Cyber Defense Search Engine

datascan ctl threatlist sniffer vulnscan riskscan

1
2
3
4
...
next >

IP
68.168.117.28

Network
68.168.112.0/20

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://68.168.117.28:24284/ 401

ASN
AS36666

Organization
GTCOMM

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a3548c4637f798185522058aace162b7

HTTP Header MD5
4a021fdf7fd1b469da6a60bae21766cf

HTTP Body MD5
b5172dd92e85cc89b8bfbaf1b3153bf7

HTTP/1.1 401 Unauthorized
content-length: 112
cache-control: no-cache
content-type: text/html
www-authenticate: Basic realm="Geosurf"
connection: close

<html><body><h1>401 Unauthorized</h1>
You need a valid user and password to access this content.
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:56:52.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b5172dd92e85cc89b8bfbaf1b3153bf7",
         "bodymmh3" : 1877923141,
         "headermd5" : "4a021fdf7fd1b469da6a60bae21766cf",
         "headermmh3" : -587271025,
         "realm" : "Geosurf"
      },
      "length" : 272
   },
   "asn" : "AS36666",
   "country" : "CA",
   "data" : "HTTP/1.1 401 Unauthorized\r\ncontent-length: 112\r\ncache-control: no-cache\r\ncontent-type: text/html\r\nwww-authenticate: Basic realm=\"Geosurf\"\r\nconnection: close\r\n\r\n<html><body><h1>401 Unauthorized</h1>\nYou need a valid user and password to access this content.\n</body></html>\n",
   "datamd5" : "a3548c4637f798185522058aace162b7",
   "datammh3" : 806168215,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS36666",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "CA",
      "countryname" : "Canada",
      "domain" : [
         "globo.tech"
      ],
      "isineu" : "false",
      "latitude" : "56.130366",
      "location" : "56.130366,-106.346771",
      "longitude" : "-106.346771",
      "netname" : "GTCOMM",
      "organization" : "GloboTech Communications",
      "subnet" : "68.168.112.0/20"
   },
   "ip" : "68.168.117.28",
   "ipv6" : "false",
   "latitude" : "43.6319",
   "location" : "43.6319,-79.3716",
   "longitude" : "-79.3716",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "GTCOMM",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 24284,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 401,
   "subnet" : "68.168.112.0/20",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
121.122.199.66

Network
121.120.0.0/14

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://121.122.199.66:24284/ 401

HTTP Title
401 Unauthorized

ASN
AS9534

Organization
Binariang Berhad

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
bba4fa74613cc0862db71701fe003731

HTTP Header MD5
129d3402b0154c72aa72fb5a9387fbc1

HTTP Body MD5
53e01c9f1bd43305a12c681925529e7a

HTTP/1.1 401 Unauthorized
Server: 7a87bad7-3eee-8411-5fda-b0996b106b9b
Date: Thu, 21 Nov 2024 09:18:24 GMT
Cache-Control: no-cache,no-store
WWW-Authenticate: Basic realm=""
Content-Type: text/html; charset=%s
Connection: close

<HTML>
<HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR="#cc9999" TEXT="#000000" LINK="#2020ff" VLINK="#4040cc">
<H4>401 Unauthorized</H4>
Authorization required.
<HR>
<ADDRESS><A HREF="http://www.acme.com/software/mini_httpd/">7a87bad7-3eee-8411-5fda-b0996b106b9b</A></ADDRESS>
</BODY>
</HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:18:25.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "acme.com"
         ],
         "hostname" : [
            "www.acme.com"
         ],
         "url" : [
            "http://www.acme.com/software/mini_httpd/"
         ]
      },
      "http" : {
         "bodymd5" : "53e01c9f1bd43305a12c681925529e7a",
         "bodymmh3" : -590619442,
         "headermd5" : "129d3402b0154c72aa72fb5a9387fbc1",
         "headermmh3" : 733910772,
         "title" : "401 Unauthorized"
      },
      "length" : 541
   },
   "asn" : "AS9534",
   "city" : "Sepang",
   "country" : "MY",
   "data" : "HTTP/1.1 401 Unauthorized\r\nServer: 7a87bad7-3eee-8411-5fda-b0996b106b9b\r\nDate: Thu, 21 Nov 2024 09:18:24 GMT\r\nCache-Control: no-cache,no-store\r\nWWW-Authenticate: Basic realm=\"\"\r\nContent-Type: text/html; charset=%s\r\nConnection: close\r\n\r\n<HTML>\n<HEAD><TITLE>401 Unauthorized</TITLE></HEAD>\n<BODY BGCOLOR=\"#cc9999\" TEXT=\"#000000\" LINK=\"#2020ff\" VLINK=\"#4040cc\">\n<H4>401 Unauthorized</H4>\nAuthorization required.\n<HR>\n<ADDRESS><A HREF=\"http://www.acme.com/software/mini_httpd/\">7a87bad7-3eee-8411-5fda-b0996b106b9b</A></ADDRESS>\n</BODY>\n</HTML>\n",
   "datamd5" : "bba4fa74613cc0862db71701fe003731",
   "datammh3" : 899301025,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9534",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "MY",
      "countryname" : "Malaysia",
      "domain" : [
         "maxis.com.my"
      ],
      "isineu" : "false",
      "latitude" : "4.210484",
      "location" : "4.210484,101.975766",
      "longitude" : "101.975766",
      "netname" : "MAXISNET-ADSL",
      "organization" : "Maxis Broadband Sdn.Bhd",
      "subnet" : "121.122.128.0/17"
   },
   "ip" : "121.122.199.66",
   "ipv6" : "false",
   "latitude" : "2.8244",
   "location" : "2.8244,101.6841",
   "longitude" : "101.6841",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Binariang Berhad",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 24284,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 401,
   "subnet" : "121.120.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
148.251.229.229

Network
148.251.0.0/16

Domain(s)
your-server.de

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://148.251.229.229:24284/ 401

Reverse DNS
static.229.229.251.148.clients.your-server.de

ASN
AS24940

Organization
Hetzner Online GmbH

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
183ead83bf87c22fbca46224489ef5f6

HTTP Header MD5
4904ec3109077928479b10098b24a4b0

HTTP Body MD5
b5172dd92e85cc89b8bfbaf1b3153bf7

HTTP/1.1 401 Unauthorized
content-length: 112
cache-control: no-cache
content-type: text/html
www-authenticate: Basic realm="Oxylabs"
connection: close

<html><body><h1>401 Unauthorized</h1>
You need a valid user and password to access this content.
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:36:41.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b5172dd92e85cc89b8bfbaf1b3153bf7",
         "bodymmh3" : 1877923141,
         "headermd5" : "4904ec3109077928479b10098b24a4b0",
         "headermmh3" : -1865171836,
         "realm" : "Oxylabs"
      },
      "length" : 272
   },
   "asn" : "AS24940",
   "city" : "Falkenstein",
   "country" : "DE",
   "data" : "HTTP/1.1 401 Unauthorized\r\ncontent-length: 112\r\ncache-control: no-cache\r\ncontent-type: text/html\r\nwww-authenticate: Basic realm=\"Oxylabs\"\r\nconnection: close\r\n\r\n<html><body><h1>401 Unauthorized</h1>\nYou need a valid user and password to access this content.\n</body></html>\n",
   "datamd5" : "183ead83bf87c22fbca46224489ef5f6",
   "datammh3" : -85097246,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "your-server.de"
   ],
   "host" : [
      "static"
   ],
   "hostname" : [
      "static.229.229.251.148.clients.your-server.de"
   ],
   "ip" : "148.251.229.229",
   "ipv6" : "false",
   "latitude" : "50.4777",
   "location" : "50.4777,12.3649",
   "longitude" : "12.3649",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Hetzner Online GmbH",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 24284,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "static.229.229.251.148.clients.your-server.de"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 401,
   "subdomains" : [
      "148.clients.your-server.de",
      "229.229.251.148.clients.your-server.de",
      "229.251.148.clients.your-server.de",
      "251.148.clients.your-server.de",
      "clients.your-server.de"
   ],
   "subnet" : "148.251.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "de"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
170.203.129.242

