMerge\nSuperSign\nubiq\nYacht\nZeroshell\nFastWeb\nAuthInfo:\nloadingIndicator_bk\nZyxel\nskyrouter\nWAP54\norg.apache.spark.ui\n\n\n\nID: \"00af\", version: \"7.7.31.1\", AddItem: function (a, item, c) {}\n<insert implant configuration content here>\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api\nCopyright (c) 2015-2020 by Cisco Systems, Inc.\nAll rights reserved.\nSSL VPN Service\nwsConvertPptResponse\n<input id=\"txtUserName\" class=\"txt-input\" type=\"text\" name=\"userName\" value=\"\" />\n<input id=\"txtPassword\" class=\"txt-input\" type=\"password\" name=\"password\" value=\"\" />\n<button id=\"btnLogin\" lc=\"html\" lk=\"IDCS_LOGIN_NBSP\">\n<span lc=\"html\" lk=\"IDCS_BS_PLUGIN_DOWNLOAD\" style=\"line-height: 30px; vertical-align: top;\"></span>\n<script src=\"../Scripts/login.htm.js?v={JS_CSS_V}\" type=\"text/javascript\"></script>\n<LegacyDN>eD2bxe4</LegacyDN>\n<title class=\"_ctxstxt_NetscalerGateway\">\nSAML Assertion verification failed; Please contact your administrator\nv=2b46554c087d2d5516559e9b8bc1875d\n/vpn/images/AccessGateway.ico\nframe-busting\n/vpn/js/logout_view.js?v=\n_ctxstxt_NetscalerAAA\nlib.min20200813.js\n401 Unauthorized Basic realm=\nsName='1';onTest(this);\nvar passadm = \"admin\";\nOPMODE_BRIDGE\ndocument.all.cmd_result\n<input id=\"key\" type=\"text\" style=\"width: 200px\" value=\"02108CB9-2200D5A4\">\n<input id=\"date\" type=\"text\" style=\"width: 200px\" value=\"12/25/2023\">\nmain page cgi-bin/login.cgi\nvar sessionKey='030ff030ff88';\nloc += '&sessionKey=19dec20030ff8dcb2';\n}\n\nvar code = 'location=\"' + loc + '\"';\n\nPassword change successful\nJ2100N GPON ONT\n/cgi-bin/webui/admin\nsesskey\nname=admin pass=123 priv=ppp\nservice=www.dlinkddns.com\nsysCmdType\nContent-Type: auth/request\n\n\nContent-Type: command/reply\n\nReply-Text: +OK accepted\n\n\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)\n007b2000-007c1000 rw-p 00000000 00:00 0\nSize:                 60 kB\nRss:                  52 kB\nPss:                  52 kB\nShared_Clean:          0 kB\nShared_Dirty:          0 kB\nPrivate_Clean:         0 kB\nPrivate_Dirty:        52 kB\nReferenced:           52 kB\nAnonymous:            52 kB\nAnonHugePages:         0 kB\nSwap:                  8 kB\nKernelPageSize:        4 kB\nMMUPageSize:           4 kB",
   "datamd5" : "444f1d08ab448f16b850cdfd64496fed",
   "datammh3" : 614701279,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "linodeusercontent.com"
   ],
   "geolocus" : {
      "asn" : "AS63949",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "akamai.com",
         "linode.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LINODE",
      "organization" : "Linode",
      "subnet" : "66.228.32.0/19"
   },
   "host" : [
      "66-228-59-243"
   ],
   "hostname" : [
      "66-228-59-243.ip.linodeusercontent.com"
   ],
   "ip" : "66.228.59.243",
   "ipv6" : "false",
   "latitude" : "33.7485",
   "location" : "33.7485,-84.3871",
   "longitude" : "-84.3871",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Akamai Connected Cloud",
   "os" : "Linux",
   "osdistribution" : "sUse",
   "osvendor" : "Linux",
   "port" : 212,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.2",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "66-228-59-243.ip.linodeusercontent.com"
   ],
   "seen_date" : "2024-10-16",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "ip.linodeusercontent.com"
   ],
   "subnet" : "66.228.32.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
5.32.129.54

