Returning 10 result(s) out of 10,154 in 1.074 second(s)

  • 189.237.161.116:4782 (tcp/http) - last seen on 2024-11-07 at 03:31:23 UTC

    • IP
      189.237.161.116
      Network
      189.237.0.0/16
      Domain(s)
      prod-infinitum.com.mx
      Device

      <enterprise field>: device.class

      Operating System
      FreeBSD FreeBSD
      URL

      http://189.237.161.116:4782/ 404

      HTTP Title
      404 Not Found
      Reverse DNS
      dsl-189-237-161-116-dyn.prod-infinitum.com.mx
      ASN
      AS8151
      Organization
      UNINET
      Protocol
      http
      Source
      datascan
    • Operating System
      FreeBSD FreeBSD
      Product
      Apache HTTP Server 2.4.54
      HTTP Component(s)
      Python Python 2.7.18 OpenSSL OpenSSL 1.0.2u Apache mod_wsgi 3.5
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      4d5d4c5ecd8314f462b04fb3f2cff0d1
      HTTP Header MD5
      cea6a73fd742f08d4156bb03458585be
      HTTP Body MD5
      62962daa1b19bbcc2db10b7bfd531ea6
    • HTTP/1.1 404 Not Found
      Date: Thu, 07 Nov 2024 03:31:23 GMT
      Server: Apache/2.4.54 (Unix) mod_fastcgi/mod_fastcgi-SNAP-0910052141 OpenSSL/1.0.2u mod_wsgi/3.5 Python/2.7.18
      Content-Length: 196
      Connection: close
      Content-Type: text/html; charset=iso-8859-1
      
      <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
      <html><head>
      <title>404 Not Found</title>
      </head><body>
      <h1>Not Found</h1>
      <p>The requested URL was not found on this server.</p>
      </body></html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:31:23.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "62962daa1b19bbcc2db10b7bfd531ea6",
               "bodymmh3" : -780928015,
               "component" : [
                  {
                     "product" : "OpenSSL",
                     "productversion" : "1.0.2u",
                     "productvendor" : "OpenSSL"
                  },
                  {
                     "productversion" : "2.7.18",
                     "productvendor" : "Python",
                     "product" : "Python"
                  },
                  {
                     "product" : "mod_wsgi",
                     "productversion" : "3.5",
                     "productvendor" : "Apache"
                  }
               ],
               "headermd5" : "cea6a73fd742f08d4156bb03458585be",
               "headermmh3" : 372915866,
               "title" : "404 Not Found"
            },
            "length" : 456
         },
         "asn" : "AS8151",
         "city" : "Chihuahua City",
         "country" : "MX",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 404 Not Found\r\nDate: Thu, 07 Nov 2024 03:31:23 GMT\r\nServer: Apache/2.4.54 (Unix) mod_fastcgi/mod_fastcgi-SNAP-0910052141 OpenSSL/1.0.2u mod_wsgi/3.5 Python/2.7.18\r\nContent-Length: 196\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p>The requested URL was not found on this server.</p>\n</body></html>\n",
         "datamd5" : "4d5d4c5ecd8314f462b04fb3f2cff0d1",
         "datammh3" : 1613267194,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "prod-infinitum.com.mx"
         ],
         "geolocus" : {
            "asn" : "AS8151",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "MX",
            "countryname" : "Mexico",
            "domain" : [
               "prod-infinitum.com.mx",
               "uninet.com.mx"
            ],
            "isineu" : "false",
            "latitude" : "23.634501",
            "location" : "23.634501,-102.552784",
            "longitude" : "-102.552784",
            "netname" : "MX-USCV4-LACNIC",
            "organization" : "UNINET",
            "subnet" : "189.237.0.0/16"
         },
         "host" : [
            "dsl-189-237-161-116-dyn"
         ],
         "hostname" : [
            "dsl-189-237-161-116-dyn.prod-infinitum.com.mx"
         ],
         "ip" : "189.237.161.116",
         "ipv6" : "false",
         "latitude" : "28.7137",
         "location" : "28.7137,-106.2090",
         "longitude" : "-106.2090",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "UNINET",
         "os" : "FreeBSD",
         "osvendor" : "FreeBSD",
         "port" : 4782,
         "product" : "HTTP Server",
         "productvendor" : "Apache",
         "productversion" : "2.4.54",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Not Found",
         "reverse" : [
            "dsl-189-237-161-116-dyn.prod-infinitum.com.mx"
         ],
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 404,
         "subnet" : "189.237.0.0/16",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "com.mx"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 62.234.24.109:4782 (tcp/http) - last seen on 2024-11-07 at 03:31:19 UTC

    • IP
      62.234.24.109
      Network
      62.234.0.0/16
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://62.234.24.109:4782/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      ASN
      AS45090
      Organization
      Shenzhen Tencent Computer Systems Company Limited
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx 1.23.3
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      8f4262e9d39fce1d46cbd86caba71bc9
      HTTP Header MD5
      c3aa27ed3b42ce6989c1a3b3b1fda80b
      HTTP Body MD5
      04672d0a98ffcd457c06e5be0e5ee243
    • HTTP/1.1 400 Bad Request
      Server: nginx/1.23.3
      Date: Thu, 07 Nov 2024 03:31:18 GMT
      Content-Type: text/html
      Content-Length: 255
      Connection: close
      
      <html>
      <head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
      <body>
      <center><h1>400 Bad Request</h1></center>
      <center>The plain HTTP request was sent to HTTPS port</center>
      <hr><center>nginx/1.23.3</center>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:31:19.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "04672d0a98ffcd457c06e5be0e5ee243",
               "bodymmh3" : -1165575734,
               "headermd5" : "c3aa27ed3b42ce6989c1a3b3b1fda80b",
               "headermmh3" : 1261560222,
               "title" : "400 The plain HTTP request was sent to HTTPS port"
            },
            "length" : 407
         },
         "asn" : "AS45090",
         "country" : "CN",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.23.3\r\nDate: Thu, 07 Nov 2024 03:31:18 GMT\r\nContent-Type: text/html\r\nContent-Length: 255\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.23.3</center>\r\n</body>\r\n</html>\r\n",
         "datamd5" : "8f4262e9d39fce1d46cbd86caba71bc9",
         "datammh3" : -938381467,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS45090",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "CN",
            "countryname" : "China",
            "domain" : [
               "tencent.com"
            ],
            "isineu" : "false",
            "latitude" : "35.86166",
            "location" : "35.86166,104.195397",
            "longitude" : "104.195397",
            "netname" : "TENCENT-CN",
            "organization" : "Tencent Cloud Computing (Beijing) Co., Ltd",
            "subnet" : "62.234.0.0/16"
         },
         "ip" : "62.234.24.109",
         "ipv6" : "false",
         "latitude" : "34.7732",
         "location" : "34.7732,113.7220",
         "longitude" : "113.7220",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Shenzhen Tencent Computer Systems Company Limited",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 4782,
         "product" : "Nginx",
         "productvendor" : "F5",
         "productversion" : "1.23.3",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Bad Request",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 400,
         "subnet" : "62.234.0.0/16",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 78.131.119.16:4782 (tcp/unknown) - last seen on 2024-11-07 at 03:30:21 UTC

    • IP
      78.131.119.16
      Network
      78.131.0.0/17
      Device

      <enterprise field>: device.class

      ASN
      AS20845
      Organization
      DIGI Tavkozlesi es Szolgaltato Kft.
      Protocol
      unknown
      Source
      datascan
    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      98e07eb67f7a7da6b848684089771e2c
    • \xff\xb9\xa7\x9d\xfa;\x07	>+~x\xd7?\x19\xd5\xb2\xa4\xe1_k\xc8\xb4\xdf\xc9\x04a\xc7 \xd3\x8c\xe4\x80\xfd#}+\xec\xee\xac\x05cC\x90\xc3\x97;$\xb3\xb2\xe7\x15\xd0\xb9\xf4N)p\x81\xd5\xa2\xa7\xa0\xd8\x16\x85g\x1f67{\xa3\x9cv\xa5i\xb5\xfd\xa3mpB\x95\xdac\x10\x94\xadf\x966v\\xe9\xd3*\xe8\xcd>s\x1ci\x8e\xb1\xebp\xd5\xc3\xfcr\xcc\xa4h\xddN \xbf\xfd;k\xca\xe6\xba\xcb\x0b\x7f`\xa6f\x95E\xa6\xb9\xd9\xdc0\xfa\?\x1e\x97\xda\x85.\xd1\xa4R\xa9,:\xd5s\x89\x90\xe3\x85\x15\x84\xeb\x8d\xd2\x914NLy\x87\x9cT \x1b\x0d\xbd\xb9\x94+\xfb\x14- Y(\xa2\x13\xd2\x8b\xd7\x87\xed\x1dy\xd1?}\xa9\xda\xa5u]'\xb8\xec\xb2\xd03\x8cOu\xbb+	\xb6\xf4\x04$\xe1\xfd\x04\x07	&\xc0\x89\xa6\xefj>8\xa2\xd6q\xe9z\x8f\x83\xa8\x93Z_\xad\xe4\x94I TIb\xc1\xacr\x9ep\xa4d\xf0\xe8\xa9\xaf\xc57\x97\xab\x9c\x13\x01\xfe+\xaf\xb1\x9c\xa3\xa7W\xae\xf3\xb7\x82\xb4\xf1\x1c\x84\x1d%i\x0cl&I\x9c\x16\x00n\xa78\x15\xa8\x18]\x9fm\x82[\xa3%\xec\\xac\xab\xe1O\xeb\xe4\xbf\x97&\x0f?\xbc\xdad\xdc\xd5\x99\xc7\xe3H\x1b\xf4Fd\x1fs\xcf\xbc\x8f\x0e\x02N	RV\xbf\x16\xe2\xcdlA[\x85\xda\x98\xdf9\xc01&\xb1\xac\xc9T\xcf\x08\x91+wI\xf369{\xe3\xd7\xbb\xd5\x7f\xd5\x90J\x9d8\xff8@\x16\xdb\xd5\x82\xe0\xf1C\xe1\x16\xf1y\x83\x86\x83\xe8
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:30:21.000Z",
         "app" : {
            "length" : 398
         },
         "asn" : "AS20845",
         "city" : "Budapest",
         "country" : "HU",
         "data" : "\\xff\\xb9\\xa7\\x9d\\xfa;\\x07\t>+~x\\xd7?\\x19\\xd5\\xb2\\xa4\\xe1_k\\xc8\\xb4\\xdf\\xc9\\x04a\\xc7 \\xd3\\x8c\\xe4\\x80\\xfd#}+\\xec\\xee\\xac\\x05cC\\x90\\xc3\\x97;$\\xb3\\xb2\\xe7\\x15\\xd0\\xb9\\xf4N)p\\x81\\xd5\\xa2\\xa7\\xa0\\xd8\\x16\\x85g\\x1f67{\\xa3\\x9cv\\xa5i\\xb5\\xfd\\xa3mpB\\x95\\xdac\\x10\\x94\\xadf\\x966v\\\\xe9\\xd3*\\xe8\\xcd>s\\x1ci\\x8e\\xb1\\xebp\\xd5\\xc3\\xfcr\\xcc\\xa4h\\xddN \\xbf\\xfd;k\\xca\\xe6\\xba\\xcb\\x0b\\x7f`\\xa6f\\x95E\\xa6\\xb9\\xd9\\xdc0\\xfa\\?\\x1e\\x97\\xda\\x85.\\xd1\\xa4R\\xa9,:\\xd5s\\x89\\x90\\xe3\\x85\\x15\\x84\\xeb\\x8d\\xd2\\x914NLy\\x87\\x9cT \\x1b\\x0d\\xbd\\xb9\\x94+\\xfb\\x14- Y(\\xa2\\x13\\xd2\\x8b\\xd7\\x87\\xed\\x1dy\\xd1?}\\xa9\\xda\\xa5u]'\\xb8\\xec\\xb2\\xd03\\x8cOu\\xbb+\t\\xb6\\xf4\\x04$\\xe1\\xfd\\x04\\x07\t&\\xc0\\x89\\xa6\\xefj>8\\xa2\\xd6q\\xe9z\\x8f\\x83\\xa8\\x93Z_\\xad\\xe4\\x94I TIb\\xc1\\xacr\\x9ep\\xa4d\\xf0\\xe8\\xa9\\xaf\\xc57\\x97\\xab\\x9c\\x13\\x01\\xfe+\\xaf\\xb1\\x9c\\xa3\\xa7W\\xae\\xf3\\xb7\\x82\\xb4\\xf1\\x1c\\x84\\x1d%i\\x0cl&I\\x9c\\x16\\x00n\\xa78\\x15\\xa8\\x18]\\x9fm\\x82[\\xa3%\\xec\\\\xac\\xab\\xe1O\\xeb\\xe4\\xbf\\x97&\\x0f?\\xbc\\xdad\\xdc\\xd5\\x99\\xc7\\xe3H\\x1b\\xf4Fd\\x1fs\\xcf\\xbc\\x8f\\x0e\\x02N\tRV\\xbf\\x16\\xe2\\xcdlA[\\x85\\xda\\x98\\xdf9\\xc01&\\xb1\\xac\\xc9T\\xcf\\x08\\x91+wI\\xf369{\\xe3\\xd7\\xbb\\xd5\\x7f\\xd5\\x90J\\x9d8\\xff8@\\x16\\xdb\\xd5\\x82\\xe0\\xf1C\\xe1\\x16\\xf1y\\x83\\x86\\x83\\xe8",
         "datamd5" : "98e07eb67f7a7da6b848684089771e2c",
         "datammh3" : 31044293,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS20845",
            "continent" : "EU",
            "continentname" : "Europe",
            "country" : "HU",
            "countryname" : "Hungary",
            "domain" : [
               "digi.hu",
               "digikabel.hu",
               "hdsnet.hu"
            ],
            "isineu" : "true",
            "latitude" : "47.162494",
            "location" : "47.162494,19.503304",
            "longitude" : "19.503304",
            "netname" : "DIGI-1",
            "organization" : "DIGI-1",
            "subnet" : "78.131.112.0/21"
         },
         "ip" : "78.131.119.16",
         "ipv6" : "false",
         "latitude" : "47.5636",
         "location" : "47.5636,19.0947",
         "longitude" : "19.0947",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "DIGI Tavkozlesi es Szolgaltato Kft.",
         "port" : 4782,
         "protocol" : "unknown",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "subnet" : "78.131.0.0/17",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 90.188.7.239:4782 (tcp/http) - last seen on 2024-11-07 at 03:28:41 UTC

