Cyber Defense Search Engine

datascan ctl threatlist sniffer vulnscan riskscan

1
2
3
4
...
next >

IP
189.237.161.116

Network
189.237.0.0/16

Domain(s)
prod-infinitum.com.mx

Device

<enterprise field>: device.class

Operating System
FreeBSD FreeBSD

URL

http://189.237.161.116:4782/ 404

HTTP Title
404 Not Found

Reverse DNS
dsl-189-237-161-116-dyn.prod-infinitum.com.mx

ASN
AS8151

Organization
UNINET

Protocol
http

Source
datascan
Operating System
FreeBSD FreeBSD

Product
Apache HTTP Server 2.4.54

HTTP Component(s)
Python Python 2.7.18 OpenSSL OpenSSL 1.0.2u Apache mod_wsgi 3.5

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
4d5d4c5ecd8314f462b04fb3f2cff0d1

HTTP Header MD5
cea6a73fd742f08d4156bb03458585be

HTTP Body MD5
62962daa1b19bbcc2db10b7bfd531ea6

HTTP/1.1 404 Not Found
Date: Thu, 07 Nov 2024 03:31:23 GMT
Server: Apache/2.4.54 (Unix) mod_fastcgi/mod_fastcgi-SNAP-0910052141 OpenSSL/1.0.2u mod_wsgi/3.5 Python/2.7.18
Content-Length: 196
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:31:23.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "62962daa1b19bbcc2db10b7bfd531ea6",
         "bodymmh3" : -780928015,
         "component" : [
            {
               "product" : "OpenSSL",
               "productversion" : "1.0.2u",
               "productvendor" : "OpenSSL"
            },
            {
               "productversion" : "2.7.18",
               "productvendor" : "Python",
               "product" : "Python"
            },
            {
               "product" : "mod_wsgi",
               "productversion" : "3.5",
               "productvendor" : "Apache"
            }
         ],
         "headermd5" : "cea6a73fd742f08d4156bb03458585be",
         "headermmh3" : 372915866,
         "title" : "404 Not Found"
      },
      "length" : 456
   },
   "asn" : "AS8151",
   "city" : "Chihuahua City",
   "country" : "MX",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 404 Not Found\r\nDate: Thu, 07 Nov 2024 03:31:23 GMT\r\nServer: Apache/2.4.54 (Unix) mod_fastcgi/mod_fastcgi-SNAP-0910052141 OpenSSL/1.0.2u mod_wsgi/3.5 Python/2.7.18\r\nContent-Length: 196\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p>The requested URL was not found on this server.</p>\n</body></html>\n",
   "datamd5" : "4d5d4c5ecd8314f462b04fb3f2cff0d1",
   "datammh3" : 1613267194,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "prod-infinitum.com.mx"
   ],
   "geolocus" : {
      "asn" : "AS8151",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "MX",
      "countryname" : "Mexico",
      "domain" : [
         "prod-infinitum.com.mx",
         "uninet.com.mx"
      ],
      "isineu" : "false",
      "latitude" : "23.634501",
      "location" : "23.634501,-102.552784",
      "longitude" : "-102.552784",
      "netname" : "MX-USCV4-LACNIC",
      "organization" : "UNINET",
      "subnet" : "189.237.0.0/16"
   },
   "host" : [
      "dsl-189-237-161-116-dyn"
   ],
   "hostname" : [
      "dsl-189-237-161-116-dyn.prod-infinitum.com.mx"
   ],
   "ip" : "189.237.161.116",
   "ipv6" : "false",
   "latitude" : "28.7137",
   "location" : "28.7137,-106.2090",
   "longitude" : "-106.2090",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "UNINET",
   "os" : "FreeBSD",
   "osvendor" : "FreeBSD",
   "port" : 4782,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.54",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Found",
   "reverse" : [
      "dsl-189-237-161-116-dyn.prod-infinitum.com.mx"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 404,
   "subnet" : "189.237.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com.mx"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
62.234.24.109

Network
62.234.0.0/16

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://62.234.24.109:4782/ 400

HTTP Title
400 The plain HTTP request was sent to HTTPS port

ASN
AS45090

Organization
Shenzhen Tencent Computer Systems Company Limited

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
F5 Nginx 1.23.3

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
8f4262e9d39fce1d46cbd86caba71bc9

HTTP Header MD5
c3aa27ed3b42ce6989c1a3b3b1fda80b

HTTP Body MD5
04672d0a98ffcd457c06e5be0e5ee243

HTTP/1.1 400 Bad Request
Server: nginx/1.23.3
Date: Thu, 07 Nov 2024 03:31:18 GMT
Content-Type: text/html
Content-Length: 255
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.23.3</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:31:19.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "04672d0a98ffcd457c06e5be0e5ee243",
         "bodymmh3" : -1165575734,
         "headermd5" : "c3aa27ed3b42ce6989c1a3b3b1fda80b",
         "headermmh3" : 1261560222,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 407
   },
   "asn" : "AS45090",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.23.3\r\nDate: Thu, 07 Nov 2024 03:31:18 GMT\r\nContent-Type: text/html\r\nContent-Length: 255\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.23.3</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "8f4262e9d39fce1d46cbd86caba71bc9",
   "datammh3" : -938381467,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS45090",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "tencent.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "TENCENT-CN",
      "organization" : "Tencent Cloud Computing (Beijing) Co., Ltd",
      "subnet" : "62.234.0.0/16"
   },
   "ip" : "62.234.24.109",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Shenzhen Tencent Computer Systems Company Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4782,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.23.3",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "62.234.0.0/16",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
78.131.119.16

Network
78.131.0.0/17

Device

<enterprise field>: device.class

ASN
AS20845

Organization
DIGI Tavkozlesi es Szolgaltato Kft.

Protocol
unknown

Source
datascan

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
98e07eb67f7a7da6b848684089771e2c

\xff\xb9\xa7\x9d\xfa;\x07	>+~x\xd7?\x19\xd5\xb2\xa4\xe1_k\xc8\xb4\xdf\xc9\x04a\xc7 \xd3\x8c\xe4\x80\xfd#}+\xec\xee\xac\x05cC\x90\xc3\x97;$\xb3\xb2\xe7\x15\xd0\xb9\xf4N)p\x81\xd5\xa2\xa7\xa0\xd8\x16\x85g\x1f67{\xa3\x9cv\xa5i\xb5\xfd\xa3mpB\x95\xdac\x10\x94\xadf\x966v\\xe9\xd3*\xe8\xcd>s\x1ci\x8e\xb1\xebp\xd5\xc3\xfcr\xcc\xa4h\xddN \xbf\xfd;k\xca\xe6\xba\xcb\x0b\x7f`\xa6f\x95E\xa6\xb9\xd9\xdc0\xfa\?\x1e\x97\xda\x85.\xd1\xa4R\xa9,:\xd5s\x89\x90\xe3\x85\x15\x84\xeb\x8d\xd2\x914NLy\x87\x9cT \x1b\x0d\xbd\xb9\x94+\xfb\x14- Y(\xa2\x13\xd2\x8b\xd7\x87\xed\x1dy\xd1?}\xa9\xda\xa5u]'\xb8\xec\xb2\xd03\x8cOu\xbb+	\xb6\xf4\x04$\xe1\xfd\x04\x07	&\xc0\x89\xa6\xefj>8\xa2\xd6q\xe9z\x8f\x83\xa8\x93Z_\xad\xe4\x94I TIb\xc1\xacr\x9ep\xa4d\xf0\xe8\xa9\xaf\xc57\x97\xab\x9c\x13\x01\xfe+\xaf\xb1\x9c\xa3\xa7W\xae\xf3\xb7\x82\xb4\xf1\x1c\x84\x1d%i\x0cl&I\x9c\x16\x00n\xa78\x15\xa8\x18]\x9fm\x82[\xa3%\xec\\xac\xab\xe1O\xeb\xe4\xbf\x97&\x0f?\xbc\xdad\xdc\xd5\x99\xc7\xe3H\x1b\xf4Fd\x1fs\xcf\xbc\x8f\x0e\x02N	RV\xbf\x16\xe2\xcdlA[\x85\xda\x98\xdf9\xc01&\xb1\xac\xc9T\xcf\x08\x91+wI\xf369{\xe3\xd7\xbb\xd5\x7f\xd5\x90J\x9d8\xff8@\x16\xdb\xd5\x82\xe0\xf1C\xe1\x16\xf1y\x83\x86\x83\xe8

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:30:21.000Z",
   "app" : {
      "length" : 398
   },
   "asn" : "AS20845",
   "city" : "Budapest",
   "country" : "HU",
   "data" : "\\xff\\xb9\\xa7\\x9d\\xfa;\\x07\t>+~x\\xd7?\\x19\\xd5\\xb2\\xa4\\xe1_k\\xc8\\xb4\\xdf\\xc9\\x04a\\xc7 \\xd3\\x8c\\xe4\\x80\\xfd#}+\\xec\\xee\\xac\\x05cC\\x90\\xc3\\x97;$\\xb3\\xb2\\xe7\\x15\\xd0\\xb9\\xf4N)p\\x81\\xd5\\xa2\\xa7\\xa0\\xd8\\x16\\x85g\\x1f67{\\xa3\\x9cv\\xa5i\\xb5\\xfd\\xa3mpB\\x95\\xdac\\x10\\x94\\xadf\\x966v\\\\xe9\\xd3*\\xe8\\xcd>s\\x1ci\\x8e\\xb1\\xebp\\xd5\\xc3\\xfcr\\xcc\\xa4h\\xddN \\xbf\\xfd;k\\xca\\xe6\\xba\\xcb\\x0b\\x7f`\\xa6f\\x95E\\xa6\\xb9\\xd9\\xdc0\\xfa\\?\\x1e\\x97\\xda\\x85.\\xd1\\xa4R\\xa9,:\\xd5s\\x89\\x90\\xe3\\x85\\x15\\x84\\xeb\\x8d\\xd2\\x914NLy\\x87\\x9cT \\x1b\\x0d\\xbd\\xb9\\x94+\\xfb\\x14- Y(\\xa2\\x13\\xd2\\x8b\\xd7\\x87\\xed\\x1dy\\xd1?}\\xa9\\xda\\xa5u]'\\xb8\\xec\\xb2\\xd03\\x8cOu\\xbb+\t\\xb6\\xf4\\x04$\\xe1\\xfd\\x04\\x07\t&\\xc0\\x89\\xa6\\xefj>8\\xa2\\xd6q\\xe9z\\x8f\\x83\\xa8\\x93Z_\\xad\\xe4\\x94I TIb\\xc1\\xacr\\x9ep\\xa4d\\xf0\\xe8\\xa9\\xaf\\xc57\\x97\\xab\\x9c\\x13\\x01\\xfe+\\xaf\\xb1\\x9c\\xa3\\xa7W\\xae\\xf3\\xb7\\x82\\xb4\\xf1\\x1c\\x84\\x1d%i\\x0cl&I\\x9c\\x16\\x00n\\xa78\\x15\\xa8\\x18]\\x9fm\\x82[\\xa3%\\xec\\\\xac\\xab\\xe1O\\xeb\\xe4\\xbf\\x97&\\x0f?\\xbc\\xdad\\xdc\\xd5\\x99\\xc7\\xe3H\\x1b\\xf4Fd\\x1fs\\xcf\\xbc\\x8f\\x0e\\x02N\tRV\\xbf\\x16\\xe2\\xcdlA[\\x85\\xda\\x98\\xdf9\\xc01&\\xb1\\xac\\xc9T\\xcf\\x08\\x91+wI\\xf369{\\xe3\\xd7\\xbb\\xd5\\x7f\\xd5\\x90J\\x9d8\\xff8@\\x16\\xdb\\xd5\\x82\\xe0\\xf1C\\xe1\\x16\\xf1y\\x83\\x86\\x83\\xe8",
   "datamd5" : "98e07eb67f7a7da6b848684089771e2c",
   "datammh3" : 31044293,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS20845",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "HU",
      "countryname" : "Hungary",
      "domain" : [
         "digi.hu",
         "digikabel.hu",
         "hdsnet.hu"
      ],
      "isineu" : "true",
      "latitude" : "47.162494",
      "location" : "47.162494,19.503304",
      "longitude" : "19.503304",
      "netname" : "DIGI-1",
      "organization" : "DIGI-1",
      "subnet" : "78.131.112.0/21"
   },
   "ip" : "78.131.119.16",
   "ipv6" : "false",
   "latitude" : "47.5636",
   "location" : "47.5636,19.0947",
   "longitude" : "19.0947",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "DIGI Tavkozlesi es Szolgaltato Kft.",
   "port" : 4782,
   "protocol" : "unknown",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "78.131.0.0/17",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
90.188.7.239