Network
5.32.128.0/22

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://5.32.129.54:212/ 301

HTTP Title
301 Moved Permanently

ASN
AS60168

Organization
Net Service BG Ltd

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx 1.14.2

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
f06cb88fe8cf8fbdefafc74e48a7bc5d

HTTP Header MD5
374899cbd21cf59d36c3a1e2bf03a0e5

HTTP Body MD5
068ba18c91afebe2d5ac3b35fe2c50a1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.2
Date: Sun, 13 Oct 2024 03:01:59 GMT
Content-Type: text/html
Content-Length: 185
Connection: close
Location: https://<ip>/

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.14.2</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-13T03:01:59.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "068ba18c91afebe2d5ac3b35fe2c50a1",
         "bodymmh3" : -1426104546,
         "headermd5" : "374899cbd21cf59d36c3a1e2bf03a0e5",
         "headermmh3" : 990791398,
         "title" : "301 Moved Permanently"
      },
      "length" : 368
   },
   "asn" : "AS60168",
   "city" : "Ribnovo",
   "country" : "BG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 301 Moved Permanently\r\nServer: nginx/1.14.2\r\nDate: Sun, 13 Oct 2024 03:01:59 GMT\r\nContent-Type: text/html\r\nContent-Length: 185\r\nConnection: close\r\nLocation: https://<ip>/\r\n\r\n<html>\r\n<head><title>301 Moved Permanently</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>301 Moved Permanently</h1></center>\r\n<hr><center>nginx/1.14.2</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "f06cb88fe8cf8fbdefafc74e48a7bc5d",
   "datammh3" : 1159019388,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS60168",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "BG",
      "countryname" : "Bulgaria",
      "domain" : [
         "ipacct.com"
      ],
      "isineu" : "true",
      "latitude" : "42.733883",
      "location" : "42.733883,25.48583",
      "longitude" : "25.48583",
      "netname" : "BG-PONBG-20120509",
      "organization" : "PON.BG Ltd.",
      "subnet" : "5.32.128.0/22"
   },
   "ip" : "5.32.129.54",
   "ipv6" : "false",
   "latitude" : "41.7174",
   "location" : "41.7174,23.7697",
   "longitude" : "23.7697",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Net Service BG Ltd",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 212,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.2",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Permanently",
   "seen_date" : "2024-10-13",
   "source" : "datascan",
   "status" : 301,
   "subnet" : "5.32.128.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
213.230.65.55

Network
213.230.64.0/18

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://213.230.65.55:212/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS8193

Organization
Uzbektelekom Joint Stock Company

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx 1.14.2

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
ab02f48b964ee86e9025e17626ea721c

HTTP Header MD5
c032d719f0bb3a18f39ae8622c1cb001

HTTP Body MD5
a96af466e25c4c8966828107b5af6a8b

HTTP/1.1 400 Bad Request
Server: nginx/1.14.2
Date: Sat, 12 Oct 2024 20:54:08 GMT
Content-Type: text/html
Content-Length: 271
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.14.2</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-12T20:54:08.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "a96af466e25c4c8966828107b5af6a8b",
         "bodymmh3" : 1451379092,
         "headermd5" : "c032d719f0bb3a18f39ae8622c1cb001",
         "headermmh3" : 1528865207,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 423
   },
   "asn" : "AS8193",
   "city" : "Tashkent",
   "country" : "UZ",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.14.2\r\nDate: Sat, 12 Oct 2024 20:54:08 GMT\r\nContent-Type: text/html\r\nContent-Length: 271\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.14.2</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "ab02f48b964ee86e9025e17626ea721c",
   "datammh3" : 362456294,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS8193",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "UZ",
      "countryname" : "Uzbekistan",
      "domain" : [
         "bkm.uz"
      ],
      "isineu" : "false",
      "latitude" : "41.377491",
      "location" : "41.377491,64.585262",
      "longitude" : "64.585262",
      "netname" : "UZTELECOM-STATIC-CUSTOMERS",
      "organization" : "Uzbektelekom\" Joint Stock Company",
      "subnet" : "213.230.64.0/19"
   },
   "ip" : "213.230.65.55",
   "ipv6" : "false",
   "latitude" : "41.2615",
   "location" : "41.2615,69.2177",
   "longitude" : "69.2177",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Uzbektelekom Joint Stock Company",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 212,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.2",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-10-12",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "213.230.64.0/18",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
51.222.230.191