    • IP
      90.188.7.239
      Network
      90.188.0.0/19
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://90.188.7.239:4782/ 200

      HTTP Title
      Macroscop
      ASN
      AS12846
      Organization
      Rostelecom
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows
      Product
      Microsoft HTTPAPI 2.0
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      3fcbcbd5985fbea1762aee92aa149587
      HTTP Header MD5
      be433812701c2cadd3303fac3bcb38e4
      HTTP Body MD5
      c012289bc90407ace8b6113b227602cb
    • HTTP/1.1 200 OK
      Content-Length: 1546
      Content-Type: text/html
      Server: Microsoft-HTTPAPI/2.0
      Date: Thu, 07 Nov 2024 03:28:47 GMT
      Connection: close
      
      
      				<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>Macroscop</title>
      				<style type="text/css">
      				   .main-block  
      				   {
         						width: 470;   		
      						margin-left:auto;
      						margin-right:auto;
      						border: 1px solid #000000;
      				   }
      				   .links-and-info  
      				   {    	
         						height: 160;	   		
      						margin-left:auto;
      						margin-right:auto;		
      						border: 0px solid #0000ff;	
      						background: #fff5dc;		
      				   }
      				   .links  
      				   {   
         						margin-top: 20;   		
      	 					float: left;
      						width: 30%;					
      				   }
      				   .info  
      				   {       	
         						float: left;
      						width: 70%;		
      						margin-top: 30;		
      				   }   
      				  </style> 
      				  </head>
      				<body>
      				<div class="main-block" >		
      					<div class="mcheader"   >
      						<img src="web/header.png" height="auto"  width="100%" alt="Macroscop" style="max-height: 90px;"/>
      					</div>
      					<div  class="links-and-info" >	
      						<div class="links" align="center"><a href="web/index.html?lang=ru">
      												<button ><img  src="web/macroscop.png"/>
      												<p style="margin-top: 0.3em;">Web-Клиент </p>
      												</button></a>
      
      						</div>
      						<div class="info" ><span>Название конфигурации: Popov.<br /> Текущее состояние: Сервер активен. <br /> Время запуска: 31.10.2024 16:20:41. <br /> Версия сервера: 2.1.24</span></div>		
      					</div>	
      				 </div>
      				</body></html>
      			
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:28:41.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "c012289bc90407ace8b6113b227602cb",
               "bodymmh3" : 896222689,
               "headermd5" : "be433812701c2cadd3303fac3bcb38e4",
               "headermmh3" : -1865445392,
               "title" : "Macroscop"
            },
            "length" : 1699
         },
         "asn" : "AS12846",
         "country" : "RU",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nContent-Length: 1546\r\nContent-Type: text/html\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 07 Nov 2024 03:28:47 GMT\r\nConnection: close\r\n\r\n\ufeff\r\n\t\t\t\t<html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"><title>Macroscop</title>\r\n\t\t\t\t<style type=\"text/css\">\r\n\t\t\t\t   .main-block  \r\n\t\t\t\t   {\r\n   \t\t\t\t\t\twidth: 470;   \t\t\r\n\t\t\t\t\t\tmargin-left:auto;\r\n\t\t\t\t\t\tmargin-right:auto;\r\n\t\t\t\t\t\tborder: 1px solid #000000;\r\n\t\t\t\t   }\r\n\t\t\t\t   .links-and-info  \r\n\t\t\t\t   {    \t\r\n   \t\t\t\t\t\theight: 160;\t   \t\t\r\n\t\t\t\t\t\tmargin-left:auto;\r\n\t\t\t\t\t\tmargin-right:auto;\t\t\r\n\t\t\t\t\t\tborder: 0px solid #0000ff;\t\r\n\t\t\t\t\t\tbackground: #fff5dc;\t\t\r\n\t\t\t\t   }\r\n\t\t\t\t   .links  \r\n\t\t\t\t   {   \r\n   \t\t\t\t\t\tmargin-top: 20;   \t\t\r\n\t \t\t\t\t\tfloat: left;\r\n\t\t\t\t\t\twidth: 30%;\t\t\t\t\t\r\n\t\t\t\t   }\r\n\t\t\t\t   .info  \r\n\t\t\t\t   {       \t\r\n   \t\t\t\t\t\tfloat: left;\r\n\t\t\t\t\t\twidth: 70%;\t\t\r\n\t\t\t\t\t\tmargin-top: 30;\t\t\r\n\t\t\t\t   }   \r\n\t\t\t\t  </style> \r\n\t\t\t\t  </head>\r\n\t\t\t\t<body>\r\n\t\t\t\t<div class=\"main-block\" >\t\t\r\n\t\t\t\t\t<div class=\"mcheader\"   >\r\n\t\t\t\t\t\t<img src=\"web/header.png\" height=\"auto\"  width=\"100%\" alt=\"Macroscop\" style=\"max-height: 90px;\"/>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<div  class=\"links-and-info\" >\t\r\n\t\t\t\t\t\t<div class=\"links\" align=\"center\"><a href=\"web/index.html?lang=ru\">\r\n\t\t\t\t\t\t\t\t\t\t\t\t<button ><img  src=\"web/macroscop.png\"/>\r\n\t\t\t\t\t\t\t\t\t\t\t\t<p style=\"margin-top: 0.3em;\">Web-\u041a\u043b\u0438\u0435\u043d\u0442 </p>\r\n\t\t\t\t\t\t\t\t\t\t\t\t</button></a>\r\n\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t<div class=\"info\" ><span>\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438: Popov.<br /> \u0422\u0435\u043a\u0443\u0449\u0435\u0435 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435: \u0421\u0435\u0440\u0432\u0435\u0440 \u0430\u043a\u0442\u0438\u0432\u0435\u043d. <br /> \u0412\u0440\u0435\u043c\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430: 31.10.2024 16:20:41. <br /> \u0412\u0435\u0440\u0441\u0438\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u0430: 2.1.24</span></div>\t\t\r\n\t\t\t\t\t</div>\t\r\n\t\t\t\t </div>\r\n\t\t\t\t</body></html>\r\n\t\t\t\r\n",
         "datamd5" : "3fcbcbd5985fbea1762aee92aa149587",
         "datammh3" : 1458007362,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS12846",
            "continent" : "EU",
            "continentname" : "Europe",
            "country" : "RU",
            "countryname" : "Russia",
            "domain" : [
               "ab.ru",
               "rt.ru"
            ],
            "isineu" : "false",
            "latitude" : "61.52401",
            "location" : "61.52401,105.318756",
            "longitude" : "105.318756",
            "netname" : "WEBSTREAM",
            "organization" : "Allocation for Altay regional branch of OJSC \"Sibirtelecom",
            "subnet" : "90.188.4.0/22"
         },
         "ip" : "90.188.7.239",
         "ipv6" : "false",
         "latitude" : "55.7386",
         "location" : "55.7386,37.6068",
         "longitude" : "37.6068",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Rostelecom",
         "os" : "Windows",
         "osvendor" : "Microsoft",
         "port" : 4782,
         "product" : "HTTPAPI",
         "productvendor" : "Microsoft",
         "productversion" : "2.0",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 200,
         "subnet" : "90.188.0.0/19",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 82.102.31.22:4782 (tcp/http) - last seen on 2024-11-07 at 03:28:39 UTC

    • IP
      82.102.31.22
      Network
      82.102.16.0/20
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://82.102.31.22:4782/ 302

      HTTP Title
      302 Found
      ASN
      AS9009
      Organization
      M247 Europe SRL
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      Server Server
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      d01eeb6a6923e88a55383f7d9f706f6d
      HTTP Header MD5
      87366acd3126b9318804da42bd42d33f
      HTTP Body MD5
      9adea8ca17896ec9470731b47df2bbee
    • HTTP/1.1 302 Found
      Date: Thu, 07 Nov 2024 03:28:38 UTC
      Server: server
      X-XSS-Protection: 1; mode=block
      X-Frame-Options: SameOrigin
      X-Content-Type-Options: nosniff
      Location: https://<ip>:4782/mifs/user/index.html
      Content-Length: 288
      Connection: close
      Content-Type: text/html; charset=iso-8859-1
      
      <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
      <html><head>
      <title>302 Found</title>
      </head><body>
      <h1>Found</h1>
      <p>The document has moved <a href="https://<ip>:4782/mifs/user/index.html">here</a>.</p>
      <hr>
      <address>server Server at <ip> Port 4782</address>
      </body></html>
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:28:39.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "9adea8ca17896ec9470731b47df2bbee",
               "bodymmh3" : 1181517341,
               "headermd5" : "87366acd3126b9318804da42bd42d33f",
               "headermmh3" : -1825498275,
               "title" : "302 Found"
            },
            "length" : 582
         },
         "asn" : "AS9009",
         "city" : "Las Vegas",
         "country" : "US",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 302 Found\r\nDate: Thu, 07 Nov 2024 03:28:38 UTC\r\nServer: server\r\nX-XSS-Protection: 1; mode=block\r\nX-Frame-Options: SameOrigin\r\nX-Content-Type-Options: nosniff\r\nLocation: https://<ip>:4782/mifs/user/index.html\r\nContent-Length: 288\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>302 Found</title>\n</head><body>\n<h1>Found</h1>\n<p>The document has moved <a href=\"https://<ip>:4782/mifs/user/index.html\">here</a>.</p>\n<hr>\n<address>server Server at <ip> Port 4782</address>\n</body></html>",
         "datamd5" : "d01eeb6a6923e88a55383f7d9f706f6d",
         "datammh3" : 1909479889,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS9009",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "m247.ro"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "M247-LAS-VEGAS",
            "organization" : "M247 Ltd Las Vegas",
            "subnet" : "82.102.31.0/25"
         },
         "ip" : "82.102.31.22",
         "ipv6" : "false",
         "latitude" : "36.1685",
         "location" : "36.1685,-115.1164",
         "longitude" : "-115.1164",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "M247 Europe SRL",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 4782,
         "product" : "Server",
         "productvendor" : "Server",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Found",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 302,
         "subnet" : "82.102.16.0/20",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 151.236.24.85:4782 (tcp/http) - last seen on 2024-11-07 at 03:28:12 UTC

    • IP
      151.236.24.85
      Network
      151.236.24.0/24
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

      Operating System
      Citrix Gateway Firmware
      URL

      http://151.236.24.85:4782/ 200

      HTTP Title
      Citrix Login
      ASN
      AS50613
      Organization
      Advania Island ehf
      Protocol
      http
      Source
      datascan
    • Operating System
      Citrix Gateway Firmware
      Product
      Apache HTTP Server
      HTTP Component(s)
      Citrix Application Delivery Controller
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      f50231a1ad3d593a592f090d4539250c
      HTTP Header MD5
      55170e92938f57cfcbf6e830ab224cb0
      HTTP Body MD5
      09ffec8653713e45192e22c38c577a1e
    • HTTP/1.1 200 OK
      content-type: text/html; charset=UTF-8
      content-length: 18752
      server: Apache
      x-frame-options: SAMEORIGIN
      content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-fonts-linking.css; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data: blob:; font-src 'self' data: https://cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-sans/; frame-ancestors 'self'; object-src 'none';
      feature-policy: camera 'none'; microphone 'none'; geolocation 'none'
      referrer-policy: no-referrer
      x-xss-protection: 1; mode=block
      x-content-type-options: nosniff
      connection: close
      
      <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
      <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
      
      <head>
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
      <meta http-equiv="X-UA-Compatible" content="IE=edge">
      <meta http-equiv="Pragma" content="no-cache" />
      <title>Citrix Login</title>
      
      <link rel="icon" type="image/ico" href="/favicon.ico"/>
      <link rel="stylesheet" href="/admin_ui/common/css/ns/ui.css" type="text/css">
      <script type="text/javascript" src="/admin_ui/common/js/jquery/jquery.min.js"></script>
      <script type="text/javascript" src="/admin_ui/common/js/jquery/jquery.keyfilter.min.js"></script>
      <style type="text/css">
      .ns_alert_text a:hover
      {
          color: #0000FF !important;
      }
      
      </style>
      <!--[if IE]>
      <style type="text/css">
      .login_combo
      {
          width: 83%;
      }
      