Network
90.188.0.0/19

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://90.188.7.239:4782/ 200

HTTP Title
Macroscop

ASN
AS12846

Organization
Rostelecom

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
3fcbcbd5985fbea1762aee92aa149587

HTTP Header MD5
be433812701c2cadd3303fac3bcb38e4

HTTP Body MD5
c012289bc90407ace8b6113b227602cb

HTTP/1.1 200 OK
Content-Length: 1546
Content-Type: text/html
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 07 Nov 2024 03:28:47 GMT
Connection: close


				<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>Macroscop</title>
				<style type="text/css">
				   .main-block  
				   {
   						width: 470;   		
						margin-left:auto;
						margin-right:auto;
						border: 1px solid #000000;
				   }
				   .links-and-info  
				   {    	
   						height: 160;	   		
						margin-left:auto;
						margin-right:auto;		
						border: 0px solid #0000ff;	
						background: #fff5dc;		
				   }
				   .links  
				   {   
   						margin-top: 20;   		
	 					float: left;
						width: 30%;					
				   }
				   .info  
				   {       	
   						float: left;
						width: 70%;		
						margin-top: 30;		
				   }   
				  </style> 
				  </head>
				<body>
				<div class="main-block" >		
					<div class="mcheader"   >
						<img src="web/header.png" height="auto"  width="100%" alt="Macroscop" style="max-height: 90px;"/>
					</div>
					<div  class="links-and-info" >	
						<div class="links" align="center"><a href="web/index.html?lang=ru">
												<button ><img  src="web/macroscop.png"/>
												<p style="margin-top: 0.3em;">Web-Клиент </p>
												</button></a>

						</div>
						<div class="info" ><span>Название конфигурации: Popov.<br /> Текущее состояние: Сервер активен. <br /> Время запуска: 31.10.2024 16:20:41. <br /> Версия сервера: 2.1.24</span></div>		
					</div>	
				 </div>
				</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:28:41.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "c012289bc90407ace8b6113b227602cb",
         "bodymmh3" : 896222689,
         "headermd5" : "be433812701c2cadd3303fac3bcb38e4",
         "headermmh3" : -1865445392,
         "title" : "Macroscop"
      },
      "length" : 1699
   },
   "asn" : "AS12846",
   "country" : "RU",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Length: 1546\r\nContent-Type: text/html\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 07 Nov 2024 03:28:47 GMT\r\nConnection: close\r\n\r\n\ufeff\r\n\t\t\t\t<html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"><title>Macroscop</title>\r\n\t\t\t\t<style type=\"text/css\">\r\n\t\t\t\t   .main-block  \r\n\t\t\t\t   {\r\n   \t\t\t\t\t\twidth: 470;   \t\t\r\n\t\t\t\t\t\tmargin-left:auto;\r\n\t\t\t\t\t\tmargin-right:auto;\r\n\t\t\t\t\t\tborder: 1px solid #000000;\r\n\t\t\t\t   }\r\n\t\t\t\t   .links-and-info  \r\n\t\t\t\t   {    \t\r\n   \t\t\t\t\t\theight: 160;\t   \t\t\r\n\t\t\t\t\t\tmargin-left:auto;\r\n\t\t\t\t\t\tmargin-right:auto;\t\t\r\n\t\t\t\t\t\tborder: 0px solid #0000ff;\t\r\n\t\t\t\t\t\tbackground: #fff5dc;\t\t\r\n\t\t\t\t   }\r\n\t\t\t\t   .links  \r\n\t\t\t\t   {   \r\n   \t\t\t\t\t\tmargin-top: 20;   \t\t\r\n\t \t\t\t\t\tfloat: left;\r\n\t\t\t\t\t\twidth: 30%;\t\t\t\t\t\r\n\t\t\t\t   }\r\n\t\t\t\t   .info  \r\n\t\t\t\t   {       \t\r\n   \t\t\t\t\t\tfloat: left;\r\n\t\t\t\t\t\twidth: 70%;\t\t\r\n\t\t\t\t\t\tmargin-top: 30;\t\t\r\n\t\t\t\t   }   \r\n\t\t\t\t  </style> \r\n\t\t\t\t  </head>\r\n\t\t\t\t<body>\r\n\t\t\t\t<div class=\"main-block\" >\t\t\r\n\t\t\t\t\t<div class=\"mcheader\"   >\r\n\t\t\t\t\t\t<img src=\"web/header.png\" height=\"auto\"  width=\"100%\" alt=\"Macroscop\" style=\"max-height: 90px;\"/>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<div  class=\"links-and-info\" >\t\r\n\t\t\t\t\t\t<div class=\"links\" align=\"center\"><a href=\"web/index.html?lang=ru\">\r\n\t\t\t\t\t\t\t\t\t\t\t\t<button ><img  src=\"web/macroscop.png\"/>\r\n\t\t\t\t\t\t\t\t\t\t\t\t<p style=\"margin-top: 0.3em;\">Web-\u041a\u043b\u0438\u0435\u043d\u0442 </p>\r\n\t\t\t\t\t\t\t\t\t\t\t\t</button></a>\r\n\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t<div class=\"info\" ><span>\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438: Popov.<br /> \u0422\u0435\u043a\u0443\u0449\u0435\u0435 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435: \u0421\u0435\u0440\u0432\u0435\u0440 \u0430\u043a\u0442\u0438\u0432\u0435\u043d. <br /> \u0412\u0440\u0435\u043c\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430: 31.10.2024 16:20:41. <br /> \u0412\u0435\u0440\u0441\u0438\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u0430: 2.1.24</span></div>\t\t\r\n\t\t\t\t\t</div>\t\r\n\t\t\t\t </div>\r\n\t\t\t\t</body></html>\r\n\t\t\t\r\n",
   "datamd5" : "3fcbcbd5985fbea1762aee92aa149587",
   "datammh3" : 1458007362,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS12846",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "RU",
      "countryname" : "Russia",
      "domain" : [
         "ab.ru",
         "rt.ru"
      ],
      "isineu" : "false",
      "latitude" : "61.52401",
      "location" : "61.52401,105.318756",
      "longitude" : "105.318756",
      "netname" : "WEBSTREAM",
      "organization" : "Allocation for Altay regional branch of OJSC \"Sibirtelecom",
      "subnet" : "90.188.4.0/22"
   },
   "ip" : "90.188.7.239",
   "ipv6" : "false",
   "latitude" : "55.7386",
   "location" : "55.7386,37.6068",
   "longitude" : "37.6068",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Rostelecom",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 4782,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "90.188.0.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
82.102.31.22

Network
82.102.16.0/20

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://82.102.31.22:4782/ 302

HTTP Title
302 Found

ASN
AS9009

Organization
M247 Europe SRL

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

Product
Server Server

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
d01eeb6a6923e88a55383f7d9f706f6d

HTTP Header MD5
87366acd3126b9318804da42bd42d33f

HTTP Body MD5
9adea8ca17896ec9470731b47df2bbee

HTTP/1.1 302 Found
Date: Thu, 07 Nov 2024 03:28:38 UTC
Server: server
X-XSS-Protection: 1; mode=block
X-Frame-Options: SameOrigin
X-Content-Type-Options: nosniff
Location: https://<ip>:4782/mifs/user/index.html
Content-Length: 288
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://<ip>:4782/mifs/user/index.html">here</a>.</p>
<hr>
<address>server Server at <ip> Port 4782</address>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:28:39.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "9adea8ca17896ec9470731b47df2bbee",
         "bodymmh3" : 1181517341,
         "headermd5" : "87366acd3126b9318804da42bd42d33f",
         "headermmh3" : -1825498275,
         "title" : "302 Found"
      },
      "length" : 582
   },
   "asn" : "AS9009",
   "city" : "Las Vegas",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nDate: Thu, 07 Nov 2024 03:28:38 UTC\r\nServer: server\r\nX-XSS-Protection: 1; mode=block\r\nX-Frame-Options: SameOrigin\r\nX-Content-Type-Options: nosniff\r\nLocation: https://<ip>:4782/mifs/user/index.html\r\nContent-Length: 288\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>302 Found</title>\n</head><body>\n<h1>Found</h1>\n<p>The document has moved <a href=\"https://<ip>:4782/mifs/user/index.html\">here</a>.</p>\n<hr>\n<address>server Server at <ip> Port 4782</address>\n</body></html>",
   "datamd5" : "d01eeb6a6923e88a55383f7d9f706f6d",
   "datammh3" : 1909479889,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9009",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "m247.ro"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "M247-LAS-VEGAS",
      "organization" : "M247 Ltd Las Vegas",
      "subnet" : "82.102.31.0/25"
   },
   "ip" : "82.102.31.22",
   "ipv6" : "false",
   "latitude" : "36.1685",
   "location" : "36.1685,-115.1164",
   "longitude" : "-115.1164",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "M247 Europe SRL",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4782,
   "product" : "Server",
   "productvendor" : "Server",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "82.102.16.0/20",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
151.236.24.85

Network
151.236.24.0/24

Device

<enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

Operating System
Citrix Gateway Firmware

URL

http://151.236.24.85:4782/ 200

HTTP Title
Citrix Login

ASN
AS50613

Organization
Advania Island ehf

Protocol
http

Source
datascan
Operating System
Citrix Gateway Firmware

Product
Apache HTTP Server

HTTP Component(s)
Citrix Application Delivery Controller

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
f50231a1ad3d593a592f090d4539250c

HTTP Header MD5
55170e92938f57cfcbf6e830ab224cb0

HTTP Body MD5
09ffec8653713e45192e22c38c577a1e

HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
content-length: 18752
server: Apache
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-fonts-linking.css; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data: blob:; font-src 'self' data: https://cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-sans/; frame-ancestors 'self'; object-src 'none';
feature-policy: camera 'none'; microphone 'none'; geolocation 'none'
referrer-policy: no-referrer
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">

<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta http-equiv="Pragma" content="no-cache" />
<title>Citrix Login</title>

<link rel="icon" type="image/ico" href="/favicon.ico"/>
<link rel="stylesheet" href="/admin_ui/common/css/ns/ui.css" type="text/css">
<script type="text/javascript" src="/admin_ui/common/js/jquery/jquery.min.js"></script>
<script type="text/javascript" src="/admin_ui/common/js/jquery/jquery.keyfilter.min.js"></script>
<style type="text/css">
.ns_alert_text a:hover
{
    color: #0000FF !important;
}

</style>
<!--[if IE]>
<style type="text/css">
.login_combo
{
    width: 83%;
}

.login_button_cell
{
    padding-right: 31px;
}
</style>
<![endif]-->
<script language="JavaScript" type="text/javascript">
var display_flag = "block";
var admin_gui_https_port = "443";
if(!document.all)
    display_flag = "table-row";

function checkform ( form )
{
    //getTimezoneOffset() will return (GMT - client) minutes. We need (client - GMT) seconds
    document.form1.timezone_offset.value = new Date().getTimezoneOffset() * -60;

    if (form.username.value === "") {
      show_error("Please enter user name", form.username);
      return false;
    }
    if (form.password.value === "") {
      show_error("Please enter password", form.password);
      return false;
    }

    form.username.value = addslashes(form.username.value);
    form.password.value = addslashes(form.password.value);

    form.username.value = encodeURIComponent(form.username.value);
    form.password.value = encodeURIComponent(form.password.value);

    loggingInText();
    var intervalId = setInterval(loggingInText, 200);
    $(".login_button").prop("disabled", true);

    return true ;
}

function addslashes(string) {
    return string.replace(/\\/g, '\\\\').
        replace(/\t/g, '\\t').
        replace(/\n/g, '\\n').
        replace(/\f/g, '\\f').
        replace(/\r/g, '\\r').
        replace(/"/g, '\\"');
}

function checkHTTP()
{
    if (location.protocol == "http:")
    {
        var login_link_anchor = $("<a>").attr("tabindex", "0").addClass("ns_login_link").append("Use https");

        login_link_anchor.click(function() {
            redirectToHTTPS();
        });

        login_link_anchor.keypress(function(e) {
            var keynum;

            if(window.event) // IE
            {
                keynum = e.keyCode;
            }
            else if(e.which) // Netscape/Firefox/Opera
            {
                keynum = e.which;
            }

            if(keynum == 13) //Enter key
            {
                login_link_anchor.click();
            }
        });

