Cyber Defense Search Engine

datascan ctl threatlist sniffer vulnscan riskscan

1
2
3
4
...
next >

IP
38.23.134.14

Network
38.23.128.0/19

Domain(s)
cipherkey.com

Device

<enterprise field>: device.class

URL

http://38.23.134.14:8082/ 200

HTTP Title
Page Redirection

Reverse DNS
38-23-134-14.tpia.cipherkey.com

ASN
AS25668

Organization
CIPHERKEY

Protocol
http

Source
datascan::redirect::2

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
8fe8a455271715061453ac81912ddce7

HTTP Header MD5
26c1e7b2e4b9c3ad6ee704fe983ca1d9

HTTP Body MD5
305d559e781030061ca8d21e058e7825

HTTP/1.1 200 OK

<!DOCTYPE html><html xmlns="http://www.w3.org/1999/xhtml" ><html>	<head>		<title>Page Redirection</title>        <meta charset="UTF-8">        <meta http-equiv="refresh" content="0;url=http://:8080/rfSpectrumAnalyzer.html">    </head>	<body>    Page Redirection To CM    </body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:28:08.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://:8080/rfSpectrumAnalyzer.html",
            "http://www.w3.org/1999/xhtml"
         ]
      },
      "http" : {
         "bodymd5" : "305d559e781030061ca8d21e058e7825",
         "bodymmh3" : 1066143817,
         "headermd5" : "26c1e7b2e4b9c3ad6ee704fe983ca1d9",
         "headermmh3" : 1529339778,
         "title" : "Page Redirection"
      },
      "length" : 304
   },
   "asn" : "AS25668",
   "city" : "Calgary",
   "country" : "CA",
   "data" : "HTTP/1.1 200 OK\r\n\r\n<!DOCTYPE html><html xmlns=\"http://www.w3.org/1999/xhtml\" ><html>\t<head>\t\t<title>Page Redirection</title>        <meta charset=\"UTF-8\">        <meta http-equiv=\"refresh\" content=\"0;url=http://:8080/rfSpectrumAnalyzer.html\">    </head>\t<body>    Page Redirection To CM    </body></html>",
   "datamd5" : "8fe8a455271715061453ac81912ddce7",
   "datammh3" : 944027707,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cipherkey.com"
   ],
   "forward" : "38.23.134.14",
   "geolocus" : {
      "asn" : "AS25668",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "CA",
      "countryname" : "Canada",
      "domain" : [
         "cipherkey.com",
         "cipherkey.net",
         "cogentco.com"
      ],
      "isineu" : "false",
      "latitude" : "56.130366",
      "location" : "56.130366,-106.346771",
      "longitude" : "-106.346771",
      "netname" : "LS-CGNT-NET-3",
      "organization" : "Cipherkey Exchange Corp.",
      "subnet" : "38.23.128.0/19"
   },
   "host" : [
      "38-23-134-14"
   ],
   "hostname" : [
      "38-23-134-14.tpia.cipherkey.com",
      "38.23.134.14"
   ],
   "ip" : "38.23.134.14",
   "ipv6" : "false",
   "latitude" : "51.0406",
   "location" : "51.0406,-114.0764",
   "longitude" : "-114.0764",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CIPHERKEY",
   "port" : 8082,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "38-23-134-14.tpia.cipherkey.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::2",
   "status" : 200,
   "subdomains" : [
      "tpia.cipherkey.com"
   ],
   "subnet" : "38.23.128.0/19",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
92.42.105.7

Network
92.42.104.0/22

Device

<enterprise field>: device.class

URL

http://92.42.105.7:8082/web/login 200

ASN
AS29066

Organization
velia.net Internetdienste GmbH

Protocol
http

Source
datascan::redirect::2
Product
Pocoo Werkzeug 0.11.11

HTTP Component(s)
Python Python 2.7.17

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
22c7afafcf5a0b7d6f411751791fe2a4

HTTP Header MD5
c9c59d29514e51b65ec5016096178fce

HTTP Body MD5
9c2f17640172cd79d2d410b22c56d4ac

HTTP/1.0 200 OK
Content-Type: text/html; charset=utf-8
Set-Cookie: session_id=d7f3d844165bab53af216fb3a909b8c79b47027c; Expires=Wed, 19-Feb-2025 10:27:11 GMT; Max-Age=7776000; Path=/
Content-Length: 2789
Server: Werkzeug/0.11.11 Python/2.7.17
Date: Thu, 21 Nov 2024 10:27:11 GMT


        
        <link rel="stylesheet" href="/web_login_background/static/css/login.css"/>
        <!DOCTYPE html>
        <html style="height: 100%;">
            <head>
                <meta charset="utf-8"/>
                <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"/>
                <meta name="viewport" content="width=device-width, initial-scale=1"/>

                <title></title>
           
       <script type="text/javascript">
                    var odoo = {
                        csrf_token: "4f702dadff2f0f83e5ab6a34b96f6f11971a9dbeo",
                    };
                </script>

                
                
            <link href="/web/content/49264-fe9dd5d/web.assets_common.0.css" rel="stylesheet"/>
                
            <link href="/web/content/49277-79d6f32/web.assets_frontend.0.css" rel="stylesheet"/>
                
            <script  type="text/javascript" src="/web/content/49269-fe9dd5d/web.assets_common.js"></script>
                
            <script  type="text/javascript" src="/web/content/49276-79d6f32/web.assets_frontend.js"></script>
            
            
        </head>
            <body class="container">
                
            
            
            

            <div class="web_login_background">
                <div class="o_database_list">
              <div class="text-center">
                <img src="/web/binary/company_logo"/>
              </div>
              
            <form class="oe_login_form" role="form" method="post" onsubmit="this.action = this.action + location.hash" action="/web/login">
                <input type="hidden" name="csrf_token" value="513eb30f14ad5aea4dd10960eda43970265e9115o1732188431"/>

                

                <div class="form-group field-login">
                    <label for="login" class="control-label">Email</label>
                    <input type="text" name="login" id="login" class="form-control" required="required" autofocus="autofocus" autocapitalize="off"/>
                </div>

                <div class="form-group field-password">
                    <label for="password" class="control-label">Password</label>
                    <input type="password" name="password" id="password" class="form-control" required="required" autocomplete="current-password" maxlength="4096"/>
                </div>

                
                

                <input type="hidden" name="redirect"/>
                <div class="clearfix oe_login_buttons">
                    
                
            <button type="submit" class="btn btn-primary">Log in</button>
                </div>
            </form>
        
              </div>
        </div>
        
            </body>
        </html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:27:11.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "9c2f17640172cd79d2d410b22c56d4ac",
         "bodymmh3" : 814625522,
         "component" : [
            {
               "product" : "Python",
               "productvendor" : "Python",
               "productversion" : "2.7.17"
            }
         ],
         "headermd5" : "c9c59d29514e51b65ec5016096178fce",
         "headermmh3" : 1770284481
      },
      "length" : 3076
   },
   "asn" : "AS29066",
   "city" : "Strasbourg",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.0 200 OK\r\nContent-Type: text/html; charset=utf-8\r\nSet-Cookie: session_id=d7f3d844165bab53af216fb3a909b8c79b47027c; Expires=Wed, 19-Feb-2025 10:27:11 GMT; Max-Age=7776000; Path=/\r\nContent-Length: 2789\r\nServer: Werkzeug/0.11.11 Python/2.7.17\r\nDate: Thu, 21 Nov 2024 10:27:11 GMT\r\n\r\n\n        \n        <link rel=\"stylesheet\" href=\"/web_login_background/static/css/login.css\"/>\n        <!DOCTYPE html>\n        <html style=\"height: 100%;\">\n            <head>\n                <meta charset=\"utf-8\"/>\n                <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\"/>\n                <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\"/>\n\n                <title></title>\n           \n       <script type=\"text/javascript\">\n                    var odoo = {\n                        csrf_token: \"4f702dadff2f0f83e5ab6a34b96f6f11971a9dbeo\",\n                    };\n                </script>\n\n                \n                \n            <link href=\"/web/content/49264-fe9dd5d/web.assets_common.0.css\" rel=\"stylesheet\"/>\n                \n            <link href=\"/web/content/49277-79d6f32/web.assets_frontend.0.css\" rel=\"stylesheet\"/>\n                \n            <script  type=\"text/javascript\" src=\"/web/content/49269-fe9dd5d/web.assets_common.js\"></script>\n                \n            <script  type=\"text/javascript\" src=\"/web/content/49276-79d6f32/web.assets_frontend.js\"></script>\n            \n            \n        </head>\n            <body class=\"container\">\n                \n            \n            \n            \n\n            <div class=\"web_login_background\">\n                <div class=\"o_database_list\">\n              <div class=\"text-center\">\n                <img src=\"/web/binary/company_logo\"/>\n              </div>\n              \n            <form class=\"oe_login_form\" role=\"form\" method=\"post\" onsubmit=\"this.action = this.action + location.hash\" action=\"/web/login\">\n                <input type=\"hidden\" name=\"csrf_token\" value=\"513eb30f14ad5aea4dd10960eda43970265e9115o1732188431\"/>\n\n                \n\n                <div class=\"form-group field-login\">\n                    <label for=\"login\" class=\"control-label\">Email</label>\n                    <input type=\"text\" name=\"login\" id=\"login\" class=\"form-control\" required=\"required\" autofocus=\"autofocus\" autocapitalize=\"off\"/>\n                </div>\n\n                <div class=\"form-group field-password\">\n                    <label for=\"password\" class=\"control-label\">Password</label>\n                    <input type=\"password\" name=\"password\" id=\"password\" class=\"form-control\" required=\"required\" autocomplete=\"current-password\" maxlength=\"4096\"/>\n                </div>\n\n                \n                \n\n                <input type=\"hidden\" name=\"redirect\"/>\n                <div class=\"clearfix oe_login_buttons\">\n                    \n                \n            <button type=\"submit\" class=\"btn btn-primary\">Log in</button>\n                </div>\n            </form>\n        \n              </div>\n        </div>\n        \n            </body>\n        </html>\n    \n    \n    ",
   "datamd5" : "22c7afafcf5a0b7d6f411751791fe2a4",
   "datammh3" : 1202889812,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "92.42.105.7",
   "hostname" : [
      "92.42.105.7"
   ],
   "ip" : "92.42.105.7",
   "ipv6" : "false",
   "latitude" : "48.5855",
   "location" : "48.5855,7.7418",
   "longitude" : "7.7418",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "velia.net Internetdienste GmbH",
   "port" : 8082,
   "product" : "Werkzeug",
   "productvendor" : "Pocoo",
   "productversion" : "0.11.11",
   "protocol" : "http",
   "protocolversion" : "1.0",
   "reason" : "OK",
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::2",
   "status" : 200,
   "subnet" : "92.42.104.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/web/login"
}