      .login_button_cell
      {
          padding-right: 31px;
      }
      </style>
      <![endif]-->
      <script language="JavaScript" type="text/javascript">
      var display_flag = "block";
      var admin_gui_https_port = "443";
      if(!document.all)
          display_flag = "table-row";
      
      function checkform ( form )
      {
          //getTimezoneOffset() will return (GMT - client) minutes. We need (client - GMT) seconds
          document.form1.timezone_offset.value = new Date().getTimezoneOffset() * -60;
      
          if (form.username.value === "") {
            show_error("Please enter user name", form.username);
            return false;
          }
          if (form.password.value === "") {
            show_error("Please enter password", form.password);
            return false;
          }
      
          form.username.value = addslashes(form.username.value);
          form.password.value = addslashes(form.password.value);
      
          form.username.value = encodeURIComponent(form.username.value);
          form.password.value = encodeURIComponent(form.password.value);
      
          loggingInText();
          var intervalId = setInterval(loggingInText, 200);
          $(".login_button").prop("disabled", true);
      
          return true ;
      }
      
      function addslashes(string) {
          return string.replace(/\\/g, '\\\\').
              replace(/\t/g, '\\t').
              replace(/\n/g, '\\n').
              replace(/\f/g, '\\f').
              replace(/\r/g, '\\r').
              replace(/"/g, '\\"');
      }
      
      function checkHTTP()
      {
          if (location.protocol == "http:")
          {
              var login_link_anchor = $("<a>").attr("tabindex", "0").addClass("ns_login_link").append("Use https");
      
              login_link_anchor.click(function() {
                  redirectToHTTPS();
              });
      
              login_link_anchor.keypress(function(e) {
                  var keynum;
      
                  if(window.event) // IE
                  {
                      keynum = e.keyCode;
                  }
                  else if(e.which) // Netscape/Firefox/Opera
                  {
                      keynum = e.which;
                  }
      
                  if(keynum == 13) //Enter key
                  {
                      login_link_anchor.click();
                  }
              });
      
              $(".ns_login_secure").append(login_link_anchor);
          }
          else
          {
              $('.ns_login_secure').hide();
      
              return "";
          }
      }
      
      function redirectToHTTPS()
      {
          var url_suffix = (admin_gui_https_port != "443" && admin_gui_https_port != 443) ? (":" + admin_gui_https_port): "";
          var url = "https://" + location.host + url_suffix;
      
          window.location.href = url;
      }
      
      function key_pressed(e)
      {
          var keynum;
      
          if(window.event) // IE
              keynum = e.keyCode;
          else if(e.which) // Netscape/Firefox/Opera
              keynum = e.which;
      
          if(keynum == 13) //Enter key
              submit_form();
      
          return true;
      }
      
      var dots = 0;
      
      function loggingInText() {
      	$("#logintext").text("Logging On");
      	if (dots < 3) {
      		$('#loadingdots').append('.');
      		dots++;
      	} else {
      		$('#loadingdots').html('');
      		dots = 0;
      	}
      }
      
      function submit_form()
      {
          if(checkform(document.form1))
          {
              document.form1.submit();
          }
      }
      
      function is_options_shown()
      {
          var startin_row = document.getElementById("ns_login_options");
          return (!startin_row.style || startin_row.style.display == "" || startin_row.style.display == display_flag);
      }
      
      function show_error(message, element)
      {
          if(element)
          {
              setTimeout(function(){ element.focus();}, 500);
          }
      
          if(message)
          {
              $("#login_error").text(message);
              $("#login_error").css('visibility', 'visible');
          }
      }
      
      // Mapping used by decodeXml
      var escaped_one_to_xml_special_map = {
          '&amp;': '&',
          '&quot;': '"',
          '&lt;': '<',
          '&gt;': '>',
          "&#039;": "'"
      };
      
      // To decode the strings which are encoded using php function htmlspecialchars in the backend
      function decodeXml(string) {
          return string.replace(/(&quot;|&#039;|&lt;|&gt;|&amp;)/g,
              function(str, item) {
                  return escaped_one_to_xml_special_map[item];
          });
      }
      
      function isSafari() {
        return /Safari/.test(navigator.userAgent) && /Apple Computer/.test(navigator.vendor);
      }
      
      function getSupportedVersionString() {
          try {
      		var display_string = "Best viewed in IE8+, Firefox 3.6.25+, Chrome v19+ or Safari 5.1.1+(for Mac)";
      		var nAgt = navigator.userAgent;
      		var browserName = navigator.appName;
      		var fullVersion = '' + parseFloat(navigator.appVersion);
      		var majorVersion = parseInt(navigator.appVersion, 10);
      		var nameOffset, verOffset, ix;
      		var vendor = null;
      		if (navigator.vendor !== null) vendor = navigator.vendor.toLowerCase();
      		// User agents for IE http://msdn.microsoft.com/library/ms537503.aspx
      		if ((nAgt.indexOf("Trident")) != -1) {
      			if (nAgt.indexOf("rv:") != -1) {
      				preg_match('/Trident\/\d{1,2}.\d{1,2}.*rv:([0-9]*)/', nAgt, $matches);
      				browserName = "MSIE";
      				fullVersion = $matches[1];
      			} else if ((verOffset = nAgt.indexOf("MSIE")) != -1) {
      				browserName = "MSIE";
      				fullVersion = nAgt.substring(verOffset + 5);
      			}
      		}
              // For Edge.
              else if ((nAgt.indexOf("Edge")) != -1) {
                  browserName = "EDGE";
              }
      		// In Chrome, the true version is after "Chrome"
      		else if ((verOffset = nAgt.indexOf("Chrome")) != -1) {
      			browserName = "Chrome";
      			fullVersion = nAgt.substring(verOffset + 7);
      		}
      		// In Safari, the true version is after "Safari" or after "Version"
      		else if ((verOffset = nAgt.indexOf("Safari")) != -1) {
      			browserName = "Safari";
      			fullVersion = nAgt.substring(verOffset + 7);
      			if ((verOffset = nAgt.indexOf("Version")) != -1) fullVersion = nAgt.substring(verOffset + 8);
      		}
      		// In Firefox, the true version is after "Firefox"
      		else if ((verOffset = nAgt.indexOf("Firefox")) != -1) {
      			browserName = "Firefox";
      			fullVersion = nAgt.substring(verOffset + 8);
      		}
      		// If you can't detect the browser, return the not-supported warning string
      		else {
      			$(".ns_browser_not_supported_center").show();
      			return;
      		}
      		// trim the fullVersion string at semicolon/space if present
      		if ((ix = fullVersion.indexOf(";")) != -1) fullVersion = fullVersion.substring(0, ix);
      		if ((ix = fullVersion.indexOf(" ")) != -1) fullVersion = fullVersion.substring(0, ix);
      		majorVersion = parseInt('' + fullVersion, 10);
      		if (isNaN(majorVersion)) {
      			fullVersion = '' + parseFloat(navigator.appVersion);
      			majorVersion = parseInt(navigator.appVersion, 10);
      		}
      		if ((browserName == "EDGE") ||
                  (browserName == "MSIE" && compareFullVersion(fullVersion, "8")) || //IE
      			(browserName == "Firefox" && compareFullVersion(fullVersion, "3.6.25")) || //Firefox
      			(browserName == "Chrome" && compareFullVersion(fullVersion, "19") && vendor !== null && vendor.indexOf('google') != -1) || //chrome
      			(browserName == "Safari" && compareFullVersion(fullVersion, "5.1.1") && vendor !== null && vendor.indexOf('apple') != -1) && nAgt.toLowerCase().indexOf('mac') != -1) //Safari for mac
      		{
      			$(".ns_login_center_content").show();
      			return;
      		} else {
      			$(".ns_browser_not_supported_center").show();
      			return;
      		}
      	} catch (err) {
      		$(".ns_login_center_content").show();
      		return;
      	}
      	$(".ns_login_center_content").show();
      }
      
      function show_login_pane()
      {
          $(".ns_browser_not_supported_center").hide();
          $(".ns_login_center_content").show();
      }
      
      function compareFullVersion(a, b) //if a>b, return true, else return false
      {
      
      	if (a === b)
          {
             return true;
          }
      
          var a_components = a.split(".");
          var b_components = b.split(".");
      
          var len = Math.min(a_components.length, b_components.length);
      
          // loop while the components are equal
          for (var i = 0; i < len; i++)
          {
              // A bigger than B
              var val_a = parseInt(a_components[i]);
      		var val_b = parseInt(b_components[i]);
      		if(isNaN(val_a) || isNaN(val_b))
      		 return false;
      		if (parseInt(a_components[i]) > parseInt(b_components[i]))
              {
                  return true;
              }
      
              // B bigger than A
              if (parseInt(a_components[i]) < parseInt(b_components[i]))
              {
                  return false;
              }
          }
      
          // If one's a prefix of the other, the longer one is greater.
          if (a_components.length >= b_components.length)
          {
              return true;
          }
      
          return false;
      }
      
      show_eula = function(uname)
      {
         $("#eula-text").html(eula_message);
         $("#ns_login_content").addClass("overlay");
         $("#eula-container").show();
         $("#eula-accepted").prop('checked', false);
         $("#username").val(uname)
      
      }
      
      close_eula = function()
      {
         $("#ns_login_content").removeClass("overlay")
         $("#eula-container").hide();
      
      }
      
      continue_eula = function()
      {
          var eula_accepted = $("#eula-checkbox").prop('checked');
          if (eula_accepted)
          {
              close_eula();
              $("#eula-accepted").prop('checked', eula_accepted);
          }
          else
          {
              $("#eula_error").show();
          }
      }
      
      
      </script>
      
      </head>
      <body class="ns_login_body">
      <noscript>
          <div class="center_panel ns_alert_text">
              JavaScript is either disabled in or not supported by the Web browser. To continue logon, use a Web browser that supports JavaScript or enable JavaScript in your current browser.
          </div>
      </noscript>
      
      <form name="form1" action="/login/do_login" method="post" autocomplete="off" autocapitalize="off" onsubmit="return checkform(this);">
          <div class="ns_login_wrapper">
      	    <div class="ns_login_inner_wrapper">
                  <div class="ns_login_top" style="display: none;"></div>
      			<div class="ns_login_center">
      			    <div class="ns_browser_not_supported_center" >
      		        	<span>Citrix ADC</span>
      	              	<div class="ns_browser_not_supported_center_content">
      		                <div class="ns_browser_not_supported_center_message"> Your browser is not supported. Please use one of the following browsers
      		                </div>
      	                 	<div>
      	                       <div class="ns_browser_not_supported_browser_icon">
      	                       		<div>
      	                           		<img src="/admin_ui/rdx/core/css/internet-explorer.png" alt="Internet Explorer">
      	                       			<div>8 and above</div>
      	                   			</div>
      	               			</div>
      	                       <div class="ns_browser_not_supported_browser_icon">
      	                       		<div>
      	                       			<img src="/admin_ui/rdx/core/css/firefox.png" alt="Firefox">
      	                       			<div>3.6.25 and above</div>
      	                   			</div>
      	               			</div>
      	                       <div class="ns_browser_not_supported_browser_icon">
      	                       		<div>
      	                       			<img src="/admin_ui/rdx/core/css/chrome.png" alt="Chrome">
      	                       			<div>15 and above</div>
      	                       		</div>
      	                   		</div>
      	                       <div class="ns_browser_not_supported_browser_icon no_boder">
      	                       		<div>
      	                       			<img src="/admin_ui/rdx/core/css/safari.png" alt="Safari">
      	                       			<div>5.1.3 and above</div>
      	                   			</div>
      	               			</div>
      	                  	</div>
      	                 	<p class="ns_browser_not_supported_center_message">
      	                 		<a onkeypress="javascript: if(event.keyCode == 13) {show_login_pane(); event.preventDefault();}" onclick="show_login_pane()"> Continue, </a> I understand this browser may not be compatible.
      	         			</p>
      	              	</div>
      		        </div>
      		        <div class="ns_login_center_content">
      					<div  class="ns_login_inner_div">
      						<div  class="ns_login_form" >
                                  <div id="login_error" class="login_error">
                                  </div>
      						   	<div id="ns_user_pass_section">
      								<div class="ns_grid_text user_name">
                                          <span>User Name</span>
      
                                          <label for="username" style="display: none;">User Name</label>
                                          <input type="text" id="username" name="username" class="login_input" onfocus=1>
      								</div>
      
      								<div class="ns_grid_text login_password">
                                          <span>Password</span>
      
      									<label for="password" style="display: none;">Password</label>
                                          <input type="password" name="password" id="password" class="login_input">
      								</div>
                                          <div style="display:none">
                                              <label for="eula-accepted" style="display: none;">EULA</label>
                                              <input type="checkbox" name="eula" id="eula-accepted" value="TRUE">
                                          </div>
                                          <div class="login_button_cell">
                                              <label for="url" style="display: none;">URL</label>
                                              <input type="hidden" name="url" id="url" value="">
      
                                              <label for="timezone_offset" style="display: none;">Timezone Offset</label>
                                              <input type="hidden" name="timezone_offset" id="timezone_offset" value="">
      
                                              <button type="submit" class="login_button rdx_blue_button"><span id="logintext">Log On</span><span id="loadingdots"></span></button>
                                          </div>
                                  </div>
      							<div class="ns_login_logo ns_logo_placement">
                                      <img src="/admin_ui/common/images/ADC_Horizontal.svg" alt="Citrix logo image" class="product_brand_logo"/>
      
      								<div class="ns_login_secure"></div>
      							</div>
      						</div>
      					</div>
      			</div>
      		    </div>
      		    </div>
      		</div>
      	</div>
      </form>
      
      <script language="JavaScript" type="text/javascript">
      //Don't allow this page to be embedded inside a frame
      if(self != top)
      {
          document.getElementsByTagName("body")[0].style.display = "none";
          top.location = self.location;
      }
      else
      {
      
