Returning 10 result(s) out of 21,805 in 0.064 second(s)

  • 47.129.128.2:563 (tcp/http) - last seen on 2024-11-21 at 09:22:53 UTC

    • IP
      47.129.128.2
      Network
      47.128.0.0/14
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://47.129.128.2:563/ 200

      HTTP Title
      RocketMq-console-ng
      Reverse DNS
      ec2-47-129-128-2.ap-southeast-1.compute.amazonaws.com
      ASN
      AS16509
      Organization
      AMAZON-02
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      HTTP Component(s)
      PHP PHP 5.4.45 Apache RocketMQ
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      127828bd5b342a4dc4f26e35fba9662b
      HTTP Header MD5
      1ac42ac8b38aa67a2ac94744ebe0e58e
      HTTP Body MD5
      478dde33b31cff7952ac1d071d54f9d9
    • HTTP/1.1 200 OK
      Connection: close
      Date: Thu, 21 Nov 2024 09:22:53 GMT
      Server: Avaya CMBE/2.0.0
      X-Powered-By: PHP/5.4.45
      Content-Length: 523
      Content-Type: text/html
      Set-Cookie: csrftoken=cxKDXyKs458BDPvKdYOhonpUVWi8AVLTVrlu4JokLQYblNCaSxdexZhbetrAJQwL
      
      <html><head><link rel="icon" href="/favicon_ca2cbb0e-a93a-405f-b3e0-0ec469c0bb0a.ico"><title>RocketMq-console-ng</title></head><body><span>idqyfef963sgbg0ufitgm9xdela</span><p>1pjx1oolbjuh4ko5</p><h2>nya8y3jbor5wpezl5n3ndyw1vhp1k</h2><p>dqy1mx66fpg0pqc</p><h3>eushilk73zhzfy6</h3><h3>1gh970g</h3><span>n1ergtcuqtq1332rppp</span><h2>1b3nd4bp4gy1jdw</h2><h1>se6f0r6804rfp9axk7</h1><h2>va4z6h7dd0vv8l775nzhualn7t5</h2><p>26u5u3dforp</p><span>0dnuqgttfe5rsn</span><h2>941k89mp1gots60vqbl9</h2><p>c6noqs05nup2l</p></body></html>
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:22:53.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "478dde33b31cff7952ac1d071d54f9d9",
               "bodymmh3" : 1388647559,
               "component" : [
                  {
                     "product" : "PHP",
                     "productvendor" : "PHP",
                     "productversion" : "5.4.45"
                  },
                  {
                     "productvendor" : "Apache",
                     "product" : "RocketMQ"
                  }
               ],
               "headermd5" : "1ac42ac8b38aa67a2ac94744ebe0e58e",
               "headermmh3" : -2026369737,
               "title" : "RocketMq-console-ng"
            },
            "length" : 784
         },
         "asn" : "AS16509",
         "city" : "Singapore",
         "country" : "SG",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 21 Nov 2024 09:22:53 GMT\r\nServer: Avaya CMBE/2.0.0\r\nX-Powered-By: PHP/5.4.45\r\nContent-Length: 523\r\nContent-Type: text/html\r\nSet-Cookie: csrftoken=cxKDXyKs458BDPvKdYOhonpUVWi8AVLTVrlu4JokLQYblNCaSxdexZhbetrAJQwL\r\n\r\n<html><head><link rel=\"icon\" href=\"/favicon_ca2cbb0e-a93a-405f-b3e0-0ec469c0bb0a.ico\"><title>RocketMq-console-ng</title></head><body><span>idqyfef963sgbg0ufitgm9xdela</span><p>1pjx1oolbjuh4ko5</p><h2>nya8y3jbor5wpezl5n3ndyw1vhp1k</h2><p>dqy1mx66fpg0pqc</p><h3>eushilk73zhzfy6</h3><h3>1gh970g</h3><span>n1ergtcuqtq1332rppp</span><h2>1b3nd4bp4gy1jdw</h2><h1>se6f0r6804rfp9axk7</h1><h2>va4z6h7dd0vv8l775nzhualn7t5</h2><p>26u5u3dforp</p><span>0dnuqgttfe5rsn</span><h2>941k89mp1gots60vqbl9</h2><p>c6noqs05nup2l</p></body></html>",
         "datamd5" : "127828bd5b342a4dc4f26e35fba9662b",
         "datammh3" : -39140628,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "amazonaws.com"
         ],
         "geolocus" : {
            "asn" : "AS16509",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "SG",
            "countryname" : "Singapore",
            "domain" : [
               "amazon.com",
               "amazonaws.com"
            ],
            "isineu" : "false",
            "latitude" : "1.352083",
            "location" : "1.352083,103.819836",
            "longitude" : "103.819836",
            "netname" : "AMAZON-SIN",
            "organization" : "Amazon Data Services Singapore",
            "subnet" : "47.128.0.0/14"
         },
         "host" : [
            "ec2-47-129-128-2"
         ],
         "hostname" : [
            "ec2-47-129-128-2.ap-southeast-1.compute.amazonaws.com"
         ],
         "ip" : "47.129.128.2",
         "ipv6" : "false",
         "latitude" : "1.2868",
         "location" : "1.2868,103.8503",
         "longitude" : "103.8503",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "AMAZON-02",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 563,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "reverse" : [
            "ec2-47-129-128-2.ap-southeast-1.compute.amazonaws.com"
         ],
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 200,
         "subdomains" : [
            "ap-southeast-1.compute.amazonaws.com",
            "compute.amazonaws.com"
         ],
         "subnet" : "47.128.0.0/14",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "com"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 38.54.29.113:563 (tcp/http) - last seen on 2024-11-21 at 09:22:07 UTC

    • IP
      38.54.29.113
      Network
      38.54.24.0/21
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux sUse
      URL

      http://38.54.29.113:563/ 200

      HTTP Title
      ConfigSystemCommand
      HTTP Keyword(s)
      voip vos3000
      HTTP Copyright
      www.linknat.com, 昆石网络
      ASN
      AS138915
      Organization
      Kaopu Cloud HK Limited
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux sUse
      HTTP Component(s)
      Microsoft ASP.NET 4.0.30319 Roundcube Webmail Gitlab Gitlab Jenkins Jenkins 2.121.3 Atlassian Confluence Varnish-Cache Varnish Drupal Drupal 8 SPIP SPIP 4.1.11
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      c8da576e48f275b84945d462fcacc4a9
      HTTP Header MD5
      f1440b911fa40cdd6f6aaea51e85714a
      HTTP Body MD5
      1510f68d96d66d76929c92627109e805
    • HTTP/1.1 200 OK
      Composed-By: SPIP 4.1.11 @ www.spip.net
      Content-Length: 106282
      Content-Type: text/html;charset=utf-8
      Last-Modified: Fri, 29 Jul 2022 16:53:01 GMT
      Loginip: <srcip>
      Mime-Version: 1.0
      P3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
      Pragma: private
      Server: OPNsense
      Set-Cookie: akaunting_session=7b22; Path=/;
      Set-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;
      Set-Cookie: sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;
      Set-Cookie: webvpnaac=1; path=/; secure;
      Set-Cookie: __s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/
      Set-Cookie: DSSignInURL=/; path=/; secure;
      Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095
      Set-Cookie: adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;
      Set-Cookie: grafana_session=f7fbcb089c6994b7bc45775fdae1a13c; Path=/; Max-Age=2592000; HttpOnly; Secure; SameSite=Lax
      Set-Cookie: swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs=; path=/; secure; HttpOnly;
      Set-Cookie: UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;
      Set-Cookie: SUPPORTCHROMEOS=1; path=/; secure;
      Set-Cookie: cepcAdminID=25263a2bf; path=/;
      Set-Cookie: sesskey=21263a2bf; path=/;
      Set-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;
      Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095
      Set-Cookie: rememberMe=deleteMe; path=/;
      Set-Cookie: X-Qlik-Session=35263a2bf; path=/;
      X-Aspnet-Version: 4.0.30319
      X-Backside-Transport: FAIL FAIL
      X-Cache: MISS from Hello
      X-Cache-Lookup: MISS from Hello:8080
      X-Cache-Miss-From: parking-74c5b8d946-dhmw5
      X-Content-Powered-By: K2 v2.8.0 (by JoomlaWor
      X-Content-Type-Options: nosniff
      X-Dc: gcp-us-east1,gcp-us-central1,gcp-us-central1
      X-Drupal-Cache: xHIT
      X-Drupal-Dynamic-Cache: MISS
      X-Frame-Options: SAMEORIGIN
      X-Generator: Drupal 8 (https://www.drupal.org)
      X-Jenkins: 2.121.3
      X-Jenkins-Session: f72d6619
      X-Powered-Cms: Bitrix Site Manager (31ebf3fe2d1251fbd7f82a700bcc1f66)
      X-Robots-Tag: none
      X-Varnish: 336777937
      X-Varnish-Cache: Miss
      X-Wix-Request-Id: 1579229867.6801399
      X-Xss-Protection: 1; mode=block
      Date: Thu, 21 Nov 2024 09:22:07 GMT
      Connection: close
      
      <!DOCTYPE html>
      <html>
      <head>
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
      <meta http-equiv="X-UA-Compatible" content="IE=edge">
      <meta http-equiv="Pragma" content="no-cache" />
      <meta charset="utf-8">
      <meta content="IE=edge" http-equiv="X-UA-Compatible">
      <meta content="object" property="og:type">
      <meta content="GitLab" property="og:site_name">
      <meta content="Help" property="og:title">
      <meta content="GitLab Community Edition" property="og:description">
      <meta content="summary" property="twitter:card">
      <meta content="Help" property="twitter:title">
      <meta content="GitLab Community Edition" property="twitter:description">
      <meta content="GitLab Community Edition" name="description">
      <meta content="#474D57" name="theme-color">
      <meta content="#30353E" name="msapplication-TileColor">
      <meta name="csrf-param" content="authenticity_token" />
      <meta name="csrf-token" content="8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4ce77c63bbe80f8f6d9240e2003==" />
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
      <meta http-equiv="expires" content="-1"/>
      <meta name="keywords" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/>
      <meta name="author" content="www.linknat.com, 昆石网络"/>
      <meta name="copyright" content="www.linknat.com, 昆石网络"/>
      <meta name="generator" content="SPIP 4.1.11" />
      <script src="/jquery.min.js"></script> 
      <title>ConfigSystemCommand</title>
      </head>
      <body>
      <div style="display: none;">
      <script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"THtoAUxH4sS9","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script>
      <SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last="1">fritzr</User></Users></SessionInfo>
      <Account>
      <Entry0 Active="Yes" username="CMCCAdmin" web_passwd="CmcC4dm1n5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
      <Entry1 Active="Yes" username="useradmin" web_passwd="Gu4ngx1pd5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
      <Entry2 Active="Yes" username="CUAdmin"   web_passwd="CUAdmin5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
      <TelnetEntry Active="Yes" telnet_username="Admin" telnet_passwd="cxx4dm1n5591" telnet_port="23"/>
      <FtpEntry Active="Yes" ftp_right="1" ftp_auth="1" ftp_username="Admin" ftp_passwd="cxx4dm1n5591" ftp_port="21" />
      <SambaEntry Active="Yes" smb_right="1" smb_auth="1" smb_username="Admin" smb_passwd="cxx4dm1n5591" />
      <ConsoleEntry Active="Yes" console_username="Admin" console_passwd="cxx4dm1n5591"/>
      <CTDefParaEntry setDefValueFlag="1" />
      </Account>
      <div>8.5.5 (Build:20200530.307-TEMP)</div>
      <span class="greyNote version"><span class="vWord">Version</span> 2023.11.3 (build 147512)</span>
      <h1>Logged in as <strong>admin</strong></h1><input type="hidden" name="csrfmiddlewaretoken" value="e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y"><textarea id="3revi" name="revi" rows="4" cols="50">server1 Ubuntu 22.04 LTS</textarea>
      <ca status="disabled" href="/+CSCOCA+/login.html" />
      <form action="/login/vpnSdef" enctype="multipart/form-data" method="post" name="login">
          <div data-user="root" data-module="package-updates"></div>
          <code>The zip file did not contain an entry exportDescriptor.properties</code>
          <span class="form-hidden"><input name="page" value="login" type="hidden"/><input name="formulaire_action" type="hidden" value="login" /><input name="formulaire_action_args" type="hidden" value="dzdNV0MzUGFDV0NHemR6bWorekNEWHY=" /><input name="formulaire_action_sign" type="hidden" value="" /></span>
          <message>Please enter your username and password.</message>
          <input name="formid" type="hidden" value="012afed" />
          <input name="javax.faces.ViewState" type="hidden" value="012afed" />
          <input name="queryString" type="hidden" value="1406192" />
          <div class="versionInfo">The Cacti Group Version 1.2.25</div>
          <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>
          <input type="hidden" name="token" value="0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec">
          <input type='hidden' name='__csrf_magic' value="key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654" />
          <input type="hidden" name="tokenid"  value="1804289383" >
          <input type="hidden" name="name"  value="1804289383" >
          <input type="hidden" name="csrfKey" value="621aec6b886ff81169bed7de5d47b5ed">
          <input type="hidden" name="csrf_token" value="621aec6b886ff81169bed7de5d47b5ed">
      	<input type="hidden" name="ref" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" name="username_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" name="password_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" id="csrf" name="csrf" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" id="csrf" name="xd_check" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" id="give-form-id" name="give-form-id" value="621aec6b886ff81169bed7de5d47b5ed">
      	<input type="hidden" id="give-form-hash" name="give-form-hash" value="621aec6b886ff81169bed7de5d47b5ed">
          <input type="text" name="username" label="Username:" value="admin" />
          <input type="password" name="password" label="Password:" value="123456" />
          <input type="hidden" name="tgroup" value="DefaultADMINGroup" />
          <input type="submit" name="Login" value="Login" />
          <input type="reset" name="Clear" value="Clear" />
      </form>
      <input type="hidden" value="Maintain/cloud_index.php" id="cloud_addr">
      <li class="lisel" onclick="location.href='index.php'">日志系统</li>
      <li class="linormal" onclick="location.href='Maintain/cloud_index.php'" style="margin-left:1px;">云平台</li>
      <button type="button" data-price-id=True>sb</button>
      <div class="prod_madelName">RT-AC5300</div>
      <div class="p1 title_gap">Sign in with your ASUS router account</div>
      <tr class="h"><th>PHP Group</th></tr>
      <tr><td class="e">upload_tmp_dir</td><td class="v">/etc/httpd/_tmp</td><td class="v">/etc/httpd/_tmp</td></tr>
      <tr><td class="e">$_SERVER['DOCUMENT_ROOT']</td><td class="v">/mnt/HDD2/web/</td></tr>
      <var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>
      <span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>
      <div class="text" id="jive-loginVersion"> Openfire, Version: 3.6.0a</div>
      <a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>
      <div id="mcname">LoadMaster</div>
      <p><br/><span>出厂IP:192.168.1.1</span><br/><span>用户名、密码:admin admin</span></p>
      <td colspan="2">Please enter your Cacti user name and password below:</td>
      <meta id="confluence-context-path" name="confluence-context-path" content="">
      <meta id="confluence-base-url" name="confluence-base-url" content="https://192.168.1.4">
      <meta id="atlassian-token" name="atlassian-token" content="d78e2b977d28428e411e31b958c9c502c2425083">
      <script id="frontend-js-extra">var hashform_vars = {"ajaxurl":"\/wp-admin\/admin-ajax.php","ajax_nounce":"d78e2b97","preview_img":""};</script>
      <div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>
      <B>SonicWall Universal Management Suite v9.3</B>
      <br>OK<br>
      <script type="text/javascript">var csrfMagicToken = "sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646";var csrfMagicName = "__vtrftk";</script>
      <select id="cars" name="name">
      <option value="olvo">olvo</option>
      </select>
      <a href="/VICIdial/phone">MODIFY</a>
      <input type="hidden" name="extension"  value="1804289383" >
      <input type="hidden" name="pass"  value="1804289383" >
      <input type="hidden" name="recording_exten"  value="1804289383" >
      <script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>
      <input type='hidden' name='LDCSA_CSRF' value="sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985" />
      <input type="hidden" name="admin-nonce" value="4419bb0cd2d21ef7b4cf25c9e5206f89" />
      <h3 class="text-center"> <span class="soplanning_index_title2">Simple Online Planning</span> <small>v1.51.01</small> </h3>
      <span>F3x26Q v1.1 (Sep 15 2023 12:36:09) std</span>
      <script type='text/javascript'>
      	var cactiVersion='1.2.27';
      	var cactiServerOS='unix';
      	var cactiAction='';
      	var theme='modern';
      	var refreshIsLogout=true;
      	var refreshPage='/logout.php?action=timeout';
      	var refreshMSeconds=1440000;
      	var urlPath='/';
      	var previousPage='';
      	var sessionMessage=[];
      	var csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';
      </script>
      
      <!--
      <Username Level="40/40" Dispatch="account">admin</Username><User1><Password Level="40/40" Dispatch="account">admin</Password></User1>
      /var/pinglog
      <TITLE>Login</TITLE>
      <a href="jpg.html">LIVE JPEG</a><br>
      <a href="liveie.html">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>
      <a href="DVRRemoteAP.exe">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
      <a href="DVRRemoteAP_X64.exe">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
      <a href="DVFPlayer.zip">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>
      <\?xml version="1.0" encoding="utf-8"?><base64Binary xmlns="http://micros-hosting.com/EGateway/">
      Location: /admin
      <meta name="generator" content="vBulletin 5.5.4" />
      Location: http://<ip>:80/relogin.htm?_t=3541144909
      Location: http://<ip>:80/syscmd.htm" Location: /ui/login
      /cgi-bin/webctrl.cgi?action=index_page
      PDR-M800
      function btnPing()
      <HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF="http://<ip>:80/relogin.htm?_t=179439949">here</A></BODY></HTML>
      <link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_shortcut.png">
      <link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_logo.png">
      <td class="Copyright" colspan="2" style="text-align:justify" height="20" valign="bottom">© 2017 Cisco Systems, Inc. All Rights Reserved.
      <br>Cisco, Cisco Systems, and the Cisco Systems logo are registered
      trademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates
      in the United States and certain other countries.
      </td>
      :
      #
      >
      $
      SSH key is good
      is not a valid ref and may not be archived
      pcPassword2
      '&sessionKey=790148060;'
      name="sessionKey" value="790148060"
      Set-Cookie: loginName=admin
      var fgt_lang = /dev/cmdb/sslvpn_websession
      php 8.1.0-dev exit
      springframework
      Tomcat
      DEVICE.ACCOUNT=admin
      AUTHORIZED_GROUP=1
      <uid></uid>
      <name>Admin</name>
      <usrid></usrid>
      <password>admin</password>
      <group></group>
      cpto /tmp/"root"
      Model=AC1450
      Firmware=V1.0.0.36_10.0.17
      "exceptionMessageValue":"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found."
      BIG-IP release 15.0.0
      user:root
      12345admin123'
      Failed to process image
      
