Cyber Defense Search Engine

datascan ctl threatlist sniffer vulnscan riskscan

1
2
3
4
...
next >

IP
3.96.212.131

Network
3.96.0.0/14

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://3.96.212.131:4444/ 200

HTTP Title
PaperCut Login

HTTP Description
PaperCut MF is a print management system. Log in to manage your print quotas, see your print history and configure your system.

HTTP Keyword(s)
print accounting print control print management print quota software

Reverse DNS
ec2-3-96-212-131.ca-central-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx

HTTP Component(s)
jQuery jQuery 3.5.1 Oracle Java

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
6602a320a278b26f544c1f7e9b11bbae

HTTP Header MD5
fa25c4eea42a342854fe45cdc0273a72

HTTP Body MD5
8c5529452ed2e5ae1d4f29e7345687a7

Favicon MD5
2b86aa50c3a66bb77ff07c42cc051dcc

Favicon MMH3
-1216248324

HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 Nov 2024 04:55:50 GMT
Server: nginx
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Cache-Control: no-cache
Set-Cookie: JSESSIONID=node0mr3n3uwfbzln8qoyk0snitow1521zeqfa8o3ot57.node0; Path=/; Secure; HttpOnly
Content-Length: 13222

<!DOCTYPE HTML>
<!-- Application: app-server -->
<!-- Page: Home -->
<!-- Generated: Mon Nov 20 12:34:06 EST 2023 -->
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/>
<title>PaperCut Login</title>
<link rel="shortcut icon" href="/images/icons3/favicon.ico" type="image/vnd.microsoft.icon"/>
<meta http-equiv="X-UA-Compatible" content="IE=Edge"/>
<meta name="description" content="PaperCut MF is a print management system. Log in to manage your print quotas, see your print history and configure your system."/>
<meta name="keywords" content="print quota, print control, print management, print accounting, software"/>
<meta name="viewport" content="width=device-width, initial-scale=0.8"/>
<link rel="stylesheet" type="text/css" href="/css/style.css?66961papercut-mf" />
<link rel="stylesheet" type="text/css" href="/css/style-override.css?66961papercut-mf" />
<link rel="stylesheet" type="text/css" href="/css/refresh.css?66961papercut-mf" />
<!--[if IE 9]><link rel="stylesheet" type="text/css" href="/css/style-ie9.css?66961papercut-mf" />
<![endif]-->
<!--[if IE 8]><link rel="stylesheet" type="text/css" href="/css/style-ie8.css?66961papercut-mf" />
<![endif]-->
<!--[if IE 7]><link rel="stylesheet" type="text/css" href="/css/style-ie7.css?66961papercut-mf" />
<![endif]-->
<!--[if IE 6]><link rel="stylesheet" type="text/css" href="/css/style-ie6.css?66961papercut-mf" />
<![endif]-->
<script type="text/javascript">var CacheParam = "66961papercut-mf";</script>
<script type="text/javascript" src="/js/jquery/jquery-3.5.1.min.js?66961papercut-mf"></script>
<script type="text/javascript" src="/js/jquery/jquery-migrate-3.3.1.min.js?66961papercut-mf"></script>
<script type="text/javascript" src="/js/jquery/config.js?66961papercut-mf"></script>
<script type="text/javascript" src="/js/lib/underscore/underscore-min.js?66961papercut-mf"></script>
<script type="text/javascript" src="/js/common.js?66961papercut-mf"></script>
<script type="text/javascript" src="/js/lib/require.js?66961papercut-mf"></script>
<script type="text/javascript" src="/js/pages/configure.js?66961papercut-mf"></script>
<script type="text/javascript" src="/js/refresh.js?66961papercut-mf"></script>
</head>

<body id="loginBody">
<script language="JavaScript" type="text/javascript"><!--

window.onload = function ()
{
document.Form0.inputUsername.focus();
document.Form0.inputUsername.select();
}

// --></script> <div class="wrap">
    <script type="text/javascript">
    insertScript('/js/pages/Home.js');
    insertScript('/js/pages/LoginPages.js');
    </script>
      <svg viewBox="0 0 280.7 198.5" class="pc-shards">
<polygon points="96.3,136.3 140.4,198.5 162.4,198.5 183.9,130.1 134.9,95.4 "/>
<polygon points="45,63.6 74.9,53 0,0 "/>
<polygon points="134.9,95.4 96.3,136.3 45,63.6 74.9,53 "/>
<polygon points="74.9,53 224.8,0 134.9,95.4 "/>
<polygon points="224.8,0 183.9,130.1 134.9,95.4 "/>
<polygon points="224.8,0 224.8,0 224.8,159 183.9,130.1 "/>
<polygon points="162.4,198.5 224.8,198.5 224.8,159 183.9,130.1 "/>
<polygon points="37.7,198.5 140.4,198.5 96.3,136.3 "/>
<polygon points="0,79.5 0,198.5 37.7,198.5 96.3,136.3 45,63.6 "/>
<polygon points="0,79.5 45,63.6 0,0 "/>
<polygon points="0,79.5 0,79.5 0,79.5 "/>
<polygon points="262.3,198.5 280.7,198.5 265.7,187.9 "/>
<polygon points="224.8,198.5 262.3,198.5 265.7,187.9 224.8,159 "/>
</svg>
<form method="post" name="Form0" action="/app" onsubmit="recordLocale()" autocomplete="off">
<input type="hidden" name="service" value="direct/1/Home/$Form"/>
<input type="hidden" name="sp" value="S0"/>
<input type="hidden" name="Form0" value="$Hidden$0,$Hidden$1,inputUsername,inputPassword,$Submit$0,$PropertySelection"/>
<input type="hidden" name="$Hidden$0" id="javascript-enabled" value="F"/>
<input type="hidden" name="$Hidden$1" value="X"/>
 <div class="login" role="main">
      <div class="box">
        <table class="box-table" title="Login" role="presentation">
          <tr role="row">
            <th class="box-nw" aria-label="No value" role="columnheader" scope="col"></th>
            <th class="box-n" aria-label="No value" role="columnheader" scope="col"></th>
            <th class="box-ne" aria-label="No value" role="columnheader" scope="col"></th>
          </tr>
          <tr role="row">
            <td class="box-w"></td>
            <td class="box-content">

              <div id="login">
 <h1><img alt="PaperCut Logo" src="/custom/login-logo.png?1667504163324" class="logo"></img></h1>

 <h1 id="papercut-user-login-title">Log in</h1>
 <table style="margin-bottom:5px;" title="Username and Password" role="presentation">
                        <tbody>
                          <tr role="row">
                            <th role="rowheader"><label for="inputUsername">Username</label></th>
                            <td><input type="text" name="inputUsername" autocorrect="off" maxlength="50" aria-describedby="login-feedback-message" style="width: 150px;" id="inputUsername" autocapitalize="off" class="field"/></td>
                          </tr>
                          <tr role="row">
                            <th role="rowheader"><label for="inputPassword">Password</label></th>
                            <td><input type="password" name="inputPassword" style="width: 150px;" id="inputPassword" class="field" aria-describedby="login-feedback-message"/></td>
                          </tr>
                        </tbody>
                      </table>


                    <div id="login-feedback-message">



 </div>
<input type="submit" name="$Submit$0" value="Log in" class="loginSubmit" aria-describedby="login-feedback-message"/>



<a href="/app?service=direct/1/Home/oAuth2LoginSuccess" style="display:none" class="btn secondary google">Sign in with Google</a>
<a href="/app?service=direct/1/Home/oAuth2LoginCancel" style="display:none" class="btn secondary microsoft">Sign in with Microsoft</a>
 <a style="display:block; margin-top: 10px;" id="forgot-link" href="/app?service=external/ForgotLoginDetails">
Forgot username or password?</a>

 </div>


            </td>
            <td class="box-e"></td>
          </tr>
          <tr role="row">
            <td class="box-sw"></td>
            <td class="box-s"></td>
            <td class="box-se"></td>
          </tr>
        </table>
      </div>
 <div class="language-box">
          <p id="language-select-text">Language Select</p>
          <svg width="24" height="24" viewBox="50 1777 24 24" class="global" alt="Globe Language Icon">
                <path fill="gray" d="M62,1777c-6.627,0-12,5.373-12,12s5.373,12,12,12s12-5.373,12-12S68.627,1777,62,1777z M58.129,1780.116
        c-0.665,0.732-1.359,1.699-1.925,2.94h-1.833C55.355,1781.79,56.643,1780.771,58.129,1780.116z M53.217,1784.957h2.304
        c-0.251,0.918-0.417,1.954-0.481,3.1h-2.664C52.48,1786.959,52.775,1785.918,53.217,1784.957z M53.236,1793.057
        c-0.447-0.96-0.749-2.001-0.859-3.1h2.662c0.064,1.146,0.23,2.182,0.481,3.1H53.236z M54.401,1794.957h1.803
        c0.549,1.204,1.218,2.146,1.865,2.87C56.624,1797.179,55.369,1796.188,54.401,1794.957z M61.05,1798.054
        c-0.541-0.34-1.814-1.283-2.828-3.097h2.828V1798.054z M61.05,1793.057h-3.645c-0.288-0.893-0.493-1.921-0.566-3.1h4.211V1793.057z
         M61.05,1788.057h-4.211c0.073-1.179,0.278-2.207,0.566-3.1h3.645V1788.057z M61.05,1783.057h-2.828
        c1.014-1.813,2.287-2.757,2.828-3.097V1783.057z M70.823,1784.957c0.441,0.961,0.736,2.002,0.842,3.1h-2.704
        c-0.064-1.146-0.23-2.182-0.481-3.1H70.823z M69.669,1783.057h-1.873c-0.574-1.259-1.279-2.237-1.953-2.974
        C67.358,1780.736,68.669,1781.77,69.669,1783.057z M62.95,1779.96c0.541,0.34,1.814,1.283,2.828,3.097H62.95V1779.96z
         M62.95,1784.957h3.645c0.288,0.893,0.493,1.921,0.566,3.1H62.95V1784.957z M62.95,1789.957h4.211
        c-0.073,1.179-0.278,2.207-0.566,3.1H62.95V1789.957z M62.95,1798.055v-3.098h2.828
        C64.764,1796.772,63.488,1797.716,62.95,1798.055z M65.902,1797.86c0.656-0.729,1.337-1.682,1.894-2.903h1.843
        C68.656,1796.208,67.376,1797.213,65.902,1797.86z M70.804,1793.057h-2.324c0.251-0.918,0.417-1.954,0.481-3.1h2.702
        C71.553,1791.056,71.251,1792.097,70.804,1793.057z"/>
          </svg>
<select name="$PropertySelection" alt="Select language" role="listbox" id="language" aria-label="Select language">
<option value="en" selected="selected">English</option>
<option value="ca">catal&#224;</option>
<option value="zh_CN">&#20013;&#25991; (&#20013;&#22269;)</option>
<option value="zh_HK">&#20013;&#25991; (&#39321;&#28207;)</option>
<option value="zh_TW">&#20013;&#25991; (&#21488;&#28771;)</option>
<option value="hr">hrvatski</option>
<option value="cs">&#269;e&#353;tina</option>
<option value="da">Dansk</option>
<option value="nl">Nederlands</option>
<option value="fi">suomi</option>
<option value="fr">fran&#231;ais</option>
<option value="de">Deutsch</option>
<option value="iw">&#1506;&#1489;&#1512;&#1497;&#1514;</option>
<option value="hu">magyar</option>
<option value="it">italiano</option>
<option value="ja">&#26085;&#26412;&#35486;</option>
<option value="ko">&#54620;&#44397;&#50612;</option>
<option value="lv">Latvie&#353;u</option>
<option value="lt">Lietuvi&#371;</option>
<option value="no">norsk</option>
<option value="pl">polski</option>
<option value="pt">portugu&#234;s (Brasil)</option>
<option value="pt_PT">portugu&#234;s (Portugal)</option>
<option value="ru">&#1088;&#1091;&#1089;&#1089;&#1082;&#1080;&#1081;</option>
<option value="sr">&#1057;&#1088;&#1087;&#1089;&#1082;&#1080;</option>
<option value="sk">Sloven&#269;ina</option>
<option value="sl">Sloven&#353;&#269;ina</option>
<option value="es">espa&#241;ol</option>
<option value="es_ES">espa&#241;ol (Espa&#241;a)</option>
<option value="sv">svenska</option>
<option value="th_TH">&#3652;&#3607;&#3618; (&#3611;&#3619;&#3632;&#3648;&#3607;&#3624;&#3652;&#3607;&#3618;)</option>
<option value="tr">T&#252;rk&#231;e</option>
<option value="cy_GB">Welsh (United Kingdom)</option>
</select> </div>
 <script>
            let languageOptions = document.getElementById("language").children;
            for (let languageOption of languageOptions)
            {
                let lang = languageOption.getAttribute("value");
                if (lang.includes("_")) lang = lang.substr(0, lang.indexOf("_")); // to remove region if specified
                languageOption.setAttribute("lang", lang);
            }
        </script>
<span data-background-uri="/images/login-bg.jpg?66961papercut-mf" data-background-selection="COLOR" data-background-color="#FFFFFF" id="loginCustomization" data-button-color="#01B256" data-forgot-link-text=""></span> <!-- The license has expired!  -->
 </div>
</form>

 <div id="footer" style="position:absolute; bottom: 0px; left: 0px; right: 0px; width: 100%;">
 <div class="product-details">
    <div class="logo"><img src="/images/footer-logo2.png?66961papercut-mf" border="0"/></div>

    <div class="text">
<span class="product"><a href="https://www.papercut.com/products/mf/?clicked=app-footer">PaperCut MF</a></span>

 <div>
Print Management Software</div>
 <!-- analytic purpose -->
<span class="analytic-license-expiry-date" style="display:none"></span>
<span class="analytic-product-build-number" style="display:none">66961</span>
<span class="analytic-product-version" style="display:none">22.1.3</span>
<span class="analytic-product" style="display:none">PaperCut MF</span>
<span class="analytic-product-edition" style="display:none">MF</span> <div class="copyright">
        &copy; Copyright 1999-2023. PaperCut Software Pty Ltd. All rights reserved. </div>
    </div>
  </div>
 </div>
 </div>
  <script language="JavaScript" type="text/javascript">
  var oldonload = window.onload;
  if (typeof window.onload != 'function') {
    window.onload = applyLoginCustomization;
  } else {
    window.onload = function () {
      if (oldonload) {
        oldonload();
      }
        applyLoginCustomization();
    }
  }

  /*
   Apply login customization
   */
  function applyLoginCustomization() {
      var loginCustomization = $("#loginCustomization");
      if (loginCustomization.attr("data-background-selection") == 'IMAGE') {
          loadBackground(loginCustomization.attr("data-background-uri"));
      } else {
          $('#loginBody').find('.wrap').css('background-color', loginCustomization.attr("data-background-color"))
                  .css('background-image', 'none');
      }
      if (loginCustomization.attr("data-button-color") != "") {
          $('#loginBody input[type="submit"].loginSubmit').removeClass('loginSubmit')
                  .css('background-color', loginCustomization.attr("data-button-color"))
                  .css('border-color', loginCustomization.attr("data-button-color"));
      }
      if (loginCustomization.attr("data-forgot-link-text") != "") {
          $('a#forgot-link').text(loginCustomization.attr("data-forgot-link-text"));
      }
  }

  function recordLocale() {
      var languageElement = document.getElementById("language");
      if (languageElement) {
          document.cookie = "ui.locale=" + languageElement.value;
      }
  }
  </script>
</body>
</html>
<!-- Render time: ~ 20 ms -->

