47.92.207.62:563 (tcp/http) - last seen on 2024-11-07 at 04:12:31 UTC
-
- IP
- 47.92.207.62
- Network
- 47.92.0.0/14
- Device
-
<enterprise field>: device.class
- Operating System
- Linux Linux sUse
- URL
-
http://47.92.207.62:563/ 401
- HTTP Title
- VR-S1000 - BUFFALO BroadStation Pro
- HTTP Keyword(s)
- voip vos3000
- HTTP Copyright
- www.linknat.com, 昆石网络
- ASN
- AS37963
- Organization
- Hangzhou Alibaba Advertising Co.,Ltd.
- Protocol
- http
- Source
- datascan
-
- Operating System
- Linux Linux sUse
- HTTP Component(s)
- Cacti Cacti Microsoft ASP.NET Atlassian Confluence Gitlab Gitlab Drupal Drupal 7 Jenkins Jenkins 2.121.3 SPIP SPIP 4.1.11 Roundcube Webmail
- CPE(s)
-
<enterprise field>: cpe
This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.
-
- Data MD5
- b2eddb590b1250db325c05f47eba7001
- HTTP Header MD5
- 469595962e16057e4737c9f595838e7e
- HTTP Body MD5
- 426e4ce471c82a2a866d04aaa7b80d7a
-
HTTP/1.1 401 Unauthorized Composed-By: SPIP 4.1.11 @ www.spip.net Content-Length: 105464 Content-Type: text/html;charset=utf-8 Last-Modified: Fri, 29 Jul 2022 16:53:01 GMT Loginip: <srcip> P3p: CP=CAO PSA OUR Pragma: private Server: Wintendo 1.3.3.7 Set-Cookie: webvpn_as=; path=/; secure; Set-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011; Set-Cookie: csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains Set-Cookie: X-Qlik-Session=35263a2bf; path=/; Set-Cookie: Cacti=o6vomb0hujscvd9qh7icd0b6m6; path=/ Set-Cookie: fsm_login=37dfe4372f3867d7c134d618cbef137b; Path=/; Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095 Set-Cookie: id=A67B8F9C; Set-Cookie: TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1; Set-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure; Set-Cookie: laravel_session=a0ffeb; Set-Cookie: sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure; Set-Cookie: grafana_session=f7fbcb089c6994b7bc45775fdae1a13c; Path=/; Max-Age=2592000; HttpOnly; Secure; SameSite=Lax Set-Cookie: session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax Set-Cookie: acSamlv2Token=; path=/; secure; Set-Cookie: NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/; Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095 Set-Cookie: USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly Teamcity-Node-Id: MAIN_SERVER Www-Authenticate: Basic realm="[RTX1210]" X-Cache: MISS from Hello X-Cache-Lookup: NONE from ezproxies.com:3128 X-Cacheable: SHORT X-Citrix-Application: Receiver for Web X-Content-Powered-By: K2 v2.8.0 (by JoomlaWor X-Content-Type-Options: nosniff X-Drupal-Cache: xHIT X-Drupal-Dynamic-Cache: MISS X-Frame-Options: SAMEORIGIN X-Generator: Drupal 7 (http://drupal.org) X-Jenkins: 2.121.3 X-Jenkins-Session: f72d6619 X-Language: english X-Permitted-Cross-Domain-Policies: none X-Powered-By: ASP.NET X-Root: root X-Server-Powered-By: Engintron X-Xss-Protection: 1; mode=block Date: Thu, 07 Nov 2024 04:12:31 GMT Connection: close <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta http-equiv="Pragma" content="no-cache" /> <meta charset="utf-8"> <meta content="IE=edge" http-equiv="X-UA-Compatible"> <meta content="object" property="og:type"> <meta content="GitLab" property="og:site_name"> <meta content="Help" property="og:title"> <meta content="GitLab Community Edition" property="og:description"> <meta content="summary" property="twitter:card"> <meta content="Help" property="twitter:title"> <meta content="GitLab Community Edition" property="twitter:description"> <meta content="GitLab Community Edition" name="description"> <meta content="#474D57" name="theme-color"> <meta content="#30353E" name="msapplication-TileColor"> <meta name="csrf-param" content="authenticity_token" /> <meta name="csrf-token" content="8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e0cb6ed03ba384e2fac2390b==" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <meta http-equiv="expires" content="-1"/> <meta name="keywords" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/> <meta name="author" content="www.linknat.com, 昆石网络"/> <meta name="copyright" content="www.linknat.com, 昆石网络"/> <meta name="generator" content="SPIP 4.1.11" /> <script src="/jquery.min.js"></script> <title>VR-S1000 - BUFFALO BroadStation