      Location: http://192.168.0.1:52869/picsdesc.xml
      You don't have permission to access /vpns/ on this server.
      [global]
          workgroup = intranet
          encrypt passwords = Yes
          update encrypted = Yes
      
      funcionando
      system_sofia
      name resolve order
      InfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo
      <b>File Uploaded !!!</b><br>
      ant=951d11e51392117311602d0c25435d7f
      38ee63071a04dc5e04ed22624c38e648
      6f3249aa304055d63828af3bfab778f6
      <h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>
      [local]
       tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Y2U3N2M2M2JiZTgwZjhmNmQ5MjQwZTIwMDM9PQ==
       addr = <ip>
      "Powered by vBulletin Version 5.5.4"
      789551
      Linear eMerge
      SuperSign
      ubiq
      Yacht
      Zeroshell
      FastWeb
      AuthInfo:
      loadingIndicator_bk
      Zyxel
      skyrouter
      WAP54
      org.apache.spark.ui
      
      
      
      ID: "00af", version: "7.7.31.1", AddItem: function (a, item, c) {}
      <insert implant configuration content here>
      Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api
      Copyright (c) 2015-2020 by Cisco Systems, Inc.
      All rights reserved.
      SSL VPN Service
      wsConvertPptResponse
      <input id="txtUserName" class="txt-input" type="text" name="userName" value="" />
      <input id="txtPassword" class="txt-input" type="password" name="password" value="" />
      <button id="btnLogin" lc="html" lk="IDCS_LOGIN_NBSP">
      <span lc="html" lk="IDCS_BS_PLUGIN_DOWNLOAD" style="line-height: 30px; vertical-align: top;"></span>
      <script src="../Scripts/login.htm.js?v={JS_CSS_V}" type="text/javascript"></script>
      <LegacyDN>eD2bxe4</LegacyDN>
      <title class="_ctxstxt_NetscalerGateway">
      SAML Assertion verification failed; Please contact your administrator
      v=2b46554c087d2d5516559e9b8bc1875d
      /vpn/images/AccessGateway.ico
      frame-busting
      /vpn/js/logout_view.js?v=
      _ctxstxt_NetscalerAAA
      lib.min20200813.js
      401 Unauthorized Basic realm=
      sName='1';onTest(this);
      var passadm = "admin";
      OPMODE_BRIDGE
      document.all.cmd_result
      <input id="key" type="text" style="width: 200px" value="02108CB9-2200D5A4">
      <input id="date" type="text" style="width: 200px" value="12/25/2023">
      main page cgi-bin/login.cgi
      var sessionKey='030ff030ff88';
      loc += '&sessionKey=19dec20030ff8dcb2';
      }
      
      var code = 'location="' + loc + '"';
      
      Password change successful
      J2100N GPON ONT
      /cgi-bin/webui/admin
      sesskey
      name=admin pass=123 priv=ppp
      service=www.dlinkddns.com
      sysCmdType
      Content-Type: auth/request
      
      
      Content-Type: command/reply
      
      Reply-Text: +OK accepted
      
      
      X-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)
      007b2000-007c1000 rw-p 00000000 00:00 0
      Size:                 60 kB
      Rss:                  52 kB
      Pss:                  52 kB
      Shared_Clean:          0 kB
      Shared_Dirty:          0 kB
      Private_Clean:         0 k
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:22:07.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "drupal.org",
                  "micros-hosting.com"
               ],
               "file" : [
                  "dvrremoteap_x64.exe",
                  "dvfplayer.zip",
                  "admin-ajax.php",
                  "p3p.xml",
                  "dvrremoteap.exe",
                  "index.php",
                  "cloud_index.php"
               ],
               "hostname" : [
                  "micros-hosting.com",
                  "www.drupal.org"
               ],
               "ip" : [
                  "1.0.0.36",
                  "192.168.1.10",
                  "192.168.0.1",
                  "192.168.1.4",
                  "192.168.1.1",
                  "7.7.31.1"
               ],
               "url" : [
                  "http://192.168.0.1:52869/picsdesc.xml",
                  "http://micros-hosting.com/EGateway/",
                  "https://192.168.1.4",
                  "https://www.drupal.org"
               ]
            },
            "http" : {
               "bodymd5" : "1510f68d96d66d76929c92627109e805",
               "bodymmh3" : -989279194,
               "component" : [
                  {
                     "product" : "Jenkins",
                     "productvendor" : "Jenkins",
                     "productversion" : "2.121.3"
                  },
                  {
                     "product" : "ASP.NET",
                     "productvendor" : "Microsoft",
                     "productversion" : "4.0.30319"
                  },
                  {
                     "product" : "Webmail",
                     "productvendor" : "Roundcube"
                  },
                  {
                     "productversion" : "4.1.11",
                     "productvendor" : "SPIP",
                     "product" : "SPIP"
                  },
                  {
                     "product" : "Confluence",
                     "productvendor" : "Atlassian"
                  },
                  {
                     "product" : "Varnish",
                     "productvendor" : "Varnish-Cache"
                  },
                  {
                     "product" : "Gitlab",
                     "productvendor" : "Gitlab"
                  },
                  {
                     "product" : "Drupal",
                     "productversion" : "8",
                     "productvendor" : "Drupal"
                  }
               ],
               "copyright" : "www.linknat.com, \u6606\u77f3\u7f51\u7edc",
               "header" : [
                  {
                     "value" : "Fri, 29 Jul 2022 16:53:01 GMT",
                     "name" : "Last-Modified"
                  }
               ],
               "headermd5" : "f1440b911fa40cdd6f6aaea51e85714a",
               "headermmh3" : -1455930631,
               "keywords" : [
                  "voip",
                  "vos3000"
               ],
               "title" : "ConfigSystemCommand"
            },
            "length" : 16305
         },
         "asn" : "AS138915",
         "city" : "Athens",
         "country" : "GR",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nComposed-By: SPIP 4.1.11 @ www.spip.net\r\nContent-Length: 106282\r\nContent-Type: text/html;charset=utf-8\r\nLast-Modified: Fri, 29 Jul 2022 16:53:01 GMT\r\nLoginip: <srcip>\r\nMime-Version: 1.0\r\nP3p: policyref=\"/bitrix/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA\"\r\nPragma: private\r\nServer: OPNsense\r\nSet-Cookie: akaunting_session=7b22; Path=/;\r\nSet-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;\r\nSet-Cookie: sessionid=24263a2bf; webvpnLang=webvpnLang; webvpn=; webvpncontext=00000@SSLContext; path=/;\r\nSet-Cookie: webvpnaac=1; path=/; secure;\r\nSet-Cookie: __s_sessionid__=hh5rq45u9srt079v063jkb8c13; path=/\r\nSet-Cookie: DSSignInURL=/; path=/; secure;\r\nSet-Cookie: roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095\r\nSet-Cookie: adscsrf=66a8d8fd-ffe2-422b-bf08-37b6297afc4f;path=/;SameSite=None;Secure;priority=high;\r\nSet-Cookie: grafana_session=f7fbcb089c6994b7bc45775fdae1a13c; Path=/; Max-Age=2592000; HttpOnly; Secure; SameSite=Lax\r\nSet-Cookie: swap=vFuUpy5thP2HBPenIBJZtmjQHvBP2UiSJNhstyNXrAs=; path=/; secure; HttpOnly;\r\nSet-Cookie: UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;\r\nSet-Cookie: SUPPORTCHROMEOS=1; path=/; secure;\r\nSet-Cookie: cepcAdminID=25263a2bf; path=/;\r\nSet-Cookie: sesskey=21263a2bf; path=/;\r\nSet-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;\r\nSet-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095\r\nSet-Cookie: rememberMe=deleteMe; path=/;\r\nSet-Cookie: X-Qlik-Session=35263a2bf; path=/;\r\nX-Aspnet-Version: 4.0.30319\r\nX-Backside-Transport: FAIL FAIL\r\nX-Cache: MISS from Hello\r\nX-Cache-Lookup: MISS from Hello:8080\r\nX-Cache-Miss-From: parking-74c5b8d946-dhmw5\r\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWor\r\nX-Content-Type-Options: nosniff\r\nX-Dc: gcp-us-east1,gcp-us-central1,gcp-us-central1\r\nX-Drupal-Cache: xHIT\r\nX-Drupal-Dynamic-Cache: MISS\r\nX-Frame-Options: SAMEORIGIN\r\nX-Generator: Drupal 8 (https://www.drupal.org)\r\nX-Jenkins: 2.121.3\r\nX-Jenkins-Session: f72d6619\r\nX-Powered-Cms: Bitrix Site Manager (31ebf3fe2d1251fbd7f82a700bcc1f66)\r\nX-Robots-Tag: none\r\nX-Varnish: 336777937\r\nX-Varnish-Cache: Miss\r\nX-Wix-Request-Id: 1579229867.6801399\r\nX-Xss-Protection: 1; mode=block\r\nDate: Thu, 21 Nov 2024 09:22:07 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta charset=\"utf-8\">\n<meta content=\"IE=edge\" http-equiv=\"X-UA-Compatible\">\n<meta content=\"object\" property=\"og:type\">\n<meta content=\"GitLab\" property=\"og:site_name\">\n<meta content=\"Help\" property=\"og:title\">\n<meta content=\"GitLab Community Edition\" property=\"og:description\">\n<meta content=\"summary\" property=\"twitter:card\">\n<meta content=\"Help\" property=\"twitter:title\">\n<meta content=\"GitLab Community Edition\" property=\"twitter:description\">\n<meta content=\"GitLab Community Edition\" name=\"description\">\n<meta content=\"#474D57\" name=\"theme-color\">\n<meta content=\"#30353E\" name=\"msapplication-TileColor\">\n<meta name=\"csrf-param\" content=\"authenticity_token\" />\n<meta name=\"csrf-token\" content=\"8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4ce77c63bbe80f8f6d9240e2003==\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n<meta http-equiv=\"expires\" content=\"-1\"/>\n<meta name=\"keywords\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"author\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"copyright\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"generator\" content=\"SPIP 4.1.11\" />\n<script src=\"/jquery.min.js\"></script> \n<title>ConfigSystemCommand</title>\n</head>\n<body>\n<div style=\"display: none;\">\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"THtoAUxH4sS9\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last=\"1\">fritzr</User></Users></SessionInfo>\n<Account>\n<Entry0 Active=\"Yes\" username=\"CMCCAdmin\" web_passwd=\"CmcC4dm1n5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry1 Active=\"Yes\" username=\"useradmin\" web_passwd=\"Gu4ngx1pd5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry2 Active=\"Yes\" username=\"CUAdmin\"   web_passwd=\"CUAdmin5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<TelnetEntry Active=\"Yes\" telnet_username=\"Admin\" telnet_passwd=\"cxx4dm1n5591\" telnet_port=\"23\"/>\n<FtpEntry Active=\"Yes\" ftp_right=\"1\" ftp_auth=\"1\" ftp_username=\"Admin\" ftp_passwd=\"cxx4dm1n5591\" ftp_port=\"21\" />\n<SambaEntry Active=\"Yes\" smb_right=\"1\" smb_auth=\"1\" smb_username=\"Admin\" smb_passwd=\"cxx4dm1n5591\" />\n<ConsoleEntry Active=\"Yes\" console_username=\"Admin\" console_passwd=\"cxx4dm1n5591\"/>\n<CTDefParaEntry setDefValueFlag=\"1\" />\n</Account>\n<div>8.5.5 (Build:20200530.307-TEMP)</div>\n<span class=\"greyNote version\"><span class=\"vWord\">Version</span> 2023.11.3 (build 147512)</span>\n<h1>Logged in as <strong>admin</strong></h1><input type=\"hidden\" name=\"csrfmiddlewaretoken\" value=\"e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y\"><textarea id=\"3revi\" name=\"revi\" rows=\"4\" cols=\"50\">server1 Ubuntu 22.04 LTS</textarea>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n<form action=\"/login/vpnSdef\" enctype=\"multipart/form-data\" method=\"post\" name=\"login\">\n    <div data-user=\"root\" data-module=\"package-updates\"></div>\n    <code>The zip file did not contain an entry exportDescriptor.properties</code>\n    <span class=\"form-hidden\"><input name=\"page\" value=\"login\" type=\"hidden\"/><input name=\"formulaire_action\" type=\"hidden\" value=\"login\" /><input name=\"formulaire_action_args\" type=\"hidden\" value=\"dzdNV0MzUGFDV0NHemR6bWorekNEWHY=\" /><input name=\"formulaire_action_sign\" type=\"hidden\" value=\"\" /></span>\n    <message>Please enter your username and password.</message>\n    <input name=\"formid\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"javax.faces.ViewState\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"queryString\" type=\"hidden\" value=\"1406192\" />\n    <div class=\"versionInfo\">The Cacti Group Version 1.2.25</div>\n    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>\n    <input type=\"hidden\" name=\"token\" value=\"0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec\">\n    <input type='hidden' name='__csrf_magic' value=\"key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654\" />\n    <input type=\"hidden\" name=\"tokenid\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"name\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"csrfKey\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"hidden\" name=\"csrf_token\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" name=\"ref\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"username_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"password_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"csrf\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"xd_check\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"give-form-id\" name=\"give-form-id\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" id=\"give-form-hash\" name=\"give-form-hash\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"text\" name=\"username\" label=\"Username:\" value=\"admin\" />\n    <input type=\"password\" name=\"password\" label=\"Password:\" value=\"123456\" />\n    <input type=\"hidden\" name=\"tgroup\" value=\"DefaultADMINGroup\" />\n    <input type=\"submit\" name=\"Login\" value=\"Login\" />\n    <input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n</form>\n<input type=\"hidden\" value=\"Maintain/cloud_index.php\" id=\"cloud_addr\">\n<li class=\"lisel\" onclick=\"location.href='index.php'\">\u65e5\u5fd7\u7cfb\u7edf</li>\n<li class=\"linormal\" onclick=\"location.href='Maintain/cloud_index.php'\" style=\"margin-left:1px;\">\u4e91\u5e73\u53f0</li>\n<button type=\"button\" data-price-id=True>sb</button>\n<div class=\"prod_madelName\">RT-AC5300</div>\n<div class=\"p1 title_gap\">Sign in with your ASUS router account</div>\n<tr class=\"h\"><th>PHP Group</th></tr>\n<tr><td class=\"e\">upload_tmp_dir</td><td class=\"v\">/etc/httpd/_tmp</td><td class=\"v\">/etc/httpd/_tmp</td></tr>\n<tr><td class=\"e\">$_SERVER['DOCUMENT_ROOT']</td><td class=\"v\">/mnt/HDD2/web/</td></tr>\n<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>\n<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>\n<div class=\"text\" id=\"jive-loginVersion\"> Openfire, Version: 3.6.0a</div>\n<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>\n<div id=\"mcname\">LoadMaster</div>\n<p><br/><span>\u51fa\u5382IP\uff1a192.168.1.1</span><br/><span>\u7528\u6237\u540d\u3001\u5bc6\u7801\uff1aadmin admin</span></p>\n<td colspan=\"2\">Please enter your Cacti user name and password below:</td>\n<meta id=\"confluence-context-path\" name=\"confluence-context-path\" content=\"\">\n<meta id=\"confluence-base-url\" name=\"confluence-base-url\" content=\"https://192.168.1.4\">\n<meta id=\"atlassian-token\" name=\"atlassian-token\" content=\"d78e2b977d28428e411e31b958c9c502c2425083\">\n<script id=\"frontend-js-extra\">var hashform_vars = {\"ajaxurl\":\"\\/wp-admin\\/admin-ajax.php\",\"ajax_nounce\":\"d78e2b97\",\"preview_img\":\"\"};</script>\n<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>\n<B>SonicWall Universal Management Suite v9.3</B>\n<br>OK<br>\n<script type=\"text/javascript\">var csrfMagicToken = \"sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646\";var csrfMagicName = \"__vtrftk\";</script>\n<select id=\"cars\" name=\"name\">\n<option value=\"olvo\">olvo</option>\n</select>\n<a href=\"/VICIdial/phone\">MODIFY</a>\n<input type=\"hidden\" name=\"extension\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"pass\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"recording_exten\"  value=\"1804289383\" >\n<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>\n<input type='hidden' name='LDCSA_CSRF' value=\"sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985\" />\n<input type=\"hidden\" name=\"admin-nonce\" value=\"4419bb0cd2d21ef7b4cf25c9e5206f89\" />\n<h3 class=\"text-center\"> <span class=\"soplanning_index_title2\">Simple Online Planning</span> <small>v1.51.01</small> </h3>\n<span>F3x26Q v1.1 (Sep 15 2023 12:36:09) std</span>\n<script type='text/javascript'>\n\tvar cactiVersion='1.2.27';\n\tvar cactiServerOS='unix';\n\tvar cactiAction='';\n\tvar theme='modern';\n\tvar refreshIsLogout=true;\n\tvar refreshPage='/logout.php?action=timeout';\n\tvar refreshMSeconds=1440000;\n\tvar urlPath='/';\n\tvar previousPage='';\n\tvar sessionMessage=[];\n\tvar csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';\n</script>\n\n<!--\n<Username Level=\"40/40\" Dispatch=\"account\">admin</Username><User1><Password Level=\"40/40\" Dispatch=\"account\">admin</Password></User1>\n/var/pinglog\n<TITLE>Login</TITLE>\n<a href=\"jpg.html\">LIVE JPEG</a><br>\n<a href=\"liveie.html\">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>\n<a href=\"DVRRemoteAP.exe\">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVRRemoteAP_X64.exe\">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVFPlayer.zip\">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>\n<\\?xml version=\"1.0\" encoding=\"utf-8\"?><base64Binary xmlns=\"http://micros-hosting.com/EGateway/\">\nLocation: /admin\n<meta name=\"generator\" content=\"vBulletin 5.5.4\" />\nLocation: http://<ip>:80/relogin.htm?_t=3541144909\nLocation: http://<ip>:80/syscmd.htm\" Location: /ui/login\n/cgi-bin/webctrl.cgi?action=index_page\nPDR-M800\nfunction btnPing()\n<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF=\"http://<ip>:80/relogin.htm?_t=179439949\">here</A></BODY></HTML>\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_shortcut.png\">\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_logo.png\">\n<td class=\"Copyright\" colspan=\"2\" style=\"text-align:justify\" height=\"20\" valign=\"bottom\">\u00a9 2017 Cisco Systems, Inc. All Rights Reserved.\n<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered\ntrademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates\nin the United States and certain other countries.\n</td>\n:\n#\n>\n$\nSSH key is good\nis not a valid ref and may not be archived\npcPassword2\n'&sessionKey=790148060;'\nname=\"sessionKey\" value=\"790148060\"\nSet-Cookie: loginName=admin\nvar fgt_lang = /dev/cmdb/sslvpn_websession\nphp 8.1.0-dev exit\nspringframework\nTomcat\nDEVICE.ACCOUNT=admin\nAUTHORIZED_GROUP=1\n<uid></uid>\n<name>Admin</name>\n<usrid></usrid>\n<password>admin</password>\n<group></group>\ncpto /tmp/\"root\"\nModel=AC1450\r\nFirmware=V1.0.0.36_10.0.17\r\n\"exceptionMessageValue\":\"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found.\"\nBIG-IP release 15.0.0\nuser:root\n12345admin123'\nFailed to process image\n\nLocation: http://192.168.0.1:52869/picsdesc.xml\nYou don't have permission to access /vpns/ on this server.\n[global]\n    workgroup = intranet\n    encrypt passwords = Yes\n    update encrypted = Yes\n\nfuncionando\nsystem_sofia\nname resolve order\nInfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo\n<b>File Uploaded !!!</b><br>\nant=951d11e51392117311602d0c25435d7f\n38ee63071a04dc5e04ed22624c38e648\n6f3249aa304055d63828af3bfab778f6\n<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>\n[local]\n tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Y2U3N2M2M2JiZTgwZjhmNmQ5MjQwZTIwMDM9PQ==\n addr = <ip>\n\"Powered by vBulletin Version 5.5.4\"\n789551\nLinear eMerge\nSuperSign\nubiq\nYacht\nZeroshell\nFastWeb\nAuthInfo:\nloadingIndicator_bk\nZyxel\nskyrouter\nWAP54\norg.apache.spark.ui\n\n\n\nID: \"00af\", version: \"7.7.31.1\", AddItem: function (a, item, c) {}\n<insert implant configuration content here>\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api\nCopyright (c) 2015-2020 by Cisco Systems, Inc.\nAll rights reserved.\nSSL VPN Service\nwsConvertPptResponse\n<input id=\"txtUserName\" class=\"txt-input\" type=\"text\" name=\"userName\" value=\"\" />\n<input id=\"txtPassword\" class=\"txt-input\" type=\"password\" name=\"password\" value=\"\" />\n<button id=\"btnLogin\" lc=\"html\" lk=\"IDCS_LOGIN_NBSP\">\n<span lc=\"html\" lk=\"IDCS_BS_PLUGIN_DOWNLOAD\" style=\"line-height: 30px; vertical-align: top;\"></span>\n<script src=\"../Scripts/login.htm.js?v={JS_CSS_V}\" type=\"text/javascript\"></script>\n<LegacyDN>eD2bxe4</LegacyDN>\n<title class=\"_ctxstxt_NetscalerGateway\">\nSAML Assertion verification failed; Please contact your administrator\nv=2b46554c087d2d5516559e9b8bc1875d\n/vpn/images/AccessGateway.ico\nframe-busting\n/vpn/js/logout_view.js?v=\n_ctxstxt_NetscalerAAA\nlib.min20200813.js\n401 Unauthorized Basic realm=\nsName='1';onTest(this);\nvar passadm = \"admin\";\nOPMODE_BRIDGE\ndocument.all.cmd_result\n<input id=\"key\" type=\"text\" style=\"width: 200px\" value=\"02108CB9-2200D5A4\">\n<input id=\"date\" type=\"text\" style=\"width: 200px\" value=\"12/25/2023\">\nmain page cgi-bin/login.cgi\nvar sessionKey='030ff030ff88';\nloc += '&sessionKey=19dec20030ff8dcb2';\n}\n\nvar code = 'location=\"' + loc + '\"';\n\nPassword change successful\nJ2100N GPON ONT\n/cgi-bin/webui/admin\nsesskey\nname=admin pass=123 priv=ppp\nservice=www.dlinkddns.com\nsysCmdType\nContent-Type: auth/request\n\n\nContent-Type: command/reply\n\nReply-Text: +OK accepted\n\n\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)\n007b2000-007c1000 rw-p 00000000 00:00 0\nSize:                 60 kB\nRss:                  52 kB\nPss:                  52 kB\nShared_Clean:          0 kB\nShared_Dirty:          0 kB\nPrivate_Clean:         0 k",
         "datamd5" : "c8da576e48f275b84945d462fcacc4a9",
         "datammh3" : 1539078166,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS138915",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "HK",
            "countryname" : "Hong Kong",
            "domain" : [
               "cogentco.com",
               "kaopucloud.com"
            ],
            "isineu" : "false",
            "latitude" : "22.396428",
            "location" : "22.396428,114.109497",
            "longitude" : "114.109497",
            "netname" : "LIGHTNODE-GR",
            "organization" : "Kaopu Cloud HK Limited",
            "subnet" : "38.54.28.0/23"
         },
         "ip" : "38.54.29.113",
         "ipv6" : "false",
         "latitude" : "37.9842",
         "location" : "37.9842,23.7353",
         "longitude" : "23.7353",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Kaopu Cloud HK Limited",
         "os" : "Linux",
         "osdistribution" : "sUse",
         "osvendor" : "Linux",
         "port" : 563,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 200,
         "subnet" : "38.54.24.0/21",
         "tag" : "<enterprise field>: tag",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 139.162.189.251:563 (tcp/http) - last seen on 2024-11-21 at 09:21:54 UTC