          $('form[name="form1"] #username').focus();
      }
      
      function input_hints() {
          var inputs = document.getElementsByTagName("input");
          for (var i = 0; i < inputs.length; i++) {
                  // test to see if the hint span exists first
                  if (inputs[i].parentNode.getElementsByTagName("span")[0]) {
                          // the span exists!  on focus, show the hint
                          inputs[i].onfocus = function() {
                                  this.parentNode.getElementsByTagName("span")[0].className = "ns_active ns_active_color";
                          };
                                  // when the cursor moves away from the field, hide the hint
                          inputs[i].onblur = function() {
                                  this.parentNode.getElementsByTagName("span")[0].className = "ns_active";
                          };
                  }
          }
          // repeat the same tests as above for selects
          var selects = document.getElementsByTagName("select");
          for (var k = 0; k < selects.length;
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:28:12.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "microsoft.com",
                  "citrix.com",
                  "w3.org"
               ],
               "hostname" : [
                  "cdn-web.citrix.com",
                  "msdn.microsoft.com",
                  "www.w3.org"
               ],
               "url" : [
                  "http://msdn.microsoft.com/library/ms537503.aspx",
                  "http://www.w3.org/1999/xhtml",
                  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd",
                  "https://cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-fonts-linking.css;",
                  "https://cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-sans/;"
               ]
            },
            "favicon" : {
               "url" : "/favicon.ico"
            },
            "http" : {
               "bodymd5" : "09ffec8653713e45192e22c38c577a1e",
               "bodymmh3" : -460410389,
               "component" : [
                  {
                     "product" : "Application Delivery Controller",
                     "productvendor" : "Citrix"
                  }
               ],
               "headermd5" : "55170e92938f57cfcbf6e830ab224cb0",
               "headermmh3" : -603550982,
               "title" : "Citrix Login"
            },
            "length" : 16384
         },
         "asn" : "AS50613",
         "city" : "Hafnarfjordur",
         "country" : "IS",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 18752\r\nserver: Apache\r\nx-frame-options: SAMEORIGIN\r\ncontent-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-fonts-linking.css; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data: blob:; font-src 'self' data: https://cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-sans/; frame-ancestors 'self'; object-src 'none';\r\nfeature-policy: camera 'none'; microphone 'none'; geolocation 'none'\r\nreferrer-policy: no-referrer\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nconnection: close\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">\n\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<title>Citrix Login</title>\n\n<link rel=\"icon\" type=\"image/ico\" href=\"/favicon.ico\"/>\n<link rel=\"stylesheet\" href=\"/admin_ui/common/css/ns/ui.css\" type=\"text/css\">\n<script type=\"text/javascript\" src=\"/admin_ui/common/js/jquery/jquery.min.js\"></script>\n<script type=\"text/javascript\" src=\"/admin_ui/common/js/jquery/jquery.keyfilter.min.js\"></script>\n<style type=\"text/css\">\n.ns_alert_text a:hover\n{\n    color: #0000FF !important;\n}\n\n</style>\n<!--[if IE]>\n<style type=\"text/css\">\n.login_combo\n{\n    width: 83%;\n}\n\n.login_button_cell\n{\n    padding-right: 31px;\n}\n</style>\n<![endif]-->\n<script language=\"JavaScript\" type=\"text/javascript\">\nvar display_flag = \"block\";\nvar admin_gui_https_port = \"443\";\nif(!document.all)\n    display_flag = \"table-row\";\n\nfunction checkform ( form )\n{\n    //getTimezoneOffset() will return (GMT - client) minutes. We need (client - GMT) seconds\n    document.form1.timezone_offset.value = new Date().getTimezoneOffset() * -60;\n\n    if (form.username.value === \"\") {\n      show_error(\"Please enter user name\", form.username);\n      return false;\n    }\n    if (form.password.value === \"\") {\n      show_error(\"Please enter password\", form.password);\n      return false;\n    }\n\n    form.username.value = addslashes(form.username.value);\n    form.password.value = addslashes(form.password.value);\n\n    form.username.value = encodeURIComponent(form.username.value);\n    form.password.value = encodeURIComponent(form.password.value);\n\n    loggingInText();\n    var intervalId = setInterval(loggingInText, 200);\n    $(\".login_button\").prop(\"disabled\", true);\n\n    return true ;\n}\n\nfunction addslashes(string) {\n    return string.replace(/\\\\/g, '\\\\\\\\').\n        replace(/\\t/g, '\\\\t').\n        replace(/\\n/g, '\\\\n').\n        replace(/\\f/g, '\\\\f').\n        replace(/\\r/g, '\\\\r').\n        replace(/\"/g, '\\\\\"');\n}\n\nfunction checkHTTP()\n{\n    if (location.protocol == \"http:\")\n    {\n        var login_link_anchor = $(\"<a>\").attr(\"tabindex\", \"0\").addClass(\"ns_login_link\").append(\"Use https\");\n\n        login_link_anchor.click(function() {\n            redirectToHTTPS();\n        });\n\n        login_link_anchor.keypress(function(e) {\n            var keynum;\n\n            if(window.event) // IE\n            {\n                keynum = e.keyCode;\n            }\n            else if(e.which) // Netscape/Firefox/Opera\n            {\n                keynum = e.which;\n            }\n\n            if(keynum == 13) //Enter key\n            {\n                login_link_anchor.click();\n            }\n        });\n\n        $(\".ns_login_secure\").append(login_link_anchor);\n    }\n    else\n    {\n        $('.ns_login_secure').hide();\n\n        return \"\";\n    }\n}\n\nfunction redirectToHTTPS()\n{\n    var url_suffix = (admin_gui_https_port != \"443\" && admin_gui_https_port != 443) ? (\":\" + admin_gui_https_port): \"\";\n    var url = \"https://\" + location.host + url_suffix;\n\n    window.location.href = url;\n}\n\nfunction key_pressed(e)\n{\n    var keynum;\n\n    if(window.event) // IE\n        keynum = e.keyCode;\n    else if(e.which) // Netscape/Firefox/Opera\n        keynum = e.which;\n\n    if(keynum == 13) //Enter key\n        submit_form();\n\n    return true;\n}\n\nvar dots = 0;\n\nfunction loggingInText() {\n\t$(\"#logintext\").text(\"Logging On\");\n\tif (dots < 3) {\n\t\t$('#loadingdots').append('.');\n\t\tdots++;\n\t} else {\n\t\t$('#loadingdots').html('');\n\t\tdots = 0;\n\t}\n}\n\nfunction submit_form()\n{\n    if(checkform(document.form1))\n    {\n        document.form1.submit();\n    }\n}\n\nfunction is_options_shown()\n{\n    var startin_row = document.getElementById(\"ns_login_options\");\n    return (!startin_row.style || startin_row.style.display == \"\" || startin_row.style.display == display_flag);\n}\n\nfunction show_error(message, element)\n{\n    if(element)\n    {\n        setTimeout(function(){ element.focus();}, 500);\n    }\n\n    if(message)\n    {\n        $(\"#login_error\").text(message);\n        $(\"#login_error\").css('visibility', 'visible');\n    }\n}\n\n// Mapping used by decodeXml\nvar escaped_one_to_xml_special_map = {\n    '&amp;': '&',\n    '&quot;': '\"',\n    '&lt;': '<',\n    '&gt;': '>',\n    \"&#039;\": \"'\"\n};\n\n// To decode the strings which are encoded using php function htmlspecialchars in the backend\nfunction decodeXml(string) {\n    return string.replace(/(&quot;|&#039;|&lt;|&gt;|&amp;)/g,\n        function(str, item) {\n            return escaped_one_to_xml_special_map[item];\n    });\n}\n\nfunction isSafari() {\n  return /Safari/.test(navigator.userAgent) && /Apple Computer/.test(navigator.vendor);\n}\n\nfunction getSupportedVersionString() {\n    try {\n\t\tvar display_string = \"Best viewed in IE8+, Firefox 3.6.25+, Chrome v19+ or Safari 5.1.1+(for Mac)\";\n\t\tvar nAgt = navigator.userAgent;\n\t\tvar browserName = navigator.appName;\n\t\tvar fullVersion = '' + parseFloat(navigator.appVersion);\n\t\tvar majorVersion = parseInt(navigator.appVersion, 10);\n\t\tvar nameOffset, verOffset, ix;\n\t\tvar vendor = null;\n\t\tif (navigator.vendor !== null) vendor = navigator.vendor.toLowerCase();\n\t\t// User agents for IE http://msdn.microsoft.com/library/ms537503.aspx\n\t\tif ((nAgt.indexOf(\"Trident\")) != -1) {\n\t\t\tif (nAgt.indexOf(\"rv:\") != -1) {\n\t\t\t\tpreg_match('/Trident\\/\\d{1,2}.\\d{1,2}.*rv:([0-9]*)/', nAgt, $matches);\n\t\t\t\tbrowserName = \"MSIE\";\n\t\t\t\tfullVersion = $matches[1];\n\t\t\t} else if ((verOffset = nAgt.indexOf(\"MSIE\")) != -1) {\n\t\t\t\tbrowserName = \"MSIE\";\n\t\t\t\tfullVersion = nAgt.substring(verOffset + 5);\n\t\t\t}\n\t\t}\n        // For Edge.\n        else if ((nAgt.indexOf(\"Edge\")) != -1) {\n            browserName = \"EDGE\";\n        }\n\t\t// In Chrome, the true version is after \"Chrome\"\n\t\telse if ((verOffset = nAgt.indexOf(\"Chrome\")) != -1) {\n\t\t\tbrowserName = \"Chrome\";\n\t\t\tfullVersion = nAgt.substring(verOffset + 7);\n\t\t}\n\t\t// In Safari, the true version is after \"Safari\" or after \"Version\"\n\t\telse if ((verOffset = nAgt.indexOf(\"Safari\")) != -1) {\n\t\t\tbrowserName = \"Safari\";\n\t\t\tfullVersion = nAgt.substring(verOffset + 7);\n\t\t\tif ((verOffset = nAgt.indexOf(\"Version\")) != -1) fullVersion = nAgt.substring(verOffset + 8);\n\t\t}\n\t\t// In Firefox, the true version is after \"Firefox\"\n\t\telse if ((verOffset = nAgt.indexOf(\"Firefox\")) != -1) {\n\t\t\tbrowserName = \"Firefox\";\n\t\t\tfullVersion = nAgt.substring(verOffset + 8);\n\t\t}\n\t\t// If you can't detect the browser, return the not-supported warning string\n\t\telse {\n\t\t\t$(\".ns_browser_not_supported_center\").show();\n\t\t\treturn;\n\t\t}\n\t\t// trim the fullVersion string at semicolon/space if present\n\t\tif ((ix = fullVersion.indexOf(\";\")) != -1) fullVersion = fullVersion.substring(0, ix);\n\t\tif ((ix = fullVersion.indexOf(\" \")) != -1) fullVersion = fullVersion.substring(0, ix);\n\t\tmajorVersion = parseInt('' + fullVersion, 10);\n\t\tif (isNaN(majorVersion)) {\n\t\t\tfullVersion = '' + parseFloat(navigator.appVersion);\n\t\t\tmajorVersion = parseInt(navigator.appVersion, 10);\n\t\t}\n\t\tif ((browserName == \"EDGE\") ||\n            (browserName == \"MSIE\" && compareFullVersion(fullVersion, \"8\")) || //IE\n\t\t\t(browserName == \"Firefox\" && compareFullVersion(fullVersion, \"3.6.25\")) || //Firefox\n\t\t\t(browserName == \"Chrome\" && compareFullVersion(fullVersion, \"19\") && vendor !== null && vendor.indexOf('google') != -1) || //chrome\n\t\t\t(browserName == \"Safari\" && compareFullVersion(fullVersion, \"5.1.1\") && vendor !== null && vendor.indexOf('apple') != -1) && nAgt.toLowerCase().indexOf('mac') != -1) //Safari for mac\n\t\t{\n\t\t\t$(\".ns_login_center_content\").show();\n\t\t\treturn;\n\t\t} else {\n\t\t\t$(\".ns_browser_not_supported_center\").show();\n\t\t\treturn;\n\t\t}\n\t} catch (err) {\n\t\t$(\".ns_login_center_content\").show();\n\t\treturn;\n\t}\n\t$(\".ns_login_center_content\").show();\n}\n\nfunction show_login_pane()\n{\n    $(\".ns_browser_not_supported_center\").hide();\n    $(\".ns_login_center_content\").show();\n}\n\nfunction compareFullVersion(a, b) //if a>b, return true, else return false\n{\n\n\tif (a === b)\n    {\n       return true;\n    }\n\n    var a_components = a.split(\".\");\n    var b_components = b.split(\".\");\n\n    var len = Math.min(a_components.length, b_components.length);\n\n    // loop while the components are equal\n    for (var i = 0; i < len; i++)\n    {\n        // A bigger than B\n        var val_a = parseInt(a_components[i]);\n\t\tvar val_b = parseInt(b_components[i]);\n\t\tif(isNaN(val_a) || isNaN(val_b))\n\t\t return false;\n\t\tif (parseInt(a_components[i]) > parseInt(b_components[i]))\n        {\n            return true;\n        }\n\n        // B bigger than A\n        if (parseInt(a_components[i]) < parseInt(b_components[i]))\n        {\n            return false;\n        }\n    }\n\n    // If one's a prefix of the other, the longer one is greater.\n    if (a_components.length >= b_components.length)\n    {\n        return true;\n    }\n\n    return false;\n}\n\nshow_eula = function(uname)\n{\n   $(\"#eula-text\").html(eula_message);\n   $(\"#ns_login_content\").addClass(\"overlay\");\n   $(\"#eula-container\").show();\n   $(\"#eula-accepted\").prop('checked', false);\n   $(\"#username\").val(uname)\n\n}\n\nclose_eula = function()\n{\n   $(\"#ns_login_content\").removeClass(\"overlay\")\n   $(\"#eula-container\").hide();\n\n}\n\ncontinue_eula = function()\n{\n    var eula_accepted = $(\"#eula-checkbox\").prop('checked');\n    if (eula_accepted)\n    {\n        close_eula();\n        $(\"#eula-accepted\").prop('checked', eula_accepted);\n    }\n    else\n    {\n        $(\"#eula_error\").show();\n    }\n}\n\n\n</script>\n\n</head>\n<body class=\"ns_login_body\">\n<noscript>\n    <div class=\"center_panel ns_alert_text\">\n        JavaScript is either disabled in or not supported by the Web browser. To continue logon, use a Web browser that supports JavaScript or enable JavaScript in your current browser.\n    </div>\n</noscript>\n\n<form name=\"form1\" action=\"/login/do_login\" method=\"post\" autocomplete=\"off\" autocapitalize=\"off\" onsubmit=\"return checkform(this);\">\n    <div class=\"ns_login_wrapper\">\n\t    <div class=\"ns_login_inner_wrapper\">\n            <div class=\"ns_login_top\" style=\"display: none;\"></div>\n\t\t\t<div class=\"ns_login_center\">\n\t\t\t    <div class=\"ns_browser_not_supported_center\" >\n\t\t        \t<span>Citrix ADC</span>\n\t              \t<div class=\"ns_browser_not_supported_center_content\">\n\t\t                <div class=\"ns_browser_not_supported_center_message\"> Your browser is not supported. Please use one of the following browsers\n\t\t                </div>\n\t                 \t<div>\n\t                       <div class=\"ns_browser_not_supported_browser_icon\">\n\t                       \t\t<div>\n\t                           \t\t<img src=\"/admin_ui/rdx/core/css/internet-explorer.png\" alt=\"Internet Explorer\">\n\t                       \t\t\t<div>8 and above</div>\n\t                   \t\t\t</div>\n\t               \t\t\t</div>\n\t                       <div class=\"ns_browser_not_supported_browser_icon\">\n\t                       \t\t<div>\n\t                       \t\t\t<img src=\"/admin_ui/rdx/core/css/firefox.png\" alt=\"Firefox\">\n\t                       \t\t\t<div>3.6.25 and above</div>\n\t                   \t\t\t</div>\n\t               \t\t\t</div>\n\t                       <div class=\"ns_browser_not_supported_browser_icon\">\n\t                       \t\t<div>\n\t                       \t\t\t<img src=\"/admin_ui/rdx/core/css/chrome.png\" alt=\"Chrome\">\n\t                       \t\t\t<div>15 and above</div>\n\t                       \t\t</div>\n\t                   \t\t</div>\n\t                       <div class=\"ns_browser_not_supported_browser_icon no_boder\">\n\t                       \t\t<div>\n\t                       \t\t\t<img src=\"/admin_ui/rdx/core/css/safari.png\" alt=\"Safari\">\n\t                       \t\t\t<div>5.1.3 and above</div>\n\t                   \t\t\t</div>\n\t               \t\t\t</div>\n\t                  \t</div>\n\t                 \t<p class=\"ns_browser_not_supported_center_message\">\n\t                 \t\t<a onkeypress=\"javascript: if(event.keyCode == 13) {show_login_pane(); event.preventDefault();}\" onclick=\"show_login_pane()\"> Continue, </a> I understand this browser may not be compatible.\n\t         \t\t\t</p>\n\t              \t</div>\n\t\t        </div>\n\t\t        <div class=\"ns_login_center_content\">\n\t\t\t\t\t<div  class=\"ns_login_inner_div\">\n\t\t\t\t\t\t<div  class=\"ns_login_form\" >\n                            <div id=\"login_error\" class=\"login_error\">\n                            </div>\n\t\t\t\t\t\t   \t<div id=\"ns_user_pass_section\">\n\t\t\t\t\t\t\t\t<div class=\"ns_grid_text user_name\">\n                                    <span>User Name</span>\n\n                                    <label for=\"username\" style=\"display: none;\">User Name</label>\n                                    <input type=\"text\" id=\"username\" name=\"username\" class=\"login_input\" onfocus=1>\n\t\t\t\t\t\t\t\t</div>\n\n\t\t\t\t\t\t\t\t<div class=\"ns_grid_text login_password\">\n                                    <span>Password</span>\n\n\t\t\t\t\t\t\t\t\t<label for=\"password\" style=\"display: none;\">Password</label>\n                                    <input type=\"password\" name=\"password\" id=\"password\" class=\"login_input\">\n\t\t\t\t\t\t\t\t</div>\n                                    <div style=\"display:none\">\n                                        <label for=\"eula-accepted\" style=\"display: none;\">EULA</label>\n                                        <input type=\"checkbox\" name=\"eula\" id=\"eula-accepted\" value=\"TRUE\">\n                                    </div>\n                                    <div class=\"login_button_cell\">\n                                        <label for=\"url\" style=\"display: none;\">URL</label>\n                                        <input type=\"hidden\" name=\"url\" id=\"url\" value=\"\">\n\n                                        <label for=\"timezone_offset\" style=\"display: none;\">Timezone Offset</label>\n                                        <input type=\"hidden\" name=\"timezone_offset\" id=\"timezone_offset\" value=\"\">\n\n                                        <button type=\"submit\" class=\"login_button rdx_blue_button\"><span id=\"logintext\">Log On</span><span id=\"loadingdots\"></span></button>\n                                    </div>\n                            </div>\n\t\t\t\t\t\t\t<div class=\"ns_login_logo ns_logo_placement\">\n                                <img src=\"/admin_ui/common/images/ADC_Horizontal.svg\" alt=\"Citrix logo image\" class=\"product_brand_logo\"/>\n\n\t\t\t\t\t\t\t\t<div class=\"ns_login_secure\"></div>\n\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t</div>\n\t\t\t\t\t</div>\n\t\t\t</div>\n\t\t    </div>\n\t\t    </div>\n\t\t</div>\n\t</div>\n</form>\n\n<script language=\"JavaScript\" type=\"text/javascript\">\n//Don't allow this page to be embedded inside a frame\nif(self != top)\n{\n    document.getElementsByTagName(\"body\")[0].style.display = \"none\";\n    top.location = self.location;\n}\nelse\n{\n\n    $('form[name=\"form1\"] #username').focus();\n}\n\nfunction input_hints() {\n    var inputs = document.getElementsByTagName(\"input\");\n    for (var i = 0; i < inputs.length; i++) {\n            // test to see if the hint span exists first\n            if (inputs[i].parentNode.getElementsByTagName(\"span\")[0]) {\n                    // the span exists!  on focus, show the hint\n                    inputs[i].onfocus = function() {\n                            this.parentNode.getElementsByTagName(\"span\")[0].className = \"ns_active ns_active_color\";\n                    };\n                            // when the cursor moves away from the field, hide the hint\n                    inputs[i].onblur = function() {\n                            this.parentNode.getElementsByTagName(\"span\")[0].className = \"ns_active\";\n                    };\n            }\n    }\n    // repeat the same tests as above for selects\n    var selects = document.getElementsByTagName(\"select\");\n    for (var k = 0; k < selects.length;",
         "datamd5" : "f50231a1ad3d593a592f090d4539250c",
         "datammh3" : -674646258,
         "device" : {
            "class" : "<enterprise field>: device.class",
            "product" : "<enterprise field>: device.product",
            "productvendor" : "<enterprise field>: device.productvendor"
         },
         "ip" : "151.236.24.85",
         "ipv6" : "false",
         "latitude" : "64.0677",
         "location" : "64.0677,-21.9453",
         "longitude" : "-21.9453",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Advania Island ehf",
         "os" : "Gateway Firmware",
         "osvendor" : "Citrix",
         "port" : 4782,
         "product" : "HTTP Server",
         "productvendor" : "Apache",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 200,
         "subnet" : "151.236.24.0/24",
         "tag" : "<enterprise field>: tag",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 47.113.219.226:4782 (tcp/http) - last seen on 2024-11-07 at 03:28:12 UTC