Network
170.203.128.0/18

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://170.203.129.242:24284/ 401

HTTP Title
Unauthorized

ASN
AS13428

Organization
SURFAIRWIRELESS-IN-02

Protocol
http

Source
datascan
Operating System
Microsoft Windows

HTTP Component(s)
Plex Media Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2de861031040181ee2188040cc83180e

HTTP Header MD5
9ca01530123920eac6307b32e7d89d3b

HTTP Body MD5
58839c8a9d6616ca62adc7b6e3610676

HTTP/1.1 401 Unauthorized
X-Plex-Protocol: 1.0
Content-Length: 193
Content-Type: text/html
Connection: close
Cache-Control: no-cache
Date: Thu, 21 Nov 2024 08:33:19 GMT

<html><head><script>window.location = window.location.href.match(/(^.+\/)[^\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:33:20.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "58839c8a9d6616ca62adc7b6e3610676",
         "bodymmh3" : 1524593440,
         "component" : [
            {
               "product" : "Media Server",
               "productvendor" : "Plex"
            }
         ],
         "headermd5" : "9ca01530123920eac6307b32e7d89d3b",
         "headermmh3" : 805748077,
         "title" : "Unauthorized"
      },
      "length" : 371
   },
   "asn" : "AS13428",
   "city" : "Wakarusa",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nX-Plex-Protocol: 1.0\r\nContent-Length: 193\r\nContent-Type: text/html\r\nConnection: close\r\nCache-Control: no-cache\r\nDate: Thu, 21 Nov 2024 08:33:19 GMT\r\n\r\n<html><head><script>window.location = window.location.href.match(/(^.+\\/)[^\\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>",
   "datamd5" : "2de861031040181ee2188040cc83180e",
   "datammh3" : -1584694499,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS13428",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "surfairwireless.net",
         "surfairwireless.us",
         "surfbroadband.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "SAWL-1",
      "organization" : "Surf Air Wireless, LLC",
      "subnet" : "170.203.128.0/18"
   },
   "ip" : "170.203.129.242",
   "ipv6" : "false",
   "latitude" : "41.5403",
   "location" : "41.5403,-86.0245",
   "longitude" : "-86.0245",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "SURFAIRWIRELESS-IN-02",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 24284,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 401,
   "subnet" : "170.203.128.0/18",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
8.138.148.146

Network
8.136.0.0/13

Device

<enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product <enterprise field>: device.productversion

Operating System
Linux Linux sUse

URL

http://8.138.148.146:24284/ 401

HTTP Title
ZXHN H168N V3.1

HTTP Keyword(s)
voip vos3000

HTTP Copyright
www.linknat.com, 昆石网络

ASN
AS37963

Organization
Hangzhou Alibaba Advertising Co.,Ltd.

Protocol
http

Source
datascan
Operating System
Linux Linux sUse

HTTP Component(s)
Drupal Drupal 8 Oracle Java SPIP SPIP 4.1.11 Jenkins Jenkins 2.121.3 Atlassian Confluence Roundcube Webmail Gitlab Gitlab Microsoft ASP.NET 4.0.30319 MobileIron Core

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
f4d7fdfca491f3b939ac70e499d416ac

HTTP Header MD5
d0ce50ef80faf881b4fff20e41440956

HTTP Body MD5
8b618a735090d595fcdf6a1684d4ef47

HTTP/1.1 401 Unauthorized
Composed-By: SPIP 4.1.11 @ www.spip.net
Content-Length: 107250
Content-Type: text/html;charset=utf-8
Last-Modified: Fri, 29 Jul 2022 16:53:01 GMT
Loginip: <srcip>
P3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Pragma: private
Server: CuteBi Network Tunnel, (%>w<%)
Set-Cookie: JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;
Set-Cookie: sesskey=21263a2bf; path=/;
Set-Cookie: zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly
Set-Cookie: XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Fri, 14-Mar-2092 22:32:26 GMT; Path=/; HttpOnly;
Set-Cookie: _indexVersion=2; path=/
Set-Cookie: acSamlv2Error=; path=/; secure;
Set-Cookie: csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains
Set-Cookie: CLIENT_ID=7214
Set-Cookie: akaunting_session=7b22; Path=/;
Set-Cookie: X-Qlik-Session=35263a2bf; path=/;
Set-Cookie: cepcAdminID=25263a2bf; path=/;
Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095
Set-Cookie: csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;
Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095
Set-Cookie: grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax
Set-Cookie: PHC_DISABLED=1; path=/; secure;
Set-Cookie: _zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;
Set-Cookie: SDPSESSIONID=AE7F18F5CE887FC885E5A1AE449D9AC1; Path=/; Secure; HttpOnly; SameSite=None;
Www-Authenticate: Basic realm="DVR"
X-Ac: 3.bur _bur
X-Aspnet-Version: 4.0.30319
X-Backside-Transport: FAIL FAIL
X-Cache: MISS from Hello
X-Cache-Group: normal
X-Cache-Lookup: MISS from Hello:8080
X-Citrix-Application: Receiver for Web
X-Cmd-Response: root
X-Content-Powered-By: K2 v2.8.0 (by JoomlaWor
X-Content-Type-Options: nosniff
X-Drupal-Cache: xHIT
X-Drupal-Dynamic-Cache: MISS
X-Frame-Options: SAMEORIGIN
X-Generator: Drupal 8 (https://www.drupal.org)
X-Jenkins: 2.121.3
X-Jenkins-Session: f72d6619
X-Nginx-Cache-Status: MISS
X-Permitted-Cross-Domain-Policies: none
X-Powered-Cms: Bitrix Site Manager (31ebf3fe2d1251fbd7f82a700bcc1f66)
X-Runtime: 0.00985
X-Xss-Protection: 1; mode=block
Date: Thu, 21 Nov 2024 08:27:59 GMT
Connection: close