    • IP
      139.162.189.251
      Network
      139.162.0.0/16
      Domain(s)
      linodeusercontent.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux sUse
      URL

      http://139.162.189.251:563/ 200

      HTTP Title
      汉王人脸考勤管理系统
      HTTP Keyword(s)
      voip vos3000
      HTTP Copyright
      www.linknat.com, 昆石网络
      Reverse DNS
      139-162-189-251.ip.linodeusercontent.com
      ASN
      AS63949
      Organization
      Akamai Connected Cloud
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux sUse
      Product
      Microsoft HTTPAPI 2.0
      HTTP Component(s)
      Gitlab Gitlab Metabase Metabase SPIP SPIP 4.1.11 Drupal Drupal 8 Atlassian Confluence Jenkins Jenkins 2.121.3
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      d54ab7d059d6935dd48825c0b8465672
      HTTP Header MD5
      927a6933f9e2eec0a4585babc6509134
      HTTP Body MD5
      95d1849fa097c30e3058b15b47c80145
    • HTTP/1.1 200 OK
      Cf-Cache-Status: DYNAMIC
      Composed-By: SPIP 4.1.11 @ www.spip.net
      Content-Length: 106201
      Content-Type: text/html;charset=utf-8
      Last-Modified: Fri, 29 Jul 2022 16:53:01 GMT
      Loginip: <srcip>
      Pragma: private
      Report-To: {'group': 'network-errors', 'max_age': 2592000, 'endpoints': [{'url': 'https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify'}]}
      Server: Microsoft-HTTPAPI/2.0
      Set-Cookie: USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly
      Set-Cookie: SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;
      Set-Cookie: SUPPORTCHROMEOS=1; path=/; secure;
      Set-Cookie: TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;
      Set-Cookie: UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;
      Set-Cookie: fsm_u=admin; Path=/;
      Set-Cookie: token=21263a2bf; path=/;
      Set-Cookie: akaunting_session=7b22; Path=/;
      Set-Cookie: webvpnaac=1; path=/; secure;
      Set-Cookie: _indexVersion=2; path=/
      Set-Cookie: metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Mon, 25 Apr 2044 03:55:44 +0200;SameSite=None;Secure
      Set-Cookie: CLIENT_ID=7214
      Set-Cookie: rememberMe=deleteMe; path=/;
      Set-Cookie: id=A67B8F9C;
      Set-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;
      Set-Cookie: DSSignInURL=/; path=/; secure;
      Set-Cookie: PHC_DISABLED=1; path=/; secure;
      Set-Cookie: SOLONID=n91i168jps8rd856bcrln2isqe; path=/
      Strict-Transport-Security: max-age=31536000
      X-Cache: MISS from Hello
      X-Cache-Lookup: MISS from Hello:8080
      X-Confluence-Request-Time: 1698802372064
      X-Content-Powered-By: K2 v2.8.0 (by JoomlaWor
      X-Content-Type-Options: nosniff
      X-Download-Options: noopen
      X-Drupal-Cache: xHIT
      X-Drupal-Dynamic-Cache: MISS
      X-Fastly-Request-Id: ed15bdb8f4d9179ebe5b6b8441d6148a4a8e213f
      X-Frame-Options: SAMEORIGIN
      X-Generator: Drupal 8 (https://www.drupal.org)
      X-Jenkins: 2.121.3
      X-Jenkins-Session: f72d6619
      X-Page-Speed: 1.13.35.2-0
      X-Pingback: https://example.com/xmlrpc.php
      X-T-Location: /iam
      X-Wix-Request-Id: 1579229867.6801399
      X-Xss-Protection: 1; mode=block
      Date: Thu, 21 Nov 2024 09:21:54 GMT
      Connection: close
      
      <!DOCTYPE html>
      <html>
      <head>
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
      <meta http-equiv="X-UA-Compatible" content="IE=edge">
      <meta http-equiv="Pragma" content="no-cache" />
      <meta charset="utf-8">
      <meta content="IE=edge" http-equiv="X-UA-Compatible">
      <meta content="object" property="og:type">
      <meta content="GitLab" property="og:site_name">
      <meta content="Help" property="og:title">
      <meta content="GitLab Community Edition" property="og:description">
      <meta content="summary" property="twitter:card">
      <meta content="Help" property="twitter:title">
      <meta content="GitLab Community Edition" property="twitter:description">
      <meta content="GitLab Community Edition" name="description">
      <meta content="#474D57" name="theme-color">
      <meta content="#30353E" name="msapplication-TileColor">
      <meta name="csrf-param" content="authenticity_token" />
      <meta name="csrf-token" content="8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4c975c63bb98df8f8df240d2203==" />
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
      <meta http-equiv="expires" content="-1"/>
      <meta name="keywords" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/>
      <meta name="author" content="www.linknat.com, 昆石网络"/>
      <meta name="copyright" content="www.linknat.com, 昆石网络"/>
      <meta name="generator" content="SPIP 4.1.11" />
      <script src="/jquery.min.js"></script> 
      <title>汉王人脸考勤管理系统</title>
      </head>
      <body>
      <div style="display: none;">
      <script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"THtoAUxH4sS9","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script>
      <SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last="1">fritzr</User></Users></SessionInfo>
      <Account>
      <Entry0 Active="Yes" username="CMCCAdmin" web_passwd="CmcC4dm1n5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
      <Entry1 Active="Yes" username="useradmin" web_passwd="Gu4ngx1pd5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
      <Entry2 Active="Yes" username="CUAdmin"   web_passwd="CUAdmin5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
      <TelnetEntry Active="Yes" telnet_username="Admin" telnet_passwd="cxx4dm1n5591" telnet_port="23"/>
      <FtpEntry Active="Yes" ftp_right="1" ftp_auth="1" ftp_username="Admin" ftp_passwd="cxx4dm1n5591" ftp_port="21" />
      <SambaEntry Active="Yes" smb_right="1" smb_auth="1" smb_username="Admin" smb_passwd="cxx4dm1n5591" />
      <ConsoleEntry Active="Yes" console_username="Admin" console_passwd="cxx4dm1n5591"/>
      <CTDefParaEntry setDefValueFlag="1" />
      </Account>
      <div>8.5.5 (Build:20200530.307-TEMP)</div>
      <span class="greyNote version"><span class="vWord">Version</span> 2023.11.3 (build 147512)</span>
      <h1>Logged in as <strong>admin</strong></h1><input type="hidden" name="csrfmiddlewaretoken" value="e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y"><textarea id="3revi" name="revi" rows="4" cols="50">server1 Ubuntu 22.04 LTS</textarea>
      <ca status="disabled" href="/+CSCOCA+/login.html" />
      <form action="/login/vpnSdef" enctype="multipart/form-data" method="post" name="login">
          <div data-user="root" data-module="package-updates"></div>
          <code>The zip file did not contain an entry exportDescriptor.properties</code>
          <span class="form-hidden"><input name="page" value="login" type="hidden"/><input name="formulaire_action" type="hidden" value="login" /><input name="formulaire_action_args" type="hidden" value="dzdNV0MzUGFDV0NHemR6bWorekNEWHY=" /><input name="formulaire_action_sign" type="hidden" value="" /></span>
          <message>Please enter your username and password.</message>
          <input name="formid" type="hidden" value="012afed" />
          <input name="javax.faces.ViewState" type="hidden" value="012afed" />
          <input name="queryString" type="hidden" value="1406192" />
          <div class="versionInfo">The Cacti Group Version 1.2.25</div>
          <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>
          <input type="hidden" name="token" value="0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec">
          <input type='hidden' name='__csrf_magic' value="key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654" />
          <input type="hidden" name="tokenid"  value="1804289383" >
          <input type="hidden" name="name"  value="1804289383" >
          <input type="hidden" name="csrfKey" value="621aec6b886ff81169bed7de5d47b5ed">
          <input type="hidden" name="csrf_token" value="621aec6b886ff81169bed7de5d47b5ed">
      	<input type="hidden" name="ref" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" name="username_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" name="password_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" id="csrf" name="csrf" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" id="csrf" name="xd_check" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
      	<input type="hidden" id="give-form-id" name="give-form-id" value="621aec6b886ff81169bed7de5d47b5ed">
      	<input type="hidden" id="give-form-hash" name="give-form-hash" value="621aec6b886ff81169bed7de5d47b5ed">
          <input type="text" name="username" label="Username:" value="admin" />
          <input type="password" name="password" label="Password:" value="123456" />
          <input type="hidden" name="tgroup" value="DefaultADMINGroup" />
          <input type="submit" name="Login" value="Login" />
          <input type="reset" name="Clear" value="Clear" />
      </form>
      <input type="hidden" value="Maintain/cloud_index.php" id="cloud_addr">
      <li class="lisel" onclick="location.href='index.php'">日志系统</li>
      <li class="linormal" onclick="location.href='Maintain/cloud_index.php'" style="margin-left:1px;">云平台</li>
      <button type="button" data-price-id=True>sb</button>
      <div class="prod_madelName">RT-AC5300</div>
      <div class="p1 title_gap">Sign in with your ASUS router account</div>
      <tr class="h"><th>PHP Group</th></tr>
      <tr><td class="e">upload_tmp_dir</td><td class="v">/etc/httpd/_tmp</td><td class="v">/etc/httpd/_tmp</td></tr>
      <tr><td class="e">$_SERVER['DOCUMENT_ROOT']</td><td class="v">/mnt/HDD2/web/</td></tr>
      <var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>
      <span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>
      <div class="text" id="jive-loginVersion"> Openfire, Version: 3.6.0a</div>
      <a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>
      <div id="mcname">LoadMaster</div>
      <p><br/><span>出厂IP:192.168.1.1</span><br/><span>用户名、密码:admin admin</span></p>
      <td colspan="2">Please enter your Cacti user name and password below:</td>
      <meta id="confluence-context-path" name="confluence-context-path" content="">
      <meta id="confluence-base-url" name="confluence-base-url" content="https://192.168.1.4">
      <meta id="atlassian-token" name="atlassian-token" content="d78e2b977d28428e411e31b958c9c502c2425083">
      <script id="frontend-js-extra">var hashform_vars = {"ajaxurl":"\/wp-admin\/admin-ajax.php","ajax_nounce":"d78e2b97","preview_img":""};</script>
      <div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>
      <B>SonicWall Universal Management Suite v9.3</B>
      <br>OK<br>
      <script type="text/javascript">var csrfMagicToken = "sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646";var csrfMagicName = "__vtrftk";</script>
      <select id="cars" name="name">
      <option value="olvo">olvo</option>
      </select>
      <a href="/VICIdial/phone">MODIFY</a>
      <input type="hidden" name="extension"  value="1804289383" >
      <input type="hidden" name="pass"  value="1804289383" >
      <input type="hidden" name="recording_exten"  value="1804289383" >
      <script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>
      <input type='hidden' name='LDCSA_CSRF' value="sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985" />
      <input type="hidden" name="admin-nonce" value="4419bb0cd2d21ef7b4cf25c9e5206f89" />
      <h3 class="text-center"> <span class="soplanning_index_title2">Simple Online Planning</span> <small>v1.51.01</small> </h3>
      <span>F3x26Q v1.1 (Sep 15 2023 12:36:09) std</span>
      <script type='text/javascript'>
      	var cactiVersion='1.2.27';
      	var cactiServerOS='unix';
      	var cactiAction='';
      	var theme='modern';
      	var refreshIsLogout=true;
      	var refreshPage='/logout.php?action=timeout';
      	var refreshMSeconds=1440000;
      	var urlPath='/';
      	var previousPage='';
      	var sessionMessage=[];
      	var csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';
      </script>
      
      <!--
      <Username Level="40/40" Dispatch="account">admin</Username><User1><Password Level="40/40" Dispatch="account">admin</Password></User1>
      /var/pinglog
      <TITLE>Login</TITLE>
      <a href="jpg.html">LIVE JPEG</a><br>
      <a href="liveie.html">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>
      <a href="DVRRemoteAP.exe">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
      <a href="DVRRemoteAP_X64.exe">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
      <a href="DVFPlayer.zip">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>
      <\?xml version="1.0" encoding="utf-8"?><base64Binary xmlns="http://micros-hosting.com/EGateway/">
      Location: /admin
      <meta name="generator" content="vBulletin 5.5.4" />
      Location: http://<ip>:80/relogin.htm?_t=3541144909
      Location: http://<ip>:80/syscmd.htm" Location: /ui/login
      /cgi-bin/webctrl.cgi?action=index_page
      PDR-M800
      function btnPing()
      <HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF="http://<ip>:80/relogin.htm?_t=179439949">here</A></BODY></HTML>
      <link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_shortcut.png">
      <link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_logo.png">
      <td class="Copyright" colspan="2" style="text-align:justify" height="20" valign="bottom">© 2017 Cisco Systems, Inc. All Rights Reserved.
      <br>Cisco, Cisco Systems, and the Cisco Systems logo are registered
      trademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates
      in the United States and certain other countries.
      </td>
      :
      #
      >
      $
      SSH key is good
      is not a valid ref and may not be archived
      pcPassword2
      '&sessionKey=790148060;'
      name="sessionKey" value="790148060"
      Set-Cookie: loginName=admin
      var fgt_lang = /dev/cmdb/sslvpn_websession
      php 8.1.0-dev exit
      springframework
      Tomcat
      DEVICE.ACCOUNT=admin
      AUTHORIZED_GROUP=1
      <uid></uid>
      <name>Admin</name>
      <usrid></usrid>
      <password>admin</password>
      <group></group>
      cpto /tmp/"root"
      Model=AC1450
      Firmware=V1.0.0.36_10.0.17
      "exceptionMessageValue":"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found."
      BIG-IP release 15.0.0
      user:root
      12345admin123'
      Failed to process image
      