Pro</title> </head> <body> <div style="display: none;"> <script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"THtoAUxH4sS9","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script> <SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last="1">fritzr</User></Users></SessionInfo> <Account> <Entry0 Active="Yes" username="CMCCAdmin" web_passwd="CmcC4dm1n5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/> <Entry1 Active="Yes" username="useradmin" web_passwd="Gu4ngx1pd5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/> <Entry2 Active="Yes" username="CUAdmin" web_passwd="CUAdmin5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/> <TelnetEntry Active="Yes" telnet_username="Admin" telnet_passwd="cxx4dm1n5591" telnet_port="23"/> <FtpEntry Active="Yes" ftp_right="1" ftp_auth="1" ftp_username="Admin" ftp_passwd="cxx4dm1n5591" ftp_port="21" /> <SambaEntry Active="Yes" smb_right="1" smb_auth="1" smb_username="Admin" smb_passwd="cxx4dm1n5591" /> <ConsoleEntry Active="Yes" console_username="Admin" console_passwd="cxx4dm1n5591"/> <CTDefParaEntry setDefValueFlag="1" /> </Account> <div>8.5.5 (Build:20200530.307-TEMP)</div> <span class="greyNote version"><span class="vWord">Version</span> 2023.11.3 (build 147512)</span> <h1>Logged in as <strong>admin</strong></h1><input type="hidden" name="csrfmiddlewaretoken" value="e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y"><textarea id="3revi" name="revi" rows="4" cols="50">server1 Ubuntu 22.04 LTS</textarea> <ca status="disabled" href="/+CSCOCA+/login.html" /> <form action="/login/vpnSdef" enctype="multipart/form-data" method="post" name="login"> <div data-user="root" data-module="package-updates"></div> <code>The zip file did not contain an entry exportDescriptor.properties</code> <span class="form-hidden"><input name="page" value="login" type="hidden"/><input name="formulaire_action" type="hidden" value="login" /><input name="formulaire_action_args" type="hidden" value="dzdNV0MzUGFDV0NHemR6bWorekNEWHY=" /><input name="formulaire_action_sign" type="hidden" value="" /></span> <message>Please enter your username and password.</message> <input name="formid" type="hidden" value="012afed" /> <input name="javax.faces.ViewState" type="hidden" value="012afed" /> <input name="queryString" type="hidden" value="1406192" /> <div class="versionInfo">The Cacti Group Version 1.2.25</div> <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong> <input type="hidden" name="token" value="0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec"> <input type='hidden' name='__csrf_magic' value="key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654" /> <input type="hidden" name="tokenid" value="1804289383" > <input type="hidden" name="name" value="1804289383" > <input type="hidden" name="csrfKey" value="621aec6b886ff81169bed7de5d47b5ed"> <input type="hidden" name="csrf_token" value="621aec6b886ff81169bed7de5d47b5ed"> <input type="hidden" name="ref" value="aHR0cHM6Ly9pcHMuY2x1Yi8="> <input type="hidden" name="username_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8="> <input type="hidden" name="password_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8="> <input type="hidden" id="csrf" name="csrf" value="aHR0cHM6Ly9pcHMuY2x1Yi8="> <input type="hidden" id="csrf" name="xd_check" value="aHR0cHM6Ly9pcHMuY2x1Yi8="> <input type="hidden" id="give-form-id" name="give-form-id" value="621aec6b886ff81169bed7de5d47b5ed"> <input type="hidden" id="give-form-hash" name="give-form-hash" value="621aec6b886ff81169bed7de5d47b5ed"> <input type="text" name="username" label="Username:" value="admin" /> <input type="password" name="password" label="Password:" value="123456" /> <input type="hidden" name="tgroup" value="DefaultADMINGroup" /> <input type="submit" name="Login" value="Login" /> <input type="reset" name="Clear" value="Clear" /> </form> <input type="hidden" value="Maintain/cloud_index.php" id="cloud_addr"> <li class="lisel" onclick="location.href='index.php'">日志系统</li> <li class="linormal" onclick="location.href='Maintain/cloud_index.php'" style="margin-left:1px;">云平台</li> <button type="button" data-price-id=True>sb</button> <div class="prod_madelName">RT-AC5300</div> <div class="p1 title_gap">Sign in with your