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta http-equiv="Pragma" content="no-cache" />
<meta charset="utf-8">
<meta content="IE=edge" http-equiv="X-UA-Compatible">
<meta content="object" property="og:type">
<meta content="GitLab" property="og:site_name">
<meta content="Help" property="og:title">
<meta content="GitLab Community Edition" property="og:description">
<meta content="summary" property="twitter:card">
<meta content="Help" property="twitter:title">
<meta content="GitLab Community Edition" property="twitter:description">
<meta content="GitLab Community Edition" name="description">
<meta content="#474D57" name="theme-color">
<meta content="#30353E" name="msapplication-TileColor">
<meta name="csrf-param" content="authenticity_token" />
<meta name="csrf-token" content="8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cd78c639bf9be7f9dc240e2b==" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta http-equiv="expires" content="-1"/>
<meta name="keywords" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/>
<meta name="author" content="www.linknat.com, 昆石网络"/>
<meta name="copyright" content="www.linknat.com, 昆石网络"/>
<meta name="generator" content="SPIP 4.1.11" />
<script src="/jquery.min.js"></script> 
<title>ZXHN H168N V3.1</title>
</head>
<body>
<div style="display: none;">
<script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"THtoAUxH4sS9","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script>
<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last="1">fritzr</User></Users></SessionInfo>
<Account>
<Entry0 Active="Yes" username="CMCCAdmin" web_passwd="CmcC4dm1n5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry1 Active="Yes" username="useradmin" web_passwd="Gu4ngx1pd5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry2 Active="Yes" username="CUAdmin"   web_passwd="CUAdmin5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<TelnetEntry Active="Yes" telnet_username="Admin" telnet_passwd="cxx4dm1n5591" telnet_port="23"/>
<FtpEntry Active="Yes" ftp_right="1" ftp_auth="1" ftp_username="Admin" ftp_passwd="cxx4dm1n5591" ftp_port="21" />
<SambaEntry Active="Yes" smb_right="1" smb_auth="1" smb_username="Admin" smb_passwd="cxx4dm1n5591" />
<ConsoleEntry Active="Yes" console_username="Admin" console_passwd="cxx4dm1n5591"/>
<CTDefParaEntry setDefValueFlag="1" />
</Account>
<div>8.5.5 (Build:20200530.307-TEMP)</div>
<span class="greyNote version"><span class="vWord">Version</span> 2023.11.3 (build 147512)</span>
<h1>Logged in as <strong>admin</strong></h1><input type="hidden" name="csrfmiddlewaretoken" value="e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y"><textarea id="3revi" name="revi" rows="4" cols="50">server1 Ubuntu 22.04 LTS</textarea>
<ca status="disabled" href="/+CSCOCA+/login.html" />
<form action="/login/vpnSdef" enctype="multipart/form-data" method="post" name="login">
    <div data-user="root" data-module="package-updates"></div>
    <code>The zip file did not contain an entry exportDescriptor.properties</code>
    <span class="form-hidden"><input name="page" value="login" type="hidden"/><input name="formulaire_action" type="hidden" value="login" /><input name="formulaire_action_args" type="hidden" value="dzdNV0MzUGFDV0NHemR6bWorekNEWHY=" /><input name="formulaire_action_sign" type="hidden" value="" /></span>
    <message>Please enter your username and password.</message>
    <input name="formid" type="hidden" value="012afed" />
    <input name="javax.faces.ViewState" type="hidden" value="012afed" />
    <input name="queryString" type="hidden" value="1406192" />
    <div class="versionInfo">The Cacti Group Version 1.2.25</div>
    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>
    <input type="hidden" name="token" value="0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec">
    <input type='hidden' name='__csrf_magic' value="key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654" />
    <input type="hidden" name="tokenid"  value="1804289383" >
    <input type="hidden" name="name"  value="1804289383" >
    <input type="hidden" name="csrfKey" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="hidden" name="csrf_token" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" name="ref" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="username_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="password_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="csrf" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="xd_check" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="give-form-id" name="give-form-id" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" id="give-form-hash" name="give-form-hash" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="text" name="username" label="Username:" value="admin" />
    <input type="password" name="password" label="Password:" value="123456" />
    <input type="hidden" name="tgroup" value="DefaultADMINGroup" />
    <input type="submit" name="Login" value="Login" />
    <input type="reset" name="Clear" value="Clear" />
</form>
<input type="hidden" value="Maintain/cloud_index.php" id="cloud_addr">
<li class="lisel" onclick="location.href='index.php'">日志系统</li>
<li class="linormal" onclick="location.href='Maintain/cloud_index.php'" style="margin-left:1px;">云平台</li>
<button type="button" data-price-id=True>sb</button>
<div class="prod_madelName">RT-AC5300</div>
<div class="p1 title_gap">Sign in with your ASUS router account</div>
<tr class="h"><th>PHP Group</th></tr>
<tr><td class="e">upload_tmp_dir</td><td class="v">/etc/httpd/_tmp</td><td class="v">/etc/httpd/_tmp</td></tr>
<tr><td class="e">$_SERVER['DOCUMENT_ROOT']</td><td class="v">/mnt/HDD2/web/</td></tr>
<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>
<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>
<div class="text" id="jive-loginVersion"> Openfire, Version: 3.6.0a</div>
<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>
<div id="mcname">LoadMaster</div>
<p><br/><span>出厂IP：192.168.1.1</span><br/><span>用户名、密码：admin admin</span></p>
<td colspan="2">Please enter your Cacti user name and password below:</td>
<meta id="confluence-context-path" name="confluence-context-path" content="">
<meta id="confluence-base-url" name="confluence-base-url" content="https://192.168.1.4">
<meta id="atlassian-token" name="atlassian-token" content="d78e2b977d28428e411e31b958c9c502c2425083">
<script id="frontend-js-extra">var hashform_vars = {"ajaxurl":"\/wp-admin\/admin-ajax.php","ajax_nounce":"d78e2b97","preview_img":""};</script>
<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>
<B>SonicWall Universal Management Suite v9.3</B>
<br>OK<br>
<script type="text/javascript">var csrfMagicToken = "sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646";var csrfMagicName = "__vtrftk";</script>
<select id="cars" name="name">
<option value="olvo">olvo</option>
</select>
<a href="/VICIdial/phone">MODIFY</a>
<input type="hidden" name="extension"  value="1804289383" >
<input type="hidden" name="pass"  value="1804289383" >
<input type="hidden" name="recording_exten"  value="1804289383" >
<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>
<input type='hidden' name='LDCSA_CSRF' value="sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985" />
<input type="hidden" name="admin-nonce" value="4419bb0cd2d21ef7b4cf25c9e5206f89" />
<h3 class="text-center"> <span class="soplanning_index_title2">Simple Online Planning</span> <small>v1.51.01</small> </h3>
<span>F3x26Q v1.1 (Sep 15 2023 12:36:09) std</span>
<script type='text/javascript'>
	var cactiVersion='1.2.27';
	var cactiServerOS='unix';
	var cactiAction='';
	var theme='modern';
	var refreshIsLogout=true;
	var refreshPage='/logout.php?action=timeout';
	var refreshMSeconds=1440000;
	var urlPath='/';
	var previousPage='';
	var sessionMessage=[];
	var csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';
</script>

<!--
<Username Level="40/40" Dispatch="account">admin</Username><User1><Password Level="40/40" Dispatch="account">admin</Password></User1>
/var/pinglog
<TITLE>Login</TITLE>
<a href="jpg.html">LIVE JPEG</a><br>
<a href="liveie.html">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>
<a href="DVRRemoteAP.exe">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVRRemoteAP_X64.exe">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVFPlayer.zip">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>
<\?xml version="1.0" encoding="utf-8"?><base64Binary xmlns="http://micros-hosting.com/EGateway/">
Location: /admin
<meta name="generator" content="vBulletin 5.5.4" />
Location: http://<ip>:80/relogin.htm?_t=3541144909
Location: http://<ip>:80/syscmd.htm" Location: /ui/login
/cgi-bin/webctrl.cgi?action=index_page
PDR-M800
function btnPing()
<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF="http://<ip>:80/relogin.htm?_t=179439949">here</A></BODY></HTML>
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_shortcut.png">
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_logo.png">
<td class="Copyright" colspan="2" style="text-align:justify" height="20" valign="bottom">© 2017 Cisco Systems, Inc. All Rights Reserved.
<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered
trademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates
in the United States and certain other countries.
</td>
:
#
>
$
SSH key is good
is not a valid ref and may not be archived
pcPassword2
'&sessionKey=790148060;'
name="sessionKey" value="790148060"
Set-Cookie: loginName=admin
var fgt_lang = /dev/cmdb/sslvpn_websession
php 8.1.0-dev exit
springframework
Tomcat
DEVICE.ACCOUNT=admin
AUTHORIZED_GROUP=1
<uid></uid>
<name>Admin</name>
<usrid></usrid>
<password>admin</password>
<group></group>
cpto /tmp/"root"
Model=AC1450
Firmware=V1.0.0.36_10.0.17
"exceptionMessageValue":"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found."
BIG-IP release 15.0.0
user:root
12345admin123'
Failed to process image