        $(".ns_login_secure").append(login_link_anchor);
    }
    else
    {
        $('.ns_login_secure').hide();

        return "";
    }
}

function redirectToHTTPS()
{
    var url_suffix = (admin_gui_https_port != "443" && admin_gui_https_port != 443) ? (":" + admin_gui_https_port): "";
    var url = "https://" + location.host + url_suffix;

    window.location.href = url;
}

function key_pressed(e)
{
    var keynum;

    if(window.event) // IE
        keynum = e.keyCode;
    else if(e.which) // Netscape/Firefox/Opera
        keynum = e.which;

    if(keynum == 13) //Enter key
        submit_form();

    return true;
}

var dots = 0;

function loggingInText() {
	$("#logintext").text("Logging On");
	if (dots < 3) {
		$('#loadingdots').append('.');
		dots++;
	} else {
		$('#loadingdots').html('');
		dots = 0;
	}
}

function submit_form()
{
    if(checkform(document.form1))
    {
        document.form1.submit();
    }
}

function is_options_shown()
{
    var startin_row = document.getElementById("ns_login_options");
    return (!startin_row.style || startin_row.style.display == "" || startin_row.style.display == display_flag);
}

function show_error(message, element)
{
    if(element)
    {
        setTimeout(function(){ element.focus();}, 500);
    }

    if(message)
    {
        $("#login_error").text(message);
        $("#login_error").css('visibility', 'visible');
    }
}

// Mapping used by decodeXml
var escaped_one_to_xml_special_map = {
    '&amp;': '&',
    '&quot;': '"',
    '&lt;': '<',
    '&gt;': '>',
    "&#039;": "'"
};

// To decode the strings which are encoded using php function htmlspecialchars in the backend
function decodeXml(string) {
    return string.replace(/(&quot;|&#039;|&lt;|&gt;|&amp;)/g,
        function(str, item) {
            return escaped_one_to_xml_special_map[item];
    });
}

function isSafari() {
  return /Safari/.test(navigator.userAgent) && /Apple Computer/.test(navigator.vendor);
}

function getSupportedVersionString() {
    try {
		var display_string = "Best viewed in IE8+, Firefox 3.6.25+, Chrome v19+ or Safari 5.1.1+(for Mac)";
		var nAgt = navigator.userAgent;
		var browserName = navigator.appName;
		var fullVersion = '' + parseFloat(navigator.appVersion);
		var majorVersion = parseInt(navigator.appVersion, 10);
		var nameOffset, verOffset, ix;
		var vendor = null;
		if (navigator.vendor !== null) vendor = navigator.vendor.toLowerCase();
		// User agents for IE http://msdn.microsoft.com/library/ms537503.aspx
		if ((nAgt.indexOf("Trident")) != -1) {
			if (nAgt.indexOf("rv:") != -1) {
				preg_match('/Trident\/\d{1,2}.\d{1,2}.*rv:([0-9]*)/', nAgt, $matches);
				browserName = "MSIE";
				fullVersion = $matches[1];
			} else if ((verOffset = nAgt.indexOf("MSIE")) != -1) {
				browserName = "MSIE";
				fullVersion = nAgt.substring(verOffset + 5);
			}
		}
        // For Edge.
        else if ((nAgt.indexOf("Edge")) != -1) {
            browserName = "EDGE";
        }
		// In Chrome, the true version is after "Chrome"
		else if ((verOffset = nAgt.indexOf("Chrome")) != -1) {
			browserName = "Chrome";
			fullVersion = nAgt.substring(verOffset + 7);
		}
		// In Safari, the true version is after "Safari" or after "Version"
		else if ((verOffset = nAgt.indexOf("Safari")) != -1) {
			browserName = "Safari";
			fullVersion = nAgt.substring(verOffset + 7);
			if ((verOffset = nAgt.indexOf("Version")) != -1) fullVersion = nAgt.substring(verOffset + 8);
		}
		// In Firefox, the true version is after "Firefox"
		else if ((verOffset = nAgt.indexOf("Firefox")) != -1) {
			browserName = "Firefox";
			fullVersion = nAgt.substring(verOffset + 8);
		}
		// If you can't detect the browser, return the not-supported warning string
		else {
			$(".ns_browser_not_supported_center").show();
			return;
		}
		// trim the fullVersion string at semicolon/space if present
		if ((ix = fullVersion.indexOf(";")) != -1) fullVersion = fullVersion.substring(0, ix);
		if ((ix = fullVersion.indexOf(" ")) != -1) fullVersion = fullVersion.substring(0, ix);
		majorVersion = parseInt('' + fullVersion, 10);
		if (isNaN(majorVersion)) {
			fullVersion = '' + parseFloat(navigator.appVersion);
			majorVersion = parseInt(navigator.appVersion, 10);
		}
		if ((browserName == "EDGE") ||
            (browserName == "MSIE" && compareFullVersion(fullVersion, "8")) || //IE
			(browserName == "Firefox" && compareFullVersion(fullVersion, "3.6.25")) || //Firefox
			(browserName == "Chrome" && compareFullVersion(fullVersion, "19") && vendor !== null && vendor.indexOf('google') != -1) || //chrome
			(browserName == "Safari" && compareFullVersion(fullVersion, "5.1.1") && vendor !== null && vendor.indexOf('apple') != -1) && nAgt.toLowerCase().indexOf('mac') != -1) //Safari for mac
		{
			$(".ns_login_center_content").show();
			return;
		} else {
			$(".ns_browser_not_supported_center").show();
			return;
		}
	} catch (err) {
		$(".ns_login_center_content").show();
		return;
	}
	$(".ns_login_center_content").show();
}

function show_login_pane()
{
    $(".ns_browser_not_supported_center").hide();
    $(".ns_login_center_content").show();
}

function compareFullVersion(a, b) //if a>b, return true, else return false
{

	if (a === b)
    {
       return true;
    }

    var a_components = a.split(".");
    var b_components = b.split(".");

    var len = Math.min(a_components.length, b_components.length);

    // loop while the components are equal
    for (var i = 0; i < len; i++)
    {
        // A bigger than B
        var val_a = parseInt(a_components[i]);
		var val_b = parseInt(b_components[i]);
		if(isNaN(val_a) || isNaN(val_b))
		 return false;
		if (parseInt(a_components[i]) > parseInt(b_components[i]))
        {
            return true;
        }

        // B bigger than A
        if (parseInt(a_components[i]) < parseInt(b_components[i]))
        {
            return false;
        }
    }

    // If one's a prefix of the other, the longer one is greater.
    if (a_components.length >= b_components.length)
    {
        return true;
    }

    return false;
}

show_eula = function(uname)
{
   $("#eula-text").html(eula_message);
   $("#ns_login_content").addClass("overlay");
   $("#eula-container").show();
   $("#eula-accepted").prop('checked', false);
   $("#username").val(uname)

}

close_eula = function()
{
   $("#ns_login_content").removeClass("overlay")
   $("#eula-container").hide();

}

continue_eula = function()
{
    var eula_accepted = $("#eula-checkbox").prop('checked');
    if (eula_accepted)
    {
        close_eula();
        $("#eula-accepted").prop('checked', eula_accepted);
    }
    else
    {
        $("#eula_error").show();
    }
}


</script>

</head>
<body class="ns_login_body">
<noscript>
    <div class="center_panel ns_alert_text">
        JavaScript is either disabled in or not supported by the Web browser. To continue logon, use a Web browser that supports JavaScript or enable JavaScript in your current browser.
    </div>
</noscript>

<form name="form1" action="/login/do_login" method="post" autocomplete="off" autocapitalize="off" onsubmit="return checkform(this);">
    <div class="ns_login_wrapper">
	    <div class="ns_login_inner_wrapper">
            <div class="ns_login_top" style="display: none;"></div>
			<div class="ns_login_center">
			    <div class="ns_browser_not_supported_center" >
		        	<span>Citrix ADC</span>
	              	<div class="ns_browser_not_supported_center_content">
		                <div class="ns_browser_not_supported_center_message"> Your browser is not supported. Please use one of the following browsers
		                </div>
	                 	<div>
	                       <div class="ns_browser_not_supported_browser_icon">
	                       		<div>
	                           		<img src="/admin_ui/rdx/core/css/internet-explorer.png" alt="Internet Explorer">
	                       			<div>8 and above</div>
	                   			</div>
	               			</div>
	                       <div class="ns_browser_not_supported_browser_icon">
	                       		<div>
	                       			<img src="/admin_ui/rdx/core/css/firefox.png" alt="Firefox">
	                       			<div>3.6.25 and above</div>
	                   			</div>
	               			</div>
	                       <div class="ns_browser_not_supported_browser_icon">
	                       		<div>
	                       			<img src="/admin_ui/rdx/core/css/chrome.png" alt="Chrome">
	                       			<div>15 and above</div>
	                       		</div>
	                   		</div>
	                       <div class="ns_browser_not_supported_browser_icon no_boder">
	                       		<div>
	                       			<img src="/admin_ui/rdx/core/css/safari.png" alt="Safari">
	                       			<div>5.1.3 and above</div>
	                   			</div>
	               			</div>
	                  	</div>
	                 	<p class="ns_browser_not_supported_center_message">
	                 		<a onkeypress="javascript: if(event.keyCode == 13) {show_login_pane(); event.preventDefault();}" onclick="show_login_pane()"> Continue, </a> I understand this browser may not be compatible.
	         			</p>
	              	</div>
		        </div>
		        <div class="ns_login_center_content">
					<div  class="ns_login_inner_div">
						<div  class="ns_login_form" >
                            <div id="login_error" class="login_error">
                            </div>
						   	<div id="ns_user_pass_section">
								<div class="ns_grid_text user_name">
                                    <span>User Name</span>

                                    <label for="username" style="display: none;">User Name</label>
                                    <input type="text" id="username" name="username" class="login_input" onfocus=1>
								</div>

								<div class="ns_grid_text login_password">
                                    <span>Password</span>

									<label for="password" style="display: none;">Password</label>
                                    <input type="password" name="password" id="password" class="login_input">
								</div>
                                    <div style="display:none">
                                        <label for="eula-accepted" style="display: none;">EULA</label>
                                        <input type="checkbox" name="eula" id="eula-accepted" value="TRUE">
                                    </div>
                                    <div class="login_button_cell">
                                        <label for="url" style="display: none;">URL</label>
                                        <input type="hidden" name="url" id="url" value="">

                                        <label for="timezone_offset" style="display: none;">Timezone Offset</label>
                                        <input type="hidden" name="timezone_offset" id="timezone_offset" value="">

                                        <button type="submit" class="login_button rdx_blue_button"><span id="logintext">Log On</span><span id="loadingdots"></span></button>
                                    </div>
                            </div>
							<div class="ns_login_logo ns_logo_placement">
                                <img src="/admin_ui/common/images/ADC_Horizontal.svg" alt="Citrix logo image" class="product_brand_logo"/>

								<div class="ns_login_secure"></div>
							</div>
						</div>
					</div>
			</div>
		    </div>
		    </div>
		</div>
	</div>
</form>

<script language="JavaScript" type="text/javascript">
//Don't allow this page to be embedded inside a frame
if(self != top)
{
    document.getElementsByTagName("body")[0].style.display = "none";
    top.location = self.location;
}
else
{

    $('form[name="form1"] #username').focus();
}

function input_hints() {
    var inputs = document.getElementsByTagName("input");
    for (var i = 0; i < inputs.length; i++) {
            // test to see if the hint span exists first
            if (inputs[i].parentNode.getElementsByTagName("span")[0]) {
                    // the span exists!  on focus, show the hint
                    inputs[i].onfocus = function() {
                            this.parentNode.getElementsByTagName("span")[0].className = "ns_active ns_active_color";
                    };
                            // when the cursor moves away from the field, hide the hint
                    inputs[i].onblur = function() {
                            this.parentNode.getElementsByTagName("span")[0].className = "ns_active";
                    };
            }
    }
    // repeat the same tests as above for selects
    var selects = document.getElementsByTagName("select");
    for (var k = 0; k < selects.length;