ASUS router account</div> <tr class="h"><th>PHP Group</th></tr> <tr><td class="e">upload_tmp_dir</td><td class="v">/etc/httpd/_tmp</td><td class="v">/etc/httpd/_tmp</td></tr> <tr><td class="e">$_SERVER['DOCUMENT_ROOT']</td><td class="v">/mnt/HDD2/web/</td></tr> <var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var> <span >Powered by <a href='#'>Gibbon</a> v23.0.01</span> <div class="text" id="jive-loginVersion"> Openfire, Version: 3.6.0a</div> <a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a> <div id="mcname">LoadMaster</div> <p><br/><span>出厂IP:192.168.1.1</span><br/><span>用户名、密码:admin admin</span></p> <td colspan="2">Please enter your Cacti user name and password below:</td> <meta id="confluence-context-path" name="confluence-context-path" content=""> <meta id="confluence-base-url" name="confluence-base-url" content="https://192.168.1.4"> <meta id="atlassian-token" name="atlassian-token" content="d78e2b977d28428e411e31b958c9c502c2425083"> <script id="frontend-js-extra">var hashform_vars = {"ajaxurl":"\/wp-admin\/admin-ajax.php","ajax_nounce":"d78e2b97","preview_img":""};</script> <div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div> <B>SonicWall Universal Management Suite v9.3</B> <br>OK<br> <script type="text/javascript">var csrfMagicToken = "sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646";var csrfMagicName = "__vtrftk";</script> <select id="cars" name="name"> <option value="olvo">olvo</option> </select> <a href="/VICIdial/phone">MODIFY</a> <input type="hidden" name="extension" value="1804289383" > <input type="hidden" name="pass" value="1804289383" > <input type="hidden" name="recording_exten" value="1804289383" > <script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script> <input type='hidden' name='LDCSA_CSRF' value="sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985" /> <script type='text/javascript'> var cactiVersion='1.2.27'; var cactiServerOS='unix'; var cactiAction=''; var theme='modern'; var refreshIsLogout=true; var refreshPage='/logout.php?action=timeout'; var refreshMSeconds=1440000; var urlPath='/'; var previousPage=''; var sessionMessage=[]; var csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021'; </script> <!-- <Username Level="40/40" Dispatch="account">admin</Username><User1><Password Level="40/40" Dispatch="account">admin</Password></User1> /var/pinglog <TITLE>Login</TITLE> <a href="jpg.html">LIVE JPEG</a><br> <a href="liveie.html">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br> <a href="DVRRemoteAP.exe">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br> <a href="DVRRemoteAP_X64.exe">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br> <a href="DVFPlayer.zip">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br> <\?xml version="1.0" encoding="utf-8"?><base64Binary xmlns="http://micros-hosting.com/EGateway/"> Location: /admin <meta name="generator" content="vBulletin 5.5.4" /> Location: http://<ip>:80/relogin.htm?_t=3541144909 Location: http://<ip>:80/syscmd.htm" Location: /ui/login /cgi-bin/webctrl.cgi?action=index_page PDR-M800 function btnPing() <HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF="http://<ip>:80/relogin.htm?_t=179439949">here</A></BODY></HTML> <link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_shortcut.png"> <link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_logo.png"> <td class="Copyright" colspan="2" style="text-align:justify" height="20" valign="bottom">© 2017 Cisco Systems, Inc. All Rights Reserved. <br>Cisco, Cisco Systems, and the Cisco Systems logo are registered trademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates in the United States and certain other countries. </td> : # > $ SSH key is good is not a valid ref and may not be archived pcPassword2 '&sessionKey=790148060;' name="sessionKey" value="790148060" Set-Cookie: loginName=admin var fgt_lang = /dev/cmdb/sslvpn_websession php 8.1.0-dev exit springframework Tomcat DEVICE.ACCOUNT=admin AUTHORIZED_GROUP=1 <uid></uid> <name>Admin</name> <usrid></usrid> <password>admin</password> <group></group> cpto /tmp/"root" Model=AC1450 Firmware=V1.0.0.36_10.0.17 "exceptionMessageValue":"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found." BIG-IP release 15.0.0 user:root 12345admin123' Failed to process image Location: http://192.168.0.1:52869/picsdesc.xml You don't have permission to access /vpns/ on this server. [global] workgroup = intranet encrypt passwords = Yes update encrypted = Yes funcionando system_sofia name resolve order InfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo <b>File Uploaded !!!