Location: http://192.168.0.1:52869/picsdesc.xml
You don't have permission to access /vpns/ on this server.
[global]
    workgroup = intranet
    encrypt passwords = Yes
    update encrypted = Yes

funcionando
system_sofia
name resolve order
InfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo
<b>File Uploaded !!!</b><br>
ant=951d11e51392117311602d0c25435d7f
38ee63071a04dc5e04ed22624c38e648
6f3249aa304055d63828af3bfab778f6
<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>
[local]
 tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Y2Q3OGM2MzliZjliZTdmOWRjMjQwZTJiPT0=
 addr = <ip>
"Powered by vBulletin Version 5.5.4"
789551
Linear eMerge
SuperSign
ubiq
Yacht
Zeroshell
FastWeb
AuthInfo:
loadingIndicator_bk
Zyxel
skyrouter
WAP54
org.apache.spark.ui



ID: "00af", version: "7.7.31.1", AddItem: function (a, item, c) {}
<insert implant configuration content here>
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api
Copyright (c) 2015-2020 by Cisco Systems, Inc.
All rights reserved.
SSL VPN Service
wsConvertPptResponse
<input id="txtUserName" class="txt-input" type="text" name="userName" value="" />
<input id="txtPassword" class="txt-input" type="password" name="password" value="" />
<button id="btnLogin" lc="html" lk="IDCS_LOGIN_NBSP">
<span lc="html" lk="IDCS_BS_PLUGIN_DOWNLOAD" style="line-height: 30px; vertical-align: top;"></span>
<script src="../Scripts/login.htm.js?v={JS_CSS_V}" type="text/javascript"></script>
<LegacyDN>eD2bxe4</LegacyDN>
<title class="_ctxstxt_NetscalerGateway">
SAML Assertion verification failed; Please contact your administrator
v=2b46554c087d2d5516559e9b8bc1875d
/vpn/images/AccessGateway.ico
frame-busting
/vpn/js/logout_view.js?v=
_ctxstxt_NetscalerAAA
lib.min20200813.js
401 Unauthorized Basic realm=
sName='1';onTest(this);
var passadm = "admin";
OPMODE_BRIDGE
document.all.cmd_result
<input id="key" type="text" style="width: 200px" value="02108CB9-2200D5A4">
<input id="date" type="text" style="width: 200px" value="12/25/2023">
main page cgi-bin/login.cgi
var sessionKey='030ff030ff88';
loc += '&sessionKey=19dec20030ff8dcb2';
}

var code = 'location="' + loc + '"';

Password change successful
J2100N GPON ONT
/cgi-bin/webui/admin
sesskey
name=admin pass=123 priv=ppp
service=www.dlinkddns.com
sysCmdType
C