    • IP
      47.113.219.226
      Network
      47.112.0.0/13
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux sUse
      URL

      http://47.113.219.226:4782/ 200

      HTTP Title
      Eltex - NTE-RG-1421G-Wac
      HTTP Keyword(s)
      voip vos3000
      HTTP Copyright
      www.linknat.com, 昆石网络
      ASN
      AS37963
      Organization
      Hangzhou Alibaba Advertising Co.,Ltd.
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux sUse
      HTTP Component(s)
      Microsoft ASP.NET 4.0.30319 Metabase Metabase Atlassian Confluence Gitlab Gitlab Drupal Drupal 8 Jenkins Jenkins 2.121.3 SPIP SPIP 4.1.11 Roundcube Webmail
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      01aea9cd98e60d39b3e1bc23c517d70a
      HTTP Header MD5
      da1d7c858dcb94c21097cb3258b89258
      HTTP Body MD5
      e394a27f10d9c00190c4f5a980b1fe65
    • HTTP/1.1 200 OK
      Composed-By: SPIP 4.1.11 @ www.spip.net
      Content-Length: 105221
      Content-Type: text/html;charset=utf-8
      Last-Modified: Fri, 29 Jul 2022 16:53:01 GMT
      Loginip: <srcip>
      P3p: CP=CAO PSA OUR
      Pragma: private
      Report-To: {'group': 'network-errors', 'max_age': 2592000, 'endpoints': [{'url': 'https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify'}]}
      Server: Evernote/1.0
      Set-Cookie: ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly
      Set-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;
      Set-Cookie: adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;
      Set-Cookie: UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;
      Set-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;
      Set-Cookie: zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly
      Set-Cookie: sesskey=21263a2bf; path=/;
      Set-Cookie: XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Fri, 14-Mar-2092 22:32:26 GMT; Path=/; HttpOnly;
      Set-Cookie: acSamlv2Error=; path=/; secure;
      Set-Cookie: metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Mon, 25 Apr 2044 03:55:44 +0200;SameSite=None;Secure
      Set-Cookie: cepcAdminID=25263a2bf; path=/;
      Set-Cookie: RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;
      Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095
      Set-Cookie: SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;
      Set-Cookie: PHC_DISABLED=1; path=/; secure;
      Set-Cookie: swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs=; path=/; secure; HttpOnly;
      Set-Cookie: SESSID=22363a2bf; path=/;
      Set-Cookie: CLIENT_ID=7214
      X-Akaunting: Free Accounting Software
      X-Aspnet-Version: 4.0.30319
      X-Cache: MISS from Hello
      X-Cache-Lookup: MISS from Hello:8080
      X-Content-Powered-By: K2 v2.8.0 (by JoomlaWor
      X-Content-Type-Options: nosniff
      X-Drupal-Cache: xHIT
      X-Drupal-Dynamic-Cache: MISS
      X-Frame-Options: SAMEORIGIN
      X-Generator: Drupal 8 (https://www.drupal.org)
      X-Hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
      X-Influxdb-Build: OSS
      X-Jenkins: 2.121.3
      X-Jenkins-Session: f72d6619
      X-Litespeed-Cache: hit
      X-Pingback: https://example.com/xmlrpc.php
      X-Powered-By-Plesk: PleskWin
      X-Served-By: cache-xsp21434-XSP
      X-Shopify-Generated-Cart-Token: aa1b6d68e41056d2955ae9e6fb516372
      X-Xss-Protection: 1; mode=block
      Date: Thu, 07 Nov 2024 03:28:10 GMT
      Connection: close
      
