IP

134.122.208.104

Network

134.122.192.0/18

Device

<enterprise field>: device.class

URL

https://134.122.208.104:40443/baoxiang/tongxun.html 200

HTTP Title

�����p�X�O�I�N�z�������q China United Insurance,�����p�X�O�I�N�z�������q: �ӷ~�O�I���~,���I�O�I,��]�O�I,�s�Ѻ�X�O�I,�]�����I

HTTP Description

�����p�X�O�I�N�z�������q:�ӷ~�O�I,�����d��O�I�B�ӤH�O�I�B�u�{�O�I�H, �M�~�O�I, �a�~��X�O�I, �a�~��O, �T���O�I, �a�īO�I, �H�ͷN�~�O�I, �ȹC�O�I, ���I, �Ҥu�O�I, ���Q��X�O�I, ��������O�ҥd, �Ȭw�a�ȧU�z�O�I, �p�a���O�I�p��, ����ֽu����O�ҥd, �a�~�_, �줽�Ǻ�X�O�I, �f�B�O�I , �C���O�I, ������v�O�I,��X�O�I ���E��X�O�I �줽�Ǻ�X�O�I,��O�I,��X�O�I,���E��X�O�I ,�줽�Ǻ�X�O�I,��O�I,�q���B�q�l��O�I, �ؿv��X�O�I,�u�{�O�I, ���l�O�I,������v ,������v�O�I ,���饭�w�_, �����d��O�I,�ӥΨ���O�I

ASN

AS152194

Organization

CTG Server Limited

Protocol

http Cert not expired http

Source

urlscan::redirect

Product

F5 Nginx

HTTP Component(s)

Microsoft ASP.NET

CPE(s)

<enterprise field>: cpe

Issuer Common Name

Certum Domain Validation CA SHA2

Issuer Organization

Unizeto Technologies S.A.

Subject Common Name

134.122.208.99

SHA256 Fingerprint

1face7b8aaf63da909fa91bea6b63db9e608aa6fc33ea70c09529b9d7038832b

Validity Not Before

2024-07-05T07:15:07Z

Validity Not After

2025-08-04T07:15:06Z

Data MD5

6e697b131e687770a0420d022ac67669

HTTP Header MD5

c51d32c45ba8eb4933d8e9aed208fdaa

HTTP Body MD5

10337d0e4f470a6c84d7969639de497a

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 07 Nov 2024 05:10:40 GMT
Content-Type: text/html
Content-Length: 3744
Connection: close
Vary: Accept-Encoding
Last-Modified: Thu, 05 Jan 2023 14:41:06 GMT
ETag: "2e2859be1321d91:0"
X-Powered-By: ASP.NET
Cache-Control: no-cache
Accept-Ranges: bytes

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd">
<HTML xmlns="http://www.w3.org/1999/xhtml"><HEAD><TITLE>�����p�X�O�I�N�z�������q China United Insurance,�����p�X�O�I�N�z�������q: �ӷ~�O�I���~,���I�O�I,��]�O�I,�s�Ѻ�X�O�I,�]�����I  </TITLE>
<META content="�����p�X�O�I�N�z�������q:�ӷ~�O�I,�����d��O�I�B�ӤH�O�I�B�u�{�O�I�H, �M�~�O�I, �a�~��X�O�I, �a�~��O, �T���O�I, �a�īO�I, �H�ͷN�~�O�I, �ȹC�O�I, ���I, �Ҥu�O�I, ���Q��X�O�I, ��������O�ҥd, �Ȭw�a�ȧU�z�O�I, �p�a���O�I�p��, ����ֽu����O�ҥd, �a�~�_, �줽�Ǻ�X�O�I, �f�B�O�I , �C���O�I,  ������v�O�I,��X�O�I ���E��X�O�I �줽�Ǻ�X�O�I,��O�I,��X�O�I,���E��X�O�I ,�줽�Ǻ�X�O�I,��O�I,�q���B�q�l��O�I, �ؿv��X�O�I,�u�{�O�I, ���l�O�I,������v ,������v�O�I ,���饭�w�_, �����d��O�I,�ӥΨ���O�I" name=Keywords>
<meta name="description" content="�����p�X�O�I�N�z�������q:�ӷ~�O�I,�����d��O�I�B�ӤH�O�I�B�u�{�O�I�H, �M�~�O�I, �a�~��X�O�I, �a�~��O, �T���O�I, �a�īO�I, �H�ͷN�~�O�I, �ȹC�O�I, ���I, �Ҥu�O�I, ���Q��X�O�I, ��������O�ҥd, �Ȭw�a�ȧU�z�O�I, �p�a���O�I�p��, ����ֽu����O�ҥd, �a�~�_, �줽�Ǻ�X�O�I, �f�B�O�I , �C���O�I,  ������v�O�I,��X�O�I ���E��X�O�I �줽�Ǻ�X�O�I,��O�I,��X�O�I,���E��X�O�I ,�줽�Ǻ�X�O�I,��O�I,�q���B�q�l��O�I, �ؿv��X�O�I,�u�{�O�I, ���l�O�I,������v ,������v�O�I ,���饭�w�_, �����d��O�I,�ӥΨ���O�I"/>

<META http-equiv=Content-Type content="text/html; charset=big5"><LINK 
href="index/css.css" type=text/css rel=stylesheet>

<META content="MSHTML 6.00.2900.6082" name=GENERATOR>
<style>
<!--

			td {font-family: simsun, Arial, Helvetica, sans-serif;}
-->
</style>
</HEAD>
<BODY>
<DIV id=container>
<DIV id=header style="width: 785px; height: 123px">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
	<table border="0" width="752" id="table1">
		<tr>
			<td><img border="0" src="index/logo.png" width="571" height="93"></td>
			<td width="164"><a href="E-CUI.apk">
	<img border="0" src="android.png" width="54" height="53" align="right"></a><span class="heading">��&#21326;&#32852;�X�O&#38505;</span><span class="heading">Android����APP�U��
<img width=16 height=20 src="image001.gif"
></span></td>
		</tr>
	</table>
</DIV>
<DIV id=menu><A href="/baoxiang/index.html">���q²��</A> <A 
href="/baoxiang/product-Comprehensive.html">���~����</A> <A 
href="/baoxiang/download-p.html">���v�A��</A> <A 
href="/baoxiang/partner.html">�X�@���</A> <A 
href="/baoxiang/tongxun.html">�|��q�T </A> <A 
href="/baoxiang/p.html">�|��n�J</A> <A 
href="/bonus/p.html">�n���� </A> <A 
href="/baoxiang/contact.html">�p���ڭ�</A> 
<A href="/baoxiang/pcheck.asp">�ʫO��</A> </DIV>
<DIV id=mainContent>
<DIV id=sidebar>
<H1>���n�q�i</H1><BR><BR><a href="/baoxiang/index/CHUBB5-20200801.pdf" base target=_blank>
<img border="0" src="index/jjbx.png" width="200" ></a>
</DIV>
<DIV id=content>
<H1>�|��q�T </H1>

<table cellpadding="10" ,cellspacing="10"   border=0>
<tr>
<td><p><img border="0" src="index/hytx.jpg" ></p></td>
<td valign="top">
<br><p><p><a href="index/bcbg.pdf" target="_blank">������v�O�I��O��ij�ѡ���O���</a></p>
<p><a href="index/tglbzds.pdf" target="_blank">���ʳҫO���h��</a></p>
<p><a href="index/cjwt.pdf" target="_blank">�`�����D</a></p>
</td>
</tr>
</table>