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:27:59.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "drupal.org",
            "micros-hosting.com"
         ],
         "file" : [
            "dvrremoteap_x64.exe",
            "dvfplayer.zip",
            "dvrremoteap.exe",
            "index.php",
            "cloud_index.php",
            "admin-ajax.php",
            "p3p.xml"
         ],
         "hostname" : [
            "micros-hosting.com",
            "www.drupal.org"
         ],
         "ip" : [
            "7.7.31.1",
            "192.168.1.4",
            "192.168.1.10",
            "192.168.1.1",
            "1.0.0.36",
            "192.168.0.1"
         ],
         "url" : [
            "http://192.168.0.1:52869/picsdesc.xml",
            "http://micros-hosting.com/EGateway/",
            "https://192.168.1.4",
            "https://www.drupal.org"
         ]
      },
      "http" : {
         "bodymd5" : "8b618a735090d595fcdf6a1684d4ef47",
         "bodymmh3" : 2119799260,
         "component" : [
            {
               "productvendor" : "MobileIron",
               "product" : "Core"
            },
            {
               "productvendor" : "Oracle",
               "product" : "Java"
            },
            {
               "product" : "Drupal",
               "productversion" : "8",
               "productvendor" : "Drupal"
            },
            {
               "productvendor" : "Atlassian",
               "product" : "Confluence"
            },
            {
               "product" : "SPIP",
               "productversion" : "4.1.11",
               "productvendor" : "SPIP"
            },
            {
               "product" : "Jenkins",
               "productversion" : "2.121.3",
               "productvendor" : "Jenkins"
            },
            {
               "product" : "Gitlab",
               "productvendor" : "Gitlab"
            },
            {
               "product" : "ASP.NET",
               "productvendor" : "Microsoft",
               "productversion" : "4.0.30319"
            },
            {
               "productvendor" : "Roundcube",
               "product" : "Webmail"
            }
         ],
         "copyright" : "www.linknat.com, \u6606\u77f3\u7f51\u7edc",
         "header" : [
            {
               "value" : "Fri, 29 Jul 2022 16:53:01 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "d0ce50ef80faf881b4fff20e41440956",
         "headermmh3" : 1281459271,
         "keywords" : [
            "voip",
            "vos3000"
         ],
         "realm" : "DVR",
         "title" : "ZXHN H168N V3.1"
      },
      "length" : 16297
   },
   "asn" : "AS37963",
   "city" : "Guangzhou",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nComposed-By: SPIP 4.1.11 @ www.spip.net\r\nContent-Length: 107250\r\nContent-Type: text/html;charset=utf-8\r\nLast-Modified: Fri, 29 Jul 2022 16:53:01 GMT\r\nLoginip: <srcip>\r\nP3p: policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\"\r\nPragma: private\r\nServer: CuteBi Network Tunnel, (%>w<%)\r\nSet-Cookie: JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;\r\nSet-Cookie: sesskey=21263a2bf; path=/;\r\nSet-Cookie: zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly\r\nSet-Cookie: XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Fri, 14-Mar-2092 22:32:26 GMT; Path=/; HttpOnly;\r\nSet-Cookie: _indexVersion=2; path=/\r\nSet-Cookie: acSamlv2Error=; path=/; secure;\r\nSet-Cookie: csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains\r\nSet-Cookie: CLIENT_ID=7214\r\nSet-Cookie: akaunting_session=7b22; Path=/;\r\nSet-Cookie: X-Qlik-Session=35263a2bf; path=/;\r\nSet-Cookie: cepcAdminID=25263a2bf; path=/;\r\nSet-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095\r\nSet-Cookie: csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;\r\nSet-Cookie: roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095\r\nSet-Cookie: grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax\r\nSet-Cookie: PHC_DISABLED=1; path=/; secure;\r\nSet-Cookie: _zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;\r\nSet-Cookie: SDPSESSIONID=AE7F18F5CE887FC885E5A1AE449D9AC1; Path=/; Secure; HttpOnly; SameSite=None;\r\nWww-Authenticate: Basic realm=\"DVR\"\r\nX-Ac: 3.bur _bur\r\nX-Aspnet-Version: 4.0.30319\r\nX-Backside-Transport: FAIL FAIL\r\nX-Cache: MISS from Hello\r\nX-Cache-Group: normal\r\nX-Cache-Lookup: MISS from Hello:8080\r\nX-Citrix-Application: Receiver for Web\r\nX-Cmd-Response: root\r\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWor\r\nX-Content-Type-Options: nosniff\r\nX-Drupal-Cache: xHIT\r\nX-Drupal-Dynamic-Cache: MISS\r\nX-Frame-Options: SAMEORIGIN\r\nX-Generator: Drupal 8 (https://www.drupal.org)\r\nX-Jenkins: 2.121.3\r\nX-Jenkins-Session: f72d6619\r\nX-Nginx-Cache-Status: MISS\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-Powered-Cms: Bitrix Site Manager (31ebf3fe2d1251fbd7f82a700bcc1f66)\r\nX-Runtime: 0.00985\r\nX-Xss-Protection: 1; mode=block\r\nDate: Thu, 21 Nov 2024 08:27:59 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta charset=\"utf-8\">\n<meta content=\"IE=edge\" http-equiv=\"X-UA-Compatible\">\n<meta content=\"object\" property=\"og:type\">\n<meta content=\"GitLab\" property=\"og:site_name\">\n<meta content=\"Help\" property=\"og:title\">\n<meta content=\"GitLab Community Edition\" property=\"og:description\">\n<meta content=\"summary\" property=\"twitter:card\">\n<meta content=\"Help\" property=\"twitter:title\">\n<meta content=\"GitLab Community Edition\" property=\"twitter:description\">\n<meta content=\"GitLab Community Edition\" name=\"description\">\n<meta content=\"#474D57\" name=\"theme-color\">\n<meta content=\"#30353E\" name=\"msapplication-TileColor\">\n<meta name=\"csrf-param\" content=\"authenticity_token\" />\n<meta name=\"csrf-token\" content=\"8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cd78c639bf9be7f9dc240e2b==\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n<meta http-equiv=\"expires\" content=\"-1\"/>\n<meta name=\"keywords\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"author\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"copyright\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"generator\" content=\"SPIP 4.1.11\" />\n<script src=\"/jquery.min.js\"></script> \n<title>ZXHN H168N V3.1</title>\n</head>\n<body>\n<div style=\"display: none;\">\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"THtoAUxH4sS9\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last=\"1\">fritzr</User></Users></SessionInfo>\n<Account>\n<Entry0 Active=\"Yes\" username=\"CMCCAdmin\" web_passwd=\"CmcC4dm1n5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry1 Active=\"Yes\" username=\"useradmin\" web_passwd=\"Gu4ngx1pd5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry2 Active=\"Yes\" username=\"CUAdmin\"   web_passwd=\"CUAdmin5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<TelnetEntry Active=\"Yes\" telnet_username=\"Admin\" telnet_passwd=\"cxx4dm1n5591\" telnet_port=\"23\"/>\n<FtpEntry Active=\"Yes\" ftp_right=\"1\" ftp_auth=\"1\" ftp_username=\"Admin\" ftp_passwd=\"cxx4dm1n5591\" ftp_port=\"21\" />\n<SambaEntry Active=\"Yes\" smb_right=\"1\" smb_auth=\"1\" smb_username=\"Admin\" smb_passwd=\"cxx4dm1n5591\" />\n<ConsoleEntry Active=\"Yes\" console_username=\"Admin\" console_passwd=\"cxx4dm1n5591\"/>\n<CTDefParaEntry setDefValueFlag=\"1\" />\n</Account>\n<div>8.5.5 (Build:20200530.307-TEMP)</div>\n<span class=\"greyNote version\"><span class=\"vWord\">Version</span> 2023.11.3 (build 147512)</span>\n<h1>Logged in as <strong>admin</strong></h1><input type=\"hidden\" name=\"csrfmiddlewaretoken\" value=\"e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y\"><textarea id=\"3revi\" name=\"revi\" rows=\"4\" cols=\"50\">server1 Ubuntu 22.04 LTS</textarea>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n<form action=\"/login/vpnSdef\" enctype=\"multipart/form-data\" method=\"post\" name=\"login\">\n    <div data-user=\"root\" data-module=\"package-updates\"></div>\n    <code>The zip file did not contain an entry exportDescriptor.properties</code>\n    <span class=\"form-hidden\"><input name=\"page\" value=\"login\" type=\"hidden\"/><input name=\"formulaire_action\" type=\"hidden\" value=\"login\" /><input name=\"formulaire_action_args\" type=\"hidden\" value=\"dzdNV0MzUGFDV0NHemR6bWorekNEWHY=\" /><input name=\"formulaire_action_sign\" type=\"hidden\" value=\"\" /></span>\n    <message>Please enter your username and password.