      <!DOCTYPE html>
      <html>
      <head>
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
      <meta http-equiv="X-UA-Compatible" content="IE=edge">
      <meta http-equiv="Pragma" content="no-cache" />
      <meta charset="utf-8">
      <meta content="IE=edge" http-equiv="X-UA-Compatible">
      <meta content="object" property="og:type">
      <meta content="GitLab" property="og:site_name">
      <meta content="Help" property="og:title">
      <meta content="GitLab Community Edition" property="og:description">
      <meta content="summary" property="twitter:card">
      <meta content="Help" property="twitter:title">
      <meta content="GitLab Community Edition" property="twitter:description">
      <meta content="GitLab Community Edition" name="description">
      <meta content="#474D57" name="theme-color">
      <meta content="#30353E" name="msapplication-TileColor">
      <meta name="csrf-param" content="authenticity_token" />
      <meta name="csrf-token" content="8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cd78c639bf9be7f9dc240e25==" />
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
      <meta http-equiv="expires" content="-1"/>
      <meta name="keywords" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/>
      <meta name="author" content="www.linknat.com, 昆石网络"/>
      <meta name="copyright" content="www.linknat.com, 昆石网络"/>
      <meta name="generator" content="SPIP 4.1.11" />
      <script src="/jquery.min.js"></script> 
      <title>Eltex - NTE-RG-1421G-Wac</title>
      </head>
      <body>
      <div style="display: none;">
      <script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"THtoAUxH4sS9","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script>
      <SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last="1">fritzr</User></Users></SessionInfo>
      <Account>
      <Entry0 Active="Yes" username="CMCCAdmin" web_passwd="CmcC4dm1n5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
      <Entry1 Active="Yes" username="useradmin" web_passwd="Gu4ngx1pd5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
      <Entry2 Active="Yes" username="CUAdmin"   web_passwd="CUAdmin5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
      <TelnetEntry Active="Yes" telnet_username="Admin" telnet_passwd="cxx4dm1n5591" telnet_port="23"/>
      <FtpEntry Active="Yes" ftp_right="1" ftp_auth="1" ftp_username="Admin" ftp_passwd="cxx4dm1n5591" ftp_port="21" />
      <SambaEntry Active="Yes" smb_right="1" smb_auth="1" smb_username="Admin" smb_passwd="cxx4dm1n5591" />
      <ConsoleEntry Active="Yes" console_username="Admin" console_passwd="cxx4dm1n5591"/>
      <CTDefParaEntry setDefValueFlag="1" />
      </Account>
      <div>8.5.5 (Build:20200530.307-TEMP)</div>
      <span class="greyNote version"><span class="vWord">Version</span> 2023.11.3 (build 147512)</span>
      <h1>Logged in as <strong>admin</strong></h1><input type="hidden" name="csrfmiddlewaretoken" value="e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y"><textarea id="3revi" name="revi" rows="4" cols="50">server1 Ubuntu 22.04 LTS</textarea>
      <ca status="disabled" href="/+CSCOCA+/login.html" />
      <form action="/login/vpnSdef" enctype="multipart/form-data" method="post" name="login">
          <div data-user="root" data-module="package-updates"></div>
          <code>The zip file did not contain an entry exportDescriptor.properties</code>
          <span class="form-hidden"><input name="page" value="login" type="hidden"/><input name="formulaire_action" type="hidden" value="login" /><input name="formulaire_action_args" type="hidden" value="dzdNV0MzUGFDV0NHemR6bWorekNEWHY=" /><input name="formulaire_action_sign" type="hidden" value="" /></span>
          <message>Please enter your username and password.</message>
          <input name="formid" type="hidden" value="012afed" />
          <input name="javax.faces.ViewState" type="hidden" value="012afed" />
          <input name="queryString" type="hidden" value="1406192" />
          <div class="versionInfo">The Cacti Group Version 1.2.25</div>
          <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>
          <input type="hidden" name="token" value="0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec">
          <input type='hidden' name='__csrf_magic' value="key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654" />
          <input type="hidden" name="tokenid"  value="1804289383" >
          <input type="hidden" name="name"  value="1804289383" >
          <input type="hidden" name="csrfKey" value="621aec6b886ff81169bed7de5d47b5ed">
          <input type="hidden" name="csrf_token" value="621aec6b886ff81169bed7de5d47b5ed">
      	<input type="hidden" name="ref" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" name="username_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" name="password_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" id="csrf" name="csrf" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" id="csrf" name="xd_check" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" id="give-form-id" name="give-form-id" value="621aec6b886ff81169bed7de5d47b5ed">
      	<input type="hidden" id="give-form-hash" name="give-form-hash" value="621aec6b886ff81169bed7de5d47b5ed">
          <input type="text" name="username" label="Username:" value="admin" />
          <input type="password" name="password" label="Password:" value="123456" />
          <input type="hidden" name="tgroup" value="DefaultADMINGroup" />
          <input type="submit" name="Login" value="Login" />
          <input type="reset" name="Clear" value="Clear" />
      </form>
      <input type="hidden" value="Maintain/cloud_index.php" id="cloud_addr">
      <li class="lisel" onclick="location.href='index.php'">日志系统</li>
      <li class="linormal" onclick="location.href='Maintain/cloud_index.php'" style="margin-left:1px;">云平台</li>
      <button type="button" data-price-id=True>sb</button>
      <div class="prod_madelName">RT-AC5300</div>
      <div class="p1 title_gap">Sign in with your ASUS router account</div>
      <tr class="h"><th>PHP Group</th></tr>
      <tr><td class="e">upload_tmp_dir</td><td class="v">/etc/httpd/_tmp</td><td class="v">/etc/httpd/_tmp</td></tr>
      <tr><td class="e">$_SERVER['DOCUMENT_ROOT']</td><td class="v">/mnt/HDD2/web/</td></tr>
      <var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>
      <span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>
      <div class="text" id="jive-loginVersion"> Openfire, Version: 3.6.0a</div>
      <a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>
      <div id="mcname">LoadMaster</div>
      <p><br/><span>出厂IP:192.168.1.1</span><br/><span>用户名、密码:admin admin</span></p>
      <td colspan="2">Please enter your Cacti user name and password below:</td>
      <meta id="confluence-context-path" name="confluence-context-path" content="">
      <meta id="confluence-base-url" name="confluence-base-url" content="https://192.168.1.4">
      <meta id="atlassian-token" name="atlassian-token" content="d78e2b977d28428e411e31b958c9c502c2425083">
      <script id="frontend-js-extra">var hashform_vars = {"ajaxurl":"\/wp-admin\/admin-ajax.php","ajax_nounce":"d78e2b97","preview_img":""};</script>
      <div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>
      <B>SonicWall Universal Management Suite v9.3</B>
      <br>OK<br>
      <script type="text/javascript">var csrfMagicToken = "sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646";var csrfMagicName = "__vtrftk";</script>
      <select id="cars" name="name">
      <option value="olvo">olvo</option>
      </select>
      <a href="/VICIdial/phone">MODIFY</a>
      <input type="hidden" name="extension"  value="1804289383" >
      <input type="hidden" name="pass"  value="1804289383" >
      <input type="hidden" name="recording_exten"  value="1804289383" >
      <script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>
      <input type='hidden' name='LDCSA_CSRF' value="sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985" />
      <script type='text/javascript'>
      	var cactiVersion='1.2.27';
      	var cactiServerOS='unix';
      	var cactiAction='';
      	var theme='modern';
      	var refreshIsLogout=true;
      	var refreshPage='/logout.php?action=timeout';
      	var refreshMSeconds=1440000;
      	var urlPath='/';
      	var previousPage='';
      	var sessionMessage=[];
      	var csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';
      </script>
      
      <!--
      <Username Level="40/40" Dispatch="account">admin</Username><User1><Password Level="40/40" Dispatch="account">admin</Password></User1>
      /var/pinglog
      <TITLE>Login</TITLE>
      <a href="jpg.html">LIVE JPEG</a><br>
      <a href="liveie.html">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>
      <a href="DVRRemoteAP.exe">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
      <a href="DVRRemoteAP_X64.exe">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
      <a href="DVFPlayer.zip">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>
      <\?xml version="1.0" encoding="utf-8"?><base64Binary xmlns="http://micros-hosting.com/EGateway/">
      Location: /admin
      <meta name="generator" content="vBulletin 5.5.4" />
      Location: http://<ip>:80/relogin.htm?_t=3541144909
      Location: http://<ip>:80/syscmd.htm" Location: /ui/login
      /cgi-bin/webctrl.cgi?action=index_page
      PDR-M800
      function btnPing()
      <HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF="http://<ip>:80/relogin.htm?_t=179439949">here</A></BODY></HTML>
      <link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_shortcut.png">
      <link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_logo.png">
      <td class="Copyright" colspan="2" style="text-align:justify" height="20" valign="bottom">© 2017 Cisco Systems, Inc. All Rights Reserved.
      <br>Cisco, Cisco Systems, and the Cisco Systems logo are registered
      trademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates
      in the United States and certain other countries.
      </td>
      :
      #
      >
      $
      SSH key is good
      is not a valid ref and may not be archived
      pcPassword2
      '&sessionKey=790148060;'
      name="sessionKey" value="790148060"
      Set-Cookie: loginName=admin
      var fgt_lang = /dev/cmdb/sslvpn_websession
      php 8.1.0-dev exit
      springframework
      Tomcat
      DEVICE.ACCOUNT=admin
      AUTHORIZED_GROUP=1
      <uid></uid>
      <name>Admin</name>
      <usrid></usrid>
      <password>admin</password>
      <group></group>
      cpto /tmp/"root"
      Model=AC1450
      Firmware=V1.0.0.36_10.0.17
      "exceptionMessageValue":"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found."
      BIG-IP release 15.0.0
      user:root
      12345admin123'
      Failed to process image
      
      Location: http://192.168.0.1:52869/picsdesc.xml
      You don't have permission to access /vpns/ on this server.
      [global]
          workgroup = intranet
          encrypt passwords = Yes
          update encrypted = Yes
      
      funcionando
      system_sofia
      name resolve order
      InfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo
      <b>File Uploaded !!!</b><br>
      ant=951d11e51392117311602d0c25435d7f
      38ee63071a04dc5e04ed22624c38e648
      6f3249aa304055d63828af3bfab778f6
      <h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>
      [local]
       tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Y2Q3OGM2MzliZjliZTdmOWRjMjQwZTI1PT0=
       addr = <ip>
      "Powered by vBulletin Version 5.5.4"
      789551
      Linear eMerge
      SuperSign
      ubiq
      Yacht
      Zeroshell
      FastWeb
      AuthInfo:
      loadingIndicator_bk
      Zyxel
      skyrouter
      WAP54
      org.apache.spark.ui
      
      
      
      ID: "00af", version: "7.7.31.1", AddItem: function (a, item, c) {}
      <insert implant configuration content here>
      Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api
      Copyright (c) 2015-2020 by Cisco Systems, Inc.
      All rights reserved.
      SSL VPN Service
      wsConvertPptResponse
      <input id="txtUserName" class="txt-input" type="text" name="userName" value="" />
      <input id="txtPassword" class="txt-input" type="password" name="password" value="" />
      <button id="btnLogin" lc="html" lk="IDCS_LOGIN_NBSP">
      <span lc="html" lk="IDCS_BS_PLUGIN_DOWNLOAD" style="line-height: 30px; vertical-align: top;"></span>
      <script src="../Scripts/login.htm.js?v={JS_CSS_V}" type="text/javascript"></script>
      <LegacyDN>eD2bxe4</LegacyDN>
      <title class="_ctxstxt_NetscalerGateway">
      SAML Assertion verification failed; Please contact your administrator
      v=2b46554c087d2d5516559e9b8bc1875d
      /vpn/images/AccessGateway.ico
      frame-busting
      /vpn/js/logout_view.js?v=
      _ctxstxt_NetscalerAAA
      lib.min20200813.js
      401 Unauthorized Basic realm=
      sName='1';onTest(this);
      var passadm = "admin";
      OPMODE_BRIDGE
      document.all.cmd_result
      <input id="key" type="text" style="width: 200px" value="02108CB9-2200D5A4">
      <input id="date" type="text" style="width: 200px" value="12/25/2023">
      main page cgi-bin/login.cgi
      var sessionKey='030ff030ff88';
      loc += '&sessionKey=19dec20030ff8dcb2';
      }
      
      var code = 'location="' + loc + '"';
      
      Password change successful
      J2100N GPON ONT
      /cgi-bin/webui/admin
      sesskey
      name=admin pass=123 priv=ppp
      service=www.dlinkddns.com
      sysCmdType
      Content-Type: auth/request
      