</DIV></DIV>
<DIV id=footer>�K�d�n��: �����C���Ҧ���T�|�@���ɩΩw���s�A�æb��s�ɤO�D�ǽT�C�����q���|��b����\��Ψ�o������ƩӾ���d��C 
<BR>Copyright c2005-2028 China United Insurance All rights reserved. </DIV></DIV></BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:10:44.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org",
            "w3c.org"
         ],
         "file" : [
            "cjwt.pdf",
            "chubb5-20200801.pdf",
            "bcbg.pdf",
            "tglbzds.pdf",
            "e-cui.apk"
         ],
         "hostname" : [
            "www.w3.org",
            "www.w3c.org"
         ],
         "url" : [
            "http://www.w3.org/1999/xhtml",
            "http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "10337d0e4f470a6c84d7969639de497a",
         "bodymmh3" : -1650237655,
         "component" : [
            {
               "productvendor" : "Microsoft",
               "product" : "ASP.NET"
            }
         ],
         "description" : "\ufffd\ufffd\ufffd\ufffd\ufffdp\ufffdX\ufffdO\ufffdI\ufffdN\ufffdz\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdq:\ufffd\u04f7~\ufffdO\ufffdI,\ufffd\ufffd\ufffd\ufffd\ufffdd\ufffd\ufffdO\ufffdI\ufffdB\ufffd\u04e4H\ufffdO\ufffdI\ufffdB\ufffdu\ufffd{\ufffdO\ufffdI\ufffdH, \ufffdM\ufffd~\ufffdO\ufffdI, \ufffda\ufffd~\ufffd\ufffdX\ufffdO\ufffdI, \ufffda\ufffd~\ufffd\ufffdO, \ufffdT\ufffd\ufffd\ufffdO\ufffdI, \ufffda\ufffd\u012bO\ufffdI, \ufffdH\ufffd\u0377N\ufffd~\ufffdO\ufffdI, \ufffd\u0239C\ufffdO\ufffdI, \ufffd\ufffd\ufffdI, \ufffd\u04a4u\ufffdO\ufffdI, \ufffd\ufffd\ufffdQ\ufffd\ufffdX\ufffdO\ufffdI, \ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdO\ufffd\u04a5d, \ufffd\u022cw\ufffda\ufffd\u0227U\ufffdz\ufffdO\ufffdI, \ufffdp\ufffda\ufffd\ufffd\ufffdO\ufffdI\ufffdp\ufffd\ufffd, \ufffd\ufffd\ufffd\ufffd\u05bdu\ufffd\ufffd\ufffd\ufffdO\ufffd\u04a5d, \ufffda\ufffd~\ufffd_, \ufffd\uc93d\ufffd\u01fa\ufffdX\ufffdO\ufffdI, \ufffdf\ufffdB\ufffdO\ufffdI , \ufffdC\ufffd\ufffd\ufffdO\ufffdI,  \ufffd\ufffd\ufffd\ufffd\ufffd\ufffdv\ufffdO\ufffdI,\ufffd\ufffdX\ufffdO\ufffdI \ufffd\ufffd\ufffdE\ufffd\ufffdX\ufffdO\ufffdI \ufffd\uc93d\ufffd\u01fa\ufffdX\ufffdO\ufffdI,\ufffd\ufffdO\ufffdI,\ufffd\ufffdX\ufffdO\ufffdI,\ufffd\ufffd\ufffdE\ufffd\ufffdX\ufffdO\ufffdI ,\ufffd\uc93d\ufffd\u01fa\ufffdX\ufffdO\ufffdI,\ufffd\ufffdO\ufffdI,\ufffdq\ufffd\ufffd\ufffdB\ufffdq\ufffdl\ufffd\ufffdO\ufffdI, \ufffd\u063fv\ufffd\ufffdX\ufffdO\ufffdI,\ufffdu\ufffd{\ufffdO\ufffdI, \ufffd\ufffd\ufffdl\ufffdO\ufffdI,\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdv ,\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdv\ufffdO\ufffdI ,\ufffd\ufffd\ufffd\u996d\ufffdw\ufffd_, \ufffd\ufffd\ufffd\ufffd\ufffdd\ufffd\ufffdO\ufffdI,\ufffd\u04e5\u03a8\ufffd\ufffd\ufffdO\ufffdI",
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Thu, 05 Jan 2023 14:41:06 GMT"
            },
            {
               "value" : "2e2859be1321d91:0",
               "name" : "ETag"
            }
         ],
         "headermd5" : "c51d32c45ba8eb4933d8e9aed208fdaa",
         "headermmh3" : -636951276,
         "title" : "\ufffd\ufffd\ufffd\ufffd\ufffdp\ufffdX\ufffdO\ufffdI\ufffdN\ufffdz\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdq China United Insurance,\ufffd\ufffd\ufffd\ufffd\ufffdp\ufffdX\ufffdO\ufffdI\ufffdN\ufffdz\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdq: \ufffd\u04f7~\ufffdO\ufffdI\ufffd\ufffd\ufffd~,\ufffd\ufffd\ufffdI\ufffdO\ufffdI,\ufffd\ufffd]\ufffdO\ufffdI,\ufffds\ufffd\u047a\ufffdX\ufffdO\ufffdI,\ufffd]\ufffd\ufffd\ufffd\ufffd\ufffdI"
      },
      "length" : 4047
   },
   "asn" : "AS152194",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 05:10:40 GMT\r\nContent-Type: text/html\r\nContent-Length: 3744\r\nConnection: close\r\nVary: Accept-Encoding\r\nLast-Modified: Thu, 05 Jan 2023 14:41:06 GMT\r\nETag: \"2e2859be1321d91:0\"\r\nX-Powered-By: ASP.NET\r\nCache-Control: no-cache\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd\">\r\n<HTML xmlns=\"http://www.w3.org/1999/xhtml\"><HEAD><TITLE>\ufffd\ufffd\ufffd\ufffd\ufffdp\ufffdX\ufffdO\ufffdI\ufffdN\ufffdz\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdq China United Insurance,\ufffd\ufffd\ufffd\ufffd\ufffdp\ufffdX\ufffdO\ufffdI\ufffdN\ufffdz\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdq: \ufffd\u04f7~\ufffdO\ufffdI\ufffd\ufffd\ufffd~,\ufffd\ufffd\ufffdI\ufffdO\ufffdI,\ufffd\ufffd]\ufffdO\ufffdI,\ufffds\ufffd\u047a\ufffdX\ufffdO\ufffdI,\ufffd]\ufffd\ufffd\ufffd\ufffd\ufffdI  </TITLE>\r\n<META content=\"\ufffd\ufffd\ufffd\ufffd\ufffdp\ufffdX\ufffdO\ufffdI\ufffdN\ufffdz\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdq:\ufffd\u04f7~\ufffdO\ufffdI,\ufffd\ufffd\ufffd\ufffd\ufffdd\ufffd\ufffdO\ufffdI\ufffdB\ufffd\u04e4H\ufffdO\ufffdI\ufffdB\ufffdu\ufffd{\ufffdO\ufffdI\ufffdH, \ufffdM\ufffd~\ufffdO\ufffdI, \ufffda\ufffd~\ufffd\ufffdX\ufffdO\ufffdI, \ufffda\ufffd~\ufffd\ufffdO, \ufffdT\ufffd\ufffd\ufffdO\ufffdI, \ufffda\ufffd\u012bO\ufffdI, \ufffdH\ufffd\u0377N\ufffd~\ufffdO\ufffdI, \ufffd\u0239C\ufffdO\ufffdI, \ufffd\ufffd\ufffdI, \ufffd\u04a4u\ufffdO\ufffdI, \ufffd\ufffd\ufffdQ\ufffd\ufffdX\ufffdO\ufffdI, \ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdO\ufffd\u04a5d, \ufffd\u022cw\ufffda\ufffd\u0227U\ufffdz\ufffdO\ufffdI, \ufffdp\ufffda\ufffd\ufffd\ufffdO\ufffdI\ufffdp\ufffd\ufffd, \ufffd\ufffd\ufffd\ufffd\u05bdu\ufffd\ufffd\ufffd\ufffdO\ufffd\u04a5d, \ufffda\ufffd~\ufffd_, \ufffd\uc93d\ufffd\u01fa\ufffdX\ufffdO\ufffdI, \ufffdf\ufffdB\ufffdO\ufffdI , \ufffdC\ufffd\ufffd\ufffdO\ufffdI,  \ufffd\ufffd\ufffd\ufffd\ufffd\ufffdv\ufffdO\ufffdI,\ufffd\ufffdX\ufffdO\ufffdI \ufffd\ufffd\ufffdE\ufffd\ufffdX\ufffdO\ufffdI \ufffd\uc93d\ufffd\u01fa\ufffdX\ufffdO\ufffdI,\ufffd\ufffdO\ufffdI,\ufffd\ufffdX\ufffdO\ufffdI,\ufffd\ufffd\ufffdE\ufffd\ufffdX\ufffdO\ufffdI ,\ufffd\uc93d\ufffd\u01fa\ufffdX\ufffdO\ufffdI,\ufffd\ufffdO\ufffdI,\ufffdq\ufffd\ufffd\ufffdB\ufffdq\ufffdl\ufffd\ufffdO\ufffdI, \ufffd\u063fv\ufffd\ufffdX\ufffdO\ufffdI,\ufffdu\ufffd{\ufffdO\ufffdI, \ufffd\ufffd\ufffdl\ufffdO\ufffdI,\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdv ,\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdv\ufffdO\ufffdI ,\ufffd\ufffd\ufffd\u996d\ufffdw\ufffd_, \ufffd\ufffd\ufffd\ufffd\ufffdd\ufffd\ufffdO\ufffdI,\ufffd\u04e5\u03a8\ufffd\ufffd\ufffdO\ufffdI\" name=Keywords>\r\n<meta name=\"description\" content=\"\ufffd\ufffd\ufffd\ufffd\ufffdp\ufffdX\ufffdO\ufffdI\ufffdN\ufffdz\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdq:\ufffd\u04f7~\ufffdO\ufffdI,\ufffd\ufffd\ufffd\ufffd\ufffdd\ufffd\ufffdO\ufffdI\ufffdB\ufffd\u04e4H\ufffdO\ufffdI\ufffdB\ufffdu\ufffd{\ufffdO\ufffdI\ufffdH, \ufffdM\ufffd~\ufffdO\ufffdI, \ufffda\ufffd~\ufffd\ufffdX\ufffdO\ufffdI, \ufffda\ufffd~\ufffd\ufffdO, \ufffdT\ufffd\ufffd\ufffdO\ufffdI, \ufffda\ufffd\u012bO\ufffdI, \ufffdH\ufffd\u0377N\ufffd~\ufffdO\ufffdI, \ufffd\u0239C\ufffdO\ufffdI, \ufffd\ufffd\ufffdI, \ufffd\u04a4u\ufffdO\ufffdI, \ufffd\ufffd\ufffdQ\ufffd\ufffdX\ufffdO\ufffdI, \ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdO\ufffd\u04a5d, \ufffd\u022cw\ufffda\ufffd\u0227U\ufffdz\ufffdO\ufffdI, \ufffdp\ufffda\ufffd\ufffd\ufffdO\ufffdI\ufffdp\ufffd\ufffd, \ufffd\ufffd\ufffd\ufffd\u05bdu\ufffd\ufffd\ufffd\ufffdO\ufffd\u04a5d, \ufffda\ufffd~\ufffd_, \ufffd\uc93d\ufffd\u01fa\ufffdX\ufffdO\ufffdI, \ufffdf\ufffdB\ufffdO\ufffdI , \ufffdC\ufffd\ufffd\ufffdO\ufffdI,  \ufffd\ufffd\ufffd\ufffd\ufffd\ufffdv\ufffdO\ufffdI,\ufffd\ufffdX\ufffdO\ufffdI \ufffd\ufffd\ufffdE\ufffd\ufffdX\ufffdO\ufffdI \ufffd\uc93d\ufffd\u01fa\ufffdX\ufffdO\ufffdI,\ufffd\ufffdO\ufffdI,\ufffd\ufffdX\ufffdO\ufffdI,\ufffd\ufffd\ufffdE\ufffd\ufffdX\ufffdO\ufffdI ,\ufffd\uc93d\ufffd\u01fa\ufffdX\ufffdO\ufffdI,\ufffd\ufffdO\ufffdI,\ufffdq\ufffd\ufffd\ufffdB\ufffdq\ufffdl\ufffd\ufffdO\ufffdI, \ufffd\u063fv\ufffd\ufffdX\ufffdO\ufffdI,\ufffdu\ufffd{\ufffdO\ufffdI, \ufffd\ufffd\ufffdl\ufffdO\ufffdI,\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdv ,\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdv\ufffdO\ufffdI ,\ufffd\ufffd\ufffd\u996d\ufffdw\ufffd_, \ufffd\ufffd\ufffd\ufffd\ufffdd\ufffd\ufffdO\ufffdI,\ufffd\u04e5\u03a8\ufffd\ufffd\ufffdO\ufffdI\"/>\r\n\r\n<META http-equiv=Content-Type content=\"text/html; charset=big5\"><LINK \r\nhref=\"index/css.css\" type=text/css rel=stylesheet>\r\n\r\n<META content=\"MSHTML 6.00.2900.6082\" name=GENERATOR>\r\n<style>\r\n<!--\r\n\r\n\t\t\ttd {font-family: simsun, Arial, Helvetica, sans-serif;}\r\n-->\r\n</style>\r\n</HEAD>\r\n<BODY>\r\n<DIV id=container>\r\n<DIV id=header style=\"width: 785px; height: 123px\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; \r\n\t<table border=\"0\" width=\"752\" id=\"table1\">\r\n\t\t<tr>\r\n\t\t\t<td><img border=\"0\" src=\"index/logo.png\" width=\"571\" height=\"93\"></td>\r\n\t\t\t<td width=\"164\"><a href=\"E-CUI.apk\">\r\n\t<img border=\"0\" src=\"android.png\" width=\"54\" height=\"53\" align=\"right\"></a><span class=\"heading\">\ufffd\ufffd&#21326;&#32852;\ufffdX\ufffdO&#38505;</span><span class=\"heading\">Android\ufffd\ufffd\ufffd\ufffdAPP\ufffdU\ufffd\ufffd\r\n<img width=16 height=20 src=\"image001.gif\"\r\n></span></td>\r\n\t\t</tr>\r\n\t</table>\r\n</DIV>\r\n<DIV id=menu><A href=\"/baoxiang/index.html\">\ufffd\ufffd\ufffdq\u00b2\ufffd\ufffd</A> <A \r\nhref=\"/baoxiang/product-Comprehensive.html\">\ufffd\ufffd\ufffd~\ufffd\ufffd\ufffd\ufffd</A> <A \r\nhref=\"/baoxiang/download-p.html\">\ufffd\ufffd\ufffdv\ufffdA\ufffd\ufffd</A> <A \r\nhref=\"/baoxiang/partner.html\">\ufffdX\ufffd@\ufffd\ufffd\ufffd</A> <A \r\nhref=\"/baoxiang/tongxun.html\">\ufffd|\ufffd\ufffdq\ufffdT </A> <A \r\nhref=\"/baoxiang/p.html\">\ufffd|\ufffd\ufffdn\ufffdJ</A> <A \r\nhref=\"/bonus/p.html\">\ufffdn\ufffd\ufffd\ufffd\ufffd </A> <A \r\nhref=\"/baoxiang/contact.html\">\ufffdp\ufffd\ufffd\ufffd\u06ad\ufffd</A> \r\n<A href=\"/baoxiang/pcheck.asp\">\ufffd\u02abO\ufffd\ufffd</A> </DIV>\r\n<DIV id=mainContent>\r\n<DIV id=sidebar>\r\n<H1>\ufffd\ufffd\ufffdn\ufffdq\ufffdi</H1><BR><BR><a href=\"/baoxiang/index/CHUBB5-20200801.pdf\" base target=_blank>\r\n<img border=\"0\" src=\"index/jjbx.png\" width=\"200\" ></a>\r\n</DIV>\r\n<DIV id=content>\r\n<H1>\ufffd|\ufffd\ufffdq\ufffdT </H1>\r\n\r\n<table cellpadding=\"10\" ,cellspacing=\"10\"   border=0>\r\n<tr>\r\n<td><p><img border=\"0\" src=\"index/hytx.jpg\" ></p></td>\r\n<td valign=\"top\">\r\n<br><p><p><a href=\"index/bcbg.pdf\" target=\"_blank\">\ufffd\ufffd\ufffd\ufffd\ufffd\ufffdv\ufffdO\ufffdI\ufffd\ufffdO\ufffd\ufffd\u0133\ufffd\u0461\ufffd\ufffd\ufffdO\ufffd\ufffd\ufffd</a></p>\r\n<p><a href=\"index/tglbzds.pdf\" target=\"_blank\">\ufffd\ufffd\ufffd\u02b3\u04abO\ufffd\ufffd\ufffdh\ufffd\ufffd</a></p>\r\n<p><a href=\"index/cjwt.pdf\" target=\"_blank\">\ufffd`\ufffd\ufffd\ufffd\ufffd\ufffdD</a></p>\r\n</td>\r\n</tr>\r\n</table>\r\n\r\n\r\n</DIV></DIV>\r\n<DIV id=footer>\ufffdK\ufffdd\ufffdn\ufffd\ufffd: \ufffd\ufffd\ufffd\ufffd\ufffdC\ufffd\ufffd\ufffd\u04a6\ufffd\ufffd\ufffdT\ufffd|\ufffd@\ufffd\ufffd\ufffd\u0269\u03a9w\ufffd\ufffd\ufffds\ufffdA\ufffd\u00e6b\ufffd\ufffds\ufffd\u0264O\ufffdD\ufffd\u01fdT\ufffdC\ufffd\ufffd\ufffd\ufffd\ufffdq\ufffd\ufffd\ufffd|\ufffd\ufffdb\ufffd\ufffd\ufffd\ufffd\\\ufffd\ufffd\u03a8\ufffdo\ufffd\ufffd\ufffd\ufffd\ufffd\ufffd\u01a9\u04fe\ufffd\ufffd\ufffdd\ufffd\ufffdC \r\n<BR>Copyright c2005-2028 China United Insurance All rights reserved. </DIV></DIV></BODY></HTML>\r\n",
   "datamd5" : "6e697b131e687770a0420d022ac67669",
   "datammh3" : -2131887321,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "f26f337995e4ab6eaee727602e61f4cb",
      "sha1" : "95f079847acdef87a82326d2aaad395f9d7c46a8",
      "sha256" : "1face7b8aaf63da909fa91bea6b63db9e608aa6fc33ea70c09529b9d7038832b"
   },
   "forward" : "134.122.208.104",
   "geolocus" : {
      "asn" : "AS152194",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "rackip.com"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "BGP192-JP",
      "organization" : "RACKIP CONSULTANCY PTE. LTD.",
      "subnet" : "134.122.208.0/20"
   },
   "hostname" : [
      "134.122.208.104"
   ],
   "ip" : "134.122.208.104",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Certum Domain Validation CA SHA2",
      "country" : "PL",
      "organization" : "Unizeto Technologies S.A.",
      "organizationalunit" : "Certum Certification Authority"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "35.6974",
   "location" : "35.6974,139.7705",
   "longitude" : "139.7705",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CTG Server Limited",
   "port" : 40443,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "serial" : "53:8c:29:82:76:ee:7b:87:ba:03:1e:83:8c:d1:2a:f1",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "urlscan::redirect",
   "status" : 200,
   "subject" : {
      "commonname" : "134.122.208.99"
   },
   "subnet" : "134.122.192.0/18",
   "tag" : "<enterprise field>: tag",
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/baoxiang/tongxun.html",
   "validity" : {
      "notafter" : "2025-08-04T07:15:06Z",
      "notbefore" : "2024-07-05T07:15:07Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP

45.5.58.206

Alternative IP(s)

182.160.29.165

Network

45.5.56.0/22

Domain(s)

continental.edu.pe

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

https://45.5.58.206:40443/ 403

HTTP Title

403 - Forbidden: Access is denied.

ASN

AS266757

Organization

SATELITAL TELECOMUNICACIONES S.A.C

Protocol

http Cert not expired http

Source

datascan

Operating System

Microsoft Windows

Product

Microsoft IIS 8.5

HTTP Component(s)

Microsoft ASP.NET

CPE(s)

<enterprise field>: cpe

Issuer Common Name

Sectigo RSA Organization Validation Secure Server CA

Issuer Organization

Sectigo Limited

Subject Organization

UNIVERSIDAD CONTINENTAL SOCIEDAD ANONIMA CERRADA

Subject Common Name

*.continental.edu.pe

Subject Alt Name

*.continental.edu.pe continental.edu.pe

SHA256 Fingerprint

e383562bcc6beac520f7f9bdb63c3ebe4e6a517bfc5f2de0e351194964a98f71

Validity Not Before

2024-01-12T00:00:00Z

Validity Not After

2025-01-18T23:59:59Z

Data MD5

7605d6bd8b9b6bd9bd0c8fafe92ee397

HTTP Header MD5

6c1487cbabfe034fd1d1a43ff670ff55

HTTP Body MD5

02e3536d8084eddb0d537418440bb078

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 07 Nov 2024 04:50:05 GMT
Connection: close
Content-Length: 1233

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>403 - Forbidden: Access is denied.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;} 
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;} 
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} 
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
 <div class="content-container"><fieldset>
  <h2>403 - Forbidden: Access is denied.</h2>
  <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
 </fieldset></div>
</div>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:50:06.000Z",
   "alternativeip" : [
      "182.160.29.165"
   ],
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "02e3536d8084eddb0d537418440bb078",
         "bodymmh3" : -985096807,
         "component" : [
            {
               "productvendor" : "Microsoft",
               "product" : "ASP.NET"
            }
         ],
         "headermd5" : "6c1487cbabfe034fd1d1a43ff670ff55",
         "headermmh3" : -919532901,
         "title" : "403 - Forbidden: Access is denied."
      },
      "length" : 1412
   },
   "asn" : "AS266757",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Iquitos",
   "country" : "PE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 403 Forbidden\r\nContent-Type: text/html\r\nServer: Microsoft-IIS/8.5\r\nX-Powered-By: ASP.NET\r\nDate: Thu, 07 Nov 2024 04:50:05 GMT\r\nConnection: close\r\nContent-Length: 1233\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\"/>\r\n<title>403 - Forbidden: Access is denied.</title>\r\n<style type=\"text/css\">\r\n<!--\r\nbody{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}\r\nfieldset{padding:0 15px 10px 15px;} \r\nh1{font-size:2.4em;margin:0;color:#FFF;}\r\nh2{font-size:1.7em;margin:0;color:#CC0000;} \r\nh3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} \r\n#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:\"trebuchet MS\", Verdana, sans-serif;color:#FFF;\r\nbackground-color:#555555;}\r\n#content{margin:0 0 0 2%;position:relative;}\r\n.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}\r\n-->\r\n</style>\r\n</head>\r\n<body>\r\n<div id=\"header\"><h1>Server Error</h1></div>\r\n<div id=\"content\">\r\n <div class=\"content-container\"><fieldset>\r\n  <h2>403 - Forbidden: Access is denied.</h2>\r\n  <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>\r\n </fieldset></div>\r\n</div>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "7605d6bd8b9b6bd9bd0c8fafe92ee397",
   "datammh3" : -753337461,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "continental.edu.pe"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "6b475306b5c6e43c8680ae524de78d37",
      "sha1" : "7148ae3d220a7f76bc15fb8af79b5eff3d33c0c2",
      "sha256" : "e383562bcc6beac520f7f9bdb63c3ebe4e6a517bfc5f2de0e351194964a98f71"
   },
   "geolocus" : {
      "asn" : "AS266757",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "PE",
      "countryname" : "Peru",
      "domain" : [
         "globalfiber.com.pe"
      ],
      "isineu" : "false",
      "latitude" : "-9.189967",
      "location" : "-9.189967,-75.015152",
      "longitude" : "-75.015152",
      "netname" : "PE-LEEI-LACNIC",
      "organization" : "GLOBAL FIBER PERU S.A.C.",
      "subnet" : "45.5.58.0/24"
   },
   "hostname" : [
      "continental.edu.pe"
   ],
   "ip" : "45.5.58.206",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Organization Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "-3.7461",
   "location" : "-3.7461,-73.2455",
   "longitude" : "-73.2455",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "SATELITAL TELECOMUNICACIONES S.A.C",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2012",
      "8.1"
   ],
   "port" : 40443,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "8.5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Forbidden",
   "seen_date" : "2024-11-07",
   "serial" : "4d:5c:10:5b:49:ec:d5:b5:16:39:9f:66:12:6b:81:94",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 403,
   "subject" : {
      "altname" : [
         "*.continental.edu.pe",
         "continental.edu.pe"
      ],
      "commonname" : "*.continental.edu.pe",
      "country" : "PE",
      "organization" : "UNIVERSIDAD CONTINENTAL SOCIEDAD ANONIMA CERRADA"
   },
   "subnet" : "45.5.56.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "edu.pe"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-01-18T23:59:59Z",
      "notbefore" : "2024-01-12T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP

134.122.208.104

Network

134.122.192.0/18

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

URL

https://134.122.208.104:40443/ 302

HTTP Title

Object moved

ASN

AS152194

Organization

CTG Server Limited

Protocol

http Cert not expired http

Source

datascan

Operating System

Linux Linux Kernel

Product

F5 Nginx

HTTP Component(s)

Microsoft ASP.NET

CPE(s)

<enterprise field>: cpe

Issuer Common Name

Certum Domain Validation CA SHA2

Issuer Organization

Unizeto Technologies S.A.