</message>\n    <input name=\"formid\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"javax.faces.ViewState\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"queryString\" type=\"hidden\" value=\"1406192\" />\n    <div class=\"versionInfo\">The Cacti Group Version 1.2.25</div>\n    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>\n    <input type=\"hidden\" name=\"token\" value=\"0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec\">\n    <input type='hidden' name='__csrf_magic' value=\"key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654\" />\n    <input type=\"hidden\" name=\"tokenid\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"name\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"csrfKey\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"hidden\" name=\"csrf_token\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" name=\"ref\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"username_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"password_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"csrf\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"xd_check\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"give-form-id\" name=\"give-form-id\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" id=\"give-form-hash\" name=\"give-form-hash\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"text\" name=\"username\" label=\"Username:\" value=\"admin\" />\n    <input type=\"password\" name=\"password\" label=\"Password:\" value=\"123456\" />\n    <input type=\"hidden\" name=\"tgroup\" value=\"DefaultADMINGroup\" />\n    <input type=\"submit\" name=\"Login\" value=\"Login\" />\n    <input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n</form>\n<input type=\"hidden\" value=\"Maintain/cloud_index.php\" id=\"cloud_addr\">\n<li class=\"lisel\" onclick=\"location.href='index.php'\">\u65e5\u5fd7\u7cfb\u7edf</li>\n<li class=\"linormal\" onclick=\"location.href='Maintain/cloud_index.php'\" style=\"margin-left:1px;\">\u4e91\u5e73\u53f0</li>\n<button type=\"button\" data-price-id=True>sb</button>\n<div class=\"prod_madelName\">RT-AC5300</div>\n<div class=\"p1 title_gap\">Sign in with your ASUS router account</div>\n<tr class=\"h\"><th>PHP Group</th></tr>\n<tr><td class=\"e\">upload_tmp_dir</td><td class=\"v\">/etc/httpd/_tmp</td><td class=\"v\">/etc/httpd/_tmp</td></tr>\n<tr><td class=\"e\">$_SERVER['DOCUMENT_ROOT']</td><td class=\"v\">/mnt/HDD2/web/</td></tr>\n<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>\n<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>\n<div class=\"text\" id=\"jive-loginVersion\"> Openfire, Version: 3.6.0a</div>\n<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>\n<div id=\"mcname\">LoadMaster</div>\n<p><br/><span>\u51fa\u5382IP\uff1a192.168.1.1</span><br/><span>\u7528\u6237\u540d\u3001\u5bc6\u7801\uff1aadmin admin</span></p>\n<td colspan=\"2\">Please enter your Cacti user name and password below:</td>\n<meta id=\"confluence-context-path\" name=\"confluence-context-path\" content=\"\">\n<meta id=\"confluence-base-url\" name=\"confluence-base-url\" content=\"https://192.168.1.4\">\n<meta id=\"atlassian-token\" name=\"atlassian-token\" content=\"d78e2b977d28428e411e31b958c9c502c2425083\">\n<script id=\"frontend-js-extra\">var hashform_vars = {\"ajaxurl\":\"\\/wp-admin\\/admin-ajax.php\",\"ajax_nounce\":\"d78e2b97\",\"preview_img\":\"\"};</script>\n<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>\n<B>SonicWall Universal Management Suite v9.3</B>\n<br>OK<br>\n<script type=\"text/javascript\">var csrfMagicToken = \"sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646\";var csrfMagicName = \"__vtrftk\";</script>\n<select id=\"cars\" name=\"name\">\n<option value=\"olvo\">olvo</option>\n</select>\n<a href=\"/VICIdial/phone\">MODIFY</a>\n<input type=\"hidden\" name=\"extension\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"pass\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"recording_exten\"  value=\"1804289383\" >\n<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>\n<input type='hidden' name='LDCSA_CSRF' value=\"sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985\" />\n<input type=\"hidden\" name=\"admin-nonce\" value=\"4419bb0cd2d21ef7b4cf25c9e5206f89\" />\n<h3 class=\"text-center\"> <span class=\"soplanning_index_title2\">Simple Online Planning</span> <small>v1.51.01</small> </h3>\n<span>F3x26Q v1.1 (Sep 15 2023 12:36:09) std</span>\n<script type='text/javascript'>\n\tvar cactiVersion='1.2.27';\n\tvar cactiServerOS='unix';\n\tvar cactiAction='';\n\tvar theme='modern';\n\tvar refreshIsLogout=true;\n\tvar refreshPage='/logout.php?action=timeout';\n\tvar refreshMSeconds=1440000;\n\tvar urlPath='/';\n\tvar previousPage='';\n\tvar sessionMessage=[];\n\tvar csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';\n</script>\n\n<!--\n<Username Level=\"40/40\" Dispatch=\"account\">admin</Username><User1><Password Level=\"40/40\" Dispatch=\"account\">admin</Password></User1>\n/var/pinglog\n<TITLE>Login</TITLE>\n<a href=\"jpg.html\">LIVE JPEG</a><br>\n<a href=\"liveie.html\">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>\n<a href=\"DVRRemoteAP.exe\">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVRRemoteAP_X64.exe\">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVFPlayer.zip\">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>\n<\\?xml version=\"1.0\" encoding=\"utf-8\"?><base64Binary xmlns=\"http://micros-hosting.com/EGateway/\">\nLocation: /admin\n<meta name=\"generator\" content=\"vBulletin 5.5.4\" />\nLocation: http://<ip>:80/relogin.htm?_t=3541144909\nLocation: http://<ip>:80/syscmd.htm\" Location: /ui/login\n/cgi-bin/webctrl.cgi?action=index_page\nPDR-M800\nfunction btnPing()\n<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF=\"http://<ip>:80/relogin.htm?_t=179439949\">here</A></BODY></HTML>\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_shortcut.png\">\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_logo.png\">\n<td class=\"Copyright\" colspan=\"2\" style=\"text-align:justify\" height=\"20\" valign=\"bottom\">\u00a9 2017 Cisco Systems, Inc. All Rights Reserved.\n<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered\ntrademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates\nin the United States and certain other countries.\n</td>\n:\n#\n>\n$\nSSH key is good\nis not a valid ref and may not be archived\npcPassword2\n'&sessionKey=790148060;'\nname=\"sessionKey\" value=\"790148060\"\nSet-Cookie: loginName=admin\nvar fgt_lang = /dev/cmdb/sslvpn_websession\nphp 8.1.0-dev exit\nspringframework\nTomcat\nDEVICE.ACCOUNT=admin\nAUTHORIZED_GROUP=1\n<uid></uid>\n<name>Admin</name>\n<usrid></usrid>\n<password>admin</password>\n<group></group>\ncpto /tmp/\"root\"\nModel=AC1450\r\nFirmware=V1.0.0.36_10.0.17\r\n\"exceptionMessageValue\":\"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found.\"\nBIG-IP release 15.0.0\nuser:root\n12345admin123'\nFailed to process image\n\nLocation: http://192.168.0.1:52869/picsdesc.xml\nYou don't have permission to access /vpns/ on this server.\n[global]\n    workgroup = intranet\n    encrypt passwords = Yes\n    update encrypted = Yes\n\nfuncionando\nsystem_sofia\nname resolve order\nInfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo\n<b>File Uploaded !!!</b><br>\nant=951d11e51392117311602d0c25435d7f\n38ee63071a04dc5e04ed22624c38e648\n6f3249aa304055d63828af3bfab778f6\n<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>\n[local]\n tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Y2Q3OGM2MzliZjliZTdmOWRjMjQwZTJiPT0=\n addr = <ip>\n\"Powered by vBulletin Version 5.5.4\"\n789551\nLinear eMerge\nSuperSign\nubiq\nYacht\nZeroshell\nFastWeb\nAuthInfo:\nloadingIndicator_bk\nZyxel\nskyrouter\nWAP54\norg.apache.spark.ui\n\n\n\nID: \"00af\", version: \"7.7.31.1\", AddItem: function (a, item, c) {}\n<insert implant configuration content here>\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api\nCopyright (c) 2015-2020 by Cisco Systems, Inc.\nAll rights reserved.\nSSL VPN Service\nwsConvertPptResponse\n<input id=\"txtUserName\" class=\"txt-input\" type=\"text\" name=\"userName\" value=\"\" />\n<input id=\"txtPassword\" class=\"txt-input\" type=\"password\" name=\"password\" value=\"\" />\n<button id=\"btnLogin\" lc=\"html\" lk=\"IDCS_LOGIN_NBSP\">\n<span lc=\"html\" lk=\"IDCS_BS_PLUGIN_DOWNLOAD\" style=\"line-height: 30px; vertical-align: top;\"></span>\n<script src=\"../Scripts/login.htm.js?v={JS_CSS_V}\" type=\"text/javascript\"></script>\n<LegacyDN>eD2bxe4</LegacyDN>\n<title class=\"_ctxstxt_NetscalerGateway\">\nSAML Assertion verification failed; Please contact your administrator\nv=2b46554c087d2d5516559e9b8bc1875d\n/vpn/images/AccessGateway.ico\nframe-busting\n/vpn/js/logout_view.js?v=\n_ctxstxt_NetscalerAAA\nlib.min20200813.js\n401 Unauthorized Basic realm=\nsName='1';onTest(this);\nvar passadm = \"admin\";\nOPMODE_BRIDGE\ndocument.all.cmd_result\n<input id=\"key\" type=\"text\" style=\"width: 200px\" value=\"02108CB9-2200D5A4\">\n<input id=\"date\" type=\"text\" style=\"width: 200px\" value=\"12/25/2023\">\nmain page cgi-bin/login.cgi\nvar sessionKey='030ff030ff88';\nloc += '&sessionKey=19dec20030ff8dcb2';\n}\n\nvar code = 'location=\"' + loc + '\"';\n\nPassword change successful\nJ2100N GPON ONT\n/cgi-bin/webui/admin\nsesskey\nname=admin pass=123 priv=ppp\nservice=www.dlinkddns.com\nsysCmdType\nC",
   "datamd5" : "f4d7fdfca491f3b939ac70e499d416ac",
   "datammh3" : 969144953,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor",
      "productversion" : "<enterprise field>: device.productversion"
   },
   "geolocus" : {
      "asn" : "AS37963",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "alibaba-inc.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "ALICLOUD",
      "organization" : "Alibaba.com Singapore E-Commerce Private Limited",
      "subnet" : "8.136.0.0/14"
   },
   "ip" : "8.138.148.146",
   "ipv6" : "false",
   "latitude" : "23.1181",
   "location" : "23.1181,113.2539",
   "longitude" : "113.2539",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Hangzhou Alibaba Advertising Co.,Ltd.",
   "os" : "Linux",
   "osdistribution" : "sUse",
   "osvendor" : "Linux",
   "port" : 24284,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 401,
   "subnet" : "8.136.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
46.162.111.236