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:28:12.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "microsoft.com",
            "citrix.com",
            "w3.org"
         ],
         "hostname" : [
            "cdn-web.citrix.com",
            "msdn.microsoft.com",
            "www.w3.org"
         ],
         "url" : [
            "http://msdn.microsoft.com/library/ms537503.aspx",
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd",
            "https://cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-fonts-linking.css;",
            "https://cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-sans/;"
         ]
      },
      "favicon" : {
         "url" : "/favicon.ico"
      },
      "http" : {
         "bodymd5" : "09ffec8653713e45192e22c38c577a1e",
         "bodymmh3" : -460410389,
         "component" : [
            {
               "product" : "Application Delivery Controller",
               "productvendor" : "Citrix"
            }
         ],
         "headermd5" : "55170e92938f57cfcbf6e830ab224cb0",
         "headermmh3" : -603550982,
         "title" : "Citrix Login"
      },
      "length" : 16384
   },
   "asn" : "AS50613",
   "city" : "Hafnarfjordur",
   "country" : "IS",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 18752\r\nserver: Apache\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-fonts-linking.css; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data: blob:; font-src 'self' data: https://cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-sans/; frame-ancestors 'self'; object-src 'none';\r\nfeature-policy: camera 'none'; microphone 'none'; geolocation 'none'\r\nreferrer-policy: no-referrer\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nconnection: close\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">\n\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<title>Citrix Login</title>\n\n<link rel=\"icon\" type=\"image/ico\" href=\"/favicon.ico\"/>\n<link rel=\"stylesheet\" href=\"/admin_ui/common/css/ns/ui.css\" type=\"text/css\">\n<script type=\"text/javascript\" src=\"/admin_ui/common/js/jquery/jquery.min.js\"></script>\n<script type=\"text/javascript\" src=\"/admin_ui/common/js/jquery/jquery.keyfilter.min.js\"></script>\n<style type=\"text/css\">\n.ns_alert_text a:hover\n{\n    color: #0000FF !important;\n}\n\n</style>\n<!--[if IE]>\n<style type=\"text/css\">\n.login_combo\n{\n    width: 83%;\n}\n\n.login_button_cell\n{\n    padding-right: 31px;\n}\n</style>\n<![endif]-->\n<script language=\"JavaScript\" type=\"text/javascript\">\nvar display_flag = \"block\";\nvar admin_gui_https_port = \"443\";\nif(!document.all)\n    display_flag = \"table-row\";\n\nfunction checkform ( form )\n{\n    //getTimezoneOffset() will return (GMT - client) minutes. We need (client - GMT) seconds\n    document.form1.timezone_offset.value = new Date().getTimezoneOffset() * -60;\n\n    if (form.username.value === \"\") {\n      show_error(\"Please enter user name\", form.username);\n      return false;\n    }\n    if (form.password.value === \"\") {\n      show_error(\"Please enter password\", form.password);\n      return false;\n    }\n\n    form.username.value = addslashes(form.username.value);\n    form.password.value = addslashes(form.password.value);\n\n    form.username.value = encodeURIComponent(form.username.value);\n    form.password.value = encodeURIComponent(form.password.value);\n\n    loggingInText();\n    var intervalId = setInterval(loggingInText, 200);\n    $(\".login_button\").prop(\"disabled\", true);\n\n    return true ;\n}\n\nfunction addslashes(string) {\n    return string.replace(/\\\\/g, '\\\\\\\\').\n        replace(/\\t/g, '\\\\t').\n        replace(/\\n/g, '\\\\n').\n        replace(/\\f/g, '\\\\f').\n        replace(/\\r/g, '\\\\r').\n        replace(/\"/g, '\\\\\"');\n}\n\nfunction checkHTTP()\n{\n    if (location.protocol == \"http:\")\n    {\n        var login_link_anchor = $(\"<a>\").attr(\"tabindex\", \"0\").addClass(\"ns_login_link\").append(\"Use https\");\n\n        login_link_anchor.click(function() {\n            redirectToHTTPS();\n        });\n\n        login_link_anchor.keypress(function(e) {\n            var keynum;\n\n            if(window.event) // IE\n            {\n                keynum = e.keyCode;\n            }\n            else if(e.which) // Netscape/Firefox/Opera\n            {\n                keynum = e.which;\n            }\n\n            if(keynum == 13) //Enter key\n            {\n                login_link_anchor.click();\n            }\n        });\n\n        $(\".ns_login_secure\").append(login_link_anchor);\n    }\n    else\n    {\n        $('.ns_login_secure').hide();\n\n        return \"\";\n    }\n}\n\nfunction redirectToHTTPS()\n{\n    var url_suffix = (admin_gui_https_port != \"443\" && admin_gui_https_port != 443) ? (\":\" + admin_gui_https_port): \"\";\n    var url = \"https://\" + location.host + url_suffix;\n\n    window.location.href = url;\n}\n\nfunction key_pressed(e)\n{\n    var keynum;\n\n    if(window.event) // IE\n        keynum = e.keyCode;\n    else if(e.which) // Netscape/Firefox/Opera\n        keynum = e.which;\n\n    if(keynum == 13) //Enter key\n        submit_form();\n\n    return true;\n}\n\nvar dots = 0;\n\nfunction loggingInText() {\n\t$(\"#logintext\").text(\"Logging On\");\n\tif (dots < 3) {\n\t\t$('#loadingdots').append('.');\n\t\tdots++;\n\t} else {\n\t\t$('#loadingdots').html('');\n\t\tdots = 0;\n\t}\n}\n\nfunction submit_form()\n{\n    if(checkform(document.form1))\n    {\n        document.form1.submit();\n    }\n}\n\nfunction is_options_shown()\n{\n    var startin_row = document.getElementById(\"ns_login_options\");\n    return (!startin_row.style || startin_row.style.display == \"\" || startin_row.style.display == display_flag);\n}\n\nfunction show_error(message, element)\n{\n    if(element)\n    {\n        setTimeout(function(){ element.focus();}, 500);\n    }\n\n    if(message)\n    {\n        $(\"#login_error\").text(message);\n        $(\"#login_error\").css('visibility', 'visible');\n    }\n}\n\n// Mapping used by decodeXml\nvar escaped_one_to_xml_special_map = {\n    '&amp;': '&',\n    '&quot;': '\"',\n    '&lt;': '<',\n    '&gt;': '>',\n    \"&#039;\": \"'\"\n};\n\n// To decode the strings which are encoded using php function htmlspecialchars in the backend\nfunction decodeXml(string) {\n    return string.replace(/(&quot;|&#039;|&lt;|&gt;|&amp;)/g,\n        function(str, item) {\n            return escaped_one_to_xml_special_map[item];\n    });\n}\n\nfunction isSafari() {\n  return /Safari/.test(navigator.userAgent) && /Apple Computer/.test(navigator.vendor);\n}\n\nfunction getSupportedVersionString() {\n    try {\n\t\tvar display_string = \"Best viewed in IE8+, Firefox 3.6.25+, Chrome v19+ or Safari 5.1.1+(for Mac)\";\n\t\tvar nAgt = navigator.userAgent;\n\t\tvar browserName = navigator.appName;\n\t\tvar fullVersion = '' + parseFloat(navigator.appVersion);\n\t\tvar majorVersion = parseInt(navigator.appVersion, 10);\n\t\tvar nameOffset, verOffset, ix;\n\t\tvar vendor = null;\n\t\tif (navigator.vendor !== null) vendor = navigator.vendor.toLowerCase();\n\t\t// User agents for IE http://msdn.microsoft.com/library/ms537503.aspx\n\t\tif ((nAgt.indexOf(\"Trident\")) != -1) {\n\t\t\tif (nAgt.indexOf(\"rv:\") != -1) {\n\t\t\t\tpreg_match('/Trident\\/\\d{1,2}.\\d{1,2}.*rv:([0-9]*)/', nAgt, $matches);\n\t\t\t\tbrowserName = \"MSIE\";\n\t\t\t\tfullVersion = $matches[1];\n\t\t\t} else if ((verOffset = nAgt.indexOf(\"MSIE\")) != -1) {\n\t\t\t\tbrowserName = \"MSIE\";\n\t\t\t\tfullVersion = nAgt.substring(verOffset + 5);\n\t\t\t}\n\t\t}\n        // For Edge.\n        else if ((nAgt.indexOf(\"Edge\")) != -1) {\n            browserName = \"EDGE\";\n        }\n\t\t// In Chrome, the true version is after \"Chrome\"\n\t\telse if ((verOffset = nAgt.indexOf(\"Chrome\")) != -1) {\n\t\t\tbrowserName = \"Chrome\";\n\t\t\tfullVersion = nAgt.substring(verOffset + 7);\n\t\t}\n\t\t// In Safari, the true version is after \"Safari\" or after \"Version\"\n\t\telse if ((verOffset = nAgt.indexOf(\"Safari\")) != -1) {\n\t\t\tbrowserName = \"Safari\";\n\t\t\tfullVersion = nAgt.substring(verOffset + 7);\n\t\t\tif ((verOffset = nAgt.indexOf(\"Version\")) != -1) fullVersion = nAgt.substring(verOffset + 8);\n\t\t}\n\t\t// In Firefox, the true version is after \"Firefox\"\n\t\telse if ((verOffset = nAgt.indexOf(\"Firefox\")) != -1) {\n\t\t\tbrowserName = \"Firefox\";\n\t\t\tfullVersion = nAgt.substring(verOffset + 8);\n\t\t}\n\t\t// If you can't detect the browser, return the not-supported warning string\n\t\telse {\n\t\t\t$(\".ns_browser_not_supported_center\").show();\n\t\t\treturn;\n\t\t}\n\t\t// trim the fullVersion string at semicolon/space if present\n\t\tif ((ix = fullVersion.indexOf(\";\")) != -1) fullVersion = fullVersion.substring(0, ix);\n\t\tif ((ix = fullVersion.indexOf(\" \")) != -1) fullVersion = fullVersion.substring(0, ix);\n\t\tmajorVersion = parseInt('' + fullVersion, 10);\n\t\tif (isNaN(majorVersion)) {\n\t\t\tfullVersion = '' + parseFloat(navigator.appVersion);\n\t\t\tmajorVersion = parseInt(navigator.appVersion, 10);\n\t\t}\n\t\tif ((browserName == \"EDGE\") ||\n            (browserName == \"MSIE\" && compareFullVersion(fullVersion, \"8\")) || //IE\n\t\t\t(browserName == \"Firefox\" && compareFullVersion(fullVersion, \"3.6.25\")) || //Firefox\n\t\t\t(browserName == \"Chrome\" && compareFullVersion(fullVersion, \"19\") && vendor !== null && vendor.indexOf('google') != -1) || //chrome\n\t\t\t(browserName == \"Safari\" && compareFullVersion(fullVersion, \"5.1.1\") && vendor !== null && vendor.indexOf('apple') != -1) && nAgt.toLowerCase().indexOf('mac') != -1) //Safari for mac\n\t\t{\n\t\t\t$(\".ns_login_center_content\").show();\n\t\t\treturn;\n\t\t} else {\n\t\t\t$(\".ns_browser_not_supported_center\").show();\n\t\t\treturn;\n\t\t}\n\t} catch (err) {\n\t\t$(\".ns_login_center_content\").show();\n\t\treturn;\n\t}\n\t$(\".ns_login_center_content\").show();\n}\n\nfunction show_login_pane()\n{\n    $(\".ns_browser_not_supported_center\").hide();\n    $(\".ns_login_center_content\").show();\n}\n\nfunction compareFullVersion(a, b) //if a>b, return true, else return false\n{\n\n\tif (a === b)\n    {\n       return true;\n    }\n\n    var a_components = a.split(\".\");\n    var b_components = b.split(\".\");\n\n    var len = Math.min(a_components.length, b_components.length);\n\n    // loop while the components are equal\n    for (var i = 0; i < len; i++)\n    {\n        // A bigger than B\n        var val_a = parseInt(a_components[i]);\n\t\tvar val_b = parseInt(b_components[i]);\n\t\tif(isNaN(val_a) || isNaN(val_b))\n\t\t return false;\n\t\tif (parseInt(a_components[i]) > parseInt(b_components[i]))\n        {\n            return true;\n        }\n\n        // B bigger than A\n        if (parseInt(a_components[i]) < parseInt(b_components[i]))\n        {\n            return false;\n        }\n    }\n\n    // If one's a prefix of the other, the longer one is greater.\n    if (a_components.length >= b_components.length)\n    {\n        return true;\n    }\n\n    return false;\n}\n\nshow_eula = function(uname)\n{\n   $(\"#eula-text\").html(eula_message);\n   $(\"#ns_login_content\").addClass(\"overlay\");\n   $(\"#eula-container\").show();\n   $(\"#eula-accepted\").prop('checked', false);\n   $(\"#username\").val(uname)\n\n}\n\nclose_eula = function()\n{\n   $(\"#ns_login_content\").removeClass(\"overlay\")\n   $(\"#eula-container\").hide();\n\n}\n\ncontinue_eula = function()\n{\n    var eula_accepted = $(\"#eula-checkbox\").prop('checked');\n    if (eula_accepted)\n    {\n        close_eula();\n        $(\"#eula-accepted\").prop('checked', eula_accepted);\n    }\n    else\n    {\n        $(\"#eula_error\").show();\n    }\n}\n\n\n</script>\n\n</head>\n<body class=\"ns_login_body\">\n<noscript>\n    <div class=\"center_panel ns_alert_text\">\n        JavaScript is either disabled in or not supported by the Web browser. To continue logon, use a Web browser that supports JavaScript or enable JavaScript in your current browser.\n    </div>\n</noscript>\n\n<form name=\"form1\" action=\"/login/do_login\" method=\"post\" autocomplete=\"off\" autocapitalize=\"off\" onsubmit=\"return checkform(this);\">\n    <div class=\"ns_login_wrapper\">\n\t    <div class=\"ns_login_inner_wrapper\">\n            <div class=\"ns_login_top\" style=\"display: none;\"></div>\n\t\t\t<div class=\"ns_login_center\">\n\t\t\t    <div class=\"ns_browser_not_supported_center\" >\n\t\t        \t<span>Citrix ADC</span>\n\t              \t<div class=\"ns_browser_not_supported_center_content\">\n\t\t                <div class=\"ns_browser_not_supported_center_message\"> Your browser is not supported. Please use one of the following browsers\n\t\t                </div>\n\t                 \t<div>\n\t                       <div class=\"ns_browser_not_supported_browser_icon\">\n\t                       \t\t<div>\n\t                           \t\t<img src=\"/admin_ui/rdx/core/css/internet-explorer.png\" alt=\"Internet Explorer\">\n\t                       \t\t\t<div>8 and above</div>\n\t                   \t\t\t</div>\n\t               \t\t\t</div>\n\t                       <div class=\"ns_browser_not_supported_browser_icon\">\n\t                       \t\t<div>\n\t                       \t\t\t<img src=\"/admin_ui/rdx/core/css/firefox.png\" alt=\"Firefox\">\n\t                       \t\t\t<div>3.6.25 and above</div>\n\t                   \t\t\t</div>\n\t               \t\t\t</div>\n\t                       <div class=\"ns_browser_not_supported_browser_icon\">\n\t                       \t\t<div>\n\t                       \t\t\t<img src=\"/admin_ui/rdx/core/css/chrome.png\" alt=\"Chrome\">\n\t                       \t\t\t<div>15 and above</div>\n\t                       \t\t</div>\n\t                   \t\t</div>\n\t                       <div class=\"ns_browser_not_supported_browser_icon no_boder\">\n\t                       \t\t<div>\n\t                       \t\t\t<img src=\"/admin_ui/rdx/core/css/safari.png\" alt=\"Safari\">\n\t                       \t\t\t<div>5.1.3 and above</div>\n\t                   \t\t\t</div>\n\t               \t\t\t</div>\n\t                  \t</div>\n\t                 \t<p class=\"ns_browser_not_supported_center_message\">\n\t                 \t\t<a onkeypress=\"javascript: if(event.keyCode == 13) {show_login_pane(); event.preventDefault();}\" onclick=\"show_login_pane()\"> Continue, </a> I understand this browser may not be compatible.\n\t         \t\t\t</p>\n\t              \t</div>\n\t\t        </div>\n\t\t        <div class=\"ns_login_center_content\">\n\t\t\t\t\t<div  class=\"ns_login_inner_div\">\n\t\t\t\t\t\t<div  class=\"ns_login_form\" >\n                            <div id=\"login_error\" class=\"login_error\">\n                            </div>\n\t\t\t\t\t\t   \t<div id=\"ns_user_pass_section\">\n\t\t\t\t\t\t\t\t<div class=\"ns_grid_text user_name\">\n                                    <span>User Name</span>\n\n                                    <label for=\"username\" style=\"display: none;\">User Name</label>\n                                    <input type=\"text\" id=\"username\" name=\"username\" class=\"login_input\" onfocus=1>\n\t\t\t\t\t\t\t\t</div>\n\n\t\t\t\t\t\t\t\t<div class=\"ns_grid_text login_password\">\n                                    <span>Password</span>\n\n\t\t\t\t\t\t\t\t\t<label for=\"password\" style=\"display: none;\">Password</label>\n                                    <input type=\"password\" name=\"password\" id=\"password\" class=\"login_input\">\n\t\t\t\t\t\t\t\t</div>\n                                    <div style=\"display:none\">\n                                        <label for=\"eula-accepted\" style=\"display: none;\">EULA</label>\n                                        <input type=\"checkbox\" name=\"eula\" id=\"eula-accepted\" value=\"TRUE\">\n                                    </div>\n                                    <div class=\"login_button_cell\">\n                                        <label for=\"url\" style=\"display: none;\">URL</label>\n                                        <input type=\"hidden\" name=\"url\" id=\"url\" value=\"\">\n\n                                        <label for=\"timezone_offset\" style=\"display: none;\">Timezone Offset</label>\n                                        <input type=\"hidden\" name=\"timezone_offset\" id=\"timezone_offset\" value=\"\">\n\n                                        <button type=\"submit\" class=\"login_button rdx_blue_button\"><span id=\"logintext\">Log On</span><span id=\"loadingdots\"></span></button>\n                                    </div>\n                            </div>\n\t\t\t\t\t\t\t<div class=\"ns_login_logo ns_logo_placement\">\n                                <img src=\"/admin_ui/common/images/ADC_Horizontal.svg\" alt=\"Citrix logo image\" class=\"product_brand_logo\"/>\n\n\t\t\t\t\t\t\t\t<div class=\"ns_login_secure\"></div>\n\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t</div>\n\t\t\t\t\t</div>\n\t\t\t</div>\n\t\t    </div>\n\t\t    </div>\n\t\t</div>\n\t</div>\n</form>\n\n<script language=\"JavaScript\" type=\"text/javascript\">\n//Don't allow this page to be embedded inside a frame\nif(self != top)\n{\n    document.getElementsByTagName(\"body\")[0].style.display = \"none\";\n    top.location = self.location;\n}\nelse\n{\n\n    $('form[name=\"form1\"] #username').focus();\n}\n\nfunction input_hints() {\n    var inputs = document.getElementsByTagName(\"input\");\n    for (var i = 0; i < inputs.length; i++) {\n            // test to see if the hint span exists first\n            if (inputs[i].parentNode.getElementsByTagName(\"span\")[0]) {\n                    // the span exists!  on focus, show the hint\n                    inputs[i].onfocus = function() {\n                            this.parentNode.getElementsByTagName(\"span\")[0].className = \"ns_active ns_active_color\";\n                    };\n                            // when the cursor moves away from the field, hide the hint\n                    inputs[i].onblur = function() {\n                            this.parentNode.getElementsByTagName(\"span\")[0].className = \"ns_active\";\n                    };\n            }\n    }\n    // repeat the same tests as above for selects\n    var selects = document.getElementsByTagName(\"select\");\n    for (var k = 0; k < selects.length;",
   "datamd5" : "f50231a1ad3d593a592f090d4539250c",
   "datammh3" : -674646258,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "ip" : "151.236.24.85",
   "ipv6" : "false",
   "latitude" : "64.0677",
   "location" : "64.0677,-21.9453",
   "longitude" : "-21.9453",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Advania Island ehf",
   "os" : "Gateway Firmware",
   "osvendor" : "Citrix",
   "port" : 4782,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "151.236.24.0/24",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
47.113.219.226