</b><br> ant=951d11e51392117311602d0c25435d7f 38ee63071a04dc5e04ed22624c38e648 6f3249aa304055d63828af3bfab778f6 <h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1> [local] tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGUwY2I2ZWQwM2JhMzg0ZTJmYWMyMzkwYj09 addr = <ip> "Powered by vBulletin Version 5.5.4" 789551 Linear eMerge SuperSign ubiq Yacht Zeroshell FastWeb AuthInfo: loadingIndicator_bk Zyxel skyrouter WAP54 org.apache.spark.ui ID: "00af", version: "7.7.31.1", AddItem: function (a, item, c) {} <insert implant configuration content here> Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api Copyright (c) 2015-2020 by Cisco Systems, Inc. All rights reserved. SSL VPN Service wsConvertPptResponse <input id="txtUserName" class="txt-input" type="text" name="userName" value="" /> <input id="txtPassword" class="txt-input" type="password" name="password" value="" /> <button id="btnLogin" lc="html" lk="IDCS_LOGIN_NBSP"> <span lc="html" lk="IDCS_BS_PLUGIN_DOWNLOAD" style="line-height: 30px; vertical-align: top;"></span> <script src="../Scripts/login.htm.js?v={JS_CSS_V}" type="text/javascript"></script> <LegacyDN>eD2bxe4</LegacyDN> <title class="_ctxstxt_NetscalerGateway"> SAML Assertion verification failed; Please contact your administrator v=2b46554c087d2d5516559e9b8bc1875d /vpn/images/AccessGateway.ico frame-busting /vpn/js/logout_view.js?v= _ctxstxt_NetscalerAAA lib.min20200813.js 401 Unauthorized Basic realm= sName='1';onTest(this); var passadm = "admin"; OPMODE_BRIDGE document.all.cmd_result <input id="key" type="text" style="width: 200px" value="02108CB9-2200D5A4"> <input id="date" type="text" style="width: 200px" value="12/25/2023"> main page cgi-bin/login.cgi var sessionKey='030ff030ff88'; loc += '&sessionKey=19dec20030ff8dcb2'; } var code = 'location="' + loc + '"'; Password change successful J2100N GPON ONT /cgi-bin/webui/admin sesskey name=admin pass=123 priv=ppp service=www.dlinkddns.com sysCmdType Content-Type: auth/request Content-Type: command/reply Reply-Text: +OK accepted X-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks) 007b2000-007c1000 rw-p 00000000 00:00 0 Size: 60 kB Rss: 52 kB Pss: 52 kB Shared_Clean: 0 kB Shared_Dirty: 0 kB Private_Clean: 0 kB Private_Dirty: 52 kB Referenced: 52 kB Anonymous: 52 kB AnonHugePages: 0 kB Swap: 8 kB KernelPageSize: 4 kB MMUPageSize: 4 kB 009b1000-009b8000 rwxp -
{ "@category" : "datascan", "@timestamp" : "2024-11-07T04:12:31.000Z", "app" : { "extract" : { "domain" : [ "drupal.org", "micros-hosting.com" ], "file" : [ "admin-ajax.php", "dvrremoteap.exe", "dvfplayer.zip", "index.php", "dvrremoteap_x64.exe", "cloud_index.php" ], "hostname" : [ "drupal.org", "micros-hosting.com" ], "ip" : [ "1.0.0.36", "1.3.3.7", "7.7.31.1", "192.168.1.1", "192.168.1.4", "192.168.1.10", "192.168.0.1" ], "url" : [ "http://192.168.0.1:52869/picsdesc.xml", "http://drupal.org", "http://micros-hosting.com/EGateway/", "https://192.168.1.4" ] }, "http" : { "bodymd5" : "426e4ce471c82a2a866d04aaa7b80d7a", "bodymmh3" : 678441016, "component" : [ { "product" : "Confluence", "productvendor" : "Atlassian" }, { "productvendor" : "Gitlab", "product" : "Gitlab" }, { "product" : "SPIP", "productvendor" : "SPIP", "productversion" : "4.1.11" }, { "product" : "Webmail", "productvendor" : "Roundcube" }, { "product" : "Drupal", "productvendor" : "Drupal", "productversion" : "7" }, { "product" : "ASP.NET", "productvendor" : "Microsoft" }, { "productvendor" : "Jenkins", "productversion" : "2.121.3", "product" : "Jenkins" }, { "product" : "Cacti", "productvendor" : "Cacti" } ], "copyright" : "www.linknat.com, \u6606\u77f3\u7f51\u7edc", "header" : [ { "value" : "Fri, 29 Jul 2022 16:53:01 GMT", "name" : "Last-Modified" } ], "headermd5" : "469595962e16057e4737c9f595838e7e", "headermmh3" : 1219831452, "keywords" : [ "voip", "vos3000" ], "realm" : "[RTX1210]", "title" : "VR-S1000 - BUFFALO BroadStation Pro" }, "length" : 16307 }, "asn" : "AS37963", "city" : "Beijing", "country" : "CN", "cpe" : "<enterprise field>: cpe", "cpecount" : "<enterprise field>: cpecount", "data" : "HTTP/1.1 401 Unauthorized\r\nComposed-By: SPIP 4.1.11 @ www.spip.net\r\nContent-Length: 105464\r\nContent-Type: text/html;charset=utf-8\r\nLast-Modified: Fri, 29 Jul 2022 16:53:01 GMT\r\nLoginip: <srcip>\r\nP3p: CP=CAO PSA OUR\r\nPragma: private\r\nServer: Wintendo 1.3.3.7\r\nSet-Cookie: webvpn_as=; path=/; secure;\r\nSet-Cookie: cval=f337; path=/; splunkweb_csrf_token_8000=0011;\r\nSet-Cookie: csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains\r\nSet-Cookie: X-Qlik-Session=35263a2bf; path=/;\r\nSet-Cookie: Cacti=o6vomb0hujscvd9qh7icd0b6m6; path=/\r\nSet-Cookie: fsm_login=37dfe4372f3867d7c134d618cbef137b; Path=/;\r\nSet-Cookie: roundcube_sessauth=expired; HttpOnly; domain=cpanel.custompoodles.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095\r\nSet-Cookie: id=A67B8F9C;\r\nSet-Cookie: TRACKID=111d130c363c6795f9897e3368d2926e; Path=/; Version=1;\r\nSet-Cookie: DSSIGNIN=url_default; path=/dana-na/; expires=Thu, 31-Dec-2037 00:00:00 GMT; secure;\r\nSet-Cookie: laravel_session=a0ffeb;\r\nSet-Cookie: sdplogincsrfcookie=6cc9d6ad-33d5-4b5a-adc8-b5bf284cb492; Path=/; SameSite=None; Secure;\r\nSet-Cookie: grafana_session=f7fbcb089c6994b7bc45775fdae1a13c; Path=/; Max-Age=2592000; HttpOnly; Secure; SameSite=Lax\r\nSet-Cookie: session820/qualitor820=2ek44merar6fo67l01hdr09u0l; path=/; HttpOnly; SameSite=Lax\r\nSet-Cookie: acSamlv2Token=; path=/; secure;\r\nSet-Cookie: NSC_AAAC=a29d421feecf680a560a4c47b269b38ea29d421feecf680a560a4c47b269b38ea; path=/;\r\nSet-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2095\r\nSet-Cookie: USGSESSID=ff37fe7ceeca9a0ebedcf6549e8275d9; path=/; HttpOnly\r\nTeamcity-Node-Id: MAIN_SERVER\r\nWww-Authenticate: Basic realm=\"[RTX1210]\"\r\nX-Cache: MISS from Hello\r\nX-Cache-Lookup: NONE from ezproxies.com:3128\r\nX-Cacheable: SHORT\r\nX-Citrix-Application: Receiver for Web\r\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWor\r\nX-Content-Type-Options: nosniff\r\nX-Drupal-Cache: xHIT\r\nX-Drupal-Dynamic-Cache: MISS\r\nX-Frame-Options: SAMEORIGIN\r\nX-Generator: Drupal 7 (http://drupal.org)\r\nX-Jenkins: 2.121.3\r\nX-Jenkins-Session: f72d6619\r\nX-Language: english\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-Powered-By: ASP.NET\r\nX-Root: root\r\nX-Server-Powered-By: Engintron\r\nX-Xss-Protection: 1; mode=block\r\nDate: Thu, 07 Nov 2024 04:12:31 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta charset=\"utf-8\">\n<meta content=\"IE=edge\" http-equiv=\"X-UA-Compatible\">\n<meta content=\"object\" property=\"og:type\">\n<meta content=\"GitLab\" property=\"og:site_name\">\n<meta content=\"Help\" property=\"og:title\">\n<meta content=\"GitLab Community Edition\" property=\"og:description\">\n<meta content=\"summary\" property=\"twitter:card\">\n<meta content=\"Help\" property=\"twitter:title\">\n<meta content=\"GitLab Community Edition\" property=\"twitter:description\">\n<meta content=\"GitLab Community Edition\" name=\"description\">\n<meta content=\"#474D57\" name=\"theme-color\">\n<meta content=\"#30353E\" name=\"msapplication-TileColor\">\n<meta name=\"csrf-param\" content=\"authenticity_token\" />\n<meta name=\"csrf-token\" content=\"8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e0cb6ed03ba384e2fac2390b==\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n<meta http-equiv=\"expires\" content=\"-1\"/>\n<meta name=\"keywords\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"author\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"copyright\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"generator\" content=\"SPIP 4.1.11\" />\n<script src=\"/jquery.min.js\"></script> \n<title>VR-S1000 - BUFFALO BroadStation Pro</title>\n</head>\n<body>\n<div style=\"display: none;\">\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"THtoAUxH4sS9\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last=\"1\">fritzr</User></Users></SessionInfo>\n<Account>\n<Entry0 Active=\"Yes\" username=\"CMCCAdmin\" web_passwd=\"CmcC4dm1n5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry1 