Network
46.162.96.0/19

Domain(s)
bredband2.com

Device

<enterprise field>: device.class

Operating System
FreeBSD FreeBSD

URL

http://46.162.111.236:24284/ 401

HTTP Title
Unauthorized

Reverse DNS
46-162-111-236.cust.bredband2.com

ASN
AS29518

Organization
Bredband2 AB

Protocol
http

Source
datascan
Operating System
FreeBSD FreeBSD

HTTP Component(s)
Plex Media Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2de861031040181ee2188040cc83180e

HTTP Header MD5
9ca01530123920eac6307b32e7d89d3b

HTTP Body MD5
58839c8a9d6616ca62adc7b6e3610676

HTTP/1.1 401 Unauthorized
X-Plex-Protocol: 1.0
Content-Length: 193
Content-Type: text/html
Connection: close
Cache-Control: no-cache
Date: Thu, 21 Nov 2024 06:51:45 GMT

<html><head><script>window.location = window.location.href.match(/(^.+\/)[^\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T06:51:46.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "58839c8a9d6616ca62adc7b6e3610676",
         "bodymmh3" : 1524593440,
         "component" : [
            {
               "productvendor" : "Plex",
               "product" : "Media Server"
            }
         ],
         "headermd5" : "9ca01530123920eac6307b32e7d89d3b",
         "headermmh3" : -601625229,
         "title" : "Unauthorized"
      },
      "length" : 371
   },
   "asn" : "AS29518",
   "country" : "SE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nX-Plex-Protocol: 1.0\r\nContent-Length: 193\r\nContent-Type: text/html\r\nConnection: close\r\nCache-Control: no-cache\r\nDate: Thu, 21 Nov 2024 06:51:45 GMT\r\n\r\n<html><head><script>window.location = window.location.href.match(/(^.+\\/)[^\\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>",
   "datamd5" : "2de861031040181ee2188040cc83180e",
   "datammh3" : -1584694499,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "bredband2.com"
   ],
   "host" : [
      "46-162-111-236"
   ],
   "hostname" : [
      "46-162-111-236.cust.bredband2.com"
   ],
   "ip" : "46.162.111.236",
   "ipv6" : "false",
   "latitude" : "59.3247",
   "location" : "59.3247,18.0560",
   "longitude" : "18.0560",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Bredband2 AB",
   "os" : "FreeBSD",
   "osvendor" : "FreeBSD",
   "port" : 24284,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "46-162-111-236.cust.bredband2.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 401,
   "subdomains" : [
      "cust.bredband2.com"
   ],
   "subnet" : "46.162.96.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
107.194.141.136

Network
107.194.0.0/15

Domain(s)
sbcglobal.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://107.194.141.136:24284/ 401

HTTP Title
Unauthorized

Reverse DNS
107-194-141-136.lightspeed.rcsntx.sbcglobal.net

ASN
AS7018

Organization
ATT-INTERNET4

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

HTTP Component(s)
Plex Media Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2de861031040181ee2188040cc83180e

HTTP Header MD5
9ca01530123920eac6307b32e7d89d3b

HTTP Body MD5
58839c8a9d6616ca62adc7b6e3610676

HTTP/1.1 401 Unauthorized
X-Plex-Protocol: 1.0
Content-Length: 193
Content-Type: text/html
Connection: close
Cache-Control: no-cache
Date: Thu, 21 Nov 2024 05:04:16 GMT

<html><head><script>window.location = window.location.href.match(/(^.+\/)[^\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T05:04:16.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "58839c8a9d6616ca62adc7b6e3610676",
         "bodymmh3" : 1524593440,
         "component" : [
            {
               "product" : "Media Server",
               "productvendor" : "Plex"
            }
         ],
         "headermd5" : "9ca01530123920eac6307b32e7d89d3b",
         "headermmh3" : -1247226370,
         "title" : "Unauthorized"
      },
      "length" : 371
   },
   "asn" : "AS7018",
   "city" : "Dallas",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nX-Plex-Protocol: 1.0\r\nContent-Length: 193\r\nContent-Type: text/html\r\nConnection: close\r\nCache-Control: no-cache\r\nDate: Thu, 21 Nov 2024 05:04:16 GMT\r\n\r\n<html><head><script>window.location = window.location.href.match(/(^.+\\/)[^\\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>",
   "datamd5" : "2de861031040181ee2188040cc83180e",
   "datammh3" : -1584694499,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "sbcglobal.net"
   ],
   "geolocus" : {
      "asn" : "AS7018",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "att.com",
         "att.net",
         "sbcglobal.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "SIS-80-4-2012",
      "organization" : "AT&T Corp.",
      "subnet" : "107.192.0.0/11"
   },
   "host" : [
      "107-194-141-136"
   ],
   "hostname" : [
      "107-194-141-136.lightspeed.rcsntx.sbcglobal.net"
   ],
   "ip" : "107.194.141.136",
   "ipv6" : "false",
   "latitude" : "32.7889",
   "location" : "32.7889,-96.8021",
   "longitude" : "-96.8021",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ATT-INTERNET4",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 24284,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "107-194-141-136.lightspeed.rcsntx.sbcglobal.net"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 401,
   "subdomains" : [
      "lightspeed.rcsntx.sbcglobal.net",
      "rcsntx.sbcglobal.net"
   ],
   "subnet" : "107.194.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
193.5.150.68

Network
193.5.150.0/24

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://193.5.150.68:24284/ 401

HTTP Title
Unauthorized

ASN
AS201746

Organization
Olivenet Network S.L.

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

HTTP Component(s)
Plex Media Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2de861031040181ee2188040cc83180e

HTTP Header MD5
9ca01530123920eac6307b32e7d89d3b

HTTP Body MD5
58839c8a9d6616ca62adc7b6e3610676

HTTP/1.1 401 Unauthorized
X-Plex-Protocol: 1.0
Content-Length: 193
Content-Type: text/html
Connection: close
Cache-Control: no-cache
Date: Thu, 21 Nov 2024 05:01:52 GMT

<html><head><script>window.location = window.location.href.match(/(^.+\/)[^\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T05:01:53.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "58839c8a9d6616ca62adc7b6e3610676",
         "bodymmh3" : 1524593440,
         "component" : [
            {
               "product" : "Media Server",
               "productvendor" : "Plex"
            }
         ],
         "headermd5" : "9ca01530123920eac6307b32e7d89d3b",
         "headermmh3" : 475149237,
         "title" : "Unauthorized"
      },
      "length" : 371
   },
   "asn" : "AS201746",
   "city" : "Manilva",
   "country" : "ES",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nX-Plex-Protocol: 1.0\r\nContent-Length: 193\r\nContent-Type: text/html\r\nConnection: close\r\nCache-Control: no-cache\r\nDate: Thu, 21 Nov 2024 05:01:52 GMT\r\n\r\n<html><head><script>window.location = window.location.href.match(/(^.+\\/)[^\\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>",
   "datamd5" : "2de861031040181ee2188040cc83180e",
   "datammh3" : -1584694499,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "193.5.150.68",
   "ipv6" : "false",
   "latitude" : "36.3773",
   "location" : "36.3773,-5.2559",
   "longitude" : "-5.2559",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Olivenet Network S.L.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 24284,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 401,
   "subnet" : "193.5.150.0/24",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
24.213.42.163

Network
24.213.0.0/18

Domain(s)
spectrum.com

Device

<enterprise field>: device.class

Operating System
FreeBSD FreeBSD

URL

http://24.213.42.163:24284/ 401

HTTP Title
Unauthorized

Reverse DNS
syn-024-213-042-163.res.spectrum.com

ASN
AS20115

Organization
CHARTER-20115

Protocol
http

Source
datascan
Operating System
FreeBSD FreeBSD

HTTP Component(s)
Plex Media Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
2de861031040181ee2188040cc83180e