      
      Content-Type: command/reply
      
      Reply-Text: +OK accepted
      
      
      X-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)
      007b2000-007c1000 rw-p 00000000 00:00 0
      Size:                 60 kB
      Rss:                  52 kB
      Pss:                  52 kB
      Shared_Clean:          0 kB
      Shared_Dirt
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:28:12.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "micros-hosting.com",
                  "drupal.org",
                  "example.com",
                  "shopifycloud.com"
               ],
               "file" : [
                  "dvrremoteap.exe",
                  "admin-ajax.php",
                  "cloud_index.php",
                  "dvrremoteap_x64.exe",
                  "index.php",
                  "dvfplayer.zip"
               ],
               "hostname" : [
                  "example.com",
                  "micros-hosting.com",
                  "monorail-edge.shopifycloud.com",
                  "www.drupal.org"
               ],
               "ip" : [
                  "192.168.1.1",
                  "7.7.31.1",
                  "192.168.1.4",
                  "192.168.0.1",
                  "1.0.0.36",
                  "192.168.1.10"
               ],
               "url" : [
                  "http://192.168.0.1:52869/picsdesc.xml",
                  "http://micros-hosting.com/EGateway/",
                  "https://192.168.1.4",
                  "https://example.com/xmlrpc.php",
                  "https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify",
                  "https://www.drupal.org"
               ]
            },
            "http" : {
               "bodymd5" : "e394a27f10d9c00190c4f5a980b1fe65",
               "bodymmh3" : -1362225308,
               "component" : [
                  {
                     "product" : "Webmail",
                     "productvendor" : "Roundcube"
                  },
                  {
                     "product" : "Metabase",
                     "productvendor" : "Metabase"
                  },
                  {
                     "product" : "Gitlab",
                     "productvendor" : "Gitlab"
                  },
                  {
                     "productvendor" : "Microsoft",
                     "productversion" : "4.0.30319",
                     "product" : "ASP.NET"
                  },
                  {
                     "product" : "Drupal",
                     "productversion" : "8",
                     "productvendor" : "Drupal"
                  },
                  {
                     "productvendor" : "Atlassian",
                     "product" : "Confluence"
                  },
                  {
                     "productversion" : "2.121.3",
                     "productvendor" : "Jenkins",
                     "product" : "Jenkins"
                  },
                  {
                     "product" : "SPIP",
                     "productvendor" : "SPIP",
                     "productversion" : "4.1.11"
                  }
               ],
               "copyright" : "www.linknat.com, \u6606\u77f3\u7f51\u7edc",
               "header" : [
                  {
                     "value" : "Fri, 29 Jul 2022 16:53:01 GMT",
                     "name" : "Last-Modified"
                  }
               ],
               "headermd5" : "da1d7c858dcb94c21097cb3258b89258",
               "headermmh3" : -1105804238,
               "keywords" : [
                  "voip",
                  "vos3000"
               ],
               "title" : "Eltex - NTE-RG-1421G-Wac"
            },
            "length" : 16288
         },
         "asn" : "AS37963",
         "city" : "Shenzhen",
         "country" : "CN",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nComposed-By: SPIP 4.1.11 @ www.spip.net\r\nContent-Length: 105221\r\nContent-Type: text/html;charset=utf-8\r\nLast-Modified: Fri, 29 Jul 2022 16:53:01 GMT\r\nLoginip: <srcip>\r\nP3p: CP=CAO PSA OUR\r\nPragma: private\r\nReport-To: {'group': 'network-errors', 'max_age': 2592000, 'endpoints': [{'url': 'https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify'}]}\r\nServer: Evernote/1.0\r\nSet-Cookie: ISMS_8700_Sessionname=A67B8F9C228E095723A97C6A977BE2B3; Path=/; HttpOnly\r\nSet-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;\r\nSet-Cookie: adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;\r\nSet-Cookie: UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;\r\nSet-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;\r\nSet-Cookie: zbx_session=eyJzZXNzaW9uaWQiOiI1MDU2ZTlkYTFmZjkxZDAyMGEwMGEwMzhjNTliY2I2OCIsInNpZ24iOiJiMDVjNDJjNzQ4Y2IzZGRkNjExMWE4NDVhMDJhOWMxMWE5ODVjYTZmNDRhY2QxY2I3MjA5ZjIxZmExMDg3YjQ5In0%3D; secure; HttpOnly\r\nSet-Cookie: sesskey=21263a2bf; path=/;\r\nSet-Cookie: XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Fri, 14-Mar-2092 22:32:26 GMT; Path=/; HttpOnly;\r\nSet-Cookie: acSamlv2Error=; path=/; secure;\r\nSet-Cookie: metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Mon, 25 Apr 2044 03:55:44 +0200;SameSite=None;Secure\r\nSet-Cookie: cepcAdminID=25263a2bf; path=/;\r\nSet-Cookie: RUIJIEID=A67B8F9C228E095723A97C6A977BE2B3; Path=/;\r\nSet-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095\r\nSet-Cookie: SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;\r\nSet-Cookie: PHC_DISABLED=1; path=/; secure;\r\nSet-Cookie: swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs=; path=/; secure; HttpOnly;\r\nSet-Cookie: SESSID=22363a2bf; path=/;\r\nSet-Cookie: CLIENT_ID=7214\r\nX-Akaunting: Free Accounting Software\r\nX-Aspnet-Version: 4.0.30319\r\nX-Cache: MISS from Hello\r\nX-Cache-Lookup: MISS from Hello:8080\r\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWor\r\nX-Content-Type-Options: nosniff\r\nX-Drupal-Cache: xHIT\r\nX-Drupal-Dynamic-Cache: MISS\r\nX-Frame-Options: SAMEORIGIN\r\nX-Generator: Drupal 8 (https://www.drupal.org)\r\nX-Hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.\r\nX-Influxdb-Build: OSS\r\nX-Jenkins: 2.121.3\r\nX-Jenkins-Session: f72d6619\r\nX-Litespeed-Cache: hit\r\nX-Pingback: https://example.com/xmlrpc.php\r\nX-Powered-By-Plesk: PleskWin\r\nX-Served-By: cache-xsp21434-XSP\r\nX-Shopify-Generated-Cart-Token: aa1b6d68e41056d2955ae9e6fb516372\r\nX-Xss-Protection: 1; mode=block\r\nDate: Thu, 07 Nov 2024 03:28:10 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta charset=\"utf-8\">\n<meta content=\"IE=edge\" http-equiv=\"X-UA-Compatible\">\n<meta content=\"object\" property=\"og:type\">\n<meta content=\"GitLab\" property=\"og:site_name\">\n<meta content=\"Help\" property=\"og:title\">\n<meta content=\"GitLab Community Edition\" property=\"og:description\">\n<meta content=\"summary\" property=\"twitter:card\">\n<meta content=\"Help\" property=\"twitter:title\">\n<meta content=\"GitLab Community Edition\" property=\"twitter:description\">\n<meta content=\"GitLab Community Edition\" name=\"description\">\n<meta content=\"#474D57\" name=\"theme-color\">\n<meta content=\"#30353E\" name=\"msapplication-TileColor\">\n<meta name=\"csrf-param\" content=\"authenticity_token\" />\n<meta name=\"csrf-token\" content=\"8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4cd78c639bf9be7f9dc240e25==\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n<meta http-equiv=\"expires\" content=\"-1\"/>\n<meta name=\"keywords\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"author\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"copyright\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"generator\" content=\"SPIP 4.1.11\" />\n<script src=\"/jquery.min.js\"></script> \n<title>Eltex - NTE-RG-1421G-Wac</title>\n</head>\n<body>\n<div style=\"display: none;\">\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"THtoAUxH4sS9\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last=\"1\">fritzr</User></Users></SessionInfo>\n<Account>\n<Entry0 Active=\"Yes\" username=\"CMCCAdmin\" web_passwd=\"CmcC4dm1n5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry1 Active=\"Yes\" username=\"useradmin\" web_passwd=\"Gu4ngx1pd5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry2 Active=\"Yes\" username=\"CUAdmin\"   web_passwd=\"CUAdmin5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<TelnetEntry Active=\"Yes\" telnet_username=\"Admin\" telnet_passwd=\"cxx4dm1n5591\" telnet_port=\"23\"/>\n<FtpEntry Active=\"Yes\" ftp_right=\"1\" ftp_auth=\"1\" ftp_username=\"Admin\" ftp_passwd=\"cxx4dm1n5591\" ftp_port=\"21\" />\n<SambaEntry Active=\"Yes\" smb_right=\"1\" smb_auth=\"1\" smb_username=\"Admin\" smb_passwd=\"cxx4dm1n5591\" />\n<ConsoleEntry Active=\"Yes\" console_username=\"Admin\" console_passwd=\"cxx4dm1n5591\"/>\n<CTDefParaEntry setDefValueFlag=\"1\" />\n</Account>\n<div>8.5.5 (Build:20200530.307-TEMP)</div>\n<span class=\"greyNote version\"><span class=\"vWord\">Version</span> 2023.11.3 (build 147512)</span>\n<h1>Logged in as <strong>admin</strong></h1><input type=\"hidden\" name=\"csrfmiddlewaretoken\" value=\"e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y\"><textarea id=\"3revi\" name=\"revi\" rows=\"4\" cols=\"50\">server1 Ubuntu 22.04 LTS</textarea>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n<form action=\"/login/vpnSdef\" enctype=\"multipart/form-data\" method=\"post\" name=\"login\">\n    <div data-user=\"root\" data-module=\"package-updates\"></div>\n    <code>The zip file did not contain an entry exportDescriptor.properties</code>\n    <span class=\"form-hidden\"><input name=\"page\" value=\"login\" type=\"hidden\"/><input name=\"formulaire_action\" type=\"hidden\" value=\"login\" /><input name=\"formulaire_action_args\" type=\"hidden\" value=\"dzdNV0MzUGFDV0NHemR6bWorekNEWHY=\" /><input name=\"formulaire_action_sign\" type=\"hidden\" value=\"\" /></span>\n    <message>Please enter your username and password.</message>\n    <input name=\"formid\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"javax.faces.ViewState\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"queryString\" type=\"hidden\" value=\"1406192\" />\n    <div class=\"versionInfo\">The Cacti Group Version 1.2.25</div>\n    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>\n    <input type=\"hidden\" name=\"token\" value=\"0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec\">\n    <input type='hidden' name='__csrf_magic' value=\"key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654\" />\n    <input type=\"hidden\" name=\"tokenid\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"name\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"csrfKey\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"hidden\" name=\"csrf_token\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" name=\"ref\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"username_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"password_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"csrf\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"xd_check\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"give-form-id\" name=\"give-form-id\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" id=\"give-form-hash\" name=\"give-form-hash\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"text\" name=\"username\" label=\"Username:\" value=\"admin\" />\n    <input type=\"password\" name=\"password\" label=\"Password:\" value=\"123456\" />\n    <input type=\"hidden\" name=\"tgroup\" value=\"DefaultADMINGroup\" />\n    <input type=\"submit\" name=\"Login\" value=\"Login\" />\n    <input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n</form>\n<input type=\"hidden\" value=\"Maintain/cloud_index.php\" id=\"cloud_addr\">\n<li class=\"lisel\" onclick=\"location.href='index.php'\">\u65e5\u5fd7\u7cfb\u7edf</li>\n<li class=\"linormal\" onclick=\"location.href='Maintain/cloud_index.php'\" style=\"margin-left:1px;\">\u4e91\u5e73\u53f0</li>\n<button type=\"button\" data-price-id=True>sb</button>\n<div class=\"prod_madelName\">RT-AC5300</div>\n<div class=\"p1 title_gap\">Sign in with your ASUS router account</div>\n<tr class=\"h\"><th>PHP Group</th></tr>\n<tr><td class=\"e\">upload_tmp_dir</td><td class=\"v\">/etc/httpd/_tmp</td><td class=\"v\">/etc/httpd/_tmp</td></tr>\n<tr><td class=\"e\">$_SERVER['DOCUMENT_ROOT']</td><td class=\"v\">/mnt/HDD2/web/</td></tr>\n<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>\n<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>\n<div class=\"text\" id=\"jive-loginVersion\"> Openfire, Version: 3.6.0a</div>\n<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>\n<div id=\"mcname\">LoadMaster</div>\n<p><br/><span>\u51fa\u5382IP\uff1a192.168.1.1</span><br/><span>\u7528\u6237\u540d\u3001\u5bc6\u7801\uff1aadmin admin</span></p>\n<td colspan=\"2\">Please enter your Cacti user name and password below:</td>\n<meta id=\"confluence-context-path\" name=\"confluence-context-path\" content=\"\">\n<meta id=\"confluence-base-url\" name=\"confluence-base-url\" content=\"https://192.168.1.4\">\n<meta id=\"atlassian-token\" name=\"atlassian-token\" content=\"d78e2b977d28428e411e31b958c9c502c2425083\">\n<script id=\"frontend-js-extra\">var hashform_vars = {\"ajaxurl\":\"\\/wp-admin\\/admin-ajax.php\",\"ajax_nounce\":\"d78e2b97\",\"preview_img\":\"\"};</script>\n<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>\n<B>SonicWall Universal Management Suite v9.3</B>\n<br>OK<br>\n<script type=\"text/javascript\">var csrfMagicToken = \"sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646\";var csrfMagicName = \"__vtrftk\";</script>\n<select id=\"cars\" name=\"name\">\n<option value=\"olvo\">olvo</option>\n</select>\n<a href=\"/VICIdial/phone\">MODIFY</a>\n<input type=\"hidden\" name=\"extension\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"pass\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"recording_exten\"  value=\"1804289383\" >\n<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>\n<input type='hidden' name='LDCSA_CSRF' value=\"sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985\" />\n<script type='text/javascript'>\n\tvar cactiVersion='1.2.27';\n\tvar cactiServerOS='unix';\n\tvar cactiAction='';\n\tvar theme='modern';\n\tvar refreshIsLogout=true;\n\tvar refreshPage='/logout.php?action=timeout';\n\tvar refreshMSeconds=1440000;\n\tvar urlPath='/';\n\tvar previousPage='';\n\tvar sessionMessage=[];\n\tvar csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';\n</script>\n\n<!--\n<Username Level=\"40/40\" Dispatch=\"account\">admin</Username><User1><Password Level=\"40/40\" Dispatch=\"account\">admin</Password></User1>\n/var/pinglog\n<TITLE>Login</TITLE>\n<a href=\"jpg.html\">LIVE JPEG</a><br>\n<a href=\"liveie.html\">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>\n<a href=\"DVRRemoteAP.exe\">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVRRemoteAP_X64.exe\">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVFPlayer.zip\">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>\n<\\?xml version=\"1.0\" encoding=\"utf-8\"?><base64Binary xmlns=\"http://micros-hosting.com/EGateway/\">\nLocation: /admin\n<meta name=\"generator\" content=\"vBulletin 5.5.4\" />\nLocation: http://<ip>:80/relogin.htm?_t=3541144909\nLocation: http://<ip>:80/syscmd.htm\" Location: /ui/login\n/cgi-bin/webctrl.cgi?action=index_page\nPDR-M800\nfunction btnPing()\n<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF=\"http://<ip>:80/relogin.htm?_t=179439949\">here</A></BODY></HTML>\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_shortcut.png\">\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_logo.png\">\n<td class=\"Copyright\" colspan=\"2\" style=\"text-align:justify\" height=\"20\" valign=\"bottom\">\u00a9 2017 Cisco Systems, Inc. All Rights Reserved.\n<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered\ntrademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates\nin the United States and certain other countries.\n</td>\n:\n#\n>\n$\nSSH key is good\nis not a valid ref and may not be archived\npcPassword2\n'&sessionKey=790148060;'\nname=\"sessionKey\" value=\"790148060\"\nSet-Cookie: loginName=admin\nvar fgt_lang = /dev/cmdb/sslvpn_websession\nphp 8.1.0-dev exit\nspringframework\nTomcat\nDEVICE.ACCOUNT=admin\nAUTHORIZED_GROUP=1\n<uid></uid>\n<name>Admin</name>\n<usrid></usrid>\n<password>admin</password>\n<group></group>\ncpto /tmp/\"root\"\nModel=AC1450\r\nFirmware=V1.0.0.36_10.0.17\r\n\"exceptionMessageValue\":\"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found.\"\nBIG-IP release 15.0.0\nuser:root\n12345admin123'\nFailed to process image\n\nLocation: http://192.168.0.1:52869/picsdesc.xml\nYou don't have permission to access /vpns/ on this server.\n[global]\n    workgroup = intranet\n    encrypt passwords = Yes\n    update encrypted = Yes\n\nfuncionando\nsystem_sofia\nname resolve order\nInfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo\n<b>File Uploaded !!!</b><br>\nant=951d11e51392117311602d0c25435d7f\n38ee63071a04dc5e04ed22624c38e648\n6f3249aa304055d63828af3bfab778f6\n<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>\n[local]\n tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Y2Q3OGM2MzliZjliZTdmOWRjMjQwZTI1PT0=\n addr = <ip>\n\"Powered by vBulletin Version 5.5.4\"\n789551\nLinear eMerge\nSuperSign\nubiq\nYacht\nZeroshell\nFastWeb\nAuthInfo:\nloadingIndicator_bk\nZyxel\nskyrouter\nWAP54\norg.apache.spark.ui\n\n\n\nID: \"00af\", version: \"7.7.31.1\", AddItem: function (a, item, c) {}\n<insert implant configuration content here>\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api\nCopyright (c) 2015-2020 by Cisco Systems, Inc.\nAll rights reserved.\nSSL VPN Service\nwsConvertPptResponse\n<input id=\"txtUserName\" class=\"txt-input\" type=\"text\" name=\"userName\" value=\"\" />\n<input id=\"txtPassword\" class=\"txt-input\" type=\"password\" name=\"password\" value=\"\" />\n<button id=\"btnLogin\" lc=\"html\" lk=\"IDCS_LOGIN_NBSP\">\n<span lc=\"html\" lk=\"IDCS_BS_PLUGIN_DOWNLOAD\" style=\"line-height: 30px; vertical-align: top;\"></span>\n<script src=\"../Scripts/login.htm.js?v={JS_CSS_V}\" type=\"text/javascript\"></script>\n<LegacyDN>eD2bxe4</LegacyDN>\n<title class=\"_ctxstxt_NetscalerGateway\">\nSAML Assertion verification failed; Please contact your administrator\nv=2b46554c087d2d5516559e9b8bc1875d\n/vpn/images/AccessGateway.ico\nframe-busting\n/vpn/js/logout_view.js?v=\n_ctxstxt_NetscalerAAA\nlib.min20200813.js\n401 Unauthorized Basic realm=\nsName='1';onTest(this);\nvar passadm = \"admin\";\nOPMODE_BRIDGE\ndocument.all.cmd_result\n<input id=\"key\" type=\"text\" style=\"width: 200px\" value=\"02108CB9-2200D5A4\">\n<input id=\"date\" type=\"text\" style=\"width: 200px\" value=\"12/25/2023\">\nmain page cgi-bin/login.cgi\nvar sessionKey='030ff030ff88';\nloc += '&sessionKey=19dec20030ff8dcb2';\n}\n\nvar code = 'location=\"' + loc + '\"';\n\nPassword change successful\nJ2100N GPON ONT\n/cgi-bin/webui/admin\nsesskey\nname=admin pass=123 priv=ppp\nservice=www.dlinkddns.com\nsysCmdType\nContent-Type: auth/request\n\n\nContent-Type: command/reply\n\nReply-Text: +OK accepted\n\n\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)\n007b2000-007c1000 rw-p 00000000 00:00 0\nSize:                 60 kB\nRss:                  52 kB\nPss:                  52 kB\nShared_Clean:          0 kB\nShared_Dirt",
         "datamd5" : "01aea9cd98e60d39b3e1bc23c517d70a",
         "datammh3" : -1900271019,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS45102",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "CN",
            "countryname" : "China",
            "domain" : [
               "alibaba-inc.com",
               "cnnic.cn"
            ],
            "isineu" : "false",
            "latitude" : "35.86166",
            "location" : "35.86166,104.195397",
            "longitude" : "104.195397",
            "netname" : "ALISOFT",
            "organization" : "Alibaba (US) Technology Co., Ltd.",
            "subnet" : "47.113.0.0/16"
         },
         "ip" : "47.113.219.226",
         "ipv6" : "false",
         "latitude" : "22.5559",
         "location" : "22.5559,114.0577",
         "longitude" : "114.0577",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Hangzhou Alibaba Advertising Co.,Ltd.",
         "os" : "Linux",
         "osdistribution" : "sUse",
         "osvendor" : "Linux",
         "port" : 4782,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 200,
         "subnet" : "47.112.0.0/13",
         "tag" : "<enterprise field>: tag",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 89.31.123.197:4782 (tcp/http) - last seen on 2024-11-07 at 03:27:45 UTC