Active=\"Yes\" username=\"useradmin\" web_passwd=\"Gu4ngx1pd5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry2 Active=\"Yes\" username=\"CUAdmin\" web_passwd=\"CUAdmin5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<TelnetEntry Active=\"Yes\" telnet_username=\"Admin\" telnet_passwd=\"cxx4dm1n5591\" telnet_port=\"23\"/>\n<FtpEntry Active=\"Yes\" ftp_right=\"1\" ftp_auth=\"1\" ftp_username=\"Admin\" ftp_passwd=\"cxx4dm1n5591\" ftp_port=\"21\" />\n<SambaEntry Active=\"Yes\" smb_right=\"1\" smb_auth=\"1\" smb_username=\"Admin\" smb_passwd=\"cxx4dm1n5591\" />\n<ConsoleEntry Active=\"Yes\" console_username=\"Admin\" console_passwd=\"cxx4dm1n5591\"/>\n<CTDefParaEntry setDefValueFlag=\"1\" />\n</Account>\n<div>8.5.5 (Build:20200530.307-TEMP)</div>\n<span class=\"greyNote version\"><span class=\"vWord\">Version</span> 2023.11.3 (build 147512)</span>\n<h1>Logged in as <strong>admin</strong></h1><input type=\"hidden\" name=\"csrfmiddlewaretoken\" value=\"e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y\"><textarea id=\"3revi\" name=\"revi\" rows=\"4\" cols=\"50\">server1 Ubuntu 22.04 LTS</textarea>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n<form action=\"/login/vpnSdef\" enctype=\"multipart/form-data\" method=\"post\" name=\"login\">\n <div data-user=\"root\" data-module=\"package-updates\"></div>\n <code>The zip file did not contain an entry exportDescriptor.properties</code>\n <span class=\"form-hidden\"><input name=\"page\" value=\"login\" type=\"hidden\"/><input name=\"formulaire_action\" type=\"hidden\" value=\"login\" /><input name=\"formulaire_action_args\" type=\"hidden\" value=\"dzdNV0MzUGFDV0NHemR6bWorekNEWHY=\" /><input name=\"formulaire_action_sign\" type=\"hidden\" value=\"\" /></span>\n <message>Please enter your username and password.</message>\n <input name=\"formid\" type=\"hidden\" value=\"012afed\" />\n <input name=\"javax.faces.ViewState\" type=\"hidden\" value=\"012afed\" />\n <input name=\"queryString\" type=\"hidden\" value=\"1406192\" />\n <div class=\"versionInfo\">The Cacti Group Version 1.2.25</div>\n <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>\n <input type=\"hidden\" name=\"token\" value=\"0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec\">\n <input type='hidden' name='__csrf_magic' value=\"key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654\" />\n <input type=\"hidden\" name=\"tokenid\" value=\"1804289383\" >\n <input type=\"hidden\" name=\"name\" value=\"1804289383\" >\n <input type=\"hidden\" name=\"csrfKey\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n <input type=\"hidden\" name=\"csrf_token\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" name=\"ref\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"username_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"password_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"csrf\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"xd_check\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"give-form-id\" name=\"give-form-id\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" id=\"give-form-hash\" name=\"give-form-hash\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n <input type=\"text\" name=\"username\" label=\"Username:\" value=\"admin\" />\n <input type=\"password\" name=\"password\" label=\"Password:\" value=\"123456\" />\n <input type=\"hidden\" name=\"tgroup\" value=\"DefaultADMINGroup\" />\n <input type=\"submit\" name=\"Login\" value=\"Login\" />\n <input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n</form>\n<input type=\"hidden\" value=\"Maintain/cloud_index.php\" id=\"cloud_addr\">\n<li class=\"lisel\" onclick=\"location.href='index.php'\">\u65e5\u5fd7\u7cfb\u7edf</li>\n<li class=\"linormal\" onclick=\"location.href='Maintain/cloud_index.php'\" style=\"margin-left:1px;\">\u4e91\u5e73\u53f0</li>\n<button type=\"button\" data-price-id=True>sb</button>\n<div class=\"prod_madelName\">RT-AC5300</div>\n<div class=\"p1 title_gap\">Sign in with your ASUS router account</div>\n<tr class=\"h\"><th>PHP Group</th></tr>\n<tr><td class=\"e\">upload_tmp_dir</td><td class=\"v\">/etc/httpd/_tmp</td><td class=\"v\">/etc/httpd/_tmp</td></tr>\n<tr><td