Network
51.222.0.0/16

Domain(s)
ip-51-222-230.net

Device

<enterprise field>: device.class

URL

http://51.222.230.191:212/ 401

HTTP Title
401 Authorization Required

Reverse DNS
ip191.ip-51-222-230.net

ASN
AS16276

Organization
OVH SAS

Protocol
http

Source
datascan
Product
F5 Nginx 1.14.2

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
f98bfec3260c333a27ad9e2e1c09301a

HTTP Header MD5
89cafcaaedd0bc3bcf85aef78c0ca50e

HTTP Body MD5
00bcd41dd5371c570b7b4a46f2d7ec4d

HTTP/1.1 401 Unauthorized
Server: nginx/1.14.2
Date: Fri, 11 Oct 2024 13:11:41 +0000
Content-Type: text/html
Content-Length: 188
Connection: keep-alive
WWW-Authenticate: Basic realm="Access to admin page"

<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.14.2</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-10-11T13:11:51.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "00bcd41dd5371c570b7b4a46f2d7ec4d",
         "bodymmh3" : -369667210,
         "headermd5" : "89cafcaaedd0bc3bcf85aef78c0ca50e",
         "headermmh3" : -32194938,
         "realm" : "Access to admin page",
         "title" : "401 Authorization Required"
      },
      "length" : 395
   },
   "asn" : "AS16276",
   "country" : "CA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\nServer: nginx/1.14.2\nDate: Fri, 11 Oct 2024 13:11:41 +0000\nContent-Type: text/html\nContent-Length: 188\nConnection: keep-alive\nWWW-Authenticate: Basic realm=\"Access to admin page\"\n\n<html>\n<head><title>401 Authorization Required</title></head>\n<body bgcolor=\"white\">\n<center><h1>401 Authorization Required</h1></center>\n<hr><center>nginx/1.14.2</center>\n</body>\n</html>\n\n",
   "datamd5" : "f98bfec3260c333a27ad9e2e1c09301a",
   "datammh3" : -1457514271,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "ip-51-222-230.net"
   ],
   "geolocus" : {
      "asn" : "AS16276",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "CA",
      "countryname" : "Canada",
      "domain" : [
         "ovh.ca",
         "ovh.net"
      ],
      "isineu" : "false",
      "latitude" : "56.130366",
      "location" : "56.130366,-106.346771",
      "longitude" : "-106.346771",
      "netname" : "HO-2",
      "organization" : "OVH Hosting, Inc.",
      "subnet" : "51.222.0.0/16"
   },
   "host" : [
      "ip191"
   ],
   "hostname" : [
      "ip191.ip-51-222-230.net"
   ],
   "ip" : "51.222.230.191",
   "ipv6" : "false",
   "latitude" : "45.4995",
   "location" : "45.4995,-73.5848",
   "longitude" : "-73.5848",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "OVH SAS",
   "port" : 212,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.14.2",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "ip191.ip-51-222-230.net"
   ],
   "seen_date" : "2024-10-11",
   "source" : "datascan",
   "status" : 401,
   "subnet" : "51.222.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 11 in 0.096 second(s)

54.38.116.47:212 (tcp/http) - last seen on 2024-11-07 at 03:15:05 UTC

5.15.185.171:212 (tcp/http) - last seen on 2024-11-05 at 11:25:05 UTC

39.104.57.170:212 (tcp/http) - last seen on 2024-11-02 at 12:45:08 UTC

139.99.117.0:212 (tcp/http) - last seen on 2024-10-18 at 14:35:15 UTC

84.236.145.76:212 (tcp/http) - last seen on 2024-10-18 at 01:08:42 UTC

185.218.155.146:212 (tcp/http) - last seen on 2024-10-17 at 02:02:50 UTC

66.228.59.243:212 (tcp/http) - last seen on 2024-10-16 at 18:02:55 UTC

5.32.129.54:212 (tcp/http) - last seen on 2024-10-13 at 03:01:59 UTC

213.230.65.55:212 (tcp/http) - last seen on 2024-10-12 at 20:54:08 UTC

51.222.230.191:212 (tcp/http) - last seen on 2024-10-11 at 13:11:51 UTC