IP
103.166.160.171

Network
103.166.160.0/23

Device

<enterprise field>: device.class

Operating System
Microsoft Windows

URL

http://103.166.160.171:8082/inspektorpa 301

HTTP Title
301 Moved Permanently

ASN
AS141952

Organization
PT Link Kita Teknologi

Protocol
http

Source
datascan::redirect::2
Operating System
Microsoft Windows

Product
Apache HTTP Server 2.4.16

HTTP Component(s)
OpenSSL OpenSSL 1.0.1p PHP PHP 5.6.12

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
07453747e7ed583b6d5b5e5280eb1530

HTTP Header MD5
a72904fe4fd35778c25331be2412fcc2

HTTP Body MD5
fc999b4c8dc5e1bb3e34fa60a0d01ad6

HTTP/1.1 301 Moved Permanently
Date: Thu, 21 Nov 2024 10:27:06 GMT
Server: Apache/2.4.16 (Win32) OpenSSL/1.0.1p PHP/5.6.12
Location: http://<ip>:8082/inspektorpa/
Content-Length: 356
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://<ip>:8082/inspektorpa/">here</a>.</p>
<hr>
<address>Apache/2.4.16 (Win32) OpenSSL/1.0.1p PHP/5.6.12 Server at <ip> Port 8082</address>
</body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:27:06.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "fc999b4c8dc5e1bb3e34fa60a0d01ad6",
         "bodymmh3" : -63923173,
         "component" : [
            {
               "product" : "OpenSSL",
               "productvendor" : "OpenSSL",
               "productversion" : "1.0.1p"
            },
            {
               "product" : "PHP",
               "productversion" : "5.6.12",
               "productvendor" : "PHP"
            }
         ],
         "headermd5" : "a72904fe4fd35778c25331be2412fcc2",
         "headermmh3" : -135711259,
         "title" : "301 Moved Permanently"
      },
      "length" : 588
   },
   "asn" : "AS141952",
   "country" : "ID",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 21 Nov 2024 10:27:06 GMT\r\nServer: Apache/2.4.16 (Win32) OpenSSL/1.0.1p PHP/5.6.12\r\nLocation: http://<ip>:8082/inspektorpa/\r\nContent-Length: 356\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>301 Moved Permanently</title>\n</head><body>\n<h1>Moved Permanently</h1>\n<p>The document has moved <a href=\"http://<ip>:8082/inspektorpa/\">here</a>.</p>\n<hr>\n<address>Apache/2.4.16 (Win32) OpenSSL/1.0.1p PHP/5.6.12 Server at <ip> Port 8082</address>\n</body></html>\n",
   "datamd5" : "07453747e7ed583b6d5b5e5280eb1530",
   "datammh3" : 250160520,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "103.166.160.171",
   "geolocus" : {
      "asn" : "AS141952",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "ID",
      "countryname" : "Indonesia",
      "domain" : [
         "linkkita.com",
         "linkkita.id"
      ],
      "isineu" : "false",
      "latitude" : "-0.789275",
      "location" : "-0.789275,113.921327",
      "longitude" : "113.921327",
      "netname" : "IDNIC-LINKKITA-ID",
      "organization" : "PT Link Kita Teknologi",
      "subnet" : "103.166.160.0/23"
   },
   "hostname" : [
      "103.166.160.171"
   ],
   "ip" : "103.166.160.171",
   "ipv6" : "false",
   "latitude" : "-6.1728",
   "location" : "-6.1728,106.8272",
   "longitude" : "106.8272",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "PT Link Kita Teknologi",
   "os" : "Windows",
   "osbits" : 32,
   "osvendor" : "Microsoft",
   "port" : 8082,
   "product" : "HTTP Server",
   "productvendor" : "Apache",
   "productversion" : "2.4.16",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Permanently",
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::2",
   "status" : 301,
   "subnet" : "103.166.160.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/inspektorpa"
}

IP
87.66.4.74

Network
87.66.0.0/16

Domain(s)
belgacom.be

Device

<enterprise field>: device.class

URL

http://87.66.4.74:8082/ 301

HTTP Title
Moved Permanently

Reverse DNS
74.4-66-87.adsl-static.isp.belgacom.be

ASN
AS5432

Organization
Proximus NV

Protocol
http

Source
datascan::redirect::2

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e84d40fe5231f66ced88c8a1c4d9e5a6

HTTP Header MD5
cbeb99426de7d86451b203276d27f995

HTTP Body MD5
6d74b20c6fa245a96aa940816c13f6ff

HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Origin: *
Content-Length: 98
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Nov 2024 10:27:06 GMT
Location: https://<ip>:8082/
Server: Nx Witness/6.0.0.39503 (Network Optix) Apache/2.4.16 (Unix)

<HTML><HEAD><TITLE>Moved Permanently</TITLE></HEAD><BODY><H1>301 Moved Permanently -- </H1></BODY>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:27:06.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "6d74b20c6fa245a96aa940816c13f6ff",
         "bodymmh3" : -2097937471,
         "headermd5" : "cbeb99426de7d86451b203276d27f995",
         "headermmh3" : 180006050,
         "title" : "Moved Permanently"
      },
      "length" : 360
   },
   "asn" : "AS5432",
   "city" : "Aartselaar",
   "country" : "BE",
   "data" : "HTTP/1.1 301 Moved Permanently\r\nAccess-Control-Allow-Origin: *\r\nContent-Length: 98\r\nContent-Type: text/html; charset=utf-8\r\nDate: Thu, 21 Nov 2024 10:27:06 GMT\r\nLocation: https://<ip>:8082/\r\nServer: Nx Witness/6.0.0.39503 (Network Optix) Apache/2.4.16 (Unix)\r\n\r\n<HTML><HEAD><TITLE>Moved Permanently</TITLE></HEAD><BODY><H1>301 Moved Permanently -- </H1></BODY>",
   "datamd5" : "e84d40fe5231f66ced88c8a1c4d9e5a6",
   "datammh3" : 563615488,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "belgacom.be"
   ],
   "forward" : "87.66.4.74",
   "host" : [
      74
   ],
   "hostname" : [
      "74.4-66-87.adsl-static.isp.belgacom.be",
      "87.66.4.74"
   ],
   "ip" : "87.66.4.74",
   "ipv6" : "false",
   "latitude" : "51.1374",
   "location" : "51.1374,4.3930",
   "longitude" : "4.3930",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Proximus NV",
   "port" : 8082,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Moved Permanently",
   "reverse" : [
      "74.4-66-87.adsl-static.isp.belgacom.be"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::2",
   "status" : 301,
   "subdomains" : [
      "adsl-static.isp.belgacom.be",
      "4-66-87.adsl-static.isp.belgacom.be",
      "isp.belgacom.be"
   ],
   "subnet" : "87.66.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "be"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP
43.251.236.31

Network
43.251.236.0/22

Device

<enterprise field>: device.class

URL

http://43.251.236.31:8082/$%7BrandomUrl%7D 200

ASN
AS132883

Organization
TOPWAY GLOBAL LIMITED

Protocol
http

Source
datascan::redirect::2
Product
F5 Nginx 1.17.6

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
c220f2dc6b19a530f976a789e2d2a476

HTTP Header MD5
7cb8a64a5c41d5db44d85d677dbec3ce

HTTP Body MD5
b8a9211f9de946886e30ecc8edc2d3a1

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 21 Nov 2024 10:26:08 GMT
Content-Type: text/html
Content-Length: 1740
Last-Modified: Sat, 16 Nov 2024 09:36:56 GMT
Connection: close
ETag: "673867b8-6cc"
Accept-Ranges: bytes

<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <!-- Google tag (gtag.js) -->
    <script async src="https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX"></script>
    <script>
        <script>
            window.dataLayer = window.dataLayer || [];
            function gtag(){dataLayer.push(arguments);}
            gtag('js', new Date());

            gtag('config', 'G-0GJHN159XX');
    </script>

<script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script>
<script>LA.init({id:"3IsbgF2faH56SAiO",ck:"3IsbgF2faH56SAiO"})</script>

<script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script>
<script>LA.init({id:"3HIVnf9pT2UywXqw",ck:"3HIVnf9pT2UywXqw"})</script>




    <meta charset="UTF-8">
    <meta name="format-detection" content="telephone=yes">
    <meta name="viewport"
          content="width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no">
    <script>
        const urls = [
            "https://103.86.44.21/sanfang/index.html?303111aaa",
            "https://25.y25585328.vip/1.html"
        ];
        const randomUrl = urls[Math.floor(Math.random() * urls.length)];

        document.write(`<meta http-equiv="refresh" content="9;url=${randomUrl}">`);
        window.onload = function () {
            document.getElementById('myiframe').src = randomUrl;
        };
    </script>
    <style>
        body, html {
            margin: 0;
            padding: 0;
            height: 100%;
            overflow: hidden;
        }

        iframe {
            width: 100%;
            height: 100vh;
            border: none;
        }
    </style>
</head>
<body>
<iframe id="myiframe" scrolling="no"></iframe>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:26:09.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "googletagmanager.com",
            "y25585328.vip"
         ],
         "hostname" : [
            "25.y25585328.vip",
            "www.googletagmanager.com"
         ],
         "ip" : [
            "103.86.44.21"
         ],
         "url" : [
            "https://103.86.44.21/sanfang/index.html?303111aaa",
            "https://25.y25585328.vip/1.html",
            "https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX"
         ]
      },
      "http" : {
         "bodymd5" : "b8a9211f9de946886e30ecc8edc2d3a1",
         "bodymmh3" : 323485460,
         "header" : [
            {
               "value" : "Sat, 16 Nov 2024 09:36:56 GMT",
               "name" : "Last-Modified"
            },
            {
               "name" : "ETag",
               "value" : "673867b8-6cc"
            }
         ],
         "headermd5" : "7cb8a64a5c41d5db44d85d677dbec3ce",
         "headermmh3" : -1948065656,
         "tracker" : {
            "ga" : [
               "G-0GJHN159XX"
            ]
         }
      },
      "length" : 1974
   },
   "asn" : "AS132883",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nServer: nginx/1.17.6\r\nDate: Thu, 21 Nov 2024 10:26:08 GMT\r\nContent-Type: text/html\r\nContent-Length: 1740\r\nLast-Modified: Sat, 16 Nov 2024 09:36:56 GMT\r\nConnection: close\r\nETag: \"673867b8-6cc\"\r\nAccept-Ranges: bytes\r\n\r\n<!DOCTYPE html>\n<html lang=\"zh-CN\">\n<head>\n    <!-- Google tag (gtag.js) -->\n    <script async src=\"https://www.googletagmanager.com/gtag/js?id=G-0GJHN159XX\"></script>\n    <script>\n        <script>\n            window.dataLayer = window.dataLayer || [];\n            function gtag(){dataLayer.push(arguments);}\n            gtag('js', new Date());\n\n            gtag('config', 'G-0GJHN159XX');\n    </script>\n\n<script charset=\"UTF-8\" id=\"LA_COLLECT\" src=\"//sdk.51.la/js-sdk-pro.min.js\"></script>\n<script>LA.init({id:\"3IsbgF2faH56SAiO\",ck:\"3IsbgF2faH56SAiO\"})</script>\n\n<script charset=\"UTF-8\" id=\"LA_COLLECT\" src=\"//sdk.51.la/js-sdk-pro.min.js\"></script>\n<script>LA.init({id:\"3HIVnf9pT2UywXqw\",ck:\"3HIVnf9pT2UywXqw\"})</script>\n\n\n\n\n    <meta charset=\"UTF-8\">\n    <meta name=\"format-detection\" content=\"telephone=yes\">\n    <meta name=\"viewport\"\n          content=\"width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no\">\n    <script>\n        const urls = [\n            \"https://103.86.44.21/sanfang/index.html?303111aaa\",\n            \"https://25.y25585328.vip/1.html\"\n        ];\n        const randomUrl = urls[Math.floor(Math.random() * urls.length)];\n\n        document.write(`<meta http-equiv=\"refresh\" content=\"9;url=${randomUrl}\">`);\n        window.onload = function () {\n            document.getElementById('myiframe').src = randomUrl;\n        };\n    </script>\n    <style>\n        body, html {\n            margin: 0;\n            padding: 0;\n            height: 100%;\n            overflow: hidden;\n        }\n\n        iframe {\n            width: 100%;\n            height: 100vh;\n            border: none;\n        }\n    </style>\n</head>\n<body>\n<iframe id=\"myiframe\" scrolling=\"no\"></iframe>\n</body>\n</html>\n",
   "datamd5" : "c220f2dc6b19a530f976a789e2d2a476",
   "datammh3" : 1690715932,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "43.251.236.31",
   "geolocus" : {
      "asn" : "AS132883",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnaaa.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "cnaaa",
      "organization" : "Jiangsu Sanai network science and technology co ,LTD",
      "subnet" : "43.251.236.0/22"
   },
   "hostname" : [
      "43.251.236.31"
   ],
   "ip" : "43.251.236.31",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TOPWAY GLOBAL LIMITED",
   "port" : 8082,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.17.6",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::2",
   "status" : 200,
   "subnet" : "43.251.236.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/$%7BrandomUrl%7D"
}

IP
88.135.165.105

Network
88.135.160.0/20

Domain(s)
kolnet.eu

Device

<enterprise field>: device.class

URL

http://88.135.165.105:8082/login.htm 200

HTTP Title
TOTOLINK

Reverse DNS
88.135.165.105.static.kolnet.eu

ASN
AS50188

Organization
KOLNET Sp. z o.o.

Protocol
http

Source
datascan::redirect::2
Product
Boa Boa 0.94.14rc21

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
32555cb8f666c0f09847eed4ba49e3bb

HTTP Header MD5
b61232881b8070bf132a5996ecefd813

HTTP Body MD5
ec17cc57a6873b22c52d147741257828

HTTP/1.1 200 OK
Date: Mon, 02 Nov 2020 14:41:06 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: close
Pragma: no-cache
Cache-Control: no-store
Expires: 0
Content-Length: 16368
Last-Modified: Mon, 02 Nov 2020 14:41:06 GMT
Content-Type: text/html

<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
<title>TOTOLINK</title>
<style>
td,li {font-size:12px;color:#000000;}

.div_body {width:100%;height:100%;background-color:#ffffff;}
.div_main {width:100%-12px;border-left:1px solid #cccccc;border-right:1px solid #cccccc;margin:0px 6px 0px 6px;}
.div_bottom {width:100%;height:40px;background-color:#000000;}
.float_l{float:left;line-height:auto;}

.pw-strength {clear: both;position: relative;top: 14px;left: 95px; width: 180px;height:auto;}
.pw-bar{background: url(icons/pwd-1.png) no-repeat;height: 14px;overflow: hidden;width: 179px;}
.pw-bar-on{background:  url(icons/pwd-2.png) no-repeat; width:0px; height:14px;position: absolute;top: 1px;left: 2px;transition: width .5s ease-in;-moz-transition: width .5s ease-in;-webkit-transition: width .5s ease-in;-o-transition: width .5s ease-in;}
.pw-weak .pw-defule{ width:0px;}
.pw-weak .pw-bar-on {width: 60px;}
.pw-medium .pw-bar-on {width: 120px;}
.pw-strong .pw-bar-on {width: 179px;}
</style>
<SCRIPT language=Javascript src="js/language_en.js"></SCRIPT>
<meta http-equiv="Pragma" content="no-cache">
<meta HTTP-equiv="Cache-Control" content="no-cache">
<meta HTTP-EQUIV="Expires" CONTENT="Mon, 01 Jan 1990 00:00:01 GMT">

<link rel="stylesheet" href="style.css" type="text/css">
<script type="text/javascript" src="util_gw.js"> </script>
<script src='js/jquery.min.js'></script>
<script>
var remoteUser = 1*1;
var checkcodeEnb=1;
var domain_name='itotolink.net';
var show_num = [];
var rJsonU,rJsonW;
var lang_org;
var isDefZh_ScAndTc=0;
if(top!=self)top.location.href = self.location.href;

function clean_err(){
$("#div_err").hide();
$('#div_bar').show();
}

$(function(){
var lan_ip = "192.168.0.126";
var weblang=0;
if( 1 == 0 ) 
{
	var url=location.href;
	if( location.href.split("/")[2] != lan_ip  && (-1==(url.indexOf(domain_name))) ) {
	location.href='http://'+lan_ip+'/login.htm';
	return false;
}
}

$("input[name='userAgent']").val(window.navigator.userAgent);
$("input[name='setpass']").attr("placeholder", lgps5);
$("input[name='confirmpass']").attr("placeholder", lgps5);

$(".div_main ").css({"height":document.body.clientHeight-96-40-2});
$("#div_set").css({"top":(document.body.clientHeight-96-40-2-365)/2-71/2});
$("#div_login").css({"top":(document.body.clientHeight-96-40-2-361)/2-71/2});


if (weblang == 0)
lang_org="en";
else if (weblang == 1)
{
	if(isDefZh_ScAndTc==1)
		lang_org="zh_tc";
	else
		lang_org="zh";

}
else if (weblang == 2)
lang_org="ru";
else if (weblang == 3)
lang_org="vi";
else if (weblang == 5)
lang_org="zh";
else
lang_org="en";

if ('lang-auto-ON' == "lang-auto-ON") {
var lang = navigator.language||navigator.userLanguage; 
var langstr=lang.substr(0, 5);
if(((-1!=langstr.indexOf("zh-TW"))  || (-1!=langstr.indexOf("zh-HK"))) && (isDefZh_ScAndTc==1))
lang="zh_tc";
else
lang = lang.substr(0, 2);

var postVar={"topicurl":"setting/setLangConfig"};
postVar['navigatorLang']=lang;

if((lang=="zh")|| (lang=="zh_tc") || (lang=="en") || (lang=="vi") || (lang=="ru"))
{	if(lang!=lang_org)
	{
		document.getElementById('div_body').style.display="none";	
	}
}
else
{	
	if(lang_org!="en")
		document.getElementById('div_body').style.display="none";
	
}

postVar=JSON.stringify(postVar);//{"navigatorLang":"zh"}
$.ajax({
type : "post", url : "/boafrm/formLogin", data : postVar, async : false, dataType : "script"
});
}

var postVar={"topicurl":"getting/IsOrgUserPass"};
postVar=JSON.stringify(postVar);
$.ajax({
type : "post", url : "/boafrm/formLogin", data : postVar, async : false,
success : function(Data){
var rJson=JSON.parse(Data);
rJsonU=rJson['isorgadmin'];
rJsonW=rJson['isorgpass'];
if(rJson['isorgpass']=="yes"){
$("#div_login").hide();
$('#div_set').show();
$("input[name='setpass']").focus();
}
else{
$("#div_set").hide();
$('#div_login').show();
if(rJson['isorgadmin']=="yes"){
$("input[name='username']").val("admin");
$("input[name='userpass']").focus();
}
else{
$("input[name='username']").focus();
}
}
}
});


$('#cs_set_btn').on('click', function(event) {
if($("#setpass").val()=="" || $("#confirmpass").val()==""){
$('#err_msg').html(lgerr1);
$('#div_bar').hide();
$('#div_err').show();
return false;
}

var str = $("#setpass").val();

if(str.length<6 || str.length>15){
$('#err_msg').html(lgerr2);
$('#div_bar').hide();
$('#div_err').show();
return false;
}

if (str != $("#confirmpass").val()) {
$('#err_msg').html(lgerr4);
$('#div_bar').hide();
$('#div_err').show();
return false;
}

for (var i=0; i<str.length; i++) {
if ( (str.charAt(i) >= 'A' && str.charAt(i) <= 'Z')||
(str.charAt(i) >= 'a' && str.charAt(i) <= 'z')||
(str.charAt(i) >= '0' && str.charAt(i) <= '9') )
continue;
$("#setpass").focus();
$('#err_msg').html(lgerr3);
$('#div_bar').hide();
$('#div_err').show();
return false;
}

$(":input").attr('disabled',true);	
var postVar={"topicurl":"setting/setAdminPass"};
postVar['setpass']=$("input[name='setpass']").val();
postVar=JSON.stringify(postVar);
$.ajax({
type : "post", url : "/boafrm/formLogin", data : postVar, async : false,
success : function(Data){
window.eval(Data);
}
});
});


$('#cs_login_btn').on('click', function(event) {
if($("input[name='username']").val()==''){
$('#myDiv').html(lgerr5);
$('#myDiv').show();
return false;
}
if($("input[name='userpass']").val()==''){
$('#myDiv').html(lgerr7);
$('#myDiv').show();
return false;
}
if(checkcodeEnb){
var val = $(".input-val").val();
if(val==''){
$('#myDiv').html(lgerr9);
$('#myDiv').show();
return false;
}
}
var postVar={"topicurl":"setting/setUserLogin"};
postVar['username']=$("input[name='username']").val();
postVar['userpass']=$("input[name='userpass']").val();
postVar['checkcode']=$("input[name='checkcode']").val();
postVar['userAgent']=$("input[name='userAgent']").val();
postVar['submit-url']=$("input[name='submit-url']").val();
postVar=JSON.stringify(postVar);

$.ajax({
type : "post", url : "/boafrm/formLogin", data : postVar, async : false,
success : function(Data){
if(Data.length == 0)
{
		parent.location="wizardset.htm";//home.htm
}
else{
$("#myDiv").html("");
window.eval(Data);
$("#myDiv").show();
return false;
}
}
});
});

$('#setpass').keyup(function () { 
var strongRegex = new RegExp("^(?=.{8,})(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9])(?=.*\\W).*$", "g"); 
var mediumRegex = new RegExp("^(?=.{7,})(((?=.*[A-Z])(?=.*[a-z]))|((?=.*[A-Z])(?=.*[0-9]))|((?=.*[a-z])(?=.*[0-9]))).*$", "g"); 
var enoughRegex = new RegExp("(?=.{6,}).*", "g"); 

if (false == enoughRegex.test($(this).val())) { 
$('#level').removeClass('pw-weak'); 
$('#level').removeClass('pw-medium'); 
$('#level').removeClass('pw-strong'); 
$('#level').addClass(' pw-defule');
} 
else if (strongRegex.test($(this).val())) { 
$('#level').removeClass('pw-weak'); 
$('#level').removeClass('pw-medium'); 
$('#level').removeClass('pw-strong'); 
$('#level').addClass(' pw-strong');
} 
else if (mediumRegex.test($(this).val())) { 
$('#level').removeClass('pw-weak'); 
$('#level').removeClass('pw-medium'); 
$('#level').removeClass('pw-strong'); 
$('#level').addClass(' pw-medium'); 
} 
else { 
$('#level').removeClass('pw-weak'); 
$('#level').removeClass('pw-medium'); 
$('#level').removeClass('pw-strong'); 
$('#level').addClass('pw-weak'); 
} 
return true; 
}); 

if(checkcodeEnb==0 || remoteUser==1)
	click_skip();
});//$(function(){--end--


$(document).keyup(function(event){
if(event.keyCode ==13){
$("#cs_set_btn").trigger("click");
}
});


$(document).keypress(function(enter) {  
	if(enter.which == 13) {
		$("#cs_login_btn").click();
	}
});


function click_Forget()
{		
alert(Js_msg137);
}


function click_skip()
{
$("#div_set").hide();
$("#div_login").show();
if(rJsonU == "yes"){
$("input[name='username']").val("admin");
$("input[name='userpass']").focus();
}
else{
$("input[name='username']").focus();
}
}

</script>
</head>

<body>
<div class="div_body" id="div_body" align="center">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td style="background:url(icons/top-left.gif) no-repeat; width:300px; height:96px">&nbsp;</td>
<td style="background:url(icons/top-center.gif) repeat">&nbsp;</td>
<td style="background:url(icons/top-right.gif) no-repeat; width:300px; height:96px" align="right">&nbsp;</td>
</tr>
</table>
<div class="div_main" id="div_main">
<form action=/boafrm/formLogin method=POST>
<input type="hidden" value="/login.htm" name="submit-url">
<input type="hidden" value="" name="userAgent">

<div id="div_set" style="position:relative;width:430px;display:none;" align="left">
<ul>
<li style="font-size:24px;font-weight:bold;line-height:40px;"><script>dw(lgps1)</script></li>
<li style="font-size:18px;font-weight:bold;color:#999999;float:right;line-height:30px;cursor:pointer;" onClick='click_skip();'><script>dw(lgps2)</script></li>
<li style="height:1px;clear:both;"></li>
</ul>

<div style="width:100%;height:328px;background-color:#fbfbfb;border:1px solid #bebebe;">


<div style="position:relative;top:30px;left:30px;">
<ul>
<ol style="width:370px;height:40px;border:1px solid #e1e4e6;padding: 0px 0px 0px 0px;">
<li style="float:left;height:40px;"><img src="icons/user.png" style="width:40px;height:40px;"></li>
<li style="float:left;line-height:40px;" class="login_label"><script>dw(lgps3)</script></li>
<li style="float:left;"><input type="password" id="setpass" name="setpass" maxlength="15" class="login_input" onFocus="clean_err()"></li>
</ol>
<li style="height:30px;clear:both;"></li>
<ol style="width:370px;height:40px;border:1px solid #e1e4e6;padding: 0px 0px 0px 0px;">
<li style="float:left;height:40px;"><img src="icons/key.png" style="width:40px;height:40px;"></li>
<li style="float:left;line-height:40px;" class="login_label"><script>dw(lgps4)</script></li>
<li style="float:left;"><input type="password" id="confirmpass" name="confirmpass" maxlength="15" class="login_input" onFocus="clean_err()"></li>
</ol>
<li id="div_bar" style="display:">
<table>
<tr>    
<td id="level" class="pw-strength">             
<div class="pw-bar" align="center"></div>
<div class="pw-bar-on"></div>
</td>   
</tr>
</table>
</li>
<li id="div_err" style="width:370px;line-height:43px;clear:both;text-align:center;color: #ff0000;"><span id="err_msg"></span></li>
</ul>
</div>
<div style="position:absolute;top:296px;width:430px;height:103px;background-color:f9fafa;border-top:1px solid #e1e4e6;">
<ul>
<li><button type="button" class="btn btn-block btn-cs-blue" style="position:absolute;top:30px;left:155px;width:120px;height:40px;background-color:#0095c5;" id="cs_set_btn"><script>dw(lgps6)</script></button></li>
</ul>
</div>
</div>
<ul>
<li style="height:10px;clear:both;"></li>
<li style="color:#999999;"><script>dw(lgps7)</script></li>
</ul>
</div><!-- /end .div_set -->
<div id="div_login" style="position:relative;width:430px;display:none;" align="left">
<ul>
<li style="font-size:24px;font-weight:bold;line-height:40px;"><script>dw(Js_UserLog)</script></li>
<li style="font-size:18px;font-weight:bold;color:#999999;float:right;line-height:30px;cursor:pointer;" onClick='click_Forget();'><script>dw(Js_ForgetPasswd)</script></li>
<li style="height:1px;clear:both;"></li>
</ul>
<div id="div_pannel" style="width:100%;height:328px;background-color:#fbfbfb;border:1px solid #bebebe;">

<div style="position:relative;top:30px;left:30px;">
<ul>
<ol style="width:370px;height:40px;border:1px solid #e1e4e6;border-bottom: 0px;padding: 0px 0px 0px 0px;">
<li style="float:left;height:40px;"><img src="icons/user.png" style="width:40px;height:40px;"></li>
<li style="float:left;line-height:40px;" class="login_label"><script>dw(MM_UserName)</script></li>
<li style="float:left;"><input type="text" id="username" name="username" maxlength="15" class="login_input" onFocus='$("#myDiv").hide();'></li>
</ol>
<ol style="width:370px;height:40px;border:1px solid #e1e4e6;border-bottom: 0px;padding: 0px 0px 0px 0px;">
<li style="float:left;height:40px;"><img src="icons/key.png" style="width:40px;height:40px;"></li>
<li style="float:left;line-height:40px;" class="login_label"><script>dw(MM_PassWord)</script></li>
<li style="float:left;"><input type="password" id="userpass" name="userpass" maxlength="15" class="login_input" onFocus='$("#myDiv").hide();'></li>
</ol>
<ol  id="check_code" style="width:370px;height:40px;border:1px solid #e1e4e6;padding: 0px 0px 0px 0px;">
<li id="li_vcode" style="float:left;height:40px;"><img src="icons/Vcode.png" style="width:40px;height:40px;"></li>
<li id="li_label" style="float:left;line-height:40px;" class="login_label"><script>dw(Verification_Code)</script></li>
<li id="li_input" style="float:left;"><input type="text" name="checkcode"  maxlength="4" class="input-val login_input" ></li>
</ol>
<ol id="check_pic" style="width:370px;height:50px;border:1px solid #e1e4e6;padding: 0px 0px 0px 0px;">
<li style="float:left;height:50px;width:50px;"><canvas id="canvas" width="50" height="70" style="margin:5px 0px 6px 90px;"></canvas></li>
<li style="float:right;height:50px;width:55px;position:relative;"><img id="refresh_img" src="icons/u578.png" style="cursor:pointer;margin:13px;6px;6px;0px;"></li>
<li style="line-height:20px;clear:both;text-align:center;color:#ff0000;"><span id="myDiv"></span></li>
</ol>


</ul>
</div>
<div id="div_button" style="position:absolute;top:296;width:430px;height:103px;background-color:f9fafa;border-top:1px solid #e1e4e6;">
<ul>
<li><button type="button" class="btn btn-block btn-cs-blue" style="position:absolute;top:30px;left:155px;width:120px;height:40px;background-color:#0095c5;" id="cs_login_btn"><script>dw(lgps9)</script></button></li>
</ul>
</div>
</div>
</div><!-- /end .div_login -->
<script type="text/javascript">
$(function(){
if(checkcodeEnb){
$("#check_code").css({"border":"1px solid #e1e4e6","border-bottom":"0px"});
$("#li_vcode,#li_label,#li_input,#check_pic").show();
draw(show_num);

$("input[name='userpass']").focusin('click',function(){
draw(show_num);
})
}
else{
$("#checkcode").hide();
$("#div_pannel").css({"height":248});
$("#div_button").css({"top":216});
$("#li_vcode,#li_label,#li_input,#check_pic").hide();
$("#check_code").css({"height":"30px","border":"","border-top":"1px solid #e1e4e6"});
}
})

function draw(show_num) {
$('#canvas').width("100");
$('#canvas').height("40");
var canvas_width=$('#canvas').width();
var canvas_height=$('#canvas').height();
var canvas = document.getElementById("canvas");
var context = canvas.getContext("2d");
canvas.width = canvas_width;
canvas.height = canvas_height;
var postVar={"topicurl":"setting/getSanvas"};
postVar=JSON.stringify(postVar);
$.ajax({
type : "post", url : "/boafrm/formLogin", data : postVar, async : false,
success : function(Data){
aCode=Data;
}
});

for (var i = 0; i <= 3; i++) {
var deg = Math.random() * 30 * Math.PI / 180;//产生0~30之间的随机弧度
var txt = aCode[i];
show_num[i] = txt.toLowerCase();
var x = 10 + i * 20;
var y = 20 + Math.random() * 8;

if(y>24)
{
 y=24;
}

context.font = "bold 28px 微软雅黑";

context.translate(x, y);
context.rotate(deg);

context.fillText(txt, 0, 0);
context.rotate(-deg);
context.translate(-x, -y);
}
for (var i = 0; i <= 5; i++) {
context.strokeStyle = randomColor();
context.beginPath();
context.moveTo(Math.random() * canvas_width, Math.random() * canvas_height);
context.lineTo(Math.random() * canvas_width, Math.random() * canvas_height);
context.stroke();
}
for (var i = 0; i <= 30; i++) {
context.strokeStyle = randomColor();
context.beginPath();
var x = Math.random() * canvas_width;
var y = Math.random() * canvas_height;
context.moveTo(x, y);
context.lineTo(x + 1, y + 1);
context.stroke();
}
}

$(function(){
	$("#refresh_img").click(function(){
		draw(show_num);
	});
});

function randomColor() {
var r = Math.floor(Math.random() * 256);
var g = Math.floor(Math.random() * 256);
var b = Math.floor(Math.random() * 256);
return "rgb(" + r + "," + g + "," + b + ")";
}
</script>
</form>
</div><!-- /end .div_main -->
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td style="background:url(icons/bottom-left.gif) no-repeat; height:41; width:15">&nbsp;</td>
<td style="background:url(icons/bottom-center1.gif) repeat;" align="center">
<font size="1" co

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:24:07.000Z",
   "app" : {
      "extract" : {
         "ip" : [
            "192.168.0.126"
         ]
      },
      "http" : {
         "bodymd5" : "ec17cc57a6873b22c52d147741257828",
         "bodymmh3" : -1216606508,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Mon, 02 Nov 2020 14:41:06 GMT"
            }
         ],
         "headermd5" : "b61232881b8070bf132a5996ecefd813",
         "headermmh3" : 2058201464,
         "title" : "TOTOLINK"
      },
      "length" : 16384
   },
   "asn" : "AS50188",
   "city" : "Czechowice-Dziedzice",
   "country" : "PL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Mon, 02 Nov 2020 14:41:06 GMT\r\nServer: Boa/0.94.14rc21\r\nAccept-Ranges: bytes\r\nConnection: close\r\nPragma: no-cache\r\nCache-Control: no-store\r\nExpires: 0\r\nContent-Length: 16368\r\nLast-Modified: Mon, 02 Nov 2020 14:41:06 GMT\r\nContent-Type: text/html\r\n\r\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\">\n<title>TOTOLINK</title>\n<style>\ntd,li {font-size:12px;color:#000000;}\n\n.div_body {width:100%;height:100%;background-color:#ffffff;}\n.div_main {width:100%-12px;border-left:1px solid #cccccc;border-right:1px solid #cccccc;margin:0px 6px 0px 6px;}\n.div_bottom {width:100%;height:40px;background-color:#000000;}\n.float_l{float:left;line-height:auto;}\n\n.pw-strength {clear: both;position: relative;top: 14px;left: 95px; width: 180px;height:auto;}\n.pw-bar{background: url(icons/pwd-1.png) no-repeat;height: 14px;overflow: hidden;width: 179px;}\n.pw-bar-on{background:  url(icons/pwd-2.png) no-repeat; width:0px; height:14px;position: absolute;top: 1px;left: 2px;transition: width .5s ease-in;-moz-transition: width .5s ease-in;-webkit-transition: width .5s ease-in;-o-transition: width .5s ease-in;}\n.pw-weak .pw-defule{ width:0px;}\n.pw-weak .pw-bar-on {width: 60px;}\n.pw-medium .pw-bar-on {width: 120px;}\n.pw-strong .pw-bar-on {width: 179px;}\n</style>\n<SCRIPT language=Javascript src=\"js/language_en.js\"></SCRIPT>\n<meta http-equiv=\"Pragma\" content=\"no-cache\">\n<meta HTTP-equiv=\"Cache-Control\" content=\"no-cache\">\n<meta HTTP-EQUIV=\"Expires\" CONTENT=\"Mon, 01 Jan 1990 00:00:01 GMT\">\n\n<link rel=\"stylesheet\" href=\"style.css\" type=\"text/css\">\n<script type=\"text/javascript\" src=\"util_gw.js\"> </script>\n<script src='js/jquery.min.js'></script>\n<script>\nvar remoteUser = 1*1;\nvar checkcodeEnb=1;\nvar domain_name='itotolink.net';\nvar show_num = [];\nvar rJsonU,rJsonW;\nvar lang_org;\nvar isDefZh_ScAndTc=0;\nif(top!=self)top.location.href = self.location.href;\n\nfunction clean_err(){\n$(\"#div_err\").hide();\n$('#div_bar').show();\n}\n\n$(function(){\nvar lan_ip = \"192.168.0.126\";\nvar weblang=0;\nif( 1 == 0 ) \n{\n\tvar url=location.href;\n\tif( location.href.split(\"/\")[2] != lan_ip  && (-1==(url.indexOf(domain_name))) ) {\n\tlocation.href='http://'+lan_ip+'/login.htm';\n\treturn false;\n}\n}\n\n$(\"input[name='userAgent']\").val(window.navigator.userAgent);\n$(\"input[name='setpass']\").attr(\"placeholder\", lgps5);\n$(\"input[name='confirmpass']\").attr(\"placeholder\", lgps5);\n\n$(\".div_main \").css({\"height\":document.body.clientHeight-96-40-2});\n$(\"#div_set\").css({\"top\":(document.body.clientHeight-96-40-2-365)/2-71/2});\n$(\"#div_login\").css({\"top\":(document.body.clientHeight-96-40-2-361)/2-71/2});\n\n\nif (weblang == 0)\nlang_org=\"en\";\nelse if (weblang == 1)\n{\n\tif(isDefZh_ScAndTc==1)\n\t\tlang_org=\"zh_tc\";\n\telse\n\t\tlang_org=\"zh\";\n\n}\nelse if (weblang == 2)\nlang_org=\"ru\";\nelse if (weblang == 3)\nlang_org=\"vi\";\nelse if (weblang == 5)\nlang_org=\"zh\";\nelse\nlang_org=\"en\";\n\nif ('lang-auto-ON' == \"lang-auto-ON\") {\nvar lang = navigator.language||navigator.userLanguage; \nvar langstr=lang.substr(0, 5);\nif(((-1!=langstr.indexOf(\"zh-TW\"))  || (-1!=langstr.indexOf(\"zh-HK\"))) && (isDefZh_ScAndTc==1))\nlang=\"zh_tc\";\nelse\nlang = lang.substr(0, 2);\n\nvar postVar={\"topicurl\":\"setting/setLangConfig\"};\npostVar['navigatorLang']=lang;\n\nif((lang==\"zh\")|| (lang==\"zh_tc\") || (lang==\"en\") || (lang==\"vi\") || (lang==\"ru\"))\n{\tif(lang!=lang_org)\n\t{\n\t\tdocument.getElementById('div_body').style.display=\"none\";\t\n\t}\n}\nelse\n{\t\n\tif(lang_org!=\"en\")\n\t\tdocument.getElementById('div_body').style.display=\"none\";\n\t\n}\n\npostVar=JSON.stringify(postVar);//{\"navigatorLang\":\"zh\"}\n$.ajax({\ntype : \"post\", url : \"/boafrm/formLogin\", data : postVar, async : false, dataType : \"script\"\n});\n}\n\nvar postVar={\"topicurl\":\"getting/IsOrgUserPass\"};\npostVar=JSON.stringify(postVar);\n$.ajax({\ntype : \"post\", url : \"/boafrm/formLogin\", data : postVar, async : false,\nsuccess : function(Data){\nvar rJson=JSON.parse(Data);\nrJsonU=rJson['isorgadmin'];\nrJsonW=rJson['isorgpass'];\nif(rJson['isorgpass']==\"yes\"){\n$(\"#div_login\").hide();\n$('#div_set').show();\n$(\"input[name='setpass']\").focus();\n}\nelse{\n$(\"#div_set\").hide();\n$('#div_login').show();\nif(rJson['isorgadmin']==\"yes\"){\n$(\"input[name='username']\").val(\"admin\");\n$(\"input[name='userpass']\").focus();\n}\nelse{\n$(\"input[name='username']\").focus();\n}\n}\n}\n});\n\n\n$('#cs_set_btn').on('click', function(event) {\nif($(\"#setpass\").val()==\"\" || $(\"#confirmpass\").val()==\"\"){\n$('#err_msg').html(lgerr1);\n$('#div_bar').hide();\n$('#div_err').show();\nreturn false;\n}\n\nvar str = $(\"#setpass\").val();\n\nif(str.length<6 || str.length>15){\n$('#err_msg').html(lgerr2);\n$('#div_bar').hide();\n$('#div_err').show();\nreturn false;\n}\n\nif (str != $(\"#confirmpass\").val()) {\n$('#err_msg').html(lgerr4);\n$('#div_bar').hide();\n$('#div_err').show();\nreturn false;\n}\n\nfor (var i=0; i<str.length; i++) {\nif ( (str.charAt(i) >= 'A' && str.charAt(i) <= 'Z')||\n(str.charAt(i) >= 'a' && str.charAt(i) <= 'z')||\n(str.charAt(i) >= '0' && str.charAt(i) <= '9') )\ncontinue;\n$(\"#setpass\").focus();\n$('#err_msg').html(lgerr3);\n$('#div_bar').hide();\n$('#div_err').show();\nreturn false;\n}\n\n$(\":input\").attr('disabled',true);\t\nvar postVar={\"topicurl\":\"setting/setAdminPass\"};\npostVar['setpass']=$(\"input[name='setpass']\").val();\npostVar=JSON.stringify(postVar);\n$.ajax({\ntype : \"post\", url : \"/boafrm/formLogin\", data : postVar, async : false,\nsuccess : function(Data){\nwindow.eval(Data);\n}\n});\n});\n\n\n$('#cs_login_btn').on('click', function(event) {\nif($(\"input[name='username']\").val()==''){\n$('#myDiv').html(lgerr5);\n$('#myDiv').show();\nreturn false;\n}\nif($(\"input[name='userpass']\").val()==''){\n$('#myDiv').html(lgerr7);\n$('#myDiv').show();\nreturn false;\n}\nif(checkcodeEnb){\nvar val = $(\".input-val\").val();\nif(val==''){\n$('#myDiv').html(lgerr9);\n$('#myDiv').show();\nreturn false;\n}\n}\nvar postVar={\"topicurl\":\"setting/setUserLogin\"};\npostVar['username']=$(\"input[name='username']\").val();\npostVar['userpass']=$(\"input[name='userpass']\").val();\npostVar['checkcode']=$(\"input[name='checkcode']\").val();\npostVar['userAgent']=$(\"input[name='userAgent']\").val();\npostVar['submit-url']=$(\"input[name='submit-url']\").val();\npostVar=JSON.stringify(postVar);\n\n$.ajax({\ntype : \"post\", url : \"/boafrm/formLogin\", data : postVar, async : false,\nsuccess : function(Data){\nif(Data.length == 0)\n{\n\t\tparent.location=\"wizardset.htm\";//home.htm\n}\nelse{\n$(\"#myDiv\").html(\"\");\nwindow.eval(Data);\n$(\"#myDiv\").show();\nreturn false;\n}\n}\n});\n});\n\n$('#setpass').keyup(function () { \nvar strongRegex = new RegExp(\"^(?=.{8,})(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9])(?=.*\\\\W).*$\", \"g\"); \nvar mediumRegex = new RegExp(\"^(?=.{7,})(((?=.*[A-Z])(?=.*[a-z]))|((?=.*[A-Z])(?=.*[0-9]))|((?=.*[a-z])(?=.*[0-9]))).*$\", \"g\"); \nvar enoughRegex = new RegExp(\"(?=.{6,}).*\", \"g\"); \n\nif (false == enoughRegex.test($(this).val())) { \n$('#level').removeClass('pw-weak'); \n$('#level').removeClass('pw-medium'); \n$('#level').removeClass('pw-strong'); \n$('#level').addClass(' pw-defule');\n} \nelse if (strongRegex.test($(this).val())) { \n$('#level').removeClass('pw-weak'); \n$('#level').removeClass('pw-medium'); \n$('#level').removeClass('pw-strong'); \n$('#level').addClass(' pw-strong');\n} \nelse if (mediumRegex.test($(this).val())) { \n$('#level').removeClass('pw-weak'); \n$('#level').removeClass('pw-medium'); \n$('#level').removeClass('pw-strong'); \n$('#level').addClass(' pw-medium'); \n} \nelse { \n$('#level').removeClass('pw-weak'); \n$('#level').removeClass('pw-medium'); \n$('#level').removeClass('pw-strong'); \n$('#level').addClass('pw-weak'); \n} \nreturn true; \n}); \n\nif(checkcodeEnb==0 || remoteUser==1)\n\tclick_skip();\n});//$(function(){--end--\n\n\n$(document).keyup(function(event){\nif(event.keyCode ==13){\n$(\"#cs_set_btn\").trigger(\"click\");\n}\n});\n\n\n$(document).keypress(function(enter) {  \n\tif(enter.which == 13) {\n\t\t$(\"#cs_login_btn\").click();\n\t}\n});\n\n\nfunction click_Forget()\n{\t\t\nalert(Js_msg137);\n}\n\n\nfunction click_skip()\n{\n$(\"#div_set\").hide();\n$(\"#div_login\").show();\nif(rJsonU == \"yes\"){\n$(\"input[name='username']\").val(\"admin\");\n$(\"input[name='userpass']\").focus();\n}\nelse{\n$(\"input[name='username']\").focus();\n}\n}\n\n</script>\n</head>\n\n<body>\n<div class=\"div_body\" id=\"div_body\" align=\"center\">\n<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tr>\n<td style=\"background:url(icons/top-left.gif) no-repeat; width:300px; height:96px\">&nbsp;</td>\n<td style=\"background:url(icons/top-center.gif) repeat\">&nbsp;</td>\n<td style=\"background:url(icons/top-right.gif) no-repeat; width:300px; height:96px\" align=\"right\">&nbsp;</td>\n</tr>\n</table>\n<div class=\"div_main\" id=\"div_main\">\n<form action=/boafrm/formLogin method=POST>\n<input type=\"hidden\" value=\"/login.htm\" name=\"submit-url\">\n<input type=\"hidden\" value=\"\" name=\"userAgent\">\n\n<div id=\"div_set\" style=\"position:relative;width:430px;display:none;\" align=\"left\">\n<ul>\n<li style=\"font-size:24px;font-weight:bold;line-height:40px;\"><script>dw(lgps1)</script></li>\n<li style=\"font-size:18px;font-weight:bold;color:#999999;float:right;line-height:30px;cursor:pointer;\" onClick='click_skip();'><script>dw(lgps2)</script></li>\n<li style=\"height:1px;clear:both;\"></li>\n</ul>\n\n<div style=\"width:100%;height:328px;background-color:#fbfbfb;border:1px solid #bebebe;\">\n\n\n<div style=\"position:relative;top:30px;left:30px;\">\n<ul>\n<ol style=\"width:370px;height:40px;border:1px solid #e1e4e6;padding: 0px 0px 0px 0px;\">\n<li style=\"float:left;height:40px;\"><img src=\"icons/user.png\" style=\"width:40px;height:40px;\"></li>\n<li style=\"float:left;line-height:40px;\" class=\"login_label\"><script>dw(lgps3)</script></li>\n<li style=\"float:left;\"><input type=\"password\" id=\"setpass\" name=\"setpass\" maxlength=\"15\" class=\"login_input\" onFocus=\"clean_err()\"></li>\n</ol>\n<li style=\"height:30px;clear:both;\"></li>\n<ol style=\"width:370px;height:40px;border:1px solid #e1e4e6;padding: 0px 0px 0px 0px;\">\n<li style=\"float:left;height:40px;\"><img src=\"icons/key.png\" style=\"width:40px;height:40px;\"></li>\n<li style=\"float:left;line-height:40px;\" class=\"login_label\"><script>dw(lgps4)</script></li>\n<li style=\"float:left;\"><input type=\"password\" id=\"confirmpass\" name=\"confirmpass\" maxlength=\"15\" class=\"login_input\" onFocus=\"clean_err()\"></li>\n</ol>\n<li id=\"div_bar\" style=\"display:\">\n<table>\n<tr>    \n<td id=\"level\" class=\"pw-strength\">             \n<div class=\"pw-bar\" align=\"center\"></div>\n<div class=\"pw-bar-on\"></div>\n</td>   \n</tr>\n</table>\n</li>\n<li id=\"div_err\" style=\"width:370px;line-height:43px;clear:both;text-align:center;color: #ff0000;\"><span id=\"err_msg\"></span></li>\n</ul>\n</div>\n<div style=\"position:absolute;top:296px;width:430px;height:103px;background-color:f9fafa;border-top:1px solid #e1e4e6;\">\n<ul>\n<li><button type=\"button\" class=\"btn btn-block btn-cs-blue\" style=\"position:absolute;top:30px;left:155px;width:120px;height:40px;background-color:#0095c5;\" id=\"cs_set_btn\"><script>dw(lgps6)</script></button></li>\n</ul>\n</div>\n</div>\n<ul>\n<li style=\"height:10px;clear:both;\"></li>\n<li style=\"color:#999999;\"><script>dw(lgps7)</script></li>\n</ul>\n</div><!-- /end .div_set -->\n<div id=\"div_login\" style=\"position:relative;width:430px;display:none;\" align=\"left\">\n<ul>\n<li style=\"font-size:24px;font-weight:bold;line-height:40px;\"><script>dw(Js_UserLog)</script></li>\n<li style=\"font-size:18px;font-weight:bold;color:#999999;float:right;line-height:30px;cursor:pointer;\" onClick='click_Forget();'><script>dw(Js_ForgetPasswd)</script></li>\n<li style=\"height:1px;clear:both;\"></li>\n</ul>\n<div id=\"div_pannel\" style=\"width:100%;height:328px;background-color:#fbfbfb;border:1px solid #bebebe;\">\n\n<div style=\"position:relative;top:30px;left:30px;\">\n<ul>\n<ol style=\"width:370px;height:40px;border:1px solid #e1e4e6;border-bottom: 0px;padding: 0px 0px 0px 0px;\">\n<li style=\"float:left;height:40px;\"><img src=\"icons/user.png\" style=\"width:40px;height:40px;\"></li>\n<li style=\"float:left;line-height:40px;\" class=\"login_label\"><script>dw(MM_UserName)</script></li>\n<li style=\"float:left;\"><input type=\"text\" id=\"username\" name=\"username\" maxlength=\"15\" class=\"login_input\" onFocus='$(\"#myDiv\").hide();'></li>\n</ol>\n<ol style=\"width:370px;height:40px;border:1px solid #e1e4e6;border-bottom: 0px;padding: 0px 0px 0px 0px;\">\n<li style=\"float:left;height:40px;\"><img src=\"icons/key.png\" style=\"width:40px;height:40px;\"></li>\n<li style=\"float:left;line-height:40px;\" class=\"login_label\"><script>dw(MM_PassWord)</script></li>\n<li style=\"float:left;\"><input type=\"password\" id=\"userpass\" name=\"userpass\" maxlength=\"15\" class=\"login_input\" onFocus='$(\"#myDiv\").hide();'></li>\n</ol>\n<ol  id=\"check_code\" style=\"width:370px;height:40px;border:1px solid #e1e4e6;padding: 0px 0px 0px 0px;\">\n<li id=\"li_vcode\" style=\"float:left;height:40px;\"><img src=\"icons/Vcode.png\" style=\"width:40px;height:40px;\"></li>\n<li id=\"li_label\" style=\"float:left;line-height:40px;\" class=\"login_label\"><script>dw(Verification_Code)</script></li>\n<li id=\"li_input\" style=\"float:left;\"><input type=\"text\" name=\"checkcode\"  maxlength=\"4\" class=\"input-val login_input\" ></li>\n</ol>\n<ol id=\"check_pic\" style=\"width:370px;height:50px;border:1px solid #e1e4e6;padding: 0px 0px 0px 0px;\">\n<li style=\"float:left;height:50px;width:50px;\"><canvas id=\"canvas\" width=\"50\" height=\"70\" style=\"margin:5px 0px 6px 90px;\"></canvas></li>\n<li style=\"float:right;height:50px;width:55px;position:relative;\"><img id=\"refresh_img\" src=\"icons/u578.png\" style=\"cursor:pointer;margin:13px;6px;6px;0px;\"></li>\n<li style=\"line-height:20px;clear:both;text-align:center;color:#ff0000;\"><span id=\"myDiv\"></span></li>\n</ol>\n\n\n</ul>\n</div>\n<div id=\"div_button\" style=\"position:absolute;top:296;width:430px;height:103px;background-color:f9fafa;border-top:1px solid #e1e4e6;\">\n<ul>\n<li><button type=\"button\" class=\"btn btn-block btn-cs-blue\" style=\"position:absolute;top:30px;left:155px;width:120px;height:40px;background-color:#0095c5;\" id=\"cs_login_btn\"><script>dw(lgps9)</script></button></li>\n</ul>\n</div>\n</div>\n</div><!-- /end .div_login -->\n<script type=\"text/javascript\">\n$(function(){\nif(checkcodeEnb){\n$(\"#check_code\").css({\"border\":\"1px solid #e1e4e6\",\"border-bottom\":\"0px\"});\n$(\"#li_vcode,#li_label,#li_input,#check_pic\").show();\ndraw(show_num);\n\n$(\"input[name='userpass']\").focusin('click',function(){\ndraw(show_num);\n})\n}\nelse{\n$(\"#checkcode\").hide();\n$(\"#div_pannel\").css({\"height\":248});\n$(\"#div_button\").css({\"top\":216});\n$(\"#li_vcode,#li_label,#li_input,#check_pic\").hide();\n$(\"#check_code\").css({\"height\":\"30px\",\"border\":\"\",\"border-top\":\"1px solid #e1e4e6\"});\n}\n})\n\nfunction draw(show_num) {\n$('#canvas').width(\"100\");\n$('#canvas').height(\"40\");\nvar canvas_width=$('#canvas').width();\nvar canvas_height=$('#canvas').height();\nvar canvas = document.getElementById(\"canvas\");\nvar context = canvas.getContext(\"2d\");\ncanvas.width = canvas_width;\ncanvas.height = canvas_height;\nvar postVar={\"topicurl\":\"setting/getSanvas\"};\npostVar=JSON.stringify(postVar);\n$.ajax({\ntype : \"post\", url : \"/boafrm/formLogin\", data : postVar, async : false,\nsuccess : function(Data){\naCode=Data;\n}\n});\n\nfor (var i = 0; i <= 3; i++) {\nvar deg = Math.random() * 30 * Math.PI / 180;//\u4ea7\u751f0~30\u4e4b\u95f4\u7684\u968f\u673a\u5f27\u5ea6\nvar txt = aCode[i];\nshow_num[i] = txt.toLowerCase();\nvar x = 10 + i * 20;\nvar y = 20 + Math.random() * 8;\n\nif(y>24)\n{\n y=24;\n}\n\ncontext.font = \"bold 28px \u5fae\u8f6f\u96c5\u9ed1\";\n\ncontext.translate(x, y);\ncontext.rotate(deg);\n\ncontext.fillText(txt, 0, 0);\ncontext.rotate(-deg);\ncontext.translate(-x, -y);\n}\nfor (var i = 0; i <= 5; i++) {\ncontext.strokeStyle = randomColor();\ncontext.beginPath();\ncontext.moveTo(Math.random() * canvas_width, Math.random() * canvas_height);\ncontext.lineTo(Math.random() * canvas_width, Math.random() * canvas_height);\ncontext.stroke();\n}\nfor (var i = 0; i <= 30; i++) {\ncontext.strokeStyle = randomColor();\ncontext.beginPath();\nvar x = Math.random() * canvas_width;\nvar y = Math.random() * canvas_height;\ncontext.moveTo(x, y);\ncontext.lineTo(x + 1, y + 1);\ncontext.stroke();\n}\n}\n\n$(function(){\n\t$(\"#refresh_img\").click(function(){\n\t\tdraw(show_num);\n\t});\n});\n\nfunction randomColor() {\nvar r = Math.floor(Math.random() * 256);\nvar g = Math.floor(Math.random() * 256);\nvar b = Math.floor(Math.random() * 256);\nreturn \"rgb(\" + r + \",\" + g + \",\" + b + \")\";\n}\n</script>\n</form>\n</div><!-- /end .div_main -->\n<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tr>\n<td style=\"background:url(icons/bottom-left.gif) no-repeat; height:41; width:15\">&nbsp;</td>\n<td style=\"background:url(icons/bottom-center1.gif) repeat;\" align=\"center\">\n<font size=\"1\" co",
   "datamd5" : "32555cb8f666c0f09847eed4ba49e3bb",
   "datammh3" : -1602317335,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "kolnet.eu"
   ],
   "forward" : "88.135.165.105",
   "host" : [
      88
   ],
   "hostname" : [
      "88.135.165.105",
      "88.135.165.105.static.kolnet.eu"
   ],
   "ip" : "88.135.165.105",
   "ipv6" : "false",
   "latitude" : "49.9069",
   "location" : "49.9069,19.0103",
   "longitude" : "19.0103",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "KOLNET Sp. z o.o.",
   "port" : 8082,
   "product" : "Boa",
   "productvendor" : "Boa",
   "productversion" : "0.94.14rc21",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "88.135.165.105.static.kolnet.eu"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::2",
   "status" : 200,
   "subdomains" : [
      "105.static.kolnet.eu",
      "165.105.static.kolnet.eu",
      "static.kolnet.eu",
      "135.165.105.static.kolnet.eu"
   ],
   "subnet" : "88.135.160.0/20",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "eu"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/login.htm"
}