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:45:48.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "papercut.com"
         ],
         "hostname" : [
            "www.papercut.com"
         ],
         "url" : [
            "https://www.papercut.com/products/mf/?clicked=app-footer"
         ]
      },
      "favicon" : {
         "image" : "AAABAAIAEBAQAAAAAAAoAQAAJgAAACAgEAAAAAAA6AIAAE4BAAAoAAAAEAAAACAAAAABAAQAAAAAAIAAAAAAAAAAAAAAABAAAAAQAAAAAAAAAAAAgAAAgAAAAICAAIAAAACAAIAAgIAAAICAgADAwMAAAAD/AAD/AAAA//8A/wAAAP8A/wD//wAA////AAAAAAAAAAAAAABERERERAAABEREREREAABERAAAAAAAAERAAAAAAAAEREAAAAAAAAREREREREQABERERERERAAEREAAAAAAAAREQAAAAAAAAEREAAAAAAAARERAAAAAAAAEREREREQAAAAERERERAAAAAAAAAAAAAAAAAAAAAAA//8AAPADAADgAwAAw/8AAMf/AACH/wAAgAMAAIADAACH/wAAh/8AAMP/AADB/wAA4AMAAPgDAAD//wAA//8AACgAAAAgAAAAQAAAAAEABAAAAAAAAAIAAAAAAAAAAAAAEAAAABAAAAAAAAAAAACAAACAAAAAgIAAgAAAAIAAgACAgAAAgICAAMDAwAAAAP8AAP8AAAD//wD/AAAA/wD/AP//AAD///8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEREREREREREQAAAAAAAAEREREREREREREAAAAAAAERERERERERERERAAAAAAAREREREREREREREQAAAAABEREREREREREREREAAAAAAREREREAAAAAAAAAAAAAABEREREQAAAAAAAAAAAAAAARERERAAAAAAAAAAAAAAAAEREREAAAAAAAAAAAAAAAARERERAAAAAAAAAAAAAAAAEREREQAAAAAAAAAAAAAAABERERERERERERERERAAAAAREREREREREREREREQAAAAEREREREREREREREREAAAABERERERERERERERERAAAAAREREREREREREREREQAAAAEREREQAAAAAAAAAAAAAAAAEREREAAAAAAAAAAAAAAAABEREREAAAAAAAAAAAAAAAAREREREAAAAAAAAAAAAAAAAREREREAAAAAAAAAAAAAAAAREREREREREREREQAAAAAAEREREREREREREREAAAAAAAERERERERERERERAAAAAAAAAREREREREREREQAAAAAAAAABEREREREREREAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////////4AAP/4AAD/4AAA/8AAAP+AAAD/gD///wB///8A////Af///gH///4B///+AAAA/gAAAP4AAAD+AAAA/gAAAP4B////Af///wD///8Af///gD///8AAAP/AAAD/4AAA//gAAP/+AAD////////////////w==",
         "imagemd5" : "2b86aa50c3a66bb77ff07c42cc051dcc",
         "imagemmh3" : -1216248324,
         "length" : 1078,
         "url" : "/favicon.ico"
      },
      "http" : {
         "bodymd5" : "8c5529452ed2e5ae1d4f29e7345687a7",
         "bodymmh3" : -856371065,
         "component" : [
            {
               "product" : "Java",
               "productvendor" : "Oracle"
            },
            {
               "product" : "jQuery",
               "productversion" : "3.5.1",
               "productvendor" : "jQuery"
            }
         ],
         "description" : "PaperCut MF is a print management system. Log in to manage your print quotas, see your print history and configure your system.",
         "headermd5" : "fa25c4eea42a342854fe45cdc0273a72",
         "headermmh3" : 1165718389,
         "keywords" : [
            "print accounting",
            "print control",
            "print management",
            "print quota",
            "software"
         ],
         "title" : "PaperCut Login"
      },
      "length" : 13610
   },
   "asn" : "AS16509",
   "city" : "Montreal",
   "country" : "CA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 04:55:50 GMT\r\nServer: nginx\r\nContent-Type: text/html\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1\r\nExpires: Thu, 01 Jan 1970 00:00:00 UTC\r\nCache-Control: no-cache\r\nSet-Cookie: JSESSIONID=node0mr3n3uwfbzln8qoyk0snitow1521zeqfa8o3ot57.node0; Path=/; Secure; HttpOnly\r\nContent-Length: 13222\r\n\r\n<!DOCTYPE HTML>\n<!-- Application: app-server -->\n<!-- Page: Home -->\n<!-- Generated: Mon Nov 20 12:34:06 EST 2023 -->\n<html lang=\"en\">\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html;charset=UTF-8\"/>\n<title>PaperCut Login</title>\n<link rel=\"shortcut icon\" href=\"/images/icons3/favicon.ico\" type=\"image/vnd.microsoft.icon\"/>\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=Edge\"/>\n<meta name=\"description\" content=\"PaperCut MF is a print management system. Log in to manage your print quotas, see your print history and configure your system.\"/>\n<meta name=\"keywords\" content=\"print quota, print control, print management, print accounting, software\"/>\n<meta name=\"viewport\" content=\"width=device-width, initial-scale=0.8\"/>\n<link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style.css?66961papercut-mf\" />\n<link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style-override.css?66961papercut-mf\" />\n<link rel=\"stylesheet\" type=\"text/css\" href=\"/css/refresh.css?66961papercut-mf\" />\n<!--[if IE 9]><link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style-ie9.css?66961papercut-mf\" />\n<![endif]-->\n<!--[if IE 8]><link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style-ie8.css?66961papercut-mf\" />\n<![endif]-->\n<!--[if IE 7]><link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style-ie7.css?66961papercut-mf\" />\n<![endif]-->\n<!--[if IE 6]><link rel=\"stylesheet\" type=\"text/css\" href=\"/css/style-ie6.css?66961papercut-mf\" />\n<![endif]-->\n<script type=\"text/javascript\">var CacheParam = \"66961papercut-mf\";</script>\n<script type=\"text/javascript\" src=\"/js/jquery/jquery-3.5.1.min.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/jquery/jquery-migrate-3.3.1.min.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/jquery/config.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/lib/underscore/underscore-min.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/common.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/lib/require.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/pages/configure.js?66961papercut-mf\"></script>\n<script type=\"text/javascript\" src=\"/js/refresh.js?66961papercut-mf\"></script>\n</head>\n\n<body id=\"loginBody\">\n<script language=\"JavaScript\" type=\"text/javascript\"><!--\n\nwindow.onload = function ()\n{\ndocument.Form0.inputUsername.focus();\ndocument.Form0.inputUsername.select();\n}\n\n// --></script> <div class=\"wrap\">\n    <script type=\"text/javascript\">\n    insertScript('/js/pages/Home.js');\n    insertScript('/js/pages/LoginPages.js');\n    </script>\n      <svg viewBox=\"0 0 280.7 198.5\" class=\"pc-shards\">\n<polygon points=\"96.3,136.3 140.4,198.5 162.4,198.5 183.9,130.1 134.9,95.4 \"/>\n<polygon points=\"45,63.6 74.9,53 0,0 \"/>\n<polygon points=\"134.9,95.4 96.3,136.3 45,63.6 74.9,53 \"/>\n<polygon points=\"74.9,53 224.8,0 134.9,95.4 \"/>\n<polygon points=\"224.8,0 183.9,130.1 134.9,95.4 \"/>\n<polygon points=\"224.8,0 224.8,0 224.8,159 183.9,130.1 \"/>\n<polygon points=\"162.4,198.5 224.8,198.5 224.8,159 183.9,130.1 \"/>\n<polygon points=\"37.7,198.5 140.4,198.5 96.3,136.3 \"/>\n<polygon points=\"0,79.5 0,198.5 37.7,198.5 96.3,136.3 45,63.6 \"/>\n<polygon points=\"0,79.5 45,63.6 0,0 \"/>\n<polygon points=\"0,79.5 0,79.5 0,79.5 \"/>\n<polygon points=\"262.3,198.5 280.7,198.5 265.7,187.9 \"/>\n<polygon points=\"224.8,198.5 262.3,198.5 265.7,187.9 224.8,159 \"/>\n</svg>\n<form method=\"post\" name=\"Form0\" action=\"/app\" onsubmit=\"recordLocale()\" autocomplete=\"off\">\n<input type=\"hidden\" name=\"service\" value=\"direct/1/Home/$Form\"/>\n<input type=\"hidden\" name=\"sp\" value=\"S0\"/>\n<input type=\"hidden\" name=\"Form0\" value=\"$Hidden$0,$Hidden$1,inputUsername,inputPassword,$Submit$0,$PropertySelection\"/>\n<input type=\"hidden\" name=\"$Hidden$0\" id=\"javascript-enabled\" value=\"F\"/>\n<input type=\"hidden\" name=\"$Hidden$1\" value=\"X\"/>\n <div class=\"login\" role=\"main\">\n      <div class=\"box\">\n        <table class=\"box-table\" title=\"Login\" role=\"presentation\">\n          <tr role=\"row\">\n            <th class=\"box-nw\" aria-label=\"No value\" role=\"columnheader\" scope=\"col\"></th>\n            <th class=\"box-n\" aria-label=\"No value\" role=\"columnheader\" scope=\"col\"></th>\n            <th class=\"box-ne\" aria-label=\"No value\" role=\"columnheader\" scope=\"col\"></th>\n          </tr>\n          <tr role=\"row\">\n            <td class=\"box-w\"></td>\n            <td class=\"box-content\">\n\n              <div id=\"login\">\n <h1><img alt=\"PaperCut Logo\" src=\"/custom/login-logo.png?1667504163324\" class=\"logo\"></img></h1>\n\n <h1 id=\"papercut-user-login-title\">Log in</h1>\n <table style=\"margin-bottom:5px;\" title=\"Username and Password\" role=\"presentation\">\n                        <tbody>\n                          <tr role=\"row\">\n                            <th role=\"rowheader\"><label for=\"inputUsername\">Username</label></th>\n                            <td><input type=\"text\" name=\"inputUsername\" autocorrect=\"off\" maxlength=\"50\" aria-describedby=\"login-feedback-message\" style=\"width: 150px;\" id=\"inputUsername\" autocapitalize=\"off\" class=\"field\"/></td>\n                          </tr>\n                          <tr role=\"row\">\n                            <th role=\"rowheader\"><label for=\"inputPassword\">Password</label></th>\n                            <td><input type=\"password\" name=\"inputPassword\" style=\"width: 150px;\" id=\"inputPassword\" class=\"field\" aria-describedby=\"login-feedback-message\"/></td>\n                          </tr>\n                        </tbody>\n                      </table>\n\n\n                    <div id=\"login-feedback-message\">\n\n\n\n </div>\n<input type=\"submit\" name=\"$Submit$0\" value=\"Log in\" class=\"loginSubmit\" aria-describedby=\"login-feedback-message\"/>\n\n\n\n<a href=\"/app?service=direct/1/Home/oAuth2LoginSuccess\" style=\"display:none\" class=\"btn secondary google\">Sign in with Google</a>\n<a href=\"/app?service=direct/1/Home/oAuth2LoginCancel\" style=\"display:none\" class=\"btn secondary microsoft\">Sign in with Microsoft</a>\n <a style=\"display:block; margin-top: 10px;\" id=\"forgot-link\" href=\"/app?service=external/ForgotLoginDetails\">\nForgot username or password?</a>\n\n </div>\n\n\n            </td>\n            <td class=\"box-e\"></td>\n          </tr>\n          <tr role=\"row\">\n            <td class=\"box-sw\"></td>\n            <td class=\"box-s\"></td>\n            <td class=\"box-se\"></td>\n          </tr>\n        </table>\n      </div>\n <div class=\"language-box\">\n          <p id=\"language-select-text\">Language Select</p>\n          <svg width=\"24\" height=\"24\" viewBox=\"50 1777 24 24\" class=\"global\" alt=\"Globe Language Icon\">\n                <path fill=\"gray\" d=\"M62,1777c-6.627,0-12,5.373-12,12s5.373,12,12,12s12-5.373,12-12S68.627,1777,62,1777z M58.129,1780.116\n        c-0.665,0.732-1.359,1.699-1.925,2.94h-1.833C55.355,1781.79,56.643,1780.771,58.129,1780.116z M53.217,1784.957h2.304\n        c-0.251,0.918-0.417,1.954-0.481,3.1h-2.664C52.48,1786.959,52.775,1785.918,53.217,1784.957z M53.236,1793.057\n        c-0.447-0.96-0.749-2.001-0.859-3.1h2.662c0.064,1.146,0.23,2.182,0.481,3.1H53.236z M54.401,1794.957h1.803\n        c0.549,1.204,1.218,2.146,1.865,2.87C56.624,1797.179,55.369,1796.188,54.401,1794.957z M61.05,1798.054\n        c-0.541-0.34-1.814-1.283-2.828-3.097h2.828V1798.054z M61.05,1793.057h-3.645c-0.288-0.893-0.493-1.921-0.566-3.1h4.211V1793.057z\n         M61.05,1788.057h-4.211c0.073-1.179,0.278-2.207,0.566-3.1h3.645V1788.057z M61.05,1783.057h-2.828\n        c1.014-1.813,2.287-2.757,2.828-3.097V1783.057z M70.823,1784.957c0.441,0.961,0.736,2.002,0.842,3.1h-2.704\n        c-0.064-1.146-0.23-2.182-0.481-3.1H70.823z M69.669,1783.057h-1.873c-0.574-1.259-1.279-2.237-1.953-2.974\n        C67.358,1780.736,68.669,1781.77,69.669,1783.057z M62.95,1779.96c0.541,0.34,1.814,1.283,2.828,3.097H62.95V1779.96z\n         M62.95,1784.957h3.645c0.288,0.893,0.493,1.921,0.566,3.1H62.95V1784.957z M62.95,1789.957h4.211\n        c-0.073,1.179-0.278,2.207-0.566,3.1H62.95V1789.957z M62.95,1798.055v-3.098h2.828\n        C64.764,1796.772,63.488,1797.716,62.95,1798.055z M65.902,1797.86c0.656-0.729,1.337-1.682,1.894-2.903h1.843\n        C68.656,1796.208,67.376,1797.213,65.902,1797.86z M70.804,1793.057h-2.324c0.251-0.918,0.417-1.954,0.481-3.1h2.702\n        C71.553,1791.056,71.251,1792.097,70.804,1793.057z\"/>\n          </svg>\n<select name=\"$PropertySelection\" alt=\"Select language\" role=\"listbox\" id=\"language\" aria-label=\"Select language\">\n<option value=\"en\" selected=\"selected\">English</option>\n<option value=\"ca\">catal&#224;</option>\n<option value=\"zh_CN\">&#20013;&#25991; (&#20013;&#22269;)</option>\n<option value=\"zh_HK\">&#20013;&#25991; (&#39321;&#28207;)</option>\n<option value=\"zh_TW\">&#20013;&#25991; (&#21488;&#28771;)</option>\n<option value=\"hr\">hrvatski</option>\n<option value=\"cs\">&#269;e&#353;tina</option>\n<option value=\"da\">Dansk</option>\n<option value=\"nl\">Nederlands</option>\n<option value=\"fi\">suomi</option>\n<option value=\"fr\">fran&#231;ais</option>\n<option value=\"de\">Deutsch</option>\n<option value=\"iw\">&#1506;&#1489;&#1512;&#1497;&#1514;</option>\n<option value=\"hu\">magyar</option>\n<option value=\"it\">italiano</option>\n<option value=\"ja\">&#26085;&#26412;&#35486;</option>\n<option value=\"ko\">&#54620;&#44397;&#50612;</option>\n<option value=\"lv\">Latvie&#353;u</option>\n<option value=\"lt\">Lietuvi&#371;</option>\n<option value=\"no\">norsk</option>\n<option value=\"pl\">polski</option>\n<option value=\"pt\">portugu&#234;s (Brasil)</option>\n<option value=\"pt_PT\">portugu&#234;s (Portugal)</option>\n<option value=\"ru\">&#1088;&#1091;&#1089;&#1089;&#1082;&#1080;&#1081;</option>\n<option value=\"sr\">&#1057;&#1088;&#1087;&#1089;&#1082;&#1080;</option>\n<option value=\"sk\">Sloven&#269;ina</option>\n<option value=\"sl\">Sloven&#353;&#269;ina</option>\n<option value=\"es\">espa&#241;ol</option>\n<option value=\"es_ES\">espa&#241;ol (Espa&#241;a)</option>\n<option value=\"sv\">svenska</option>\n<option value=\"th_TH\">&#3652;&#3607;&#3618; (&#3611;&#3619;&#3632;&#3648;&#3607;&#3624;&#3652;&#3607;&#3618;)</option>\n<option value=\"tr\">T&#252;rk&#231;e</option>\n<option value=\"cy_GB\">Welsh (United Kingdom)</option>\n</select> </div>\n <script>\n            let languageOptions = document.getElementById(\"language\").children;\n            for (let languageOption of languageOptions)\n            {\n                let lang = languageOption.getAttribute(\"value\");\n                if (lang.includes(\"_\")) lang = lang.substr(0, lang.indexOf(\"_\")); // to remove region if specified\n                languageOption.setAttribute(\"lang\", lang);\n            }\n        </script>\n<span data-background-uri=\"/images/login-bg.jpg?66961papercut-mf\" data-background-selection=\"COLOR\" data-background-color=\"#FFFFFF\" id=\"loginCustomization\" data-button-color=\"#01B256\" data-forgot-link-text=\"\"></span> <!-- The license has expired!  -->\n </div>\n</form>\n\n <div id=\"footer\" style=\"position:absolute; bottom: 0px; left: 0px; right: 0px; width: 100%;\">\n <div class=\"product-details\">\n    <div class=\"logo\"><img src=\"/images/footer-logo2.png?66961papercut-mf\" border=\"0\"/></div>\n\n    <div class=\"text\">\n<span class=\"product\"><a href=\"https://www.papercut.com/products/mf/?clicked=app-footer\">PaperCut MF</a></span>\n\n <div>\nPrint Management Software</div>\n <!-- analytic purpose -->\n<span class=\"analytic-license-expiry-date\" style=\"display:none\"></span>\n<span class=\"analytic-product-build-number\" style=\"display:none\">66961</span>\n<span class=\"analytic-product-version\" style=\"display:none\">22.1.3</span>\n<span class=\"analytic-product\" style=\"display:none\">PaperCut MF</span>\n<span class=\"analytic-product-edition\" style=\"display:none\">MF</span> <div class=\"copyright\">\n        &copy; Copyright 1999-2023. PaperCut Software Pty Ltd. All rights reserved. </div>\n    </div>\n  </div>\n </div>\n </div>\n  <script language=\"JavaScript\" type=\"text/javascript\">\n  var oldonload = window.onload;\n  if (typeof window.onload != 'function') {\n    window.onload = applyLoginCustomization;\n  } else {\n    window.onload = function () {\n      if (oldonload) {\n        oldonload();\n      }\n        applyLoginCustomization();\n    }\n  }\n\n  /*\n   Apply login customization\n   */\n  function applyLoginCustomization() {\n      var loginCustomization = $(\"#loginCustomization\");\n      if (loginCustomization.attr(\"data-background-selection\") == 'IMAGE') {\n          loadBackground(loginCustomization.attr(\"data-background-uri\"));\n      } else {\n          $('#loginBody').find('.wrap').css('background-color', loginCustomization.attr(\"data-background-color\"))\n                  .css('background-image', 'none');\n      }\n      if (loginCustomization.attr(\"data-button-color\") != \"\") {\n          $('#loginBody input[type=\"submit\"].loginSubmit').removeClass('loginSubmit')\n                  .css('background-color', loginCustomization.attr(\"data-button-color\"))\n                  .css('border-color', loginCustomization.attr(\"data-button-color\"));\n      }\n      if (loginCustomization.attr(\"data-forgot-link-text\") != \"\") {\n          $('a#forgot-link').text(loginCustomization.attr(\"data-forgot-link-text\"));\n      }\n  }\n\n  function recordLocale() {\n      var languageElement = document.getElementById(\"language\");\n      if (languageElement) {\n          document.cookie = \"ui.locale=\" + languageElement.value;\n      }\n  }\n  </script>\n</body>\n</html>\n<!-- Render time: ~ 20 ms -->\n\n\n",
   "datamd5" : "6602a320a278b26f544c1f7e9b11bbae",
   "datammh3" : 1404482669,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "CA",
      "countryname" : "Canada",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "56.130366",
      "location" : "56.130366,-106.346771",
      "longitude" : "-106.346771",
      "netname" : "AMAZON-YUL",
      "organization" : "Amazon Data Services Canada",
      "subnet" : "3.96.0.0/14"
   },
   "host" : [
      "ec2-3-96-212-131"
   ],
   "hostname" : [
      "ec2-3-96-212-131.ca-central-1.compute.amazonaws.com"
   ],
   "ip" : "3.96.212.131",
   "ipv6" : "false",
   "latitude" : "45.5075",
   "location" : "45.5075,-73.5887",
   "longitude" : "-73.5887",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4444,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-3-96-212-131.ca-central-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "ca-central-1.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "3.96.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
172.233.15.100

Network
172.233.0.0/16

Domain(s)
linodeusercontent.com

Device

<enterprise field>: device.class <enterprise field>: device.productvendor

Operating System
Microsoft Windows

URL

http://172.233.15.100:4444/ 200

Reverse DNS
172-233-15-100.ip.linodeusercontent.com

ASN
AS63949

Organization
Akamai Connected Cloud

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Cisco CcspCwmpTcpCR 1.0

HTTP Component(s)
Python Python 3.8.2 MatrixSSL MatrixSSL 3.1.3 Jenkins Jenkins 2.121.3

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
08e0a7daf9bec8b451acadc26b056809

HTTP Header MD5
10bbf2d0d8a5bd6d9cf4b8cf9fbb08bf

HTTP Body MD5
7215ee9c7d9dc229d2921a40e899ec5f

HTTP/1.1 200 OK
content-type: text/html;charset=UTF-8
content-length: 1
server: Cisco-CcspCwmpTcpCR/1.0 WildFly/8 OpenCms/11.0.2 waitress Ruijie Servrer Easy-html RomPager/4.07 UPnP/1.0 infosec/1.0.0 nws/1.0 nginx/0.7.64 cloudflare-nginx BigIP Virata-EmWeb/R6_0_1 squid/4.13-VCS HFS 2.1 beta17 JAWS/1.0 Sep 30 2016 mORMot (Windows) Microsoft-HTTPAPI/2.0 WebServer uhttpd/1.0.0 Nexus/3.0.1-01 (OSS) openresty/1.15.8.2 Jetty(6.1.26.hwx) Boa/0.94.14rc21 Resin/3.1.12 TornadoServer/6.0.3 cPanel Mongoose/6.11 Abyss/2.7.0.0-X1-Win32 AbyssLib/2.7.0.0 HFS 2.4rc2 CherryPy/8.6.0 X-Web FlowWeb/1.4.28 Apache/1.3.31 (Unix) TR069 client TCP connection request Server Boa/0.93.15 Abyss/2.8.0.5-X2/B2-Win32 AbyssLib/2.8.0.1 KWS-1043N-Svr router webs t1-httpd/1.4.43 JAWS/1.0 Apr  8 2014 nginx/1.9.9 mini_httpd B&R Web Server  Ver. {2-250416-25} BlueServer/5.1.0.4 hmhttpd/1.24-20160808 MochiWeb/1.0 (Any of you quaids got a smint?) SDK 4.2.0.0 UPnP/1.0 MiniUPnPd/1.6  Microsoft-IIS/7.0 Gnway Web Server IST OIS Prometheus Streamer 21.10 tr069 http server Linux UPnP/1.0 Huawei-ATP-IGD Astra AR Varnish SY8045 Mini web server 1.0 ZTE corp 2005. LOS HTTP Server 1.0 INTELEKTRON WEB SERVER WindRiver-WebServer/4.7 Netwave IP Camera PRTG/19.4.52.3515 iSpy Werkzeug/1.0.1 Python/3.8.2 Titan Httpd/1.0 mginx huohuo Web Server/2.1.0 PeerSec-MatrixSSL/3.1.3-OPEN Niagara Web Server/3.8.111 Rumpus Wildfly 8 Mathopd/1.5p6 WebServer/1.2.0 Jetty(6.1.26) app07 Apache Intoto Http Server v1.0 webs/ openresty/1.9.15.1 Kerio Connect 7.0.1 Sun GlassFish Enterprise Server v2.1 tsbox CloudFront Citrix Web PN Server Boa/0.94.13 Tengine/2.3.2 Httpd Docker/17.03.0-ce (linux) ZTE web server 1.0 ZTE corp 2015. Tengine/2.1.2 FC03-HTTPS lighttpd (SliTaz GNU/Linux) Niagara Web Server/1.1 SY8033 Icecast 2.4.2 Resin/4.0.58 MinIO Console gSOAP/2.8 MapbarServer CenteHTTPd/1.1 HID-Web TornadoServer/5.0.2 SEPM Router Webserver bfe/1.0.8.18 ReeCam IP Camera d7b452-d70-1255-4515-9b56f13a6dab NetBox Version 2.8 Build 4128 cloudflare Web Server 1.1 Docker/18.09.4 (linux) IceWarp/12.0.2.0 x64 SonicWALL Switch Safedog/4.0.0 Mbedthis-Appweb/2.4.2 GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.1.3-OPEN GoOryx/1.0.5 SOYAL Technology WebServer 2.0 Docker/1.11.1 (linux) Linux/2.x UPnP/1.0 Avtech/1.0 Indy/9.00.10 Tengine Ruijie Server lighttpd/1.4.28-devel-171:172M Jetty/5.1.10 (Windows Server 2008/6.1 amd64 java/1.6.0_07 TwistedWeb/20.3.0 OrientDB Server v.2.2.22 (build fb2b7d321ea8a5a5b18a82237049804aace9e3de) GoAheadWebs HTTPD 1.0 SRS/4.0.201(Leo) mongo/2.0 Resin/3.1.6 Oracle-Application-Server-11g Werkzeug/0.12.2 Python/3.6.2 Jetty(winstone-2.8) H3C-CVM	5049 httpd_gargoyle/1.0 14mar2008 jjhttpd v0.1.0 Boa/0.94.14rc20 nginx-upupw/1.8.0 David-WebBox/12.00a (1291) WIN32 ADB Broadband HTTP Server Infra911 Jetty/3.1.8 (Windows 2000 5.0 x86) HTTPD_gw 1.0 HtNanoHttpd Splunkd OS 1.0 UPnP/1.0 Realtek/V1.3 http server 1.0 thttpd/2.25b-lxc 29dec2003 w3httpd/1.0 squid/4.10 nPerf/2.2.6 2021-05-08 squid/4.13 Jetty(7.6.0.v20120127) hidden K3 swoole-http-server BarracudaHTTP 4.0 WEB SERVER Resin/4.0.36 WebServer2 demce.tk iis8.0 Check Point SVN foundation squid/3.5.25 squid/4.11 15dbd20f-7fc0-910a-349c-94a3d569e732
set-cookie: SESSID=da122263a2bd; sessionid=ff122263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext
x-cache: MISS from Hello
x-cache-lookup: MISS from Hello:8080
x-content-powered-by: K2 v2.8.0 (by JoomlaWor
x-content-type-options: nosniff
x-drupal-cache: xHIT
x-drupal-dynamic-cache: MISS
x-generator: Drupal 8 (https://www.drupal.org)
x-jenkins: 2.121.3
x-jenkins-session: f72d6619
x-xss-protection: 1; mode=block
connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:43:40.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "drupal.org"
         ],
         "hostname" : [
            "www.drupal.org"
         ],
         "ip" : [
            "12.0.2.0",
            "1.0.8.18",
            "2.8.0.1",
            "5.1.0.4",
            "1.15.8.2",
            "4.2.0.0",
            "2.7.0.0",
            "2.8.0.5",
            "1.9.15.1"
         ],
         "url" : [
            "https://www.drupal.org"
         ]
      },
      "http" : {
         "bodymd5" : "7215ee9c7d9dc229d2921a40e899ec5f",
         "bodymmh3" : 509258457,
         "component" : [
            {
               "productvendor" : "MatrixSSL",
               "productversion" : "3.1.3",
               "product" : "MatrixSSL"
            },
            {
               "productvendor" : "Jenkins",
               "productversion" : "2.121.3",
               "product" : "Jenkins"
            },
            {
               "product" : "Python",
               "productversion" : "3.8.2",
               "productvendor" : "Python"
            }
         ],
         "headermd5" : "10bbf2d0d8a5bd6d9cf4b8cf9fbb08bf",
         "headermmh3" : -1976354551
      },
      "length" : 3646
   },
   "asn" : "AS63949",
   "city" : "S\u00e3o Paulo",
   "country" : "BR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\ncontent-type: text/html;charset=UTF-8\r\ncontent-length: 1\r\nserver: Cisco-CcspCwmpTcpCR/1.0 WildFly/8 OpenCms/11.0.2 waitress Ruijie Servrer Easy-html RomPager/4.07 UPnP/1.0 infosec/1.0.0 nws/1.0 nginx/0.7.64 cloudflare-nginx BigIP Virata-EmWeb/R6_0_1 squid/4.13-VCS HFS 2.1 beta17 JAWS/1.0 Sep 30 2016 mORMot (Windows) Microsoft-HTTPAPI/2.0 WebServer uhttpd/1.0.0 Nexus/3.0.1-01 (OSS) openresty/1.15.8.2 Jetty(6.1.26.hwx) Boa/0.94.14rc21 Resin/3.1.12 TornadoServer/6.0.3 cPanel Mongoose/6.11 Abyss/2.7.0.0-X1-Win32 AbyssLib/2.7.0.0 HFS 2.4rc2 CherryPy/8.6.0 X-Web FlowWeb/1.4.28 Apache/1.3.31 (Unix) TR069 client TCP connection request Server Boa/0.93.15 Abyss/2.8.0.5-X2/B2-Win32 AbyssLib/2.8.0.1 KWS-1043N-Svr router webs t1-httpd/1.4.43 JAWS/1.0 Apr  8 2014 nginx/1.9.9 mini_httpd B&R Web Server  Ver. {2-250416-25} BlueServer/5.1.0.4 hmhttpd/1.24-20160808 MochiWeb/1.0 (Any of you quaids got a smint?) SDK 4.2.0.0 UPnP/1.0 MiniUPnPd/1.6  Microsoft-IIS/7.0 Gnway Web Server IST OIS Prometheus Streamer 21.10 tr069 http server Linux UPnP/1.0 Huawei-ATP-IGD Astra AR Varnish SY8045 Mini web server 1.0 ZTE corp 2005. LOS HTTP Server 1.0 INTELEKTRON WEB SERVER WindRiver-WebServer/4.7 Netwave IP Camera PRTG/19.4.52.3515 iSpy Werkzeug/1.0.1 Python/3.8.2 Titan Httpd/1.0 mginx huohuo Web Server/2.1.0 PeerSec-MatrixSSL/3.1.3-OPEN Niagara Web Server/3.8.111 Rumpus Wildfly 8 Mathopd/1.5p6 WebServer/1.2.0 Jetty(6.1.26) app07 Apache Intoto Http Server v1.0 webs/ openresty/1.9.15.1 Kerio Connect 7.0.1 Sun GlassFish Enterprise Server v2.1 tsbox CloudFront Citrix Web PN Server Boa/0.94.13 Tengine/2.3.2 Httpd Docker/17.03.0-ce (linux) ZTE web server 1.0 ZTE corp 2015. Tengine/2.1.2 FC03-HTTPS lighttpd (SliTaz GNU/Linux) Niagara Web Server/1.1 SY8033 Icecast 2.4.2 Resin/4.0.58 MinIO Console gSOAP/2.8 MapbarServer CenteHTTPd/1.1 HID-Web TornadoServer/5.0.2 SEPM Router Webserver bfe/1.0.8.18 ReeCam IP Camera d7b452-d70-1255-4515-9b56f13a6dab NetBox Version 2.8 Build 4128 cloudflare Web Server 1.1 Docker/18.09.4 (linux) IceWarp/12.0.2.0 x64 SonicWALL Switch Safedog/4.0.0 Mbedthis-Appweb/2.4.2 GoAhead-Webs/2.5.0 PeerSec-MatrixSSL/3.1.3-OPEN GoOryx/1.0.5 SOYAL Technology WebServer 2.0 Docker/1.11.1 (linux) Linux/2.x UPnP/1.0 Avtech/1.0 Indy/9.00.10 Tengine Ruijie Server lighttpd/1.4.28-devel-171:172M Jetty/5.1.10 (Windows Server 2008/6.1 amd64 java/1.6.0_07 TwistedWeb/20.3.0 OrientDB Server v.2.2.22 (build fb2b7d321ea8a5a5b18a82237049804aace9e3de) GoAheadWebs HTTPD 1.0 SRS/4.0.201(Leo) mongo/2.0 Resin/3.1.6 Oracle-Application-Server-11g Werkzeug/0.12.2 Python/3.6.2 Jetty(winstone-2.8) H3C-CVM\t5049 httpd_gargoyle/1.0 14mar2008 jjhttpd v0.1.0 Boa/0.94.14rc20 nginx-upupw/1.8.0 David-WebBox/12.00a (1291) WIN32 ADB Broadband HTTP Server Infra911 Jetty/3.1.8 (Windows 2000 5.0 x86) HTTPD_gw 1.0 HtNanoHttpd Splunkd OS 1.0 UPnP/1.0 Realtek/V1.3 http server 1.0 thttpd/2.25b-lxc 29dec2003 w3httpd/1.0 squid/4.10 nPerf/2.2.6 2021-05-08 squid/4.13 Jetty(7.6.0.v20120127) hidden K3 swoole-http-server BarracudaHTTP 4.0 WEB SERVER Resin/4.0.36 WebServer2 demce.tk iis8.0 Check Point SVN foundation squid/3.5.25 squid/4.11 15dbd20f-7fc0-910a-349c-94a3d569e732\r\nset-cookie: SESSID=da122263a2bd; sessionid=ff122263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext\r\nx-cache: MISS from Hello\r\nx-cache-lookup: MISS from Hello:8080\r\nx-content-powered-by: K2 v2.8.0 (by JoomlaWor\r\nx-content-type-options: nosniff\r\nx-drupal-cache: xHIT\r\nx-drupal-dynamic-cache: MISS\r\nx-generator: Drupal 8 (https://www.drupal.org)\r\nx-jenkins: 2.121.3\r\nx-jenkins-session: f72d6619\r\nx-xss-protection: 1; mode=block\r\nconnection: close\r\n\r\n ",
   "datamd5" : "08e0a7daf9bec8b451acadc26b056809",
   "datammh3" : 823563772,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "domain" : [
      "linodeusercontent.com"
   ],
   "geolocus" : {
      "asn" : "AS63949",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "akamai.com",
         "linode.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LINODE",
      "organization" : "Linode",
      "subnet" : "172.233.0.0/19"
   },
   "host" : [
      "172-233-15-100"
   ],
   "hostname" : [
      "172-233-15-100.ip.linodeusercontent.com"
   ],
   "ip" : "172.233.15.100",
   "ipv6" : "false",
   "latitude" : "-23.5335",
   "location" : "-23.5335,-46.6359",
   "longitude" : "-46.6359",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Akamai Connected Cloud",
   "os" : "Windows",
   "osbits" : 32,
   "osvendor" : "Microsoft",
   "port" : 4444,
   "product" : "CcspCwmpTcpCR",
   "productvendor" : "Cisco",
   "productversion" : "1.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "172-233-15-100.ip.linodeusercontent.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "ip.linodeusercontent.com"
   ],
   "subnet" : "172.233.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
47.250.147.63

Network
47.250.128.0/17

Device

<enterprise field>: device.class

Operating System
Linux Linux sUse

URL

http://47.250.147.63:4444/ 200

HTTP Title
Openfire Console d'Administration: Configuration du Serveur

HTTP Keyword(s)
voip vos3000

HTTP Copyright
www.linknat.com, 昆石网络

ASN
AS45102

Organization
Alibaba US Technology Co., Ltd.

Protocol
http

Source
datascan
Operating System
Linux Linux sUse

Product
lighttpd lighttpd 1.4.51

HTTP Component(s)
Drupal Drupal 8 Gitlab Gitlab PHP PHP Jenkins Jenkins 2.121.3 Oracle Java Atlassian Confluence Varnish-Cache Varnish RedHat JBoss Community Application Server 4.0.5 SPIP SPIP 4.1.11 MobileIron Core Apache org.apache.sling.servlets.post 2.4

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
0d2072260c58e677e112cecce302efdb

HTTP Header MD5
935c676eb7d85fc12fb8e13cf4b7e17f

HTTP Body MD5
eb2e5505d2e75aef6d0c071350cfab62

HTTP/1.1 200 OK
Composed-By: SPIP 4.1.11 @ www.spip.net
Content-Length: 105407
Content-Type: text/html;charset=utf-8
Last-Modified: Fri, 29 Jul 2022 16:53:01 GMT
Loginip: <srcip>
Pragma: private
Server: lighttpd/1.4.51
Set-Cookie: JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;
Set-Cookie: grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax
Set-Cookie: PHC_DISABLED=1; path=/; secure;
Set-Cookie: NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;
Set-Cookie: RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;
Set-Cookie: sesskey=21263a2bf; path=/;
Set-Cookie: DSSignInURL=/; path=/; secure;
Set-Cookie: id=A67B8F9C;
Set-Cookie: acSamlv2Error=; path=/; secure;
Set-Cookie: TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;
Set-Cookie: PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/
Set-Cookie: SUPPORTCHROMEOS=1; path=/; secure;
Set-Cookie: USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly
Set-Cookie: Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/
Set-Cookie: sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;
Set-Cookie: rememberMe=deleteMe; path=/;
Set-Cookie: XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Fri, 14-Mar-2092 22:32:26 GMT; Path=/; HttpOnly;
Set-Cookie: CLIENT_ID=7214
X-Cache: miss
X-Cache-Lookup: MISS from Hello:8080
X-Cache-Miss-From: parking-74c5b8d946-dhmw5
X-Content-Powered-By: K2 v2.8.0 (by JoomlaWor
X-Content-Type-Options: nosniff
X-Contextid: YQo=
X-Drupal-Cache: xHIT
X-Drupal-Dynamic-Cache: MISS
X-Frame-Options: SAMEORIGIN
X-Generator: Drupal 8 (https://www.drupal.org)
X-Influxdb-Build: OSS
X-Jenkins: 2.121.3
X-Jenkins-Session: f72d6619
X-Nginx-Cache-Status: MISS
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=2006101
X-Served-By: cache-xsp21434-XSP
X-Shardid: 80
X-Varnish: 336777937
X-Xss-Protection: 1; mode=block
Date: Thu, 07 Nov 2024 05:43:12 GMT
Connection: close

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta http-equiv="Pragma" content="no-cache" />
<meta charset="utf-8">
<meta content="IE=edge" http-equiv="X-UA-Compatible">
<meta content="object" property="og:type">
<meta content="GitLab" property="og:site_name">
<meta content="Help" property="og:title">
<meta content="GitLab Community Edition" property="og:description">
<meta content="summary" property="twitter:card">
<meta content="Help" property="twitter:title">
<meta content="GitLab Community Edition" property="twitter:description">
<meta content="GitLab Community Edition" name="description">
<meta content="#474D57" name="theme-color">
<meta content="#30353E" name="msapplication-TileColor">
<meta name="csrf-param" content="authenticity_token" />
<meta name="csrf-token" content="8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cd78c639bf9be7f9dc240d27==" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta http-equiv="expires" content="-1"/>
<meta name="keywords" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/>
<meta name="author" content="www.linknat.com, 昆石网络"/>
<meta name="copyright" content="www.linknat.com, 昆石网络"/>
<meta name="generator" content="SPIP 4.1.11" />
<script src="/jquery.min.js"></script> 
<title>Openfire Console d'Administration: Configuration du Serveur</title>
</head>
<body>
<div style="display: none;">
<script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"THtoAUxH4sS9","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script>
<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last="1">fritzr</User></Users></SessionInfo>
<Account>
<Entry0 Active="Yes" username="CMCCAdmin" web_passwd="CmcC4dm1n5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry1 Active="Yes" username="useradmin" web_passwd="Gu4ngx1pd5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry2 Active="Yes" username="CUAdmin"   web_passwd="CUAdmin5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<TelnetEntry Active="Yes" telnet_username="Admin" telnet_passwd="cxx4dm1n5591" telnet_port="23"/>
<FtpEntry Active="Yes" ftp_right="1" ftp_auth="1" ftp_username="Admin" ftp_passwd="cxx4dm1n5591" ftp_port="21" />
<SambaEntry Active="Yes" smb_right="1" smb_auth="1" smb_username="Admin" smb_passwd="cxx4dm1n5591" />
<ConsoleEntry Active="Yes" console_username="Admin" console_passwd="cxx4dm1n5591"/>
<CTDefParaEntry setDefValueFlag="1" />
</Account>
<div>8.5.5 (Build:20200530.307-TEMP)</div>
<span class="greyNote version"><span class="vWord">Version</span> 2023.11.3 (build 147512)</span>
<h1>Logged in as <strong>admin</strong></h1><input type="hidden" name="csrfmiddlewaretoken" value="e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y"><textarea id="3revi" name="revi" rows="4" cols="50">server1 Ubuntu 22.04 LTS</textarea>
<ca status="disabled" href="/+CSCOCA+/login.html" />
<form action="/login/vpnSdef" enctype="multipart/form-data" method="post" name="login">
    <div data-user="root" data-module="package-updates"></div>
    <code>The zip file did not contain an entry exportDescriptor.properties</code>
    <span class="form-hidden"><input name="page" value="login" type="hidden"/><input name="formulaire_action" type="hidden" value="login" /><input name="formulaire_action_args" type="hidden" value="dzdNV0MzUGFDV0NHemR6bWorekNEWHY=" /><input name="formulaire_action_sign" type="hidden" value="" /></span>
    <message>Please enter your username and password.</message>
    <input name="formid" type="hidden" value="012afed" />
    <input name="javax.faces.ViewState" type="hidden" value="012afed" />
    <input name="queryString" type="hidden" value="1406192" />
    <div class="versionInfo">The Cacti Group Version 1.2.25</div>
    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>
    <input type="hidden" name="token" value="0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec">
    <input type='hidden' name='__csrf_magic' value="key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654" />
    <input type="hidden" name="tokenid"  value="1804289383" >
    <input type="hidden" name="name"  value="1804289383" >
    <input type="hidden" name="csrfKey" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="hidden" name="csrf_token" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" name="ref" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="username_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="password_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="csrf" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="xd_check" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="give-form-id" name="give-form-id" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" id="give-form-hash" name="give-form-hash" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="text" name="username" label="Username:" value="admin" />
    <input type="password" name="password" label="Password:" value="123456" />
    <input type="hidden" name="tgroup" value="DefaultADMINGroup" />
    <input type="submit" name="Login" value="Login" />
    <input type="reset" name="Clear" value="Clear" />
</form>
<input type="hidden" value="Maintain/cloud_index.php" id="cloud_addr">
<li class="lisel" onclick="location.href='index.php'">日志系统</li>
<li class="linormal" onclick="location.href='Maintain/cloud_index.php'" style="margin-left:1px;">云平台</li>
<button type="button" data-price-id=True>sb</button>
<div class="prod_madelName">RT-AC5300</div>
<div class="p1 title_gap">Sign in with your ASUS router account</div>
<tr class="h"><th>PHP Group</th></tr>
<tr><td class="e">upload_tmp_dir</td><td class="v">/etc/httpd/_tmp</td><td class="v">/etc/httpd/_tmp</td></tr>
<tr><td class="e">$_SERVER['DOCUMENT_ROOT']</td><td class="v">/mnt/HDD2/web/</td></tr>
<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>
<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>
<div class="text" id="jive-loginVersion"> Openfire, Version: 3.6.0a</div>
<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>
<div id="mcname">LoadMaster</div>
<p><br/><span>出厂IP：192.168.1.1</span><br/><span>用户名、密码：admin admin</span></p>
<td colspan="2">Please enter your Cacti user name and password below:</td>
<meta id="confluence-context-path" name="confluence-context-path" content="">
<meta id="confluence-base-url" name="confluence-base-url" content="https://192.168.1.4">
<meta id="atlassian-token" name="atlassian-token" content="d78e2b977d28428e411e31b958c9c502c2425083">
<script id="frontend-js-extra">var hashform_vars = {"ajaxurl":"\/wp-admin\/admin-ajax.php","ajax_nounce":"d78e2b97","preview_img":""};</script>
<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>
<B>SonicWall Universal Management Suite v9.3</B>
<br>OK<br>
<script type="text/javascript">var csrfMagicToken = "sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646";var csrfMagicName = "__vtrftk";</script>
<select id="cars" name="name">
<option value="olvo">olvo</option>
</select>
<a href="/VICIdial/phone">MODIFY</a>
<input type="hidden" name="extension"  value="1804289383" >
<input type="hidden" name="pass"  value="1804289383" >
<input type="hidden" name="recording_exten"  value="1804289383" >
<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>
<input type='hidden' name='LDCSA_CSRF' value="sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985" />
<script type='text/javascript'>
	var cactiVersion='1.2.27';
	var cactiServerOS='unix';
	var cactiAction='';
	var theme='modern';
	var refreshIsLogout=true;
	var refreshPage='/logout.php?action=timeout';
	var refreshMSeconds=1440000;
	var urlPath='/';
	var previousPage='';
	var sessionMessage=[];
	var csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';
</script>

<!--
<Username Level="40/40" Dispatch="account">admin</Username><User1><Password Level="40/40" Dispatch="account">admin</Password></User1>
/var/pinglog
<TITLE>Login</TITLE>
<a href="jpg.html">LIVE JPEG</a><br>
<a href="liveie.html">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>
<a href="DVRRemoteAP.exe">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVRRemoteAP_X64.exe">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVFPlayer.zip">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>
<\?xml version="1.0" encoding="utf-8"?><base64Binary xmlns="http://micros-hosting.com/EGateway/">
Location: /admin
<meta name="generator" content="vBulletin 5.5.4" />
Location: http://<ip>:80/relogin.htm?_t=3541144909
Location: http://<ip>:80/syscmd.htm" Location: /ui/login
/cgi-bin/webctrl.cgi?action=index_page
PDR-M800
function btnPing()
<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF="http://<ip>:80/relogin.htm?_t=179439949">here</A></BODY></HTML>
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_shortcut.png">
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_logo.png">
<td class="Copyright" colspan="2" style="text-align:justify" height="20" valign="bottom">© 2017 Cisco Systems, Inc. All Rights Reserved.
<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered
trademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates
in the United States and certain other countries.
</td>
:
#
>
$
SSH key is good
is not a valid ref and may not be archived
pcPassword2
'&sessionKey=790148060;'
name="sessionKey" value="790148060"
Set-Cookie: loginName=admin
var fgt_lang = /dev/cmdb/sslvpn_websession
php 8.1.0-dev exit
springframework
Tomcat
DEVICE.ACCOUNT=admin
AUTHORIZED_GROUP=1
<uid></uid>
<name>Admin</name>
<usrid></usrid>
<password>admin</password>
<group></group>
cpto /tmp/"root"
Model=AC1450
Firmware=V1.0.0.36_10.0.17
"exceptionMessageValue":"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found."
BIG-IP release 15.0.0
user:root
12345admin123'
Failed to process image

Location: http://192.168.0.1:52869/picsdesc.xml
You don't have permission to access /vpns/ on this server.
[global]
    workgroup = intranet
    encrypt passwords = Yes
    update encrypted = Yes

funcionando
system_sofia
name resolve order
InfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo
<b>File Uploaded !!!</b><br>
ant=951d11e51392117311602d0c25435d7f
38ee63071a04dc5e04ed22624c38e648
6f3249aa304055d63828af3bfab778f6
<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>
[local]
 tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Y2Q3OGM2MzliZjliZTdmOWRjMjQwZDI3PT0=
 addr = <ip>
"Powered by vBulletin Version 5.5.4"
789551
Linear eMerge
SuperSign
ubiq
Yacht
Zeroshell
FastWeb
AuthInfo:
loadingIndicator_bk
Zyxel
skyrouter
WAP54
org.apache.spark.ui



ID: "00af", version: "7.7.31.1", AddItem: function (a, item, c) {}
<insert implant configuration content here>
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api
Copyright (c) 2015-2020 by Cisco Systems, Inc.
All rights reserved.
SSL VPN Service
wsConvertPptResponse
<input id="txtUserName" class="txt-input" type="text" name="userName" value="" />
<input id="txtPassword" class="txt-input" type="password" name="password" value="" />
<button id="btnLogin" lc="html" lk="IDCS_LOGIN_NBSP">
<span lc="html" lk="IDCS_BS_PLUGIN_DOWNLOAD" style="line-height: 30px; vertical-align: top;"></span>
<script src="../Scripts/login.htm.js?v={JS_CSS_V}" type="text/javascript"></script>
<LegacyDN>eD2bxe4</LegacyDN>
<title class="_ctxstxt_NetscalerGateway">
SAML Assertion verification failed; Please contact your administrator
v=2b46554c087d2d5516559e9b8bc1875d
/vpn/images/AccessGateway.ico
frame-busting
/vpn/js/logout_view.js?v=
_ctxstxt_NetscalerAAA
lib.min20200813.js
401 Unauthorized Basic realm=
sName='1';onTest(this);
var passadm = "admin";
OPMODE_BRIDGE
document.all.cmd_result
<input id="key" type="text" style="width: 200px" value="02108CB9-2200D5A4">
<input id="date" type="text" style="width: 200px" value="12/25/2023">
main page cgi-bin/login.cgi
var sessionKey='030ff030ff88';
loc += '&sessionKey=19dec20030ff8dcb2';
}

var code = 'location="' + loc + '"';

Password change successful
J2100N GPON ONT
/cgi-bin/webui/admin
sesskey
name=admin pass=123 priv=ppp
service=www.dlinkddns.com
sysCmdType
Content-Type: auth/request


Content-Type: command/reply

Reply-Text: +OK accepted


X-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)
007b2000-007c1000 rw-p 00000000 00:00 0
Size:                 60 kB
Rss:                  52 kB
Pss:                  52 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:        52 kB
Referenced:           52 kB
Anonymous:            52 kB
AnonHugePages:         0 kB
Swap:                  8 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
009b1000-009b8000 rwxp 001b1000 fd:01 3339977                            /var/Sofia
Size:                 28 kB
Rss:                   0 kB
Pss:                   0 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:43:12.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "micros-hosting.com",
            "drupal.org"
         ],
         "file" : [
            "dvrremoteap.exe",
            "cloud_index.php",
            "dvfplayer.zip",
            "index.php",
            "dvrremoteap_x64.exe",
            "admin-ajax.php"
         ],
         "hostname" : [
            "micros-hosting.com",
            "www.drupal.org"
         ],
         "ip" : [
            "10.76.118.67",
            "192.168.1.4",
            "192.168.0.1",
            "1.0.0.36",
            "192.168.1.1",
            "192.168.1.10",
            "7.7.31.1"
         ],
         "url" : [
            "http://192.168.0.1:52869/picsdesc.xml",
            "http://micros-hosting.com/EGateway/",
            "https://192.168.1.4",
            "https://www.drupal.org"
         ]
      },
      "http" : {
         "bodymd5" : "eb2e5505d2e75aef6d0c071350cfab62",
         "bodymmh3" : 1964813803,
         "component" : [
            {
               "product" : "Varnish",
               "productvendor" : "Varnish-Cache"
            },
            {
               "product" : "Java",
               "productvendor" : "Oracle"
            },
            {
               "product" : "Drupal",
               "productversion" : "8",
               "productvendor" : "Drupal"
            },
            {
               "product" : "JBoss Community Application Server",
               "productvendor" : "RedHat",
               "productversion" : "4.0.5"
            },
            {
               "productvendor" : "Gitlab",
               "product" : "Gitlab"
            },
            {
               "product" : "Core",
               "productvendor" : "MobileIron"
            },
            {
               "productversion" : "2.4",
               "productvendor" : "Apache",
               "product" : "org.apache.sling.servlets.post"
            },
            {
               "product" : "SPIP",
               "productversion" : "4.1.11",
               "productvendor" : "SPIP"
            },
            {
               "product" : "PHP",
               "productvendor" : "PHP"
            },
            {
               "productvendor" : "Atlassian",
               "product" : "Confluence"
            },
            {
               "product" : "Jenkins",
               "productversion" : "2.121.3",
               "productvendor" : "Jenkins"
            }
         ],
         "copyright" : "www.linknat.com, \u6606\u77f3\u7f51\u7edc",
         "header" : [
            {
               "value" : "Fri, 29 Jul 2022 16:53:01 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "935c676eb7d85fc12fb8e13cf4b7e17f",
         "headermmh3" : 645232154,
         "keywords" : [
            "voip",
            "vos3000"
         ],
         "title" : "Openfire Console d'Administration: Configuration du Serveur"
      },
      "length" : 16297
   },
   "asn" : "AS45102",
   "city" : "Kuala Lumpur",
   "country" : "MY",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nComposed-By: SPIP 4.1.11 @ www.spip.net\r\nContent-Length: 105407\r\nContent-Type: text/html;charset=utf-8\r\nLast-Modified: Fri, 29 Jul 2022 16:53:01 GMT\r\nLoginip: <srcip>\r\nPragma: private\r\nServer: lighttpd/1.4.51\r\nSet-Cookie: JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;\r\nSet-Cookie: grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax\r\nSet-Cookie: PHC_DISABLED=1; path=/; secure;\r\nSet-Cookie: NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;\r\nSet-Cookie: RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;\r\nSet-Cookie: sesskey=21263a2bf; path=/;\r\nSet-Cookie: DSSignInURL=/; path=/; secure;\r\nSet-Cookie: id=A67B8F9C;\r\nSet-Cookie: acSamlv2Error=; path=/; secure;\r\nSet-Cookie: TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;\r\nSet-Cookie: PHPSESSID=n91i168jps8rd856bcrln2isqe; path=/\r\nSet-Cookie: SUPPORTCHROMEOS=1; path=/; secure;\r\nSet-Cookie: USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly\r\nSet-Cookie: Session=10.76.118.67.ff37fe7ceeca9a0ebedcf6549e8275d9; path=/\r\nSet-Cookie: sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;\r\nSet-Cookie: rememberMe=deleteMe; path=/;\r\nSet-Cookie: XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Fri, 14-Mar-2092 22:32:26 GMT; Path=/; HttpOnly;\r\nSet-Cookie: CLIENT_ID=7214\r\nX-Cache: miss\r\nX-Cache-Lookup: MISS from Hello:8080\r\nX-Cache-Miss-From: parking-74c5b8d946-dhmw5\r\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWor\r\nX-Content-Type-Options: nosniff\r\nX-Contextid: YQo=\r\nX-Drupal-Cache: xHIT\r\nX-Drupal-Dynamic-Cache: MISS\r\nX-Frame-Options: SAMEORIGIN\r\nX-Generator: Drupal 8 (https://www.drupal.org)\r\nX-Influxdb-Build: OSS\r\nX-Jenkins: 2.121.3\r\nX-Jenkins-Session: f72d6619\r\nX-Nginx-Cache-Status: MISS\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=2006101\r\nX-Served-By: cache-xsp21434-XSP\r\nX-Shardid: 80\r\nX-Varnish: 336777937\r\nX-Xss-Protection: 1; mode=block\r\nDate: Thu, 07 Nov 2024 05:43:12 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta charset=\"utf-8\">\n<meta content=\"IE=edge\" http-equiv=\"X-UA-Compatible\">\n<meta content=\"object\" property=\"og:type\">\n<meta content=\"GitLab\" property=\"og:site_name\">\n<meta content=\"Help\" property=\"og:title\">\n<meta content=\"GitLab Community Edition\" property=\"og:description\">\n<meta content=\"summary\" property=\"twitter:card\">\n<meta content=\"Help\" property=\"twitter:title\">\n<meta content=\"GitLab Community Edition\" property=\"twitter:description\">\n<meta content=\"GitLab Community Edition\" name=\"description\">\n<meta content=\"#474D57\" name=\"theme-color\">\n<meta content=\"#30353E\" name=\"msapplication-TileColor\">\n<meta name=\"csrf-param\" content=\"authenticity_token\" />\n<meta name=\"csrf-token\" content=\"8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cd78c639bf9be7f9dc240d27==\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n<meta http-equiv=\"expires\" content=\"-1\"/>\n<meta name=\"keywords\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"author\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"copyright\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"generator\" content=\"SPIP 4.1.11\" />\n<script src=\"/jquery.min.js\"></script> \n<title>Openfire Console d'Administration: Configuration du Serveur</title>\n</head>\n<body>\n<div style=\"display: none;\">\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"THtoAUxH4sS9\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last=\"1\">fritzr</User></Users></SessionInfo>\n<Account>\n<Entry0 Active=\"Yes\" username=\"CMCCAdmin\" web_passwd=\"CmcC4dm1n5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry1 Active=\"Yes\" username=\"useradmin\" web_passwd=\"Gu4ngx1pd5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry2 Active=\"Yes\" username=\"CUAdmin\"   web_passwd=\"CUAdmin5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<TelnetEntry Active=\"Yes\" telnet_username=\"Admin\" telnet_passwd=\"cxx4dm1n5591\" telnet_port=\"23\"/>\n<FtpEntry Active=\"Yes\" ftp_right=\"1\" ftp_auth=\"1\" ftp_username=\"Admin\" ftp_passwd=\"cxx4dm1n5591\" ftp_port=\"21\" />\n<SambaEntry Active=\"Yes\" smb_right=\"1\" smb_auth=\"1\" smb_username=\"Admin\" smb_passwd=\"cxx4dm1n5591\" />\n<ConsoleEntry Active=\"Yes\" console_username=\"Admin\" console_passwd=\"cxx4dm1n5591\"/>\n<CTDefParaEntry setDefValueFlag=\"1\" />\n</Account>\n<div>8.5.5 (Build:20200530.307-TEMP)</div>\n<span class=\"greyNote version\"><span class=\"vWord\">Version</span> 2023.11.3 (build 147512)</span>\n<h1>Logged in as <strong>admin</strong></h1><input type=\"hidden\" name=\"csrfmiddlewaretoken\" value=\"e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y\"><textarea id=\"3revi\" name=\"revi\" rows=\"4\" cols=\"50\">server1 Ubuntu 22.04 LTS</textarea>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n<form action=\"/login/vpnSdef\" enctype=\"multipart/form-data\" method=\"post\" name=\"login\">\n    <div data-user=\"root\" data-module=\"package-updates\"></div>\n    <code>The zip file did not contain an entry exportDescriptor.properties</code>\n    <span class=\"form-hidden\"><input name=\"page\" value=\"login\" type=\"hidden\"/><input name=\"formulaire_action\" type=\"hidden\" value=\"login\" /><input name=\"formulaire_action_args\" type=\"hidden\" value=\"dzdNV0MzUGFDV0NHemR6bWorekNEWHY=\" /><input name=\"formulaire_action_sign\" type=\"hidden\" value=\"\" /></span>\n    <message>Please enter your username and password.</message>\n    <input name=\"formid\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"javax.faces.ViewState\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"queryString\" type=\"hidden\" value=\"1406192\" />\n    <div class=\"versionInfo\">The Cacti Group Version 1.2.25</div>\n    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>\n    <input type=\"hidden\" name=\"token\" value=\"0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec\">\n    <input type='hidden' name='__csrf_magic' value=\"key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654\" />\n    <input type=\"hidden\" name=\"tokenid\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"name\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"csrfKey\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"hidden\" name=\"csrf_token\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" name=\"ref\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"username_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"password_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"csrf\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"xd_check\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"give-form-id\" name=\"give-form-id\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" id=\"give-form-hash\" name=\"give-form-hash\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"text\" name=\"username\" label=\"Username:\" value=\"admin\" />\n    <input type=\"password\" name=\"password\" label=\"Password:\" value=\"123456\" />\n    <input type=\"hidden\" name=\"tgroup\" value=\"DefaultADMINGroup\" />\n    <input type=\"submit\" name=\"Login\" value=\"Login\" />\n    <input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n</form>\n<input type=\"hidden\" value=\"Maintain/cloud_index.php\" id=\"cloud_addr\">\n<li class=\"lisel\" onclick=\"location.href='index.php'\">\u65e5\u5fd7\u7cfb\u7edf</li>\n<li class=\"linormal\" onclick=\"location.href='Maintain/cloud_index.php'\" style=\"margin-left:1px;\">\u4e91\u5e73\u53f0</li>\n<button type=\"button\" data-price-id=True>sb</button>\n<div class=\"prod_madelName\">RT-AC5300</div>\n<div class=\"p1 title_gap\">Sign in with your ASUS router account</div>\n<tr class=\"h\"><th>PHP Group</th></tr>\n<tr><td class=\"e\">upload_tmp_dir</td><td class=\"v\">/etc/httpd/_tmp</td><td class=\"v\">/etc/httpd/_tmp</td></tr>\n<tr><td class=\"e\">$_SERVER['DOCUMENT_ROOT']</td><td class=\"v\">/mnt/HDD2/web/</td></tr>\n<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>\n<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>\n<div class=\"text\" id=\"jive-loginVersion\"> Openfire, Version: 3.6.0a</div>\n<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>\n<div id=\"mcname\">LoadMaster</div>\n<p><br/><span>\u51fa\u5382IP\uff1a192.168.1.1</span><br/><span>\u7528\u6237\u540d\u3001\u5bc6\u7801\uff1aadmin admin</span></p>\n<td colspan=\"2\">Please enter your Cacti user name and password below:</td>\n<meta id=\"confluence-context-path\" name=\"confluence-context-path\" content=\"\">\n<meta id=\"confluence-base-url\" name=\"confluence-base-url\" content=\"https://192.168.1.4\">\n<meta id=\"atlassian-token\" name=\"atlassian-token\" content=\"d78e2b977d28428e411e31b958c9c502c2425083\">\n<script id=\"frontend-js-extra\">var hashform_vars = {\"ajaxurl\":\"\\/wp-admin\\/admin-ajax.php\",\"ajax_nounce\":\"d78e2b97\",\"preview_img\":\"\"};</script>\n<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>\n<B>SonicWall Universal Management Suite v9.3</B>\n<br>OK<br>\n<script type=\"text/javascript\">var csrfMagicToken = \"sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646\";var csrfMagicName = \"__vtrftk\";</script>\n<select id=\"cars\" name=\"name\">\n<option value=\"olvo\">olvo</option>\n</select>\n<a href=\"/VICIdial/phone\">MODIFY</a>\n<input type=\"hidden\" name=\"extension\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"pass\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"recording_exten\"  value=\"1804289383\" >\n<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>\n<input type='hidden' name='LDCSA_CSRF' value=\"sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985\" />\n<script type='text/javascript'>\n\tvar cactiVersion='1.2.27';\n\tvar cactiServerOS='unix';\n\tvar cactiAction='';\n\tvar theme='modern';\n\tvar refreshIsLogout=true;\n\tvar refreshPage='/logout.php?action=timeout';\n\tvar refreshMSeconds=1440000;\n\tvar urlPath='/';\n\tvar previousPage='';\n\tvar sessionMessage=[];\n\tvar csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';\n</script>\n\n<!--\n<Username Level=\"40/40\" Dispatch=\"account\">admin</Username><User1><Password Level=\"40/40\" Dispatch=\"account\">admin</Password></User1>\n/var/pinglog\n<TITLE>Login</TITLE>\n<a href=\"jpg.html\">LIVE JPEG</a><br>\n<a href=\"liveie.html\">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>\n<a href=\"DVRRemoteAP.exe\">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVRRemoteAP_X64.exe\">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVFPlayer.zip\">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>\n<\\?xml version=\"1.0\" encoding=\"utf-8\"?><base64Binary xmlns=\"http://micros-hosting.com/EGateway/\">\nLocation: /admin\n<meta name=\"generator\" content=\"vBulletin 5.5.4\" />\nLocation: http://<ip>:80/relogin.htm?_t=3541144909\nLocation: http://<ip>:80/syscmd.htm\" Location: /ui/login\n/cgi-bin/webctrl.cgi?action=index_page\nPDR-M800\nfunction btnPing()\n<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF=\"http://<ip>:80/relogin.htm?_t=179439949\">here</A></BODY></HTML>\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_shortcut.png\">\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_logo.png\">\n<td class=\"Copyright\" colspan=\"2\" style=\"text-align:justify\" height=\"20\" valign=\"bottom\">\u00a9 2017 Cisco Systems, Inc. All Rights Reserved.\n<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered\ntrademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates\nin the United States and certain other countries.\n</td>\n:\n#\n>\n$\nSSH key is good\nis not a valid ref and may not be archived\npcPassword2\n'&sessionKey=790148060;'\nname=\"sessionKey\" value=\"790148060\"\nSet-Cookie: loginName=admin\nvar fgt_lang = /dev/cmdb/sslvpn_websession\nphp 8.1.0-dev exit\nspringframework\nTomcat\nDEVICE.ACCOUNT=admin\nAUTHORIZED_GROUP=1\n<uid></uid>\n<name>Admin</name>\n<usrid></usrid>\n<password>admin</password>\n<group></group>\ncpto /tmp/\"root\"\nModel=AC1450\r\nFirmware=V1.0.0.36_10.0.17\r\n\"exceptionMessageValue\":\"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found.\"\nBIG-IP release 15.0.0\nuser:root\n12345admin123'\nFailed to process image\n\nLocation: http://192.168.0.1:52869/picsdesc.xml\nYou don't have permission to access /vpns/ on this server.\n[global]\n    workgroup = intranet\n    encrypt passwords = Yes\n    update encrypted = Yes\n\nfuncionando\nsystem_sofia\nname resolve order\nInfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo\n<b>File Uploaded !!!</b><br>\nant=951d11e51392117311602d0c25435d7f\n38ee63071a04dc5e04ed22624c38e648\n6f3249aa304055d63828af3bfab778f6\n<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>\n[local]\n tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Y2Q3OGM2MzliZjliZTdmOWRjMjQwZDI3PT0=\n addr = <ip>\n\"Powered by vBulletin Version 5.5.4\"\n789551\nLinear eMerge\nSuperSign\nubiq\nYacht\nZeroshell\nFastWeb\nAuthInfo:\nloadingIndicator_bk\nZyxel\nskyrouter\nWAP54\norg.apache.spark.ui\n\n\n\nID: \"00af\", version: \"7.7.31.1\", AddItem: function (a, item, c) {}\n<insert implant configuration content here>\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api\nCopyright (c) 2015-2020 by Cisco Systems, Inc.\nAll rights reserved.\nSSL VPN Service\nwsConvertPptResponse\n<input id=\"txtUserName\" class=\"txt-input\" type=\"text\" name=\"userName\" value=\"\" />\n<input id=\"txtPassword\" class=\"txt-input\" type=\"password\" name=\"password\" value=\"\" />\n<button id=\"btnLogin\" lc=\"html\" lk=\"IDCS_LOGIN_NBSP\">\n<span lc=\"html\" lk=\"IDCS_BS_PLUGIN_DOWNLOAD\" style=\"line-height: 30px; vertical-align: top;\"></span>\n<script src=\"../Scripts/login.htm.js?v={JS_CSS_V}\" type=\"text/javascript\"></script>\n<LegacyDN>eD2bxe4</LegacyDN>\n<title class=\"_ctxstxt_NetscalerGateway\">\nSAML Assertion verification failed; Please contact your administrator\nv=2b46554c087d2d5516559e9b8bc1875d\n/vpn/images/AccessGateway.ico\nframe-busting\n/vpn/js/logout_view.js?v=\n_ctxstxt_NetscalerAAA\nlib.min20200813.js\n401 Unauthorized Basic realm=\nsName='1';onTest(this);\nvar passadm = \"admin\";\nOPMODE_BRIDGE\ndocument.all.cmd_result\n<input id=\"key\" type=\"text\" style=\"width: 200px\" value=\"02108CB9-2200D5A4\">\n<input id=\"date\" type=\"text\" style=\"width: 200px\" value=\"12/25/2023\">\nmain page cgi-bin/login.cgi\nvar sessionKey='030ff030ff88';\nloc += '&sessionKey=19dec20030ff8dcb2';\n}\n\nvar code = 'location=\"' + loc + '\"';\n\nPassword change successful\nJ2100N GPON ONT\n/cgi-bin/webui/admin\nsesskey\nname=admin pass=123 priv=ppp\nservice=www.dlinkddns.com\nsysCmdType\nContent-Type: auth/request\n\n\nContent-Type: command/reply\n\nReply-Text: +OK accepted\n\n\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)\n007b2000-007c1000 rw-p 00000000 00:00 0\nSize:                 60 kB\nRss:                  52 kB\nPss:                  52 kB\nShared_Clean:          0 kB\nShared_Dirty:          0 kB\nPrivate_Clean:         0 kB\nPrivate_Dirty:        52 kB\nReferenced:           52 kB\nAnonymous:            52 kB\nAnonHugePages:         0 kB\nSwap:                  8 kB\nKernelPageSize:        4 kB\nMMUPageSize:           4 kB\n009b1000-009b8000 rwxp 001b1000 fd:01 3339977                            /var/Sofia\nSize:                 28 kB\nRss:                   0 kB\nPss:                   0 kB\nShared_Clean:          0 kB\nShared_Dirty:          0 kB\nPrivate_Clean:         0 kB\nPrivate_Dirty:  ",
   "datamd5" : "0d2072260c58e677e112cecce302efdb",
   "datammh3" : 1673627368,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS45102",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "alibaba-inc.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "AL-3",
      "organization" : "Alibaba Cloud LLC",
      "subnet" : "47.250.128.0/17"
   },
   "ip" : "47.250.147.63",
   "ipv6" : "false",
   "latitude" : "3.1412",
   "location" : "3.1412,101.6850",
   "longitude" : "101.6850",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Alibaba US Technology Co., Ltd.",
   "os" : "Linux",
   "osdistribution" : "sUse",
   "osvendor" : "Linux",
   "port" : 4444,
   "product" : "lighttpd",
   "productvendor" : "lighttpd",
   "productversion" : "1.4.51",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "47.250.128.0/17",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
219.241.5.137

Network
219.241.0.0/17

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://219.241.5.137:4444/ 200

ASN
AS9318

Organization
SK Broadband Co Ltd

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
httpd httpd

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
568bea25c0aedb2ee99c171ae2e22ade

HTTP Header MD5
108601d04fb40cca73964b150fc4a31a

HTTP Body MD5
7f20c9c6f2f82599d5e98f166fcd70a0

HTTP/1.0 200 OK
Date: Thu, 07 Nov 2024 05:41:33 GMT
Server: Httpd/1.0
Connection: close
Content-Length: 112
Last-Modified: Thu, 07 Nov 2024 05:41:33 GMT
Content-Type: text/html

<html>
<head>
<meta http-equiv=refresh content="0; URL=login/login.cgi">
<title></title>
<body>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:41:36.000Z",
   "app" : {
      "extract" : {
         "file" : [
            "login.cgi"
         ]
      },
      "http" : {
         "bodymd5" : "7f20c9c6f2f82599d5e98f166fcd70a0",
         "bodymmh3" : -957351584,
         "header" : [
            {
               "value" : "Thu, 07 Nov 2024 05:41:33 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "108601d04fb40cca73964b150fc4a31a",
         "headermmh3" : 1326214470
      },
      "length" : 298
   },
   "asn" : "AS9318",
   "city" : "Guro-gu",
   "country" : "KR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 200 OK\r\nDate: Thu, 07 Nov 2024 05:41:33 GMT\r\nServer: Httpd/1.0\r\nConnection: close\r\nContent-Length: 112\r\nLast-Modified: Thu, 07 Nov 2024 05:41:33 GMT\r\nContent-Type: text/html\r\n\r\n<html>\n<head>\n<meta http-equiv=refresh content=\"0; URL=login/login.cgi\">\n<title></title>\n<body>\n</body>\n</html>\n",
   "datamd5" : "568bea25c0aedb2ee99c171ae2e22ade",
   "datammh3" : 2093214656,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9318",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "KR",
      "countryname" : "South Korea",
      "domain" : [
         "nic.or.kr",
         "skbroadband.com"
      ],
      "isineu" : "false",
      "latitude" : "35.907757",
      "location" : "35.907757,127.766922",
      "longitude" : "127.766922",
      "netname" : "broadNnet",
      "organization" : "SK Broadband Co Ltd",
      "subnet" : "219.241.0.0/17"
   },
   "ip" : "219.241.5.137",
   "ipv6" : "false",
   "latitude" : "37.5162",
   "location" : "37.5162,126.8804",
   "longitude" : "126.8804",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "SK Broadband Co Ltd",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4444,
   "product" : "httpd",
   "productvendor" : "httpd",
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "219.241.0.0/17",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
3.77.145.189

Network
3.64.0.0/12

Domain(s)
amazonaws.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://3.77.145.189:4444/ 200

HTTP Title
admin [Jenkins]

Reverse DNS
ec2-3-77-145-189.eu-central-1.compute.amazonaws.com

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

HTTP Component(s)
Apache org.apache.sling.servlets.post 2.4

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
59f7f6180a1180d3d66960a3ee18581e

HTTP Header MD5
6e61ffc8ed66a1c18533076f7c593c51

HTTP Body MD5
d7e63cd49dab9cda806c31acb75940ac

HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 Nov 2024 05:41:08 GMT
Server: frontpage
X-Powered-By: Servlet/2.4
Content-Length: 675
Content-Type: text/html
Set-Cookie: csrftoken=RXeMRTKezxrFD8gqyIOpZFag30ilNXGORNXmOpkTw9EtGhZu7djbbhYY667XRmXD

<html><head><link rel="icon" href="/favicon_5e59dc4b-36ce-48d4-83d6-f1d0e7002afd.ico"><title>admin [Jenkins]</title></head><body><div>ccrljul1kori17mxpe</div><h2>t3mn3zg3698tqvh2ysa37kjkka</h2><div>32kytm71gw0pvczu5rbh780p</div><span>3krbeh2o17g3j4</span><h3>usthmy3c6qrwp663</h3><h3>rjepk1128a</h3><h2>6p2uzan9ivyc0</h2><span>znbif9dxmfwre1cepehl2</span><h3>0vz3oajt1jm4g</h3><span>n7f4wn3lc3crhqpq44cpx1k5m4</span><h1>7s5cnu27a8eylxdlhn7unqk1hn7av</h1><span>dmqyo7ejog6ximkwis0</span><p>xrugt4joem7zh3q5ak88xc</p><div>7l01mjf95b9klpw</div><span>3xro585xaqcr</span><p>r6ra2vvi8vxthsd88ugr</p><h1>mpf92il8nu9z5lzn25wu1k</h1><h2>jpjzeqer3gexvuksljkslasf4b2w</h2></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:41:09.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d7e63cd49dab9cda806c31acb75940ac",
         "bodymmh3" : 1343617099,
         "component" : [
            {
               "product" : "org.apache.sling.servlets.post",
               "productvendor" : "Apache",
               "productversion" : "2.4"
            }
         ],
         "headermd5" : "6e61ffc8ed66a1c18533076f7c593c51",
         "headermmh3" : -574526865,
         "title" : "admin [Jenkins]"
      },
      "length" : 930
   },
   "asn" : "AS16509",
   "city" : "Frankfurt am Main",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 05:41:08 GMT\r\nServer: frontpage\r\nX-Powered-By: Servlet/2.4\r\nContent-Length: 675\r\nContent-Type: text/html\r\nSet-Cookie: csrftoken=RXeMRTKezxrFD8gqyIOpZFag30ilNXGORNXmOpkTw9EtGhZu7djbbhYY667XRmXD\r\n\r\n<html><head><link rel=\"icon\" href=\"/favicon_5e59dc4b-36ce-48d4-83d6-f1d0e7002afd.ico\"><title>admin [Jenkins]</title></head><body><div>ccrljul1kori17mxpe</div><h2>t3mn3zg3698tqvh2ysa37kjkka</h2><div>32kytm71gw0pvczu5rbh780p</div><span>3krbeh2o17g3j4</span><h3>usthmy3c6qrwp663</h3><h3>rjepk1128a</h3><h2>6p2uzan9ivyc0</h2><span>znbif9dxmfwre1cepehl2</span><h3>0vz3oajt1jm4g</h3><span>n7f4wn3lc3crhqpq44cpx1k5m4</span><h1>7s5cnu27a8eylxdlhn7unqk1hn7av</h1><span>dmqyo7ejog6ximkwis0</span><p>xrugt4joem7zh3q5ak88xc</p><div>7l01mjf95b9klpw</div><span>3xro585xaqcr</span><p>r6ra2vvi8vxthsd88ugr</p><h1>mpf92il8nu9z5lzn25wu1k</h1><h2>jpjzeqer3gexvuksljkslasf4b2w</h2></body></html>",
   "datamd5" : "59f7f6180a1180d3d66960a3ee18581e",
   "datammh3" : 1464507463,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "DE",
      "countryname" : "Germany",
      "domain" : [
         "amazon.com",
         "amazonaws.com"
      ],
      "isineu" : "true",
      "latitude" : "51.165691",
      "location" : "51.165691,10.451526",
      "longitude" : "10.451526",
      "netname" : "AMAZON-FRA",
      "organization" : "A100 ROW GmbH",
      "subnet" : "3.64.0.0/12"
   },
   "host" : [
      "ec2-3-77-145-189"
   ],
   "hostname" : [
      "ec2-3-77-145-189.eu-central-1.compute.amazonaws.com"
   ],
   "ip" : "3.77.145.189",
   "ipv6" : "false",
   "latitude" : "50.1187",
   "location" : "50.1187,8.6842",
   "longitude" : "8.6842",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4444,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-3-77-145-189.eu-central-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "eu-central-1.compute.amazonaws.com"
   ],
   "subnet" : "3.64.0.0/12",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
107.174.34.29

Network
107.174.32.0/19

Domain(s)
virtualvistaventures.buzz

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://107.174.34.29:4444/ 200

HTTP Title
欢迎使用X-UI-YG面板

Reverse DNS
bigdatahospit01k.virtualvistaventures.buzz

ASN
AS36352

Organization
AS-COLOCROSSING

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
7c99455f5445b020634c8d4187b6db56

HTTP Header MD5
64270533dc449b5fb751ca76d91ab9ad

HTTP Body MD5
078acda3972d67500eee731d46e135b1

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Thu, 07 Nov 2024 05:40:30 GMT
Connection: close
Transfer-Encoding: chunked

800
<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <meta name="renderer" content="webkit">
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <link rel="stylesheet" href="/assets/ant-design-vue@1.7.2/antd.min.css">
    <link rel="stylesheet" href="/assets/element-ui@2.15.0/theme-chalk/display.css">
    <link rel="stylesheet" href="/assets/css/custom.css?3.6">
    <style>
        [v-cloak] {
            display: none;
        }
    </style>
    <title>欢迎使用X-UI-YG面板</title>
</head>

<style>

    #app {
        padding-top: 100px;
    }

    h1 {
        text-align: center;
        color: #fff;
        margin: 20px 0 50px 0;
    }

    .ant-btn, .ant-input {
        height: 50px;
        border-radius: 30px;
    }

    .ant-input-affix-wrapper .ant-input-prefix {
        left: 23px;
    }

    .ant-input-affix-wrapper .ant-input:not(:first-child) {
        padding-left: 50px;
    }

</style>
<body>
<a-layout id="app" v-cloak>
    <transition name="list" appear>
        <a-layout-content>
            <a-row type="flex" justify="center">
                <a-col :xs="22" :sm="20" :md="16" :lg="12" :xl="8">
                    <h1>欢迎使用X-UI-YG面板</h1>
                </a-col>
            </a-row>
            <a-row type="flex" justify="center">
                <a-col :xs="22" :sm="20" :md="16" :lg="12" :xl="8">
                    <a-form>
                        <a-form-item>
                            <a-input v-model.trim="user.username" placeholder='username'
                                     @keydown.enter.native="login" autofocus>
                                <a-icon slot="prefix" type="user" style="color: rgba(0,0,0,.25)"/>
                            </a-input>
                        </a-form-item>
                        <a-form-item>
                            <a-input type="password" v-model.trim="user.password"
                                     placeholder='pass
800
word' @keydown.enter.native="login">
                                <a-icon slot="prefix" type="lock" style="color: rgba(0,0,0,.25)"/>
                            </a-input>
                        </a-form-item>
                        <a-form-item>
                            <a-button block @click="login" :loading="loading">login</a-button>
                        </a-form-item>
                    </a-form>
                </a-col>
            </a-row>
        </a-layout-content>
    </transition>
</a-layout>

<script src="/assets/vue@2.6.12/vue.min.js"></script>
<script src="/assets/moment/moment.min.js"></script>
<script src="/assets/ant-design-vue@1.7.2/antd.min.js"></script>
<script src="/assets/base64/base64.min.js"></script>
<script src="/assets/axios/axios.min.js"></script>
<script src="/assets/qs/qs.min.js"></script>
<script src="/assets/qrcode/qrious.min.js"></script>
<script src="/assets/clipboard/clipboard.min.js"></script>
<script src="/assets/uri/URI.min.js"></script>
<script src="/assets/js/axios-init.js?3.6"></script>
<script src="/assets/js/util/common.js?3.6"></script>
<script src="/assets/js/util/date-util.js?3.6"></script>
<script src="/assets/js/util/utils.js?3.6"></script>
<script src="/assets/js/model/xray.js?3.6"></script>
<script src="/assets/js/model/models.js?3.6"></script>
<script>
    const basePath = '\/';
    axios.defaults.baseURL = basePath;
</script>

<script>
    const leftColor = RandomUtil.randomIntRange(0x222222, 0xFFFFFF / 2).toString(16);
    const rightColor = RandomUtil.randomIntRange(0xFFFFFF / 2, 0xDDDDDD).toString(16);
    const deg = RandomUtil.randomIntRange(0, 360);
    const background = `linear-gradient(${deg}deg, #${leftColor} 10%, #${rightColor} 100%)`;
    document.querySelector('#app').style.background = background;
    const app = new Vue({
        delimiters: ['[[', ']]'],
        el: '#app',
        data: {
            loading: false,
            user: new User(),
        },
        methods: {
            async login() {
                this.loading = t
116
rue;
                const msg = await HttpUtil.post('/login', this.user);
                this.loading = false;
                if (msg.success) {
                    location.href = basePath + 'xui/';
                }
            }
        }
    });
</script>
</body>
</html>
0

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:40:33.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "078acda3972d67500eee731d46e135b1",
         "bodymmh3" : -130666708,
         "headermd5" : "64270533dc449b5fb751ca76d91ab9ad",
         "headermmh3" : 849747722,
         "title" : "\u6b22\u8fce\u4f7f\u7528X-UI-YG\u9762\u677f"
      },
      "length" : 4543
   },
   "asn" : "AS36352",
   "city" : "Buffalo",
   "country" : "US",
   "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html; charset=utf-8\r\nDate: Thu, 07 Nov 2024 05:40:30 GMT\r\nConnection: close\r\nTransfer-Encoding: chunked\r\n\r\n800\r\n<!DOCTYPE html>\n<html lang=\"en\">\n\n<head>\n    <meta charset=\"UTF-8\">\n    <meta name=\"renderer\" content=\"webkit\">\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n    <link rel=\"stylesheet\" href=\"/assets/ant-design-vue@1.7.2/antd.min.css\">\n    <link rel=\"stylesheet\" href=\"/assets/element-ui@2.15.0/theme-chalk/display.css\">\n    <link rel=\"stylesheet\" href=\"/assets/css/custom.css?3.6\">\n    <style>\n        [v-cloak] {\n            display: none;\n        }\n    </style>\n    <title>\u6b22\u8fce\u4f7f\u7528X-UI-YG\u9762\u677f</title>\n</head>\n\n<style>\n\n    #app {\n        padding-top: 100px;\n    }\n\n    h1 {\n        text-align: center;\n        color: #fff;\n        margin: 20px 0 50px 0;\n    }\n\n    .ant-btn, .ant-input {\n        height: 50px;\n        border-radius: 30px;\n    }\n\n    .ant-input-affix-wrapper .ant-input-prefix {\n        left: 23px;\n    }\n\n    .ant-input-affix-wrapper .ant-input:not(:first-child) {\n        padding-left: 50px;\n    }\n\n</style>\n<body>\n<a-layout id=\"app\" v-cloak>\n    <transition name=\"list\" appear>\n        <a-layout-content>\n            <a-row type=\"flex\" justify=\"center\">\n                <a-col :xs=\"22\" :sm=\"20\" :md=\"16\" :lg=\"12\" :xl=\"8\">\n                    <h1>\u6b22\u8fce\u4f7f\u7528X-UI-YG\u9762\u677f</h1>\n                </a-col>\n            </a-row>\n            <a-row type=\"flex\" justify=\"center\">\n                <a-col :xs=\"22\" :sm=\"20\" :md=\"16\" :lg=\"12\" :xl=\"8\">\n                    <a-form>\n                        <a-form-item>\n                            <a-input v-model.trim=\"user.username\" placeholder='username'\n                                     @keydown.enter.native=\"login\" autofocus>\n                                <a-icon slot=\"prefix\" type=\"user\" style=\"color: rgba(0,0,0,.25)\"/>\n                            </a-input>\n                        </a-form-item>\n                        <a-form-item>\n                            <a-input type=\"password\" v-model.trim=\"user.password\"\n                                     placeholder='pass\r\n800\r\nword' @keydown.enter.native=\"login\">\n                                <a-icon slot=\"prefix\" type=\"lock\" style=\"color: rgba(0,0,0,.25)\"/>\n                            </a-input>\n                        </a-form-item>\n                        <a-form-item>\n                            <a-button block @click=\"login\" :loading=\"loading\">login</a-button>\n                        </a-form-item>\n                    </a-form>\n                </a-col>\n            </a-row>\n        </a-layout-content>\n    </transition>\n</a-layout>\n\n<script src=\"/assets/vue@2.6.12/vue.min.js\"></script>\n<script src=\"/assets/moment/moment.min.js\"></script>\n<script src=\"/assets/ant-design-vue@1.7.2/antd.min.js\"></script>\n<script src=\"/assets/base64/base64.min.js\"></script>\n<script src=\"/assets/axios/axios.min.js\"></script>\n<script src=\"/assets/qs/qs.min.js\"></script>\n<script src=\"/assets/qrcode/qrious.min.js\"></script>\n<script src=\"/assets/clipboard/clipboard.min.js\"></script>\n<script src=\"/assets/uri/URI.min.js\"></script>\n<script src=\"/assets/js/axios-init.js?3.6\"></script>\n<script src=\"/assets/js/util/common.js?3.6\"></script>\n<script src=\"/assets/js/util/date-util.js?3.6\"></script>\n<script src=\"/assets/js/util/utils.js?3.6\"></script>\n<script src=\"/assets/js/model/xray.js?3.6\"></script>\n<script src=\"/assets/js/model/models.js?3.6\"></script>\n<script>\n    const basePath = '\\/';\n    axios.defaults.baseURL = basePath;\n</script>\n\n<script>\n    const leftColor = RandomUtil.randomIntRange(0x222222, 0xFFFFFF / 2).toString(16);\n    const rightColor = RandomUtil.randomIntRange(0xFFFFFF / 2, 0xDDDDDD).toString(16);\n    const deg = RandomUtil.randomIntRange(0, 360);\n    const background = `linear-gradient(${deg}deg, #${leftColor} 10%, #${rightColor} 100%)`;\n    document.querySelector('#app').style.background = background;\n    const app = new Vue({\n        delimiters: ['[[', ']]'],\n        el: '#app',\n        data: {\n            loading: false,\n            user: new User(),\n        },\n        methods: {\n            async login() {\n                this.loading = t\r\n116\r\nrue;\n                const msg = await HttpUtil.post('/login', this.user);\n                this.loading = false;\n                if (msg.success) {\n                    location.href = basePath + 'xui/';\n                }\n            }\n        }\n    });\n</script>\n</body>\n</html>\r\n0\r\n\r\n",
   "datamd5" : "7c99455f5445b020634c8d4187b6db56",
   "datammh3" : -1389059771,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "virtualvistaventures.buzz"
   ],
   "geolocus" : {
      "asn" : "AS36352",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "colocrossing.com",
         "hostpapa.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "CC-17",
      "organization" : "HostPapa",
      "subnet" : "107.174.32.0/19"
   },
   "host" : [
      "bigdatahospit01k"
   ],
   "hostname" : [
      "bigdatahospit01k.virtualvistaventures.buzz"
   ],
   "ip" : "107.174.34.29",
   "ipv6" : "false",
   "latitude" : "42.8856",
   "location" : "42.8856,-78.8736",
   "longitude" : "-78.8736",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AS-COLOCROSSING",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4444,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "bigdatahospit01k.virtualvistaventures.buzz"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "107.174.32.0/19",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "buzz"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
194.238.28.212

Network
194.238.24.0/21

Domain(s)
contaboserver.net

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://194.238.28.212:4444/ 200

HTTP Title
Z-PRO

HTTP Description
telephone=no

Reverse DNS
vmi2227223.contaboserver.net

ASN
AS40021

Organization
NL-811-40021

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

HTTP Component(s)
expressjs Express

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
809a5e4e9fc3ec8ad1145c95644c392c

HTTP Header MD5
1e776a24b298db7cb6e750560caa11e9

HTTP Body MD5
54b829fd1c93d774c60d64fb31ddab10

HTTP/1.1 200 OK
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 30 Oct 2024 22:32:47 GMT
ETag: W/"5de-192df8f5d75"
Content-Type: text/html; charset=UTF-8
Content-Length: 1502
Date: Thu, 07 Nov 2024 05:40:11 GMT
Connection: close

<!DOCTYPE html><html><head><title>Z-PRO</title><meta charset=utf-8><meta name=description content="Bot Multiatendimento, multicanais e multiempresas."><meta name=format-detection content="telephone=no"><meta name=msapplication-tap-highlight content=no><meta name=apple-mobile-web-app-capable content=yes><meta name=viewport content="user-scalable=no,initial-scale=1,maximum-scale=1,minimum-scale=1,width=device-width"><link rel=icon type=image/ico href=favicon.ico><script src=https://cdn.jsdelivr.net/npm/@ffmpeg/ffmpeg@0.10.1/dist/ffmpeg.min.js></script><link href=css/vendor.9434b47e.css rel=stylesheet><link href=css/app.9732c573.css rel=stylesheet><link rel=manifest href=manifest.json><meta name=theme-color content=#027be3><meta name=apple-mobile-web-app-capable content=yes><meta name=apple-mobile-web-app-status-bar-style content=default><meta name=apple-mobile-web-app-title content=Z-PRO><link rel=apple-touch-icon href=icons/apple-icon-120x120.png><link rel=apple-touch-icon sizes=152x152 href=icons/apple-icon-152x152.png><link rel=apple-touch-icon sizes=167x167 href=icons/apple-icon-167x167.png><link rel=apple-touch-icon sizes=180x180 href=icons/apple-icon-180x180.png><link rel=mask-icon href=icons/safari-pinned-tab.svg color=#027be3><meta name=msapplication-TileImage content=icons/ms-icon-144x144.png><meta name=msapplication-TileColor content=#000000></head><body><div id=q-app></div><script src=js/vendor.b2c4e6ba.js></script><script src=js/app.e717dd4f.js></script></body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:40:12.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "jsdelivr.net"
         ],
         "hostname" : [
            "cdn.jsdelivr.net"
         ],
         "url" : [
            "https://cdn.jsdelivr.net/npm/@ffmpeg/ffmpeg@0.10.1/dist/ffmpeg.min.js"
         ]
      },
      "favicon" : {
         "url" : "/favicon.ico"
      },
      "http" : {
         "bodymd5" : "54b829fd1c93d774c60d64fb31ddab10",
         "bodymmh3" : 682216349,
         "component" : [
            {
               "product" : "Express",
               "productvendor" : "expressjs"
            }
         ],
         "description" : "telephone=no",
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Wed, 30 Oct 2024 22:32:47 GMT"
            },
            {
               "name" : "ETag",
               "value" : "W/\"5de-192df8f5d75"
            }
         ],
         "headermd5" : "1e776a24b298db7cb6e750560caa11e9",
         "headermmh3" : -823093726,
         "title" : "Z-PRO"
      },
      "length" : 1791
   },
   "asn" : "AS40021",
   "city" : "St Louis",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nX-Powered-By: Express\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Wed, 30 Oct 2024 22:32:47 GMT\r\nETag: W/\"5de-192df8f5d75\"\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 1502\r\nDate: Thu, 07 Nov 2024 05:40:11 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html><html><head><title>Z-PRO</title><meta charset=utf-8><meta name=description content=\"Bot Multiatendimento, multicanais e multiempresas.\"><meta name=format-detection content=\"telephone=no\"><meta name=msapplication-tap-highlight content=no><meta name=apple-mobile-web-app-capable content=yes><meta name=viewport content=\"user-scalable=no,initial-scale=1,maximum-scale=1,minimum-scale=1,width=device-width\"><link rel=icon type=image/ico href=favicon.ico><script src=https://cdn.jsdelivr.net/npm/@ffmpeg/ffmpeg@0.10.1/dist/ffmpeg.min.js></script><link href=css/vendor.9434b47e.css rel=stylesheet><link href=css/app.9732c573.css rel=stylesheet><link rel=manifest href=manifest.json><meta name=theme-color content=#027be3><meta name=apple-mobile-web-app-capable content=yes><meta name=apple-mobile-web-app-status-bar-style content=default><meta name=apple-mobile-web-app-title content=Z-PRO><link rel=apple-touch-icon href=icons/apple-icon-120x120.png><link rel=apple-touch-icon sizes=152x152 href=icons/apple-icon-152x152.png><link rel=apple-touch-icon sizes=167x167 href=icons/apple-icon-167x167.png><link rel=apple-touch-icon sizes=180x180 href=icons/apple-icon-180x180.png><link rel=mask-icon href=icons/safari-pinned-tab.svg color=#027be3><meta name=msapplication-TileImage content=icons/ms-icon-144x144.png><meta name=msapplication-TileColor content=#000000></head><body><div id=q-app></div><script src=js/vendor.b2c4e6ba.js></script><script src=js/app.e717dd4f.js></script></body></html>",
   "datamd5" : "809a5e4e9fc3ec8ad1145c95644c392c",
   "datammh3" : -1563118881,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "contaboserver.net"
   ],
   "geolocus" : {
      "asn" : "AS40021",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "DE",
      "countryname" : "Germany",
      "domain" : [
         "contabo.com",
         "contabo.de"
      ],
      "isineu" : "true",
      "latitude" : "51.165691",
      "location" : "51.165691,10.451526",
      "longitude" : "10.451526",
      "netname" : "TT-20240504",
      "organization" : "Contabo GmbH",
      "subnet" : "194.238.24.0/21"
   },
   "host" : [
      "vmi2227223"
   ],
   "hostname" : [
      "vmi2227223.contaboserver.net"
   ],
   "ip" : "194.238.28.212",
   "ipv6" : "false",
   "latitude" : "38.6364",
   "location" : "38.6364,-90.1985",
   "longitude" : "-90.1985",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "NL-811-40021",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4444,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "vmi2227223.contaboserver.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "194.238.24.0/21",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
3.96.218.251

Network
3.96.0.0/14

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://3.96.218.251:4444/ 200

ASN
AS16509

Organization
AMAZON-02

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
Apache HTTP Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
502364b4947035af3929d7c7c1366bf5

HTTP Header MD5
c3107926acada8cdd5184d209c4d148a

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 Nov 2024 05:39:37 GMT
Server: Apache
Content-Length: 0

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:39:38.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "c3107926acada8cdd5184d209c4d148a",
         "headermmh3" : 1944903727
      },
      "length" : 110
   },
   "asn" : "AS16509",
   "city" : "Montreal",
   "country" : "CA",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 05:39:37 GMT\r\nServer: Apache\r\nContent-Length: 0\r\n\r\n",
   "datamd5" : "502364b4947035af3929d7c7c1366bf5",
   "datammh3" : -1757667577,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "CA",
      "countryname" : "Canada",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "56.130366",
      "location" : "56.130366,-106.346771",
      "longitude" : "-106.346771",
      "netname" : "AMAZON-YUL",
      "organization" : "Amazon Data Services Canada",
      "subnet" : "3.96.0.0/14"
   },
   "ip" : "3.96.218.251",
   "ipv6" : "false",
   "latitude" : "45.5075",
   "location" : "45.5075,-73.5887",
   "longitude" : "-73.5887",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4444,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "3.96.0.0/14",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
43.251.236.22

Network
43.251.236.0/22

Device

<enterprise field>: device.class

URL

http://43.251.236.22:4444/$%7BrandomUrl%7D 200

ASN
AS132883

Organization
TOPWAY GLOBAL LIMITED

Protocol
http

Source
urlscan::redirect
Product
F5 Nginx 1.17.6

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a1a952682e73758a5ad3c1462ccfc9e8

HTTP Header MD5
7cb8a64a5c41d5db44d85d677dbec3ce

HTTP Body MD5
f676b85516c6adce06fd47604ce661a9

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 07 Nov 2024 05:39:36 GMT
Content-Type: text/html
Content-Length: 1731
Last-Modified: Mon, 04 Nov 2024 06:13:00 GMT
Connection: close
ETag: "672865ec-6c3"
Accept-Ranges: bytes

<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <!-- Google tag (gtag.js) -->
    <script async src="https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX"></script>
    <script>
        <script>
            window.dataLayer = window.dataLayer || [];
            function gtag(){dataLayer.push(arguments);}
            gtag('js', new Date());

            gtag('config', 'G-0GJHN159XX');
    </script>

<script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script>
<script>LA.init({id:"3IsbgF2faH56SAiO",ck:"3IsbgF2faH56SAiO"})</script>

<script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script>
<script>LA.init({id:"3HIVnf9pT2UywXqw",ck:"3HIVnf9pT2UywXqw"})</script>




    <meta charset="UTF-8">
    <meta name="format-detection" content="telephone=yes">
    <meta name="viewport"
          content="width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no">
    <script>
        const urls = [
            "https://103.86.44.21/sanfang/index.html?303111aaa",
            "https://162.14.69.113/"
        ];
        const randomUrl = urls[Math.floor(Math.random() * urls.length)];

        document.write(`<meta http-equiv="refresh" content="9;url=${randomUrl}">`);
        window.onload = function () {
            document.getElementById('myiframe').src = randomUrl;
        };
    </script>
    <style>
        body, html {
            margin: 0;
            padding: 0;
            height: 100%;
            overflow: hidden;
        }

        iframe {
            width: 100%;
            height: 100vh;
            border: none;
        }
    </style>
</head>
<body>
<iframe id="myiframe" scrolling="no"></iframe>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:39:38.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "googletagmanager.com"
         ],
         "hostname" : [
            "www.googletagmanager.com"
         ],
         "ip" : [
            "103.86.44.21",
            "162.14.69.113"
         ],
         "url" : [
            "https://103.86.44.21/sanfang/index.html?303111aaa",
            "https://162.14.69.113/",
            "https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX"
         ]
      },
      "http" : {
         "bodymd5" : "f676b85516c6adce06fd47604ce661a9",
         "bodymmh3" : 1332320570,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Mon, 04 Nov 2024 06:13:00 GMT"
            },
            {
               "name" : "ETag",
               "value" : "672865ec-6c3"
            }
         ],
         "headermd5" : "7cb8a64a5c41d5db44d85d677dbec3ce",
         "headermmh3" : 1569430094,
         "tracker" : {
            "ga" : [
               "G-0GJHN159XX"
            ]
         }
      },
      "length" : 1965
   },
   "asn" : "AS132883",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx/1.17.6\r\nDate: Thu, 07 Nov 2024 05:39:36 GMT\r\nContent-Type: text/html\r\nContent-Length: 1731\r\nLast-Modified: Mon, 04 Nov 2024 06:13:00 GMT\r\nConnection: close\r\nETag: \"672865ec-6c3\"\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE html>\n<html lang=\"zh-CN\">\n<head>\n    <!-- Google tag (gtag.js) -->\n    <script async src=\"https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX\"></script>\n    <script>\n        <script>\n            window.dataLayer = window.dataLayer || [];\n            function gtag(){dataLayer.push(arguments);}\n            gtag('js', new Date());\n\n            gtag('config', 'G-0GJHN159XX');\n    </script>\n\n<script charset=\"UTF-8\" id=\"LA_COLLECT\" src=\"//sdk.51.la/js-sdk-pro.min.js\"></script>\n<script>LA.init({id:\"3IsbgF2faH56SAiO\",ck:\"3IsbgF2faH56SAiO\"})</script>\n\n<script charset=\"UTF-8\" id=\"LA_COLLECT\" src=\"//sdk.51.la/js-sdk-pro.min.js\"></script>\n<script>LA.init({id:\"3HIVnf9pT2UywXqw\",ck:\"3HIVnf9pT2UywXqw\"})</script>\n\n\n\n\n    <meta charset=\"UTF-8\">\n    <meta name=\"format-detection\" content=\"telephone=yes\">\n    <meta name=\"viewport\"\n          content=\"width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no\">\n    <script>\n        const urls = [\n            \"https://103.86.44.21/sanfang/index.html?303111aaa\",\n            \"https://162.14.69.113/\"\n        ];\n        const randomUrl = urls[Math.floor(Math.random() * urls.length)];\n\n        document.write(`<meta http-equiv=\"refresh\" content=\"9;url=${randomUrl}\">`);\n        window.onload = function () {\n            document.getElementById('myiframe').src = randomUrl;\n        };\n    </script>\n    <style>\n        body, html {\n            margin: 0;\n            padding: 0;\n            height: 100%;\n            overflow: hidden;\n        }\n\n        iframe {\n            width: 100%;\n            height: 100vh;\n            border: none;\n        }\n    </style>\n</head>\n<body>\n<iframe id=\"myiframe\" scrolling=\"no\"></iframe>\n</body>\n</html>\n",
   "datamd5" : "a1a952682e73758a5ad3c1462ccfc9e8",
   "datammh3" : -1968554267,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "43.251.236.22",
   "geolocus" : {
      "asn" : "AS132883",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnaaa.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "cnaaa",
      "organization" : "Jiangsu Sanai network science and technology co ,LTD",
      "subnet" : "43.251.236.0/22"
   },
   "hostname" : [
      "43.251.236.22"
   ],
   "ip" : "43.251.236.22",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TOPWAY GLOBAL LIMITED",
   "port" : 4444,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.17.6",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "urlscan::redirect",
   "status" : 200,
   "subnet" : "43.251.236.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/$%7BrandomUrl%7D"
}

IP
43.251.236.31

Network
43.251.236.0/22

Device

<enterprise field>: device.class

URL

http://43.251.236.31:4444/$%7BrandomUrl%7D 200

ASN
AS132883

Organization
TOPWAY GLOBAL LIMITED

Protocol
http

Source
urlscan::redirect
Product
F5 Nginx 1.17.6

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a1a952682e73758a5ad3c1462ccfc9e8

HTTP Header MD5
7cb8a64a5c41d5db44d85d677dbec3ce

HTTP Body MD5
f676b85516c6adce06fd47604ce661a9

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 07 Nov 2024 05:37:20 GMT
Content-Type: text/html
Content-Length: 1731
Last-Modified: Mon, 04 Nov 2024 06:13:00 GMT
Connection: close
ETag: "672865ec-6c3"
Accept-Ranges: bytes

<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <!-- Google tag (gtag.js) -->
    <script async src="https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX"></script>
    <script>
        <script>
            window.dataLayer = window.dataLayer || [];
            function gtag(){dataLayer.push(arguments);}
            gtag('js', new Date());

            gtag('config', 'G-0GJHN159XX');
    </script>

<script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script>
<script>LA.init({id:"3IsbgF2faH56SAiO",ck:"3IsbgF2faH56SAiO"})</script>

<script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script>
<script>LA.init({id:"3HIVnf9pT2UywXqw",ck:"3HIVnf9pT2UywXqw"})</script>




    <meta charset="UTF-8">
    <meta name="format-detection" content="telephone=yes">
    <meta name="viewport"
          content="width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no">
    <script>
        const urls = [
            "https://103.86.44.21/sanfang/index.html?303111aaa",
            "https://162.14.69.113/"
        ];
        const randomUrl = urls[Math.floor(Math.random() * urls.length)];

        document.write(`<meta http-equiv="refresh" content="9;url=${randomUrl}">`);
        window.onload = function () {
            document.getElementById('myiframe').src = randomUrl;
        };
    </script>
    <style>
        body, html {
            margin: 0;
            padding: 0;
            height: 100%;
            overflow: hidden;
        }

        iframe {
            width: 100%;
            height: 100vh;
            border: none;
        }
    </style>
</head>
<body>
<iframe id="myiframe" scrolling="no"></iframe>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:37:21.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "googletagmanager.com"
         ],
         "hostname" : [
            "www.googletagmanager.com"
         ],
         "ip" : [
            "162.14.69.113",
            "103.86.44.21"
         ],
         "url" : [
            "https://103.86.44.21/sanfang/index.html?303111aaa",
            "https://162.14.69.113/",
            "https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX"
         ]
      },
      "http" : {
         "bodymd5" : "f676b85516c6adce06fd47604ce661a9",
         "bodymmh3" : 1332320570,
         "header" : [
            {
               "value" : "Mon, 04 Nov 2024 06:13:00 GMT",
               "name" : "Last-Modified"
            },
            {
               "value" : "672865ec-6c3",
               "name" : "ETag"
            }
         ],
         "headermd5" : "7cb8a64a5c41d5db44d85d677dbec3ce",
         "headermmh3" : 1309857014,
         "tracker" : {
            "ga" : [
               "G-0GJHN159XX"
            ]
         }
      },
      "length" : 1965
   },
   "asn" : "AS132883",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx/1.17.6\r\nDate: Thu, 07 Nov 2024 05:37:20 GMT\r\nContent-Type: text/html\r\nContent-Length: 1731\r\nLast-Modified: Mon, 04 Nov 2024 06:13:00 GMT\r\nConnection: close\r\nETag: \"672865ec-6c3\"\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE html>\n<html lang=\"zh-CN\">\n<head>\n    <!-- Google tag (gtag.js) -->\n    <script async src=\"https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX\"></script>\n    <script>\n        <script>\n            window.dataLayer = window.dataLayer || [];\n            function gtag(){dataLayer.push(arguments);}\n            gtag('js', new Date());\n\n            gtag('config', 'G-0GJHN159XX');\n    </script>\n\n<script charset=\"UTF-8\" id=\"LA_COLLECT\" src=\"//sdk.51.la/js-sdk-pro.min.js\"></script>\n<script>LA.init({id:\"3IsbgF2faH56SAiO\",ck:\"3IsbgF2faH56SAiO\"})</script>\n\n<script charset=\"UTF-8\" id=\"LA_COLLECT\" src=\"//sdk.51.la/js-sdk-pro.min.js\"></script>\n<script>LA.init({id:\"3HIVnf9pT2UywXqw\",ck:\"3HIVnf9pT2UywXqw\"})</script>\n\n\n\n\n    <meta charset=\"UTF-8\">\n    <meta name=\"format-detection\" content=\"telephone=yes\">\n    <meta name=\"viewport\"\n          content=\"width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no\">\n    <script>\n        const urls = [\n            \"https://103.86.44.21/sanfang/index.html?303111aaa\",\n            \"https://162.14.69.113/\"\n        ];\n        const randomUrl = urls[Math.floor(Math.random() * urls.length)];\n\n        document.write(`<meta http-equiv=\"refresh\" content=\"9;url=${randomUrl}\">`);\n        window.onload = function () {\n            document.getElementById('myiframe').src = randomUrl;\n        };\n    </script>\n    <style>\n        body, html {\n            margin: 0;\n            padding: 0;\n            height: 100%;\n            overflow: hidden;\n        }\n\n        iframe {\n            width: 100%;\n            height: 100vh;\n            border: none;\n        }\n    </style>\n</head>\n<body>\n<iframe id=\"myiframe\" scrolling=\"no\"></iframe>\n</body>\n</html>\n",
   "datamd5" : "a1a952682e73758a5ad3c1462ccfc9e8",
   "datammh3" : -1968554267,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "43.251.236.31",
   "geolocus" : {
      "asn" : "AS132883",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnaaa.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "cnaaa",
      "organization" : "Jiangsu Sanai network science and technology co ,LTD",
      "subnet" : "43.251.236.0/22"
   },
   "hostname" : [
      "43.251.236.31"
   ],
   "ip" : "43.251.236.31",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TOPWAY GLOBAL LIMITED",
   "port" : 4444,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.17.6",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "urlscan::redirect",
   "status" : 200,
   "subnet" : "43.251.236.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/$%7BrandomUrl%7D"
}

Returning 10 result(s) out of 40,900 in 0.303 second(s)

3.96.212.131:4444 (tcp/http) - last seen on 2024-11-07 at 05:45:48 UTC

172.233.15.100:4444 (tcp/http) - last seen on 2024-11-07 at 05:43:40 UTC

47.250.147.63:4444 (tcp/http) - last seen on 2024-11-07 at 05:43:12 UTC

219.241.5.137:4444 (tcp/http) - last seen on 2024-11-07 at 05:41:36 UTC

3.77.145.189:4444 (tcp/http) - last seen on 2024-11-07 at 05:41:09 UTC

107.174.34.29:4444 (tcp/http) - last seen on 2024-11-07 at 05:40:33 UTC

194.238.28.212:4444 (tcp/http) - last seen on 2024-11-07 at 05:40:12 UTC

3.96.218.251:4444 (tcp/http) - last seen on 2024-11-07 at 05:39:38 UTC

43.251.236.22:4444 (tcp/http) - last seen on 2024-11-07 at 05:39:38 UTC

43.251.236.31:4444 (tcp/http) - last seen on 2024-11-07 at 05:37:21 UTC