Subject Common Name

134.122.208.99

SHA256 Fingerprint

1face7b8aaf63da909fa91bea6b63db9e608aa6fc33ea70c09529b9d7038832b

Validity Not Before

2024-07-05T07:15:07Z

Validity Not After

2025-08-04T07:15:06Z

Data MD5

433373ca6077de5d48071063eb1f3b45

HTTP Header MD5

1bfe8d737e86402ecbadfbde8ee721d2

HTTP Body MD5

551aab6f4a1fefc5881142630c414a59

HTTP/1.1 302 Object moved
Server: nginx
Date: Thu, 07 Nov 2024 03:23:45 GMT
Content-Type: text/html
Content-Length: 143
Connection: close
Cache-Control: private
Location: /baoxiang/tongxun.html
Set-Cookie: ASPSESSIONIDCCCTBSQQ=DLCIIAPBIOEHIMELAGAHKPKG; path=/
X-Powered-By: ASP.NET
Cache-Control: no-cache

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="/baoxiang/tongxun.html">here</a>.</body>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:23:46.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "551aab6f4a1fefc5881142630c414a59",
         "bodymmh3" : -614615486,
         "component" : [
            {
               "product" : "ASP.NET",
               "productvendor" : "Microsoft"
            }
         ],
         "headermd5" : "1bfe8d737e86402ecbadfbde8ee721d2",
         "headermmh3" : 536957122,
         "title" : "Object moved"
      },
      "length" : 462
   },
   "asn" : "AS152194",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Tokyo",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Object moved\r\nServer: nginx\r\nDate: Thu, 07 Nov 2024 03:23:45 GMT\r\nContent-Type: text/html\r\nContent-Length: 143\r\nConnection: close\r\nCache-Control: private\r\nLocation: /baoxiang/tongxun.html\r\nSet-Cookie: ASPSESSIONIDCCCTBSQQ=DLCIIAPBIOEHIMELAGAHKPKG; path=/\r\nX-Powered-By: ASP.NET\r\nCache-Control: no-cache\r\n\r\n<head><title>Object moved</title></head>\n<body><h1>Object Moved</h1>This object may be found <a HREF=\"/baoxiang/tongxun.html\">here</a>.</body>\n",
   "datamd5" : "433373ca6077de5d48071063eb1f3b45",
   "datammh3" : 783561200,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "f26f337995e4ab6eaee727602e61f4cb",
      "sha1" : "95f079847acdef87a82326d2aaad395f9d7c46a8",
      "sha256" : "1face7b8aaf63da909fa91bea6b63db9e608aa6fc33ea70c09529b9d7038832b"
   },
   "geolocus" : {
      "asn" : "AS152194",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "rackip.com"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "BGP192-JP",
      "organization" : "RACKIP CONSULTANCY PTE. LTD.",
      "subnet" : "134.122.208.0/20"
   },
   "ip" : "134.122.208.104",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "Certum Domain Validation CA SHA2",
      "country" : "PL",
      "organization" : "Unizeto Technologies S.A.",
      "organizationalunit" : "Certum Certification Authority"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "35.6974",
   "location" : "35.6974,139.7705",
   "longitude" : "139.7705",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CTG Server Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 40443,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Object moved",
   "seen_date" : "2024-11-07",
   "serial" : "53:8c:29:82:76:ee:7b:87:ba:03:1e:83:8c:d1:2a:f1",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 302,
   "subject" : {
      "commonname" : "134.122.208.99"
   },
   "subnet" : "134.122.192.0/18",
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-08-04T07:15:06Z",
      "notbefore" : "2024-07-05T07:15:07Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP

185.65.192.43

Alternative IP(s)

31.220.122.202

Network

185.65.192.0/22

Domain(s)

niederrhein.it

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

https://185.65.192.43:40443/ 200

HTTP Title

IIS Windows Server

Reverse DNS

smtp.niederrhein.it

ASN

AS60294

Organization

Deutsche Glasfaser Wholesale GmbH

Protocol

http Cert not expired http

Source

datascan

Operating System

Microsoft Windows

Product

Microsoft IIS 10.0

HTTP Component(s)

Microsoft IIS Microsoft ASP.NET

CPE(s)

<enterprise field>: cpe

Issuer Common Name

Sectigo RSA Domain Validation Secure Server CA

Issuer Organization

Sectigo Limited

Subject Common Name

*.niederrhein.it

Subject Alt Name

*.niederrhein.it niederrhein.it

SHA256 Fingerprint

2461669bca4246568f5dc738f71775a6ddd5bacacc7c0f7834268b076e22a298

Validity Not Before

2024-03-27T00:00:00Z

Validity Not After

2025-04-27T23:59:59Z

Data MD5

0ca775a6b65f845f5163e490398a9acf

HTTP Header MD5

c45e463ffd89b34a781c977b38f3ecbc

HTTP Body MD5

654ae82705924352d2363b1d797997ce

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Wed, 18 May 2022 12:11:21 GMT
Accept-Ranges: bytes
ETag: "8327ba62b06ad81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Thu, 07 Nov 2024 03:22:58 GMT
Connection: close
Content-Length: 703

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>IIS Windows Server</title>
<style type="text/css">
<!--
body {
	color:#000000;
	background-color:#0072C6;
	margin:0;
}

#container {
	margin-left:auto;
	margin-right:auto;
	text-align:center;
	}

a img {
	border:none;
}

-->
</style>
</head>
<body>
<div id="container">
<a href="http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409"><img src="iisstart.png" alt="IIS" width="960" height="600" /></a>
</div>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:23:03.000Z",
   "alternativeip" : [
      "31.220.122.202"
   ],
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org",
            "microsoft.com"
         ],
         "hostname" : [
            "go.microsoft.com",
            "www.w3.org"
         ],
         "url" : [
            "http://go.microsoft.com/fwlink/?linkid=66138&clcid=0x409",
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "654ae82705924352d2363b1d797997ce",
         "bodymmh3" : 703707298,
         "component" : [
            {
               "productvendor" : "Microsoft",
               "product" : "IIS"
            },
            {
               "product" : "ASP.NET",
               "productvendor" : "Microsoft"
            }
         ],
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Wed, 18 May 2022 12:11:21 GMT"
            },
            {
               "name" : "ETag",
               "value" : "8327ba62b06ad81:0"
            }
         ],
         "headermd5" : "c45e463ffd89b34a781c977b38f3ecbc",
         "headermmh3" : -288041091,
         "title" : "IIS Windows Server"
      },
      "length" : 970
   },
   "asn" : "AS60294",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Heinsberg",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\nLast-Modified: Wed, 18 May 2022 12:11:21 GMT\r\nAccept-Ranges: bytes\r\nETag: \"8327ba62b06ad81:0\"\r\nServer: Microsoft-IIS/10.0\r\nX-Powered-By: ASP.NET\r\nDate: Thu, 07 Nov 2024 03:22:58 GMT\r\nConnection: close\r\nContent-Length: 703\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\r\n<title>IIS Windows Server</title>\r\n<style type=\"text/css\">\r\n<!--\r\nbody {\r\n\tcolor:#000000;\r\n\tbackground-color:#0072C6;\r\n\tmargin:0;\r\n}\r\n\r\n#container {\r\n\tmargin-left:auto;\r\n\tmargin-right:auto;\r\n\ttext-align:center;\r\n\t}\r\n\r\na img {\r\n\tborder:none;\r\n}\r\n\r\n-->\r\n</style>\r\n</head>\r\n<body>\r\n<div id=\"container\">\r\n<a href=\"http://go.microsoft.com/fwlink/?linkid=66138&amp;clcid=0x409\"><img src=\"iisstart.png\" alt=\"IIS\" width=\"960\" height=\"600\" /></a>\r\n</div>\r\n</body>\r\n</html>",
   "datamd5" : "0ca775a6b65f845f5163e490398a9acf",
   "datammh3" : 1065540519,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "niederrhein.it"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "562cb25a36eb31b8e5f6f123a07a1b22",
      "sha1" : "e1ea7a29546ff03ad972fec7a2c5b5478558d38f",
      "sha256" : "2461669bca4246568f5dc738f71775a6ddd5bacacc7c0f7834268b076e22a298"
   },
   "host" : [
      "smtp"
   ],
   "hostname" : [
      "niederrhein.it",
      "smtp.niederrhein.it"
   ],
   "ip" : "185.65.192.43",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Domain Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "51.0595",
   "location" : "51.0595,6.0992",
   "longitude" : "6.0992",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Deutsche Glasfaser Wholesale GmbH",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2016",
      10
   ],
   "port" : 40443,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "10.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "smtp.niederrhein.it"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "92:55:0f:c5:a3:cc:bd:11:f2:fd:ba:ec:5a:1e:3e:a8",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subject" : {
      "altname" : [
         "*.niederrhein.it",
         "niederrhein.it"
      ],
      "commonname" : "*.niederrhein.it"
   },
   "subnet" : "185.65.192.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "it"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-04-27T23:59:59Z",
      "notbefore" : "2024-03-27T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP

96.126.118.190

Network

96.126.96.0/19

Domain(s)

linodeusercontent.com

Device

<enterprise field>: device.class

Operating System

Linux Linux sUse

URL

https://96.126.118.190:40443/ 401

HTTP Title

NETCORE NR256,NETCORE NR256

HTTP Keyword(s)

voip vos3000

HTTP Copyright

www.linknat.com, 昆石网络

Reverse DNS

96-126-118-190.ip.linodeusercontent.com

ASN

AS63949

Organization

Akamai Connected Cloud

Protocol

http Cert not expired http

Source

datascan

Operating System

Linux Linux sUse

HTTP Component(s)

SPIP SPIP 4.1.11 Jenkins Jenkins 2.121.3 Gitlab Gitlab PHP PHP Drupal Drupal 8 Atlassian Confluence Microsoft ASP.NET 4.0.30319

CPE(s)

<enterprise field>: cpe

Issuer Common Name

localhost

Issuer Organization

UILEAZNC

Subject Organization

UILEAZNC

Subject Common Name

localhost

SHA256 Fingerprint

cf37db08b8dc55ac29203f16207fcc0bce62911f48925993b0ab9c9893ec0e33

Validity Not Before

2024-11-04T05:12:16Z

Validity Not After

2034-11-04T05:12:16Z

Data MD5

b1285ac54a7087f2e99817c2593754dc

HTTP Header MD5

98f8c339ffb9b5b538346314261518e3

HTTP Body MD5

bba11c183550278e15e5a891f5a2c663

HTTP/1.1 401 Unauthorized
Composed-By: SPIP 4.1.11 @ www.spip.net
Content-Length: 105478
Content-Type: text/html;charset=utf-8
Last-Modified: Fri, 29 Jul 2022 16:53:01 GMT
Loginip: <srcip>
Nel: {'report_to': 'network-errors', 'max_age': 2592000, 'failure_fraction': 0.01, 'success_fraction': 0.0001}
Pragma: private
Server: Mini web server 1.0 Skyworth corp 2017.
Set-Cookie: sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;
Set-Cookie: grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax
Set-Cookie: samlPreauthSessionHash=; path=/; secure;
Set-Cookie: session=eyJsb2NhbGUiOiJlbiJ9.ZZ4C4A.Yts__-iv6tJYDJFDwkciSG_z7M4; HttpOnly; Path=/;
Set-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;
Set-Cookie: _zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;
Set-Cookie: DSSignInURL=/; path=/; secure;
Set-Cookie: webvpnlogin=; path=/; secure;
Set-Cookie: ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly
Set-Cookie: adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;
Set-Cookie: CLIENT_ID=7214
Set-Cookie: csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;
Set-Cookie: roundcube_cookies=enabled; HttpOnly; expires=Tue, 01-Jan-1970 00:00:01 GMT; path=/; port=2095
Set-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;
Set-Cookie: PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/
Set-Cookie: token=21263a2bf; path=/;
Set-Cookie: X-Qlik-Session=35263a2bf; path=/;
Set-Cookie: PHC_DISABLED=1; path=/; secure;
Strict-Transport-Security: max-age=31536000
Teamcity-Node-Id: MAIN_SERVER
Www-Authenticate: Basic realm="[RTX1210]"
X-Adblock-Key: YQo=
X-Aspnet-Version: 4.0.30319
X-Cache: miss
X-Cache-Lookup: MISS from Hello:8080
X-Content-Powered-By: K2 v2.8.0 (by JoomlaWor
X-Content-Type-Options: nosniff
X-Drupal-Cache: xHIT
X-Drupal-Dynamic-Cache: MISS
X-Frame-Options: SAMEORIGIN
X-Generator: Drupal 8 (https://www.drupal.org)
X-Github-Request-Id: 2544:7F5D:24C5A8:296D36:5E2B2B7B
X-Influxdb-Build: OSS
X-Jenkins: 2.121.3
X-Jenkins-Session: f72d6619
X-Seen-By: CtsEH7KQ5yf2LQM4TNLiEjUavO2mWjwAez9sPj8Ws5MUdPUz2A==,YQo=,YQo=,YQo=,YQo=,YQo=,YQo=
X-Squid-Error: ERR_INVALID_URL 0
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Xss-Protection: 1; mode=block
Date: Thu, 07 Nov 2024 03:20:18 GMT
Connection: close

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta http-equiv="Pragma" content="no-cache" />
<meta charset="utf-8">
<meta content="IE=edge" http-equiv="X-UA-Compatible">
<meta content="object" property="og:type">
<meta content="GitLab" property="og:site_name">
<meta content="Help" property="og:title">
<meta content="GitLab Community Edition" property="og:description">
<meta content="summary" property="twitter:card">
<meta content="Help" property="twitter:title">
<meta content="GitLab Community Edition" property="twitter:description">
<meta content="GitLab Community Edition" name="description">
<meta content="#474D57" name="theme-color">
<meta content="#30353E" name="msapplication-TileColor">
<meta name="csrf-param" content="authenticity_token" />
<meta name="csrf-token" content="8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cd78c639bf9be7f9dc240d25==" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta http-equiv="expires" content="-1"/>
<meta name="keywords" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/>
<meta name="author" content="www.linknat.com, 昆石网络"/>
<meta name="copyright" content="www.linknat.com, 昆石网络"/>
<meta name="generator" content="SPIP 4.1.11" />
<script src="/jquery.min.js"></script> 
<title>NETCORE NR256,NETCORE NR256</title>
</head>
<body>
<div style="display: none;">
<script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"THtoAUxH4sS9","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script>
<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last="1">fritzr</User></Users></SessionInfo>
<Account>
<Entry0 Active="Yes" username="CMCCAdmin" web_passwd="CmcC4dm1n5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry1 Active="Yes" username="useradmin" web_passwd="Gu4ngx1pd5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry2 Active="Yes" username="CUAdmin"   web_passwd="CUAdmin5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<TelnetEntry Active="Yes" telnet_username="Admin" telnet_passwd="cxx4dm1n5591" telnet_port="23"/>
<FtpEntry Active="Yes" ftp_right="1" ftp_auth="1" ftp_username="Admin" ftp_passwd="cxx4dm1n5591" ftp_port="21" />
<SambaEntry Active="Yes" smb_right="1" smb_auth="1" smb_username="Admin" smb_passwd="cxx4dm1n5591" />
<ConsoleEntry Active="Yes" console_username="Admin" console_passwd="cxx4dm1n5591"/>
<CTDefParaEntry setDefValueFlag="1" />
</Account>
<div>8.5.5 (Build:20200530.307-TEMP)</div>
<span class="greyNote version"><span class="vWord">Version</span> 2023.11.3 (build 147512)</span>
<h1>Logged in as <strong>admin</strong></h1><input type="hidden" name="csrfmiddlewaretoken" value="e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y"><textarea id="3revi" name="revi" rows="4" cols="50">server1 Ubuntu 22.04 LTS</textarea>
<ca status="disabled" href="/+CSCOCA+/login.html" />
<form action="/login/vpnSdef" enctype="multipart/form-data" method="post" name="login">
    <div data-user="root" data-module="package-updates"></div>
    <code>The zip file did not contain an entry exportDescriptor.properties</code>
    <span class="form-hidden"><input name="page" value="login" type="hidden"/><input name="formulaire_action" type="hidden" value="login" /><input name="formulaire_action_args" type="hidden" value="dzdNV0MzUGFDV0NHemR6bWorekNEWHY=" /><input name="formulaire_action_sign" type="hidden" value="" /></span>
    <message>Please enter your username and password.</message>
    <input name="formid" type="hidden" value="012afed" />
    <input name="javax.faces.ViewState" type="hidden" value="012afed" />
    <input name="queryString" type="hidden" value="1406192" />
    <div class="versionInfo">The Cacti Group Version 1.2.25</div>
    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>
    <input type="hidden" name="token" value="0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec">
    <input type='hidden' name='__csrf_magic' value="key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654" />
    <input type="hidden" name="tokenid"  value="1804289383" >
    <input type="hidden" name="name"  value="1804289383" >
    <input type="hidden" name="csrfKey" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="hidden" name="csrf_token" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" name="ref" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="username_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="password_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="csrf" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="xd_check" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="give-form-id" name="give-form-id" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" id="give-form-hash" name="give-form-hash" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="text" name="username" label="Username:" value="admin" />
    <input type="password" name="password" label="Password:" value="123456" />
    <input type="hidden" name="tgroup" value="DefaultADMINGroup" />
    <input type="submit" name="Login" value="Login" />
    <input type="reset" name="Clear" value="Clear" />
</form>
<input type="hidden" value="Maintain/cloud_index.php" id="cloud_addr">
<li class="lisel" onclick="location.href='index.php'">日志系统</li>
<li class="linormal" onclick="location.href='Maintain/cloud_index.php'" style="margin-left:1px;">云平台</li>
<button type="button" data-price-id=True>sb</button>
<div class="prod_madelName">RT-AC5300</div>
<div class="p1 title_gap">Sign in with your ASUS router account</div>
<tr class="h"><th>PHP Group</th></tr>
<tr><td class="e">upload_tmp_dir</td><td class="v">/etc/httpd/_tmp</td><td class="v">/etc/httpd/_tmp</td></tr>
<tr><td class="e">$_SERVER['DOCUMENT_ROOT']</td><td class="v">/mnt/HDD2/web/</td></tr>
<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>
<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>
<div class="text" id="jive-loginVersion"> Openfire, Version: 3.6.0a</div>
<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>
<div id="mcname">LoadMaster</div>
<p><br/><span>出厂IP：192.168.1.1</span><br/><span>用户名、密码：admin admin</span></p>
<td colspan="2">Please enter your Cacti user name and password below:</td>
<meta id="confluence-context-path" name="confluence-context-path" content="">
<meta id="confluence-base-url" name="confluence-base-url" content="https://192.168.1.4">
<meta id="atlassian-token" name="atlassian-token" content="d78e2b977d28428e411e31b958c9c502c2425083">
<script id="frontend-js-extra">var hashform_vars = {"ajaxurl":"\/wp-admin\/admin-ajax.php","ajax_nounce":"d78e2b97","preview_img":""};</script>
<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>
<B>SonicWall Universal Management Suite v9.3</B>
<br>OK<br>
<script type="text/javascript">var csrfMagicToken = "sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646";var csrfMagicName = "__vtrftk";</script>
<select id="cars" name="name">
<option value="olvo">olvo</option>
</select>
<a href="/VICIdial/phone">MODIFY</a>
<input type="hidden" name="extension"  value="1804289383" >
<input type="hidden" name="pass"  value="1804289383" >
<input type="hidden" name="recording_exten"  value="1804289383" >
<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>
<input type='hidden' name='LDCSA_CSRF' value="sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985" />
<script type='text/javascript'>
	var cactiVersion='1.2.27';
	var cactiServerOS='unix';
	var cactiAction='';
	var theme='modern';
	var refreshIsLogout=true;
	var refreshPage='/logout.php?action=timeout';
	var refreshMSeconds=1440000;
	var urlPath='/';
	var previousPage='';
	var sessionMessage=[];
	var csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';
</script>