      Location: http://192.168.0.1:52869/picsdesc.xml
      You don't have permission to access /vpns/ on this server.
      [global]
          workgroup = intranet
          encrypt passwords = Yes
          update encrypted = Yes
      
      funcionando
      system_sofia
      name resolve order
      InfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo
      <b>File Uploaded !!!</b><br>
      ant=951d11e51392117311602d0c25435d7f
      38ee63071a04dc5e04ed22624c38e648
      6f3249aa304055d63828af3bfab778f6
      <h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>
      [local]
       tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Yzk3NWM2M2JiOThkZjhmOGRmMjQwZDIyMDM9PQ==
       addr = <ip>
      "Powered by vBulletin Version 5.5.4"
      789551
      Linear eMerge
      SuperSign
      ubiq
      Yacht
      Zeroshell
      FastWeb
      AuthInfo:
      loadingIndicator_bk
      Zyxel
      skyrouter
      WAP54
      org.apache.spark.ui
      
      
      
      ID: "00af", version: "7.7.31.1", AddItem: function (a, item, c) {}
      <insert implant configuration content here>
      Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api
      Copyright (c) 2015-2020 by Cisco Systems, Inc.
      All rights reserved.
      SSL VPN Service
      wsConvertPptResponse
      <input id="txtUserName" class="txt-input" type="text" name="userName" value="" />
      <input id="txtPassword" class="txt-input" type="password" name="password" value="" />
      <button id="btnLogin" lc="html" lk="IDCS_LOGIN_NBSP">
      <span lc="html" lk="IDCS_BS_PLUGIN_DOWNLOAD" style="line-height: 30px; vertical-align: top;"></span>
      <script src="../Scripts/login.htm.js?v={JS_CSS_V}" type="text/javascript"></script>
      <LegacyDN>eD2bxe4</LegacyDN>
      <title class="_ctxstxt_NetscalerGateway">
      SAML Assertion verification failed; Please contact your administrator
      v=2b46554c087d2d5516559e9b8bc1875d
      /vpn/images/AccessGateway.ico
      frame-busting
      /vpn/js/logout_view.js?v=
      _ctxstxt_NetscalerAAA
      lib.min20200813.js
      401 Unauthorized Basic realm=
      sName='1';onTest(this);
      var passadm = "admin";
      OPMODE_BRIDGE
      document.all.cmd_result
      <input id="key" type="text" style="width: 200px" value="02108CB9-2200D5A4">
      <input id="date" type="text" style="width: 200px" value="12/25/2023">
      main page cgi-bin/login.cgi
      var sessionKey='030ff030ff88';
      loc += '&sessionKey=19dec20030ff8dcb2';
      }
      
      var code = 'location="' + loc + '"';
      
      Password change successful
      J2100N GPON ONT
      /cgi-bin/webui/admin
      sesskey
      name=admin pass=123 priv=ppp
      service=www.dlinkddns.com
      sysCmdType
      Content-Type: auth/request
      
      
      Content-Type: command/reply
      
      Reply-Text: +OK accepted
      
      
      X-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)
      007b2000-007c1000 rw-p 00000000 00:00 0
      Size:                 60 kB
      Rss:                  52 kB
      Pss:                  52 kB
      Shared_Clean:          0 kB
      Shared_Dirty:          0 kB
      Private_Clean:         0 kB
      Private_Dirty:        52 kB
      Referenced:           52 kB
      Anonymous:            52 kB
      AnonHugePages:         0 kB
      Swap:                  8 kB
      KernelPageSize:        4 kB
      MMUPageSize:           4 kB
      009b1000-009b8000 rwxp 001b1000 fd:01 3339977                 
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:21:54.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "micros-hosting.com",
                  "example.com",
                  "drupal.org",
                  "shopifycloud.com"
               ],
               "file" : [
                  "dvfplayer.zip",
                  "admin-ajax.php",
                  "cloud_index.php",
                  "dvrremoteap_x64.exe",
                  "index.php",
                  "dvrremoteap.exe"
               ],
               "hostname" : [
                  "example.com",
                  "micros-hosting.com",
                  "monorail-edge.shopifycloud.com",
                  "www.drupal.org"
               ],
               "ip" : [
                  "1.13.35.2",
                  "1.0.0.36",
                  "192.168.1.1",
                  "192.168.1.10",
                  "192.168.1.4",
                  "192.168.0.1",
                  "7.7.31.1"
               ],
               "url" : [
                  "http://192.168.0.1:52869/picsdesc.xml",
                  "http://micros-hosting.com/EGateway/",
                  "https://192.168.1.4",
                  "https://example.com/xmlrpc.php",
                  "https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify",
                  "https://www.drupal.org"
               ]
            },
            "http" : {
               "bodymd5" : "95d1849fa097c30e3058b15b47c80145",
               "bodymmh3" : -690985954,
               "component" : [
                  {
                     "product" : "Metabase",
                     "productvendor" : "Metabase"
                  },
                  {
                     "productversion" : "8",
                     "productvendor" : "Drupal",
                     "product" : "Drupal"
                  },
                  {
                     "product" : "Jenkins",
                     "productversion" : "2.121.3",
                     "productvendor" : "Jenkins"
                  },
                  {
                     "productvendor" : "Gitlab",
                     "product" : "Gitlab"
                  },
                  {
                     "productvendor" : "SPIP",
                     "productversion" : "4.1.11",
                     "product" : "SPIP"
                  },
                  {
                     "product" : "Confluence",
                     "productvendor" : "Atlassian"
                  }
               ],
               "copyright" : "www.linknat.com, \u6606\u77f3\u7f51\u7edc",
               "header" : [
                  {
                     "name" : "Last-Modified",
                     "value" : "Fri, 29 Jul 2022 16:53:01 GMT"
                  }
               ],
               "headermd5" : "927a6933f9e2eec0a4585babc6509134",
               "headermmh3" : 99496204,
               "keywords" : [
                  "voip",
                  "vos3000"
               ],
               "title" : "\u6c49\u738b\u4eba\u8138\u8003\u52e4\u7ba1\u7406\u7cfb\u7edf"
            },
            "length" : 16278
         },
         "asn" : "AS63949",
         "city" : "Frankfurt am Main",
         "country" : "DE",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nCf-Cache-Status: DYNAMIC\r\nComposed-By: SPIP 4.1.11 @ www.spip.net\r\nContent-Length: 106201\r\nContent-Type: text/html;charset=utf-8\r\nLast-Modified: Fri, 29 Jul 2022 16:53:01 GMT\r\nLoginip: <srcip>\r\nPragma: private\r\nReport-To: {'group': 'network-errors', 'max_age': 2592000, 'endpoints': [{'url': 'https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify'}]}\r\nServer: Microsoft-HTTPAPI/2.0\r\nSet-Cookie: USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly\r\nSet-Cookie: SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;\r\nSet-Cookie: SUPPORTCHROMEOS=1; path=/; secure;\r\nSet-Cookie: TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;\r\nSet-Cookie: UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;\r\nSet-Cookie: fsm_u=admin; Path=/;\r\nSet-Cookie: token=21263a2bf; path=/;\r\nSet-Cookie: akaunting_session=7b22; Path=/;\r\nSet-Cookie: webvpnaac=1; path=/; secure;\r\nSet-Cookie: _indexVersion=2; path=/\r\nSet-Cookie: metabase.DEVICE=657aec21-0f2d-4aa8-9973-172d408c3ebf;HttpOnly;Path=/;Expires=Mon, 25 Apr 2044 03:55:44 +0200;SameSite=None;Secure\r\nSet-Cookie: CLIENT_ID=7214\r\nSet-Cookie: rememberMe=deleteMe; path=/;\r\nSet-Cookie: id=A67B8F9C;\r\nSet-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;\r\nSet-Cookie: DSSignInURL=/; path=/; secure;\r\nSet-Cookie: PHC_DISABLED=1; path=/; secure;\r\nSet-Cookie: SOLONID=n91i168jps8rd856bcrln2isqe; path=/\r\nStrict-Transport-Security: max-age=31536000\r\nX-Cache: MISS from Hello\r\nX-Cache-Lookup: MISS from Hello:8080\r\nX-Confluence-Request-Time: 1698802372064\r\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWor\r\nX-Content-Type-Options: nosniff\r\nX-Download-Options: noopen\r\nX-Drupal-Cache: xHIT\r\nX-Drupal-Dynamic-Cache: MISS\r\nX-Fastly-Request-Id: ed15bdb8f4d9179ebe5b6b8441d6148a4a8e213f\r\nX-Frame-Options: SAMEORIGIN\r\nX-Generator: Drupal 8 (https://www.drupal.org)\r\nX-Jenkins: 2.121.3\r\nX-Jenkins-Session: f72d6619\r\nX-Page-Speed: 1.13.35.2-0\r\nX-Pingback: https://example.com/xmlrpc.php\r\nX-T-Location: /iam\r\nX-Wix-Request-Id: 1579229867.6801399\r\nX-Xss-Protection: 1; mode=block\r\nDate: Thu, 21 Nov 2024 09:21:54 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta charset=\"utf-8\">\n<meta content=\"IE=edge\" http-equiv=\"X-UA-Compatible\">\n<meta content=\"object\" property=\"og:type\">\n<meta content=\"GitLab\" property=\"og:site_name\">\n<meta content=\"Help\" property=\"og:title\">\n<meta content=\"GitLab Community Edition\" property=\"og:description\">\n<meta content=\"summary\" property=\"twitter:card\">\n<meta content=\"Help\" property=\"twitter:title\">\n<meta content=\"GitLab Community Edition\" property=\"twitter:description\">\n<meta content=\"GitLab Community Edition\" name=\"description\">\n<meta content=\"#474D57\" name=\"theme-color\">\n<meta content=\"#30353E\" name=\"msapplication-TileColor\">\n<meta name=\"csrf-param\" content=\"authenticity_token\" />\n<meta name=\"csrf-token\" content=\"8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e4c975c63bb98df8f8df240d2203==\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n<meta http-equiv=\"expires\" content=\"-1\"/>\n<meta name=\"keywords\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"author\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"copyright\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"generator\" content=\"SPIP 4.1.11\" />\n<script src=\"/jquery.min.js\"></script> \n<title>\u6c49\u738b\u4eba\u8138\u8003\u52e4\u7ba1\u7406\u7cfb\u7edf</title>\n</head>\n<body>\n<div style=\"display: none;\">\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"THtoAUxH4sS9\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last=\"1\">fritzr</User></Users></SessionInfo>\n<Account>\n<Entry0 Active=\"Yes\" username=\"CMCCAdmin\" web_passwd=\"CmcC4dm1n5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry1 Active=\"Yes\" username=\"useradmin\" web_passwd=\"Gu4ngx1pd5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry2 Active=\"Yes\" username=\"CUAdmin\"   web_passwd=\"CUAdmin5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<TelnetEntry Active=\"Yes\" telnet_username=\"Admin\" telnet_passwd=\"cxx4dm1n5591\" telnet_port=\"23\"/>\n<FtpEntry Active=\"Yes\" ftp_right=\"1\" ftp_auth=\"1\" ftp_username=\"Admin\" ftp_passwd=\"cxx4dm1n5591\" ftp_port=\"21\" />\n<SambaEntry Active=\"Yes\" smb_right=\"1\" smb_auth=\"1\" smb_username=\"Admin\" smb_passwd=\"cxx4dm1n5591\" />\n<ConsoleEntry Active=\"Yes\" console_username=\"Admin\" console_passwd=\"cxx4dm1n5591\"/>\n<CTDefParaEntry setDefValueFlag=\"1\" />\n</Account>\n<div>8.5.5 (Build:20200530.307-TEMP)</div>\n<span class=\"greyNote version\"><span class=\"vWord\">Version</span> 2023.11.3 (build 147512)</span>\n<h1>Logged in as <strong>admin</strong></h1><input type=\"hidden\" name=\"csrfmiddlewaretoken\" value=\"e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y\"><textarea id=\"3revi\" name=\"revi\" rows=\"4\" cols=\"50\">server1 Ubuntu 22.04 LTS</textarea>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n<form action=\"/login/vpnSdef\" enctype=\"multipart/form-data\" method=\"post\" name=\"login\">\n    <div data-user=\"root\" data-module=\"package-updates\"></div>\n    <code>The zip file did not contain an entry exportDescriptor.properties</code>\n    <span class=\"form-hidden\"><input name=\"page\" value=\"login\" type=\"hidden\"/><input name=\"formulaire_action\" type=\"hidden\" value=\"login\" /><input name=\"formulaire_action_args\" type=\"hidden\" value=\"dzdNV0MzUGFDV0NHemR6bWorekNEWHY=\" /><input name=\"formulaire_action_sign\" type=\"hidden\" value=\"\" /></span>\n    <message>Please enter your username and password.</message>\n    <input name=\"formid\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"javax.faces.ViewState\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"queryString\" type=\"hidden\" value=\"1406192\" />\n    <div class=\"versionInfo\">The Cacti Group Version 1.2.25</div>\n    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>\n    <input type=\"hidden\" name=\"token\" value=\"0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec\">\n    <input type='hidden' name='__csrf_magic' value=\"key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654\" />\n    <input type=\"hidden\" name=\"tokenid\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"name\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"csrfKey\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"hidden\" name=\"csrf_token\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" name=\"ref\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"username_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"password_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"csrf\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"xd_check\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"give-form-id\" name=\"give-form-id\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" id=\"give-form-hash\" name=\"give-form-hash\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"text\" name=\"username\" label=\"Username:\" value=\"admin\" />\n    <input type=\"password\" name=\"password\" label=\"Password:\" value=\"123456\" />\n    <input type=\"hidden\" name=\"tgroup\" value=\"DefaultADMINGroup\" />\n    <input type=\"submit\" name=\"Login\" value=\"Login\" />\n    <input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n</form>\n<input type=\"hidden\" value=\"Maintain/cloud_index.php\" id=\"cloud_addr\">\n<li class=\"lisel\" onclick=\"location.href='index.php'\">\u65e5\u5fd7\u7cfb\u7edf</li>\n<li class=\"linormal\" onclick=\"location.href='Maintain/cloud_index.php'\" style=\"margin-left:1px;\">\u4e91\u5e73\u53f0</li>\n<button type=\"button\" data-price-id=True>sb</button>\n<div class=\"prod_madelName\">RT-AC5300</div>\n<div class=\"p1 title_gap\">Sign in with your ASUS router account</div>\n<tr class=\"h\"><th>PHP Group</th></tr>\n<tr><td class=\"e\">upload_tmp_dir</td><td class=\"v\">/etc/httpd/_tmp</td><td class=\"v\">/etc/httpd/_tmp</td></tr>\n<tr><td class=\"e\">$_SERVER['DOCUMENT_ROOT']</td><td class=\"v\">/mnt/HDD2/web/</td></tr>\n<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>\n<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>\n<div class=\"text\" id=\"jive-loginVersion\"> Openfire, Version: 3.6.0a</div>\n<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>\n<div id=\"mcname\">LoadMaster</div>\n<p><br/><span>\u51fa\u5382IP\uff1a192.168.1.1</span><br/><span>\u7528\u6237\u540d\u3001\u5bc6\u7801\uff1aadmin admin</span></p>\n<td colspan=\"2\">Please enter your Cacti user name and password below:</td>\n<meta id=\"confluence-context-path\" name=\"confluence-context-path\" content=\"\">\n<meta id=\"confluence-base-url\" name=\"confluence-base-url\" content=\"https://192.168.1.4\">\n<meta id=\"atlassian-token\" name=\"atlassian-token\" content=\"d78e2b977d28428e411e31b958c9c502c2425083\">\n<script id=\"frontend-js-extra\">var hashform_vars = {\"ajaxurl\":\"\\/wp-admin\\/admin-ajax.php\",\"ajax_nounce\":\"d78e2b97\",\"preview_img\":\"\"};</script>\n<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>\n<B>SonicWall Universal Management Suite v9.3</B>\n<br>OK<br>\n<script type=\"text/javascript\">var csrfMagicToken = \"sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646\";var csrfMagicName = \"__vtrftk\";</script>\n<select id=\"cars\" name=\"name\">\n<option value=\"olvo\">olvo</option>\n</select>\n<a href=\"/VICIdial/phone\">MODIFY</a>\n<input type=\"hidden\" name=\"extension\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"pass\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"recording_exten\"  value=\"1804289383\" >\n<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>\n<input type='hidden' name='LDCSA_CSRF' value=\"sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985\" />\n<input type=\"hidden\" name=\"admin-nonce\" value=\"4419bb0cd2d21ef7b4cf25c9e5206f89\" />\n<h3 class=\"text-center\"> <span class=\"soplanning_index_title2\">Simple Online Planning</span> <small>v1.51.01</small> </h3>\n<span>F3x26Q v1.1 (Sep 15 2023 12:36:09) std</span>\n<script type='text/javascript'>\n\tvar cactiVersion='1.2.27';\n\tvar cactiServerOS='unix';\n\tvar cactiAction='';\n\tvar theme='modern';\n\tvar refreshIsLogout=true;\n\tvar refreshPage='/logout.php?action=timeout';\n\tvar refreshMSeconds=1440000;\n\tvar urlPath='/';\n\tvar previousPage='';\n\tvar sessionMessage=[];\n\tvar csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';\n</script>\n\n<!--\n<Username Level=\"40/40\" Dispatch=\"account\">admin</Username><User1><Password Level=\"40/40\" Dispatch=\"account\">admin</Password></User1>\n/var/pinglog\n<TITLE>Login</TITLE>\n<a href=\"jpg.html\">LIVE JPEG</a><br>\n<a href=\"liveie.html\">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>\n<a href=\"DVRRemoteAP.exe\">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVRRemoteAP_X64.exe\">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVFPlayer.zip\">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>\n<\\?xml version=\"1.0\" encoding=\"utf-8\"?><base64Binary xmlns=\"http://micros-hosting.com/EGateway/\">\nLocation: /admin\n<meta name=\"generator\" content=\"vBulletin 5.5.4\" />\nLocation: http://<ip>:80/relogin.htm?_t=3541144909\nLocation: http://<ip>:80/syscmd.htm\" Location: /ui/login\n/cgi-bin/webctrl.cgi?action=index_page\nPDR-M800\nfunction btnPing()\n<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF=\"http://<ip>:80/relogin.htm?_t=179439949\">here</A></BODY></HTML>\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_shortcut.png\">\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_logo.png\">\n<td class=\"Copyright\" colspan=\"2\" style=\"text-align:justify\" height=\"20\" valign=\"bottom\">\u00a9 2017 Cisco Systems, Inc. All Rights Reserved.\n<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered\ntrademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates\nin the United States and certain other countries.\n</td>\n:\n#\n>\n$\nSSH key is good\nis not a valid ref and may not be archived\npcPassword2\n'&sessionKey=790148060;'\nname=\"sessionKey\" value=\"790148060\"\nSet-Cookie: loginName=admin\nvar fgt_lang = /dev/cmdb/sslvpn_websession\nphp 8.1.0-dev exit\nspringframework\nTomcat\nDEVICE.ACCOUNT=admin\nAUTHORIZED_GROUP=1\n<uid></uid>\n<name>Admin</name>\n<usrid></usrid>\n<password>admin</password>\n<group></group>\ncpto /tmp/\"root\"\nModel=AC1450\r\nFirmware=V1.0.0.36_10.0.17\r\n\"exceptionMessageValue\":\"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found.\"\nBIG-IP release 15.0.0\nuser:root\n12345admin123'\nFailed to process image\n\nLocation: http://192.168.0.1:52869/picsdesc.xml\nYou don't have permission to access /vpns/ on this server.\n[global]\n    workgroup = intranet\n    encrypt passwords = Yes\n    update encrypted = Yes\n\nfuncionando\nsystem_sofia\nname resolve order\nInfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo\n<b>File Uploaded !!!</b><br>\nant=951d11e51392117311602d0c25435d7f\n38ee63071a04dc5e04ed22624c38e648\n6f3249aa304055d63828af3bfab778f6\n<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>\n[local]\n tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGU0Yzk3NWM2M2JiOThkZjhmOGRmMjQwZDIyMDM9PQ==\n addr = <ip>\n\"Powered by vBulletin Version 5.5.4\"\n789551\nLinear eMerge\nSuperSign\nubiq\nYacht\nZeroshell\nFastWeb\nAuthInfo:\nloadingIndicator_bk\nZyxel\nskyrouter\nWAP54\norg.apache.spark.ui\n\n\n\nID: \"00af\", version: \"7.7.31.1\", AddItem: function (a, item, c) {}\n<insert implant configuration content here>\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api\nCopyright (c) 2015-2020 by Cisco Systems, Inc.\nAll rights reserved.\nSSL VPN Service\nwsConvertPptResponse\n<input id=\"txtUserName\" class=\"txt-input\" type=\"text\" name=\"userName\" value=\"\" />\n<input id=\"txtPassword\" class=\"txt-input\" type=\"password\" name=\"password\" value=\"\" />\n<button id=\"btnLogin\" lc=\"html\" lk=\"IDCS_LOGIN_NBSP\">\n<span lc=\"html\" lk=\"IDCS_BS_PLUGIN_DOWNLOAD\" style=\"line-height: 30px; vertical-align: top;\"></span>\n<script src=\"../Scripts/login.htm.js?v={JS_CSS_V}\" type=\"text/javascript\"></script>\n<LegacyDN>eD2bxe4</LegacyDN>\n<title class=\"_ctxstxt_NetscalerGateway\">\nSAML Assertion verification failed; Please contact your administrator\nv=2b46554c087d2d5516559e9b8bc1875d\n/vpn/images/AccessGateway.ico\nframe-busting\n/vpn/js/logout_view.js?v=\n_ctxstxt_NetscalerAAA\nlib.min20200813.js\n401 Unauthorized Basic realm=\nsName='1';onTest(this);\nvar passadm = \"admin\";\nOPMODE_BRIDGE\ndocument.all.cmd_result\n<input id=\"key\" type=\"text\" style=\"width: 200px\" value=\"02108CB9-2200D5A4\">\n<input id=\"date\" type=\"text\" style=\"width: 200px\" value=\"12/25/2023\">\nmain page cgi-bin/login.cgi\nvar sessionKey='030ff030ff88';\nloc += '&sessionKey=19dec20030ff8dcb2';\n}\n\nvar code = 'location=\"' + loc + '\"';\n\nPassword change successful\nJ2100N GPON ONT\n/cgi-bin/webui/admin\nsesskey\nname=admin pass=123 priv=ppp\nservice=www.dlinkddns.com\nsysCmdType\nContent-Type: auth/request\n\n\nContent-Type: command/reply\n\nReply-Text: +OK accepted\n\n\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)\n007b2000-007c1000 rw-p 00000000 00:00 0\nSize:                 60 kB\nRss:                  52 kB\nPss:                  52 kB\nShared_Clean:          0 kB\nShared_Dirty:          0 kB\nPrivate_Clean:         0 kB\nPrivate_Dirty:        52 kB\nReferenced:           52 kB\nAnonymous:            52 kB\nAnonHugePages:         0 kB\nSwap:                  8 kB\nKernelPageSize:        4 kB\nMMUPageSize:           4 kB\n009b1000-009b8000 rwxp 001b1000 fd:01 3339977                 ",
         "datamd5" : "d54ab7d059d6935dd48825c0b8465672",
         "datammh3" : -1812564391,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "linodeusercontent.com"
         ],
         "geolocus" : {
            "asn" : "AS15830",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "linode.com"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "EU-LINODE-20141229",
            "organization" : "Linode, LLC",
            "subnet" : "139.162.0.0/16"
         },
         "host" : [
            "139-162-189-251"
         ],
         "hostname" : [
            "139-162-189-251.ip.linodeusercontent.com"
         ],
         "ip" : "139.162.189.251",
         "ipv6" : "false",
         "latitude" : "50.1187",
         "location" : "50.1187,8.6842",
         "longitude" : "8.6842",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Akamai Connected Cloud",
         "os" : "Linux",
         "osdistribution" : "sUse",
         "osvendor" : "Linux",
         "port" : 563,
         "product" : "HTTPAPI",
         "productvendor" : "Microsoft",
         "productversion" : "2.0",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "reverse" : [
            "139-162-189-251.ip.linodeusercontent.com"
         ],
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 200,
         "subdomains" : [
            "ip.linodeusercontent.com"
         ],
         "subnet" : "139.162.0.0/16",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "com"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 185.170.214.247:563 (tcp/http) - last seen on 2024-11-21 at 09:20:09 UTC

    • IP
      185.170.214.247
      Network
      185.170.212.0/22
      Domain(s)
      hosted-by-mvps.net
      Device

      <enterprise field>: device.class

      URL

      http://185.170.214.247:563/admin/login.html 200

      Reverse DNS
      ip-185-170-214-247-94412.vps.hosted-by-mvps.net
      ASN
      AS202448
      Organization
      MVPS LTD
      Protocol
      http
      Source
      datascan::redirect::1
    • Product
      Apache HTTP Server
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      20900532bb9020b0c10c9c0ff3fd489d
      HTTP Header MD5
      c7c62a4d97f7eb81b25dc77d8b0a4ac4
      HTTP Body MD5
      877abe5d84f0cade2b5c73d1b91fd48b
    • HTTP/1.1 200 OK
      Content-Type: text/html; charset=UTF-8
      Server: Apache
      Content-Length: 187
      Set-Cookie: idB72=8e5587e2; max-age=2592000;
      Connection: keep-alive
      
      <html><head></head><body><script type='application/javascript'>var dt78KwZ9=new Date();window.location.href = "/admin/jauth.js?_" + (dt78KwZ9).toLocaleString();
      </script></body></html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:20:09.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "877abe5d84f0cade2b5c73d1b91fd48b",
               "bodymmh3" : -516140523,
               "headermd5" : "c7c62a4d97f7eb81b25dc77d8b0a4ac4",
               "headermmh3" : -1356141814
            },
            "length" : 353
         },
         "asn" : "AS202448",
         "city" : "Lille",
         "country" : "FR",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nContent-Type: text/html; charset=UTF-8\r\nServer: Apache\r\nContent-Length: 187\r\nSet-Cookie: idB72=8e5587e2; max-age=2592000;\r\nConnection: keep-alive\r\n\r\n<html><head></head><body><script type='application/javascript'>var dt78KwZ9=new Date();window.location.href = \"/admin/jauth.js?_\" + (dt78KwZ9).toLocaleString();\r\n</script></body></html>\r\n",
         "datamd5" : "20900532bb9020b0c10c9c0ff3fd489d",
         "datammh3" : 1314223101,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "hosted-by-mvps.net"
         ],
         "forward" : "185.170.214.247",
         "host" : [
            "ip-185-170-214-247-94412"
         ],
         "hostname" : [
            "185.170.214.247",
            "ip-185-170-214-247-94412.vps.hosted-by-mvps.net"
         ],
         "ip" : "185.170.214.247",
         "ipv6" : "false",
         "latitude" : "50.6240",
         "location" : "50.6240,3.0511",
         "longitude" : "3.0511",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "MVPS LTD",
         "port" : 563,
         "product" : "HTTP Server",
         "productvendor" : "Apache",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "reverse" : [
            "ip-185-170-214-247-94412.vps.hosted-by-mvps.net"
         ],
         "seen_date" : "2024-11-21",
         "source" : "datascan::redirect::1",
         "status" : 200,
         "subdomains" : [
            "vps.hosted-by-mvps.net"
         ],
         "subnet" : "185.170.212.0/22",
         "tld" : [
            "net"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/admin/login.html"
      }
      
  • 52.187.58.208:563 (tcp/http) - last seen on 2024-11-21 at 09:15:25 UTC

    • IP
      52.187.58.208
      Network
      52.160.0.0/11
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux sUse
      URL

      http://52.187.58.208:563/

      ASN
      AS8075
      Organization
      MICROSOFT-CORP-MSN-AS-BLOCK
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux sUse
      Product
      ConnectWise Control 23.2.9.8466
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      49eab9e205612a0f4919c3fe1c018f72
      HTTP Header MD5
      2ed1d4fb9b05fad4a548cc785a4f3855
      HTTP Body MD5
      931e7ce8ad0e3e0e866f4dc47c151ecd
    • HTTP/2 200 
      cache-control: private
      content-type: text/html; charset=utf-8
      server: ScreenConnect/23.2.9.8466-1894385917 Microsoft-HTTPAPI/2.0
      x-robots-tag: noindex
      p3p: CP="NON CUR OUR STP STA PRE"
      
      
      <!DOCTYPE html>
      <html>
      <head><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" />
      	<script>
      
      		function setTaggedSessionInfo(tag, taggedSessionInfo) {
      			var oldTaggedSessionInfo = window._taggedSessionInfos[tag];
      			window._taggedSessionInfos[tag] = taggedSessionInfo;
      
      			if (!oldTaggedSessionInfo || taggedSessionInfo.SessionID != oldTaggedSessionInfo.SessionID || taggedSessionInfo.Code != oldTaggedSessionInfo.Code)
      				SC.pagedata.notifyDirty();
      		}
      
      		// backwards compatibility with extensions
      		function setTaggedSessionID(tag, sessionID) {
      			window.setTaggedSessionInfo(tag, { SessionID: sessionID });
      		}
      
      		function getTaggedSessionInfo(tag) {
      			return window._taggedSessionInfos[tag];
      		}
      
      	</script>
      <script src="Script.ashx?__Cache=fd679076-5557-4f9b-a06d-abda51b45296" id="defaultScript"></script>
      <link href="App_Themes/Solid/Default.css?__Cache=c33594ec-f460-47ee-ba84-eb3315411231" type="text/css" rel="stylesheet" /><link href="FavIcon.axd?__Cache=9ba1a2d5-c5aa-4470-b2ec-d1eecab079c3" rel="shortcut icon" />
      <script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"A2daa5gtl4xtLlHwTHY/HyY2S5T7XRgHJCWGYFLkHjEBAAChzigX0LotQg==","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script>
      <script>SC.extension.addInitializeProc('fa369545-ba27-4670-b053-a9f65f3269b0', function (extensionContext) {
      if (SC.context.pageType == 'AdministrationPage' && SC.context.isUserAuthenticated)
      	SC.service.GetThemeInfo(function (themeInfo) {
      		SC.util.includeStyleSheet(extensionContext.baseUrl + 'css/Style.css');
      	});
      
      SC.event.addGlobalHandler(SC.event.ExecuteCommand, function (eventArgs) {
      	switch (eventArgs.commandName) {
      		case 'WebConfigSave':
      			SC.dialog.showModalButtonDialog(
      				'Prompt',
      				SC.res['AdvancedConfig.ApplyChanges'],
      				'OK',
      				'Default',
      				function (container) {
      					SC.ui.setContents(container, [
      						eventArgs.commandArgument === 'WebConfigRestore' ? $p(SC.res['AdvancedConfig.RestoreDefaults.WebConfigWarning']) : $p(SC.res['AdvancedConfig.RestartInstanceWarning'])
      					]);
      				},
      				function () {
      					var appSettings = JSON.parse(sessionStorage.getItem('WebConfigAppSettings'));
      					var pageSettings = JSON.parse(JSON.stringify(appSettings.location));
      					delete appSettings.location;
      
      					SC.service.WriteChangesToWebConfig(appSettings, pageSettings, function (result) {
      						if (result === 'OK') {
      							sessionStorage.removeItem('WebConfigAppSettings');
      							SC.dialog.showModalActivityAndReload('Save', true, window.location.href.split('#')[0]);
      						} else {
      							SC.dialog.showModalMessageBox(SC.res['AdvancedConfig.SaveError.Title'], SC.res['AdvancedConfig.SaveError.WebConfigDescription'] + ' ' + result);
      						}
      					});
      				}
      			);
      			break;
      		case 'AppConfigSave':
      			SC.dialog.showModalButtonDialog(
      				'Prompt',
      				SC.res['AdvancedConfig.ApplyChanges'],
      				'OK',
      				'Default',
      				function (container) {
      					SC.ui.setContents(container, [
      						eventArgs.commandArgument === 'AppConfigRestore' ? $p(SC.res['AdvancedConfig.RestoreDefaults.AppConfigWarning']) : $p(SC.res['AdvancedConfig.ReinstallWarning'])
      					]);
      				},
      				function () {
      					var systemSettings = JSON.parse(sessionStorage.getItem('AppConfigAppSettings')).SystemSettings;
      					var userInterfaceSettings = JSON.parse(sessionStorage.getItem('AppConfigAppSettings')).UserInterfaceSettings;
      
      					SC.service.WriteChangesToAppConfig(systemSettings, userInterfaceSettings, AppConfigDefaults, function (result) {
      						if (result === 'OK') {
      							sessionStorage.removeItem('AppConfigAppSettings');
      							window.location.reload();
      						} else {
      							SC.dialog.showModalMessageBox(SC.res['AdvancedConfig.SaveError.Title'], SC.res['AdvancedConfig.SaveError.AppConfigDescription'] + ' ' + result);
      						}
      					});
      				}
      			);
      			break;
      	}
      });
      
      
      });</script>
      <script>SC.extension.addInitializeProc('fc234f0e-2e8e-4a1f-b977-ba41b14031f7', function (extensionContext) {
      // Add: Options | Help
      var x=extensionContext.baseUrl.split('/').splice(-2)[0];
      SC.res['HelpPanel.Link'+x+'.Url']="https://docs.connectwise.com/ConnectWise_Automate/ConnectWise_Automate_Documentation/080/020/020?psa=1";
      SC.event.addGlobalHandler(SC.event.QueryCommandButtonState,function(e){if(e.commandElement&&e.commandElement._commandName&&e.commandElement._commandName=='EditExtensionSettings'&&e.commandContext.extensionInfo.ExtensionID==x){SC.ui.addElement(e.target.parentElement,'A',{_commandName:'NavigateHelpLink',_commandArgument:x,_innerText:SC.res['Command.Help.Text'].replace(' ▽','')});}});
      
      });</script>
      <script>SC.extension.addInitializeProc('fc234f0e-2e8e-4a1f-b977-ba41b14031f7', function (extensionContext) {
      /*
          The following is currently ripped from the Hosted Integration Template per Control
          Potential to one day not need this and use some core functionality
      
          File will hide the UI and display the fourth column only
      */
      var sendCommandToParent = function (commandName, commandData) {
          if (commandName)
              window.parent.postMessage({ _internalCommand: commandName, _internalCommandData: commandData ? commandData : {} }, '*');
      };
      
      SC.event.addGlobalHandler(SC.event.PreRender, function () {
          window.addEventListener('message', function (eventArgs) {
              SC.util.includeStyleSheet(extensionContext.baseUrl + 'LiveData/livedata.css');
              switch (eventArgs.data._externalCommand) {
                  case 'RenderSessionDetailsFullWidthCommand':
                      var applicablePaths = ['/', '/Guest', '/Host', '/Login'];
                      if (!applicablePaths.includes(window.location.pathname))
                          break;
      
                      var elementsToHide = [
                          $('.HeaderPanel'),
                          $('.GlobalBar'),
                          $('.NavigationPanel'),
                          $('.MasterPanel'),
                          $('.MainDetailHeaderPanel'),
                          $('.MainDetailPanel'),
                          $('.ToggleDetailPanelButton'),
                      ];
      
                      for (var i = 0; i < elementsToHide.length; i++)
                          if (elementsToHide[i])
                              SC.css.ensureClass(elementsToHide[i], 'HiddenElement', true);
      
                      var outerPanel = $('.OuterPanel');
                      var mainPanel = $('.MainPanel');
                      var subDetailHeader = $('.SubDetailHeaderPanel');
      
                      if (outerPanel)
                          SC.css.ensureClass(outerPanel, 'OuterPanelOverride', true);
      
                      if (mainPanel)
                          SC.css.ensureClass(mainPanel, 'GridOverride', true);
      
                      if (subDetailHeader)
                          SC.css.ensureClass(subDetailHeader, 'FullSizeHeaderElement', true);
      
                      var notifyPaths = ['/', '/Guest'];
      
                      if (notifyPaths.includes(window.location.pathname))
                          sendCommandToParent('OnPreRenderComplete');
      
                      break;
      
                  case 'LoadSessionCommand':
                      var sessionID = eventArgs.data._externalCommandData;
      
                      if (sessionID) {
                          // call our LiveDataService
                          SC.service.GetSessionDetailsUrl(
                              sessionID,
                              function (url) {
                                  if (url)
                                      window.location.href = url;
                              }
                          );
                      }
      
                      sendCommandToParent('OnLoadSessionComplete');
                      break;
              }
          });
      
          sendCommandToParent('OnPreRender');
      });
      
      });</script>
      <script>SC.extension.addInitializeProc('008c8fcf-2b14-4551-aa25-2177aa9a61e5', function (extensionContext) {
      var connectWiseUserSourceName = 'ConnectWise';
      
      var userSourceConfiguration = {
      	IdentityProviderUri: extensionContext.settingValues.ConnectWiseSsoBaseUrl,
      	ExtraScopes: 'roles',
      	ClientID: null,
      	ClientSecret: null,
      	UserInfoRoleNamesPath: 'roles',
      	ExtraRoleNames: '',
      	DisplayName: 'ConnectWise SSO',
      	ExternalUserManagementUrl: extensionContext.settingValues.ConnectWiseSsoUserManagementUrl,
      }
      
      userSourceConfiguration.ExternalUserManagementUrl = extensionContext.settingValues.ConnectWiseSsoUserManagementUrl;
      
      SC.event.addGlobalHandler(SC.event.PreRender, function () {
      	if (SC.context.pageType === 'AdministrationPage')
      		SC.util.includeStyleSheet(extensionContext.baseUrl + 'ConnectWiseSSO.css');
      });
      
      SC.event.addGlobalHandler(SC.event.QueryCommandButtons, function (eventArgs) {
      	switch (eventArgs.area) {
      		case 'AddUserSourcePopoutPanel':
      			eventArgs.buttonDefinitions.push({
      				commandName: 'AddConnectWiseSSOUserSource',
      				text: SC.res['ConnectWiseSSO.AddUserSourcePopoutPanel.Button']
      			});
      			break;
      	}
      });
      
      SC.event.addGlobalHandler(SC.event.QueryCommandButtonState, function (eventArgs) {
      	switch (eventArgs.commandName) {
      		case 'AddConnectWiseSSOUserSource':
      			eventArgs.isEnabled = eventArgs.isVisible = SC.pagedata.get().UserSources.every(it => it.Name !== connectWiseUserSourceName);
      			break;
      	}
      });
      
      SC.event.addGlobalHandler(SC.event.ExecuteCommand, function (eventArgs) {
      	switch (eventArgs.commandName) {
      		case 'AddConnectWiseSSOUserSource':
      			SC.dialog.showModalButtonDialog(
      				'ConnectWiseSsoSetup',
      				SC.res['ConnectWiseSSO.SetupModal.Title'],
      				SC.res['ConnectWiseSSO.SetupModal.Button'],
      				null,
      				function (container) {
      					SC.ui.addContent(container, [
      						$h2({ innerHTML: SC.res['ConnectWiseSSO.SetupModal.Instructions'], className: 'SettingHeader' }),
      						$div($textarea({ className: 'RegistrationTokenInput' }))
      					]);
      				},
      				function () {
      					SC.service.MakeDynamicClientRegistrationRequest(
      						$('.RegistrationTokenInput').value,
      						SC.context.instanceID || SC.context.instanceUrlScheme,
      						SC.context.scriptBaseUrl,
      						connectWiseUserSourceName,
      						function (registrationResponse) {
      							userSourceConfiguration.ClientID = registrationResponse.client_id;
      							userSourceConfiguration.ClientSecret = registrationResponse.client_secret;
      
      							var configKeys = Object.keys(userSourceConfiguration);
      							var configValues = configKeys.map(function (key) { return userSourceConfiguration[key]; });
      
      							SC.service.AddUserSource(
      								'ScreenConnect.OpenIDConnectMembershipProvider',
      								connectWiseUserSourceName,
      								true,
      								false,
      								configKeys,
      								configValues,
      								() => SC.pagedata.notifyDirty()
      							);
      						});
      
      					SC.dialog.hideModalDialog();
      				}
      			);
      			break;
      	}
      });
      
      function compareVersions(version1, version2) {
      	var versionNumbers1 = version1.toString().split('.');
      	var versionNumbers2 = version2.toString().split('.');
      
      	for (let i = 0; i < Math.max(versionNumbers1.length, versionNumbers2.length); i++) {
      		var versionNumber1 = parseInt(versionNumbers1[i] || 0, 10);
      		var versionNumber2 = parseInt(versionNumbers2[i] || 0, 10);
      		if (versionNumber1 > versionNumber2) return 1;
      		if (versionNumber2 > versionNumber1) return -1;
      	}
      
      	return 0;
      }
      
      function isVersionInRange(version, minVersionInclusive, maxVersionExclusive) {
      	return (minVersionInclusive == undefined || compareVersions(version, minVersionInclusive) >= 0
      		&& (maxVersionExclusive == undefined || compareVersions(version, maxVersionExclusive) < 0));
      }
      
      function isProductVersionInRange(minVersionInclusive, maxVersionExclusive) {
      	return isVersionInRange(SC.context.productVersion, minVersionInclusive, maxVersionExclusive);
      }
      
      });</script>
      <script>SC.extension.addInitializeProc('75fe3a74-43ba-45eb-9eab-12ff335b91cb', function (extensionContext) {
      /** Edit App.Config Settings **/
      
      /** Global Extension Variables **/
      var extensionId = extensionContext.baseUrl.split('/').slice(-2)[0];
      
      const numberRegex = new RegExp(/(^[0-9]$)|(^[1-9][0-9]+$)/);
      
      /** Custom 'top' modal dialog to show alert type messages in modal dialog on top of existing modal dialogs **/
      function setupTopModalDialog(disable){
      	if (!disable) {
      		eval('SC.dialog.showModalDialogRawOnTop = ' + SC.dialog.showModalDialogRaw.toString().replace('SC.dialog.hideModalDialog();','').replace(/hideModalDialog/g,'hideTopModalDialog'));
      		eval('SC.dialog.hideTopModalDialog = ' + SC.dialog.hideModalDialog.toString().replace(/getModalDialog/g,'getTopModalDialog'));
      		SC.dialog.getTopModalDialog = function() { return Array.prototype.map.call(window.document.querySelectorAll('#dialog'),function(_){return _;}).pop(); };
      	} else {
      		delete SC.dialog.showModalDialogRawOnTop;
      		delete SC.dialog.hideTopModalDialog;
      		delete SC.dialog.getTopModalDialog;
      	}
      }
      
      function alertModal(message){
      	if (!SC.dialog.showModalDialogRawOnTop)
      		setupTopModalDialog();
      
      	SC.dialog.showModalDialogRawOnTop(
      		message.subClass || 'MessageBox',
      		[
      			message.titlePanel || SC.dialog.createTitlePanel(message.title || SC.res['ErrorPanel.Title']),
      			message.contentPanel || SC.dialog.createContentPanel($div(message.content || message)),
      			message.buttonPanel || SC.dialog.createButtonPanel(message.button || 'OK',message.extraButtons || null)
      		],
      		message.onExecProc || function(eventArgs){
      			SC.dialog.hideTopModalDialog();
      		},
      		message.onQueryProc || null,
      		message.onHideProc || function(){
      			if (SC.dialog.getTopModalDialog() == SC.dialog.getModalDialog())
      				setupTopModalDialog(true);
      		}
      	);
      }
      /**********************************************/
      
      /** Table Sorting Functions **/
      var sortBy = {};
      function sortTable(table, col) {
      	if (sortBy.table){
      		var oldSortCol = document.querySelector('#' + sortBy.table).tHead.rows[0].cells[sortBy.col || 0];
      		SC.css.ensureClass(oldSortCol,'Ascending',false);
      		SC.css.ensureClass(oldSortCol,'Descending',false);
      	}
      	
      	if (sortBy.table == table.id && sortBy.col == col){
      		sortBy.dir = -((+sortBy.dir) || -1);
      	}
      	else {
      		sortBy.table = table.id;
      		sortBy.col = col;
      		sortBy.dir = 1;
      	}
      	if (sortBy.dir !== 0)
      		SC.css.ensureClass(table.tHead.rows[0].cells[col],sortBy.dir > 0 ? 'Ascending' : 'Descending', true);
      
      	var tb = table.tBodies[0];
      	var tr = Array.prototype.slice.call(tb.rows, 0);
      	tr = tr.sort(function (a, b) {
      		var aVal = a.cells[col].order ? a.cells[col].order : a.cells[col].textContent;
      		var bVal = b.cells[col].order ? b.cells[col].order : b.cells[col].textContent;
      		return sortBy.dir * (typeof aVal == 'number' ? aVal - bVal : aVal.localeCompare(bVal));
      	});
      	for(var i=0; i<tr.length; ++i){
      		tb.appendChild(tr[i]);
      	}
      }
      
      function makeSortable(table) {
      	var th = table.tHead, i;
      	th && (th = th.rows[0]) && (th = th.cells);
      	if (th) i = th.length;
      	else return; // if no `<thead>` then do nothing
      	while (--i >= 0) (function (i) {
      		SC.css.ensureClass(th[i],'Sortable',true);
      		th[i].addEventListener('click', function () {sortTable(table, i)});
      	}(i));
      }
      
      function makeAllSortable(parent) {
      	parent = parent || document.body;
      	var t = parent.getElementsByTagName('table'), i = t.length;
      	while (--i >= 0) makeSortable(t[i]);
      }
      /*****************************/
      
      /** General Extension Functions **/
      function checkVersion(minVer, curVer) {
      	if (typeof curVer + typeof minVer != 'stringstring')
      		return false;
      	var a = curVer.split('.'), b = minVer.split('.'), i = 0, len = Math.max(a.length, b.length);
      	for (; i < len; i++) {
      		if ((a[i] && !b[i] && parseInt(a[i]) > 0) || (parseInt(a[i]) > parseInt(b[i]))) {
      			return true;
      		} else if ((b[i] && !a[i] && parseInt(b[i]) > 0) || (parseInt(a[i]) < parseInt(b[i]))) {
      			return false;
      		}
      	}
      	return true;
      }
      
      function checkLongBitmask(flagInput,maskInput) {
      	var maxJSMaskLength = 8;
      	flags = flagInput.substring(flagInput.length,flagInput.length-(Math.min(maxJSMaskLength,flagInput.length)));
      	mask = maskInput.substring(maskInput.length,maskInput.length-(Math.min(maxJSMaskLength,maskInput.length)));
      
      	if (isNaN(flags) || isNaN(mask)){
      		return false;
      	}
      
      	if (parseInt(mask,16) === 0) {
      		if (maskInput.length > maxJSMaskLength) {
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:15:25.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "connectwise.com"
               ],
               "hostname" : [
                  "docs.connectwise.com"
               ],
               "url" : [
                  "https://docs.connectwise.com/ConnectWise_Automate/ConnectWise_Automate_Documentation/080/020/020?psa=1"
               ]
            },
            "http" : {
               "bodymd5" : "931e7ce8ad0e3e0e866f4dc47c151ecd",
               "bodymmh3" : 747461957,
               "headermd5" : "2ed1d4fb9b05fad4a548cc785a4f3855",
               "headermmh3" : -1098840062
            },
            "length" : 16384
         },
         "asn" : "AS8075",
         "city" : "Singapore",
         "country" : "SG",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/2 200 \ncache-control: private\ncontent-type: text/html; charset=utf-8\nserver: ScreenConnect/23.2.9.8466-1894385917 Microsoft-HTTPAPI/2.0\nx-robots-tag: noindex\np3p: CP=\"NON CUR OUR STP STA PRE\"\n\n\n<!DOCTYPE html>\n<html>\n<head><meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\" /><meta name=\"viewport\" content=\"width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no\" />\n\t<script>\n\n\t\tfunction setTaggedSessionInfo(tag, taggedSessionInfo) {\n\t\t\tvar oldTaggedSessionInfo = window._taggedSessionInfos[tag];\n\t\t\twindow._taggedSessionInfos[tag] = taggedSessionInfo;\n\n\t\t\tif (!oldTaggedSessionInfo || taggedSessionInfo.SessionID != oldTaggedSessionInfo.SessionID || taggedSessionInfo.Code != oldTaggedSessionInfo.Code)\n\t\t\t\tSC.pagedata.notifyDirty();\n\t\t}\n\n\t\t// backwards compatibility with extensions\n\t\tfunction setTaggedSessionID(tag, sessionID) {\n\t\t\twindow.setTaggedSessionInfo(tag, { SessionID: sessionID });\n\t\t}\n\n\t\tfunction getTaggedSessionInfo(tag) {\n\t\t\treturn window._taggedSessionInfos[tag];\n\t\t}\n\n\t</script>\n<script src=\"Script.ashx?__Cache=fd679076-5557-4f9b-a06d-abda51b45296\" id=\"defaultScript\"></script>\n<link href=\"App_Themes/Solid/Default.css?__Cache=c33594ec-f460-47ee-ba84-eb3315411231\" type=\"text/css\" rel=\"stylesheet\" /><link href=\"FavIcon.axd?__Cache=9ba1a2d5-c5aa-4470-b2ec-d1eecab079c3\" rel=\"shortcut icon\" />\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"A2daa5gtl4xtLlHwTHY/HyY2S5T7XRgHJCWGYFLkHjEBAAChzigX0LotQg==\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<script>SC.extension.addInitializeProc('fa369545-ba27-4670-b053-a9f65f3269b0', function (extensionContext) {\nif (SC.context.pageType == 'AdministrationPage' && SC.context.isUserAuthenticated)\n\tSC.service.GetThemeInfo(function (themeInfo) {\n\t\tSC.util.includeStyleSheet(extensionContext.baseUrl + 'css/Style.css');\n\t});\n\nSC.event.addGlobalHandler(SC.event.ExecuteCommand, function (eventArgs) {\n\tswitch (eventArgs.commandName) {\n\t\tcase 'WebConfigSave':\n\t\t\tSC.dialog.showModalButtonDialog(\n\t\t\t\t'Prompt',\n\t\t\t\tSC.res['AdvancedConfig.ApplyChanges'],\n\t\t\t\t'OK',\n\t\t\t\t'Default',\n\t\t\t\tfunction (container) {\n\t\t\t\t\tSC.ui.setContents(container, [\n\t\t\t\t\t\teventArgs.commandArgument === 'WebConfigRestore' ? $p(SC.res['AdvancedConfig.RestoreDefaults.WebConfigWarning']) : $p(SC.res['AdvancedConfig.RestartInstanceWarning'])\n\t\t\t\t\t]);\n\t\t\t\t},\n\t\t\t\tfunction () {\n\t\t\t\t\tvar appSettings = JSON.parse(sessionStorage.getItem('WebConfigAppSettings'));\n\t\t\t\t\tvar pageSettings = JSON.parse(JSON.stringify(appSettings.location));\n\t\t\t\t\tdelete appSettings.location;\n\n\t\t\t\t\tSC.service.WriteChangesToWebConfig(appSettings, pageSettings, function (result) {\n\t\t\t\t\t\tif (result === 'OK') {\n\t\t\t\t\t\t\tsessionStorage.removeItem('WebConfigAppSettings');\n\t\t\t\t\t\t\tSC.dialog.showModalActivityAndReload('Save', true, window.location.href.split('#')[0]);\n\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\tSC.dialog.showModalMessageBox(SC.res['AdvancedConfig.SaveError.Title'], SC.res['AdvancedConfig.SaveError.WebConfigDescription'] + ' ' + result);\n\t\t\t\t\t\t}\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t);\n\t\t\tbreak;\n\t\tcase 'AppConfigSave':\n\t\t\tSC.dialog.showModalButtonDialog(\n\t\t\t\t'Prompt',\n\t\t\t\tSC.res['AdvancedConfig.ApplyChanges'],\n\t\t\t\t'OK',\n\t\t\t\t'Default',\n\t\t\t\tfunction (container) {\n\t\t\t\t\tSC.ui.setContents(container, [\n\t\t\t\t\t\teventArgs.commandArgument === 'AppConfigRestore' ? $p(SC.res['AdvancedConfig.RestoreDefaults.AppConfigWarning']) : $p(SC.res['AdvancedConfig.ReinstallWarning'])\n\t\t\t\t\t]);\n\t\t\t\t},\n\t\t\t\tfunction () {\n\t\t\t\t\tvar systemSettings = JSON.parse(sessionStorage.getItem('AppConfigAppSettings')).SystemSettings;\n\t\t\t\t\tvar userInterfaceSettings = JSON.parse(sessionStorage.getItem('AppConfigAppSettings')).UserInterfaceSettings;\n\n\t\t\t\t\tSC.service.WriteChangesToAppConfig(systemSettings, userInterfaceSettings, AppConfigDefaults, function (result) {\n\t\t\t\t\t\tif (result === 'OK') {\n\t\t\t\t\t\t\tsessionStorage.removeItem('AppConfigAppSettings');\n\t\t\t\t\t\t\twindow.location.reload();\n\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\tSC.dialog.showModalMessageBox(SC.res['AdvancedConfig.SaveError.Title'], SC.res['AdvancedConfig.SaveError.AppConfigDescription'] + ' ' + result);\n\t\t\t\t\t\t}\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t);\n\t\t\tbreak;\n\t}\n});\n\n\n});</script>\n<script>SC.extension.addInitializeProc('fc234f0e-2e8e-4a1f-b977-ba41b14031f7', function (extensionContext) {\n// Add: Options | Help\nvar x=extensionContext.baseUrl.split('/').splice(-2)[0];\nSC.res['HelpPanel.Link'+x+'.Url']=\"https://docs.connectwise.com/ConnectWise_Automate/ConnectWise_Automate_Documentation/080/020/020?psa=1\";\nSC.event.addGlobalHandler(SC.event.QueryCommandButtonState,function(e){if(e.commandElement&&e.commandElement._commandName&&e.commandElement._commandName=='EditExtensionSettings'&&e.commandContext.extensionInfo.ExtensionID==x){SC.ui.addElement(e.target.parentElement,'A',{_commandName:'NavigateHelpLink',_commandArgument:x,_innerText:SC.res['Command.Help.Text'].replace(' \u25bd','')});}});\n\n});</script>\n<script>SC.extension.addInitializeProc('fc234f0e-2e8e-4a1f-b977-ba41b14031f7', function (extensionContext) {\n/*\n    The following is currently ripped from the Hosted Integration Template per Control\n    Potential to one day not need this and use some core functionality\n\n    File will hide the UI and display the fourth column only\n*/\nvar sendCommandToParent = function (commandName, commandData) {\n    if (commandName)\n        window.parent.postMessage({ _internalCommand: commandName, _internalCommandData: commandData ? commandData : {} }, '*');\n};\n\nSC.event.addGlobalHandler(SC.event.PreRender, function () {\n    window.addEventListener('message', function (eventArgs) {\n        SC.util.includeStyleSheet(extensionContext.baseUrl + 'LiveData/livedata.css');\n        switch (eventArgs.data._externalCommand) {\n            case 'RenderSessionDetailsFullWidthCommand':\n                var applicablePaths = ['/', '/Guest', '/Host', '/Login'];\n                if (!applicablePaths.includes(window.location.pathname))\n                    break;\n\n                var elementsToHide = [\n                    $('.HeaderPanel'),\n                    $('.GlobalBar'),\n                    $('.NavigationPanel'),\n                    $('.MasterPanel'),\n                    $('.MainDetailHeaderPanel'),\n                    $('.MainDetailPanel'),\n                    $('.ToggleDetailPanelButton'),\n                ];\n\n                for (var i = 0; i < elementsToHide.length; i++)\n                    if (elementsToHide[i])\n                        SC.css.ensureClass(elementsToHide[i], 'HiddenElement', true);\n\n                var outerPanel = $('.OuterPanel');\n                var mainPanel = $('.MainPanel');\n                var subDetailHeader = $('.SubDetailHeaderPanel');\n\n                if (outerPanel)\n                    SC.css.ensureClass(outerPanel, 'OuterPanelOverride', true);\n\n                if (mainPanel)\n                    SC.css.ensureClass(mainPanel, 'GridOverride', true);\n\n                if (subDetailHeader)\n                    SC.css.ensureClass(subDetailHeader, 'FullSizeHeaderElement', true);\n\n                var notifyPaths = ['/', '/Guest'];\n\n                if (notifyPaths.includes(window.location.pathname))\n                    sendCommandToParent('OnPreRenderComplete');\n\n                break;\n\n            case 'LoadSessionCommand':\n                var sessionID = eventArgs.data._externalCommandData;\n\n                if (sessionID) {\n                    // call our LiveDataService\n                    SC.service.GetSessionDetailsUrl(\n                        sessionID,\n                        function (url) {\n                            if (url)\n                                window.location.href = url;\n                        }\n                    );\n                }\n\n                sendCommandToParent('OnLoadSessionComplete');\n                break;\n        }\n    });\n\n    sendCommandToParent('OnPreRender');\n});\n\n});</script>\n<script>SC.extension.addInitializeProc('008c8fcf-2b14-4551-aa25-2177aa9a61e5', function (extensionContext) {\nvar connectWiseUserSourceName = 'ConnectWise';\n\nvar userSourceConfiguration = {\n\tIdentityProviderUri: extensionContext.settingValues.ConnectWiseSsoBaseUrl,\n\tExtraScopes: 'roles',\n\tClientID: null,\n\tClientSecret: null,\n\tUserInfoRoleNamesPath: 'roles',\n\tExtraRoleNames: '',\n\tDisplayName: 'ConnectWise SSO',\n\tExternalUserManagementUrl: extensionContext.settingValues.ConnectWiseSsoUserManagementUrl,\n}\n\nuserSourceConfiguration.ExternalUserManagementUrl = extensionContext.settingValues.ConnectWiseSsoUserManagementUrl;\n\nSC.event.addGlobalHandler(SC.event.PreRender, function () {\n\tif (SC.context.pageType === 'AdministrationPage')\n\t\tSC.util.includeStyleSheet(extensionContext.baseUrl + 'ConnectWiseSSO.css');\n});\n\nSC.event.addGlobalHandler(SC.event.QueryCommandButtons, function (eventArgs) {\n\tswitch (eventArgs.area) {\n\t\tcase 'AddUserSourcePopoutPanel':\n\t\t\teventArgs.buttonDefinitions.push({\n\t\t\t\tcommandName: 'AddConnectWiseSSOUserSource',\n\t\t\t\ttext: SC.res['ConnectWiseSSO.AddUserSourcePopoutPanel.Button']\n\t\t\t});\n\t\t\tbreak;\n\t}\n});\n\nSC.event.addGlobalHandler(SC.event.QueryCommandButtonState, function (eventArgs) {\n\tswitch (eventArgs.commandName) {\n\t\tcase 'AddConnectWiseSSOUserSource':\n\t\t\teventArgs.isEnabled = eventArgs.isVisible = SC.pagedata.get().UserSources.every(it => it.Name !== connectWiseUserSourceName);\n\t\t\tbreak;\n\t}\n});\n\nSC.event.addGlobalHandler(SC.event.ExecuteCommand, function (eventArgs) {\n\tswitch (eventArgs.commandName) {\n\t\tcase 'AddConnectWiseSSOUserSource':\n\t\t\tSC.dialog.showModalButtonDialog(\n\t\t\t\t'ConnectWiseSsoSetup',\n\t\t\t\tSC.res['ConnectWiseSSO.SetupModal.Title'],\n\t\t\t\tSC.res['ConnectWiseSSO.SetupModal.Button'],\n\t\t\t\tnull,\n\t\t\t\tfunction (container) {\n\t\t\t\t\tSC.ui.addContent(container, [\n\t\t\t\t\t\t$h2({ innerHTML: SC.res['ConnectWiseSSO.SetupModal.Instructions'], className: 'SettingHeader' }),\n\t\t\t\t\t\t$div($textarea({ className: 'RegistrationTokenInput' }))\n\t\t\t\t\t]);\n\t\t\t\t},\n\t\t\t\tfunction () {\n\t\t\t\t\tSC.service.MakeDynamicClientRegistrationRequest(\n\t\t\t\t\t\t$('.RegistrationTokenInput').value,\n\t\t\t\t\t\tSC.context.instanceID || SC.context.instanceUrlScheme,\n\t\t\t\t\t\tSC.context.scriptBaseUrl,\n\t\t\t\t\t\tconnectWiseUserSourceName,\n\t\t\t\t\t\tfunction (registrationResponse) {\n\t\t\t\t\t\t\tuserSourceConfiguration.ClientID = registrationResponse.client_id;\n\t\t\t\t\t\t\tuserSourceConfiguration.ClientSecret = registrationResponse.client_secret;\n\n\t\t\t\t\t\t\tvar configKeys = Object.keys(userSourceConfiguration);\n\t\t\t\t\t\t\tvar configValues = configKeys.map(function (key) { return userSourceConfiguration[key]; });\n\n\t\t\t\t\t\t\tSC.service.AddUserSource(\n\t\t\t\t\t\t\t\t'ScreenConnect.OpenIDConnectMembershipProvider',\n\t\t\t\t\t\t\t\tconnectWiseUserSourceName,\n\t\t\t\t\t\t\t\ttrue,\n\t\t\t\t\t\t\t\tfalse,\n\t\t\t\t\t\t\t\tconfigKeys,\n\t\t\t\t\t\t\t\tconfigValues,\n\t\t\t\t\t\t\t\t() => SC.pagedata.notifyDirty()\n\t\t\t\t\t\t\t);\n\t\t\t\t\t\t});\n\n\t\t\t\t\tSC.dialog.hideModalDialog();\n\t\t\t\t}\n\t\t\t);\n\t\t\tbreak;\n\t}\n});\n\nfunction compareVersions(version1, version2) {\n\tvar versionNumbers1 = version1.toString().split('.');\n\tvar versionNumbers2 = version2.toString().split('.');\n\n\tfor (let i = 0; i < Math.max(versionNumbers1.length, versionNumbers2.length); i++) {\n\t\tvar versionNumber1 = parseInt(versionNumbers1[i] || 0, 10);\n\t\tvar versionNumber2 = parseInt(versionNumbers2[i] || 0, 10);\n\t\tif (versionNumber1 > versionNumber2) return 1;\n\t\tif (versionNumber2 > versionNumber1) return -1;\n\t}\n\n\treturn 0;\n}\n\nfunction isVersionInRange(version, minVersionInclusive, maxVersionExclusive) {\n\treturn (minVersionInclusive == undefined || compareVersions(version, minVersionInclusive) >= 0\n\t\t&& (maxVersionExclusive == undefined || compareVersions(version, maxVersionExclusive) < 0));\n}\n\nfunction isProductVersionInRange(minVersionInclusive, maxVersionExclusive) {\n\treturn isVersionInRange(SC.context.productVersion, minVersionInclusive, maxVersionExclusive);\n}\n\n});</script>\n<script>SC.extension.addInitializeProc('75fe3a74-43ba-45eb-9eab-12ff335b91cb', function (extensionContext) {\n/** Edit App.Config Settings **/\n\n/** Global Extension Variables **/\nvar extensionId = extensionContext.baseUrl.split('/').slice(-2)[0];\n\nconst numberRegex = new RegExp(/(^[0-9]$)|(^[1-9][0-9]+$)/);\n\n/** Custom 'top' modal dialog to show alert type messages in modal dialog on top of existing modal dialogs **/\nfunction setupTopModalDialog(disable){\n\tif (!disable) {\n\t\teval('SC.dialog.showModalDialogRawOnTop = ' + SC.dialog.showModalDialogRaw.toString().replace('SC.dialog.hideModalDialog();','').replace(/hideModalDialog/g,'hideTopModalDialog'));\n\t\teval('SC.dialog.hideTopModalDialog = ' + SC.dialog.hideModalDialog.toString().replace(/getModalDialog/g,'getTopModalDialog'));\n\t\tSC.dialog.getTopModalDialog = function() { return Array.prototype.map.call(window.document.querySelectorAll('#dialog'),function(_){return _;}).pop(); };\n\t} else {\n\t\tdelete SC.dialog.showModalDialogRawOnTop;\n\t\tdelete SC.dialog.hideTopModalDialog;\n\t\tdelete SC.dialog.getTopModalDialog;\n\t}\n}\n\nfunction alertModal(message){\n\tif (!SC.dialog.showModalDialogRawOnTop)\n\t\tsetupTopModalDialog();\n\n\tSC.dialog.showModalDialogRawOnTop(\n\t\tmessage.subClass || 'MessageBox',\n\t\t[\n\t\t\tmessage.titlePanel || SC.dialog.createTitlePanel(message.title || SC.res['ErrorPanel.Title']),\n\t\t\tmessage.contentPanel || SC.dialog.createContentPanel($div(message.content || message)),\n\t\t\tmessage.buttonPanel || SC.dialog.createButtonPanel(message.button || 'OK',message.extraButtons || null)\n\t\t],\n\t\tmessage.onExecProc || function(eventArgs){\n\t\t\tSC.dialog.hideTopModalDialog();\n\t\t},\n\t\tmessage.onQueryProc || null,\n\t\tmessage.onHideProc || function(){\n\t\t\tif (SC.dialog.getTopModalDialog() == SC.dialog.getModalDialog())\n\t\t\t\tsetupTopModalDialog(true);\n\t\t}\n\t);\n}\n/**********************************************/\n\n/** Table Sorting Functions **/\nvar sortBy = {};\nfunction sortTable(table, col) {\n\tif (sortBy.table){\n\t\tvar oldSortCol = document.querySelector('#' + sortBy.table).tHead.rows[0].cells[sortBy.col || 0];\n\t\tSC.css.ensureClass(oldSortCol,'Ascending',false);\n\t\tSC.css.ensureClass(oldSortCol,'Descending',false);\n\t}\n\t\n\tif (sortBy.table == table.id && sortBy.col == col){\n\t\tsortBy.dir = -((+sortBy.dir) || -1);\n\t}\n\telse {\n\t\tsortBy.table = table.id;\n\t\tsortBy.col = col;\n\t\tsortBy.dir = 1;\n\t}\n\tif (sortBy.dir !== 0)\n\t\tSC.css.ensureClass(table.tHead.rows[0].cells[col],sortBy.dir > 0 ? 'Ascending' : 'Descending', true);\n\n\tvar tb = table.tBodies[0];\n\tvar tr = Array.prototype.slice.call(tb.rows, 0);\n\ttr = tr.sort(function (a, b) {\n\t\tvar aVal = a.cells[col].order ? a.cells[col].order : a.cells[col].textContent;\n\t\tvar bVal = b.cells[col].order ? b.cells[col].order : b.cells[col].textContent;\n\t\treturn sortBy.dir * (typeof aVal == 'number' ? aVal - bVal : aVal.localeCompare(bVal));\n\t});\n\tfor(var i=0; i<tr.length; ++i){\n\t\ttb.appendChild(tr[i]);\n\t}\n}\n\nfunction makeSortable(table) {\n\tvar th = table.tHead, i;\n\tth && (th = th.rows[0]) && (th = th.cells);\n\tif (th) i = th.length;\n\telse return; // if no `<thead>` then do nothing\n\twhile (--i >= 0) (function (i) {\n\t\tSC.css.ensureClass(th[i],'Sortable',true);\n\t\tth[i].addEventListener('click', function () {sortTable(table, i)});\n\t}(i));\n}\n\nfunction makeAllSortable(parent) {\n\tparent = parent || document.body;\n\tvar t = parent.getElementsByTagName('table'), i = t.length;\n\twhile (--i >= 0) makeSortable(t[i]);\n}\n/*****************************/\n\n/** General Extension Functions **/\nfunction checkVersion(minVer, curVer) {\n\tif (typeof curVer + typeof minVer != 'stringstring')\n\t\treturn false;\n\tvar a = curVer.split('.'), b = minVer.split('.'), i = 0, len = Math.max(a.length, b.length);\n\tfor (; i < len; i++) {\n\t\tif ((a[i] && !b[i] && parseInt(a[i]) > 0) || (parseInt(a[i]) > parseInt(b[i]))) {\n\t\t\treturn true;\n\t\t} else if ((b[i] && !a[i] && parseInt(b[i]) > 0) || (parseInt(a[i]) < parseInt(b[i]))) {\n\t\t\treturn false;\n\t\t}\n\t}\n\treturn true;\n}\n\nfunction checkLongBitmask(flagInput,maskInput) {\n\tvar maxJSMaskLength = 8;\n\tflags = flagInput.substring(flagInput.length,flagInput.length-(Math.min(maxJSMaskLength,flagInput.length)));\n\tmask = maskInput.substring(maskInput.length,maskInput.length-(Math.min(maxJSMaskLength,maskInput.length)));\n\n\tif (isNaN(flags) || isNaN(mask)){\n\t\treturn false;\n\t}\n\n\tif (parseInt(mask,16) === 0) {\n\t\tif (maskInput.length > maxJSMaskLength) {",
         "datamd5" : "49eab9e205612a0f4919c3fe1c018f72",
         "datammh3" : 1942039422,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS8075",
            "continent" : "NA",
            "continentname" : "North America",
            "country" : "US",
            "countryname" : "United States",
            "domain" : [
               "microsoft.com"
            ],
            "isineu" : "false",
            "latitude" : "37.09024",
            "location" : "37.09024,-95.712891",
            "longitude" : "-95.712891",
            "netname" : "MSFT",
            "organization" : "Microsoft Corporation",
            "subnet" : "52.187.0.0/17"
         },
         "ip" : "52.187.58.208",
         "ipv6" : "false",
         "latitude" : "1.2868",
         "location" : "1.2868,103.8503",
         "longitude" : "103.8503",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "MICROSOFT-CORP-MSN-AS-BLOCK",
         "os" : "Linux",
         "osdistribution" : "sUse",
         "osvendor" : "Linux",
         "port" : 563,
         "product" : "Control",
         "productvendor" : "ConnectWise",
         "productversion" : "23.2.9.8466",
         "protocol" : "http",
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "subnet" : "52.160.0.0/11",
         "tag" : "<enterprise field>: tag",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 115.237.105.57:563 (tcp/http) - last seen on 2024-11-21 at 09:15:00 UTC

    • IP
      115.237.105.57
      Network
      115.237.0.0/16
      Device

      <enterprise field>: device.class

      URL

      http://115.237.105.57:563/ 407

      ASN
      AS4134
      Organization
      Chinanet
      Protocol
      http
      Source
      datascan
    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      4c270ffd490923054c892d62c6dfbeab
      HTTP Header MD5
      1e9f377661f7f69d80966c2c61d11120
      HTTP Body MD5
      1e91463f4f6b4fa0d59c77e45ac0bf6e
    • HTTP/1.1 407 OK
      Date: Wed, 20 Jan 2021 05:55:41 GMT
      Content-Type: text/plain; charset=utf-8
      Content-Length: 32
      Connection: keep-alive
      
      please add white ip <srcip>
      
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:15:00.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "1e91463f4f6b4fa0d59c77e45ac0bf6e",
               "bodymmh3" : 1823869081,
               "headermd5" : "1e9f377661f7f69d80966c2c61d11120",
               "headermmh3" : -139583690
            },
            "length" : 166
         },
         "asn" : "AS4134",
         "city" : "Guangzhou",
         "country" : "CN",
         "data" : "HTTP/1.1 407 OK\nDate: Wed, 20 Jan 2021 05:55:41 GMT\nContent-Type: text/plain; charset=utf-8\nContent-Length: 32\nConnection: keep-alive\n\nplease add white ip <srcip>\r\n\r\n",
         "datamd5" : "4c270ffd490923054c892d62c6dfbeab",
         "datammh3" : 771128078,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS4134",
            "continent" : "AS",
            "continentname" : "Asia",
            "country" : "CN",
            "countryname" : "China",
            "domain" : [
               "163.com",
               "189.cn",
               "hz.zj.cn",
               "sxptt.zj.cn"
            ],
            "isineu" : "false",
            "latitude" : "35.86166",
            "location" : "35.86166,104.195397",
            "longitude" : "104.195397",
            "netname" : "CHINANET-ZJ-SX",
            "organization" : "CHINANET-ZJ Shaoxing node network",
            "subnet" : "115.237.0.0/16"
         },
         "ip" : "115.237.105.57",
         "ipv6" : "false",
         "latitude" : "23.1181",
         "location" : "23.1181,113.2539",
         "longitude" : "113.2539",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "Chinanet",
         "port" : 563,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 407,
         "subnet" : "115.237.0.0/16",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 51.195.57.159:563 (tcp/http) - last seen on 2024-11-21 at 09:14:05 UTC

    • IP
      51.195.57.159
      Network
      51.195.0.0/16
      Domain(s)
      ip-51-195-57.eu
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Ubuntu
      URL

      http://51.195.57.159:563/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      Reverse DNS
      ip159.ip-51-195-57.eu
      ASN
      AS16276
      Organization
      OVH SAS
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Ubuntu
      Product
      F5 Nginx 1.18.0
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      0f607a794922d0e529ea46b57721417d
      HTTP Header MD5
      73b5b39070f21c93f1b94a75281c1ce0
      HTTP Body MD5
      e2c7b0e1a897b6683f3a2814cb2f67cd
    • HTTP/1.1 400 Bad Request
      Server: nginx/1.18.0 (Ubuntu)
      Date: Thu, 21 Nov 2024 09:14:05 GMT
      Content-Type: text/html
      Content-Length: 264
      Connection: close
      
      <html>
      <head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
      <body>
      <center><h1>400 Bad Request</h1></center>
      <center>The plain HTTP request was sent to HTTPS port</center>
      <hr><center>nginx/1.18.0 (Ubuntu)</center>
      </body>
      </html>
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:14:05.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "e2c7b0e1a897b6683f3a2814cb2f67cd",
               "bodymmh3" : -1741231556,
               "headermd5" : "73b5b39070f21c93f1b94a75281c1ce0",
               "headermmh3" : -1043061509,
               "title" : "400 The plain HTTP request was sent to HTTPS port"
            },
            "length" : 425
         },
         "asn" : "AS16276",
         "city" : "Villemandeur",
         "country" : "FR",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Thu, 21 Nov 2024 09:14:05 GMT\r\nContent-Type: text/html\r\nContent-Length: 264\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.18.0 (Ubuntu)</center>\r\n</body>\r\n</html>\r\n",
         "datamd5" : "0f607a794922d0e529ea46b57721417d",
         "datammh3" : 907783723,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "ip-51-195-57.eu"
         ],
         "host" : [
            "ip159"
         ],
         "hostname" : [
            "ip159.ip-51-195-57.eu"
         ],
         "ip" : "51.195.57.159",
         "ipv6" : "false",
         "latitude" : "47.9899",
         "location" : "47.9899,2.7144",
         "longitude" : "2.7144",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "OVH SAS",
         "os" : "Linux",
         "osdistribution" : "Ubuntu",
         "osvendor" : "Linux",
         "port" : 563,
         "product" : "Nginx",
         "productvendor" : "F5",
         "productversion" : "1.18.0",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Bad Request",
         "reverse" : [
            "ip159.ip-51-195-57.eu"
         ],
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 400,
         "subnet" : "51.195.0.0/16",
         "tag" : "<enterprise field>: tag",
         "tld" : [
            "eu"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 185.170.214.247:563 (tcp/http) - last seen on 2024-11-21 at 09:13:05 UTC

    • IP
      185.170.214.247
      Network
      185.170.212.0/22
      Domain(s)
      hosted-by-mvps.net
      Device

      <enterprise field>: device.class

      URL

      http://185.170.214.247:563/ 301

      Reverse DNS
      ip-185-170-214-247-94412.vps.hosted-by-mvps.net
      ASN
      AS202448
      Organization
      MVPS LTD
      Protocol
      http
      Source
      datascan
    • Product
      Apache HTTP Server
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      433fd4199a3d308ad34b27bca550fea1
      HTTP Header MD5
      1596025e1d1eb4b7aaf8a70fe8f5fcfb
      HTTP Body MD5
      d41d8cd98f00b204e9800998ecf8427e
    • HTTP/1.1 301 Moved Permanently
      Location: /admin/login.html
      Content-Type: text/html; charset=UTF-8
      Server: Apache
      Content-Length: 0
      Set-Cookie: idA72=825587e2; max-age=2592000;
      Connection: keep-alive
      
      
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:13:05.000Z",
         "app" : {
            "http" : {
               "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
               "bodymmh3" : -1636538602,
               "headermd5" : "1596025e1d1eb4b7aaf8a70fe8f5fcfb",
               "headermmh3" : 1313191689
            },
            "length" : 208
         },
         "asn" : "AS202448",
         "city" : "Lille",
         "country" : "FR",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 301 Moved Permanently\r\nLocation: /admin/login.html\r\nContent-Type: text/html; charset=UTF-8\r\nServer: Apache\r\nContent-Length: 0\r\nSet-Cookie: idA72=825587e2; max-age=2592000;\r\nConnection: keep-alive\r\n\r\n",
         "datamd5" : "433fd4199a3d308ad34b27bca550fea1",
         "datammh3" : -1934269793,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "domain" : [
            "hosted-by-mvps.net"
         ],
         "host" : [
            "ip-185-170-214-247-94412"
         ],
         "hostname" : [
            "ip-185-170-214-247-94412.vps.hosted-by-mvps.net"
         ],
         "ip" : "185.170.214.247",
         "ipv6" : "false",
         "latitude" : "50.6240",
         "location" : "50.6240,3.0511",
         "longitude" : "3.0511",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "MVPS LTD",
         "port" : 563,
         "product" : "HTTP Server",
         "productvendor" : "Apache",
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "Moved Permanently",
         "reverse" : [
            "ip-185-170-214-247-94412.vps.hosted-by-mvps.net"
         ],
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 301,
         "subdomains" : [
            "vps.hosted-by-mvps.net"
         ],
         "subnet" : "185.170.212.0/22",
         "tld" : [
            "net"
         ],
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }
      
  • 181.215.208.252:563 (tcp/http) - last seen on 2024-11-21 at 09:10:24 UTC

    • IP
      181.215.208.252
      Network
      181.215.208.0/24
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor

      Operating System
      SonicWall SonicOS
      URL

      http://181.215.208.252:563/api/sonicos/tfa 404

      HTTP Title
      File not found!
      ASN
      AS22168
      Organization
      SHADOWSERVER-FOUNDATION
      Protocol
      http
      Source
      sonicwall::mfa
    • Operating System
      SonicWall SonicOS
      HTTP Component(s)
      SonicWall SonicWall
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      5755cb1445e9589ecab966c61b395fa7
      HTTP Header MD5
      0e862c2c5c858aca5aaf86c297935dc8
      HTTP Body MD5
      326456eeee37a65622c86c2f63664d55
    • HTTP/1.0 404 Not Found
      Server: SonicWALL
      Expires: -1
      Cache-Control: no-cache
      Content-type: text/html;charset=UTF-8
      X-Content-Type-Options: nosniff
      
      <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><title>File not found!</title><style type="text/css"><!--/*--><![CDATA[/*><!--*/ body { color: #000000; background-color: #FFFFFF; }
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:10:24.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "w3.org"
               ],
               "hostname" : [
                  "www.w3.org"
               ],
               "url" : [
                  "http://www.w3.org/1999/xhtml",
                  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
               ]
            },
            "http" : {
               "bodymd5" : "326456eeee37a65622c86c2f63664d55",
               "bodymmh3" : 67183679,
               "component" : [
                  {
                     "product" : "SonicWall",
                     "productvendor" : "SonicWall"
                  }
               ],
               "headermd5" : "0e862c2c5c858aca5aaf86c297935dc8",
               "headermmh3" : 762823540,
               "title" : "File not found!"
            },
            "length" : 468
         },
         "asn" : "AS22168",
         "country" : "AE",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.0 404 Not Found\r\nServer: SonicWALL\r\nExpires: -1\r\nCache-Control: no-cache\r\nContent-type: text/html;charset=UTF-8\r\nX-Content-Type-Options: nosniff\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\"\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\"><html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\"><head><title>File not found!</title><style type=\"text/css\"><!--/*--><![CDATA[/*><!--*/ body { color: #000000; background-color: #FFFFFF; }",
         "datamd5" : "5755cb1445e9589ecab966c61b395fa7",
         "datammh3" : 1575132516,
         "device" : {
            "class" : "<enterprise field>: device.class",
            "productvendor" : "<enterprise field>: device.productvendor"
         },
         "ip" : "181.215.208.252",
         "ipv6" : "false",
         "latitude" : "23.7500",
         "location" : "23.7500,54.5000",
         "longitude" : "54.5000",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "SHADOWSERVER-FOUNDATION",
         "os" : "SonicOS",
         "osvendor" : "SonicWall",
         "port" : 563,
         "productvendor" : "SonicWall",
         "protocol" : "http",
         "protocolversion" : "1.0",
         "reason" : "Not Found",
         "seen_date" : "2024-11-21",
         "source" : "sonicwall::mfa",
         "status" : 404,
         "subnet" : "181.215.208.0/24",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/api/sonicos/tfa"
      }
      
  • 85.122.127.127:563 (tcp/http) - last seen on 2024-11-21 at 09:04:51 UTC

    • IP
      85.122.127.127
      Network
      85.122.124.0/22
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://85.122.127.127:563/ 200

      ASN
      AS9009
      Organization
      M247 Europe SRL
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      0993ebdf8fd60c687d53ba7005b1c24d
      HTTP Header MD5
      bdd21f5a86747d05843c828e0965c094
      HTTP Body MD5
      0e286281cd03ef77daa6087a8ddf1cce
    • HTTP/1.1 200 OK
      Strict-Transport-Security: max-age=31536000; includeSubdomains
      X-XSS-Protection: 1; mode=block
      X-Frame-Options: SAMEORIGIN
      X-Content-Type-Options: nosniff
      Content-Length: 4229
      Content-Type: text/html
      Date: Thu, 21 Nov 2024 09:04:51 UTC
      
      <!--
      <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
      -->
      <html xmlns="http://www.w3.org/1999/xhtml">
      <head>
          <META http-equiv="Content-Type" content="text/html; charset=utf-8">
          <META HTTP-EQUIV="Pragma" CONTENT="no_cache">
          <META NAME="ATEN International Co Ltd." CONTENT="(c) ATEN International Co Ltd. 2010">
          <title></title>
      <!--    <link rel="shortcut icon" href="../images/favicon.ico"> -->
          <link rel="stylesheet" href="../css/basic.css" type="text/css">
          <script language="JavaScript">
          if (window != top)
              top.location.href = "/";//location.href;
          </script>
          <script language="JavaScript" src="../js/utils.js"></script>
          <script language="JavaScript" type="text/javascript">
          var lang_setting;
          lang_setting = ReadCookie("language");
          if (lang_setting == null)
          {
              CreateCookie("langSetFlag","0");
              CreateCookie("language","English");
              lang_setting = "English";
          }
          document.write("<script type=\"text/javascript\", src = \"../js/lang/" + lang_setting + "/lang_str.js\"><\/script>");
          function checkform()
          {
              if(Trim(form1.name.value) == "")
              {
                  alert(lang.LANG_LOGIN_INVALID_USERNAME);
                  form1.name.focus();
                  return;
              }
              if(Trim(form1.pwd.value) == "")
              {
                  alert(lang.LANG_LOGIN_INVALID_PASSWORD);
                  form1.pwd.focus();
                  return;
              }
              document.form1.submit();
              return;
          }
          function checkEnt(e)
          {
              var key = window.event ? e.keyCode : e.which;
              if(key == 13)
              {
      
                  checkform();
              }
          }
          function PageInit()
          {
              var msg = document.getElementById("login_word");
              msg.setAttribute("value", lang.LANG_LOGIN_LOGIN);
              return;
          }
      </script>
      </head>
      <body onload='PageInit()'>
          <table style="margin: 0px; height: 100%; width: 100%" border="0" background=#FFFFFF cellpadding="0" cellspacing="0">
              <tr>
                  <td style="height: 25%; vertical-align: bottom; text-align: center">
                      <table style="margin: 0 auto;" border="0" width="412px">
                          <tr>
                              <td>
                                  <img src="../images/logo.gif" style="margin: 0px; padding: 0px;">
                              </td>
                          </tr>
                      </table>
                  </td>
              </tr>
              <tr style="width: 100%">
                  <td style="height: 100%; vertical-align: top;">
                      <form name="form1" action="/cgi/login.cgi" method="post" autocomplete="off">
                          <table class="login">
                              <tr><td align="center" colspan="2">
                                  <h3><script>document.writeln(lang.LANG_LOGIN_PROMPT);</script></h3>
                              </td></tr>
                              <tr>
                                  <td align="right" width="40%">
                                      <script>document.writeln(lang.LANG_LOGIN_USERNAME)</script>
                                  </td>
                                  <td>
                                      <input align="left" name="name" size="20" maxlength="64" style="width:146px;" type="text" onKeyDown="checkEnt(event)">
                                  </td>
                              </tr>
                              <tr>
                                  <td align="right" width="40%">
                                      <script>document.writeln(lang.LANG_LOGIN_PASSWORD)</script>
                                  </td>
                                  <td>
                                      <input align="left" name="pwd" size="20" maxlength="64" style="width:146px;" type="password" onKeyDown="checkEnt(event)">
                                  </td>
                              </tr>
                              <tr>
                                  <td align="center" colspan="2">
                                      <input id="login_word" class="btnStyle" name="Login" type="button" onclick="javascript: checkform(this)">
                                  </td>
                              </tr>
                          </table>
                      </form>
                  </td>
              </tr>
          </table>
      </body>
      </html>
    • {
         "@category" : "datascan",
         "@timestamp" : "2024-11-21T09:04:51.000Z",
         "app" : {
            "extract" : {
               "domain" : [
                  "w3.org"
               ],
               "file" : [
                  "login.cgi"
               ],
               "hostname" : [
                  "www.w3.org"
               ],
               "url" : [
                  "http://www.w3.org/1999/xhtml",
                  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"
               ]
            },
            "http" : {
               "bodymd5" : "0e286281cd03ef77daa6087a8ddf1cce",
               "bodymmh3" : -2022788506,
               "headermd5" : "bdd21f5a86747d05843c828e0965c094",
               "headermmh3" : -1169102439
            },
            "length" : 4491
         },
         "asn" : "AS9009",
         "city" : "Bucharest",
         "country" : "RO",
         "cpe" : "<enterprise field>: cpe",
         "cpecount" : "<enterprise field>: cpecount",
         "data" : "HTTP/1.1 200 OK\r\nStrict-Transport-Security: max-age=31536000; includeSubdomains\r\nX-XSS-Protection: 1; mode=block\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nContent-Length: 4229\r\nContent-Type: text/html\r\nDate: Thu, 21 Nov 2024 09:04:51 UTC\r\n\r\n<!--\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n-->\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\n<head>\n    <META http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n    <META HTTP-EQUIV=\"Pragma\" CONTENT=\"no_cache\">\n    <META NAME=\"ATEN International Co Ltd.\" CONTENT=\"(c) ATEN International Co Ltd. 2010\">\n    <title></title>\n<!--    <link rel=\"shortcut icon\" href=\"../images/favicon.ico\"> -->\n    <link rel=\"stylesheet\" href=\"../css/basic.css\" type=\"text/css\">\n    <script language=\"JavaScript\">\n    if (window != top)\n        top.location.href = \"/\";//location.href;\n    </script>\n    <script language=\"JavaScript\" src=\"../js/utils.js\"></script>\n    <script language=\"JavaScript\" type=\"text/javascript\">\n    var lang_setting;\n    lang_setting = ReadCookie(\"language\");\n    if (lang_setting == null)\n    {\n        CreateCookie(\"langSetFlag\",\"0\");\n        CreateCookie(\"language\",\"English\");\n        lang_setting = \"English\";\n    }\n    document.write(\"<script type=\\\"text/javascript\\\", src = \\\"../js/lang/\" + lang_setting + \"/lang_str.js\\\"><\\/script>\");\n    function checkform()\n    {\n        if(Trim(form1.name.value) == \"\")\n        {\n            alert(lang.LANG_LOGIN_INVALID_USERNAME);\n            form1.name.focus();\n            return;\n        }\n        if(Trim(form1.pwd.value) == \"\")\n        {\n            alert(lang.LANG_LOGIN_INVALID_PASSWORD);\n            form1.pwd.focus();\n            return;\n        }\n        document.form1.submit();\n        return;\n    }\n    function checkEnt(e)\n    {\n        var key = window.event ? e.keyCode : e.which;\n        if(key == 13)\n        {\n\n            checkform();\n        }\n    }\n    function PageInit()\n    {\n        var msg = document.getElementById(\"login_word\");\n        msg.setAttribute(\"value\", lang.LANG_LOGIN_LOGIN);\n        return;\n    }\n</script>\n</head>\n<body onload='PageInit()'>\n    <table style=\"margin: 0px; height: 100%; width: 100%\" border=\"0\" background=#FFFFFF cellpadding=\"0\" cellspacing=\"0\">\n        <tr>\n            <td style=\"height: 25%; vertical-align: bottom; text-align: center\">\n                <table style=\"margin: 0 auto;\" border=\"0\" width=\"412px\">\n                    <tr>\n                        <td>\n                            <img src=\"../images/logo.gif\" style=\"margin: 0px; padding: 0px;\">\n                        </td>\n                    </tr>\n                </table>\n            </td>\n        </tr>\n        <tr style=\"width: 100%\">\n            <td style=\"height: 100%; vertical-align: top;\">\n                <form name=\"form1\" action=\"/cgi/login.cgi\" method=\"post\" autocomplete=\"off\">\n                    <table class=\"login\">\n                        <tr><td align=\"center\" colspan=\"2\">\n                            <h3><script>document.writeln(lang.LANG_LOGIN_PROMPT);</script></h3>\n                        </td></tr>\n                        <tr>\n                            <td align=\"right\" width=\"40%\">\n                                <script>document.writeln(lang.LANG_LOGIN_USERNAME)</script>\n                            </td>\n                            <td>\n                                <input align=\"left\" name=\"name\" size=\"20\" maxlength=\"64\" style=\"width:146px;\" type=\"text\" onKeyDown=\"checkEnt(event)\">\n                            </td>\n                        </tr>\n                        <tr>\n                            <td align=\"right\" width=\"40%\">\n                                <script>document.writeln(lang.LANG_LOGIN_PASSWORD)</script>\n                            </td>\n                            <td>\n                                <input align=\"left\" name=\"pwd\" size=\"20\" maxlength=\"64\" style=\"width:146px;\" type=\"password\" onKeyDown=\"checkEnt(event)\">\n                            </td>\n                        </tr>\n                        <tr>\n                            <td align=\"center\" colspan=\"2\">\n                                <input id=\"login_word\" class=\"btnStyle\" name=\"Login\" type=\"button\" onclick=\"javascript: checkform(this)\">\n                            </td>\n                        </tr>\n                    </table>\n                </form>\n            </td>\n        </tr>\n    </table>\n</body>\n</html>",
         "datamd5" : "0993ebdf8fd60c687d53ba7005b1c24d",
         "datammh3" : 237833661,
         "device" : {
            "class" : "<enterprise field>: device.class"
         },
         "geolocus" : {
            "asn" : "AS9009",
            "continent" : "EU",
            "continentname" : "Europe",
            "country" : "RO",
            "countryname" : "Romania",
            "domain" : [
               "rnc.ro",
               "virtono.com"
            ],
            "isineu" : "true",
            "latitude" : "45.943161",
            "location" : "45.943161,24.96676",
            "longitude" : "24.96676",
            "netname" : "VIRTONO-NETWORKS",
            "organization" : "Virtono Networks SRL",
            "subnet" : "85.122.127.0/24"
         },
         "ip" : "85.122.127.127",
         "ipv6" : "false",
         "latitude" : "44.4291",
         "location" : "44.4291,26.1006",
         "longitude" : "26.1006",
         "node" : {
            "country" : "<enterprise field>: node.country",
            "groupid" : "<enterprise field>: node.groupid",
            "id" : "<enterprise field>: node.id",
            "physicalcountry" : "<enterprise field>: node.physicalcountry"
         },
         "organization" : "M247 Europe SRL",
         "os" : "Linux Kernel",
         "osvendor" : "Linux",
         "port" : 563,
         "protocol" : "http",
         "protocolversion" : "1.1",
         "reason" : "OK",
         "seen_date" : "2024-11-21",
         "source" : "datascan",
         "status" : 200,
         "subnet" : "85.122.124.0/22",
         "tag" : "<enterprise field>: tag",
         "tls" : "false",
         "transport" : "tcp",
         "url" : "/"
      }