    • IP
      89.31.123.197
      Network
      89.31.123.0/24
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://89.31.123.197:4782/ 401

      ASN
      AS9009
      Organization
      M247 Europe SRL
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      16234ea1da40e03f1317c21396981c69
      HTTP Header MD5
      8f4a29b9be97398ee40f9827947fcbaf
      HTTP Body MD5
      9c13653d29a59fbb245670a68c158d4c
    • HTTP/1.1 401 Unauthorized
      Date: Thu, 07 Nov 2024 03:27:44 UTC
      Content-Type: text/plain;charset=UTF-8
      Connection: keep-alive
      TeamCity-Node-Id: MAIN_SERVER
      WWW-Authenticate: Basic realm="TeamCity"
      WWW-Authenticate: Bearer realm="TeamCity"
      Cache-Control: no-store
      
      Authentication required
      To login manually go to "/login.html" page
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:27:45.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "9c13653d29a59fbb245670a68c158d4c",
               "bodymmh3" : 866407170,
               "headermd5" : "8f4a29b9be97398ee40f9827947fcbaf",
               "headermmh3" : 2003728399,
               "realm" : "TeamCity"
            },
            "length" : 337
         },
         "asn" : "AS9009",
         "city" : "Vienna",
         "country" : "AT",
         "data" : "HTTP/1.1 401 Unauthorized\r\nDate: Thu, 07 Nov 2024 03:27:44 UTC\r\nContent-Type: text/plain;charset=UTF-8\r\nConnection: keep-alive\r\nTeamCity-Node-Id: MAIN_SERVER\r\nWWW-Authenticate: Basic realm=\"TeamCity\"\r\nWWW-Authenticate: Bearer realm=\"TeamCity\"\r\nCache-Control: no-store\r\n\r\nAuthentication required\nTo login manually go to \"/login.html\" page",
         "datamd5" : "16234ea1da40e03f1317c21396981c69",
         "datammh3" : 1096304710,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS9009",
            "continent" : "EU",
            "continentname" : "Europe",
            "country" : "AT",
            "countryname" : "Austria",
            "domain" : [
               "89.in-addr.arpa",
               "edis.at"
            ],
            "isineu" : "true",
            "latitude" : "47.516231",
            "location" : "47.516231,14.550072",
            "longitude" : "14.550072",
            "netname" : "EDIS-AT-NET",
            "organization" : "EDIS GmbH",
            "subnet" : "89.31.123.0/24"
         },
         "ip" : "89.31.123.197",
         "ipv6" : "false",
         "latitude" : "48.1535",
         "location" : "48.1535,16.3855",
         "longitude" : "16.3855",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "M247 Europe SRL",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 4782,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Unauthorized",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 401,
         "subnet" : "89.31.123.0/24",
         "tag" : "<enterprise field>: tag",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 210.101.109.5:4782 (tcp/http) - last seen on 2024-11-07 at 03:27:42 UTC

    • IP
      210.101.109.5
      Network
      210.101.64.0/18
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

      Operating System
      SonicWall SonicOS
      URL

      http://210.101.109.5:4782/ 302

      HTTP Title
      Policy Jump
      ASN
      AS4766
      Organization
      Korea Telecom
      Protocol
      http
      Source
      datascan
    • Operating System
      SonicWall SonicOS
      HTTP Component(s)
      SonicWall SonicWall
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      8332030c845aaae05eb386bea74678a0
      HTTP Header MD5
      abacb902cd555996ea7c81367d39d2cf
      HTTP Body MD5
      7f437575f8c2fc5ea0b8a911e38bf0f9
    • HTTP/1.0 302 Found
      Content-type: text/html
      X-Content-Type-Options: nosniff
      Location: https://210.101.110.254:1443/dynPolLoginRedirect.html?cid=0
      
      <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
      <html>
      <head><meta http-equiv="Content-Type" content="text/html; charset=utf-8">
      
      	<title>Policy Jump</title>
      	<meta name="id" content="policyJump" >
      	<meta http-equiv="Expires" content="0">
      </head>
      <BODY>This document has moved <A href="https://210.101.110.254:1443/dynPolLoginRedirect.html?cid=0">here</A></BODY>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:27:42.000Z",
         "app" : {
            "extract" : {
               "ip" : [
                  "210.101.110.254"
               ],
               "url" : [
                  "https://210.101.110.254:1443/dynPolLoginRedirect.html?cid=0"
               ]
            },
            "http" : {
               "bodymd5" : "7f437575f8c2fc5ea0b8a911e38bf0f9",
               "bodymmh3" : -626897434,
               "component" : [
                  {
                     "product" : "SonicWall",
                     "productvendor" : "SonicWall"
                  }
               ],
               "headermd5" : "abacb902cd555996ea7c81367d39d2cf",
               "headermmh3" : -109501120,
               "title" : "Policy Jump"
            },
            "length" : 547
         },
         "asn" : "AS4766",
         "city" : "Buk-gu",
         "country" : "KR",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.0 302 Found\r\nContent-type: text/html\r\nX-Content-Type-Options: nosniff\r\nLocation: https://210.101.110.254:1443/dynPolLoginRedirect.html?cid=0\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">\r\n<html>\r\n<head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\r\n\r\n\t<title>Policy Jump</title>\r\n\t<meta name=\"id\" content=\"policyJump\" >\r\n\t<meta http-equiv=\"Expires\" content=\"0\">\r\n</head>\r\n<BODY>This document has moved <A href=\"https://210.101.110.254:1443/dynPolLoginRedirect.html?cid=0\">here</A></BODY>\r\n</html>\r\n",
         "datamd5" : "8332030c845aaae05eb386bea74678a0",
         "datammh3" : 1436404183,
         "device" : {
            "class" : "<enterprise field>: device.class",
            "product" : "<enterprise field>: device.product",
            "productvendor" : "<enterprise field>: device.productvendor"
         },
         "geolocus" : {
            "asn" : "AS4766",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "KR",
            "countryname" : "South Korea",
            "domain" : [
               "kt.com",
               "nic.or.kr"
            ],
            "isineu" : "false",
            "latitude" : "35.907757",
            "location" : "35.907757,127.766922",
            "longitude" : "127.766922",
            "netname" : "KORNET",
            "organization" : "Korea Telecom",
            "subnet" : "210.101.64.0/18"
         },
         "ip" : "210.101.109.5",
         "ipv6" : "false",
         "latitude" : "35.9616",
         "location" : "35.9616,128.5413",
         "longitude" : "128.5413",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Korea Telecom",
         "os" : "SonicOS",
         "osvendor" : "SonicWall",
         "port" : 4782,
         "protocol" : "http",
         "protocolversion" : "1.0",
         "reason" : "Found",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 302,
         "subnet" : "210.101.64.0/18",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 84.43.202.134:4782 (tcp/http) - last seen on 2024-11-07 at 03:27:42 UTC

    • IP
      84.43.202.134
      Network
      84.43.128.0/17
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows
      URL

      http://84.43.202.134:4782/ 404

      HTTP Title
      Not Found
      ASN
      AS21230
      Organization
      M SAT Cable EAD
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows
      Product
      Microsoft HTTPAPI 2.0
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      634d5281a64959deb2a0c361a16bcf44
      HTTP Header MD5
      d30ea3d8118160dd164e28b2fe124279
      HTTP Body MD5
      344d3f7baff022f79c37992e1bd5d040
    • HTTP/1.1 404 Not Found
      Content-Type: text/html; charset=us-ascii
      Server: Microsoft-HTTPAPI/2.0
      Date: Thu, 07 Nov 2024 03:27:40 GMT
      Connection: close
      Content-Length: 315
      
      <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
      <HTML><HEAD><TITLE>Not Found</TITLE>
      <META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
      <BODY><h2>Not Found</h2>
      <hr><p>HTTP Error 404. The requested resource is not found.</p>
      </BODY></HTML>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-07T03:27:42.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "w3.org"
               ],
               "hostname" : [
                  "www.w3.org"
               ],
               "url" : [
                  "http://www.w3.org/TR/html4/strict.dtd"
               ]
            },
            "http" : {
               "bodymd5" : "344d3f7baff022f79c37992e1bd5d040",
               "bodymmh3" : 225052475,
               "headermd5" : "d30ea3d8118160dd164e28b2fe124279",
               "headermmh3" : -1972292532,
               "title" : "Not Found"
            },
            "length" : 492
         },
         "asn" : "AS21230",
         "city" : "Varna",
         "country" : "BG",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 404 Not Found\r\nContent-Type: text/html; charset=us-ascii\r\nServer: Microsoft-HTTPAPI/2.0\r\nDate: Thu, 07 Nov 2024 03:27:40 GMT\r\nConnection: close\r\nContent-Length: 315\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Not Found</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Not Found</h2>\r\n<hr><p>HTTP Error 404. The requested resource is not found.</p>\r\n</BODY></HTML>\r\n",
         "datamd5" : "634d5281a64959deb2a0c361a16bcf44",
         "datammh3" : 954872337,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "ip" : "84.43.202.134",
         "ipv6" : "false",
         "latitude" : "43.2002",
         "location" : "43.2002,27.9425",
         "longitude" : "27.9425",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "M SAT Cable EAD",
         "os" : "Windows",
         "osvendor" : "Microsoft",
         "port" : 4782,
         "product" : "HTTPAPI",
         "productvendor" : "Microsoft",
         "productversion" : "2.0",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Not Found",
         "seen_date" : "2024-11-07",
         "source" : "datascan",
         "status" : 404,
         "subnet" : "84.43.128.0/17",
         "tag" : "<enterprise field>: tag",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }