ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 10 result(s) out of 10,191 in 1.364 second(s)

  • 172.232.186.145:7549 (tcp/http) - last seen on 2024-11-07 at 05:47:34 UTC

    • IP
      172.232.186.145
      Network
      172.232.128.0/17
      Domain(s)
      linodeusercontent.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Amazon
      URL

      http://172.232.186.145:7549/ 200

      HTTP Title
      403 Forbidden
      Reverse DNS
      172-232-186-145.ip.linodeusercontent.com
      ASN
      AS63949
      Organization
      Akamai Connected Cloud
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Amazon
      Product
      Apache HTTP Server 2.4.51
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      e9eac9f29275d7dc5dea0f94c0b4d7a8
      HTTP Header MD5
      7e3d015c2abade58b943a39c2d0bdd0b
      HTTP Body MD5
      b862e0efdbe90eab898e8a03cfb7c4f1 
    • HTTP/1.1 200 OK
content-type: text/html; charset=iso-8859-1
content-length: 198
set-cookie: AWSALB=LSxThzlJBoPF2Mq1LylTR6m8WonSBmsIXB6Pmi318P0uejBB4XsSc/3HUfEEHRCwTkCxMVlo0I2kkgZFmlajTwoU3MXUIqow/9S6TkAViqxn9i1ZWW6vPcidQa9y; Expires=Wed, 09 Nov 2022 18:08:32 GMT; Path=/
server: Apache/2.4.51 (Amazon)
connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access this resource.</p>
</body></html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:47:34.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "b862e0efdbe90eab898e8a03cfb7c4f1",
         "bodymmh3" : -1944716773,
         "headermd5" : "7e3d015c2abade58b943a39c2d0bdd0b",
         "headermmh3" : -1730528709,
         "title" : "403 Forbidden"
      },
      "length" : 526
   },
   "asn" : "AS63949",
   "city" : "Tukwila",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\ncontent-type: text/html; charset=iso-8859-1\r\ncontent-length: 198\r\nset-cookie: AWSALB=LSxThzlJBoPF2Mq1LylTR6m8WonSBmsIXB6Pmi318P0uejBB4XsSc/3HUfEEHRCwTkCxMVlo0I2kkgZFmlajTwoU3MXUIqow/9S6TkAViqxn9i1ZWW6vPcidQa9y; Expires=Wed, 09 Nov 2022 18:08:32 GMT; Path=/\r\nserver: Apache/2.4.51 (Amazon)\r\nconnection: close\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>403 Forbidden</title>\n</head><body>\n<h1>Forbidden</h1>\n<p>You don't have permission to access this resource.</p>\n</body></html>",
   "datamd5" : "e9eac9f29275d7dc5dea0f94c0b4d7a8",
   "datammh3" : 1201246885,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "linodeusercontent.com"
   ],
   "geolocus" : {
      "asn" : "AS63949",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "akamai.com",
         "linode.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "LINODE",
      "organization" : "Linode",
      "subnet" : "172.232.160.0/19"
   },
   "host" : [
      "172-232-186-145"
   ],
   "hostname" : [
      "172-232-186-145.ip.linodeusercontent.com"
   ],
   "ip" : "172.232.186.145",
   "ipv6" : "false",
   "latitude" : "47.4775",
   "location" : "47.4775,-122.2589",
   "longitude" : "-122.2589",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Akamai Connected Cloud",
   "os" : "Linux",
   "osdistribution" : "Amazon",
   "osvendor" : "Linux",
   "port" : 7549,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.51",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "172-232-186-145.ip.linodeusercontent.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "ip.linodeusercontent.com"
   ],
   "subnet" : "172.232.128.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 49.48.60.161:7549 (tcp/http) - last seen on 2024-11-07 at 05:47:03 UTC

    • IP
      49.48.60.161
      Network
      49.48.0.0/15
      Domain(s)
      3bb.in.th
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux 2
      URL

      http://49.48.60.161:7549/ 200

      HTTP Title
      Remote Surveillance, Any time &amp; Any where
      Reverse DNS
      mx-ll-49.48.60-161.dynamic.3bb.in.th
      ASN
      AS45758
      Organization
      Triple T Broadband Public Company Limited
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux 2
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      97fc3fec8a97ccca4188f7f67e4556e2
      HTTP Header MD5
      15514d09ab3a6e41ccb6a3bff154ef8a
      HTTP Body MD5
      ef58cb59a6c6a6c05dc86ebd15a798cf 
    • HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 12:49:03 GMT
Server: Linux/2.x UPnP/1.0 Avtech/1.0
Connection: close
Last-Modified: Tue, 26 Nov 2019 08:30:42 GMT
Content-Type: text/html
ETag: 227-54171-1574757042
Content-Length: 54171

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<link rel="icon" href="/nobody/favicon.ico" type="image/vnd.microsoft.icon" />
<link rel="shortcut icon" href="/nobody/favicon.ico" type="image/vnd.microsoft.icon" />
<link rel="bookmark" href="/nobody/favicon.ico" type="image/vnd.microsoft.icon" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="googlebot" content="nosnippet">
<meta name="robots" content="noarchive">
<title>Remote Surveillance, Any time &amp; Any where</title>
<style>

body {
	margin-left: 0px;
	margin-top: 0px;
	margin-right: 0px;
	margin-bottom: 0px;
	font-family: "Century Gothic";
	color: #fff;
	font-size: 19px;
	background-color: #333;
	
}

.BOX1 {
	position:absolute;
	left:50%;
	top:50%;
	margin-top:-225px;
	margin-left:-360px;
	visibility: visible;
}

.BOX2 {
	background-color: #333;
	color: #fff;
	text-align: center;
	padding: 12px;
	width: 100%;
	overflow: auto;
	height: auto;
	position: fixed;
	bottom: 0px;
}

a:hover {
	font-size: 100%;
	text-decoration: underline;
	font-weight: bold;
}

.input {
	font-family: "Century Gothic";
	color: #666;
	background-color: #F0F0F0;
	margin: 1px;
	padding: 6px;
	border-top-style: none;
	border-right-style: none;
	border-bottom-style: none;
	border-left-style: none;
	width: 85px;
	font-size: 14px;
	}

.button {
	font-family: "Century Gothic";
	color: #FFFFFF;
	background-color: #0CF;
	padding: 6px;
	text-align: center;
	width: 170px;
	border: 1px inset #09F;
	border-radius: 28px;
	font-size: 14px;
	}

.input_osg {
	font-family: "Century Gothic";
	color: #666;
	background-color: #F0F0F0;
	height: 20px;
	margin: 1px;
	padding: 6px;
	text-align: center;
	width: 72px;
	font-size: 15px;
	border-top-style: none;
	border-right-style: none;
	border-bottom-style: none;
	border-left-style: none;
	}


.button_osg {
  font-family: Century Gothic;
  width: 300px;
  background: #3498db;
  border: 1px inset #3498db;
  border-radius: 28px;
  color: #ffffff;
  font-size: 15px;
  padding: 6px;
}

.button_osg:hover {
  background: #3cb0fd;
  border: 1px inset #3cb0fd;
}

.font_note {
	font-size: 13px;
}

.round{
	border-collapse: separate;
	border: 0px solid #333333;
	background-color: #F0F0F0;
	border-radius: 28px;
}

</style>
<script language="JavaScript">
//Kelvin++ 2014-08-07 check is it opening from EZ server, then auto-login use ez.htm
if(document.URL.indexOf("?a=") > 0){
	location.href="/nobody/aplogin.htm?parameter="+Base64.encode(document.URL.split("?")[1])+"&InitPath=EZ_LOGIN"+"&rnd="+Math.random();
}
/* ========== loginDevice.js ========== */
function getCookie(c_name){
	if (document.cookie.length>0){
		c_start=document.cookie.indexOf(c_name + "=");
		if (c_start!=-1){ 
			c_start=c_start + c_name.length+1; 
			c_end=document.cookie.indexOf(";",c_start);
			if (c_end==-1) c_end=document.cookie.length;
			return unescape(document.cookie.substring(c_start,c_end));
		} 
	}
	return "";
}

function setCookie(c_name,value,expiredays){
	var exdate=new Date();
	exdate.setDate(exdate.getDate()+expiredays);
	document.cookie=c_name+ "=" +escape(value)+((expiredays==null) ? "" : ";expires="+exdate.toGMTString());
}

function delCookie(name){
	var exp = new Date();
	exp.setTime(exp.getTime() - 1);
	var cval = getCookie(name);
	if(cval != null)
		document.cookie = name + "="+cval+";expires="+exp.toGMTString();
}

function getURL(){
	var a = document.URL.split("//");
	a = (a[1] ? a[1] : a[0]).split("/"); 
	return a[0];
}

function getPort(){
	urlArr = getURL().split(":");
	if(urlArr.length == 1)
		return "80";
	else
		return urlArr[1];
}

var w = window.screen.availWidth;

if(getCookie("ViewMode")!="Classic"){
	if(w <= 800){//mobile screen width < 800
		if(w > 320)
			location.href="/nobody/mobile480.htm?Login=Captcha";
		else if(w <= 240)
			location.href="/nobody/mobile240.htm?Login=Captcha";
		else
			location.href="/nobody/mobile.htm?Login=Captcha";
	}
}

//no use
function isMobileBrowser(){
	var u = navigator.userAgent.toLowerCase();
	
	if(u.indexOf("midp") != -1)
		return true;
	else if(u.indexOf("mobile") != -1)
		return true;
	else if(u.indexOf("iphone") != -1 || u.indexOf("ipod") != -1)
		return true;
	else if(u.indexOf("series60") != -1 || u.indexOf("symbian") != -1)
		return true;
	else if(u.indexOf("blackberry") != -1)
		return true;
	else if(u.indexOf("android") != -1)
		return true;
	else if(u.indexOf("windows ce") != -1 || u.indexOf("windows phone") != -1)
		return true;
	else if(u.indexOf("htc") != -1 || u.indexOf("hd2_") != -1)
		return true;
	else if(u.indexOf("palm") != -1)
		return true;
	else
		return false;
}

/* ========== webtoolkit.base64.js ========== */
var Base64={_keyStr:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",encode:function(c){var a="";var k,h,f,j,g,e,d;var b=0;c=Base64._utf8_encode(c);while(b<c.length){k=c.charCodeAt(b++);h=c.charCodeAt(b++);f=c.charCodeAt(b++);j=k>>2;g=((k&3)<<4)|(h>>4);e=((h&15)<<2)|(f>>6);d=f&63;if(isNaN(h)){e=d=64}else{if(isNaN(f)){d=64}}a=a+this._keyStr.charAt(j)+this._keyStr.charAt(g)+this._keyStr.charAt(e)+this._keyStr.charAt(d)}return a},decode:function(c){var a="";var k,h,f;var j,g,e,d;var b=0;c=c.replace(/[^A-Za-z0-9\+\/\=]/g,"");while(b<c.length){j=this._keyStr.indexOf(c.charAt(b++));g=this._keyStr.indexOf(c.charAt(b++));e=this._keyStr.indexOf(c.charAt(b++));d=this._keyStr.indexOf(c.charAt(b++));k=(j<<2)|(g>>4);h=((g&15)<<4)|(e>>2);f=((e&3)<<6)|d;a=a+String.fromCharCode(k);if(e!=64){a=a+String.fromCharCode(h)}if(d!=64){a=a+String.fromCharCode(f)}}a=Base64._utf8_decode(a);return a},_utf8_encode:function(b){b=b.replace(/\r\n/g,"\n");var a="";for(var e=0;e<b.length;e++){var d=b.charCodeAt(e);if(d<128){a+=String.fromCharCode(d)}else{if((d>127)&&(d<2048)){a+=String.fromCharCode((d>>6)|192);a+=String.fromCharCode((d&63)|128)}else{a+=String.fromCharCode((d>>12)|224);a+=String.fromCharCode(((d>>6)&63)|128);a+=String.fromCharCode((d&63)|128)}}}return a},_utf8_decode:function(a){var b="";var d=0;var e=c1=c2=0;while(d<a.length){e=a.charCodeAt(d);if(e<128){b+=String.fromCharCode(e);d++}else{if((e>191)&&(e<224)){c2=a.charCodeAt(d+1);b+=String.fromCharCode(((e&31)<<6)|(c2&63));d+=2}else{c2=a.charCodeAt(d+1);c3=a.charCodeAt(d+2);b+=String.fromCharCode(((e&15)<<12)|((c2&63)<<6)|(c3&63));d+=3}}}return b}};

/* ========== login.js ========== */
var ff;
var CheckOnlySupportIE = false;
var DVR_ONLY_SUPPORT_IE = "_042_082_162_046_";
var isIEBrowser = false;

if ((navigator.appName == "Microsoft Internet Explorer") && (navigator.platform != "MacPPC") && (navigator.platform != "Mac68k")) {
  isIEBrowser = true;
}

/* disabled backspace key */
if(typeof window.event != 'undefined'){
	document.onkeydown = function(){if(event.srcElement.tagName.toUpperCase() != 'INPUT'){return (event.keyCode != 8);}}
}else{
	document.onkeypress = function(e){if(e.target.nodeName.toUpperCase() != 'INPUT'){return (e.keyCode != 8);}}
}

function init(){
	ff = document.myForm;
	ff.Username.value = "";
	ff.Password.value = "";
	/*
	setTimeout("getCaptchaImg()", 1000);
	
	document.body.style.display = "none";
	var NW = getCookie(idURL+"NW");
	if(NW != "" && NW != null){
		var aaa = Base64.decode(NW).split(":");
		ff.Username.value = aaa[0];
		ff.Password.value = aaa[1];
		if(getCookie(idURL+"StaySign") == "1"){
			document.getElementById("StaySignedIn").checked = true;
			if(getCookie(idURL+"StaySignErr") != "1"){
				delCookie("captcha");
				check();
			}else{
				delCookie(idURL+"StaySignErr");
				document.body.style.display = "block";
				ff.Password.value = "";
				ff.Password.focus();
			}
		}else{
			document.getElementById("StaySignedIn").checked = false;
			document.body.style.display = "block";
		}
	}else{
		document.body.style.display = "block";
	}
	*/
	ff.Username.focus();
}

function getCaptchaImg(){
	document.getElementById("Captcha").src = "/cgi-bin/nobody/Captcha.cgi?action=get&image=login_bmp";
}

function goCheck(e){
	if(window.event && e.keyCode ==13) //IE
		check(); 
	else if(e.which == 13) // Netscape/Firefox/Opera
		check();
}

function ToUpperCase(obj){
	obj.value = obj.value.toUpperCase();
}

function check(){
	if(!ff){return false;}
	
	document.cookie = "x=1";
	if (document.cookie.indexOf("x=")==-1){
		document.body.style.display = "block";
		alert("Browser Cookie not supported.");
		frmReload();
		return false;
	}
	var actionStr = "/cgi-bin/nobody/VerifyCode.cgi"
	actionStr += "?account="+Base64.encode(ff.Username.value+":"+ff.Password.value);
	//actionStr += "&captcha_code="+ff.CaptchaCode.value.toUpperCase();
	//actionStr += "&verify_code="+getCookie("captcha");
	actionStr += "&rnd="+Math.random();
	var httpObj = createHttpRequestObj();
	httpObj.onreadystatechange = function(){
		if (httpObj.readyState == 4 && httpObj.status == 200){
			var objStr    = new Object();
			objStr.strSrc = httpObj.responseText;
			tmpStr = objStr.strSrc.split("\n");
			if (tmpStr[1] == "OK"){
				//if(document.getElementById("StaySignedIn").checked)
				//	setLastUserSignIn();
				//setCookie("brokenhdd", "");
				setCookie("LifeTime", "");
				//setCookie("ReloWebTime", 0);
				location.href="/index.htm";
			}else{
				//setCookie(idURL+"StaySignErr", "1");
				//document.body.style.display = "block";
				alert(tmpStr[1]);
				frmReload();
			}
		}
	};
	httpObj.open("get", actionStr, true);
	httpObj.send(null);
	return false;
}

var idURL = getURL()+":"+getPort();
function setLastUserSignIn(){
	setCookie(idURL+"NW", Base64.encode(ff.Username.value+":"+ff.Password.value), 30);
	setCookie(idURL+"StaySign", (document.getElementById("StaySignedIn").checked)?"1":"0", 30);
	setCookie(idURL+"StaySignErr", "0");
}

function getUserLevel(){
	var httpObj = createHttpRequestObj();
	requestData = "/cgi-bin/guest/Login.cgi?rnd="+Math.random();
	httpObj.onreadystatechange = function(){
		if (httpObj.readyState == 4 && httpObj.status == 200){
			var objStr    = new Object();
			objStr.strSrc = httpObj.responseText;
			
			if (CheckOnlySupportIE && GetCgiParam(objStr, "Product-ID-Minor=") == 1){
				var pid = objStr.strGet;
				var pidc = "_"+pid+"_";
				if(!isIEBrowser && DVR_ONLY_SUPPORT_IE.indexOf(pidc) != -1){
					//alert("This machine is not supported, please visit 'www.avtech.com.tw' for more details.");
					if(confirm("This machine is not supported.\nDo you want to get more details?")){
						location.href = "http://www.eagleeyescctv.com/jump/dvr.htm";
					}
					return false;
				}
			}
			
			if (GetCgiParam(objStr, "User-Level=") == 1){
				setCookie("LifeTime", "");
				setCookie("ReloWebTime", 0);
				if(objStr.strGet == "SUPERVISOR")
					location.href="/index.htm";
				else
					location.href="/index.htm";
			}else{alert('Login Failed.');}
		}
	};
	httpObj.open("get", requestData, true);
	httpObj.send(null);
}

function frmReload(){
	ff.Username.value="";
	ff.Password.value="";
	//ff.CaptchaCode.value="";
	location.reload();
}

function createHttpRequestObj(){
	var XMLhttpObject = null;
	try {XMLhttpObject = new XMLHttpRequest();}
	catch(e){
		try {XMLhttpObject = new ActiveXObject("Msxml2.XMLHTTP");}
		catch(e){
			try {XMLhttpObject = new ActiveXObject("Microsoft.XMLHTTP");}
			catch(e) {return null;}
		}
	}
	return XMLhttpObject;
}

function GetCgiParam(objStr, strSearch){
	var curr_pos;var result;
	objStr.strSearch=strSearch;
	objStr.curr_pos=0;
	do{
		result = 1;
		curr_pos = objStr.strSrc.indexOf(objStr.strSearch, objStr.curr_pos);
		if (curr_pos < 0){
			result = 0;
			break;
		}
		objStr.curr_pos = curr_pos + objStr.strSearch.length;
		curr_pos = objStr.strSrc.indexOf('\n', objStr.curr_pos);
		if (curr_pos < 0){
			if (objStr.curr_pos < objStr.strSrc.length){
				objStr.strGet 	= objStr.strSrc.substring(objStr.curr_pos, objStr.strSrc.length);
				objStr.curr_pos = curr_pos;	
				break;
			}
			result = 0;
			break;
		}
		objStr.strGet 	= objStr.strSrc.substring(objStr.curr_pos, curr_pos);
		objStr.curr_pos = curr_pos;
	} while(0);
	return result;
}

function goMobile(){
	setCookie("ViewMode", "Mobile");
	var w = window.screen.availWidth;
	//alert(w);
	if(w > 320)
		location.href="/nobody/mobile480.htm?Login=Captcha";
	else if(w <= 240)
		location.href="/nobody/mobile240.htm?Login=Captcha";
	else
		location.href="/nobody/mobile.htm?Login=Captcha";
}
</script>
</head>
<body onload="init()">
	<div class="BOX1">
		<table border="0" cellspacing="0" cellpadding="0">
			<tr>
				<td valign="middle"><img width="300" height="90" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAASwAAABaCAYAAAACcWsdAAAACXBIWXMAAAsTAAALEwEAmpwYAAAKTWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAHjanVN3WJP3Fj7f92UPVkLY8LGXbIEAIiOsCMgQWaIQkgBhhBASQMWFiApWFBURnEhVxILVCkidiOKgKLhnQYqIWotVXDjuH9yntX167+3t+9f7vOec5/zOec8PgBESJpHmomoAOVKFPDrYH49PSMTJvYACFUjgBCAQ5svCZwXFAADwA3l4fnSwP/wBr28AAgBw1S4kEsfh/4O6UCZXACCRAOAiEucLAZBSAMguVMgUAMgYALBTs2QKAJQAAGx5fEIiAKoNAOz0ST4FANipk9wXANiiHKkIAI0BAJkoRyQCQLsAYFWBUiwCwMIAoKxAIi4EwK4BgFm2MkcCgL0FAHaOWJAPQGAAgJlCLMwAIDgCAEMeE80DIEwDoDDSv+CpX3CFuEgBAMDLlc2XS9IzFLiV0Bp38vDg4iHiwmyxQmEXKRBmCeQinJebIxNI5wNMzgwAABr50cH+OD+Q5+bk4eZm52zv9MWi/mvwbyI+IfHf/ryMAgQAEE7P79pf5eXWA3DHAbB1v2upWwDaVgBo3/ldM9sJoFoK0Hr5i3k4/EAenqFQyDwdHAoLC+0lYqG9MOOLPv8z4W/gi372/EAe/tt68ABxmkCZrcCjg/1xYW52rlKO58sEQjFu9+cj/seFf/2OKdHiNLFcLBWK8ViJuFAiTcd5uVKRRCHJleIS6X8y8R+W/QmTdw0ArIZPwE62B7XLbMB+7gECiw5Y0nYAQH7zLYwaC5EAEGc0Mnn3AACTv/mPQCsBAM2XpOMAALzoGFyolBdMxggAAESggSqwQQcMwRSswA6cwR28wBcCYQZEQAwkwDwQQgbkgBwKoRiWQRlUwDrYBLWwAxqgEZrhELTBMTgN5+ASXIHrcBcGYBiewhi8hgkEQcgIE2EhOogRYo7YIs4IF5mOBCJhSDSSgKQg6YgUUSLFyHKkAqlCapFdSCPyLXIUOY1cQPqQ28ggMor8irxHMZSBslED1AJ1QLmoHxqKxqBz0XQ0D12AlqJr0Rq0Hj2AtqKn0UvodXQAfYqOY4DRMQ5mjNlhXIyHRWCJWBomxxZj5Vg1Vo81Yx1YN3YVG8CeYe8IJAKLgBPsCF6EEMJsgpCQR1hMWEOoJewjtBK6CFcJg4Qxwicik6hPtCV6EvnEeGI6sZBYRqwm7iEeIZ4lXicOE1+TSCQOyZLkTgohJZAySQtJa0jbSC2kU6Q+0hBpnEwm65Btyd7kCLKArCCXkbeQD5BPkvvJw+S3FDrFiOJMCaIkUqSUEko1ZT/lBKWfMkKZoKpRzame1AiqiDqfWkltoHZQL1OHqRM0dZolzZsWQ8ukLaPV0JppZ2n3aC/pdLoJ3YMeRZfQl9Jr6Afp5+mD9HcMDYYNg8dIYigZaxl7GacYtxkvmUymBdOXmchUMNcyG5lnmA+Yb1VYKvYqfBWRyhKVOpVWlX6V56pUVXNVP9V5qgtUq1UPq15WfaZGVbNQ46kJ1Bar1akdVbupNq7OUndSj1DPUV+jvl/9gvpjDbKGhUaghkijVGO3xhmNIRbGMmXxWELWclYD6yxrmE1iW7L57Ex2Bfsbdi97TFNDc6pmrGaRZp3mcc0BDsax4PA52ZxKziHODc57LQMtPy2x1mqtZq1+rTfaetq+2mLtcu0W7eva73VwnUCdLJ31Om0693UJuja6UbqFutt1z+o+02PreekJ9cr1Dund0Uf1bfSj9Rfq79bv0R83MDQINpAZbDE4Y/DMkGPoa5hpuNHwhOGoEctoupHEaKPRSaMnuCbuh2fjNXgXPmasbxxirDTeZdxrPGFiaTLbpMSkxeS+Kc2Ua5pmutG003TMzMgs3KzYrMnsjjnVnGueYb7ZvNv8jYWlRZzFSos2i8eW2pZ8ywWWTZb3rJhWPlZ5VvVW16xJ1lzrLOtt1ldsUBtXmwybOpvLtqitm63Edptt3xTiFI8p0in1U27aMez87ArsmuwG7Tn2YfYl9m32zx3MHBId1jt0O3xydHXMdmxwvOuk4TTDqcSpw+lXZxtnoXOd8zUXpkuQyxKXdpcXU22niqdun3rLleUa7rrStdP1o5u7m9yt2W3U3cw9xX2r+00umxvJXcM970H08PdY4nHM452nm6fC85DnL152Xlle+70eT7OcJp7WMG3I28Rb4L3Le2A6Pj1l+s7pAz7GPgKfep+Hvqa+It89viN+1n6Zfgf8nvs7+sv9j/i/4XnyFvFOBWABwQHlAb2BGoGzA2sDHwSZBKUHNQWNBbsGLww+FUIMCQ1ZH3KTb8AX8hv5YzPcZyya0RXKCJ0VWhv6MMwmTB7WEY6GzwjfEH5vpvlM6cy2CIjgR2yIuB9pGZkX+X0UKSoyqi7qUbRTdHF09yzWrORZ+2e9jvGPqYy5O9tqtnJ2Z6xqbFJsY+ybuIC4qriBeIf4RfGXEnQTJAntieTE2MQ9ieNzAudsmjOc5JpUlnRjruXcorkX5unOy553PFk1WZB8OIWYEpeyP+WDIEJQLxhP5aduTR0T8oSbhU9FvqKNolGxt7hKPJLmnVaV9jjdO31D+miGT0Z1xjMJT1IreZEZkrkj801WRNberM/ZcdktOZSclJyjUg1plrQr1zC3KLdPZisrkw3keeZtyhuTh8r35CP5c/PbFWyFTNGjtFKuUA4WTC+oK3hbGFt4uEi9SFrUM99m/ur5IwuCFny9kLBQuLCz2Lh4WfHgIr9FuxYji1MXdy4xXVK6ZHhp8NJ9y2jLspb9UOJYUlXyannc8o5Sg9KlpUMrglc0lamUycturvRauWMVYZVkVe9ql9VbVn8qF5VfrHCsqK74sEa45uJXTl/VfPV5bdra3kq3yu3rSOuk626s91m/r0q9akHV0IbwDa0b8Y3lG19tSt50oXpq9Y7NtM3KzQM1YTXtW8y2rNvyoTaj9nqdf13LVv2tq7e+2Sba1r/dd3vzDoMdFTve75TsvLUreFdrvUV99W7S7oLdjxpiG7q/5n7duEd3T8Wej3ulewf2Re/ranRvbNyvv7+yCW1SNo0eSDpw5ZuAb9qb7Zp3tXBaKg7CQeXBJ9+mfHvjUOihzsPcw83fmX+39QjrSHkr0jq/
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:47:03.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "eagleeyescctv.com",
            "w3.org"
         ],
         "file" : [
            "verifycode.cgi"
         ],
         "hostname" : [
            "www.eagleeyescctv.com",
            "www.w3.org"
         ],
         "url" : [
            "http://www.eagleeyescctv.com/jump/dvr.htm",
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"
         ]
      },
      "favicon" : {
         "url" : "/nobody/favicon.ico"
      },
      "http" : {
         "bodymd5" : "ef58cb59a6c6a6c05dc86ebd15a798cf",
         "bodymmh3" : 210328465,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Tue, 26 Nov 2019 08:30:42 GMT"
            },
            {
               "value" : "227-54171-1574757042",
               "name" : "ETag"
            }
         ],
         "headermd5" : "15514d09ab3a6e41ccb6a3bff154ef8a",
         "headermmh3" : 1641137476,
         "title" : "Remote Surveillance, Any time &amp; Any where"
      },
      "length" : 16384
   },
   "asn" : "AS45758",
   "city" : "Bang Lamung",
   "country" : "TH",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 12:49:03 GMT\r\nServer: Linux/2.x UPnP/1.0 Avtech/1.0\r\nConnection: close\r\nLast-Modified: Tue, 26 Nov 2019 08:30:42 GMT\r\nContent-Type: text/html\r\nETag: 227-54171-1574757042\r\nContent-Length: 54171\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<link rel=\"icon\" href=\"/nobody/favicon.ico\" type=\"image/vnd.microsoft.icon\" />\r\n<link rel=\"shortcut icon\" href=\"/nobody/favicon.ico\" type=\"image/vnd.microsoft.icon\" />\r\n<link rel=\"bookmark\" href=\"/nobody/favicon.ico\" type=\"image/vnd.microsoft.icon\" />\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\r\n<meta name=\"googlebot\" content=\"nosnippet\">\r\n<meta name=\"robots\" content=\"noarchive\">\r\n<title>Remote Surveillance, Any time &amp; Any where</title>\r\n<style>\r\n\r\nbody {\r\n\tmargin-left: 0px;\r\n\tmargin-top: 0px;\r\n\tmargin-right: 0px;\r\n\tmargin-bottom: 0px;\r\n\tfont-family: \"Century Gothic\";\r\n\tcolor: #fff;\r\n\tfont-size: 19px;\r\n\tbackground-color: #333;\r\n\t\r\n}\r\n\r\n.BOX1 {\r\n\tposition:absolute;\r\n\tleft:50%;\r\n\ttop:50%;\r\n\tmargin-top:-225px;\r\n\tmargin-left:-360px;\r\n\tvisibility: visible;\r\n}\r\n\r\n.BOX2 {\r\n\tbackground-color: #333;\r\n\tcolor: #fff;\r\n\ttext-align: center;\r\n\tpadding: 12px;\r\n\twidth: 100%;\r\n\toverflow: auto;\r\n\theight: auto;\r\n\tposition: fixed;\r\n\tbottom: 0px;\r\n}\r\n\r\na:hover {\r\n\tfont-size: 100%;\r\n\ttext-decoration: underline;\r\n\tfont-weight: bold;\r\n}\r\n\r\n.input {\r\n\tfont-family: \"Century Gothic\";\r\n\tcolor: #666;\r\n\tbackground-color: #F0F0F0;\r\n\tmargin: 1px;\r\n\tpadding: 6px;\r\n\tborder-top-style: none;\r\n\tborder-right-style: none;\r\n\tborder-bottom-style: none;\r\n\tborder-left-style: none;\r\n\twidth: 85px;\r\n\tfont-size: 14px;\r\n\t}\r\n\r\n.button {\r\n\tfont-family: \"Century Gothic\";\r\n\tcolor: #FFFFFF;\r\n\tbackground-color: #0CF;\r\n\tpadding: 6px;\r\n\ttext-align: center;\r\n\twidth: 170px;\r\n\tborder: 1px inset #09F;\r\n\tborder-radius: 28px;\r\n\tfont-size: 14px;\r\n\t}\r\n\r\n.input_osg {\r\n\tfont-family: \"Century Gothic\";\r\n\tcolor: #666;\r\n\tbackground-color: #F0F0F0;\r\n\theight: 20px;\r\n\tmargin: 1px;\r\n\tpadding: 6px;\r\n\ttext-align: center;\r\n\twidth: 72px;\r\n\tfont-size: 15px;\r\n\tborder-top-style: none;\r\n\tborder-right-style: none;\r\n\tborder-bottom-style: none;\r\n\tborder-left-style: none;\r\n\t}\r\n\r\n\r\n.button_osg {\r\n  font-family: Century Gothic;\r\n  width: 300px;\r\n  background: #3498db;\r\n  border: 1px inset #3498db;\r\n  border-radius: 28px;\r\n  color: #ffffff;\r\n  font-size: 15px;\r\n  padding: 6px;\r\n}\r\n\r\n.button_osg:hover {\r\n  background: #3cb0fd;\r\n  border: 1px inset #3cb0fd;\r\n}\r\n\r\n.font_note {\r\n\tfont-size: 13px;\r\n}\r\n\r\n.round{\r\n\tborder-collapse: separate;\r\n\tborder: 0px solid #333333;\r\n\tbackground-color: #F0F0F0;\r\n\tborder-radius: 28px;\r\n}\r\n\r\n</style>\r\n<script language=\"JavaScript\">\r\n//Kelvin++ 2014-08-07 check is it opening from EZ server, then auto-login use ez.htm\r\nif(document.URL.indexOf(\"?a=\") > 0){\r\n\tlocation.href=\"/nobody/aplogin.htm?parameter=\"+Base64.encode(document.URL.split(\"?\")[1])+\"&InitPath=EZ_LOGIN\"+\"&rnd=\"+Math.random();\r\n}\r\n/* ========== loginDevice.js ========== */\r\nfunction getCookie(c_name){\r\n\tif (document.cookie.length>0){\r\n\t\tc_start=document.cookie.indexOf(c_name + \"=\");\r\n\t\tif (c_start!=-1){ \r\n\t\t\tc_start=c_start + c_name.length+1; \r\n\t\t\tc_end=document.cookie.indexOf(\";\",c_start);\r\n\t\t\tif (c_end==-1) c_end=document.cookie.length;\r\n\t\t\treturn unescape(document.cookie.substring(c_start,c_end));\r\n\t\t} \r\n\t}\r\n\treturn \"\";\r\n}\r\n\r\nfunction setCookie(c_name,value,expiredays){\r\n\tvar exdate=new Date();\r\n\texdate.setDate(exdate.getDate()+expiredays);\r\n\tdocument.cookie=c_name+ \"=\" +escape(value)+((expiredays==null) ? \"\" : \";expires=\"+exdate.toGMTString());\r\n}\r\n\r\nfunction delCookie(name){\r\n\tvar exp = new Date();\r\n\texp.setTime(exp.getTime() - 1);\r\n\tvar cval = getCookie(name);\r\n\tif(cval != null)\r\n\t\tdocument.cookie = name + \"=\"+cval+\";expires=\"+exp.toGMTString();\r\n}\r\n\r\nfunction getURL(){\r\n\tvar a = document.URL.split(\"//\");\r\n\ta = (a[1] ? a[1] : a[0]).split(\"/\"); \r\n\treturn a[0];\r\n}\r\n\r\nfunction getPort(){\r\n\turlArr = getURL().split(\":\");\r\n\tif(urlArr.length == 1)\r\n\t\treturn \"80\";\r\n\telse\r\n\t\treturn urlArr[1];\r\n}\r\n\r\nvar w = window.screen.availWidth;\r\n\r\nif(getCookie(\"ViewMode\")!=\"Classic\"){\r\n\tif(w <= 800){//mobile screen width < 800\r\n\t\tif(w > 320)\r\n\t\t\tlocation.href=\"/nobody/mobile480.htm?Login=Captcha\";\r\n\t\telse if(w <= 240)\r\n\t\t\tlocation.href=\"/nobody/mobile240.htm?Login=Captcha\";\r\n\t\telse\r\n\t\t\tlocation.href=\"/nobody/mobile.htm?Login=Captcha\";\r\n\t}\r\n}\r\n\r\n//no use\r\nfunction isMobileBrowser(){\r\n\tvar u = navigator.userAgent.toLowerCase();\r\n\t\r\n\tif(u.indexOf(\"midp\") != -1)\r\n\t\treturn true;\r\n\telse if(u.indexOf(\"mobile\") != -1)\r\n\t\treturn true;\r\n\telse if(u.indexOf(\"iphone\") != -1 || u.indexOf(\"ipod\") != -1)\r\n\t\treturn true;\r\n\telse if(u.indexOf(\"series60\") != -1 || u.indexOf(\"symbian\") != -1)\r\n\t\treturn true;\r\n\telse if(u.indexOf(\"blackberry\") != -1)\r\n\t\treturn true;\r\n\telse if(u.indexOf(\"android\") != -1)\r\n\t\treturn true;\r\n\telse if(u.indexOf(\"windows ce\") != -1 || u.indexOf(\"windows phone\") != -1)\r\n\t\treturn true;\r\n\telse if(u.indexOf(\"htc\") != -1 || u.indexOf(\"hd2_\") != -1)\r\n\t\treturn true;\r\n\telse if(u.indexOf(\"palm\") != -1)\r\n\t\treturn true;\r\n\telse\r\n\t\treturn false;\r\n}\r\n\r\n/* ========== webtoolkit.base64.js ========== */\r\nvar Base64={_keyStr:\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=\",encode:function(c){var a=\"\";var k,h,f,j,g,e,d;var b=0;c=Base64._utf8_encode(c);while(b<c.length){k=c.charCodeAt(b++);h=c.charCodeAt(b++);f=c.charCodeAt(b++);j=k>>2;g=((k&3)<<4)|(h>>4);e=((h&15)<<2)|(f>>6);d=f&63;if(isNaN(h)){e=d=64}else{if(isNaN(f)){d=64}}a=a+this._keyStr.charAt(j)+this._keyStr.charAt(g)+this._keyStr.charAt(e)+this._keyStr.charAt(d)}return a},decode:function(c){var a=\"\";var k,h,f;var j,g,e,d;var b=0;c=c.replace(/[^A-Za-z0-9\\+\\/\\=]/g,\"\");while(b<c.length){j=this._keyStr.indexOf(c.charAt(b++));g=this._keyStr.indexOf(c.charAt(b++));e=this._keyStr.indexOf(c.charAt(b++));d=this._keyStr.indexOf(c.charAt(b++));k=(j<<2)|(g>>4);h=((g&15)<<4)|(e>>2);f=((e&3)<<6)|d;a=a+String.fromCharCode(k);if(e!=64){a=a+String.fromCharCode(h)}if(d!=64){a=a+String.fromCharCode(f)}}a=Base64._utf8_decode(a);return a},_utf8_encode:function(b){b=b.replace(/\\r\\n/g,\"\\n\");var a=\"\";for(var e=0;e<b.length;e++){var d=b.charCodeAt(e);if(d<128){a+=String.fromCharCode(d)}else{if((d>127)&&(d<2048)){a+=String.fromCharCode((d>>6)|192);a+=String.fromCharCode((d&63)|128)}else{a+=String.fromCharCode((d>>12)|224);a+=String.fromCharCode(((d>>6)&63)|128);a+=String.fromCharCode((d&63)|128)}}}return a},_utf8_decode:function(a){var b=\"\";var d=0;var e=c1=c2=0;while(d<a.length){e=a.charCodeAt(d);if(e<128){b+=String.fromCharCode(e);d++}else{if((e>191)&&(e<224)){c2=a.charCodeAt(d+1);b+=String.fromCharCode(((e&31)<<6)|(c2&63));d+=2}else{c2=a.charCodeAt(d+1);c3=a.charCodeAt(d+2);b+=String.fromCharCode(((e&15)<<12)|((c2&63)<<6)|(c3&63));d+=3}}}return b}};\r\n\r\n/* ========== login.js ========== */\r\nvar ff;\r\nvar CheckOnlySupportIE = false;\r\nvar DVR_ONLY_SUPPORT_IE = \"_042_082_162_046_\";\r\nvar isIEBrowser = false;\r\n\r\nif ((navigator.appName == \"Microsoft Internet Explorer\") && (navigator.platform != \"MacPPC\") && (navigator.platform != \"Mac68k\")) {\r\n  isIEBrowser = true;\r\n}\r\n\r\n/* disabled backspace key */\r\nif(typeof window.event != 'undefined'){\r\n\tdocument.onkeydown = function(){if(event.srcElement.tagName.toUpperCase() != 'INPUT'){return (event.keyCode != 8);}}\r\n}else{\r\n\tdocument.onkeypress = function(e){if(e.target.nodeName.toUpperCase() != 'INPUT'){return (e.keyCode != 8);}}\r\n}\r\n\r\nfunction init(){\r\n\tff = document.myForm;\r\n\tff.Username.value = \"\";\r\n\tff.Password.value = \"\";\r\n\t/*\r\n\tsetTimeout(\"getCaptchaImg()\", 1000);\r\n\t\r\n\tdocument.body.style.display = \"none\";\r\n\tvar NW = getCookie(idURL+\"NW\");\r\n\tif(NW != \"\" && NW != null){\r\n\t\tvar aaa = Base64.decode(NW).split(\":\");\r\n\t\tff.Username.value = aaa[0];\r\n\t\tff.Password.value = aaa[1];\r\n\t\tif(getCookie(idURL+\"StaySign\") == \"1\"){\r\n\t\t\tdocument.getElementById(\"StaySignedIn\").checked = true;\r\n\t\t\tif(getCookie(idURL+\"StaySignErr\") != \"1\"){\r\n\t\t\t\tdelCookie(\"captcha\");\r\n\t\t\t\tcheck();\r\n\t\t\t}else{\r\n\t\t\t\tdelCookie(idURL+\"StaySignErr\");\r\n\t\t\t\tdocument.body.style.display = \"block\";\r\n\t\t\t\tff.Password.value = \"\";\r\n\t\t\t\tff.Password.focus();\r\n\t\t\t}\r\n\t\t}else{\r\n\t\t\tdocument.getElementById(\"StaySignedIn\").checked = false;\r\n\t\t\tdocument.body.style.display = \"block\";\r\n\t\t}\r\n\t}else{\r\n\t\tdocument.body.style.display = \"block\";\r\n\t}\r\n\t*/\r\n\tff.Username.focus();\r\n}\r\n\r\nfunction getCaptchaImg(){\r\n\tdocument.getElementById(\"Captcha\").src = \"/cgi-bin/nobody/Captcha.cgi?action=get&image=login_bmp\";\r\n}\r\n\r\nfunction goCheck(e){\r\n\tif(window.event && e.keyCode ==13) //IE\r\n\t\tcheck(); \r\n\telse if(e.which == 13) // Netscape/Firefox/Opera\r\n\t\tcheck();\r\n}\r\n\r\nfunction ToUpperCase(obj){\r\n\tobj.value = obj.value.toUpperCase();\r\n}\r\n\r\nfunction check(){\r\n\tif(!ff){return false;}\r\n\t\r\n\tdocument.cookie = \"x=1\";\r\n\tif (document.cookie.indexOf(\"x=\")==-1){\r\n\t\tdocument.body.style.display = \"block\";\r\n\t\talert(\"Browser Cookie not supported.\");\r\n\t\tfrmReload();\r\n\t\treturn false;\r\n\t}\r\n\tvar actionStr = \"/cgi-bin/nobody/VerifyCode.cgi\"\r\n\tactionStr += \"?account=\"+Base64.encode(ff.Username.value+\":\"+ff.Password.value);\r\n\t//actionStr += \"&captcha_code=\"+ff.CaptchaCode.value.toUpperCase();\r\n\t//actionStr += \"&verify_code=\"+getCookie(\"captcha\");\r\n\tactionStr += \"&rnd=\"+Math.random();\r\n\tvar httpObj = createHttpRequestObj();\r\n\thttpObj.onreadystatechange = function(){\r\n\t\tif (httpObj.readyState == 4 && httpObj.status == 200){\r\n\t\t\tvar objStr    = new Object();\r\n\t\t\tobjStr.strSrc = httpObj.responseText;\r\n\t\t\ttmpStr = objStr.strSrc.split(\"\\n\");\r\n\t\t\tif (tmpStr[1] == \"OK\"){\r\n\t\t\t\t//if(document.getElementById(\"StaySignedIn\").checked)\r\n\t\t\t\t//\tsetLastUserSignIn();\r\n\t\t\t\t//setCookie(\"brokenhdd\", \"\");\r\n\t\t\t\tsetCookie(\"LifeTime\", \"\");\r\n\t\t\t\t//setCookie(\"ReloWebTime\", 0);\r\n\t\t\t\tlocation.href=\"/index.htm\";\r\n\t\t\t}else{\r\n\t\t\t\t//setCookie(idURL+\"StaySignErr\", \"1\");\r\n\t\t\t\t//document.body.style.display = \"block\";\r\n\t\t\t\talert(tmpStr[1]);\r\n\t\t\t\tfrmReload();\r\n\t\t\t}\r\n\t\t}\r\n\t};\r\n\thttpObj.open(\"get\", actionStr, true);\r\n\thttpObj.send(null);\r\n\treturn false;\r\n}\r\n\r\nvar idURL = getURL()+\":\"+getPort();\r\nfunction setLastUserSignIn(){\r\n\tsetCookie(idURL+\"NW\", Base64.encode(ff.Username.value+\":\"+ff.Password.value), 30);\r\n\tsetCookie(idURL+\"StaySign\", (document.getElementById(\"StaySignedIn\").checked)?\"1\":\"0\", 30);\r\n\tsetCookie(idURL+\"StaySignErr\", \"0\");\r\n}\r\n\r\nfunction getUserLevel(){\r\n\tvar httpObj = createHttpRequestObj();\r\n\trequestData = \"/cgi-bin/guest/Login.cgi?rnd=\"+Math.random();\r\n\thttpObj.onreadystatechange = function(){\r\n\t\tif (httpObj.readyState == 4 && httpObj.status == 200){\r\n\t\t\tvar objStr    = new Object();\r\n\t\t\tobjStr.strSrc = httpObj.responseText;\r\n\t\t\t\r\n\t\t\tif (CheckOnlySupportIE && GetCgiParam(objStr, \"Product-ID-Minor=\") == 1){\r\n\t\t\t\tvar pid = objStr.strGet;\r\n\t\t\t\tvar pidc = \"_\"+pid+\"_\";\r\n\t\t\t\tif(!isIEBrowser && DVR_ONLY_SUPPORT_IE.indexOf(pidc) != -1){\r\n\t\t\t\t\t//alert(\"This machine is not supported, please visit 'www.avtech.com.tw' for more details.\");\r\n\t\t\t\t\tif(confirm(\"This machine is not supported.\\nDo you want to get more details?\")){\r\n\t\t\t\t\t\tlocation.href = \"http://www.eagleeyescctv.com/jump/dvr.htm\";\r\n\t\t\t\t\t}\r\n\t\t\t\t\treturn false;\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\t\r\n\t\t\tif (GetCgiParam(objStr, \"User-Level=\") == 1){\r\n\t\t\t\tsetCookie(\"LifeTime\", \"\");\r\n\t\t\t\tsetCookie(\"ReloWebTime\", 0);\r\n\t\t\t\tif(objStr.strGet == \"SUPERVISOR\")\r\n\t\t\t\t\tlocation.href=\"/index.htm\";\r\n\t\t\t\telse\r\n\t\t\t\t\tlocation.href=\"/index.htm\";\r\n\t\t\t}else{alert('Login Failed.');}\r\n\t\t}\r\n\t};\r\n\thttpObj.open(\"get\", requestData, true);\r\n\thttpObj.send(null);\r\n}\r\n\r\nfunction frmReload(){\r\n\tff.Username.value=\"\";\r\n\tff.Password.value=\"\";\r\n\t//ff.CaptchaCode.value=\"\";\r\n\tlocation.reload();\r\n}\r\n\r\nfunction createHttpRequestObj(){\r\n\tvar XMLhttpObject = null;\r\n\ttry {XMLhttpObject = new XMLHttpRequest();}\r\n\tcatch(e){\r\n\t\ttry {XMLhttpObject = new ActiveXObject(\"Msxml2.XMLHTTP\");}\r\n\t\tcatch(e){\r\n\t\t\ttry {XMLhttpObject = new ActiveXObject(\"Microsoft.XMLHTTP\");}\r\n\t\t\tcatch(e) {return null;}\r\n\t\t}\r\n\t}\r\n\treturn XMLhttpObject;\r\n}\r\n\r\nfunction GetCgiParam(objStr, strSearch){\r\n\tvar curr_pos;var result;\r\n\tobjStr.strSearch=strSearch;\r\n\tobjStr.curr_pos=0;\r\n\tdo{\r\n\t\tresult = 1;\r\n\t\tcurr_pos = objStr.strSrc.indexOf(objStr.strSearch, objStr.curr_pos);\r\n\t\tif (curr_pos < 0){\r\n\t\t\tresult = 0;\r\n\t\t\tbreak;\r\n\t\t}\r\n\t\tobjStr.curr_pos = curr_pos + objStr.strSearch.length;\r\n\t\tcurr_pos = objStr.strSrc.indexOf('\\n', objStr.curr_pos);\r\n\t\tif (curr_pos < 0){\r\n\t\t\tif (objStr.curr_pos < objStr.strSrc.length){\r\n\t\t\t\tobjStr.strGet \t= objStr.strSrc.substring(objStr.curr_pos, objStr.strSrc.length);\r\n\t\t\t\tobjStr.curr_pos = curr_pos;\t\r\n\t\t\t\tbreak;\r\n\t\t\t}\r\n\t\t\tresult = 0;\r\n\t\t\tbreak;\r\n\t\t}\r\n\t\tobjStr.strGet \t= objStr.strSrc.substring(objStr.curr_pos, curr_pos);\r\n\t\tobjStr.curr_pos = curr_pos;\r\n\t} while(0);\r\n\treturn result;\r\n}\r\n\r\nfunction goMobile(){\r\n\tsetCookie(\"ViewMode\", \"Mobile\");\r\n\tvar w = window.screen.availWidth;\r\n\t//alert(w);\r\n\tif(w > 320)\r\n\t\tlocation.href=\"/nobody/mobile480.htm?Login=Captcha\";\r\n\telse if(w <= 240)\r\n\t\tlocation.href=\"/nobody/mobile240.htm?Login=Captcha\";\r\n\telse\r\n\t\tlocation.href=\"/nobody/mobile.htm?Login=Captcha\";\r\n}\r\n</script>\r\n</head>\r\n<body onload=\"init()\">\r\n\t<div class=\"BOX1\">\r\n\t\t<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\r\n\t\t\t<tr>\r\n\t\t\t\t<td valign=\"middle\"><img width=\"300\" height=\"90\" src=\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAASwAAABaCAYAAAACcWsdAAAACXBIWXMAAAsTAAALEwEAmpwYAAAKTWlDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAHjanVN3WJP3Fj7f92UPVkLY8LGXbIEAIiOsCMgQWaIQkgBhhBASQMWFiApWFBURnEhVxILVCkidiOKgKLhnQYqIWotVXDjuH9yntX167+3t+9f7vOec5/zOec8PgBESJpHmomoAOVKFPDrYH49PSMTJvYACFUjgBCAQ5svCZwXFAADwA3l4fnSwP/wBr28AAgBw1S4kEsfh/4O6UCZXACCRAOAiEucLAZBSAMguVMgUAMgYALBTs2QKAJQAAGx5fEIiAKoNAOz0ST4FANipk9wXANiiHKkIAI0BAJkoRyQCQLsAYFWBUiwCwMIAoKxAIi4EwK4BgFm2MkcCgL0FAHaOWJAPQGAAgJlCLMwAIDgCAEMeE80DIEwDoDDSv+CpX3CFuEgBAMDLlc2XS9IzFLiV0Bp38vDg4iHiwmyxQmEXKRBmCeQinJebIxNI5wNMzgwAABr50cH+OD+Q5+bk4eZm52zv9MWi/mvwbyI+IfHf/ryMAgQAEE7P79pf5eXWA3DHAbB1v2upWwDaVgBo3/ldM9sJoFoK0Hr5i3k4/EAenqFQyDwdHAoLC+0lYqG9MOOLPv8z4W/gi372/EAe/tt68ABxmkCZrcCjg/1xYW52rlKO58sEQjFu9+cj/seFf/2OKdHiNLFcLBWK8ViJuFAiTcd5uVKRRCHJleIS6X8y8R+W/QmTdw0ArIZPwE62B7XLbMB+7gECiw5Y0nYAQH7zLYwaC5EAEGc0Mnn3AACTv/mPQCsBAM2XpOMAALzoGFyolBdMxggAAESggSqwQQcMwRSswA6cwR28wBcCYQZEQAwkwDwQQgbkgBwKoRiWQRlUwDrYBLWwAxqgEZrhELTBMTgN5+ASXIHrcBcGYBiewhi8hgkEQcgIE2EhOogRYo7YIs4IF5mOBCJhSDSSgKQg6YgUUSLFyHKkAqlCapFdSCPyLXIUOY1cQPqQ28ggMor8irxHMZSBslED1AJ1QLmoHxqKxqBz0XQ0D12AlqJr0Rq0Hj2AtqKn0UvodXQAfYqOY4DRMQ5mjNlhXIyHRWCJWBomxxZj5Vg1Vo81Yx1YN3YVG8CeYe8IJAKLgBPsCF6EEMJsgpCQR1hMWEOoJewjtBK6CFcJg4Qxwicik6hPtCV6EvnEeGI6sZBYRqwm7iEeIZ4lXicOE1+TSCQOyZLkTgohJZAySQtJa0jbSC2kU6Q+0hBpnEwm65Btyd7kCLKArCCXkbeQD5BPkvvJw+S3FDrFiOJMCaIkUqSUEko1ZT/lBKWfMkKZoKpRzame1AiqiDqfWkltoHZQL1OHqRM0dZolzZsWQ8ukLaPV0JppZ2n3aC/pdLoJ3YMeRZfQl9Jr6Afp5+mD9HcMDYYNg8dIYigZaxl7GacYtxkvmUymBdOXmchUMNcyG5lnmA+Yb1VYKvYqfBWRyhKVOpVWlX6V56pUVXNVP9V5qgtUq1UPq15WfaZGVbNQ46kJ1Bar1akdVbupNq7OUndSj1DPUV+jvl/9gvpjDbKGhUaghkijVGO3xhmNIRbGMmXxWELWclYD6yxrmE1iW7L57Ex2Bfsbdi97TFNDc6pmrGaRZp3mcc0BDsax4PA52ZxKziHODc57LQMtPy2x1mqtZq1+rTfaetq+2mLtcu0W7eva73VwnUCdLJ31Om0693UJuja6UbqFutt1z+o+02PreekJ9cr1Dund0Uf1bfSj9Rfq79bv0R83MDQINpAZbDE4Y/DMkGPoa5hpuNHwhOGoEctoupHEaKPRSaMnuCbuh2fjNXgXPmasbxxirDTeZdxrPGFiaTLbpMSkxeS+Kc2Ua5pmutG003TMzMgs3KzYrMnsjjnVnGueYb7ZvNv8jYWlRZzFSos2i8eW2pZ8ywWWTZb3rJhWPlZ5VvVW16xJ1lzrLOtt1ldsUBtXmwybOpvLtqitm63Edptt3xTiFI8p0in1U27aMez87ArsmuwG7Tn2YfYl9m32zx3MHBId1jt0O3xydHXMdmxwvOuk4TTDqcSpw+lXZxtnoXOd8zUXpkuQyxKXdpcXU22niqdun3rLleUa7rrStdP1o5u7m9yt2W3U3cw9xX2r+00umxvJXcM970H08PdY4nHM452nm6fC85DnL152Xlle+70eT7OcJp7WMG3I28Rb4L3Le2A6Pj1l+s7pAz7GPgKfep+Hvqa+It89viN+1n6Zfgf8nvs7+sv9j/i/4XnyFvFOBWABwQHlAb2BGoGzA2sDHwSZBKUHNQWNBbsGLww+FUIMCQ1ZH3KTb8AX8hv5YzPcZyya0RXKCJ0VWhv6MMwmTB7WEY6GzwjfEH5vpvlM6cy2CIjgR2yIuB9pGZkX+X0UKSoyqi7qUbRTdHF09yzWrORZ+2e9jvGPqYy5O9tqtnJ2Z6xqbFJsY+ybuIC4qriBeIf4RfGXEnQTJAntieTE2MQ9ieNzAudsmjOc5JpUlnRjruXcorkX5unOy553PFk1WZB8OIWYEpeyP+WDIEJQLxhP5aduTR0T8oSbhU9FvqKNolGxt7hKPJLmnVaV9jjdO31D+miGT0Z1xjMJT1IreZEZkrkj801WRNberM/ZcdktOZSclJyjUg1plrQr1zC3KLdPZisrkw3keeZtyhuTh8r35CP5c/PbFWyFTNGjtFKuUA4WTC+oK3hbGFt4uEi9SFrUM99m/ur5IwuCFny9kLBQuLCz2Lh4WfHgIr9FuxYji1MXdy4xXVK6ZHhp8NJ9y2jLspb9UOJYUlXyannc8o5Sg9KlpUMrglc0lamUycturvRauWMVYZVkVe9ql9VbVn8qF5VfrHCsqK74sEa45uJXTl/VfPV5bdra3kq3yu3rSOuk626s91m/r0q9akHV0IbwDa0b8Y3lG19tSt50oXpq9Y7NtM3KzQM1YTXtW8y2rNvyoTaj9nqdf13LVv2tq7e+2Sba1r/dd3vzDoMdFTve75TsvLUreFdrvUV99W7S7oLdjxpiG7q/5n7duEd3T8Wej3ulewf2Re/ranRvbNyvv7+yCW1SNo0eSDpw5ZuAb9qb7Zp3tXBaKg7CQeXBJ9+mfHvjUOihzsPcw83fmX+39QjrSHkr0jq/",
   "datamd5" : "97fc3fec8a97ccca4188f7f67e4556e2",
   "datammh3" : -28330540,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "3bb.in.th"
   ],
   "geolocus" : {
      "asn" : "AS45758",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "TH",
      "countryname" : "Thailand",
      "domain" : [
         "3bb.in.th",
         "3bbmail.com",
         "jasmine.com"
      ],
      "isineu" : "false",
      "latitude" : "15.870032",
      "location" : "15.870032,100.992541",
      "longitude" : "100.992541",
      "netname" : "TTBP-TH",
      "organization" : "Triple T Broadband Public Company Limited",
      "subnet" : "49.48.0.0/16"
   },
   "host" : [
      "mx-ll-49"
   ],
   "hostname" : [
      "mx-ll-49.48.60-161.dynamic.3bb.in.th"
   ],
   "ip" : "49.48.60.161",
   "ipv6" : "false",
   "latitude" : "13.0508",
   "location" : "13.0508,100.9367",
   "longitude" : "100.9367",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Triple T Broadband Public Company Limited",
   "os" : "Linux",
   "osvendor" : "Linux",
   "osversion" : "2",
   "port" : 7549,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "mx-ll-49.48.60-161.dynamic.3bb.in.th"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "48.60-161.dynamic.3bb.in.th",
      "60-161.dynamic.3bb.in.th",
      "dynamic.3bb.in.th"
   ],
   "subnet" : "49.48.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "in.th"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 103.51.245.99:7549 (tcp/http) - last seen on 2024-11-07 at 05:46:18 UTC

    • IP
      103.51.245.99
      Network
      103.51.244.0/22
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://103.51.245.99:7549/ 200

      HTTP Title
      HCMSActiveX Viewer
      ASN
      AS17573
      Organization
      SK Broadband Co Ltd
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      9ad2eb29d3c6f78d0f61249e88cef835
      HTTP Header MD5
      ba860b3caca90736d63774a542763ca1
      HTTP Body MD5
      ec7d5b0ba383f43c5276c73269d63e31 
    • HTTP/1.0 200 OK
Content-type: text/html
Date: Thu, 07 Nov 2024 05:46:17 GMT
Connection: close
Accept-Ranges: bytes
Last-Modified: Wed, 05 Oct 2016 11:57:52 GMT
Content-length: 812

<!DOCTYPE html>
<html>
<head>
<title>HCMSActiveX Viewer</title>
<script language="JavaScript">
<!--
function start()
{
	var href = document.URL.split("//");
	var host;
	if (href.length > 1) {
		host = href[1].split("/")[0];
	} else {
		host = href[0].split("/")[0];
	}

	host = host.split(":");

	var address = host[0];
	var port = 80;
	if (host.length > 1) {
		port = Number(host[1]);
	} else {
		port = 80;
	}

	HCMSActiveX.Connect(address, port);
}

function stop()
{
	HCMSActiveX.Disconnect();
}
//-->
</script>
</head>
<body onload="start()" onUnload="stop()">
<div align="center">
<object id="HCMSActiveX"
	width=1050 height=700
	classid="clsid:91B34397-1200-4BCA-BC91-8B3D12BE75C2"
	codebase="http://www.eznetdns.com/webviewer/common/HCMSActiveX.cab#version=0,2,0,10602">
</object>
</div>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:46:18.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "eznetdns.com"
         ],
         "hostname" : [
            "www.eznetdns.com"
         ],
         "url" : [
            "http://www.eznetdns.com/webviewer/common/HCMSActiveX.cab"
         ]
      },
      "http" : {
         "bodymd5" : "ec7d5b0ba383f43c5276c73269d63e31",
         "bodymmh3" : 336110476,
         "header" : [
            {
               "value" : "Wed, 05 Oct 2016 11:57:52 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "ba860b3caca90736d63774a542763ca1",
         "headermmh3" : 876305076,
         "title" : "HCMSActiveX Viewer"
      },
      "length" : 1001
   },
   "asn" : "AS17573",
   "country" : "KR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 200 OK\r\nContent-type: text/html\r\nDate: Thu, 07 Nov 2024 05:46:17 GMT\r\nConnection: close\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 05 Oct 2016 11:57:52 GMT\r\nContent-length: 812\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<title>HCMSActiveX Viewer</title>\n<script language=\"JavaScript\">\n<!--\nfunction start()\n{\n\tvar href = document.URL.split(\"//\");\n\tvar host;\n\tif (href.length > 1) {\n\t\thost = href[1].split(\"/\")[0];\n\t} else {\n\t\thost = href[0].split(\"/\")[0];\n\t}\n\n\thost = host.split(\":\");\n\n\tvar address = host[0];\n\tvar port = 80;\n\tif (host.length > 1) {\n\t\tport = Number(host[1]);\n\t} else {\n\t\tport = 80;\n\t}\n\n\tHCMSActiveX.Connect(address, port);\n}\n\nfunction stop()\n{\n\tHCMSActiveX.Disconnect();\n}\n//-->\n</script>\n</head>\n<body onload=\"start()\" onUnload=\"stop()\">\n<div align=\"center\">\n<object id=\"HCMSActiveX\"\n\twidth=1050 height=700\n\tclassid=\"clsid:91B34397-1200-4BCA-BC91-8B3D12BE75C2\"\n\tcodebase=\"http://www.eznetdns.com/webviewer/common/HCMSActiveX.cab#version=0,2,0,10602\">\n</object>\n</div>\n</body>\n</html>\n",
   "datamd5" : "9ad2eb29d3c6f78d0f61249e88cef835",
   "datammh3" : -164014901,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS17573",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "KR",
      "countryname" : "South Korea",
      "domain" : [
         "nic.or.kr",
         "skbroadband.com"
      ],
      "isineu" : "false",
      "latitude" : "35.907757",
      "location" : "35.907757,127.766922",
      "longitude" : "127.766922",
      "netname" : "broadNnet",
      "organization" : "SK Broadband Co Ltd",
      "subnet" : "103.51.244.0/22"
   },
   "ip" : "103.51.245.99",
   "ipv6" : "false",
   "latitude" : "37.5112",
   "location" : "37.5112,126.9741",
   "longitude" : "126.9741",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "SK Broadband Co Ltd",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 7549,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "103.51.244.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 44.204.168.160:7549 (tcp/http) - last seen on 2024-11-07 at 05:45:25 UTC

    • IP
      44.204.168.160
      Network
      44.192.0.0/11
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://44.204.168.160:7549/ 200

      HTTP Title
      Download Master
      Reverse DNS
      ec2-44-204-168-160.compute-1.amazonaws.com
      ASN
      AS14618
      Organization
      AMAZON-AES
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      a52ae731c45deec6fcf5b3934ee55e00
      HTTP Header MD5
      9f060a9cb1b31c417a3a68e629ae97e3
      HTTP Body MD5
      18ccd80dc0943311ea6b6014e12a985c 
    • HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 Nov 2024 05:45:25 GMT
Server: nginx
Content-Length: 1767
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<html xmlns:v>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE8" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="Expires" content="-1" />
<meta HTTP-EQUIV="Cache-Control" CONTENT="no-cache">
<meta http-equiv="Pragma" content="no-cache" />
<title>Download Master</title>
<script type="text/javascript" src="jquery.js"></script>
</head>
<body>
<script>
var httpTag = 'https:' == document.location.protocol ? false : true;
        if(( navigator.userAgent.match(/iPhone/i)) ||
            ( navigator.userAgent.match(/iPod/i))   ||
                ( navigator.userAgent.match(/windows ce/i)) ||
                ( navigator.userAgent.match(/windows phone/i)) ||
                ( navigator.userAgent.match(/Android/i)) &&
                ( navigator.userAgent.match(/Mobile/i)))
                {
                if(httpTag)
                        self.location = "http://"+ location.host.split(":")[0] +":"+ location.host.split(":")[1] +"/downloadmaster/index.asp";
                else
                        self.location = "https://"+ location.host.split(":")[0] +":"+ location.host.split(":")[1] +"/downloadmaster/index.asp";
                }
        else{
                if(httpTag)
                        self.location = "http://"+ location.host.split(":")[0] +":"+ location.host.split(":")[1] +"/downloadmaster/index.asp";
                else
                        self.location = "https://"+ location.host.split(":")[0] +":"+ location.host.split(":")[1] +"/downloadmaster/index.asp";
                }

</script>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:45:25.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/1999/xhtml",
            "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "18ccd80dc0943311ea6b6014e12a985c",
         "bodymmh3" : 559765034,
         "headermd5" : "9f060a9cb1b31c417a3a68e629ae97e3",
         "headermmh3" : 1219794799,
         "title" : "Download Master"
      },
      "length" : 1904
   },
   "asn" : "AS14618",
   "city" : "Ashburn",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 05:45:25 GMT\r\nServer: nginx\r\nContent-Length: 1767\r\nContent-Type: text/html\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\n<html xmlns:v>\n<head>\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=EmulateIE8\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta http-equiv=\"Expires\" content=\"-1\" />\n<meta HTTP-EQUIV=\"Cache-Control\" CONTENT=\"no-cache\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<title>Download Master</title>\n<script type=\"text/javascript\" src=\"jquery.js\"></script>\n</head>\n<body>\n<script>\nvar httpTag = 'https:' == document.location.protocol ? false : true;\n        if(( navigator.userAgent.match(/iPhone/i)) ||\n            ( navigator.userAgent.match(/iPod/i))   ||\n                ( navigator.userAgent.match(/windows ce/i)) ||\n                ( navigator.userAgent.match(/windows phone/i)) ||\n                ( navigator.userAgent.match(/Android/i)) &&\n                ( navigator.userAgent.match(/Mobile/i)))\n                {\n                if(httpTag)\n                        self.location = \"http://\"+ location.host.split(\":\")[0] +\":\"+ location.host.split(\":\")[1] +\"/downloadmaster/index.asp\";\n                else\n                        self.location = \"https://\"+ location.host.split(\":\")[0] +\":\"+ location.host.split(\":\")[1] +\"/downloadmaster/index.asp\";\n                }\n        else{\n                if(httpTag)\n                        self.location = \"http://\"+ location.host.split(\":\")[0] +\":\"+ location.host.split(\":\")[1] +\"/downloadmaster/index.asp\";\n                else\n                        self.location = \"https://\"+ location.host.split(\":\")[0] +\":\"+ location.host.split(\":\")[1] +\"/downloadmaster/index.asp\";\n                }\n\n</script>\n</body>\n</html>\n",
   "datamd5" : "a52ae731c45deec6fcf5b3934ee55e00",
   "datammh3" : -434684070,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS14618",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "AMAZON-IAD",
      "organization" : "Amazon Data Services NoVa",
      "subnet" : "44.192.0.0/11"
   },
   "host" : [
      "ec2-44-204-168-160"
   ],
   "hostname" : [
      "ec2-44-204-168-160.compute-1.amazonaws.com"
   ],
   "ip" : "44.204.168.160",
   "ipv6" : "false",
   "latitude" : "39.0469",
   "location" : "39.0469,-77.4903",
   "longitude" : "-77.4903",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-AES",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 7549,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-44-204-168-160.compute-1.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute-1.amazonaws.com"
   ],
   "subnet" : "44.192.0.0/11",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 3.101.110.6:7549 (tcp/http) - last seen on 2024-11-07 at 05:39:27 UTC

    • IP
      3.101.110.6
      Network
      3.101.0.0/16
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://3.101.110.6:7549/ 200

      Reverse DNS
      ec2-3-101-110-6.us-west-1.compute.amazonaws.com
      ASN
      AS16509
      Organization
      AMAZON-02
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      841ef049931f2abf64cb8efe40b3361a
      HTTP Header MD5
      9f060a9cb1b31c417a3a68e629ae97e3
      HTTP Body MD5
      7247f7a69fe8c58679f8e1859605c9b1 
    • HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 Nov 2024 05:39:27 GMT
Server: nginx
Content-Length: 88
Content-Type: text/html

<HTML><HEAD><script>window.top.location.href='/Main_Login.asp';</script>
</HEAD></HTML>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:39:27.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "7247f7a69fe8c58679f8e1859605c9b1",
         "bodymmh3" : -1161513703,
         "headermd5" : "9f060a9cb1b31c417a3a68e629ae97e3",
         "headermmh3" : 1261255332
      },
      "length" : 223
   },
   "asn" : "AS16509",
   "city" : "San Jose",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 05:39:27 GMT\r\nServer: nginx\r\nContent-Length: 88\r\nContent-Type: text/html\r\n\r\n<HTML><HEAD><script>window.top.location.href='/Main_Login.asp';</script>\n</HEAD></HTML>\n",
   "datamd5" : "841ef049931f2abf64cb8efe40b3361a",
   "datammh3" : -116911898,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "AMAZON-SFO",
      "organization" : "Amazon.com, Inc.",
      "subnet" : "3.101.0.0/16"
   },
   "host" : [
      "ec2-3-101-110-6"
   ],
   "hostname" : [
      "ec2-3-101-110-6.us-west-1.compute.amazonaws.com"
   ],
   "ip" : "3.101.110.6",
   "ipv6" : "false",
   "latitude" : "37.1835",
   "location" : "37.1835,-121.7714",
   "longitude" : "-121.7714",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 7549,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-3-101-110-6.us-west-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "us-west-1.compute.amazonaws.com"
   ],
   "subnet" : "3.101.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 211.204.138.165:7549 (tcp/http) - last seen on 2024-11-07 at 05:38:13 UTC

    • IP
      211.204.138.165
      Network
      211.204.128.0/20
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://211.204.138.165:7549/ 200

      HTTP Title
      HCMSActiveX Viewer
      ASN
      AS9318
      Organization
      SK Broadband Co Ltd
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      9ad2eb29d3c6f78d0f61249e88cef835
      HTTP Header MD5
      ba860b3caca90736d63774a542763ca1
      HTTP Body MD5
      ec7d5b0ba383f43c5276c73269d63e31 
    • HTTP/1.0 200 OK
Content-type: text/html
Date: Thu, 07 Nov 2024 05:37:54 GMT
Connection: close
Accept-Ranges: bytes
Last-Modified: Mon, 25 Jan 2021 08:26:08 GMT
Content-length: 812

<!DOCTYPE html>
<html>
<head>
<title>HCMSActiveX Viewer</title>
<script language="JavaScript">
<!--
function start()
{
	var href = document.URL.split("//");
	var host;
	if (href.length > 1) {
		host = href[1].split("/")[0];
	} else {
		host = href[0].split("/")[0];
	}

	host = host.split(":");

	var address = host[0];
	var port = 80;
	if (host.length > 1) {
		port = Number(host[1]);
	} else {
		port = 80;
	}

	HCMSActiveX.Connect(address, port);
}

function stop()
{
	HCMSActiveX.Disconnect();
}
//-->
</script>
</head>
<body onload="start()" onUnload="stop()">
<div align="center">
<object id="HCMSActiveX"
	width=1050 height=700
	classid="clsid:91B34397-1200-4BCA-BC91-8B3D12BE75C2"
	codebase="http://www.eznetdns.com/webviewer/common/HCMSActiveX.cab#version=0,2,0,10602">
</object>
</div>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:38:13.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "eznetdns.com"
         ],
         "hostname" : [
            "www.eznetdns.com"
         ],
         "url" : [
            "http://www.eznetdns.com/webviewer/common/HCMSActiveX.cab"
         ]
      },
      "http" : {
         "bodymd5" : "ec7d5b0ba383f43c5276c73269d63e31",
         "bodymmh3" : 336110476,
         "header" : [
            {
               "value" : "Mon, 25 Jan 2021 08:26:08 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "ba860b3caca90736d63774a542763ca1",
         "headermmh3" : 1597899665,
         "title" : "HCMSActiveX Viewer"
      },
      "length" : 1001
   },
   "asn" : "AS9318",
   "city" : "Gyeyang-gu",
   "country" : "KR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 200 OK\r\nContent-type: text/html\r\nDate: Thu, 07 Nov 2024 05:37:54 GMT\r\nConnection: close\r\nAccept-Ranges: bytes\r\nLast-Modified: Mon, 25 Jan 2021 08:26:08 GMT\r\nContent-length: 812\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<title>HCMSActiveX Viewer</title>\n<script language=\"JavaScript\">\n<!--\nfunction start()\n{\n\tvar href = document.URL.split(\"//\");\n\tvar host;\n\tif (href.length > 1) {\n\t\thost = href[1].split(\"/\")[0];\n\t} else {\n\t\thost = href[0].split(\"/\")[0];\n\t}\n\n\thost = host.split(\":\");\n\n\tvar address = host[0];\n\tvar port = 80;\n\tif (host.length > 1) {\n\t\tport = Number(host[1]);\n\t} else {\n\t\tport = 80;\n\t}\n\n\tHCMSActiveX.Connect(address, port);\n}\n\nfunction stop()\n{\n\tHCMSActiveX.Disconnect();\n}\n//-->\n</script>\n</head>\n<body onload=\"start()\" onUnload=\"stop()\">\n<div align=\"center\">\n<object id=\"HCMSActiveX\"\n\twidth=1050 height=700\n\tclassid=\"clsid:91B34397-1200-4BCA-BC91-8B3D12BE75C2\"\n\tcodebase=\"http://www.eznetdns.com/webviewer/common/HCMSActiveX.cab#version=0,2,0,10602\">\n</object>\n</div>\n</body>\n</html>\n",
   "datamd5" : "9ad2eb29d3c6f78d0f61249e88cef835",
   "datammh3" : -164014901,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS9318",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "KR",
      "countryname" : "South Korea",
      "domain" : [
         "nic.or.kr",
         "skbroadband.com"
      ],
      "isineu" : "false",
      "latitude" : "35.907757",
      "location" : "35.907757,127.766922",
      "longitude" : "127.766922",
      "netname" : "broadNnet",
      "organization" : "SK Broadband Co Ltd",
      "subnet" : "211.204.128.0/20"
   },
   "ip" : "211.204.138.165",
   "ipv6" : "false",
   "latitude" : "37.5261",
   "location" : "37.5261,126.7257",
   "longitude" : "126.7257",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "SK Broadband Co Ltd",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 7549,
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "211.204.128.0/20",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 5.160.82.82:7549 (tcp/http) - last seen on 2024-11-07 at 05:30:26 UTC

    • IP
      5.160.82.82
      Network
      5.160.64.0/19
      Device

      <enterprise field>: device.class

      Operating System
      Microsoft Windows sUse
      URL

      http://5.160.82.82:7549/ 200

      HTTP Title
      ::: Amin Computer ::: بنیاد سپهر تبلیغ نوین
      ASN
      AS42337
      Organization
      Respina Networks & Beyond PJSC
      Protocol
      http
      Source
      datascan
    • Operating System
      Microsoft Windows sUse
      Product
      Apache HTTP Server 2.4.51
      HTTP Component(s)
      OpenSSL OpenSSL 1.1.1l PHP PHP 7.4.25
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      9ffbd20d00d4ae21054b8a059fd83ed4
      HTTP Header MD5
      e8f8dfb5d140a7705f592f174566c343
      HTTP Body MD5
      eb811f82a6267bd1b400895ab2a78666 
    • HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 05:30:23 GMT
Server: Apache/2.4.51 (Win64) OpenSSL/1.1.1l PHP/7.4.25
X-Powered-By: PHP/7.4.25
Set-Cookie: PHPSESSID=dgdid3scickrahc27pphuf0ns6; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

49ae
<html >
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
		<!--cr(8670) for responsive web design with mobile device-->
		<meta name="viewport" content="width=device-width, initial-scale=1" >
		<!--cr(8670) end-->
        <title>::: Amin Computer ::: بنیاد سپهر تبلیغ نوین</title>
        <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />        <title>::: Computer Amin :::</title>
        <!-- base css -->
        <link rel="stylesheet" media="screen, print" href="/smart/css/vendors.bundle-rtl.css">
        <link rel="stylesheet" media="screen, print" href="/smart/css/app.bundle-rtl.css">
        <link rel="stylesheet" media="screen, print" href="/smart/css/FontAwesome6Pro.css">
        <link rel="stylesheet" media="screen, print" href="/smart/css/font/iransans.css">
        <!--Custom styles-->
        <link rel="stylesheet" href="/smart/css/styleLogin.css">
        
        <!-- base js -->
        <script src="/smart/js/vendors.bundle.js"></script>
        <!-- The order of scripts is irrelevant -->
		<script type="text/javascript" src="/JScripts/functions.js"></script>
  
    </head>

    <body>
        <!-- T(2746) -->
                <!-- T(2746)end -->

        <div style="background: url('/windows7/loginPic/amin.jpg?dummy=34') no-repeat center; background-size:100% 100%;">
            

<div class="container">
	<div class="d-flex justify-content-center h-100">
		<!-- <div class="card bd-highlight"> -->
        <div class="card bd-highlight">
			<div class="">
                <h4>ورود</h4>
                <div class="d-flex justify-content-end social_icon">
                                        <span class="dropleft"><a class="dropdown-toggle no-arrow icon-stack" data-toggle="dropdown"><i class="base base-5 icon-stack-3x opacity-90 color-success-900"></i><i class="fas fa-info icon-stack-1x opacity-100 color-white"></i> </a>
                        <div class="dropdown-menu p-4 text-muted dropdown-md">
                                                            <p>
                                    کاربر گرامي شما به نرم افزار نيما وارد شده ايد.                                </p>
                                                            <p>
                                    اين سامانه داراي طبقه بندي محرمانه مي باشد.                                </p>
                                                            <p>
                                    اعلان ردگيري و بازبيني فعاليت هاي كاربر وجود دارد.                                </p>
                                                            <p>
                                    كاربر در قبال اطلاعات حساس مورد دست يابي مسئول مي باشد.                                </p>
                                                    </div>
                    </span>
				</div>
            </div>

			<div class="card-body">
                				<form name="frmLogin" style="overflow-y:auto" method="post" class="mt-3">
					<div class="input-group form-group">
						<div class="input-group-prepend">
							<span class="input-group-text bg-success-900"><i class="fas fa-user"></i></span>
						</div>
                                                						<input type="text" class="form-control" id="User" autocomplete="off" name="User" placeholder="نام کاربری (شماره ملی) ">
						
					</div>
					<div class="input-group form-group LabelPass">
						<div class="input-group-prepend">
							<span class="input-group-text bg-success-900"><i class="fas fa-key"></i></span>
						</div>
						<input type="password" class="form-control" name="Passwd" id="Passwd" placeholder="رمز عبور" autocomplete="off" onkeypress="isCapLockOn(event);">
					</div>
                    <div class="input-group form-group LabelPassold" style="display:none">
						<div class="input-group-prepend">
							<span class="input-group-text bg-success-900">رمز عبور قبلی</span>
						</div>
						<input type="password" class="form-control" name="Passwdold" id="Passwdold" placeholder="" autocomplete="off" onkeypress="isCapLockOn(event);">
					</div>
                    <div id="chpassDiv"  style="display:none;">
                        <div class="input-group form-group">
					    	<div class="input-group-prepend">
					    		<span class="input-group-text bg-success-900">رمز عبور جدید</span>
					    	</div>
					    	<input type="password" class="form-control" name="Passwdnew" id="Passwdnew" placeholder="" autocomplete="off" onkeypress="isCapLockOn(event);" data-toggle="tooltip" title='رمز عبور جدید باید شامل  حداقل5  کاراکتر باشد.'>
					    </div>
                        <div class="input-group form-group">
					    	<div class="input-group-prepend">
					    		<span class="input-group-text bg-success-900">تکرار رمز عبور</span>
					    	</div>
					    	<input type="password" class="form-control" name="Passwdnewrep" id="Passwdnewrep" placeholder="" autocomplete="off" onkeypress="isCapLockOn(event);">
					    </div>
                    </div>   
                                        <div class="input-group form-group" style="display: none;">
					    <div class="input-group-prepend">
					    	<span class="input-group-text bg-success-900">انتخاب دوره</span>
					    </div>
                        <select   name="Doreh" class="form-control" dir="rtl" >
                                                    </select>
					</div>

                    <div class="input-group form-group" id="multidb" style="display: none;">
                        <div class="input-group-prepend">
					    	<span class="input-group-text bg-success-900">انتخاب شرکت</span>
					    </div>
                        <select style="color:black;" class="form-control" placeholder="شرکت موردنظر  را وارد کنید" id="sherkat"  name="sherkat" dir="rtl">
                        </select>
                    </div>
				</form>
			</div>

			<div class="card-footer">
                <div class="d-flex justify-content-around align-items-center">
                    <div class="p-2 lableColor">
                        1403/08/17                    </div>
                    <div class="p-2 col-sm-6">
                        <input type="submit" id="login_btn" value="ورود" class="btn btn-success btn-block" onclick="login()">
                    </div>
                    <div class="p-2 lableColor">
                        SN: 201000                    </div>
                </div>
                <div class="d-flex justify-content-around align-items-center">
                    <div class="p-2 lableColor" id="keyStage"></div>
                    <div class="p-2 lableColor" id="keyLang"></div>
                </div>

                <div class="text-center mb-2 fs-lg color-danger-300 text-wrap" id="LoginMessge" style="text-shadow: 0 0 3px #000;">
	          	    	            </div>
			</div>
		</div> 
	</div>
</div>

<script type="text/javascript" src="/plugin/Advanced Encryption Standard/aes.js "></script>
<script type="text/javascript" src="/plugin/Advanced Encryption Standard/encrypt_AES.js"></script>
<script type="text/javascript" src="/plugin/Advanced Encryption Standard/decrypt_AES.js"></script>

<script type="text/javascript">
    localStorage.openpages = Date.now();
    var onLocalStorageEvent = function(e){
        if(e.key == "openpages"){
            // Listen if anybody else is opening the same page!
            localStorage.page_available = Date.now();
        }
        if(e.key == "page_available"){
            //alert("One more page already open");
			//window.close();
			$('#LoginMessge').text('یک صفحه دیگر از نرم افزار قبلا باز شده است');
			document.getElementById('login_btn').style.display = "none";
                        document.getElementById("User").disabled = true;
                        document.getElementById("Passwd").disabled = true;
        }
    }
    if(! document.documentMode)
        window.addEventListener('storage', onLocalStorageEvent, false);
    else{
        var handle_storage = function (e) {
        if(!document.hasFocus()){
            $('#LoginMessge').text('یک صفحه دیگر از نرم افزار قبلا باز شده است');
			document.getElementById('login_btn').style.display = "none";
                        document.getElementById("User").disabled = true;
                        document.getElementById("Passwd").disabled = true;
            if (confirm("نرم افزار در صفحه دیگری باز است.آیا صفحه بسته شود؟"))
                close();
        }
      };
      window.addEventListener("storage", handle_storage, false);
    }
	//}

    var lenpass = [0,1,8,4];
  
    var valPass = '';
    var options = {
        shortPass: 'طول رمز عبور کوتاه است',
        badPass: 'ضعیف: لطفا از اعداد و حروف استفاده کنید',
        goodPass: 'متوسط: لطفا از کاراکتر های خاص استفاده کنید',
        strongPass: 'قوی',
        containsUsername: 'The password contains the username',
        enterPass: 'رمز عبور را وارد کنید',
        showPercent: false,
        showText: true,
        animate: true,
        animateSpeed: 'fast',
        username: false,
        usernamePartialMatch: true,
        minimumLength: lenpass[valPass],
    };
    function checkValidScore(score,type) {
        switch (type) {
            case '1':
                return score >= 0;
                break;
            case '2':
                return score >= 68;
                break;
            case '3':
                return score >= 34;
                break;
            default:
                return false;
                break;
        }
    }
   
    //cr(8670)
    if (window.navigator.userAgent.indexOf("MSIE ") > 0)
        $('.login_box').css('margin-top', window.screen.height / 5 + 'px');
    //cr(8670) end
    $('#User').keyup(function (event) {
        if (event.keyCode == 13) {
            $('#login_btn').click();
        }
    });
    $('#Passwd').keyup(function (event) {
        if (event.keyCode == 13) {
            $('#login_btn').click();
        }
    });

    function isCapLockOn(e)
    {
        var charKeyCode = e.keyCode ? e.keyCode : e.which; // To work with both MSIE & Netscape
        var shiftKey = e.shiftKey ? e.shiftKey : ((charKeyCode == 16) ? true : false);

        var isEnglish = true;
        // Check both the condition as described above
        // alert(charKeyCode);

        if (charKeyCode > 1570 && charKeyCode < 1745)
        {
            // Caps lock is on
            document.getElementById('keyLang').innerHTML = "Language : FA";
            document.getElementById('keyStage').innerHTML = "-- : Caps lock";
            isEnglish = false;
        }
        if (isEnglish)
        {
            if (((charKeyCode >= 65 && charKeyCode <= 90) && !shiftKey)
                    || ((charKeyCode >= 97 && charKeyCode <= 122) && shiftKey))
            {

                document.getElementById('keyLang').innerHTML = "Language : EN";
                document.getElementById('keyStage').innerHTML = "Caps lock : On";
            } else
            {
                if (((charKeyCode >= 65 && charKeyCode <= 90) && shiftKey)
                        || ((charKeyCode >= 97 && charKeyCode <= 122) && !shiftKey)) {
                    document.getElementById('keyLang').innerHTML = "Language : EN";
                    document.getElementById('keyStage').innerHTML = "Caps lock : Off";
                } else {
                    document.getElementById('keyLang').innerHTML = "Language : EN";
                    document.getElementById('keyStage').innerHTML = "-- : Caps lock";
                }
            }
        }
    }
    $("#User").change(function () {
return;
    
        var user = $(this).val();
        rooturl = '/index/showpic/user/' + user;
        $.ajax({
            type: "POST",
            dataType: "html",
            url: rooturl,
            data: {user: user, format: 'html'},
            success: function (data) {
                $("#picture").empty();
                $('#picture').prepend(data);

            }
        });
    });
  
//CR(8196)
    function login() {
      
        document.getElementById("login_btn").disabled = true;  //encrypt_AES
        var cptcha='';
        
               
                 var pass=$('input[name="Passwdold"]').val() ;
         if(pass=='')		 
		 pass=$('input[name="Passwd"]').val() ;
		 
         var vcv = '&tokenIdAjaxSecurityParam=' + $('#tokenIdAjaxSecurityParam').val() + '&User=' + $('input[name="User"]').val() + '&Passwd=' +
		 pass + '&Passwdnew=' + $('input[name="Passwdnew"]').val() + '&Passwdnewrep=' + $('input[name="Passwdnewrep"]').val() + cptcha;
         
		 var info='&logininfo='+encrypt_AES(vcv);
       AjaxPostWithoutImg('',
                '/index/login', {"param":info
                }, '#LoginMessge');
    }

    function AjaxPostWithoutImg(domain, url, params, presentation) {
		
		$('input[name="Passwdnewrep"]').val('this password is fake');
		$('input[name="Passwdnew"]').val('this password is fake');
        $(presentation).html('');
        var $select = $('#sherkat');
		var sherkat=$('#sherkat').val();
		if(0==0 || (0==1 && sherkat!=null))
		{
			$('input[name="Passwd"]').val('this password is fake');
		}
        $.post(url, params, function (data) {
            var jsonData = $.parseJSON(data);
            $select.find('option')
                    .remove()
                    .end()
                    .append('<option value="0">انتخاب شرکت</option>')
                    .val('0');
            $('#multidb').hide();
            $(jsonData).each(function (index, o) {

                if (index == 0) {
                    switch (o.id) {
                        ////yes///
                        case 1:
                            if(o.lastSeen == 1){
                                $('#LoginMessge').html('<div>'+ o.lastLogin + '</div><br/><div>' + o.unSuccess +'</div>');
                                var delayInMilliseconds = 5000; //5 second
                                setTimeout(function() {
                                    if ('0' == 1)
                                        window.location.href = "/index/newwindow";
                                    else if ('0' == 0)
                                        window.location.href = "/first";
                                }, delayInMilliseconds);
                            }
                            else{
                                //cr(9034)
                                if ('0' == 1)
                                    window.location.href = "/index/newwindow";
                                else if ('0' == 0)
                                    window.location.href = "/first";
                                //cr(9034)end
                            }
                                                        return;

                            break;
                            ///error///
                        case 2:
                            
                            $(presentation).html(o.text);
                            document.getElementById("login_btn").disabled = false; 
                            recaptcha();
   
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:30:26.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "eb811f82a6267bd1b400895ab2a78666",
         "bodymmh3" : 1937466035,
         "component" : [
            {
               "productvendor" : "OpenSSL",
               "productversion" : "1.1.1l",
               "product" : "OpenSSL"
            },
            {
               "productvendor" : "PHP",
               "productversion" : "7.4.25",
               "product" : "PHP"
            }
         ],
         "headermd5" : "e8f8dfb5d140a7705f592f174566c343",
         "headermmh3" : -680212547,
         "title" : "::: Amin Computer ::: \u0628\u0646\u06cc\u0627\u062f \u0633\u067e\u0647\u0631 \u062a\u0628\u0644\u06cc\u063a \u0646\u0648\u06cc\u0646"
      },
      "length" : 16384
   },
   "asn" : "AS42337",
   "country" : "IR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 05:30:23 GMT\r\nServer: Apache/2.4.51 (Win64) OpenSSL/1.1.1l PHP/7.4.25\r\nX-Powered-By: PHP/7.4.25\r\nSet-Cookie: PHPSESSID=dgdid3scickrahc27pphuf0ns6; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n49ae\r\n<html >\r\n    <head>\r\n        <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\r\n\t\t<!--cr(8670) for responsive web design with mobile device-->\r\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\" >\r\n\t\t<!--cr(8670) end-->\r\n        <title>::: Amin Computer ::: \u0628\u0646\u06cc\u0627\u062f \u0633\u067e\u0647\u0631 \u062a\u0628\u0644\u06cc\u063a \u0646\u0648\u06cc\u0646</title>\r\n        <meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\" />        <title>::: Computer Amin :::</title>\r\n        <!-- base css -->\r\n        <link rel=\"stylesheet\" media=\"screen, print\" href=\"/smart/css/vendors.bundle-rtl.css\">\r\n        <link rel=\"stylesheet\" media=\"screen, print\" href=\"/smart/css/app.bundle-rtl.css\">\r\n        <link rel=\"stylesheet\" media=\"screen, print\" href=\"/smart/css/FontAwesome6Pro.css\">\r\n        <link rel=\"stylesheet\" media=\"screen, print\" href=\"/smart/css/font/iransans.css\">\r\n        <!--Custom styles-->\r\n        <link rel=\"stylesheet\" href=\"/smart/css/styleLogin.css\">\r\n        \r\n        <!-- base js -->\r\n        <script src=\"/smart/js/vendors.bundle.js\"></script>\r\n        <!-- The order of scripts is irrelevant -->\r\n\t\t<script type=\"text/javascript\" src=\"/JScripts/functions.js\"></script>\r\n  \r\n    </head>\r\n\r\n    <body>\r\n        <!-- T(2746) -->\r\n                <!-- T(2746)end -->\r\n\r\n        <div style=\"background: url('/windows7/loginPic/amin.jpg?dummy=34') no-repeat center; background-size:100% 100%;\">\r\n            \r\n\r\n<div class=\"container\">\r\n\t<div class=\"d-flex justify-content-center h-100\">\r\n\t\t<!-- <div class=\"card bd-highlight\"> -->\r\n        <div class=\"card bd-highlight\">\r\n\t\t\t<div class=\"\">\r\n                <h4>\u0648\u0631\u0648\u062f</h4>\r\n                <div class=\"d-flex justify-content-end social_icon\">\r\n                                        <span class=\"dropleft\"><a class=\"dropdown-toggle no-arrow icon-stack\" data-toggle=\"dropdown\"><i class=\"base base-5 icon-stack-3x opacity-90 color-success-900\"></i><i class=\"fas fa-info icon-stack-1x opacity-100 color-white\"></i> </a>\r\n                        <div class=\"dropdown-menu p-4 text-muted dropdown-md\">\r\n                                                            <p>\r\n                                    \u06a9\u0627\u0631\u0628\u0631 \u06af\u0631\u0627\u0645\u064a \u0634\u0645\u0627 \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0646\u064a\u0645\u0627 \u0648\u0627\u0631\u062f \u0634\u062f\u0647 \u0627\u064a\u062f.                                </p>\r\n                                                            <p>\r\n                                    \u0627\u064a\u0646 \u0633\u0627\u0645\u0627\u0646\u0647 \u062f\u0627\u0631\u0627\u064a \u0637\u0628\u0642\u0647 \u0628\u0646\u062f\u064a \u0645\u062d\u0631\u0645\u0627\u0646\u0647 \u0645\u064a \u0628\u0627\u0634\u062f.                                </p>\r\n                                                            <p>\r\n                                    \u0627\u0639\u0644\u0627\u0646 \u0631\u062f\u06af\u064a\u0631\u064a \u0648 \u0628\u0627\u0632\u0628\u064a\u0646\u064a \u0641\u0639\u0627\u0644\u064a\u062a \u0647\u0627\u064a \u0643\u0627\u0631\u0628\u0631 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f.                                </p>\r\n                                                            <p>\r\n                                    \u0643\u0627\u0631\u0628\u0631 \u062f\u0631 \u0642\u0628\u0627\u0644 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062d\u0633\u0627\u0633 \u0645\u0648\u0631\u062f \u062f\u0633\u062a \u064a\u0627\u0628\u064a \u0645\u0633\u0626\u0648\u0644 \u0645\u064a \u0628\u0627\u0634\u062f.                                </p>\r\n                                                    </div>\r\n                    </span>\r\n\t\t\t\t</div>\r\n            </div>\r\n\r\n\t\t\t<div class=\"card-body\">\r\n                \t\t\t\t<form name=\"frmLogin\" style=\"overflow-y:auto\" method=\"post\" class=\"mt-3\">\r\n\t\t\t\t\t<div class=\"input-group form-group\">\r\n\t\t\t\t\t\t<div class=\"input-group-prepend\">\r\n\t\t\t\t\t\t\t<span class=\"input-group-text bg-success-900\"><i class=\"fas fa-user\"></i></span>\r\n\t\t\t\t\t\t</div>\r\n                                                \t\t\t\t\t\t<input type=\"text\" class=\"form-control\" id=\"User\" autocomplete=\"off\" name=\"User\" placeholder=\"\u0646\u0627\u0645 \u06a9\u0627\u0631\u0628\u0631\u06cc (\u0634\u0645\u0627\u0631\u0647 \u0645\u0644\u06cc) \">\r\n\t\t\t\t\t\t\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<div class=\"input-group form-group LabelPass\">\r\n\t\t\t\t\t\t<div class=\"input-group-prepend\">\r\n\t\t\t\t\t\t\t<span class=\"input-group-text bg-success-900\"><i class=\"fas fa-key\"></i></span>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t<input type=\"password\" class=\"form-control\" name=\"Passwd\" id=\"Passwd\" placeholder=\"\u0631\u0645\u0632 \u0639\u0628\u0648\u0631\" autocomplete=\"off\" onkeypress=\"isCapLockOn(event);\">\r\n\t\t\t\t\t</div>\r\n                    <div class=\"input-group form-group LabelPassold\" style=\"display:none\">\r\n\t\t\t\t\t\t<div class=\"input-group-prepend\">\r\n\t\t\t\t\t\t\t<span class=\"input-group-text bg-success-900\">\u0631\u0645\u0632 \u0639\u0628\u0648\u0631 \u0642\u0628\u0644\u06cc</span>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t<input type=\"password\" class=\"form-control\" name=\"Passwdold\" id=\"Passwdold\" placeholder=\"\" autocomplete=\"off\" onkeypress=\"isCapLockOn(event);\">\r\n\t\t\t\t\t</div>\r\n                    <div id=\"chpassDiv\"  style=\"display:none;\">\r\n                        <div class=\"input-group form-group\">\r\n\t\t\t\t\t    \t<div class=\"input-group-prepend\">\r\n\t\t\t\t\t    \t\t<span class=\"input-group-text bg-success-900\">\u0631\u0645\u0632 \u0639\u0628\u0648\u0631 \u062c\u062f\u06cc\u062f</span>\r\n\t\t\t\t\t    \t</div>\r\n\t\t\t\t\t    \t<input type=\"password\" class=\"form-control\" name=\"Passwdnew\" id=\"Passwdnew\" placeholder=\"\" autocomplete=\"off\" onkeypress=\"isCapLockOn(event);\" data-toggle=\"tooltip\" title='\u0631\u0645\u0632 \u0639\u0628\u0648\u0631 \u062c\u062f\u06cc\u062f \u0628\u0627\u06cc\u062f \u0634\u0627\u0645\u0644  \u062d\u062f\u0627\u0642\u06445  \u06a9\u0627\u0631\u0627\u06a9\u062a\u0631 \u0628\u0627\u0634\u062f.'>\r\n\t\t\t\t\t    </div>\r\n                        <div class=\"input-group form-group\">\r\n\t\t\t\t\t    \t<div class=\"input-group-prepend\">\r\n\t\t\t\t\t    \t\t<span class=\"input-group-text bg-success-900\">\u062a\u06a9\u0631\u0627\u0631 \u0631\u0645\u0632 \u0639\u0628\u0648\u0631</span>\r\n\t\t\t\t\t    \t</div>\r\n\t\t\t\t\t    \t<input type=\"password\" class=\"form-control\" name=\"Passwdnewrep\" id=\"Passwdnewrep\" placeholder=\"\" autocomplete=\"off\" onkeypress=\"isCapLockOn(event);\">\r\n\t\t\t\t\t    </div>\r\n                    </div>   \r\n                                        <div class=\"input-group form-group\" style=\"display: none;\">\r\n\t\t\t\t\t    <div class=\"input-group-prepend\">\r\n\t\t\t\t\t    \t<span class=\"input-group-text bg-success-900\">\u0627\u0646\u062a\u062e\u0627\u0628 \u062f\u0648\u0631\u0647</span>\r\n\t\t\t\t\t    </div>\r\n                        <select   name=\"Doreh\" class=\"form-control\" dir=\"rtl\" >\r\n                                                    </select>\r\n\t\t\t\t\t</div>\r\n\r\n                    <div class=\"input-group form-group\" id=\"multidb\" style=\"display: none;\">\r\n                        <div class=\"input-group-prepend\">\r\n\t\t\t\t\t    \t<span class=\"input-group-text bg-success-900\">\u0627\u0646\u062a\u062e\u0627\u0628 \u0634\u0631\u06a9\u062a</span>\r\n\t\t\t\t\t    </div>\r\n                        <select style=\"color:black;\" class=\"form-control\" placeholder=\"\u0634\u0631\u06a9\u062a \u0645\u0648\u0631\u062f\u0646\u0638\u0631  \u0631\u0627 \u0648\u0627\u0631\u062f \u06a9\u0646\u06cc\u062f\" id=\"sherkat\"  name=\"sherkat\" dir=\"rtl\">\r\n                        </select>\r\n                    </div>\r\n\t\t\t\t</form>\r\n\t\t\t</div>\r\n\r\n\t\t\t<div class=\"card-footer\">\r\n                <div class=\"d-flex justify-content-around align-items-center\">\r\n                    <div class=\"p-2 lableColor\">\r\n                        1403/08/17                    </div>\r\n                    <div class=\"p-2 col-sm-6\">\r\n                        <input type=\"submit\" id=\"login_btn\" value=\"\u0648\u0631\u0648\u062f\" class=\"btn btn-success btn-block\" onclick=\"login()\">\r\n                    </div>\r\n                    <div class=\"p-2 lableColor\">\r\n                        SN: 201000                    </div>\r\n                </div>\r\n                <div class=\"d-flex justify-content-around align-items-center\">\r\n                    <div class=\"p-2 lableColor\" id=\"keyStage\"></div>\r\n                    <div class=\"p-2 lableColor\" id=\"keyLang\"></div>\r\n                </div>\r\n\r\n                <div class=\"text-center mb-2 fs-lg color-danger-300 text-wrap\" id=\"LoginMessge\" style=\"text-shadow: 0 0 3px #000;\">\r\n\t          \t    \t            </div>\r\n\t\t\t</div>\r\n\t\t</div> \r\n\t</div>\r\n</div>\r\n\r\n<script type=\"text/javascript\" src=\"/plugin/Advanced Encryption Standard/aes.js \"></script>\r\n<script type=\"text/javascript\" src=\"/plugin/Advanced Encryption Standard/encrypt_AES.js\"></script>\r\n<script type=\"text/javascript\" src=\"/plugin/Advanced Encryption Standard/decrypt_AES.js\"></script>\r\n\r\n<script type=\"text/javascript\">\r\n    localStorage.openpages = Date.now();\r\n    var onLocalStorageEvent = function(e){\r\n        if(e.key == \"openpages\"){\r\n            // Listen if anybody else is opening the same page!\r\n            localStorage.page_available = Date.now();\r\n        }\r\n        if(e.key == \"page_available\"){\r\n            //alert(\"One more page already open\");\r\n\t\t\t//window.close();\r\n\t\t\t$('#LoginMessge').text('\u06cc\u06a9 \u0635\u0641\u062d\u0647 \u062f\u06cc\u06af\u0631 \u0627\u0632 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0642\u0628\u0644\u0627 \u0628\u0627\u0632 \u0634\u062f\u0647 \u0627\u0633\u062a');\r\n\t\t\tdocument.getElementById('login_btn').style.display = \"none\";\r\n                        document.getElementById(\"User\").disabled = true;\r\n                        document.getElementById(\"Passwd\").disabled = true;\r\n        }\r\n    }\r\n    if(! document.documentMode)\r\n        window.addEventListener('storage', onLocalStorageEvent, false);\r\n    else{\r\n        var handle_storage = function (e) {\r\n        if(!document.hasFocus()){\r\n            $('#LoginMessge').text('\u06cc\u06a9 \u0635\u0641\u062d\u0647 \u062f\u06cc\u06af\u0631 \u0627\u0632 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0642\u0628\u0644\u0627 \u0628\u0627\u0632 \u0634\u062f\u0647 \u0627\u0633\u062a');\r\n\t\t\tdocument.getElementById('login_btn').style.display = \"none\";\r\n                        document.getElementById(\"User\").disabled = true;\r\n                        document.getElementById(\"Passwd\").disabled = true;\r\n            if (confirm(\"\u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u062f\u0631 \u0635\u0641\u062d\u0647 \u062f\u06cc\u06af\u0631\u06cc \u0628\u0627\u0632 \u0627\u0633\u062a.\u0622\u06cc\u0627 \u0635\u0641\u062d\u0647 \u0628\u0633\u062a\u0647 \u0634\u0648\u062f\u061f\"))\r\n                close();\r\n        }\r\n      };\r\n      window.addEventListener(\"storage\", handle_storage, false);\r\n    }\r\n\t//}\r\n\r\n    var lenpass = [0,1,8,4];\r\n  \r\n    var valPass = '';\r\n    var options = {\r\n        shortPass: '\u0637\u0648\u0644 \u0631\u0645\u0632 \u0639\u0628\u0648\u0631 \u06a9\u0648\u062a\u0627\u0647 \u0627\u0633\u062a',\r\n        badPass: '\u0636\u0639\u06cc\u0641: \u0644\u0637\u0641\u0627 \u0627\u0632 \u0627\u0639\u062f\u0627\u062f \u0648 \u062d\u0631\u0648\u0641 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f',\r\n        goodPass: '\u0645\u062a\u0648\u0633\u0637: \u0644\u0637\u0641\u0627 \u0627\u0632 \u06a9\u0627\u0631\u0627\u06a9\u062a\u0631 \u0647\u0627\u06cc \u062e\u0627\u0635 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f',\r\n        strongPass: '\u0642\u0648\u06cc',\r\n        containsUsername: 'The password contains the username',\r\n        enterPass: '\u0631\u0645\u0632 \u0639\u0628\u0648\u0631 \u0631\u0627 \u0648\u0627\u0631\u062f \u06a9\u0646\u06cc\u062f',\r\n        showPercent: false,\r\n        showText: true,\r\n        animate: true,\r\n        animateSpeed: 'fast',\r\n        username: false,\r\n        usernamePartialMatch: true,\r\n        minimumLength: lenpass[valPass],\r\n    };\r\n    function checkValidScore(score,type) {\r\n        switch (type) {\r\n            case '1':\r\n                return score >= 0;\r\n                break;\r\n            case '2':\r\n                return score >= 68;\r\n                break;\r\n            case '3':\r\n                return score >= 34;\r\n                break;\r\n            default:\r\n                return false;\r\n                break;\r\n        }\r\n    }\r\n   \r\n    //cr(8670)\r\n    if (window.navigator.userAgent.indexOf(\"MSIE \") > 0)\r\n        $('.login_box').css('margin-top', window.screen.height / 5 + 'px');\r\n    //cr(8670) end\r\n    $('#User').keyup(function (event) {\r\n        if (event.keyCode == 13) {\r\n            $('#login_btn').click();\r\n        }\r\n    });\r\n    $('#Passwd').keyup(function (event) {\r\n        if (event.keyCode == 13) {\r\n            $('#login_btn').click();\r\n        }\r\n    });\r\n\r\n    function isCapLockOn(e)\r\n    {\r\n        var charKeyCode = e.keyCode ? e.keyCode : e.which; // To work with both MSIE & Netscape\r\n        var shiftKey = e.shiftKey ? e.shiftKey : ((charKeyCode == 16) ? true : false);\r\n\r\n        var isEnglish = true;\r\n        // Check both the condition as described above\r\n        // alert(charKeyCode);\r\n\r\n        if (charKeyCode > 1570 && charKeyCode < 1745)\r\n        {\r\n            // Caps lock is on\r\n            document.getElementById('keyLang').innerHTML = \"Language : FA\";\r\n            document.getElementById('keyStage').innerHTML = \"-- : Caps lock\";\r\n            isEnglish = false;\r\n        }\r\n        if (isEnglish)\r\n        {\r\n            if (((charKeyCode >= 65 && charKeyCode <= 90) && !shiftKey)\r\n                    || ((charKeyCode >= 97 && charKeyCode <= 122) && shiftKey))\r\n            {\r\n\r\n                document.getElementById('keyLang').innerHTML = \"Language : EN\";\r\n                document.getElementById('keyStage').innerHTML = \"Caps lock : On\";\r\n            } else\r\n            {\r\n                if (((charKeyCode >= 65 && charKeyCode <= 90) && shiftKey)\r\n                        || ((charKeyCode >= 97 && charKeyCode <= 122) && !shiftKey)) {\r\n                    document.getElementById('keyLang').innerHTML = \"Language : EN\";\r\n                    document.getElementById('keyStage').innerHTML = \"Caps lock : Off\";\r\n                } else {\r\n                    document.getElementById('keyLang').innerHTML = \"Language : EN\";\r\n                    document.getElementById('keyStage').innerHTML = \"-- : Caps lock\";\r\n                }\r\n            }\r\n        }\r\n    }\r\n    $(\"#User\").change(function () {\r\nreturn;\r\n    \r\n        var user = $(this).val();\r\n        rooturl = '/index/showpic/user/' + user;\r\n        $.ajax({\r\n            type: \"POST\",\r\n            dataType: \"html\",\r\n            url: rooturl,\r\n            data: {user: user, format: 'html'},\r\n            success: function (data) {\r\n                $(\"#picture\").empty();\r\n                $('#picture').prepend(data);\r\n\r\n            }\r\n        });\r\n    });\r\n  \r\n//CR(8196)\r\n    function login() {\r\n      \r\n        document.getElementById(\"login_btn\").disabled = true;  //encrypt_AES\r\n        var cptcha='';\r\n        \r\n               \r\n                 var pass=$('input[name=\"Passwdold\"]').val() ;\r\n         if(pass=='')\t\t \r\n\t\t pass=$('input[name=\"Passwd\"]').val() ;\r\n\t\t \r\n         var vcv = '&tokenIdAjaxSecurityParam=' + $('#tokenIdAjaxSecurityParam').val() + '&User=' + $('input[name=\"User\"]').val() + '&Passwd=' +\r\n\t\t pass + '&Passwdnew=' + $('input[name=\"Passwdnew\"]').val() + '&Passwdnewrep=' + $('input[name=\"Passwdnewrep\"]').val() + cptcha;\r\n         \r\n\t\t var info='&logininfo='+encrypt_AES(vcv);\r\n       AjaxPostWithoutImg('',\r\n                '/index/login', {\"param\":info\r\n                }, '#LoginMessge');\r\n    }\r\n\r\n    function AjaxPostWithoutImg(domain, url, params, presentation) {\r\n\t\t\r\n\t\t$('input[name=\"Passwdnewrep\"]').val('this password is fake');\r\n\t\t$('input[name=\"Passwdnew\"]').val('this password is fake');\r\n        $(presentation).html('');\r\n        var $select = $('#sherkat');\r\n\t\tvar sherkat=$('#sherkat').val();\r\n\t\tif(0==0 || (0==1 && sherkat!=null))\r\n\t\t{\r\n\t\t\t$('input[name=\"Passwd\"]').val('this password is fake');\r\n\t\t}\r\n        $.post(url, params, function (data) {\r\n            var jsonData = $.parseJSON(data);\r\n            $select.find('option')\r\n                    .remove()\r\n                    .end()\r\n                    .append('<option value=\"0\">\u0627\u0646\u062a\u062e\u0627\u0628 \u0634\u0631\u06a9\u062a</option>')\r\n                    .val('0');\r\n            $('#multidb').hide();\r\n            $(jsonData).each(function (index, o) {\r\n\r\n                if (index == 0) {\r\n                    switch (o.id) {\r\n                        ////yes///\r\n                        case 1:\r\n                            if(o.lastSeen == 1){\r\n                                $('#LoginMessge').html('<div>'+ o.lastLogin + '</div><br/><div>' + o.unSuccess +'</div>');\r\n                                var delayInMilliseconds = 5000; //5 second\r\n                                setTimeout(function() {\r\n                                    if ('0' == 1)\r\n                                        window.location.href = \"/index/newwindow\";\r\n                                    else if ('0' == 0)\r\n                                        window.location.href = \"/first\";\r\n                                }, delayInMilliseconds);\r\n                            }\r\n                            else{\r\n                                //cr(9034)\r\n                                if ('0' == 1)\r\n                                    window.location.href = \"/index/newwindow\";\r\n                                else if ('0' == 0)\r\n                                    window.location.href = \"/first\";\r\n                                //cr(9034)end\r\n                            }\r\n                                                        return;\r\n\r\n                            break;\r\n                            ///error///\r\n                        case 2:\r\n                            \r\n                            $(presentation).html(o.text);\r\n                            document.getElementById(\"login_btn\").disabled = false; \r\n                            recaptcha();\r\n   ",
   "datamd5" : "9ffbd20d00d4ae21054b8a059fd83ed4",
   "datammh3" : 1637622106,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS42337",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "IR",
      "countryname" : "Iran",
      "domain" : [
         "respina.net"
      ],
      "isineu" : "false",
      "latitude" : "32.427908",
      "location" : "32.427908,53.688046",
      "longitude" : "53.688046",
      "netname" : "IR-RSPN-20120725",
      "organization" : "Respina Networks & Beyond PJSC",
      "subnet" : "5.160.0.0/16"
   },
   "ip" : "5.160.82.82",
   "ipv6" : "false",
   "latitude" : "35.6980",
   "location" : "35.6980,51.4115",
   "longitude" : "51.4115",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Respina Networks & Beyond PJSC",
   "os" : "Windows",
   "osbits" : 64,
   "osdistribution" : "sUse",
   "osvendor" : "Microsoft",
   "port" : 7549,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.51",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "5.160.64.0/19",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 185.47.252.199:7549 (tcp/http) - last seen on 2024-11-07 at 05:30:07 UTC

    • IP
      185.47.252.199
      Network
      185.47.252.0/22
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

      Operating System
      Cisco IOS
      URL

      http://185.47.252.199:7549/ 200

      ASN
      AS136258
      Organization
      BrainStorm Network, Inc
      Protocol
      http
      Source
      datascan
    • Operating System
      Cisco IOS
      Product
      OpenResty OpenResty
      HTTP Component(s)
      Cisco IOS XE
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      d30f413838542e1da0a5e0ea356a4358
      HTTP Header MD5
      bfaa0347c56bed3076716b0280a51f7c
      HTTP Body MD5
      f9a1ab8d92bcb3c2f7dfcf96bdb23e2e 
    • HTTP/1.1 200 OK
Server: openresty
Date: Thu, 07 Nov 2024 05:30:07 UTC
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Oct 2023 15:43:08 GMT
Last-Modified: Thu, 19 Oct 2023 15:43:08 GMT
Cache-Control: no-store, no-cache, must-revalidate
Accept-Ranges: none
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=7884000

53
<script>window.onload=function(){ url ='/webui';window.location.href=url;}</script>
0


    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:30:07.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "f9a1ab8d92bcb3c2f7dfcf96bdb23e2e",
         "bodymmh3" : 2145332677,
         "component" : [
            {
               "productvendor" : "Cisco",
               "product" : "IOS XE"
            }
         ],
         "header" : [
            {
               "value" : "Thu, 19 Oct 2023 15:43:08 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "bfaa0347c56bed3076716b0280a51f7c",
         "headermmh3" : 169725318
      },
      "length" : 559
   },
   "asn" : "AS136258",
   "city" : "Lima",
   "country" : "PE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Thu, 07 Nov 2024 05:30:07 UTC\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Thu, 19 Oct 2023 15:43:08 GMT\r\nLast-Modified: Thu, 19 Oct 2023 15:43:08 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nAccept-Ranges: none\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: SAMEORIGIN\r\nStrict-Transport-Security: max-age=7884000\r\n\r\n53\r\n<script>window.onload=function(){ url ='/webui';window.location.href=url;}</script>\r\n0\r\n\r\n",
   "datamd5" : "d30f413838542e1da0a5e0ea356a4358",
   "datammh3" : -27477020,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "ip" : "185.47.252.199",
   "ipv6" : "false",
   "latitude" : "-12.0432",
   "location" : "-12.0432,-77.0282",
   "longitude" : "-77.0282",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "BrainStorm Network, Inc",
   "os" : "IOS",
   "osvendor" : "Cisco",
   "port" : 7549,
   "product" : "OpenResty",
   "productvendor" : "OpenResty",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "185.47.252.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 47.76.144.139:7549 (tcp/http) - last seen on 2024-11-07 at 05:30:03 UTC

    • IP
      47.76.144.139
      Network
      47.76.0.0/16
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

      Operating System
      Cisco IOS sUse
      URL

      http://47.76.144.139:7549/ 200

      HTTP Title
      Password Recovery
      HTTP Keyword(s)
      voip vos3000
      HTTP Copyright
      www.linknat.com, 昆石网络
      ASN
      AS45102
      Organization
      Alibaba US Technology Co., Ltd.
      Protocol
      http
      Source
      datascan
    • Operating System
      Cisco IOS sUse
      Product
      Cisco WebVPN 8.6.0
      HTTP Component(s)
      Drupal Drupal 8 Gitlab Gitlab RedHat JBoss Community Application Server 4.0.5 SPIP SPIP 4.1.11 Jenkins Jenkins 2.121.3 MobileIron Core Apache org.apache.sling.servlets.post 2.4 Oracle Java Adobe Coldfusion Atlassian Confluence
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      e0d645d19fd2e8d80a235605fc03ab69
      HTTP Header MD5
      abf08c19b2beab0c2a765e09bc8e4ff3
      HTTP Body MD5
      0c0934d51ddd9a13f8880938bbea7b79 
    • HTTP/1.1 200 OK
Composed-By: SPIP 4.1.11 @ www.spip.net
Content-Length: 106187
Content-Type: text/html;charset=utf-8
Last-Modified: Fri, 29 Jul 2022 16:53:01 GMT
Loginip: <srcip>
Nel: {'report_to': 'network-errors', 'max_age': 2592000, 'failure_fraction': 0.01, 'success_fraction': 0.0001}
Pragma: private
Server: CherryPy/8.6.0
Set-Cookie: akaunting_session=7b22; Path=/;
Set-Cookie: grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax
Set-Cookie: fsm_u=admin; Path=/;
Set-Cookie: webvpnlogin=; path=/; secure;
Set-Cookie: roundcube_cookies=enabled; HttpOnly; expires=Tue, 01-Jan-1970 00:00:01 GMT; path=/; port=2095
Set-Cookie: SUPPORTCHROMEOS=1; path=/; secure;
Set-Cookie: acSamlv2Token=; path=/; secure;
Set-Cookie: CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;
Set-Cookie: csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains
Set-Cookie: cepcAdminID=25263a2bf; path=/;
Set-Cookie: webvpnaac=1; path=/; secure;
Set-Cookie: SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;
Set-Cookie: PHC_DISABLED=1; path=/; secure;
Set-Cookie: webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;
Set-Cookie: UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;
Set-Cookie: SOLONID=n91i168jps8rd856bcrln2isqe; path=/
Set-Cookie: XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Fri, 14-Mar-2092 22:32:26 GMT; Path=/; HttpOnly;
Set-Cookie: JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;
X-Cache: miss
X-Cache-Lookup: MISS from Hello:8080
X-Cache-Miss-From: parking-74c5b8d946-dhmw5
X-Cmd-Response: root
X-Content-Powered-By: K2 v2.8.0 (by JoomlaWor
X-Content-Type-Options: nosniff
X-Dc: gcp-us-east1,gcp-us-central1,gcp-us-central1
X-Drupal-Cache: xHIT
X-Drupal-Dynamic-Cache: MISS
X-Frame-Options: SAMEORIGIN
X-Generator: Drupal 8 (https://www.drupal.org)
X-Jenkins: 2.121.3
X-Jenkins-Session: f72d6619
X-Language: english
X-Mod-Pagespeed: 1.13.35.2-0
X-Nananana: Batcache
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=2006101
X-Runtime: 0.00985
X-Squid-Error: ERR_INVALID_URL 0
X-Xss-Protection: 1; mode=block
Date: Thu, 07 Nov 2024 05:30:03 GMT
Connection: close

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta http-equiv="Pragma" content="no-cache" />
<meta charset="utf-8">
<meta content="IE=edge" http-equiv="X-UA-Compatible">
<meta content="object" property="og:type">
<meta content="GitLab" property="og:site_name">
<meta content="Help" property="og:title">
<meta content="GitLab Community Edition" property="og:description">
<meta content="summary" property="twitter:card">
<meta content="Help" property="twitter:title">
<meta content="GitLab Community Edition" property="twitter:description">
<meta content="GitLab Community Edition" name="description">
<meta content="#474D57" name="theme-color">
<meta content="#30353E" name="msapplication-TileColor">
<meta name="csrf-param" content="authenticity_token" />
<meta name="csrf-token" content="8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e0cb6ed03ba384eeffc23b0926==" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta http-equiv="expires" content="-1"/>
<meta name="keywords" content="VOS3000, VoIP, VoIP运营支撑系统, 软交换"/>
<meta name="author" content="www.linknat.com, 昆石网络"/>
<meta name="copyright" content="www.linknat.com, 昆石网络"/>
<meta name="generator" content="SPIP 4.1.11" />
<script src="/jquery.min.js"></script> 
<title>Password Recovery</title>
</head>
<body>
<div style="display: none;">
<script>SC.util.mergeIntoContext({"focusedControlID":null,"userName":"","userDisplayName":"","isUserAuthenticated":false,"antiForgeryToken":"THtoAUxH4sS9","isUserAdministrator":false,"canManageSharedToolbox":false,"pageBaseFileName":"Guest","notifyActivityFrequencyMilliseconds":600000,"loginAfterInactivityMilliseconds":36000000,"canChangePassword":false,"controlPanelUrl":null,"pageType":"GuestPage","processType":2,"userAgentOverride":null,"sessionTypeInfos":[]});</script>
<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last="1">fritzr</User></Users></SessionInfo>
<Account>
<Entry0 Active="Yes" username="CMCCAdmin" web_passwd="CmcC4dm1n5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry1 Active="Yes" username="useradmin" web_passwd="Gu4ngx1pd5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<Entry2 Active="Yes" username="CUAdmin"   web_passwd="CUAdmin5591" display_mask="FF FF D7 DD FF 1D FF FF FF" Logged="1" LoginIp="192.168.1.10"/>
<TelnetEntry Active="Yes" telnet_username="Admin" telnet_passwd="cxx4dm1n5591" telnet_port="23"/>
<FtpEntry Active="Yes" ftp_right="1" ftp_auth="1" ftp_username="Admin" ftp_passwd="cxx4dm1n5591" ftp_port="21" />
<SambaEntry Active="Yes" smb_right="1" smb_auth="1" smb_username="Admin" smb_passwd="cxx4dm1n5591" />
<ConsoleEntry Active="Yes" console_username="Admin" console_passwd="cxx4dm1n5591"/>
<CTDefParaEntry setDefValueFlag="1" />
</Account>
<div>8.5.5 (Build:20200530.307-TEMP)</div>
<span class="greyNote version"><span class="vWord">Version</span> 2023.11.3 (build 147512)</span>
<h1>Logged in as <strong>admin</strong></h1><input type="hidden" name="csrfmiddlewaretoken" value="e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y"><textarea id="3revi" name="revi" rows="4" cols="50">server1 Ubuntu 22.04 LTS</textarea>
<ca status="disabled" href="/+CSCOCA+/login.html" />
<form action="/login/vpnSdef" enctype="multipart/form-data" method="post" name="login">
    <div data-user="root" data-module="package-updates"></div>
    <code>The zip file did not contain an entry exportDescriptor.properties</code>
    <span class="form-hidden"><input name="page" value="login" type="hidden"/><input name="formulaire_action" type="hidden" value="login" /><input name="formulaire_action_args" type="hidden" value="dzdNV0MzUGFDV0NHemR6bWorekNEWHY=" /><input name="formulaire_action_sign" type="hidden" value="" /></span>
    <message>Please enter your username and password.</message>
    <input name="formid" type="hidden" value="012afed" />
    <input name="javax.faces.ViewState" type="hidden" value="012afed" />
    <input name="queryString" type="hidden" value="1406192" />
    <div class="versionInfo">The Cacti Group Version 1.2.25</div>
    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>
    <input type="hidden" name="token" value="0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec">
    <input type='hidden' name='__csrf_magic' value="key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654" />
    <input type="hidden" name="tokenid"  value="1804289383" >
    <input type="hidden" name="name"  value="1804289383" >
    <input type="hidden" name="csrfKey" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="hidden" name="csrf_token" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" name="ref" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="username_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" name="password_fieldname" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="csrf" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="csrf" name="xd_check" value="aHR0cHM6Ly9pcHMuY2x1Yi8=">
	<input type="hidden" id="give-form-id" name="give-form-id" value="621aec6b886ff81169bed7de5d47b5ed">
	<input type="hidden" id="give-form-hash" name="give-form-hash" value="621aec6b886ff81169bed7de5d47b5ed">
    <input type="text" name="username" label="Username:" value="admin" />
    <input type="password" name="password" label="Password:" value="123456" />
    <input type="hidden" name="tgroup" value="DefaultADMINGroup" />
    <input type="submit" name="Login" value="Login" />
    <input type="reset" name="Clear" value="Clear" />
</form>
<input type="hidden" value="Maintain/cloud_index.php" id="cloud_addr">
<li class="lisel" onclick="location.href='index.php'">日志系统</li>
<li class="linormal" onclick="location.href='Maintain/cloud_index.php'" style="margin-left:1px;">云平台</li>
<button type="button" data-price-id=True>sb</button>
<div class="prod_madelName">RT-AC5300</div>
<div class="p1 title_gap">Sign in with your ASUS router account</div>
<tr class="h"><th>PHP Group</th></tr>
<tr><td class="e">upload_tmp_dir</td><td class="v">/etc/httpd/_tmp</td><td class="v">/etc/httpd/_tmp</td></tr>
<tr><td class="e">$_SERVER['DOCUMENT_ROOT']</td><td class="v">/mnt/HDD2/web/</td></tr>
<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>
<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>
<div class="text" id="jive-loginVersion"> Openfire, Version: 3.6.0a</div>
<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>
<div id="mcname">LoadMaster</div>
<p><br/><span>出厂IP:192.168.1.1</span><br/><span>用户名、密码:admin admin</span></p>
<td colspan="2">Please enter your Cacti user name and password below:</td>
<meta id="confluence-context-path" name="confluence-context-path" content="">
<meta id="confluence-base-url" name="confluence-base-url" content="https://192.168.1.4">
<meta id="atlassian-token" name="atlassian-token" content="d78e2b977d28428e411e31b958c9c502c2425083">
<script id="frontend-js-extra">var hashform_vars = {"ajaxurl":"\/wp-admin\/admin-ajax.php","ajax_nounce":"d78e2b97","preview_img":""};</script>
<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>
<B>SonicWall Universal Management Suite v9.3</B>
<br>OK<br>
<script type="text/javascript">var csrfMagicToken = "sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646";var csrfMagicName = "__vtrftk";</script>
<select id="cars" name="name">
<option value="olvo">olvo</option>
</select>
<a href="/VICIdial/phone">MODIFY</a>
<input type="hidden" name="extension"  value="1804289383" >
<input type="hidden" name="pass"  value="1804289383" >
<input type="hidden" name="recording_exten"  value="1804289383" >
<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>
<input type='hidden' name='LDCSA_CSRF' value="sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985" />
<script type='text/javascript'>
	var cactiVersion='1.2.27';
	var cactiServerOS='unix';
	var cactiAction='';
	var theme='modern';
	var refreshIsLogout=true;
	var refreshPage='/logout.php?action=timeout';
	var refreshMSeconds=1440000;
	var urlPath='/';
	var previousPage='';
	var sessionMessage=[];
	var csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';
</script>

<!--
<Username Level="40/40" Dispatch="account">admin</Username><User1><Password Level="40/40" Dispatch="account">admin</Password></User1>
/var/pinglog
<TITLE>Login</TITLE>
<a href="jpg.html">LIVE JPEG</a><br>
<a href="liveie.html">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>
<a href="DVRRemoteAP.exe">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVRRemoteAP_X64.exe">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>
<a href="DVFPlayer.zip">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>
<\?xml version="1.0" encoding="utf-8"?><base64Binary xmlns="http://micros-hosting.com/EGateway/">
Location: /admin
<meta name="generator" content="vBulletin 5.5.4" />
Location: http://<ip>:80/relogin.htm?_t=3541144909
Location: http://<ip>:80/syscmd.htm" Location: /ui/login
/cgi-bin/webctrl.cgi?action=index_page
PDR-M800
function btnPing()
<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF="http://<ip>:80/relogin.htm?_t=179439949">here</A></BODY></HTML>
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_shortcut.png">
<link type="image/x-icon" rel="shortcut icon" href="/themes/img/icon/cisco_logo.png">
<td class="Copyright" colspan="2" style="text-align:justify" height="20" valign="bottom">© 2017 Cisco Systems, Inc. All Rights Reserved.
<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered
trademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates
in the United States and certain other countries.
</td>
:
#
>
$
SSH key is good
is not a valid ref and may not be archived
pcPassword2
'&sessionKey=790148060;'
name="sessionKey" value="790148060"
Set-Cookie: loginName=admin
var fgt_lang = /dev/cmdb/sslvpn_websession
php 8.1.0-dev exit
springframework
Tomcat
DEVICE.ACCOUNT=admin
AUTHORIZED_GROUP=1
<uid></uid>
<name>Admin</name>
<usrid></usrid>
<password>admin</password>
<group></group>
cpto /tmp/"root"
Model=AC1450
Firmware=V1.0.0.36_10.0.17
"exceptionMessageValue":"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found."
BIG-IP release 15.0.0
user:root
12345admin123'
Failed to process image

Location: http://192.168.0.1:52869/picsdesc.xml
You don't have permission to access /vpns/ on this server.
[global]
    workgroup = intranet
    encrypt passwords = Yes
    update encrypted = Yes

funcionando
system_sofia
name resolve order
InfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo
<b>File Uploaded !!!</b><br>
ant=951d11e51392117311602d0c25435d7f
38ee63071a04dc5e04ed22624c38e648
6f3249aa304055d63828af3bfab778f6
<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>
[local]
 tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGUwY2I2ZWQwM2JhMzg0ZWVmZmMyM2IwOTI2PT0=
 addr = <ip>
"Powered by vBulletin Version 5.5.4"
789551
Linear eMerge
SuperSign
ubiq
Yacht
Zeroshell
FastWeb
AuthInfo:
loadingIndicator_bk
Zyxel
skyrouter
WAP54
org.apache.spark.ui



ID: "00af", version: "7.7.31.1", AddItem: function (a, item, c) {}
<insert implant configuration content here>
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api
Copyright (c) 2015-2020 by Cisco Systems, Inc.
All rights reserved.
SSL VPN Service
wsConvertPptResponse
<input id="txtUserName" class="txt-input" type="text" name="userName" value="" />
<input id="txtPassword" class="txt-input" type="password" name="password" value="" />
<button id="btnLogin" lc="html" lk="IDCS_LOGIN_NBSP">
<span lc="html" lk="IDCS_BS_PLUGIN_DOWNLOAD" style="line-height: 30px; vertical-align: top;"></span>
<script src="../Scripts/login.htm.js?v={JS_CSS_V}" type="text/javascript"></script>
<LegacyDN>eD2bxe4</LegacyDN>
<title class="_ctxstxt_NetscalerGateway">
SAML Assertion verification failed; Please contact your administrator
v=2b46554c087d2d5516559e9b8bc1875d
/vpn/images/AccessGateway.ico
frame-busting
/vpn/js/logout_view.js?v=
_ctxstxt_NetscalerAAA
lib.min20200813.js
401 Unauthorized Basic realm=
sName='1';onTest(this);
var passadm = "admin";
OPMODE_BRIDGE
document.all.cmd_result
<input id="key" type="text" style="width: 200px" value="02108CB9-2200D5A4">
<input id="date" type="text" style="width: 200px" value="12/25/2023">
main page cgi-bin/login.cgi
var sessionKey='030ff030ff88';
loc += '&sessionKey=19dec20030ff8dcb2';
}

var code = 'location="' + loc + '"';

Password change successful
J2100N GPON ONT
/cgi-bin/webui/admin
sesskey
name=admin pass=123 priv=ppp
service=www.dlinkddns.com
sysCmdType
Content-Type: auth/request


Content-Type: command/reply

Reply-Text: +OK accepted


X-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)
007b2000-007c1000 rw-p 00000000 00:00 0
Size:                 60 kB
Rss:                  52 kB
Pss:                  52 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:        52 kB
Referenced:           52 kB
Anonymous:            52 kB
AnonHugePages:         0 kB
Swap:                  8 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
009b1000-009b8000 rwxp 001b1000 fd:01 333997
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:30:03.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "micros-hosting.com",
            "drupal.org"
         ],
         "file" : [
            "dvrremoteap_x64.exe",
            "dvfplayer.zip",
            "admin-ajax.php",
            "cloud_index.php",
            "dvrremoteap.exe",
            "index.php"
         ],
         "hostname" : [
            "micros-hosting.com",
            "www.drupal.org"
         ],
         "ip" : [
            "192.168.1.4",
            "7.7.31.1",
            "192.168.1.10",
            "1.13.35.2",
            "192.168.1.1",
            "192.168.0.1",
            "1.0.0.36"
         ],
         "url" : [
            "http://192.168.0.1:52869/picsdesc.xml",
            "http://micros-hosting.com/EGateway/",
            "https://192.168.1.4",
            "https://www.drupal.org"
         ]
      },
      "http" : {
         "bodymd5" : "0c0934d51ddd9a13f8880938bbea7b79",
         "bodymmh3" : 227284947,
         "component" : [
            {
               "product" : "SPIP",
               "productvendor" : "SPIP",
               "productversion" : "4.1.11"
            },
            {
               "productversion" : "8",
               "productvendor" : "Drupal",
               "product" : "Drupal"
            },
            {
               "product" : "Core",
               "productvendor" : "MobileIron"
            },
            {
               "product" : "org.apache.sling.servlets.post",
               "productvendor" : "Apache",
               "productversion" : "2.4"
            },
            {
               "product" : "Java",
               "productvendor" : "Oracle"
            },
            {
               "product" : "JBoss Community Application Server",
               "productversion" : "4.0.5",
               "productvendor" : "RedHat"
            },
            {
               "product" : "Gitlab",
               "productvendor" : "Gitlab"
            },
            {
               "product" : "Jenkins",
               "productvendor" : "Jenkins",
               "productversion" : "2.121.3"
            },
            {
               "product" : "Coldfusion",
               "productvendor" : "Adobe"
            },
            {
               "productvendor" : "Atlassian",
               "product" : "Confluence"
            }
         ],
         "copyright" : "www.linknat.com, \u6606\u77f3\u7f51\u7edc",
         "header" : [
            {
               "value" : "Fri, 29 Jul 2022 16:53:01 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "abf08c19b2beab0c2a765e09bc8e4ff3",
         "headermmh3" : 192533008,
         "keywords" : [
            "voip",
            "vos3000"
         ],
         "title" : "Password Recovery"
      },
      "length" : 16297
   },
   "asn" : "AS45102",
   "city" : "Hong Kong",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nComposed-By: SPIP 4.1.11 @ www.spip.net\r\nContent-Length: 106187\r\nContent-Type: text/html;charset=utf-8\r\nLast-Modified: Fri, 29 Jul 2022 16:53:01 GMT\r\nLoginip: <srcip>\r\nNel: {'report_to': 'network-errors', 'max_age': 2592000, 'failure_fraction': 0.01, 'success_fraction': 0.0001}\r\nPragma: private\r\nServer: CherryPy/8.6.0\r\nSet-Cookie: akaunting_session=7b22; Path=/;\r\nSet-Cookie: grafana_session_expiry=1990089920; Path=/; Max-Age=2592000; SameSite=Lax\r\nSet-Cookie: fsm_u=admin; Path=/;\r\nSet-Cookie: webvpnlogin=; path=/; secure;\r\nSet-Cookie: roundcube_cookies=enabled; HttpOnly; expires=Tue, 01-Jan-1970 00:00:01 GMT; path=/; port=2095\r\nSet-Cookie: SUPPORTCHROMEOS=1; path=/; secure;\r\nSet-Cookie: acSamlv2Token=; path=/; secure;\r\nSet-Cookie: CFTOKEN=f337; CFCLIENT_FOO_CORP=preflanguage%3DEN%23; CFID=1F; path=/;HttpOnly;\r\nSet-Cookie: csrftoken=Pt1Guz0uK8QPbP3EV8zBKcxaRaxgrZUPbjZeCK50MLR00VR7THTsnwRPH0otS1lS; Path=/; SameSite=Lax;HttpOnly;Secure;SameSite=Strict; Strict-Transport-Security: max-age=63072000; includeSubDomains\r\nSet-Cookie: cepcAdminID=25263a2bf; path=/;\r\nSet-Cookie: webvpnaac=1; path=/; secure;\r\nSet-Cookie: SID=hBc7TxF76ERhvIw0jQQ4LZ7Z1jQUV0tQ; path=/;\r\nSet-Cookie: PHC_DISABLED=1; path=/; secure;\r\nSet-Cookie: webvpn=A9790AFEACDEFA01FAAEAFEWFF390AE; path=/; secure;\r\nSet-Cookie: UICSESSION=qqhhk66ogtvugchmqfov0j4l96; path=/;\r\nSet-Cookie: SOLONID=n91i168jps8rd856bcrln2isqe; path=/\r\nSet-Cookie: XXL_JOB_LOGIN_IDENTITY=7b226964223a312c227; Max-Age=2147483647; Expires=Fri, 14-Mar-2092 22:32:26 GMT; Path=/; HttpOnly;\r\nSet-Cookie: JSESSIONID=818E3539F13611E2EA4D5BFB48AE058C.jvml; Path=/mifs; OFBiz.Visitor=10004; Secure; HttpOnly;SameSite=lax;\r\nX-Cache: miss\r\nX-Cache-Lookup: MISS from Hello:8080\r\nX-Cache-Miss-From: parking-74c5b8d946-dhmw5\r\nX-Cmd-Response: root\r\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWor\r\nX-Content-Type-Options: nosniff\r\nX-Dc: gcp-us-east1,gcp-us-central1,gcp-us-central1\r\nX-Drupal-Cache: xHIT\r\nX-Drupal-Dynamic-Cache: MISS\r\nX-Frame-Options: SAMEORIGIN\r\nX-Generator: Drupal 8 (https://www.drupal.org)\r\nX-Jenkins: 2.121.3\r\nX-Jenkins-Session: f72d6619\r\nX-Language: english\r\nX-Mod-Pagespeed: 1.13.35.2-0\r\nX-Nananana: Batcache\r\nX-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=2006101\r\nX-Runtime: 0.00985\r\nX-Squid-Error: ERR_INVALID_URL 0\r\nX-Xss-Protection: 1; mode=block\r\nDate: Thu, 07 Nov 2024 05:30:03 GMT\r\nConnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\" />\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n<meta http-equiv=\"Pragma\" content=\"no-cache\" />\n<meta charset=\"utf-8\">\n<meta content=\"IE=edge\" http-equiv=\"X-UA-Compatible\">\n<meta content=\"object\" property=\"og:type\">\n<meta content=\"GitLab\" property=\"og:site_name\">\n<meta content=\"Help\" property=\"og:title\">\n<meta content=\"GitLab Community Edition\" property=\"og:description\">\n<meta content=\"summary\" property=\"twitter:card\">\n<meta content=\"Help\" property=\"twitter:title\">\n<meta content=\"GitLab Community Edition\" property=\"twitter:description\">\n<meta content=\"GitLab Community Edition\" name=\"description\">\n<meta content=\"#474D57\" name=\"theme-color\">\n<meta content=\"#30353E\" name=\"msapplication-TileColor\">\n<meta name=\"csrf-param\" content=\"authenticity_token\" />\n<meta name=\"csrf-token\" content=\"8dcb74a64dc984fb9abe3e7c201f810d9ec90ed8e0cb6ed03ba384eeffc23b0926==\" />\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n<meta http-equiv=\"expires\" content=\"-1\"/>\n<meta name=\"keywords\" content=\"VOS3000, VoIP, VoIP\u8fd0\u8425\u652f\u6491\u7cfb\u7edf, \u8f6f\u4ea4\u6362\"/>\n<meta name=\"author\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"copyright\" content=\"www.linknat.com, \u6606\u77f3\u7f51\u7edc\"/>\n<meta name=\"generator\" content=\"SPIP 4.1.11\" />\n<script src=\"/jquery.min.js\"></script> \n<title>Password Recovery</title>\n</head>\n<body>\n<div style=\"display: none;\">\n<script>SC.util.mergeIntoContext({\"focusedControlID\":null,\"userName\":\"\",\"userDisplayName\":\"\",\"isUserAuthenticated\":false,\"antiForgeryToken\":\"THtoAUxH4sS9\",\"isUserAdministrator\":false,\"canManageSharedToolbox\":false,\"pageBaseFileName\":\"Guest\",\"notifyActivityFrequencyMilliseconds\":600000,\"loginAfterInactivityMilliseconds\":36000000,\"canChangePassword\":false,\"controlPanelUrl\":null,\"pageType\":\"GuestPage\",\"processType\":2,\"userAgentOverride\":null,\"sessionTypeInfos\":[]});</script>\n<SessionInfo><SID>a29d421feecf680a</SID><Challenge>680a</Challenge><BlockTime>0</BlockTime><Rights></Rights><Users><User last=\"1\">fritzr</User></Users></SessionInfo>\n<Account>\n<Entry0 Active=\"Yes\" username=\"CMCCAdmin\" web_passwd=\"CmcC4dm1n5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry1 Active=\"Yes\" username=\"useradmin\" web_passwd=\"Gu4ngx1pd5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<Entry2 Active=\"Yes\" username=\"CUAdmin\"   web_passwd=\"CUAdmin5591\" display_mask=\"FF FF D7 DD FF 1D FF FF FF\" Logged=\"1\" LoginIp=\"192.168.1.10\"/>\n<TelnetEntry Active=\"Yes\" telnet_username=\"Admin\" telnet_passwd=\"cxx4dm1n5591\" telnet_port=\"23\"/>\n<FtpEntry Active=\"Yes\" ftp_right=\"1\" ftp_auth=\"1\" ftp_username=\"Admin\" ftp_passwd=\"cxx4dm1n5591\" ftp_port=\"21\" />\n<SambaEntry Active=\"Yes\" smb_right=\"1\" smb_auth=\"1\" smb_username=\"Admin\" smb_passwd=\"cxx4dm1n5591\" />\n<ConsoleEntry Active=\"Yes\" console_username=\"Admin\" console_passwd=\"cxx4dm1n5591\"/>\n<CTDefParaEntry setDefValueFlag=\"1\" />\n</Account>\n<div>8.5.5 (Build:20200530.307-TEMP)</div>\n<span class=\"greyNote version\"><span class=\"vWord\">Version</span> 2023.11.3 (build 147512)</span>\n<h1>Logged in as <strong>admin</strong></h1><input type=\"hidden\" name=\"csrfmiddlewaretoken\" value=\"e9tIOET3iTncMVL4E0ESylCCQupBWlfL9NobFzaQDir2ktC0Wgy5pafsCrkonl5y\"><textarea id=\"3revi\" name=\"revi\" rows=\"4\" cols=\"50\">server1 Ubuntu 22.04 LTS</textarea>\n<ca status=\"disabled\" href=\"/+CSCOCA+/login.html\" />\n<form action=\"/login/vpnSdef\" enctype=\"multipart/form-data\" method=\"post\" name=\"login\">\n    <div data-user=\"root\" data-module=\"package-updates\"></div>\n    <code>The zip file did not contain an entry exportDescriptor.properties</code>\n    <span class=\"form-hidden\"><input name=\"page\" value=\"login\" type=\"hidden\"/><input name=\"formulaire_action\" type=\"hidden\" value=\"login\" /><input name=\"formulaire_action_args\" type=\"hidden\" value=\"dzdNV0MzUGFDV0NHemR6bWorekNEWHY=\" /><input name=\"formulaire_action_sign\" type=\"hidden\" value=\"\" /></span>\n    <message>Please enter your username and password.</message>\n    <input name=\"formid\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"javax.faces.ViewState\" type=\"hidden\" value=\"012afed\" />\n    <input name=\"queryString\" type=\"hidden\" value=\"1406192\" />\n    <div class=\"versionInfo\">The Cacti Group Version 1.2.25</div>\n    <strong>IPFire 2.19 (2017v) - Core Update 110 introduces significant changes</strong>\n    <input type=\"hidden\" name=\"token\" value=\"0feacf5a1cafc9fcea1ce1255e65fd9a7c11ae3f9235eb6038a2c9fe702ec7ec\">\n    <input type='hidden' name='__csrf_magic' value=\"key:12eef1d88692f7673fb80ab6ba8d051fdce64ccb,1710777654\" />\n    <input type=\"hidden\" name=\"tokenid\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"name\"  value=\"1804289383\" >\n    <input type=\"hidden\" name=\"csrfKey\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"hidden\" name=\"csrf_token\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" name=\"ref\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"username_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" name=\"password_fieldname\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"csrf\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"csrf\" name=\"xd_check\" value=\"aHR0cHM6Ly9pcHMuY2x1Yi8=\">\n\t<input type=\"hidden\" id=\"give-form-id\" name=\"give-form-id\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n\t<input type=\"hidden\" id=\"give-form-hash\" name=\"give-form-hash\" value=\"621aec6b886ff81169bed7de5d47b5ed\">\n    <input type=\"text\" name=\"username\" label=\"Username:\" value=\"admin\" />\n    <input type=\"password\" name=\"password\" label=\"Password:\" value=\"123456\" />\n    <input type=\"hidden\" name=\"tgroup\" value=\"DefaultADMINGroup\" />\n    <input type=\"submit\" name=\"Login\" value=\"Login\" />\n    <input type=\"reset\" name=\"Clear\" value=\"Clear\" />\n</form>\n<input type=\"hidden\" value=\"Maintain/cloud_index.php\" id=\"cloud_addr\">\n<li class=\"lisel\" onclick=\"location.href='index.php'\">\u65e5\u5fd7\u7cfb\u7edf</li>\n<li class=\"linormal\" onclick=\"location.href='Maintain/cloud_index.php'\" style=\"margin-left:1px;\">\u4e91\u5e73\u53f0</li>\n<button type=\"button\" data-price-id=True>sb</button>\n<div class=\"prod_madelName\">RT-AC5300</div>\n<div class=\"p1 title_gap\">Sign in with your ASUS router account</div>\n<tr class=\"h\"><th>PHP Group</th></tr>\n<tr><td class=\"e\">upload_tmp_dir</td><td class=\"v\">/etc/httpd/_tmp</td><td class=\"v\">/etc/httpd/_tmp</td></tr>\n<tr><td class=\"e\">$_SERVER['DOCUMENT_ROOT']</td><td class=\"v\">/mnt/HDD2/web/</td></tr>\n<var name='uuid'><string>7db3eea5-9996-4032-a9cc-3afd06bd11fe</string></var>\n<span >Powered by <a href='#'>Gibbon</a> v23.0.01</span>\n<div class=\"text\" id=\"jive-loginVersion\"> Openfire, Version: 3.6.0a</div>\n<a href='#' title='Community Forum Software by Invision Power Services'>IP.Board</a>\n<div id=\"mcname\">LoadMaster</div>\n<p><br/><span>\u51fa\u5382IP\uff1a192.168.1.1</span><br/><span>\u7528\u6237\u540d\u3001\u5bc6\u7801\uff1aadmin admin</span></p>\n<td colspan=\"2\">Please enter your Cacti user name and password below:</td>\n<meta id=\"confluence-context-path\" name=\"confluence-context-path\" content=\"\">\n<meta id=\"confluence-base-url\" name=\"confluence-base-url\" content=\"https://192.168.1.4\">\n<meta id=\"atlassian-token\" name=\"atlassian-token\" content=\"d78e2b977d28428e411e31b958c9c502c2425083\">\n<script id=\"frontend-js-extra\">var hashform_vars = {\"ajaxurl\":\"\\/wp-admin\\/admin-ajax.php\",\"ajax_nounce\":\"d78e2b97\",\"preview_img\":\"\"};</script>\n<div class='content-messages errorMessage'><p>java.lang.Exception: y9pcHMuY</p></div>\n<B>SonicWall Universal Management Suite v9.3</B>\n<br>OK<br>\n<script type=\"text/javascript\">var csrfMagicToken = \"sid:ed04c4a1c86fe99a92cbe3441e2b1e2989d5deec,1725277646\";var csrfMagicName = \"__vtrftk\";</script>\n<select id=\"cars\" name=\"name\">\n<option value=\"olvo\">olvo</option>\n</select>\n<a href=\"/VICIdial/phone\">MODIFY</a>\n<input type=\"hidden\" name=\"extension\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"pass\"  value=\"1804289383\" >\n<input type=\"hidden\" name=\"recording_exten\"  value=\"1804289383\" >\n<script var session_name = '621aec6b886ff81'; var session_id = '1804289383';</script>\n<input type='hidden' name='LDCSA_CSRF' value=\"sid:7830302ba478216ecf2cf24b53afe6f385998104,1726156985\" />\n<script type='text/javascript'>\n\tvar cactiVersion='1.2.27';\n\tvar cactiServerOS='unix';\n\tvar cactiAction='';\n\tvar theme='modern';\n\tvar refreshIsLogout=true;\n\tvar refreshPage='/logout.php?action=timeout';\n\tvar refreshMSeconds=1440000;\n\tvar urlPath='/';\n\tvar previousPage='';\n\tvar sessionMessage=[];\n\tvar csrfMagicToken='sid:4024e82870233374a2255351fb45057c8f7f9aa6,1728459021;ip:bee133099404bd4ddc2dd5f43c6b86dc3618b300,1728459021';\n</script>\n\n<!--\n<Username Level=\"40/40\" Dispatch=\"account\">admin</Username><User1><Password Level=\"40/40\" Dispatch=\"account\">admin</Password></User1>\n/var/pinglog\n<TITLE>Login</TITLE>\n<a href=\"jpg.html\">LIVE JPEG</a><br>\n<a href=\"liveie.html\">Internet Monitor (Microsoft Internet Explorer 8, 9, 10, 11) </a><br>\n<a href=\"DVRRemoteAP.exe\">Download 32 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVRRemoteAP_X64.exe\">Download 64 bits DVR Client (Windows 7, Windows 8, Windows 10)</a><br>\n<a href=\"DVFPlayer.zip\">Download 32/64 bits File Player (Windows 7, Windows 8, Windows 10)</a><br>\n<\\?xml version=\"1.0\" encoding=\"utf-8\"?><base64Binary xmlns=\"http://micros-hosting.com/EGateway/\">\nLocation: /admin\n<meta name=\"generator\" content=\"vBulletin 5.5.4\" />\nLocation: http://<ip>:80/relogin.htm?_t=3541144909\nLocation: http://<ip>:80/syscmd.htm\" Location: /ui/login\n/cgi-bin/webctrl.cgi?action=index_page\nPDR-M800\nfunction btnPing()\n<HTML><HEAD><TITLE>302 Moved</TITLE></HEAD><BODY><H1>302 Moved</H1>.The document has moved<A HREF=\"http://<ip>:80/relogin.htm?_t=179439949\">here</A></BODY></HTML>\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_shortcut.png\">\n<link type=\"image/x-icon\" rel=\"shortcut icon\" href=\"/themes/img/icon/cisco_logo.png\">\n<td class=\"Copyright\" colspan=\"2\" style=\"text-align:justify\" height=\"20\" valign=\"bottom\">\u00a9 2017 Cisco Systems, Inc. All Rights Reserved.\n<br>Cisco, Cisco Systems, and the Cisco Systems logo are registered\ntrademarks or trademarks of Cisco Systems, Inc. and/or it's affiliates\nin the United States and certain other countries.\n</td>\n:\n#\n>\n$\nSSH key is good\nis not a valid ref and may not be archived\npcPassword2\n'&sessionKey=790148060;'\nname=\"sessionKey\" value=\"790148060\"\nSet-Cookie: loginName=admin\nvar fgt_lang = /dev/cmdb/sslvpn_websession\nphp 8.1.0-dev exit\nspringframework\nTomcat\nDEVICE.ACCOUNT=admin\nAUTHORIZED_GROUP=1\n<uid></uid>\n<name>Admin</name>\n<usrid></usrid>\n<password>admin</password>\n<group></group>\ncpto /tmp/\"root\"\nModel=AC1450\r\nFirmware=V1.0.0.36_10.0.17\r\n\"exceptionMessageValue\":\"javax.servlet.ServletException: No valid forensics analysis solrDocIds parameter found.\"\nBIG-IP release 15.0.0\nuser:root\n12345admin123'\nFailed to process image\n\nLocation: http://192.168.0.1:52869/picsdesc.xml\nYou don't have permission to access /vpns/ on this server.\n[global]\n    workgroup = intranet\n    encrypt passwords = Yes\n    update encrypted = Yes\n\nfuncionando\nsystem_sofia\nname resolve order\nInfoOS:Linux node01 uid=0(root) gid=0(root) groups=0(root)OSInfo\n<b>File Uploaded !!!</b><br>\nant=951d11e51392117311602d0c25435d7f\n38ee63071a04dc5e04ed22624c38e648\n6f3249aa304055d63828af3bfab778f6\n<h1> c80fc6428eb4fe4a3b77898ebf9f3945 </h1>\n[local]\n tid = OGRjYjc0YTY0ZGM5ODRmYjlhYmUzZTdjMjAxZjgxMGQ5ZWM5MGVkOGUwY2I2ZWQwM2JhMzg0ZWVmZmMyM2IwOTI2PT0=\n addr = <ip>\n\"Powered by vBulletin Version 5.5.4\"\n789551\nLinear eMerge\nSuperSign\nubiq\nYacht\nZeroshell\nFastWeb\nAuthInfo:\nloadingIndicator_bk\nZyxel\nskyrouter\nWAP54\norg.apache.spark.ui\n\n\n\nID: \"00af\", version: \"7.7.31.1\", AddItem: function (a, item, c) {}\n<insert implant configuration content here>\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' ws://<ip> ws://<ip>:443 wss://<ip> wss://<ip>:8443 http://<ip>/api\nCopyright (c) 2015-2020 by Cisco Systems, Inc.\nAll rights reserved.\nSSL VPN Service\nwsConvertPptResponse\n<input id=\"txtUserName\" class=\"txt-input\" type=\"text\" name=\"userName\" value=\"\" />\n<input id=\"txtPassword\" class=\"txt-input\" type=\"password\" name=\"password\" value=\"\" />\n<button id=\"btnLogin\" lc=\"html\" lk=\"IDCS_LOGIN_NBSP\">\n<span lc=\"html\" lk=\"IDCS_BS_PLUGIN_DOWNLOAD\" style=\"line-height: 30px; vertical-align: top;\"></span>\n<script src=\"../Scripts/login.htm.js?v={JS_CSS_V}\" type=\"text/javascript\"></script>\n<LegacyDN>eD2bxe4</LegacyDN>\n<title class=\"_ctxstxt_NetscalerGateway\">\nSAML Assertion verification failed; Please contact your administrator\nv=2b46554c087d2d5516559e9b8bc1875d\n/vpn/images/AccessGateway.ico\nframe-busting\n/vpn/js/logout_view.js?v=\n_ctxstxt_NetscalerAAA\nlib.min20200813.js\n401 Unauthorized Basic realm=\nsName='1';onTest(this);\nvar passadm = \"admin\";\nOPMODE_BRIDGE\ndocument.all.cmd_result\n<input id=\"key\" type=\"text\" style=\"width: 200px\" value=\"02108CB9-2200D5A4\">\n<input id=\"date\" type=\"text\" style=\"width: 200px\" value=\"12/25/2023\">\nmain page cgi-bin/login.cgi\nvar sessionKey='030ff030ff88';\nloc += '&sessionKey=19dec20030ff8dcb2';\n}\n\nvar code = 'location=\"' + loc + '\"';\n\nPassword change successful\nJ2100N GPON ONT\n/cgi-bin/webui/admin\nsesskey\nname=admin pass=123 priv=ppp\nservice=www.dlinkddns.com\nsysCmdType\nContent-Type: auth/request\n\n\nContent-Type: command/reply\n\nReply-Text: +OK accepted\n\n\nX-Content-Powered-By: K2 v2.8.0 (by JoomlaWorks)\n007b2000-007c1000 rw-p 00000000 00:00 0\nSize:                 60 kB\nRss:                  52 kB\nPss:                  52 kB\nShared_Clean:          0 kB\nShared_Dirty:          0 kB\nPrivate_Clean:         0 kB\nPrivate_Dirty:        52 kB\nReferenced:           52 kB\nAnonymous:            52 kB\nAnonHugePages:         0 kB\nSwap:                  8 kB\nKernelPageSize:        4 kB\nMMUPageSize:           4 kB\n009b1000-009b8000 rwxp 001b1000 fd:01 333997",
   "datamd5" : "e0d645d19fd2e8d80a235605fc03ab69",
   "datammh3" : 564251809,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "geolocus" : {
      "asn" : "AS45102",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "alibaba-inc.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "organization" : "Alibaba Cloud LLC",
      "subnet" : "47.76.0.0/16"
   },
   "ip" : "47.76.144.139",
   "ipv6" : "false",
   "latitude" : "22.2842",
   "location" : "22.2842,114.1759",
   "longitude" : "114.1759",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Alibaba US Technology Co., Ltd.",
   "os" : "IOS",
   "osdistribution" : "sUse",
   "osvendor" : "Cisco",
   "port" : 7549,
   "product" : "WebVPN",
   "productvendor" : "Cisco",
   "productversion" : "8.6.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "47.76.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 3.6.237.160:7549 (tcp/http) - last seen on 2024-11-07 at 05:29:32 UTC

    • IP
      3.6.237.160
      Network
      3.6.0.0/15
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://3.6.237.160:7549/ 200

      Reverse DNS
      ec2-3-6-237-160.ap-south-1.compute.amazonaws.com
      ASN
      AS16509
      Organization
      AMAZON-02
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      Apache HTTP Server 2.4.1
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      d4e9bf4b65d27143c055d5964b4dc079
      HTTP Header MD5
      a8496ee57b937a237c275b15a4fab6e8
      HTTP Body MD5
      c7b4690c8c46625ef0f328cd7a24a0a3 
    • HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 05:29:32 GMT
Server: Apache/2.4.1 (Unix)
Content-Type: text/html
Content-Length: 44

<html><body><h1>It works!</h1></body></html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:29:32.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "c7b4690c8c46625ef0f328cd7a24a0a3",
         "bodymmh3" : 1993462962,
         "headermd5" : "a8496ee57b937a237c275b15a4fab6e8",
         "headermmh3" : -2016792545
      },
      "length" : 174
   },
   "asn" : "AS16509",
   "city" : "Mumbai",
   "country" : "IN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 05:29:32 GMT\r\nServer: Apache/2.4.1 (Unix)\r\nContent-Type: text/html\r\nContent-Length: 44\r\n\r\n<html><body><h1>It works!</h1></body></html>",
   "datamd5" : "d4e9bf4b65d27143c055d5964b4dc079",
   "datammh3" : 454536734,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "IN",
      "countryname" : "India",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "20.593684",
      "location" : "20.593684,78.96288",
      "longitude" : "78.96288",
      "netname" : "AMAZON-BOM",
      "organization" : "Amazon Data Services India",
      "subnet" : "3.6.0.0/15"
   },
   "host" : [
      "ec2-3-6-237-160"
   ],
   "hostname" : [
      "ec2-3-6-237-160.ap-south-1.compute.amazonaws.com"
   ],
   "ip" : "3.6.237.160",
   "ipv6" : "false",
   "latitude" : "19.0748",
   "location" : "19.0748,72.8856",
   "longitude" : "72.8856",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 7549,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.1",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-3-6-237-160.ap-south-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "ap-south-1.compute.amazonaws.com",
      "compute.amazonaws.com"
   ],
   "subnet" : "3.6.0.0/15",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}