Network
47.112.0.0/13

Device

<enterprise field>: device.class

Operating System
Linux Linux sUse

URL

http://47.113.219.226:4782/ 200

HTTP Title
Eltex - NTE-RG-1421G-Wac

HTTP Keyword(s)
voip vos3000

HTTP Copyright
www.linknat.com, 昆石网络

ASN
AS37963

Organization
Hangzhou Alibaba Advertising Co.,Ltd.

Protocol
http

Source
datascan
Operating System
Linux Linux sUse

HTTP Component(s)
Microsoft ASP.NET 4.0.30319 Metabase Metabase Atlassian Confluence Gitlab Gitlab Drupal Drupal 8 Jenkins Jenkins 2.121.3 SPIP SPIP 4.1.11 Roundcube Webmail

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
01aea9cd98e60d39b3e1bc23c517d70a

HTTP Header MD5
da1d7c858dcb94c21097cb3258b89258

HTTP Body MD5
e394a27f10d9c00190c4f5a980b1fe65

HTTP/1.1 200 OK
Composed-By: SPIP 4.1.11 @ www.spip.net
Content-Length: 105221
Content-Type: text/html;charset=utf-8
Last-Modified: Fri, 29 Jul 2022 16:53:01 GMT
Loginip: <srcip>
P3p: CP=CAO PSA OUR
Pragma: private
Report-To: {'group': 'network-errors', 'max_age': 2592000, 'endpoints': [{'url': 'https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify'}]}
Server: Evernote/1.0
Set-Cookie: ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly
Set-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;
Set-Cookie: adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;
Set-Cookie: UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;
Set-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;
Set-Cookie: zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly
Set-Cookie: sesskey=21263a2bf; path=/;
Set-Cookie: XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Fri, 14-Mar-2092 22:32:26 GMT; Path=/; HttpOnly;
Set-Cookie: acSamlv2Error=; path=/; secure;
Set-Cookie: metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Mon, 25 Apr 2044 03:55:44 +0200;SameSite=None;Secure
Set-Cookie: cepcAdminID=25263a2bf; path=/;
Set-Cookie: RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;
Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095
Set-Cookie: SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;
Set-Cookie: PHC_DISABLED=1; path=/; secure;
Set-Cookie: swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs=; path=/; secure; HttpOnly;
Set-Cookie: SESSID=22363a2bf; path=/;
Set-Cookie: CLIENT_ID=7214
X-Akaunting: Free Accounting Software
X-Aspnet-Version: 4.0.30319
X-Cache: MISS from Hello
X-Cache-Lookup: MISS from Hello:8080
X-Content-Powered-By: K2 v2.8.0 (by JoomlaWor
X-Content-Type-Options: nosniff
X-Drupal-Cache: xHIT
X-Drupal-Dynamic-Cache: MISS
X-Frame-Options: SAMEORIGIN
X-Generator: Drupal 8 (https://www.drupal.org)
X-Hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Influxdb-Build: OSS
X-Jenkins: 2.121.3
X-Jenkins-Session: f72d6619
X-Litespeed-Cache: hit
X-Pingback: https://example.com/xmlrpc.php
X-Powered-By-Plesk: PleskWin
X-Served-By: cache-xsp21434-XSP
X-Shopify-Generated-Cart-Token: aa1b6d68e41056d2955ae9e6fb516372
X-Xss-Protection: 1; mode=block
Date: Thu, 07 Nov 2024 03:28:10 GMT
Connection: close