HTTP Header MD5
9ca01530123920eac6307b32e7d89d3b

HTTP Body MD5
58839c8a9d6616ca62adc7b6e3610676

HTTP/1.1 401 Unauthorized
X-Plex-Protocol: 1.0
Content-Length: 193
Content-Type: text/html
Connection: close
Cache-Control: no-cache
Date: Thu, 21 Nov 2024 04:43:21 GMT

<html><head><script>window.location = window.location.href.match(/(^.+\/)[^\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T04:43:25.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "58839c8a9d6616ca62adc7b6e3610676",
         "bodymmh3" : 1524593440,
         "component" : [
            {
               "product" : "Media Server",
               "productvendor" : "Plex"
            }
         ],
         "headermd5" : "9ca01530123920eac6307b32e7d89d3b",
         "headermmh3" : -1228662216,
         "title" : "Unauthorized"
      },
      "length" : 371
   },
   "asn" : "AS20115",
   "city" : "Lakeville",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nX-Plex-Protocol: 1.0\r\nContent-Length: 193\r\nContent-Type: text/html\r\nConnection: close\r\nCache-Control: no-cache\r\nDate: Thu, 21 Nov 2024 04:43:21 GMT\r\n\r\n<html><head><script>window.location = window.location.href.match(/(^.+\\/)[^\\/]*$/)[1] + 'web/index.html';</script><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>",
   "datamd5" : "2de861031040181ee2188040cc83180e",
   "datammh3" : -1584694499,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "spectrum.com"
   ],
   "geolocus" : {
      "asn" : "AS20115",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "charter.com",
         "charter.net",
         "spectrum.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MRQ-MI-24-213-0",
      "organization" : "Charter Communications",
      "subnet" : "24.213.0.0/18"
   },
   "host" : [
      "syn-024-213-042-163"
   ],
   "hostname" : [
      "syn-024-213-042-163.res.spectrum.com"
   ],
   "ip" : "24.213.42.163",
   "ipv6" : "false",
   "latitude" : "44.6497",
   "location" : "44.6497,-93.2427",
   "longitude" : "-93.2427",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CHARTER-20115",
   "os" : "FreeBSD",
   "osvendor" : "FreeBSD",
   "port" : 24284,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "syn-024-213-042-163.res.spectrum.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 401,
   "subdomains" : [
      "res.spectrum.com"
   ],
   "subnet" : "24.213.0.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
208.104.50.180

Network
208.104.48.0/20

Domain(s)
comporium.net

Device

<enterprise field>: device.class <enterprise field>: device.productvendor

Operating System
Linux Linux Kernel

URL

http://208.104.50.180:24284/ 401

HTTP Title
401 Unauthorized

Reverse DNS
208-104-50-180.cgnat.rkhlsc.dyn.comporium.net

ASN
AS14615

Organization
ROCK-HILL-TELEPHONE

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
Cisco CcspCwmpTcpCR 1.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
962eacd1a9b0e2c1e00c2755c6ca8f21

HTTP Header MD5
e8aa1a6cdd1421083559af452ab4bcd6

HTTP Body MD5
ad49b0918e47fe4830ed44ba8fc60576

HTTP/1.1 401 Unauthorized
Content-Type: text/html;charset=iso-8859-1
Connection: Keep-Alive
Set-Cookie: MGCN="988679366/145518728"; Version="1"; Path="/"
WWW-Authenticate: Digest realm="Cisco_CCSP_CWMP_TCPCR", nonce="a05cba1b78b9b4e1840d62b27286a07f", algorithm="MD5", domain="/", qop="auth"
Server: Cisco-CcspCwmpTcpCR/1.0
Content-Length: 387

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>401 Unauthorized</title></head><body><h1>Authorization Required</h1><p>This server could not verify that you are authorized to access the document requested.  Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required</p><hr></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T04:34:30.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "ad49b0918e47fe4830ed44ba8fc60576",
         "bodymmh3" : 427068943,
         "headermd5" : "e8aa1a6cdd1421083559af452ab4bcd6",
         "headermmh3" : 1347848778,
         "realm" : "Cisco_CCSP_CWMP_TCPCR",
         "title" : "401 Unauthorized"
      },
      "length" : 740
   },
   "asn" : "AS14615",
   "city" : "Fort Mill",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nContent-Type: text/html;charset=iso-8859-1\r\nConnection: Keep-Alive\r\nSet-Cookie: MGCN=\"988679366/145518728\"; Version=\"1\"; Path=\"/\"\r\nWWW-Authenticate: Digest realm=\"Cisco_CCSP_CWMP_TCPCR\", nonce=\"a05cba1b78b9b4e1840d62b27286a07f\", algorithm=\"MD5\", domain=\"/\", qop=\"auth\"\r\nServer: Cisco-CcspCwmpTcpCR/1.0\r\nContent-Length: 387\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"><html><head><title>401 Unauthorized</title></head><body><h1>Authorization Required</h1><p>This server could not verify that you are authorized to access the document requested.  Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required</p><hr></body></html>",
   "datamd5" : "962eacd1a9b0e2c1e00c2755c6ca8f21",
   "datammh3" : -1985361000,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "domain" : [
      "comporium.net"
   ],
   "geolocus" : {
      "asn" : "AS14615",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "comporium.com",
         "comporium.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "COMPORIUM-RHCM",
      "organization" : "Comporium, Inc",
      "subnet" : "208.104.48.0/20"
   },
   "host" : [
      "208-104-50-180"
   ],
   "hostname" : [
      "208-104-50-180.cgnat.rkhlsc.dyn.comporium.net"
   ],
   "ip" : "208.104.50.180",
   "ipv6" : "false",
   "latitude" : "35.0125",
   "location" : "35.0125,-80.9309",
   "longitude" : "-80.9309",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ROCK-HILL-TELEPHONE",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 24284,
   "product" : "CcspCwmpTcpCR",
   "productvendor" : "Cisco",
   "productversion" : "1.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "reverse" : [
      "208-104-50-180.cgnat.rkhlsc.dyn.comporium.net"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan",
   "status" : 401,
   "subdomains" : [
      "dyn.comporium.net",
      "cgnat.rkhlsc.dyn.comporium.net",
      "rkhlsc.dyn.comporium.net"
   ],
   "subnet" : "208.104.48.0/20",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 1,180 in 0.248 second(s)

68.168.117.28:24284 (tcp/http) - last seen on 2024-11-21 at 09:56:52 UTC

121.122.199.66:24284 (tcp/http) - last seen on 2024-11-21 at 09:18:25 UTC

148.251.229.229:24284 (tcp/http) - last seen on 2024-11-21 at 08:36:41 UTC

170.203.129.242:24284 (tcp/http) - last seen on 2024-11-21 at 08:33:20 UTC

8.138.148.146:24284 (tcp/http) - last seen on 2024-11-21 at 08:27:59 UTC

46.162.111.236:24284 (tcp/http) - last seen on 2024-11-21 at 06:51:46 UTC

107.194.141.136:24284 (tcp/http) - last seen on 2024-11-21 at 05:04:16 UTC

193.5.150.68:24284 (tcp/http) - last seen on 2024-11-21 at 05:01:53 UTC

24.213.42.163:24284 (tcp/http) - last seen on 2024-11-21 at 04:43:25 UTC

208.104.50.180:24284 (tcp/http) - last seen on 2024-11-21 at 04:34:30 UTC