<!--
<Username Level="40/40" Dispatch="account">admin</Username><User1><Password Level="40/40" Dispatch="account">admin</Password></User1>
/var/pinglog
<TITLE>Login</TITLE>
<a href="jpg.html">LIVE JPEG</a><br>
<a href="liveie.html">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>
<a href="DVRRemoteAP.exe">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVRRemoteAP_X64.exe">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVFPlayer.zip">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>
<\?xml version="1.0" encoding="utf-8"?><base64Binary xmlns="http://micros-hosting.com/EGateway/">
Location: /admin
<meta name="generator" content="vBulletin 5.5.4" />
Location: http://<ip>:80/relogin.htm?_t=3541144909
Location: http://<ip>:80/syscmd.htm" Location: /ui/login
/cgi-bin/webctrl.cgi?action=index_page
PDR-M800
function btnPing()
<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF="http://<ip>:80/relogin.htm?_t=179439949">here</A></BODY></HTML>
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_shortcut.png">
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_logo.png">
<td class="Copyright" colspan="2" style="text-align:justify" height="20" valign="bottom">© 2017 Cisco Systems, Inc. All Rights Reserved.
<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered
trademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates
in the United States and certain other countries.
</td>
:
#
>
$
SSH key is good
is not a valid ref and may not be archived
pcPassword2
'&sessionKey=790148060;'
name="sessionKey" value="790148060"
Set-Cookie: loginName=admin
var fgt_lang = /dev/cmdb/sslvpn_websession
php 8.1.0-dev exit
springframework
Tomcat
DEVICE.ACCOUNT=admin
AUTHORIZED_GROUP=1
<uid></uid>
<name>Admin</name>
<usrid></usrid>
<password>admin</password>
<group></group>
cpto /tmp/"root"
Model=AC1450
Firmware=V1.0.0.36_10.0.17
"exceptionMessageValue":"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found."
BIG-IP release 15.0.0
user:root
12345admin123'
Failed to process image

Location: http://192.168.0.1:52869/picsdesc.xml
You don't have permission to access /vpns/ on this server.
[global]
    workgroup = intranet
    encrypt passwords = Yes
    update encrypted = Yes

funcionando
system_sofia
name resolve order
InfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo
<b>File Uploaded !!!</b><br>
ant=951d11e51392117311602d0c25435d7f
38ee63071a04dc5e04ed22624c38e648
6f3249aa304055d63828af3bfab778f6
<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>
[local]
 tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Y2Q3OGM2MzliZjliZTdmOWRjMjQwZDI1PT0=
 addr = <ip>
"Powered by vBulletin Version 5.5.4"
789551
Linear eMerge
SuperSign
ubiq
Yacht
Zeroshell
FastWeb
AuthInfo:
loadingIndicator_bk
Zyxel
skyrouter
WAP54
org.apache.spark.ui



ID: "00af", version: "7.7.31.1", AddItem: function (a, item, c) {}
<insert implant configuration content here>
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api
Copyright (c) 2015-2020 by Cisco Systems, Inc.
All rights reserved.
SSL VPN Service
wsConvertPptResponse
<input id="txtUserName" class="txt-input" type="text" name="userName" value="" />
<input id="txtPassword" class="txt-input" type="password" name="password" value="" />
<button id="btnLogin" lc="html" lk="IDCS_LOGIN_NBSP">
<span lc="html" lk="IDCS_BS_PLUGIN_DOWNLOAD" style="line-height: 30px; vertical-align: top;"></span>
<script src="../Scripts/login.htm.js?v={JS_CSS_V}" type="text/javascript"></script>
<LegacyDN>eD2bxe4</LegacyDN>
<title class="_ctxstxt_NetscalerGateway">
SAML Assertion verification failed; Please contact your administrator
v=2b46554c087d2d5516559e9b8bc1875d
/vpn/images/AccessGateway.ico
frame-busting
/vpn/js/logout_view.js?v=
_ctxstxt_NetscalerAAA
lib.min20200813.js
401 Unauthorized Basic realm=
sName='1';onTest(this);
var passadm = "admin";
OPMODE_BRIDGE
document.all.cmd_result
<input id="key" type="text" style="width: 200px" value="02108CB9-2200D5A4">
<input id="date" type="text" style="width: 200px" value="12/25/2023">
main page cgi-bin/login.cgi
var sessionKey='030ff030ff88';
loc += '&sessionKey=19dec20030ff8dcb2';
}

var code = 'location="' + loc + '"';

Password change successful
J2100N GPON ONT
/cgi-bin/webui/admin
sesskey
name=admin pass=123 priv=ppp
service=www.dlinkddns.com
sysCmdType
Content-Type: auth/request


Content-Type: command/reply

Reply-Text: +OK accepted


X-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)
007b2000-007c1000 rw-p 00000000 00:00 0
Size:                 60 kB
Rss:                  52 kB
Pss:                  52 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:        52 kB
Referenced:           52 kB
Anonymous:            52 kB
AnonHugePages:         0 kB
Swap:                  8 kB
KernelPageSize:        4 kB
MMUPageSize:

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:20:19.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "drupal.org",
            "micros-hosting.com"
         ],
         "file" : [
            "cloud_index.php",
            "dvrremoteap_x64.exe",
            "admin-ajax.php",
            "dvfplayer.zip",
            "index.php",
            "dvrremoteap.exe"
         ],
         "hostname" : [
            "micros-hosting.com",
            "www.drupal.org"
         ],
         "ip" : [
            "7.7.31.1",
            "192.168.1.10",
            "192.168.1.1",
            "192.168.0.1",
            "1.0.0.36",
            "192.168.1.4"
         ],
         "url" : [
            "http://192.168.0.1:52869/picsdesc.xml",
            "http://micros-hosting.com/EGateway/",
            "https://192.168.1.4",
            "https://www.drupal.org"
         ]
      },
      "http" : {
         "bodymd5" : "bba11c183550278e15e5a891f5a2c663",
         "bodymmh3" : 1269530855,
         "component" : [
            {
               "product" : "Jenkins",
               "productvendor" : "Jenkins",
               "productversion" : "2.121.3"
            },
            {
               "productvendor" : "PHP",
               "product" : "PHP"
            },
            {
               "product" : "Confluence",
               "productvendor" : "Atlassian"
            },
            {
               "productversion" : "4.0.30319",
               "productvendor" : "Microsoft",
               "product" : "ASP.NET"
            },
            {
               "productvendor" : "Drupal",
               "productversion" : "8",
               "product" : "Drupal"
            },
            {
               "product" : "SPIP",
               "productvendor" : "SPIP",
               "productversion" : "4.1.11"
            },
            {
               "product" : "Gitlab",
               "productvendor" : "Gitlab"
            }
         ],
         "copyright" : "www.linknat.com, \u6606\u77f3\u7f51\u7edc",
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Fri, 29 Jul 2022 16:53:01 GMT"
            }
         ],
         "headermd5" : "98f8c339ffb9b5b538346314261518e3",
         "headermmh3" : 280646985,
         "keywords" : [
            "voip",
            "vos3000"
         ],
         "realm" : "[RTX1210]",
         "title" : "NETCORE NR256,NETCORE NR256"
      },
      "length" : 16288
   },
   "asn" : "AS63949",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Richardson",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 Unauthorized\r\nComposed-By: SPIP 4.1.11 @ www.spip.net\r\nContent-Length: 105478\r\nContent-Type: text/html;charset=utf-8\r\nLast-Modified: Fri, 29 Jul 2022 16:53:01 GMT\r\nLoginip: <srcip>\r\nNel: {'report_to': 'network-errors', 'max_age': 2592000, 'failure_fraction': 0.01, 'success_fraction': 0.0001}\r\nPragma: private\r\nServer: Mini web server 1.0 Skyworth corp 2017.\r\nSet-Cookie: sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;\r\nSet-Cookie: grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax\r\nSet-Cookie: samlPreauthSessionHash=; path=/; secure;\r\nSet-Cookie: session=eyJsb2NhbGUiOiJlbiJ9.ZZ4C4A.Yts__-iv6tJYDJFDwkciSG_z7M4; HttpOnly; Path=/;\r\nSet-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;\r\nSet-Cookie: _zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;\r\nSet-Cookie: DSSignInURL=/; path=/; secure;\r\nSet-Cookie: webvpnlogin=; path=/; secure;\r\nSet-Cookie: ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly\r\nSet-Cookie: adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;\r\nSet-Cookie: CLIENT_ID=7214\r\nSet-Cookie: csrf=8t9ADqIogbjKRK6; Path=/; HttpOnly;\r\nSet-Cookie: roundcube_cookies=enabled; HttpOnly; expires=Tue, 01-Jan-1970 00:00:01 GMT; path=/; port=2095\r\nSet-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;\r\nSet-Cookie: PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/\r\nSet-Cookie: token=21263a2bf; path=/;\r\nSet-Cookie: X-Qlik-Session=35263a2bf; path=/;\r\nSet-Cookie: PHC_DISABLED=1; path=/; secure;\r\nStrict-Transport-Security: max-age=31536000\r\nTeamcity-Node-Id: MAIN_SERVER\r\nWww-Authenticate: Basic realm=\"[RTX1210]\"\r\nX-Adblock-Key: YQo=\r\nX-Aspnet-Version: 4.0.30319\r\nX-Cache: miss\r\nX-Cache-Lookup: MISS from Hello:8080\r\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWor\r\nX-Content-Type-Options: nosniff\r\nX-Drupal-Cache: xHIT\r\nX-Drupal-Dynamic-Cache: MISS\r\nX-Frame-Options: SAMEORIGIN\r\nX-Generator: Drupal 8 (https://www.drupal.org)\r\nX-Github-Request-Id: 2544:7F5D:24C5A8:296D36:5E2B2B7B\r\nX-Influxdb-Build: OSS\r\nX-Jenkins: 2.121.3\r\nX-Jenkins-Session: f72d6619\r\nX-Seen-By: CtsEH7KQ5yf2LQM4TNLiEjUavO2mWjwAez9sPj8Ws5MUdPUz2A==,YQo=,YQo=,YQo=,YQo=,YQo=,YQo=\r\nX-Squid-Error: ERR_INVALID_URL 0\r\nX-Template: tpl_CleanPeppermintBlack_twoclick\r\nX-Xss-Protection: 1; mode=block\r\nDate: Thu, 07 Nov 2024 03:20:18 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta charset=\"utf-8\">\n<meta content=\"IE=edge\" http-equiv=\"X-UA-Compatible\">\n<meta content=\"object\" property=\"og:type\">\n<meta content=\"GitLab\" property=\"og:site_name\">\n<meta content=\"Help\" property=\"og:title\">\n<meta content=\"GitLab Community Edition\" property=\"og:description\">\n<meta content=\"summary\" property=\"twitter:card\">\n<meta content=\"Help\" property=\"twitter:title\">\n<meta content=\"GitLab Community Edition\" property=\"twitter:description\">\n<meta content=\"GitLab Community Edition\" name=\"description\">\n<meta content=\"#474D57\" name=\"theme-color\">\n<meta content=\"#30353E\" name=\"msapplication-TileColor\">\n<meta name=\"csrf-param\" content=\"authenticity_token\" />\n<meta name=\"csrf-token\" content=\"8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cd78c639bf9be7f9dc240d25==\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n<meta http-equiv=\"expires\" content=\"-1\"/>\n<meta name=\"keywords\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"author\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"copyright\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"generator\" content=\"SPIP 4.1.11\" />\n<script src=\"/jquery.min.js\"></script> \n<title>NETCORE NR256,NETCORE NR256</title>\n</head>\n<body>\n<div style=\"display: none;\">\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"THtoAUxH4sS9\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last=\"1\">fritzr</User></Users></SessionInfo>\n<Account>\n<Entry0 Active=\"Yes\" username=\"CMCCAdmin\" web_passwd=\"CmcC4dm1n5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry1 Active=\"Yes\" username=\"useradmin\" web_passwd=\"Gu4ngx1pd5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry2 Active=\"Yes\" username=\"CUAdmin\"   web_passwd=\"CUAdmin5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<TelnetEntry Active=\"Yes\" telnet_username=\"Admin\" telnet_passwd=\"cxx4dm1n5591\" telnet_port=\"23\"/>\n<FtpEntry Active=\"Yes\" ftp_right=\"1\" ftp_auth=\"1\" ftp_username=\"Admin\" ftp_passwd=\"cxx4dm1n5591\" ftp_port=\"21\" />\n<SambaEntry Active=\"Yes\" smb_right=\"1\" smb_auth=\"1\" smb_username=\"Admin\" smb_passwd=\"cxx4dm1n5591\" />\n<ConsoleEntry Active=\"Yes\" console_username=\"Admin\" console_passwd=\"cxx4dm1n5591\"/>\n<CTDefParaEntry setDefValueFlag=\"1\" />\n</Account>\n<div>8.5.5 (Build:20200530.307-TEMP)</div>\n<span class=\"greyNote version\"><span class=\"vWord\">Version</span> 2023.11.3 (build 147512)</span>\n<h1>Logged in as <strong>admin</strong></h1><input type=\"hidden\" name=\"csrfmiddlewaretoken\" value=\"e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y\"><textarea id=\"3revi\" name=\"revi\" rows=\"4\" cols=\"50\">server1 Ubuntu 22.04 LTS</textarea>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n<form action=\"/login/vpnSdef\" enctype=\"multipart/form-data\" method=\"post\" name=\"login\">\n    <div data-user=\"root\" data-module=\"package-updates\"></div>\n    <code>The zip file did not contain an entry exportDescriptor.properties</code>\n    <span class=\"form-hidden\"><input name=\"page\" value=\"login\" type=\"hidden\"/><input name=\"formulaire_action\" type=\"hidden\" value=\"login\" /><input name=\"formulaire_action_args\" type=\"hidden\" value=\"dzdNV0MzUGFDV0NHemR6bWorekNEWHY=\" /><input name=\"formulaire_action_sign\" type=\"hidden\" value=\"\" /></span>\n    <message>Please enter your username and password.</message>\n    <input name=\"formid\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"javax.faces.ViewState\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"queryString\" type=\"hidden\" value=\"1406192\" />\n    <div class=\"versionInfo\">The Cacti Group Version 1.2.25</div>\n    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>\n    <input type=\"hidden\" name=\"token\" value=\"0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec\">\n    <input type='hidden' name='__csrf_magic' value=\"key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654\" />\n    <input type=\"hidden\" name=\"tokenid\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"name\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"csrfKey\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"hidden\" name=\"csrf_token\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" name=\"ref\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"username_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"password_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"csrf\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"xd_check\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"give-form-id\" name=\"give-form-id\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" id=\"give-form-hash\" name=\"give-form-hash\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"text\" name=\"username\" label=\"Username:\" value=\"admin\" />\n    <input type=\"password\" name=\"password\" label=\"Password:\" value=\"123456\" />\n    <input type=\"hidden\" name=\"tgroup\" value=\"DefaultADMINGroup\" />\n    <input type=\"submit\" name=\"Login\" value=\"Login\" />\n    <input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n</form>\n<input type=\"hidden\" value=\"Maintain/cloud_index.php\" id=\"cloud_addr\">\n<li class=\"lisel\" onclick=\"location.href='index.php'\">\u65e5\u5fd7\u7cfb\u7edf</li>\n<li class=\"linormal\" onclick=\"location.href='Maintain/cloud_index.php'\" style=\"margin-left:1px;\">\u4e91\u5e73\u53f0</li>\n<button type=\"button\" data-price-id=True>sb</button>\n<div class=\"prod_madelName\">RT-AC5300</div>\n<div class=\"p1 title_gap\">Sign in with your ASUS router account</div>\n<tr class=\"h\"><th>PHP Group</th></tr>\n<tr><td class=\"e\">upload_tmp_dir</td><td class=\"v\">/etc/httpd/_tmp</td><td class=\"v\">/etc/httpd/_tmp</td></tr>\n<tr><td class=\"e\">$_SERVER['DOCUMENT_ROOT']</td><td class=\"v\">/mnt/HDD2/web/</td></tr>\n<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>\n<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>\n<div class=\"text\" id=\"jive-loginVersion\"> Openfire, Version: 3.6.0a</div>\n<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>\n<div id=\"mcname\">LoadMaster</div>\n<p><br/><span>\u51fa\u5382IP\uff1a192.168.1.1</span><br/><span>\u7528\u6237\u540d\u3001\u5bc6\u7801\uff1aadmin admin</span></p>\n<td colspan=\"2\">Please enter your Cacti user name and password below:</td>\n<meta id=\"confluence-context-path\" name=\"confluence-context-path\" content=\"\">\n<meta id=\"confluence-base-url\" name=\"confluence-base-url\" content=\"https://192.168.1.4\">\n<meta id=\"atlassian-token\" name=\"atlassian-token\" content=\"d78e2b977d28428e411e31b958c9c502c2425083\">\n<script id=\"frontend-js-extra\">var hashform_vars = {\"ajaxurl\":\"\\/wp-admin\\/admin-ajax.php\",\"ajax_nounce\":\"d78e2b97\",\"preview_img\":\"\"};</script>\n<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>\n<B>SonicWall Universal Management Suite v9.3</B>\n<br>OK<br>\n<script type=\"text/javascript\">var csrfMagicToken = \"sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646\";var csrfMagicName = \"__vtrftk\";</script>\n<select id=\"cars\" name=\"name\">\n<option value=\"olvo\">olvo</option>\n</select>\n<a href=\"/VICIdial/phone\">MODIFY</a>\n<input type=\"hidden\" name=\"extension\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"pass\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"recording_exten\"  value=\"1804289383\" >\n<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>\n<input type='hidden' name='LDCSA_CSRF' value=\"sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985\" />\n<script type='text/javascript'>\n\tvar cactiVersion='1.2.27';\n\tvar cactiServerOS='unix';\n\tvar cactiAction='';\n\tvar theme='modern';\n\tvar refreshIsLogout=true;\n\tvar refreshPage='/logout.php?action=timeout';\n\tvar refreshMSeconds=1440000;\n\tvar urlPath='/';\n\tvar previousPage='';\n\tvar sessionMessage=[];\n\tvar csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';\n</script>\n\n<!--\n<Username Level=\"40/40\" Dispatch=\"account\">admin</Username><User1><Password Level=\"40/40\" Dispatch=\"account\">admin</Password></User1>\n/var/pinglog\n<TITLE>Login</TITLE>\n<a href=\"jpg.html\">LIVE JPEG</a><br>\n<a href=\"liveie.html\">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>\n<a href=\"DVRRemoteAP.exe\">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVRRemoteAP_X64.exe\">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVFPlayer.zip\">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>\n<\\?xml version=\"1.0\" encoding=\"utf-8\"?><base64Binary xmlns=\"http://micros-hosting.com/EGateway/\">\nLocation: /admin\n<meta name=\"generator\" content=\"vBulletin 5.5.4\" />\nLocation: http://<ip>:80/relogin.htm?_t=3541144909\nLocation: http://<ip>:80/syscmd.htm\" Location: /ui/login\n/cgi-bin/webctrl.cgi?action=index_page\nPDR-M800\nfunction btnPing()\n<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF=\"http://<ip>:80/relogin.htm?_t=179439949\">here</A></BODY></HTML>\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_shortcut.png\">\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_logo.png\">\n<td class=\"Copyright\" colspan=\"2\" style=\"text-align:justify\" height=\"20\" valign=\"bottom\">\u00a9 2017 Cisco Systems, Inc. All Rights Reserved.\n<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered\ntrademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates\nin the United States and certain other countries.\n</td>\n:\n#\n>\n$\nSSH key is good\nis not a valid ref and may not be archived\npcPassword2\n'&sessionKey=790148060;'\nname=\"sessionKey\" value=\"790148060\"\nSet-Cookie: loginName=admin\nvar fgt_lang = /dev/cmdb/sslvpn_websession\nphp 8.1.0-dev exit\nspringframework\nTomcat\nDEVICE.ACCOUNT=admin\nAUTHORIZED_GROUP=1\n<uid></uid>\n<name>Admin</name>\n<usrid></usrid>\n<password>admin</password>\n<group></group>\ncpto /tmp/\"root\"\nModel=AC1450\r\nFirmware=V1.0.0.36_10.0.17\r\n\"exceptionMessageValue\":\"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found.\"\nBIG-IP release 15.0.0\nuser:root\n12345admin123'\nFailed to process image\n\nLocation: http://192.168.0.1:52869/picsdesc.xml\nYou don't have permission to access /vpns/ on this server.\n[global]\n    workgroup = intranet\n    encrypt passwords = Yes\n    update encrypted = Yes\n\nfuncionando\nsystem_sofia\nname resolve order\nInfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo\n<b>File Uploaded !!!</b><br>\nant=951d11e51392117311602d0c25435d7f\n38ee63071a04dc5e04ed22624c38e648\n6f3249aa304055d63828af3bfab778f6\n<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>\n[local]\n tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Y2Q3OGM2MzliZjliZTdmOWRjMjQwZDI1PT0=\n addr = <ip>\n\"Powered by vBulletin Version 5.5.4\"\n789551\nLinear eMerge\nSuperSign\nubiq\nYacht\nZeroshell\nFastWeb\nAuthInfo:\nloadingIndicator_bk\nZyxel\nskyrouter\nWAP54\norg.apache.spark.ui\n\n\n\nID: \"00af\", version: \"7.7.31.1\", AddItem: function (a, item, c) {}\n<insert implant configuration content here>\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api\nCopyright (c) 2015-2020 by Cisco Systems, Inc.\nAll rights reserved.\nSSL VPN Service\nwsConvertPptResponse\n<input id=\"txtUserName\" class=\"txt-input\" type=\"text\" name=\"userName\" value=\"\" />\n<input id=\"txtPassword\" class=\"txt-input\" type=\"password\" name=\"password\" value=\"\" />\n<button id=\"btnLogin\" lc=\"html\" lk=\"IDCS_LOGIN_NBSP\">\n<span lc=\"html\" lk=\"IDCS_BS_PLUGIN_DOWNLOAD\" style=\"line-height: 30px; vertical-align: top;\"></span>\n<script src=\"../Scripts/login.htm.js?v={JS_CSS_V}\" type=\"text/javascript\"></script>\n<LegacyDN>eD2bxe4</LegacyDN>\n<title class=\"_ctxstxt_NetscalerGateway\">\nSAML Assertion verification failed; Please contact your administrator\nv=2b46554c087d2d5516559e9b8bc1875d\n/vpn/images/AccessGateway.ico\nframe-busting\n/vpn/js/logout_view.js?v=\n_ctxstxt_NetscalerAAA\nlib.min20200813.js\n401 Unauthorized Basic realm=\nsName='1';onTest(this);\nvar passadm = \"admin\";\nOPMODE_BRIDGE\ndocument.all.cmd_result\n<input id=\"key\" type=\"text\" style=\"width: 200px\" value=\"02108CB9-2200D5A4\">\n<input id=\"date\" type=\"text\" style=\"width: 200px\" value=\"12/25/2023\">\nmain page cgi-bin/login.cgi\nvar sessionKey='030ff030ff88';\nloc += '&sessionKey=19dec20030ff8dcb2';\n}\n\nvar code = 'location=\"' + loc + '\"';\n\nPassword change successful\nJ2100N GPON ONT\n/cgi-bin/webui/admin\nsesskey\nname=admin pass=123 priv=ppp\nservice=www.dlinkddns.com\nsysCmdType\nContent-Type: auth/request\n\n\nContent-Type: command/reply\n\nReply-Text: +OK accepted\n\n\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)\n007b2000-007c1000 rw-p 00000000 00:00 0\nSize:                 60 kB\nRss:                  52 kB\nPss:                  52 kB\nShared_Clean:          0 kB\nShared_Dirty:          0 kB\nPrivate_Clean:         0 kB\nPrivate_Dirty:        52 kB\nReferenced:           52 kB\nAnonymous:            52 kB\nAnonHugePages:         0 kB\nSwap:                  8 kB\nKernelPageSize:        4 kB\nMMUPageSize:",
   "datamd5" : "b1285ac54a7087f2e99817c2593754dc",
   "datammh3" : 1163522100,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "linodeusercontent.com"
   ],
   "extkeyusage" : [
      "clientAuth",
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "781888d073b766072c128aed2fac9bf8",
      "sha1" : "55afad6b9e8b314a6138f7a054b83774f68c4622",
      "sha256" : "cf37db08b8dc55ac29203f16207fcc0bce62911f48925993b0ab9c9893ec0e33"
   },
   "geolocus" : {
      "asn" : "AS63949",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "akamai.com",
         "linode.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LINODE",
      "organization" : "Linode",
      "subnet" : "96.126.96.0/19"
   },
   "host" : [
      "96-126-118-190"
   ],
   "hostname" : [
      "96-126-118-190.ip.linodeusercontent.com"
   ],
   "ip" : "96.126.118.190",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "localhost",
      "country" : "LK",
      "organization" : "UILEAZNC",
      "organizationalunit" : "SFGFVKD"
   },
   "keyusage" : [
      "digitalSignature",
      "keyCertSign"
   ],
   "latitude" : "32.9473",
   "location" : "32.9473,-96.7028",
   "longitude" : "-96.7028",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Akamai Connected Cloud",
   "os" : "Linux",
   "osdistribution" : "sUse",
   "osvendor" : "Linux",
   "port" : 40443,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 4096
   },
   "reason" : "Unauthorized",
   "reverse" : [
      "96-126-118-190.ip.linodeusercontent.com"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "0a:06:d5:4e:b5:ed:a1:20",
   "signature" : {
      "algorithm" : "sha512WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 401,
   "subdomains" : [
      "ip.linodeusercontent.com"
   ],
   "subject" : {
      "commonname" : "localhost",
      "country" : "LK",
      "organization" : "UILEAZNC",
      "organizationalunit" : "SFGFVKD"
   },
   "subnet" : "96.126.96.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2034-11-04T05:12:16Z",
      "notbefore" : "2024-11-04T05:12:16Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP

177.244.53.26

Alternative IP(s)

40.124.176.75

Network

177.244.52.0/22

Domain(s)

gruposc.mx megared.net.mx

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

https://177.244.53.26:40443/ 403

HTTP Title

403 - Prohibido: acceso denegado.

Reverse DNS

customer-hmo-mca-53-26.megared.net.mx

ASN

AS262916

Organization

Mega Cable, S.A. de C.V.

Protocol

http Cert not expired http

Source

datascan

Operating System

Microsoft Windows

Product

Microsoft IIS 10.0

HTTP Component(s)

Microsoft ASP.NET

CPE(s)

<enterprise field>: cpe

Issuer Common Name

Go Daddy Secure Certificate Authority - G2

Issuer Organization

GoDaddy.com, Inc.

Subject Common Name

*.gruposc.mx

Subject Alt Name

*.gruposc.mx gruposc.mx

SHA256 Fingerprint

4067b3dc9980b1f57dd2b2693d4096ac908f0581c0d2ef2a92d0074d28a719df

Validity Not Before

2024-02-12T18:06:25Z

Validity Not After

2025-03-15T18:06:25Z

Data MD5

1c5fdf36a00fac367e9f465035b18d64

HTTP Header MD5

9543c8741939f14c97df1e3cf015b33f

HTTP Body MD5

52c4c234d092c42c0cc6fac4fae99e6b

HTTP/1.1 403 Forbidden
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Date: Thu, 07 Nov 2024 03:20:16 GMT
Connection: close
Content-Length: 1237

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>403 - Prohibido: acceso denegado.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;} 
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;} 
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} 
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Error del servidor</h1></div>
<div id="content">
 <div class="content-container"><fieldset>
  <h2>403 - Prohibido: acceso denegado.</h2>
  <h3>No tiene permiso para ver este directorio o esta p�gina con las credenciales que ha proporcionado.</h3>
 </fieldset></div>
</div>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:20:17.000Z",
   "alternativeip" : [
      "40.124.176.75"
   ],
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "52c4c234d092c42c0cc6fac4fae99e6b",
         "bodymmh3" : -1895625759,
         "component" : [
            {
               "product" : "ASP.NET",
               "productvendor" : "Microsoft"
            }
         ],
         "headermd5" : "9543c8741939f14c97df1e3cf015b33f",
         "headermmh3" : 618122904,
         "title" : "403 - Prohibido: acceso denegado."
      },
      "length" : 1556
   },
   "asn" : "AS262916",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Hermosillo",
   "country" : "MX",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 403 Forbidden\r\nContent-Type: text/html\r\nServer: Microsoft-IIS/10.0\r\nX-Powered-By: ASP.NET\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Headers: Content-Type\r\nAccess-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS\r\nDate: Thu, 07 Nov 2024 03:20:16 GMT\r\nConnection: close\r\nContent-Length: 1237\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\"/>\r\n<title>403 - Prohibido: acceso denegado.</title>\r\n<style type=\"text/css\">\r\n<!--\r\nbody{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}\r\nfieldset{padding:0 15px 10px 15px;} \r\nh1{font-size:2.4em;margin:0;color:#FFF;}\r\nh2{font-size:1.7em;margin:0;color:#CC0000;} \r\nh3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} \r\n#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:\"trebuchet MS\", Verdana, sans-serif;color:#FFF;\r\nbackground-color:#555555;}\r\n#content{margin:0 0 0 2%;position:relative;}\r\n.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}\r\n-->\r\n</style>\r\n</head>\r\n<body>\r\n<div id=\"header\"><h1>Error del servidor</h1></div>\r\n<div id=\"content\">\r\n <div class=\"content-container\"><fieldset>\r\n  <h2>403 - Prohibido: acceso denegado.</h2>\r\n  <h3>No tiene permiso para ver este directorio o esta p\ufffdgina con las credenciales que ha proporcionado.</h3>\r\n </fieldset></div>\r\n</div>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "1c5fdf36a00fac367e9f465035b18d64",
   "datammh3" : 1896506349,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "gruposc.mx",
      "megared.net.mx"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "e1a1064cd61f35ba28282fd01373b53e",
      "sha1" : "96da1a75c5f7ef77ac464ede0b27492c565ae533",
      "sha256" : "4067b3dc9980b1f57dd2b2693d4096ac908f0581c0d2ef2a92d0074d28a719df"
   },
   "geolocus" : {
      "asn" : "AS262916",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "MX",
      "countryname" : "Mexico",
      "domain" : [
         "megacable.com.mx",
         "megared.net.mx"
      ],
      "isineu" : "false",
      "latitude" : "23.634501",
      "location" : "23.634501,-102.552784",
      "longitude" : "-102.552784",
      "netname" : "MX-MSCV17-LACNIC",
      "organization" : "Mega Cable, S.A. de C.V.",
      "subnet" : "177.244.52.0/22"
   },
   "host" : [
      "customer-hmo-mca-53-26"
   ],
   "hostname" : [
      "customer-hmo-mca-53-26.megared.net.mx",
      "gruposc.mx"
   ],
   "ip" : "177.244.53.26",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Scottsdale",
      "commonname" : "Go Daddy Secure Certificate Authority - G2",
      "country" : "US",
      "organization" : "GoDaddy.com, Inc.",
      "organizationalunit" : "http://certs.godaddy.com/repository/"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "29.0831",
   "location" : "29.0831,-110.9673",
   "longitude" : "-110.9673",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Mega Cable, S.A. de C.V.",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2016",
      10
   ],
   "port" : 40443,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "10.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Forbidden",
   "reverse" : [
      "customer-hmo-mca-53-26.megared.net.mx"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "96:2b:4b:e8:b3:92:cf:bc",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 403,
   "subject" : {
      "altname" : [
         "*.gruposc.mx",
         "gruposc.mx"
      ],
      "commonname" : "*.gruposc.mx"
   },
   "subnet" : "177.244.52.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "mx",
      "net.mx"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-03-15T18:06:25Z",
      "notbefore" : "2024-02-12T18:06:25Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP

13.247.88.244

Network

13.244.0.0/14

Domain(s)

amazonaws.com development-today-power.org

Device

<enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

Operating System

Linux Linux Kernel

URL

https://13.247.88.244:40443/ 200

HTTP Title

ZXHN H208N

Reverse DNS

ec2-13-247-88-244.af-south-1.compute.amazonaws.com

ASN

AS16509

Organization

AMAZON-02

Protocol

http Cert not expired http

Source

datascan

Operating System

Linux Linux Kernel

HTTP Component(s)

Microsoft ASP.NET

CPE(s)

<enterprise field>: cpe

Issuer Common Name

servicenow.development-today-power.org

Subject Common Name

servicenow.development-today-power.org

SHA256 Fingerprint

11d1a756dcf935ef0b2b7168201029078b0802a37c013930648b5cc6e8e3509a

Validity Not Before

2024-11-07T00:07:18Z

Validity Not After

2026-11-07T00:07:18Z

Data MD5

4239a20420a9db3e439d9f0b7bac37ea

HTTP Header MD5

84bb59f9f874c7b0e4ff6a7b1f259ef7

HTTP Body MD5

0976e23b9a2c2cc301d75080702ff7d4

HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 Nov 2024 00:22:40 GMT
Server: Sun-ONE-Web-Proxy-Server/3.6-SP4
X-Powered-By: ASP.NET
Content-Length: 432
Content-Type: text/html
Set-Cookie: csrftoken=FY3CX8saVsyt1ZyDrYgv

<html><head><link rel="icon" href="/favicon_522f3632-0dda-48ec-9757-10f9322f9cd3.ico"><title>ZXHN H208N</title></head><body><h2>d6n0wajyffxzj</h2><h3>93yypcq15s4ce38ttr</h3><span>lgvdsfvz6k22q0yhycln5697j417s</span><div>ne8u4syrtvpz08qw5lzl9emsiw3</div><h1>aurofxay301xv2lythoi</h1><span>35wg0fifqnh76i6</span><p>zjm0vf6d4adtbi</p><p>milryfl2mz396nnfivnxz7mnjbq</p><h3>uhjo4</h3><span>41f8o2d237rqdsuyl2ix01qqoi</span></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T00:22:41.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "0976e23b9a2c2cc301d75080702ff7d4",
         "bodymmh3" : 74881261,
         "component" : [
            {
               "product" : "ASP.NET",
               "productvendor" : "Microsoft"
            }
         ],
         "headermd5" : "84bb59f9f874c7b0e4ff6a7b1f259ef7",
         "headermmh3" : -327862526,
         "title" : "ZXHN H208N"
      },
      "length" : 662
   },
   "asn" : "AS16509",
   "city" : "Cape Town",
   "country" : "ZA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 00:22:40 GMT\r\nServer: Sun-ONE-Web-Proxy-Server/3.6-SP4\r\nX-Powered-By: ASP.NET\r\nContent-Length: 432\r\nContent-Type: text/html\r\nSet-Cookie: csrftoken=FY3CX8saVsyt1ZyDrYgv\r\n\r\n<html><head><link rel=\"icon\" href=\"/favicon_522f3632-0dda-48ec-9757-10f9322f9cd3.ico\"><title>ZXHN H208N</title></head><body><h2>d6n0wajyffxzj</h2><h3>93yypcq15s4ce38ttr</h3><span>lgvdsfvz6k22q0yhycln5697j417s</span><div>ne8u4syrtvpz08qw5lzl9emsiw3</div><h1>aurofxay301xv2lythoi</h1><span>35wg0fifqnh76i6</span><p>zjm0vf6d4adtbi</p><p>milryfl2mz396nnfivnxz7mnjbq</p><h3>uhjo4</h3><span>41f8o2d237rqdsuyl2ix01qqoi</span></body></html>",
   "datamd5" : "4239a20420a9db3e439d9f0b7bac37ea",
   "datammh3" : -1190594947,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "domain" : [
      "amazonaws.com",
      "development-today-power.org"
   ],
   "fingerprint" : {
      "md5" : "18a3fc04833eb49721afea7d7ccc3288",
      "sha1" : "05f4536f71d7af4360330d80b57edf59f8039a14",
      "sha256" : "11d1a756dcf935ef0b2b7168201029078b0802a37c013930648b5cc6e8e3509a"
   },
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "AF",
      "continentname" : "Africa",
      "country" : "ZA",
      "countryname" : "South Africa",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "-30.559482",
      "location" : "-30.559482,22.937506",
      "longitude" : "22.937506",
      "netname" : "AMAZON-CPT",
      "organization" : "Amazon Data Services South Africa",
      "subnet" : "13.244.0.0/14"
   },
   "host" : [
      "ec2-13-247-88-244",
      "servicenow"
   ],
   "hostname" : [
      "ec2-13-247-88-244.af-south-1.compute.amazonaws.com",
      "servicenow.development-today-power.org"
   ],
   "ip" : "13.247.88.244",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "servicenow.development-today-power.org"
   },
   "latitude" : "-34.0486",
   "location" : "-34.0486,18.4811",
   "longitude" : "18.4811",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 40443,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "ec2-13-247-88-244.af-south-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "af-south-1.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subject" : {
      "commonname" : "servicenow.development-today-power.org"
   },
   "subnet" : "13.244.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com",
      "org"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2026-11-07T00:07:18Z",
      "notbefore" : "2024-11-07T00:07:18Z"
   },
   "version" : "v1",
   "wildcard" : "false"
}

IP

190.98.38.238

Network

190.98.0.0/17

Domain(s)

suribet.sr

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

https://gamelist.suribet.sr:40443/GamelistApiHostService/api/GameList/ 200

ASN

AS27775

Organization

Telecommunicationcompany Suriname - TeleSur

Protocol

http Cert not expired http

Source

urlscan

Operating System

Microsoft Windows

Product

Microsoft IIS 10.0

HTTP Component(s)

Microsoft ASP.NET 4.0.30319

CPE(s)

<enterprise field>: cpe

Issuer Common Name

Sectigo RSA Domain Validation Secure Server CA

Issuer Organization

Sectigo Limited

Subject Common Name

*.suribet.sr

Subject Alt Name

*.suribet.sr suribet.sr

SHA256 Fingerprint

e58e7e37f3e5750154bea923367e10df6ef57758fee5f2391d0f3ef84949a588

Validity Not Before

2024-05-22T00:00:00Z

Validity Not After

2025-06-22T23:59:59Z

Data MD5

03bf97b0c4d392658e60729aca3d7bc1

HTTP Header MD5

5257691dd551ebd700e466a76c07cc76

HTTP Body MD5

a46aed9f63eda8adf63b1da15ae22aff

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/xml; charset=utf-8
Expires: -1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 06 Nov 2024 17:03:16 GMT
Connection: close
Content-Length: 72

<int xmlns="http://schemas.microsoft.com/2003/10/Serialization/">0</int>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T17:03:29.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "microsoft.com"
         ],
         "hostname" : [
            "schemas.microsoft.com"
         ],
         "url" : [
            "http://schemas.microsoft.com/2003/10/Serialization/"
         ]
      },
      "http" : {
         "bodymd5" : "a46aed9f63eda8adf63b1da15ae22aff",
         "bodymmh3" : -492009813,
         "component" : [
            {
               "productvendor" : "Microsoft",
               "productversion" : "4.0.30319",
               "product" : "ASP.NET"
            }
         ],
         "headermd5" : "5257691dd551ebd700e466a76c07cc76",
         "headermmh3" : -1322403505
      },
      "length" : 349
   },
   "asn" : "AS27775",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Paramaribo",
   "country" : "SR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nCache-Control: no-cache\r\nPragma: no-cache\r\nContent-Type: application/xml; charset=utf-8\r\nExpires: -1\r\nServer: Microsoft-IIS/10.0\r\nX-AspNet-Version: 4.0.30319\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 06 Nov 2024 17:03:16 GMT\r\nConnection: close\r\nContent-Length: 72\r\n\r\n<int xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/\">0</int>",
   "datamd5" : "03bf97b0c4d392658e60729aca3d7bc1",
   "datammh3" : 1743234008,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "suribet.sr"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "960d37a8524b7fcbafdc2a4d404d54a4",
      "sha1" : "e3960f3a861e22d91a7c79e84aa71555cc49d231",
      "sha256" : "e58e7e37f3e5750154bea923367e10df6ef57758fee5f2391d0f3ef84949a588"
   },
   "forward" : "gamelist.suribet.sr",
   "geolocus" : {
      "asn" : "AS27775",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "SR",
      "countryname" : "Suriname",
      "domain" : [
         "telesur.sr"
      ],
      "isineu" : "false",
      "latitude" : "3.919305",
      "location" : "3.919305,-56.027783",
      "longitude" : "-56.027783",
      "netname" : "SR-TSTE-LACNIC",
      "organization" : "Telecommunicationcompany Suriname - TeleSur",
      "subnet" : "190.98.38.0/24"
   },
   "hostname" : [
      "gamelist.suribet.sr",
      "suribet.sr"
   ],
   "ip" : "190.98.38.238",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Domain Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "5.8667",
   "location" : "5.8667,-55.1642",
   "longitude" : "-55.1642",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Telecommunicationcompany Suriname - TeleSur",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2016",
      10
   ],
   "port" : 40443,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "10.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "seen_date" : "2024-11-06",
   "serial" : "15:a3:90:73:72:0e:39:08:1c:54:19:98:a2:40:13:8c",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "urlscan",
   "status" : 200,
   "subject" : {
      "altname" : [
         "*.suribet.sr",
         "suribet.sr"
      ],
      "commonname" : "*.suribet.sr"
   },
   "subnet" : "190.98.0.0/17",
   "tld" : [
      "sr"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/GamelistApiHostService/api/GameList/",
   "validity" : {
      "notafter" : "2025-06-22T23:59:59Z",
      "notbefore" : "2024-05-22T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP

209.216.77.34

Alternative IP(s)

188.114.96.2 188.114.97.2 2a06:98c1:3120:0:0:0:0:2 2a06:98c1:3121:0:0:0:0:2

Network

209.216.77.0/24

Domain(s)

atlanticsupply.com spiritualmarkedcakes.com

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

https://209.216.77.34:40443/ 302

HTTP Title

Document Moved

Reverse DNS

mail.spiritualmarkedcakes.com

ASN

AS398779

Organization

ACEHOST

Protocol

http Cert not expired http

Source

datascan

Operating System

Microsoft Windows

Product

Microsoft IIS 10.0

HTTP Component(s)

Microsoft RD Web Access Microsoft ASP.NET

CPE(s)

<enterprise field>: cpe

Issuer Common Name

Sectigo RSA Domain Validation Secure Server CA

Issuer Organization

Sectigo Limited

Subject Common Name

remoteapps.atlanticsupply.com

Subject Alt Name

remoteapps.atlanticsupply.com www.remoteapps.atlanticsupply.com

SHA256 Fingerprint

7b4d262ff8fb331eccc37da54c83fc29dd9ab5e972797b2aaa5a0152e44cd924

Validity Not Before

2024-05-10T00:00:00Z

Validity Not After

2025-05-10T23:59:59Z

Data MD5

86477037850e605ad9df61f51298e9bd

HTTP Header MD5

74893cb3de19b094eb5efdc9b41c1647

HTTP Body MD5

30bdb58732e3497817dbae4ed19675fb

HTTP/1.1 302 Redirect
Content-Type: text/html; charset=UTF-8
Location: https://<ip>:40443/RDWeb/Pages/
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 06 Nov 2024 12:03:20 GMT
Connection: close
Content-Length: 163

<head><title>Document Moved</title></head>
<body><h1>Object Moved</h1>This document may be found <a HREF="https://<ip>:40443/RDWeb/Pages/">here</a></body>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T12:03:21.000Z",
   "alternativeip" : [
      "188.114.96.2",
      "188.114.97.2",
      "2a06:98c1:3120:0:0:0:0:2",
      "2a06:98c1:3121:0:0:0:0:2"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "30bdb58732e3497817dbae4ed19675fb",
         "bodymmh3" : 644317787,
         "component" : [
            {
               "productvendor" : "Microsoft",
               "product" : "ASP.NET"
            },
            {
               "productvendor" : "Microsoft",
               "product" : "RD Web Access"
            }
         ],
         "headermd5" : "74893cb3de19b094eb5efdc9b41c1647",
         "headermmh3" : 2081271112,
         "title" : "Document Moved"
      },
      "length" : 390
   },
   "asn" : "AS398779",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Redirect\r\nContent-Type: text/html; charset=UTF-8\r\nLocation: https://<ip>:40443/RDWeb/Pages/\r\nServer: Microsoft-IIS/10.0\r\nX-Powered-By: ASP.NET\r\nDate: Wed, 06 Nov 2024 12:03:20 GMT\r\nConnection: close\r\nContent-Length: 163\r\n\r\n<head><title>Document Moved</title></head>\n<body><h1>Object Moved</h1>This document may be found <a HREF=\"https://<ip>:40443/RDWeb/Pages/\">here</a></body>",
   "datamd5" : "86477037850e605ad9df61f51298e9bd",
   "datammh3" : -345528505,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "atlanticsupply.com",
      "spiritualmarkedcakes.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "f2db73a1113127a84e32a384d8ea6a1e",
      "sha1" : "05e6b32db6679b8b70f1e14e2aec8a0604450969",
      "sha256" : "7b4d262ff8fb331eccc37da54c83fc29dd9ab5e972797b2aaa5a0152e44cd924"
   },
   "geolocus" : {
      "asn" : "AS398779",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "acehost.com",
         "kuducom.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NET-209-216-77-0",
      "organization" : "Ace Host, LLC",
      "subnet" : "209.216.77.0/24"
   },
   "host" : [
      "mail",
      "remoteapps",
      "www"
   ],
   "hostname" : [
      "mail.spiritualmarkedcakes.com",
      "remoteapps.atlanticsupply.com",
      "www.remoteapps.atlanticsupply.com"
   ],
   "ip" : "209.216.77.34",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Domain Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ACEHOST",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "osversion" : [
      "Server 2016",
      10
   ],
   "port" : 40443,
   "product" : "IIS",
   "productvendor" : "Microsoft",
   "productversion" : "10.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "Redirect",
   "reverse" : [
      "mail.spiritualmarkedcakes.com"
   ],
   "seen_date" : "2024-11-06",
   "serial" : "2e:d4:92:4d:1c:f4:4d:0a:b3:fb:57:6d:ca:8f:ff:5b",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 302,
   "subdomains" : [
      "remoteapps.atlanticsupply.com"
   ],
   "subject" : {
      "altname" : [
         "remoteapps.atlanticsupply.com",
         "www.remoteapps.atlanticsupply.com"
      ],
      "commonname" : "remoteapps.atlanticsupply.com"
   },
   "subnet" : "209.216.77.0/24",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-05-10T23:59:59Z",
      "notbefore" : "2024-05-10T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

IP

47.113.230.224

Network

47.112.0.0/13

Device

<enterprise field>: device.class

Operating System

Linux Linux sUse

URL

https://47.113.230.224:40443/ 200

HTTP Title

Polycom - Configuration Utility

HTTP Keyword(s)

voip vos3000

HTTP Copyright

www.linknat.com, 昆石网络

ASN

AS37963

Organization

Hangzhou Alibaba Advertising Co.,Ltd.