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta http-equiv="Pragma" content="no-cache" />
<meta charset="utf-8">
<meta content="IE=edge" http-equiv="X-UA-Compatible">
<meta content="object" property="og:type">
<meta content="GitLab" property="og:site_name">
<meta content="Help" property="og:title">
<meta content="GitLab Community Edition" property="og:description">
<meta content="summary" property="twitter:card">
<meta content="Help" property="twitter:title">
<meta content="GitLab Community Edition" property="twitter:description">
<meta content="GitLab Community Edition" name="description">
<meta content="#474D57" name="theme-color">
<meta content="#30353E" name="msapplication-TileColor">
<meta name="csrf-param" content="authenticity_token" />
<meta name="csrf-token" content="8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cd78c639bf9be7f9dc240e25==" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta http-equiv="expires" content="-1"/>
<meta name="keywords" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/>
<meta name="author" content="www.linknat.com, 昆石网络"/>
<meta name="copyright" content="www.linknat.com, 昆石网络"/>
<meta name="generator" content="SPIP 4.1.11" />
<script src="/jquery.min.js"></script> 
<title>Eltex - NTE-RG-1421G-Wac</title>
</head>
<body>
<div style="display: none;">
<script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"THtoAUxH4sS9","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script>
<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last="1">fritzr</User></Users></SessionInfo>
<Account>
<Entry0 Active="Yes" username="CMCCAdmin" web_passwd="CmcC4dm1n5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry1 Active="Yes" username="useradmin" web_passwd="Gu4ngx1pd5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry2 Active="Yes" username="CUAdmin"   web_passwd="CUAdmin5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<TelnetEntry Active="Yes" telnet_username="Admin" telnet_passwd="cxx4dm1n5591" telnet_port="23"/>
<FtpEntry Active="Yes" ftp_right="1" ftp_auth="1" ftp_username="Admin" ftp_passwd="cxx4dm1n5591" ftp_port="21" />
<SambaEntry Active="Yes" smb_right="1" smb_auth="1" smb_username="Admin" smb_passwd="cxx4dm1n5591" />
<ConsoleEntry Active="Yes" console_username="Admin" console_passwd="cxx4dm1n5591"/>
<CTDefParaEntry setDefValueFlag="1" />
</Account>
<div>8.5.5 (Build:20200530.307-TEMP)</div>
<span class="greyNote version"><span class="vWord">Version</span> 2023.11.3 (build 147512)</span>
<h1>Logged in as <strong>admin</strong></h1><input type="hidden" name="csrfmiddlewaretoken" value="e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y"><textarea id="3revi" name="revi" rows="4" cols="50">server1 Ubuntu 22.04 LTS</textarea>
<ca status="disabled" href="/+CSCOCA+/login.html" />
<form action="/login/vpnSdef" enctype="multipart/form-data" method="post" name="login">
    <div data-user="root" data-module="package-updates"></div>
    <code>The zip file did not contain an entry exportDescriptor.properties</code>
    <span class="form-hidden"><input name="page" value="login" type="hidden"/><input name="formulaire_action" type="hidden" value="login" /><input name="formulaire_action_args" type="hidden" value="dzdNV0MzUGFDV0NHemR6bWorekNEWHY=" /><input name="formulaire_action_sign" type="hidden" value="" /></span>
    <message>Please enter your username and password.</message>
    <input name="formid" type="hidden" value="012afed" />
    <input name="javax.faces.ViewState" type="hidden" value="012afed" />
    <input name="queryString" type="hidden" value="1406192" />
    <div class="versionInfo">The Cacti Group Version 1.2.25</div>
    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>
    <input type="hidden" name="token" value="0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec">
    <input type='hidden' name='__csrf_magic' value="key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654" />
    <input type="hidden" name="tokenid"  value="1804289383" >
    <input type="hidden" name="name"  value="1804289383" >
    <input type="hidden" name="csrfKey" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="hidden" name="csrf_token" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" name="ref" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="username_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="password_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="csrf" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="xd_check" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="give-form-id" name="give-form-id" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" id="give-form-hash" name="give-form-hash" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="text" name="username" label="Username:" value="admin" />
    <input type="password" name="password" label="Password:" value="123456" />
    <input type="hidden" name="tgroup" value="DefaultADMINGroup" />
    <input type="submit" name="Login" value="Login" />
    <input type="reset" name="Clear" value="Clear" />
</form>
<input type="hidden" value="Maintain/cloud_index.php" id="cloud_addr">
<li class="lisel" onclick="location.href='index.php'">日志系统</li>
<li class="linormal" onclick="location.href='Maintain/cloud_index.php'" style="margin-left:1px;">云平台</li>
<button type="button" data-price-id=True>sb</button>
<div class="prod_madelName">RT-AC5300</div>
<div class="p1 title_gap">Sign in with your ASUS router account</div>
<tr class="h"><th>PHP Group</th></tr>
<tr><td class="e">upload_tmp_dir</td><td class="v">/etc/httpd/_tmp</td><td class="v">/etc/httpd/_tmp</td></tr>
<tr><td class="e">$_SERVER['DOCUMENT_ROOT']</td><td class="v">/mnt/HDD2/web/</td></tr>
<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>
<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>
<div class="text" id="jive-loginVersion"> Openfire, Version: 3.6.0a</div>
<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>
<div id="mcname">LoadMaster</div>
<p><br/><span>出厂IP：192.168.1.1</span><br/><span>用户名、密码：admin admin</span></p>
<td colspan="2">Please enter your Cacti user name and password below:</td>
<meta id="confluence-context-path" name="confluence-context-path" content="">
<meta id="confluence-base-url" name="confluence-base-url" content="https://192.168.1.4">
<meta id="atlassian-token" name="atlassian-token" content="d78e2b977d28428e411e31b958c9c502c2425083">
<script id="frontend-js-extra">var hashform_vars = {"ajaxurl":"\/wp-admin\/admin-ajax.php","ajax_nounce":"d78e2b97","preview_img":""};</script>
<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>
<B>SonicWall Universal Management Suite v9.3</B>
<br>OK<br>
<script type="text/javascript">var csrfMagicToken = "sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646";var csrfMagicName = "__vtrftk";</script>
<select id="cars" name="name">
<option value="olvo">olvo</option>
</select>
<a href="/VICIdial/phone">MODIFY</a>
<input type="hidden" name="extension"  value="1804289383" >
<input type="hidden" name="pass"  value="1804289383" >
<input type="hidden" name="recording_exten"  value="1804289383" >
<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>
<input type='hidden' name='LDCSA_CSRF' value="sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985" />
<script type='text/javascript'>
	var cactiVersion='1.2.27';
	var cactiServerOS='unix';
	var cactiAction='';
	var theme='modern';
	var refreshIsLogout=true;
	var refreshPage='/logout.php?action=timeout';
	var refreshMSeconds=1440000;
	var urlPath='/';
	var previousPage='';
	var sessionMessage=[];
	var csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';
</script>

<!--
<Username Level="40/40" Dispatch="account">admin</Username><User1><Password Level="40/40" Dispatch="account">admin</Password></User1>
/var/pinglog
<TITLE>Login</TITLE>
<a href="jpg.html">LIVE JPEG</a><br>
<a href="liveie.html">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>
<a href="DVRRemoteAP.exe">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVRRemoteAP_X64.exe">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVFPlayer.zip">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>
<\?xml version="1.0" encoding="utf-8"?><base64Binary xmlns="http://micros-hosting.com/EGateway/">
Location: /admin
<meta name="generator" content="vBulletin 5.5.4" />
Location: http://<ip>:80/relogin.htm?_t=3541144909
Location: http://<ip>:80/syscmd.htm" Location: /ui/login
/cgi-bin/webctrl.cgi?action=index_page
PDR-M800
function btnPing()
<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF="http://<ip>:80/relogin.htm?_t=179439949">here</A></BODY></HTML>
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_shortcut.png">
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_logo.png">
<td class="Copyright" colspan="2" style="text-align:justify" height="20" valign="bottom">© 2017 Cisco Systems, Inc. All Rights Reserved.
<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered
trademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates
in the United States and certain other countries.
</td>
:
#
>
$
SSH key is good
is not a valid ref and may not be archived
pcPassword2
'&sessionKey=790148060;'
name="sessionKey" value="790148060"
Set-Cookie: loginName=admin
var fgt_lang = /dev/cmdb/sslvpn_websession
php 8.1.0-dev exit
springframework
Tomcat
DEVICE.ACCOUNT=admin
AUTHORIZED_GROUP=1
<uid></uid>
<name>Admin</name>
<usrid></usrid>
<password>admin</password>
<group></group>
cpto /tmp/"root"
Model=AC1450
Firmware=V1.0.0.36_10.0.17
"exceptionMessageValue":"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found."
BIG-IP release 15.0.0
user:root
12345admin123'
Failed to process image

Location: http://192.168.0.1:52869/picsdesc.xml
You don't have permission to access /vpns/ on this server.
[global]
    workgroup = intranet
    encrypt passwords = Yes
    update encrypted = Yes

funcionando
system_sofia
name resolve order
InfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo
<b>File Uploaded !!!</b><br>
ant=951d11e51392117311602d0c25435d7f
38ee63071a04dc5e04ed22624c38e648
6f3249aa304055d63828af3bfab778f6
<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>
[local]
 tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Y2Q3OGM2MzliZjliZTdmOWRjMjQwZTI1PT0=
 addr = <ip>
"Powered by vBulletin Version 5.5.4"
789551
Linear eMerge
SuperSign
ubiq
Yacht
Zeroshell
FastWeb
AuthInfo:
loadingIndicator_bk
Zyxel
skyrouter
WAP54
org.apache.spark.ui



ID: "00af", version: "7.7.31.1", AddItem: function (a, item, c) {}
<insert implant configuration content here>
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api
Copyright (c) 2015-2020 by Cisco Systems, Inc.
All rights reserved.
SSL VPN Service
wsConvertPptResponse
<input id="txtUserName" class="txt-input" type="text" name="userName" value="" />
<input id="txtPassword" class="txt-input" type="password" name="password" value="" />
<button id="btnLogin" lc="html" lk="IDCS_LOGIN_NBSP">
<span lc="html" lk="IDCS_BS_PLUGIN_DOWNLOAD" style="line-height: 30px; vertical-align: top;"></span>
<script src="../Scripts/login.htm.js?v={JS_CSS_V}" type="text/javascript"></script>
<LegacyDN>eD2bxe4</LegacyDN>
<title class="_ctxstxt_NetscalerGateway">
SAML Assertion verification failed; Please contact your administrator
v=2b46554c087d2d5516559e9b8bc1875d
/vpn/images/AccessGateway.ico
frame-busting
/vpn/js/logout_view.js?v=
_ctxstxt_NetscalerAAA
lib.min20200813.js
401 Unauthorized Basic realm=
sName='1';onTest(this);
var passadm = "admin";
OPMODE_BRIDGE
document.all.cmd_result
<input id="key" type="text" style="width: 200px" value="02108CB9-2200D5A4">
<input id="date" type="text" style="width: 200px" value="12/25/2023">
main page cgi-bin/login.cgi
var sessionKey='030ff030ff88';
loc += '&sessionKey=19dec20030ff8dcb2';
}

var code = 'location="' + loc + '"';

Password change successful
J2100N GPON ONT
/cgi-bin/webui/admin
sesskey
name=admin pass=123 priv=ppp
service=www.dlinkddns.com
sysCmdType
Content-Type: auth/request


Content-Type: command/reply

Reply-Text: +OK accepted


X-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)
007b2000-007c1000 rw-p 00000000 00:00 0
Size:                 60 kB
Rss:                  52 kB
Pss:                  52 kB
Shared_Clean:          0 kB
Shared_Dirt

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:28:12.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "micros-hosting.com",
            "drupal.org",
            "example.com",
            "shopifycloud.com"
         ],
         "file" : [
            "dvrremoteap.exe",
            "admin-ajax.php",
            "cloud_index.php",
            "dvrremoteap_x64.exe",
            "index.php",
            "dvfplayer.zip"
         ],
         "hostname" : [
            "example.com",
            "micros-hosting.com",
            "monorail-edge.shopifycloud.com",
            "www.drupal.org"
         ],
         "ip" : [
            "192.168.1.1",
            "7.7.31.1",
            "192.168.1.4",
            "192.168.0.1",
            "1.0.0.36",
            "192.168.1.10"
         ],
         "url" : [
            "http://192.168.0.1:52869/picsdesc.xml",
            "http://micros-hosting.com/EGateway/",
            "https://192.168.1.4",
            "https://example.com/xmlrpc.php",
            "https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify",
            "https://www.drupal.org"
         ]
      },
      "http" : {
         "bodymd5" : "e394a27f10d9c00190c4f5a980b1fe65",
         "bodymmh3" : -1362225308,
         "component" : [
            {
               "product" : "Webmail",
               "productvendor" : "Roundcube"
            },
            {
               "product" : "Metabase",
               "productvendor" : "Metabase"
            },
            {
               "product" : "Gitlab",
               "productvendor" : "Gitlab"
            },
            {
               "productvendor" : "Microsoft",
               "productversion" : "4.0.30319",
               "product" : "ASP.NET"
            },
            {
               "product" : "Drupal",
               "productversion" : "8",
               "productvendor" : "Drupal"
            },
            {
               "productvendor" : "Atlassian",
               "product" : "Confluence"
            },
            {
               "productversion" : "2.121.3",
               "productvendor" : "Jenkins",
               "product" : "Jenkins"
            },
            {
               "product" : "SPIP",
               "productvendor" : "SPIP",
               "productversion" : "4.1.11"
            }
         ],
         "copyright" : "www.linknat.com, \u6606\u77f3\u7f51\u7edc",
         "header" : [
            {
               "value" : "Fri, 29 Jul 2022 16:53:01 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "da1d7c858dcb94c21097cb3258b89258",
         "headermmh3" : -1105804238,
         "keywords" : [
            "voip",
            "vos3000"
         ],
         "title" : "Eltex - NTE-RG-1421G-Wac"
      },
      "length" : 16288
   },
   "asn" : "AS37963",
   "city" : "Shenzhen",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nComposed-By: SPIP 4.1.11 @ www.spip.net\r\nContent-Length: 105221\r\nContent-Type: text/html;charset=utf-8\r\nLast-Modified: Fri, 29 Jul 2022 16:53:01 GMT\r\nLoginip: <srcip>\r\nP3p: CP=CAO PSA OUR\r\nPragma: private\r\nReport-To: {'group': 'network-errors', 'max_age': 2592000, 'endpoints': [{'url': 'https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify'}]}\r\nServer: Evernote/1.0\r\nSet-Cookie: ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly\r\nSet-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;\r\nSet-Cookie: adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;\r\nSet-Cookie: UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;\r\nSet-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;\r\nSet-Cookie: zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly\r\nSet-Cookie: sesskey=21263a2bf; path=/;\r\nSet-Cookie: XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Fri, 14-Mar-2092 22:32:26 GMT; Path=/; HttpOnly;\r\nSet-Cookie: acSamlv2Error=; path=/; secure;\r\nSet-Cookie: metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Mon, 25 Apr 2044 03:55:44 +0200;SameSite=None;Secure\r\nSet-Cookie: cepcAdminID=25263a2bf; path=/;\r\nSet-Cookie: RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;\r\nSet-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095\r\nSet-Cookie: SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;\r\nSet-Cookie: PHC_DISABLED=1; path=/; secure;\r\nSet-Cookie: swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs=; path=/; secure; HttpOnly;\r\nSet-Cookie: SESSID=22363a2bf; path=/;\r\nSet-Cookie: CLIENT_ID=7214\r\nX-Akaunting: Free Accounting Software\r\nX-Aspnet-Version: 4.0.30319\r\nX-Cache: MISS from Hello\r\nX-Cache-Lookup: MISS from Hello:8080\r\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWor\r\nX-Content-Type-Options: nosniff\r\nX-Drupal-Cache: xHIT\r\nX-Drupal-Dynamic-Cache: MISS\r\nX-Frame-Options: SAMEORIGIN\r\nX-Generator: Drupal 8 (https://www.drupal.org)\r\nX-Hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.\r\nX-Influxdb-Build: OSS\r\nX-Jenkins: 2.121.3\r\nX-Jenkins-Session: f72d6619\r\nX-Litespeed-Cache: hit\r\nX-Pingback: https://example.com/xmlrpc.php\r\nX-Powered-By-Plesk: PleskWin\r\nX-Served-By: cache-xsp21434-XSP\r\nX-Shopify-Generated-Cart-Token: aa1b6d68e41056d2955ae9e6fb516372\r\nX-Xss-Protection: 1; mode=block\r\nDate: Thu, 07 Nov 2024 03:28:10 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta charset=\"utf-8\">\n<meta content=\"IE=edge\" http-equiv=\"X-UA-Compatible\">\n<meta content=\"object\" property=\"og:type\">\n<meta content=\"GitLab\" property=\"og:site_name\">\n<meta content=\"Help\" property=\"og:title\">\n<meta content=\"GitLab Community Edition\" property=\"og:description\">\n<meta content=\"summary\" property=\"twitter:card\">\n<meta content=\"Help\" property=\"twitter:title\">\n<meta content=\"GitLab Community Edition\" property=\"twitter:description\">\n<meta content=\"GitLab Community Edition\" name=\"description\">\n<meta content=\"#474D57\" name=\"theme-color\">\n<meta content=\"#30353E\" name=\"msapplication-TileColor\">\n<meta name=\"csrf-param\" content=\"authenticity_token\" />\n<meta name=\"csrf-token\" content=\"8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cd78c639bf9be7f9dc240e25==\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n<meta http-equiv=\"expires\" content=\"-1\"/>\n<meta name=\"keywords\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"author\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"copyright\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"generator\" content=\"SPIP 4.1.11\" />\n<script src=\"/jquery.min.js\"></script> \n<title>Eltex - NTE-RG-1421G-Wac</title>\n</head>\n<body>\n<div style=\"display: none;\">\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"THtoAUxH4sS9\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last=\"1\">fritzr</User></Users></SessionInfo>\n<Account>\n<Entry0 Active=\"Yes\" username=\"CMCCAdmin\" web_passwd=\"CmcC4dm1n5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry1 Active=\"Yes\" username=\"useradmin\" web_passwd=\"Gu4ngx1pd5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry2 Active=\"Yes\" username=\"CUAdmin\"   web_passwd=\"CUAdmin5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<TelnetEntry Active=\"Yes\" telnet_username=\"Admin\" telnet_passwd=\"cxx4dm1n5591\" telnet_port=\"23\"/>\n<FtpEntry Active=\"Yes\" ftp_right=\"1\" ftp_auth=\"1\" ftp_username=\"Admin\" ftp_passwd=\"cxx4dm1n5591\" ftp_port=\"21\" />\n<SambaEntry Active=\"Yes\" smb_right=\"1\" smb_auth=\"1\" smb_username=\"Admin\" smb_passwd=\"cxx4dm1n5591\" />\n<ConsoleEntry Active=\"Yes\" console_username=\"Admin\" console_passwd=\"cxx4dm1n5591\"/>\n<CTDefParaEntry setDefValueFlag=\"1\" />\n</Account>\n<div>8.5.5 (Build:20200530.307-TEMP)</div>\n<span class=\"greyNote version\"><span class=\"vWord\">Version</span> 2023.11.3 (build 147512)</span>\n<h1>Logged in as <strong>admin</strong></h1><input type=\"hidden\" name=\"csrfmiddlewaretoken\" value=\"e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y\"><textarea id=\"3revi\" name=\"revi\" rows=\"4\" cols=\"50\">server1 Ubuntu 22.04 LTS</textarea>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n<form action=\"/login/vpnSdef\" enctype=\"multipart/form-data\" method=\"post\" name=\"login\">\n    <div data-user=\"root\" data-module=\"package-updates\"></div>\n    <code>The zip file did not contain an entry exportDescriptor.properties</code>\n    <span class=\"form-hidden\"><input name=\"page\" value=\"login\" type=\"hidden\"/><input name=\"formulaire_action\" type=\"hidden\" value=\"login\" /><input name=\"formulaire_action_args\" type=\"hidden\" value=\"dzdNV0MzUGFDV0NHemR6bWorekNEWHY=\" /><input name=\"formulaire_action_sign\" type=\"hidden\" value=\"\" /></span>\n    <message>Please enter your username and password.</message>\n    <input name=\"formid\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"javax.faces.ViewState\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"queryString\" type=\"hidden\" value=\"1406192\" />\n    <div class=\"versionInfo\">The Cacti Group Version 1.2.25</div>\n    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>\n    <input type=\"hidden\" name=\"token\" value=\"0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec\">\n    <input type='hidden' name='__csrf_magic' value=\"key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654\" />\n    <input type=\"hidden\" name=\"tokenid\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"name\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"csrfKey\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"hidden\" name=\"csrf_token\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" name=\"ref\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"username_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"password_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"csrf\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"xd_check\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"give-form-id\" name=\"give-form-id\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" id=\"give-form-hash\" name=\"give-form-hash\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"text\" name=\"username\" label=\"Username:\" value=\"admin\" />\n    <input type=\"password\" name=\"password\" label=\"Password:\" value=\"123456\" />\n    <input type=\"hidden\" name=\"tgroup\" value=\"DefaultADMINGroup\" />\n    <input type=\"submit\" name=\"Login\" value=\"Login\" />\n    <input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n</form>\n<input type=\"hidden\" value=\"Maintain/cloud_index.php\" id=\"cloud_addr\">\n<li class=\"lisel\" onclick=\"location.href='index.php'\">\u65e5\u5fd7\u7cfb\u7edf</li>\n<li class=\"linormal\" onclick=\"location.href='Maintain/cloud_index.php'\" style=\"margin-left:1px;\">\u4e91\u5e73\u53f0</li>\n<button type=\"button\" data-price-id=True>sb</button>\n<div class=\"prod_madelName\">RT-AC5300</div>\n<div class=\"p1 title_gap\">Sign in with your ASUS router account</div>\n<tr class=\"h\"><th>PHP Group</th></tr>\n<tr><td class=\"e\">upload_tmp_dir</td><td class=\"v\">/etc/httpd/_tmp</td><td class=\"v\">/etc/httpd/_tmp</td></tr>\n<tr><td class=\"e\">$_SERVER['DOCUMENT_ROOT']</td><td class=\"v\">/mnt/HDD2/web/</td></tr>\n<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>\n<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>\n<div class=\"text\" id=\"jive-loginVersion\"> Openfire, Version: 3.6.0a</div>\n<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>\n<div id=\"mcname\">LoadMaster</div>\n<p><br/><span>\u51fa\u5382IP\uff1a192.168.1.1</span><br/><span>\u7528\u6237\u540d\u3001\u5bc6\u7801\uff1aadmin admin</span></p>\n<td colspan=\"2\">Please enter your Cacti user name and password below:</td>\n<meta id=\"confluence-context-path\" name=\"confluence-context-path\" content=\"\">\n<meta id=\"confluence-base-url\" name=\"confluence-base-url\" content=\"https://192.168.1.4\">\n<meta id=\"atlassian-token\" name=\"atlassian-token\" content=\"d78e2b977d28428e411e31b958c9c502c2425083\">\n<script id=\"frontend-js-extra\">var hashform_vars = {\"ajaxurl\":\"\\/wp-admin\\/admin-ajax.php\",\"ajax_nounce\":\"d78e2b97\",\"preview_img\":\"\"};</script>\n<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>\n<B>SonicWall Universal Management Suite v9.3</B>\n<br>OK<br>\n<script type=\"text/javascript\">var csrfMagicToken = \"sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646\";var csrfMagicName = \"__vtrftk\";</script>\n<select id=\"cars\" name=\"name\">\n<option value=\"olvo\">olvo</option>\n</select>\n<a href=\"/VICIdial/phone\">MODIFY</a>\n<input type=\"hidden\" name=\"extension\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"pass\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"recording_exten\"  value=\"1804289383\" >\n<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>\n<input type='hidden' name='LDCSA_CSRF' value=\"sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985\" />\n<script type='text/javascript'>\n\tvar cactiVersion='1.2.27';\n\tvar cactiServerOS='unix';\n\tvar cactiAction='';\n\tvar theme='modern';\n\tvar refreshIsLogout=true;\n\tvar refreshPage='/logout.php?action=timeout';\n\tvar refreshMSeconds=1440000;\n\tvar urlPath='/';\n\tvar previousPage='';\n\tvar sessionMessage=[];\n\tvar csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';\n</script>\n\n<!--\n<Username Level=\"40/40\" Dispatch=\"account\">admin</Username><User1><Password Level=\"40/40\" Dispatch=\"account\">admin</Password></User1>\n/var/pinglog\n<TITLE>Login</TITLE>\n<a href=\"jpg.html\">LIVE JPEG</a><br>\n<a href=\"liveie.html\">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>\n<a href=\"DVRRemoteAP.exe\">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVRRemoteAP_X64.exe\">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVFPlayer.zip\">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>\n<\\?xml version=\"1.0\" encoding=\"utf-8\"?><base64Binary xmlns=\"http://micros-hosting.com/EGateway/\">\nLocation: /admin\n<meta name=\"generator\" content=\"vBulletin 5.5.4\" />\nLocation: http://<ip>:80/relogin.htm?_t=3541144909\nLocation: http://<ip>:80/syscmd.htm\" Location: /ui/login\n/cgi-bin/webctrl.cgi?action=index_page\nPDR-M800\nfunction btnPing()\n<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF=\"http://<ip>:80/relogin.htm?_t=179439949\">here</A></BODY></HTML>\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_shortcut.png\">\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_logo.png\">\n<td class=\"Copyright\" colspan=\"2\" style=\"text-align:justify\" height=\"20\" valign=\"bottom\">\u00a9 2017 Cisco Systems, Inc. All Rights Reserved.\n<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered\ntrademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates\nin the United States and certain other countries.\n</td>\n:\n#\n>\n$\nSSH key is good\nis not a valid ref and may not be archived\npcPassword2\n'&sessionKey=790148060;'\nname=\"sessionKey\" value=\"790148060\"\nSet-Cookie: loginName=admin\nvar fgt_lang = /dev/cmdb/sslvpn_websession\nphp 8.1.0-dev exit\nspringframework\nTomcat\nDEVICE.ACCOUNT=admin\nAUTHORIZED_GROUP=1\n<uid></uid>\n<name>Admin</name>\n<usrid></usrid>\n<password>admin</password>\n<group></group>\ncpto /tmp/\"root\"\nModel=AC1450\r\nFirmware=V1.0.0.36_10.0.17\r\n\"exceptionMessageValue\":\"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found.\"\nBIG-IP release 15.0.0\nuser:root\n12345admin123'\nFailed to process image\n\nLocation: http://192.168.0.1:52869/picsdesc.xml\nYou don't have permission to access /vpns/ on this server.\n[global]\n    workgroup = intranet\n    encrypt passwords = Yes\n    update encrypted = Yes\n\nfuncionando\nsystem_sofia\nname resolve order\nInfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo\n<b>File Uploaded !!!</b><br>\nant=951d11e51392117311602d0c25435d7f\n38ee63071a04dc5e04ed22624c38e648\n6f3249aa304055d63828af3bfab778f6\n<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>\n[local]\n tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Y2Q3OGM2MzliZjliZTdmOWRjMjQwZTI1PT0=\n addr = <ip>\n\"Powered by vBulletin Version 5.5.4\"\n789551\nLinear eMerge\nSuperSign\nubiq\nYacht\nZeroshell\nFastWeb\nAuthInfo:\nloadingIndicator_bk\nZyxel\nskyrouter\nWAP54\norg.apache.spark.ui\n\n\n\nID: \"00af\", version: \"7.7.31.1\", AddItem: function (a, item, c) {}\n<insert implant configuration content here>\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api\nCopyright (c) 2015-2020 by Cisco Systems, Inc.\nAll rights reserved.\nSSL VPN Service\nwsConvertPptResponse\n<input id=\"txtUserName\" class=\"txt-input\" type=\"text\" name=\"userName\" value=\"\" />\n<input id=\"txtPassword\" class=\"txt-input\" type=\"password\" name=\"password\" value=\"\" />\n<button id=\"btnLogin\" lc=\"html\" lk=\"IDCS_LOGIN_NBSP\">\n<span lc=\"html\" lk=\"IDCS_BS_PLUGIN_DOWNLOAD\" style=\"line-height: 30px; vertical-align: top;\"></span>\n<script src=\"../Scripts/login.htm.js?v={JS_CSS_V}\" type=\"text/javascript\"></script>\n<LegacyDN>eD2bxe4</LegacyDN>\n<title class=\"_ctxstxt_NetscalerGateway\">\nSAML Assertion verification failed; Please contact your administrator\nv=2b46554c087d2d5516559e9b8bc1875d\n/vpn/images/AccessGateway.ico\nframe-busting\n/vpn/js/logout_view.js?v=\n_ctxstxt_NetscalerAAA\nlib.min20200813.js\n401 Unauthorized Basic realm=\nsName='1';onTest(this);\nvar passadm = \"admin\";\nOPMODE_BRIDGE\ndocument.all.cmd_result\n<input id=\"key\" type=\"text\" style=\"width: 200px\" value=\"02108CB9-2200D5A4\">\n<input id=\"date\" type=\"text\" style=\"width: 200px\" value=\"12/25/2023\">\nmain page cgi-bin/login.cgi\nvar sessionKey='030ff030ff88';\nloc += '&sessionKey=19dec20030ff8dcb2';\n}\n\nvar code = 'location=\"' + loc + '\"';\n\nPassword change successful\nJ2100N GPON ONT\n/cgi-bin/webui/admin\nsesskey\nname=admin pass=123 priv=ppp\nservice=www.dlinkddns.com\nsysCmdType\nContent-Type: auth/request\n\n\nContent-Type: command/reply\n\nReply-Text: +OK accepted\n\n\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)\n007b2000-007c1000 rw-p 00000000 00:00 0\nSize:                 60 kB\nRss:                  52 kB\nPss:                  52 kB\nShared_Clean:          0 kB\nShared_Dirt",
   "datamd5" : "01aea9cd98e60d39b3e1bc23c517d70a",
   "datammh3" : -1900271019,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS45102",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "alibaba-inc.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "ALISOFT",
      "organization" : "Alibaba (US) Technology Co., Ltd.",
      "subnet" : "47.113.0.0/16"
   },
   "ip" : "47.113.219.226",
   "ipv6" : "false",
   "latitude" : "22.5559",
   "location" : "22.5559,114.0577",
   "longitude" : "114.0577",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Hangzhou Alibaba Advertising Co.,Ltd.",
   "os" : "Linux",
   "osdistribution" : "sUse",
   "osvendor" : "Linux",
   "port" : 4782,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "47.112.0.0/13",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
89.31.123.197

Network
89.31.123.0/24

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

http://89.31.123.197:4782/ 401

ASN
AS9009

Organization
M247 Europe SRL

Protocol
http

Source
datascan
Operating System
Linux Linux Kernel

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
16234ea1da40e03f1317c21396981c69

HTTP Header MD5
8f4a29b9be97398ee40f9827947fcbaf

HTTP Body MD5
9c13653d29a59fbb245670a68c158d4c

HTTP/1.1 401 Unauthorized
Date: Thu, 07 Nov 2024 03:27:44 UTC
Content-Type: text/plain;charset=UTF-8
Connection: keep-alive
TeamCity-Node-Id: MAIN_SERVER
WWW-Authenticate: Basic realm="TeamCity"
WWW-Authenticate: Bearer realm="TeamCity"
Cache-Control: no-store

Authentication required
To login manually go to "/login.html" page

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:27:45.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "9c13653d29a59fbb245670a68c158d4c",
         "bodymmh3" : 866407170,
         "headermd5" : "8f4a29b9be97398ee40f9827947fcbaf",
         "headermmh3" : 2003728399,
         "realm" : "TeamCity"
      },
      "length" : 337
   },
   "asn" : "AS9009",
   "city" : "Vienna",
   "country" : "AT",
   "data" : "HTTP/1.1 401 Unauthorized\r\nDate: Thu, 07 Nov 2024 03:27:44 UTC\r\nContent-Type: text/plain;charset=UTF-8\r\nConnection: keep-alive\r\nTeamCity-Node-Id: MAIN_SERVER\r\nWWW-Authenticate: Basic realm=\"TeamCity\"\r\nWWW-Authenticate: Bearer realm=\"TeamCity\"\r\nCache-Control: no-store\r\n\r\nAuthentication required\nTo login manually go to \"/login.html\" page",
   "datamd5" : "16234ea1da40e03f1317c21396981c69",
   "datammh3" : 1096304710,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9009",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "AT",
      "countryname" : "Austria",
      "domain" : [
         "89.in-addr.arpa",
         "edis.at"
      ],
      "isineu" : "true",
      "latitude" : "47.516231",
      "location" : "47.516231,14.550072",
      "longitude" : "14.550072",
      "netname" : "EDIS-AT-NET",
      "organization" : "EDIS GmbH",
      "subnet" : "89.31.123.0/24"
   },
   "ip" : "89.31.123.197",
   "ipv6" : "false",
   "latitude" : "48.1535",
   "location" : "48.1535,16.3855",
   "longitude" : "16.3855",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "M247 Europe SRL",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4782,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Unauthorized",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 401,
   "subnet" : "89.31.123.0/24",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
210.101.109.5

Network
210.101.64.0/18

Device

<enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

Operating System
SonicWall SonicOS

URL

http://210.101.109.5:4782/ 302

HTTP Title
Policy Jump

ASN
AS4766

Organization
Korea Telecom

Protocol
http

Source
datascan
Operating System
SonicWall SonicOS

HTTP Component(s)
SonicWall SonicWall

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
8332030c845aaae05eb386bea74678a0

HTTP Header MD5
abacb902cd555996ea7c81367d39d2cf

HTTP Body MD5
7f437575f8c2fc5ea0b8a911e38bf0f9

HTTP/1.0 302 Found
Content-type: text/html
X-Content-Type-Options: nosniff
Location: https://210.101.110.254:1443/dynPolLoginRedirect.html?cid=0

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8">

	<title>Policy Jump</title>
	<meta name="id" content="policyJump" >
	<meta http-equiv="Expires" content="0">
</head>
<BODY>This document has moved <A href="https://210.101.110.254:1443/dynPolLoginRedirect.html?cid=0">here</A></BODY>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:27:42.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "210.101.110.254"
         ],
         "url" : [
            "https://210.101.110.254:1443/dynPolLoginRedirect.html?cid=0"
         ]
      },
      "http" : {
         "bodymd5" : "7f437575f8c2fc5ea0b8a911e38bf0f9",
         "bodymmh3" : -626897434,
         "component" : [
            {
               "product" : "SonicWall",
               "productvendor" : "SonicWall"
            }
         ],
         "headermd5" : "abacb902cd555996ea7c81367d39d2cf",
         "headermmh3" : -109501120,
         "title" : "Policy Jump"
      },
      "length" : 547
   },
   "asn" : "AS4766",
   "city" : "Buk-gu",
   "country" : "KR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 302 Found\r\nContent-type: text/html\r\nX-Content-Type-Options: nosniff\r\nLocation: https://210.101.110.254:1443/dynPolLoginRedirect.html?cid=0\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">\r\n<html>\r\n<head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\r\n\r\n\t<title>Policy Jump</title>\r\n\t<meta name=\"id\" content=\"policyJump\" >\r\n\t<meta http-equiv=\"Expires\" content=\"0\">\r\n</head>\r\n<BODY>This document has moved <A href=\"https://210.101.110.254:1443/dynPolLoginRedirect.html?cid=0\">here</A></BODY>\r\n</html>\r\n",
   "datamd5" : "8332030c845aaae05eb386bea74678a0",
   "datammh3" : 1436404183,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "geolocus" : {
      "asn" : "AS4766",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "KR",
      "countryname" : "South Korea",
      "domain" : [
         "kt.com",
         "nic.or.kr"
      ],
      "isineu" : "false",
      "latitude" : "35.907757",
      "location" : "35.907757,127.766922",
      "longitude" : "127.766922",
      "netname" : "KORNET",
      "organization" : "Korea Telecom",
      "subnet" : "210.101.64.0/18"
   },
   "ip" : "210.101.109.5",
   "ipv6" : "false",
   "latitude" : "35.9616",
   "location" : "35.9616,128.5413",
   "longitude" : "128.5413",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Korea Telecom",
   "os" : "SonicOS",
   "osvendor" : "SonicWall",
   "port" : 4782,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 302,
   "subnet" : "210.101.64.0/18",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
84.43.202.134

Network
84.43.128.0/17

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://84.43.202.134:4782/ 404

HTTP Title
Not Found

ASN
AS21230

Organization
M SAT Cable EAD

Protocol
http

Source
datascan
Operating System
Microsoft Windows

Product
Microsoft HTTPAPI 2.0

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
634d5281a64959deb2a0c361a16bcf44

HTTP Header MD5
d30ea3d8118160dd164e28b2fe124279

HTTP Body MD5
344d3f7baff022f79c37992e1bd5d040

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 07 Nov 2024 03:27:40 GMT
Connection: close
Content-Length: 315

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Not Found</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Not Found</h2>
<hr><p>HTTP Error 404. The requested resource is not found.</p>
</BODY></HTML>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:27:42.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "344d3f7baff022f79c37992e1bd5d040",
         "bodymmh3" : 225052475,
         "headermd5" : "d30ea3d8118160dd164e28b2fe124279",
         "headermmh3" : -1972292532,
         "title" : "Not Found"
      },
      "length" : 492
   },
   "asn" : "AS21230",
   "city" : "Varna",
   "country" : "BG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 404 Not Found\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 07 Nov 2024 03:27:40 GMT\r\nConnection: close\r\nContent-Length: 315\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Not Found</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Not Found</h2>\r\n<hr><p>HTTP Error 404. The requested resource is not found.</p>\r\n</BODY></HTML>\r\n",
   "datamd5" : "634d5281a64959deb2a0c361a16bcf44",
   "datammh3" : 954872337,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "ip" : "84.43.202.134",
   "ipv6" : "false",
   "latitude" : "43.2002",
   "location" : "43.2002,27.9425",
   "longitude" : "27.9425",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "M SAT Cable EAD",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 4782,
   "product" : "HTTPAPI",
   "productvendor" : "Microsoft",
   "productversion" : "2.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Not Found",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 404,
   "subnet" : "84.43.128.0/17",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 10,154 in 1.074 second(s)

189.237.161.116:4782 (tcp/http) - last seen on 2024-11-07 at 03:31:23 UTC

62.234.24.109:4782 (tcp/http) - last seen on 2024-11-07 at 03:31:19 UTC

78.131.119.16:4782 (tcp/unknown) - last seen on 2024-11-07 at 03:30:21 UTC

90.188.7.239:4782 (tcp/http) - last seen on 2024-11-07 at 03:28:41 UTC

82.102.31.22:4782 (tcp/http) - last seen on 2024-11-07 at 03:28:39 UTC

151.236.24.85:4782 (tcp/http) - last seen on 2024-11-07 at 03:28:12 UTC

47.113.219.226:4782 (tcp/http) - last seen on 2024-11-07 at 03:28:12 UTC

89.31.123.197:4782 (tcp/http) - last seen on 2024-11-07 at 03:27:45 UTC

210.101.109.5:4782 (tcp/http) - last seen on 2024-11-07 at 03:27:42 UTC

84.43.202.134:4782 (tcp/http) - last seen on 2024-11-07 at 03:27:42 UTC