class=\"e\">$_SERVER['DOCUMENT_ROOT']</td><td class=\"v\">/mnt/HDD2/web/</td></tr>\n<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>\n<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>\n<div class=\"text\" id=\"jive-loginVersion\"> Openfire, Version: 3.6.0a</div>\n<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>\n<div id=\"mcname\">LoadMaster</div>\n<p><br/><span>\u51fa\u5382IP\uff1a192.168.1.1</span><br/><span>\u7528\u6237\u540d\u3001\u5bc6\u7801\uff1aadmin admin</span></p>\n<td colspan=\"2\">Please enter your Cacti user name and password below:</td>\n<meta id=\"confluence-context-path\" name=\"confluence-context-path\" content=\"\">\n<meta id=\"confluence-base-url\" name=\"confluence-base-url\" content=\"https://192.168.1.4\">\n<meta id=\"atlassian-token\" name=\"atlassian-token\" content=\"d78e2b977d28428e411e31b958c9c502c2425083\">\n<script id=\"frontend-js-extra\">var hashform_vars = {\"ajaxurl\":\"\\/wp-admin\\/admin-ajax.php\",\"ajax_nounce\":\"d78e2b97\",\"preview_img\":\"\"};</script>\n<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>\n<B>SonicWall Universal Management Suite v9.3</B>\n<br>OK<br>\n<script type=\"text/javascript\">var csrfMagicToken = \"sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646\";var csrfMagicName = \"__vtrftk\";</script>\n<select id=\"cars\" name=\"name\">\n<option value=\"olvo\">olvo</option>\n</select>\n<a href=\"/VICIdial/phone\">MODIFY</a>\n<input type=\"hidden\" name=\"extension\" value=\"1804289383\" >\n<input type=\"hidden\" name=\"pass\" value=\"1804289383\" >\n<input type=\"hidden\" name=\"recording_exten\" value=\"1804289383\" >\n<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>\n<input type='hidden' name='LDCSA_CSRF' value=\"sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985\" />\n<script type='text/javascript'>\n\tvar cactiVersion='1.2.27';\n\tvar cactiServerOS='unix';\n\tvar cactiAction='';\n\tvar theme='modern';\n\tvar refreshIsLogout=true;\n\tvar refreshPage='/logout.php?action=timeout';\n\tvar refreshMSeconds=1440000;\n\tvar urlPath='/';\n\tvar previousPage='';\n\tvar sessionMessage=[];\n\tvar csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';\n</script>\n\n<!--\n<Username Level=\"40/40\" Dispatch=\"account\">admin</Username><User1><Password Level=\"40/40\" Dispatch=\"account\">admin</Password></User1>\n/var/pinglog\n<TITLE>Login</TITLE>\n<a href=\"jpg.html\">LIVE JPEG</a><br>\n<a href=\"liveie.html\">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>\n<a href=\"DVRRemoteAP.exe\">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVRRemoteAP_X64.exe\">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVFPlayer.zip\">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>\n<\\?xml version=\"1.0\" encoding=\"utf-8\"?><base64Binary xmlns=\"http://micros-hosting.com/EGateway/\">\nLocation: /admin\n<meta name=\"generator\" content=\"vBulletin 5.5.4\" />\nLocation: http://<ip>:80/relogin.htm?_t=3541144909\nLocation: http://<ip>:80/syscmd.htm\" Location: /ui/login\n/cgi-bin/webctrl.cgi?action=index_page\nPDR-M800\nfunction btnPing()\n<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF=\"http://<ip>:80/relogin.htm?_t=179439949\">here</A></BODY></HTML>\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_shortcut.png\">\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_logo.png\">\n<td class=\"Copyright\" colspan=\"2\" style=\"text-align:justify\" height=\"20\" valign=\"bottom\">\u00a9 2017 Cisco Systems, Inc. All Rights Reserved.\n<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered\ntrademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates\nin the United States and certain other countries.\n</td>\n:\n#\n>\n$\nSSH key is good\nis not a valid ref and may not be archived\npcPassword2\n'&sessionKey=790148060;'\nname=\"sessionKey\" value=\"790148060\"\nSet-Cookie: loginName=admin\nvar fgt_lang = /dev/cmdb/sslvpn_websession\nphp 8.1.0-dev exit\nspringframework\nTomcat\nDEVICE.ACCOUNT=admin\nAUTHORIZED_GROUP=1\n<uid></uid>\n<name>Admin</name>\n<usrid></usrid>\n<password>admin</password>\n<group></group>\ncpto /tmp/\"root\"\nModel=AC1450\r\nFirmware=V1.0.0.36_10.0.17\r\n\"exceptionMessageValue\":\"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found.\"\nBIG-IP release 15.0.0\nuser:root\n12345admin123'\nFailed to process image\n\nLocation: http://192.168.0.1:52869/picsdesc.xml\nYou don't have permission to access /vpns/ on this server.\n[global]\n workgroup = intranet\n encrypt passwords = Yes\n update encrypted = Yes\n\nfuncionando\nsystem_sofia\nname resolve order\nInfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo\n<b>File Uploaded !!!</b><br>\nant=951d11e51392117311602d0c25435d7f\n38ee63071a04dc5e04ed22624c38e648\n6f3249aa304055d63828af3bfab778f6\n<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>\n[local]\n tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGUwY2I2ZWQwM2JhMzg0ZTJmYWMyMzkwYj09\n addr = <ip>\n\"Powered by vBulletin Version 5.5.4\"\n789551\nLinear eMerge\nSuperSign\nubiq\nYacht\nZeroshell\nFastWeb\nAuthInfo:\nloadingIndicator_bk\nZyxel\nskyrouter\nWAP54\norg.apache.spark.ui\n\n\n\nID: \"00af\", version: \"7.7.31.1\", AddItem: function (a, item, c) {}\n<insert implant configuration content here>\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api\nCopyright (c) 2015-2020 by Cisco Systems, Inc.\nAll rights reserved.\nSSL VPN Service\nwsConvertPptResponse\n<input id=\"txtUserName\" class=\"txt-input\" type=\"text\" name=\"userName\" value=\"\" />\n<input id=\"txtPassword\" class=\"txt-input\" type=\"password\" name=\"password\" value=\"\" />\n<button id=\"btnLogin\" lc=\"html\" lk=\"IDCS_LOGIN_NBSP\">\n<span lc=\"html\" lk=\"IDCS_BS_PLUGIN_DOWNLOAD\" style=\"line-height: 30px; vertical-align: top;\"></span>\n<script src=\"../Scripts/login.htm.js?v={JS_CSS_V}\" type=\"text/javascript\"></script>\n<LegacyDN>eD2bxe4</LegacyDN>\n<title class=\"_ctxstxt_NetscalerGateway\">\nSAML Assertion verification failed; Please contact your administrator\nv=2b46554c087d2d5516559e9b8bc1875d\n/vpn/images/AccessGateway.ico\nframe-busting\n/vpn/js/logout_view.js?v=\n_ctxstxt_NetscalerAAA\nlib.min20200813.js\n401 Unauthorized Basic realm=\nsName='1';onTest(this);\nvar passadm = \"admin\";\nOPMODE_BRIDGE\ndocument.all.cmd_result\n<input id=\"key\" type=\"text\" style=\"width: 200px\" value=\"02108CB9-2200D5A4\">\n<input id=\"date\" type=\"text\" style=\"width: 200px\" value=\"12/25/2023\">\nmain page cgi-bin/login.cgi\nvar sessionKey='030ff030ff88';\nloc += '&sessionKey=19dec20030ff8dcb2';\n}\n\nvar code = 'location=\"' + loc + '\"';\n\nPassword change successful\nJ2100N GPON ONT\n/cgi-bin/webui/admin\nsesskey\nname=admin pass=123 priv=ppp\nservice=www.dlinkddns.com\nsysCmdType\nContent-Type: auth/request\n\n\nContent-Type: command/reply\n\nReply-Text: +OK accepted\n\n\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)\n007b2000-007c1000 rw-p 00000000 00:00 0\nSize: 60 kB\nRss: 52 kB\nPss: 52 kB\nShared_Clean: 0 kB\nShared_Dirty: 0 kB\nPrivate_Clean: 0 kB\nPrivate_Dirty: 52 kB\nReferenced: 52 kB\nAnonymous: 52 kB\nAnonHugePages: 0 kB\nSwap: 8 kB\nKernelPageSize: 4 kB\nMMUPageSize: 4 kB\n009b1000-009b8000 rwxp ", "datamd5" : "b2eddb590b1250db325c05f47eba7001", "datammh3" : -2073981467, "device" : { "class" : "<enterprise field>: device.class" }, "geolocus" : { "asn" : "AS37963", "continent" : "AS", "continentname" : "Asia", "country" : "CN", "countryname" : "China", "domain" : [ "alibaba-inc.com", "cnnic.cn" ], "isineu" : "false", "latitude" : "35.86166", "location" : "35.86166,104.195397", "longitude" : "104.195397", "netname" : "ALISOFT", "organization" : "Hangzhou Alibaba Advertising Co.,Ltd.", "subnet" : "47.92.0.0/14" }, "ip" : "47.92.207.62", "ipv6" : "false", "latitude" : "39.9110", "location" : "39.9110,116.3950", "longitude" : "116.3950", "node" : { "country" : "<enterprise field>: node.country", "groupid" : "<enterprise field>: node.groupid", "id" : "<enterprise field>: node.id", "physicalcountry" : "<enterprise field>: node.physicalcountry" }, "organization" : "Hangzhou Alibaba Advertising Co.,Ltd.", "os" : "Linux", "osdistribution" : "sUse", "osvendor" : "Linux", "port" : 563, "protocol" : "http", "protocolversion" : "1.1", "reason" : "Unauthorized", "seen_date" : "2024-11-07", "source" : "datascan", "status" : 401, "subnet" : "47.92.0.0/14", "tag" : "<enterprise field>: tag", "tls" : "false", "transport" : "tcp", "url" : "/" }