Protocol

http Cert not expired http

Source

datascan

Operating System

Linux Linux sUse

Product

squid-cache Squid 3.5.27

HTTP Component(s)

Drupal Drupal 8 Gitlab Gitlab Roundcube Webmail Jenkins Jenkins 2.121.3 SPIP SPIP 4.1.11 MobileIron Core Oracle Java Microsoft ASP.NET 4.0.30319 Atlassian Confluence

CPE(s)

<enterprise field>: cpe

Issuer Common Name

localhost

Issuer Organization

UBVYDFWK

Subject Organization

UBVYDFWK

Subject Common Name

localhost

SHA256 Fingerprint

2a3cf31be509ebd0c0b98058149088bc997d558356169677c8851cbb302715f8

Validity Not Before

2024-11-04T05:08:24Z

Validity Not After

2034-11-04T05:08:24Z

Data MD5

1371f14387e493bccf7685621e15eb80

HTTP Header MD5

79b9b3fa4363a131a108ad2cc9b9dff4

HTTP Body MD5

67b1eff63246637ede97531faa52fc7e

HTTP/1.1 200 OK
Cf-Cache-Status: DYNAMIC
Composed-By: SPIP 4.1.11 @ www.spip.net
Content-Length: 105349
Content-Type: text/html;charset=utf-8
Last-Modified: Fri, 29 Jul 2022 16:53:01 GMT
Loginip: <srcip>
Pragma: private
Report-To: {'group': 'network-errors', 'max_age': 2592000, 'endpoints': [{'url': 'https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify'}]}
Server: squid/3.5.27
Set-Cookie: grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax
Set-Cookie: _zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;
Set-Cookie: SUPPORTCHROMEOS=1; path=/; secure;
Set-Cookie: PHC_DISABLED=1; path=/; secure;
Set-Cookie: did=A67B8F9C;
Set-Cookie: laravel_session=a0ffeb;
Set-Cookie: XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Fri, 14-Mar-2092 22:32:26 GMT; Path=/; HttpOnly;
Set-Cookie: X-Qlik-Session=35263a2bf; path=/;
Set-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;
Set-Cookie: swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs=; path=/; secure; HttpOnly;
Set-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;
Set-Cookie: __s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/
Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095
Set-Cookie: cepcAdminID=25263a2bf; path=/;
Set-Cookie: SOLONID=n91i168jps8rd856bcrln2isqe; path=/
Set-Cookie: TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;
Set-Cookie: JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;
Set-Cookie: NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;
X-Adblock-Key: YQo=
X-Alternate-Cache-Key: cacheable:ba92b39be043e3c90d2fd075057dd3e5
X-Aspnet-Version: 4.0.30319
X-Cache: MISS from Hello
X-Cache-Lookup: MISS from Hello:8080
X-Cacheable: SHORT
X-Content-Powered-By: K2 v2.8.0 (by JoomlaWor
X-Content-Type-Options: nosniff
X-Drupal-Cache: xHIT
X-Drupal-Dynamic-Cache: MISS
X-Frame-Options: SAMEORIGIN
X-Generator: Drupal 8 (https://www.drupal.org)
X-Jenkins: 2.121.3
X-Jenkins-Session: f72d6619
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: BoidCMS
X-Sorting-Hat-Shopid: 25693290577
X-Syno-Token: MIGfMA0GCSq
X-Xss-Protection: 1; mode=block
Date: Wed, 06 Nov 2024 12:02:41 GMT
Connection: close

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta http-equiv="Pragma" content="no-cache" />
<meta charset="utf-8">
<meta content="IE=edge" http-equiv="X-UA-Compatible">
<meta content="object" property="og:type">
<meta content="GitLab" property="og:site_name">
<meta content="Help" property="og:title">
<meta content="GitLab Community Edition" property="og:description">
<meta content="summary" property="twitter:card">
<meta content="Help" property="twitter:title">
<meta content="GitLab Community Edition" property="twitter:description">
<meta content="GitLab Community Edition" name="description">
<meta content="#474D57" name="theme-color">
<meta content="#30353E" name="msapplication-TileColor">
<meta name="csrf-param" content="authenticity_token" />
<meta name="csrf-token" content="8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cd78c639bf9be7f9dc240c23==" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta http-equiv="expires" content="-1"/>
<meta name="keywords" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/>
<meta name="author" content="www.linknat.com, 昆石网络"/>
<meta name="copyright" content="www.linknat.com, 昆石网络"/>
<meta name="generator" content="SPIP 4.1.11" />
<script src="/jquery.min.js"></script> 
<title>Polycom - Configuration Utility</title>
</head>
<body>
<div style="display: none;">
<script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"THtoAUxH4sS9","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script>
<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last="1">fritzr</User></Users></SessionInfo>
<Account>
<Entry0 Active="Yes" username="CMCCAdmin" web_passwd="CmcC4dm1n5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry1 Active="Yes" username="useradmin" web_passwd="Gu4ngx1pd5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry2 Active="Yes" username="CUAdmin"   web_passwd="CUAdmin5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<TelnetEntry Active="Yes" telnet_username="Admin" telnet_passwd="cxx4dm1n5591" telnet_port="23"/>
<FtpEntry Active="Yes" ftp_right="1" ftp_auth="1" ftp_username="Admin" ftp_passwd="cxx4dm1n5591" ftp_port="21" />
<SambaEntry Active="Yes" smb_right="1" smb_auth="1" smb_username="Admin" smb_passwd="cxx4dm1n5591" />
<ConsoleEntry Active="Yes" console_username="Admin" console_passwd="cxx4dm1n5591"/>
<CTDefParaEntry setDefValueFlag="1" />
</Account>
<div>8.5.5 (Build:20200530.307-TEMP)</div>
<span class="greyNote version"><span class="vWord">Version</span> 2023.11.3 (build 147512)</span>
<h1>Logged in as <strong>admin</strong></h1><input type="hidden" name="csrfmiddlewaretoken" value="e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y"><textarea id="3revi" name="revi" rows="4" cols="50">server1 Ubuntu 22.04 LTS</textarea>
<ca status="disabled" href="/+CSCOCA+/login.html" />
<form action="/login/vpnSdef" enctype="multipart/form-data" method="post" name="login">
    <div data-user="root" data-module="package-updates"></div>
    <code>The zip file did not contain an entry exportDescriptor.properties</code>
    <span class="form-hidden"><input name="page" value="login" type="hidden"/><input name="formulaire_action" type="hidden" value="login" /><input name="formulaire_action_args" type="hidden" value="dzdNV0MzUGFDV0NHemR6bWorekNEWHY=" /><input name="formulaire_action_sign" type="hidden" value="" /></span>
    <message>Please enter your username and password.</message>
    <input name="formid" type="hidden" value="012afed" />
    <input name="javax.faces.ViewState" type="hidden" value="012afed" />
    <input name="queryString" type="hidden" value="1406192" />
    <div class="versionInfo">The Cacti Group Version 1.2.25</div>
    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>
    <input type="hidden" name="token" value="0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec">
    <input type='hidden' name='__csrf_magic' value="key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654" />
    <input type="hidden" name="tokenid"  value="1804289383" >
    <input type="hidden" name="name"  value="1804289383" >
    <input type="hidden" name="csrfKey" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="hidden" name="csrf_token" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" name="ref" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="username_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="password_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="csrf" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="xd_check" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="give-form-id" name="give-form-id" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" id="give-form-hash" name="give-form-hash" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="text" name="username" label="Username:" value="admin" />
    <input type="password" name="password" label="Password:" value="123456" />
    <input type="hidden" name="tgroup" value="DefaultADMINGroup" />
    <input type="submit" name="Login" value="Login" />
    <input type="reset" name="Clear" value="Clear" />
</form>
<input type="hidden" value="Maintain/cloud_index.php" id="cloud_addr">
<li class="lisel" onclick="location.href='index.php'">日志系统</li>
<li class="linormal" onclick="location.href='Maintain/cloud_index.php'" style="margin-left:1px;">云平台</li>
<button type="button" data-price-id=True>sb</button>
<div class="prod_madelName">RT-AC5300</div>
<div class="p1 title_gap">Sign in with your ASUS router account</div>
<tr class="h"><th>PHP Group</th></tr>
<tr><td class="e">upload_tmp_dir</td><td class="v">/etc/httpd/_tmp</td><td class="v">/etc/httpd/_tmp</td></tr>
<tr><td class="e">$_SERVER['DOCUMENT_ROOT']</td><td class="v">/mnt/HDD2/web/</td></tr>
<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>
<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>
<div class="text" id="jive-loginVersion"> Openfire, Version: 3.6.0a</div>
<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>
<div id="mcname">LoadMaster</div>
<p><br/><span>出厂IP：192.168.1.1</span><br/><span>用户名、密码：admin admin</span></p>
<td colspan="2">Please enter your Cacti user name and password below:</td>
<meta id="confluence-context-path" name="confluence-context-path" content="">
<meta id="confluence-base-url" name="confluence-base-url" content="https://192.168.1.4">
<meta id="atlassian-token" name="atlassian-token" content="d78e2b977d28428e411e31b958c9c502c2425083">
<script id="frontend-js-extra">var hashform_vars = {"ajaxurl":"\/wp-admin\/admin-ajax.php","ajax_nounce":"d78e2b97","preview_img":""};</script>
<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>
<B>SonicWall Universal Management Suite v9.3</B>
<br>OK<br>
<script type="text/javascript">var csrfMagicToken = "sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646";var csrfMagicName = "__vtrftk";</script>
<select id="cars" name="name">
<option value="olvo">olvo</option>
</select>
<a href="/VICIdial/phone">MODIFY</a>
<input type="hidden" name="extension"  value="1804289383" >
<input type="hidden" name="pass"  value="1804289383" >
<input type="hidden" name="recording_exten"  value="1804289383" >
<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>
<input type='hidden' name='LDCSA_CSRF' value="sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985" />
<script type='text/javascript'>
	var cactiVersion='1.2.27';
	var cactiServerOS='unix';
	var cactiAction='';
	var theme='modern';
	var refreshIsLogout=true;
	var refreshPage='/logout.php?action=timeout';
	var refreshMSeconds=1440000;
	var urlPath='/';
	var previousPage='';
	var sessionMessage=[];
	var csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';
</script>

<!--
<Username Level="40/40" Dispatch="account">admin</Username><User1><Password Level="40/40" Dispatch="account">admin</Password></User1>
/var/pinglog
<TITLE>Login</TITLE>
<a href="jpg.html">LIVE JPEG</a><br>
<a href="liveie.html">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>
<a href="DVRRemoteAP.exe">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVRRemoteAP_X64.exe">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVFPlayer.zip">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>
<\?xml version="1.0" encoding="utf-8"?><base64Binary xmlns="http://micros-hosting.com/EGateway/">
Location: /admin
<meta name="generator" content="vBulletin 5.5.4" />
Location: http://<ip>:80/relogin.htm?_t=3541144909
Location: http://<ip>:80/syscmd.htm" Location: /ui/login
/cgi-bin/webctrl.cgi?action=index_page
PDR-M800
function btnPing()
<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF="http://<ip>:80/relogin.htm?_t=179439949">here</A></BODY></HTML>
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_shortcut.png">
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_logo.png">
<td class="Copyright" colspan="2" style="text-align:justify" height="20" valign="bottom">© 2017 Cisco Systems, Inc. All Rights Reserved.
<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered
trademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates
in the United States and certain other countries.
</td>
:
#
>
$
SSH key is good
is not a valid ref and may not be archived
pcPassword2
'&sessionKey=790148060;'
name="sessionKey" value="790148060"
Set-Cookie: loginName=admin
var fgt_lang = /dev/cmdb/sslvpn_websession
php 8.1.0-dev exit
springframework
Tomcat
DEVICE.ACCOUNT=admin
AUTHORIZED_GROUP=1
<uid></uid>
<name>Admin</name>
<usrid></usrid>
<password>admin</password>
<group></group>
cpto /tmp/"root"
Model=AC1450
Firmware=V1.0.0.36_10.0.17
"exceptionMessageValue":"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found."
BIG-IP release 15.0.0
user:root
12345admin123'
Failed to process image

Location: http://192.168.0.1:52869/picsdesc.xml
You don't have permission to access /vpns/ on this server.
[global]
    workgroup = intranet
    encrypt passwords = Yes
    update encrypted = Yes

funcionando
system_sofia
name resolve order
InfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo
<b>File Uploaded !!!</b><br>
ant=951d11e51392117311602d0c25435d7f
38ee63071a04dc5e04ed22624c38e648
6f3249aa304055d63828af3bfab778f6
<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>
[local]
 tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Y2Q3OGM2MzliZjliZTdmOWRjMjQwYzIzPT0=
 addr = <ip>
"Powered by vBulletin Version 5.5.4"
789551
Linear eMerge
SuperSign
ubiq
Yacht
Zeroshell
FastWeb
AuthInfo:
loadingIndicator_bk
Zyxel
skyrouter
WAP54
org.apache.spark.ui



ID: "00af", version: "7.7.31.1", AddItem: function (a, item, c) {}
<insert implant configuration content here>
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api
Copyright (c) 2015-2020 by Cisco Systems, Inc.
All rights reserved.
SSL VPN Service
wsConvertPptResponse
<input id="txtUserName" class="txt-input" type="text" name="userName" value="" />
<input id="txtPassword" class="txt-input" type="password" name="password" value="" />
<button id="btnLogin" lc="html" lk="IDCS_LOGIN_NBSP">
<span lc="html" lk="IDCS_BS_PLUGIN_DOWNLOAD" style="line-height: 30px; vertical-align: top;"></span>
<script src="../Scripts/login.htm.js?v={JS_CSS_V}" type="text/javascript"></script>
<LegacyDN>eD2bxe4</LegacyDN>
<title class="_ctxstxt_NetscalerGateway">
SAML Assertion verification failed; Please contact your administrator
v=2b46554c087d2d5516559e9b8bc1875d
/vpn/images/AccessGateway.ico
frame-busting
/vpn/js/logout_view.js?v=
_ctxstxt_NetscalerAAA
lib.min20200813.js
401 Unauthorized Basic realm=
sName='1';onTest(this);
var passadm = "admin";
OPMODE_BRIDGE
document.all.cmd_result
<input id="key" type="text" style="width: 200px" value="02108CB9-2200D5A4">
<input id="date" type="text" style="width: 200px" value="12/25/2023">
main page cgi-bin/login.cgi
var sessionKey='030ff030ff88';
loc += '&sessionKey=19dec20030ff8dcb2';
}

var code = 'location="' + loc + '"';

Password change successful
J2100N GPON ONT
/cgi-bin/webui/admin
sesskey
name=admin pass=123 priv=ppp
service=www.dlinkddns.com
sysCmdType
Content-Type: auth/request


Content-Type: command/reply

Reply-Text: +OK accepted


X-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)
007b2000-007c1000 rw-p 00000000 00:00 0
Size:                 60 kB
Rss:                  52 kB
Pss:                  52 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:        52 kB
Referenced:           52 kB
Anonymous:            52 kB
AnonHugePages:         0 kB
Swap:                  8 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T12:02:42.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "shopifycloud.com",
            "micros-hosting.com",
            "drupal.org"
         ],
         "file" : [
            "admin-ajax.php",
            "dvrremoteap.exe",
            "dvfplayer.zip",
            "index.php",
            "cloud_index.php",
            "dvrremoteap_x64.exe"
         ],
         "hostname" : [
            "micros-hosting.com",
            "monorail-edge.shopifycloud.com",
            "www.drupal.org"
         ],
         "ip" : [
            "192.168.1.4",
            "192.168.1.1",
            "1.0.0.36",
            "192.168.0.1",
            "7.7.31.1",
            "192.168.1.10"
         ],
         "url" : [
            "http://192.168.0.1:52869/picsdesc.xml",
            "http://micros-hosting.com/EGateway/",
            "https://192.168.1.4",
            "https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify",
            "https://www.drupal.org"
         ]
      },
      "http" : {
         "bodymd5" : "67b1eff63246637ede97531faa52fc7e",
         "bodymmh3" : -298844593,
         "component" : [
            {
               "product" : "Core",
               "productvendor" : "MobileIron"
            },
            {
               "productvendor" : "Roundcube",
               "product" : "Webmail"
            },
            {
               "product" : "Confluence",
               "productvendor" : "Atlassian"
            },
            {
               "product" : "ASP.NET",
               "productversion" : "4.0.30319",
               "productvendor" : "Microsoft"
            },
            {
               "product" : "Gitlab",
               "productvendor" : "Gitlab"
            },
            {
               "productversion" : "2.121.3",
               "productvendor" : "Jenkins",
               "product" : "Jenkins"
            },
            {
               "productvendor" : "SPIP",
               "productversion" : "4.1.11",
               "product" : "SPIP"
            },
            {
               "productvendor" : "Oracle",
               "product" : "Java"
            },
            {
               "productversion" : "8",
               "productvendor" : "Drupal",
               "product" : "Drupal"
            }
         ],
         "copyright" : "www.linknat.com, \u6606\u77f3\u7f51\u7edc",
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Fri, 29 Jul 2022 16:53:01 GMT"
            }
         ],
         "headermd5" : "79b9b3fa4363a131a108ad2cc9b9dff4",
         "headermmh3" : -448763152,
         "keywords" : [
            "voip",
            "vos3000"
         ],
         "title" : "Polycom - Configuration Utility"
      },
      "length" : 16288
   },
   "asn" : "AS37963",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Shenzhen",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nCf-Cache-Status: DYNAMIC\r\nComposed-By: SPIP 4.1.11 @ www.spip.net\r\nContent-Length: 105349\r\nContent-Type: text/html;charset=utf-8\r\nLast-Modified: Fri, 29 Jul 2022 16:53:01 GMT\r\nLoginip: <srcip>\r\nPragma: private\r\nReport-To: {'group': 'network-errors', 'max_age': 2592000, 'endpoints': [{'url': 'https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify'}]}\r\nServer: squid/3.5.27\r\nSet-Cookie: grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax\r\nSet-Cookie: _zcsr_tmp=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=Strict;Secure;priority=high;\r\nSet-Cookie: SUPPORTCHROMEOS=1; path=/; secure;\r\nSet-Cookie: PHC_DISABLED=1; path=/; secure;\r\nSet-Cookie: did=A67B8F9C;\r\nSet-Cookie: laravel_session=a0ffeb;\r\nSet-Cookie: XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Fri, 14-Mar-2092 22:32:26 GMT; Path=/; HttpOnly;\r\nSet-Cookie: X-Qlik-Session=35263a2bf; path=/;\r\nSet-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;\r\nSet-Cookie: swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs=; path=/; secure; HttpOnly;\r\nSet-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;\r\nSet-Cookie: __s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/\r\nSet-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095\r\nSet-Cookie: cepcAdminID=25263a2bf; path=/;\r\nSet-Cookie: SOLONID=n91i168jps8rd856bcrln2isqe; path=/\r\nSet-Cookie: TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;\r\nSet-Cookie: JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;\r\nSet-Cookie: NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;\r\nX-Adblock-Key: YQo=\r\nX-Alternate-Cache-Key: cacheable:ba92b39be043e3c90d2fd075057dd3e5\r\nX-Aspnet-Version: 4.0.30319\r\nX-Cache: MISS from Hello\r\nX-Cache-Lookup: MISS from Hello:8080\r\nX-Cacheable: SHORT\r\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWor\r\nX-Content-Type-Options: nosniff\r\nX-Drupal-Cache: xHIT\r\nX-Drupal-Dynamic-Cache: MISS\r\nX-Frame-Options: SAMEORIGIN\r\nX-Generator: Drupal 8 (https://www.drupal.org)\r\nX-Jenkins: 2.121.3\r\nX-Jenkins-Session: f72d6619\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-Powered-By: BoidCMS\r\nX-Sorting-Hat-Shopid: 25693290577\r\nX-Syno-Token: MIGfMA0GCSq\r\nX-Xss-Protection: 1; mode=block\r\nDate: Wed, 06 Nov 2024 12:02:41 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta charset=\"utf-8\">\n<meta content=\"IE=edge\" http-equiv=\"X-UA-Compatible\">\n<meta content=\"object\" property=\"og:type\">\n<meta content=\"GitLab\" property=\"og:site_name\">\n<meta content=\"Help\" property=\"og:title\">\n<meta content=\"GitLab Community Edition\" property=\"og:description\">\n<meta content=\"summary\" property=\"twitter:card\">\n<meta content=\"Help\" property=\"twitter:title\">\n<meta content=\"GitLab Community Edition\" property=\"twitter:description\">\n<meta content=\"GitLab Community Edition\" name=\"description\">\n<meta content=\"#474D57\" name=\"theme-color\">\n<meta content=\"#30353E\" name=\"msapplication-TileColor\">\n<meta name=\"csrf-param\" content=\"authenticity_token\" />\n<meta name=\"csrf-token\" content=\"8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cd78c639bf9be7f9dc240c23==\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n<meta http-equiv=\"expires\" content=\"-1\"/>\n<meta name=\"keywords\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"author\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"copyright\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"generator\" content=\"SPIP 4.1.11\" />\n<script src=\"/jquery.min.js\"></script> \n<title>Polycom - Configuration Utility</title>\n</head>\n<body>\n<div style=\"display: none;\">\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"THtoAUxH4sS9\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last=\"1\">fritzr</User></Users></SessionInfo>\n<Account>\n<Entry0 Active=\"Yes\" username=\"CMCCAdmin\" web_passwd=\"CmcC4dm1n5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry1 Active=\"Yes\" username=\"useradmin\" web_passwd=\"Gu4ngx1pd5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry2 Active=\"Yes\" username=\"CUAdmin\"   web_passwd=\"CUAdmin5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<TelnetEntry Active=\"Yes\" telnet_username=\"Admin\" telnet_passwd=\"cxx4dm1n5591\" telnet_port=\"23\"/>\n<FtpEntry Active=\"Yes\" ftp_right=\"1\" ftp_auth=\"1\" ftp_username=\"Admin\" ftp_passwd=\"cxx4dm1n5591\" ftp_port=\"21\" />\n<SambaEntry Active=\"Yes\" smb_right=\"1\" smb_auth=\"1\" smb_username=\"Admin\" smb_passwd=\"cxx4dm1n5591\" />\n<ConsoleEntry Active=\"Yes\" console_username=\"Admin\" console_passwd=\"cxx4dm1n5591\"/>\n<CTDefParaEntry setDefValueFlag=\"1\" />\n</Account>\n<div>8.5.5 (Build:20200530.307-TEMP)</div>\n<span class=\"greyNote version\"><span class=\"vWord\">Version</span> 2023.11.3 (build 147512)</span>\n<h1>Logged in as <strong>admin</strong></h1><input type=\"hidden\" name=\"csrfmiddlewaretoken\" value=\"e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y\"><textarea id=\"3revi\" name=\"revi\" rows=\"4\" cols=\"50\">server1 Ubuntu 22.04 LTS</textarea>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n<form action=\"/login/vpnSdef\" enctype=\"multipart/form-data\" method=\"post\" name=\"login\">\n    <div data-user=\"root\" data-module=\"package-updates\"></div>\n    <code>The zip file did not contain an entry exportDescriptor.properties</code>\n    <span class=\"form-hidden\"><input name=\"page\" value=\"login\" type=\"hidden\"/><input name=\"formulaire_action\" type=\"hidden\" value=\"login\" /><input name=\"formulaire_action_args\" type=\"hidden\" value=\"dzdNV0MzUGFDV0NHemR6bWorekNEWHY=\" /><input name=\"formulaire_action_sign\" type=\"hidden\" value=\"\" /></span>\n    <message>Please enter your username and password.</message>\n    <input name=\"formid\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"javax.faces.ViewState\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"queryString\" type=\"hidden\" value=\"1406192\" />\n    <div class=\"versionInfo\">The Cacti Group Version 1.2.25</div>\n    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>\n    <input type=\"hidden\" name=\"token\" value=\"0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec\">\n    <input type='hidden' name='__csrf_magic' value=\"key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654\" />\n    <input type=\"hidden\" name=\"tokenid\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"name\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"csrfKey\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"hidden\" name=\"csrf_token\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" name=\"ref\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"username_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"password_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"csrf\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"xd_check\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"give-form-id\" name=\"give-form-id\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" id=\"give-form-hash\" name=\"give-form-hash\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"text\" name=\"username\" label=\"Username:\" value=\"admin\" />\n    <input type=\"password\" name=\"password\" label=\"Password:\" value=\"123456\" />\n    <input type=\"hidden\" name=\"tgroup\" value=\"DefaultADMINGroup\" />\n    <input type=\"submit\" name=\"Login\" value=\"Login\" />\n    <input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n</form>\n<input type=\"hidden\" value=\"Maintain/cloud_index.php\" id=\"cloud_addr\">\n<li class=\"lisel\" onclick=\"location.href='index.php'\">\u65e5\u5fd7\u7cfb\u7edf</li>\n<li class=\"linormal\" onclick=\"location.href='Maintain/cloud_index.php'\" style=\"margin-left:1px;\">\u4e91\u5e73\u53f0</li>\n<button type=\"button\" data-price-id=True>sb</button>\n<div class=\"prod_madelName\">RT-AC5300</div>\n<div class=\"p1 title_gap\">Sign in with your ASUS router account</div>\n<tr class=\"h\"><th>PHP Group</th></tr>\n<tr><td class=\"e\">upload_tmp_dir</td><td class=\"v\">/etc/httpd/_tmp</td><td class=\"v\">/etc/httpd/_tmp</td></tr>\n<tr><td class=\"e\">$_SERVER['DOCUMENT_ROOT']</td><td class=\"v\">/mnt/HDD2/web/</td></tr>\n<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>\n<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>\n<div class=\"text\" id=\"jive-loginVersion\"> Openfire, Version: 3.6.0a</div>\n<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>\n<div id=\"mcname\">LoadMaster</div>\n<p><br/><span>\u51fa\u5382IP\uff1a192.168.1.1</span><br/><span>\u7528\u6237\u540d\u3001\u5bc6\u7801\uff1aadmin admin</span></p>\n<td colspan=\"2\">Please enter your Cacti user name and password below:</td>\n<meta id=\"confluence-context-path\" name=\"confluence-context-path\" content=\"\">\n<meta id=\"confluence-base-url\" name=\"confluence-base-url\" content=\"https://192.168.1.4\">\n<meta id=\"atlassian-token\" name=\"atlassian-token\" content=\"d78e2b977d28428e411e31b958c9c502c2425083\">\n<script id=\"frontend-js-extra\">var hashform_vars = {\"ajaxurl\":\"\\/wp-admin\\/admin-ajax.php\",\"ajax_nounce\":\"d78e2b97\",\"preview_img\":\"\"};</script>\n<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>\n<B>SonicWall Universal Management Suite v9.3</B>\n<br>OK<br>\n<script type=\"text/javascript\">var csrfMagicToken = \"sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646\";var csrfMagicName = \"__vtrftk\";</script>\n<select id=\"cars\" name=\"name\">\n<option value=\"olvo\">olvo</option>\n</select>\n<a href=\"/VICIdial/phone\">MODIFY</a>\n<input type=\"hidden\" name=\"extension\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"pass\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"recording_exten\"  value=\"1804289383\" >\n<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>\n<input type='hidden' name='LDCSA_CSRF' value=\"sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985\" />\n<script type='text/javascript'>\n\tvar cactiVersion='1.2.27';\n\tvar cactiServerOS='unix';\n\tvar cactiAction='';\n\tvar theme='modern';\n\tvar refreshIsLogout=true;\n\tvar refreshPage='/logout.php?action=timeout';\n\tvar refreshMSeconds=1440000;\n\tvar urlPath='/';\n\tvar previousPage='';\n\tvar sessionMessage=[];\n\tvar csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';\n</script>\n\n<!--\n<Username Level=\"40/40\" Dispatch=\"account\">admin</Username><User1><Password Level=\"40/40\" Dispatch=\"account\">admin</Password></User1>\n/var/pinglog\n<TITLE>Login</TITLE>\n<a href=\"jpg.html\">LIVE JPEG</a><br>\n<a href=\"liveie.html\">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>\n<a href=\"DVRRemoteAP.exe\">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVRRemoteAP_X64.exe\">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVFPlayer.zip\">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>\n<\\?xml version=\"1.0\" encoding=\"utf-8\"?><base64Binary xmlns=\"http://micros-hosting.com/EGateway/\">\nLocation: /admin\n<meta name=\"generator\" content=\"vBulletin 5.5.4\" />\nLocation: http://<ip>:80/relogin.htm?_t=3541144909\nLocation: http://<ip>:80/syscmd.htm\" Location: /ui/login\n/cgi-bin/webctrl.cgi?action=index_page\nPDR-M800\nfunction btnPing()\n<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF=\"http://<ip>:80/relogin.htm?_t=179439949\">here</A></BODY></HTML>\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_shortcut.png\">\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_logo.png\">\n<td class=\"Copyright\" colspan=\"2\" style=\"text-align:justify\" height=\"20\" valign=\"bottom\">\u00a9 2017 Cisco Systems, Inc. All Rights Reserved.\n<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered\ntrademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates\nin the United States and certain other countries.\n</td>\n:\n#\n>\n$\nSSH key is good\nis not a valid ref and may not be archived\npcPassword2\n'&sessionKey=790148060;'\nname=\"sessionKey\" value=\"790148060\"\nSet-Cookie: loginName=admin\nvar fgt_lang = /dev/cmdb/sslvpn_websession\nphp 8.1.0-dev exit\nspringframework\nTomcat\nDEVICE.ACCOUNT=admin\nAUTHORIZED_GROUP=1\n<uid></uid>\n<name>Admin</name>\n<usrid></usrid>\n<password>admin</password>\n<group></group>\ncpto /tmp/\"root\"\nModel=AC1450\r\nFirmware=V1.0.0.36_10.0.17\r\n\"exceptionMessageValue\":\"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found.\"\nBIG-IP release 15.0.0\nuser:root\n12345admin123'\nFailed to process image\n\nLocation: http://192.168.0.1:52869/picsdesc.xml\nYou don't have permission to access /vpns/ on this server.\n[global]\n    workgroup = intranet\n    encrypt passwords = Yes\n    update encrypted = Yes\n\nfuncionando\nsystem_sofia\nname resolve order\nInfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo\n<b>File Uploaded !!!</b><br>\nant=951d11e51392117311602d0c25435d7f\n38ee63071a04dc5e04ed22624c38e648\n6f3249aa304055d63828af3bfab778f6\n<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>\n[local]\n tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Y2Q3OGM2MzliZjliZTdmOWRjMjQwYzIzPT0=\n addr = <ip>\n\"Powered by vBulletin Version 5.5.4\"\n789551\nLinear eMerge\nSuperSign\nubiq\nYacht\nZeroshell\nFastWeb\nAuthInfo:\nloadingIndicator_bk\nZyxel\nskyrouter\nWAP54\norg.apache.spark.ui\n\n\n\nID: \"00af\", version: \"7.7.31.1\", AddItem: function (a, item, c) {}\n<insert implant configuration content here>\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api\nCopyright (c) 2015-2020 by Cisco Systems, Inc.\nAll rights reserved.\nSSL VPN Service\nwsConvertPptResponse\n<input id=\"txtUserName\" class=\"txt-input\" type=\"text\" name=\"userName\" value=\"\" />\n<input id=\"txtPassword\" class=\"txt-input\" type=\"password\" name=\"password\" value=\"\" />\n<button id=\"btnLogin\" lc=\"html\" lk=\"IDCS_LOGIN_NBSP\">\n<span lc=\"html\" lk=\"IDCS_BS_PLUGIN_DOWNLOAD\" style=\"line-height: 30px; vertical-align: top;\"></span>\n<script src=\"../Scripts/login.htm.js?v={JS_CSS_V}\" type=\"text/javascript\"></script>\n<LegacyDN>eD2bxe4</LegacyDN>\n<title class=\"_ctxstxt_NetscalerGateway\">\nSAML Assertion verification failed; Please contact your administrator\nv=2b46554c087d2d5516559e9b8bc1875d\n/vpn/images/AccessGateway.ico\nframe-busting\n/vpn/js/logout_view.js?v=\n_ctxstxt_NetscalerAAA\nlib.min20200813.js\n401 Unauthorized Basic realm=\nsName='1';onTest(this);\nvar passadm = \"admin\";\nOPMODE_BRIDGE\ndocument.all.cmd_result\n<input id=\"key\" type=\"text\" style=\"width: 200px\" value=\"02108CB9-2200D5A4\">\n<input id=\"date\" type=\"text\" style=\"width: 200px\" value=\"12/25/2023\">\nmain page cgi-bin/login.cgi\nvar sessionKey='030ff030ff88';\nloc += '&sessionKey=19dec20030ff8dcb2';\n}\n\nvar code = 'location=\"' + loc + '\"';\n\nPassword change successful\nJ2100N GPON ONT\n/cgi-bin/webui/admin\nsesskey\nname=admin pass=123 priv=ppp\nservice=www.dlinkddns.com\nsysCmdType\nContent-Type: auth/request\n\n\nContent-Type: command/reply\n\nReply-Text: +OK accepted\n\n\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)\n007b2000-007c1000 rw-p 00000000 00:00 0\nSize:                 60 kB\nRss:                  52 kB\nPss:                  52 kB\nShared_Clean:          0 kB\nShared_Dirty:          0 kB\nPrivate_Clean:         0 kB\nPrivate_Dirty:        52 kB\nReferenced:           52 kB\nAnonymous:            52 kB\nAnonHugePages:         0 kB\nSwap:                  8 kB\nKernelPageSize:        4 kB\nMMUPageSize:           4 kB",
   "datamd5" : "1371f14387e493bccf7685621e15eb80",
   "datammh3" : 832317323,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "extkeyusage" : [
      "clientAuth",
      "serverAuth"
   ],
   "fingerprint" : {
      "md5" : "47b9d5c3bd10fbb98675c8068c85d8ce",
      "sha1" : "16412712b3f5f7693695c215857084bf42218101",
      "sha256" : "2a3cf31be509ebd0c0b98058149088bc997d558356169677c8851cbb302715f8"
   },
   "geolocus" : {
      "asn" : "AS45102",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "alibaba-inc.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "ALISOFT",
      "organization" : "Alibaba (US) Technology Co., Ltd.",
      "subnet" : "47.113.0.0/16"
   },
   "ip" : "47.113.230.224",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "localhost",
      "country" : "RO",
      "organization" : "UBVYDFWK",
      "organizationalunit" : "DGIEVKD"
   },
   "keyusage" : [
      "digitalSignature",
      "keyCertSign"
   ],
   "latitude" : "22.5559",
   "location" : "22.5559,114.0577",
   "longitude" : "114.0577",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Hangzhou Alibaba Advertising Co.,Ltd.",
   "os" : "Linux",
   "osdistribution" : "sUse",
   "osvendor" : "Linux",
   "port" : 40443,
   "product" : "Squid",
   "productvendor" : "squid-cache",
   "productversion" : "3.5.27",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 4096
   },
   "reason" : "OK",
   "seen_date" : "2024-11-06",
   "serial" : "18:7e:49:03:c9:91:5a:8e",
   "signature" : {
      "algorithm" : "sha512WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subject" : {
      "commonname" : "localhost",
      "country" : "RO",
      "organization" : "UBVYDFWK",
      "organizationalunit" : "DGIEVKD"
   },
   "subnet" : "47.112.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2034-11-04T05:08:24Z",
      "notbefore" : "2024-11-04T05:08:24Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}