IP
85.153.141.71

Network
85.153.141.0/24

Device

<enterprise field>: device.class

URL

http://85.153.141.71:8082/intro 302

ASN
AS34984

Organization
Superonline Iletisim Hizmetleri A.S.

Protocol
http

Source
datascan::redirect::2

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
b564b8f44572e0ada79499661d4da0e6

HTTP Header MD5
39eb53ea5b7d0f440c05b8d294f30288

HTTP Body MD5
20932eeecbcf7a242c50e2f43241c2e8

HTTP/1.1 302 Found
Permissions-Policy: 
Content-Security-Policy: 
Cross-Origin-Embedder-Policy: 
Cross-Origin-Opener-Policy: 
Cross-Origin-Resource-Policy: 
X-DNS-Prefetch-Control: 
Expect-CT: 
X-Frame-Options: 
Strict-Transport-Security: 
X-Download-Options: 
X-Content-Type-Options: 
Origin-Agent-Cluster: 
X-Permitted-Cross-Domain-Policies: 
Referrer-Policy: 
X-XSS-Protection: 
Location: /not-found?p=/intro
Vary: Accept, Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 82
Date: Thu, 21 Nov 2024 10:11:07 GMT
Connection: close

<p>Found. Redirecting to <a href="/not-found?p=/intro">/not-found?p=/intro</a></p>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:11:08.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "20932eeecbcf7a242c50e2f43241c2e8",
         "bodymmh3" : 1757589510,
         "headermd5" : "39eb53ea5b7d0f440c05b8d294f30288",
         "headermmh3" : -327710529
      },
      "length" : 660
   },
   "asn" : "AS34984",
   "city" : "Maltepe",
   "country" : "TR",
   "data" : "HTTP/1.1 302 Found\r\nPermissions-Policy: \r\nContent-Security-Policy: \r\nCross-Origin-Embedder-Policy: \r\nCross-Origin-Opener-Policy: \r\nCross-Origin-Resource-Policy: \r\nX-DNS-Prefetch-Control: \r\nExpect-CT: \r\nX-Frame-Options: \r\nStrict-Transport-Security: \r\nX-Download-Options: \r\nX-Content-Type-Options: \r\nOrigin-Agent-Cluster: \r\nX-Permitted-Cross-Domain-Policies: \r\nReferrer-Policy: \r\nX-XSS-Protection: \r\nLocation: /not-found?p=/intro\r\nVary: Accept, Accept-Encoding\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 82\r\nDate: Thu, 21 Nov 2024 10:11:07 GMT\r\nConnection: close\r\n\r\n<p>Found. Redirecting to <a href=\"/not-found?p=/intro\">/not-found?p=/intro</a></p>",
   "datamd5" : "b564b8f44572e0ada79499661d4da0e6",
   "datammh3" : -1900905462,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "forward" : "85.153.141.71",
   "geolocus" : {
      "asn" : "AS34984",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "TR",
      "countryname" : "Turkey",
      "domain" : [
         "turkcell.com.tr"
      ],
      "isineu" : "false",
      "latitude" : "38.963745",
      "location" : "38.963745,35.243322",
      "longitude" : "35.243322",
      "netname" : "TR-SUPERONLINE-20041027",
      "organization" : "Superonline Iletisim Hizmetleri A.S.",
      "subnet" : "85.153.128.0/17"
   },
   "hostname" : [
      "85.153.141.71"
   ],
   "ip" : "85.153.141.71",
   "ipv6" : "false",
   "latitude" : "40.9469",
   "location" : "40.9469,29.1484",
   "longitude" : "29.1484",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Superonline Iletisim Hizmetleri A.S.",
   "port" : 8082,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::2",
   "status" : 302,
   "subnet" : "85.153.141.0/24",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/intro"
}

IP
112.78.43.134

Network
112.78.40.0/21

Domain(s)
des.net.id

Device

<enterprise field>: device.class

URL

http://112.78.43.134:8082/manage 302

Reverse DNS
ip43-134.des.net.id

ASN
AS45302

Organization
PT DES Teknologi Informasi

Protocol
http

Source
datascan::redirect::2

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
e1784fda9bd519d95c5a5d7aa0af467d

HTTP Header MD5
f9434fba64e80d7c044c4cdf72ee9381

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 
Location: https://<ip>:8082/manage
Content-Length: 0
Date: Thu, 21 Nov 2024 10:09:06 GMT
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:09:07.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "headermd5" : "f9434fba64e80d7c044c4cdf72ee9381",
         "headermmh3" : -461229812
      },
      "length" : 128
   },
   "asn" : "AS45302",
   "city" : "Yogyakarta",
   "country" : "ID",
   "data" : "HTTP/1.1 302 \r\nLocation: https://<ip>:8082/manage\r\nContent-Length: 0\r\nDate: Thu, 21 Nov 2024 10:09:06 GMT\r\nConnection: close\r\n\r\n",
   "datamd5" : "e1784fda9bd519d95c5a5d7aa0af467d",
   "datammh3" : -813194403,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "des.net.id"
   ],
   "forward" : "112.78.43.134",
   "geolocus" : {
      "asn" : "AS45302",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "ID",
      "countryname" : "Indonesia",
      "domain" : [
         "des.net.id",
         "idnic.net"
      ],
      "isineu" : "false",
      "latitude" : "-0.789275",
      "location" : "-0.789275,113.921327",
      "longitude" : "113.921327",
      "netname" : "DESNET-ID",
      "organization" : "Route Object of PT DES Teknologi Informasi",
      "subnet" : "112.78.40.0/21"
   },
   "host" : [
      "ip43-134"
   ],
   "hostname" : [
      "112.78.43.134",
      "ip43-134.des.net.id"
   ],
   "ip" : "112.78.43.134",
   "ipv6" : "false",
   "latitude" : "-7.8035",
   "location" : "-7.8035,110.3646",
   "longitude" : "110.3646",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "PT DES Teknologi Informasi",
   "port" : 8082,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reverse" : [
      "ip43-134.des.net.id"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::2",
   "status" : 302,
   "subnet" : "112.78.40.0/21",
   "tld" : [
      "net.id"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/manage"
}

IP
166.180.64.176

Network
166.180.0.0/16

Domain(s)
myvzw.com

Device

<enterprise field>: device.class

URL

http://166.180.64.176:8082/login 302

Reverse DNS
176.qarestr.sub-166-180-64.myvzw.com

ASN
AS6167

Organization
CELLCO-PART

Protocol
http

Source
datascan::redirect::2
HTTP Component(s)
Oracle Java

CPE(s)

<enterprise field>: cpe

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
042eba426c4b6503508662a5073c2bb8

HTTP Header MD5
81305459d1ce3835ca12fc9a55d1ebb1

HTTP Body MD5
d41d8cd98f00b204e9800998ecf8427e

HTTP/1.1 302 Found
Set-Cookie: JSESSIONID=873e15e8038fe64c044d1aba21d30953f7de7c316eff06c392;Path=/;HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
Location: http://<ip>:8082/prelogin
Connection: close

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:09:06.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "d41d8cd98f00b204e9800998ecf8427e",
         "bodymmh3" : -1,
         "component" : [
            {
               "productvendor" : "Oracle",
               "product" : "Java"
            }
         ],
         "headermd5" : "81305459d1ce3835ca12fc9a55d1ebb1",
         "headermmh3" : -1942574150
      },
      "length" : 304
   },
   "asn" : "AS6167",
   "city" : "Dayton",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 302 Found\r\nSet-Cookie: JSESSIONID=873e15e8038fe64c044d1aba21d30953f7de7c316eff06c392;Path=/;HttpOnly\r\nExpires: Thu, 01 Jan 1970 00:00:00 GMT\r\nx-frame-options: sameorigin\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nLocation: http://<ip>:8082/prelogin\r\nConnection: close\r\n\r\n",
   "datamd5" : "042eba426c4b6503508662a5073c2bb8",
   "datammh3" : -1872342812,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "myvzw.com"
   ],
   "forward" : "166.180.64.176",
   "geolocus" : {
      "asn" : "AS6167",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "myvzw.com",
         "wirelessdataspco.org"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "NETBLK-CDPD-B",
      "organization" : "Wireless Data Service Provider Corporation",
      "subnet" : "166.180.0.0/16"
   },
   "host" : [
      176
   ],
   "hostname" : [
      "166.180.64.176",
      "176.qarestr.sub-166-180-64.myvzw.com"
   ],
   "ip" : "166.180.64.176",
   "ipv6" : "false",
   "latitude" : "39.8378",
   "location" : "39.8378,-84.1111",
   "longitude" : "-84.1111",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CELLCO-PART",
   "port" : 8082,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Found",
   "reverse" : [
      "176.qarestr.sub-166-180-64.myvzw.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::2",
   "status" : 302,
   "subdomains" : [
      "qarestr.sub-166-180-64.myvzw.com",
      "sub-166-180-64.myvzw.com"
   ],
   "subnet" : "166.180.0.0/16",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/login"
}

IP
172.103.224.33

Network
172.103.128.0/17

Domain(s)
cipherkey.com

Device

<enterprise field>: device.class

URL

http://172.103.224.33:8082/ 200

HTTP Title
Page Redirection

Reverse DNS
172.103.224.33.cable.tpia.cipherkey.com

ASN
AS25668

Organization
CIPHERKEY

Protocol
http

Source
datascan::redirect::2

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
8fe8a455271715061453ac81912ddce7

HTTP Header MD5
26c1e7b2e4b9c3ad6ee704fe983ca1d9

HTTP Body MD5
305d559e781030061ca8d21e058e7825

HTTP/1.1 200 OK

<!DOCTYPE html><html xmlns="http://www.w3.org/1999/xhtml" ><html>	<head>		<title>Page Redirection</title>        <meta charset="UTF-8">        <meta http-equiv="refresh" content="0;url=http://:8080/rfSpectrumAnalyzer.html">    </head>	<body>    Page Redirection To CM    </body></html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T10:09:04.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://:8080/rfSpectrumAnalyzer.html",
            "http://www.w3.org/1999/xhtml"
         ]
      },
      "http" : {
         "bodymd5" : "305d559e781030061ca8d21e058e7825",
         "bodymmh3" : 1066143817,
         "headermd5" : "26c1e7b2e4b9c3ad6ee704fe983ca1d9",
         "headermmh3" : 1529339778,
         "title" : "Page Redirection"
      },
      "length" : 304
   },
   "asn" : "AS25668",
   "city" : "Burnaby",
   "country" : "CA",
   "data" : "HTTP/1.1 200 OK\r\n\r\n<!DOCTYPE html><html xmlns=\"http://www.w3.org/1999/xhtml\" ><html>\t<head>\t\t<title>Page Redirection</title>        <meta charset=\"UTF-8\">        <meta http-equiv=\"refresh\" content=\"0;url=http://:8080/rfSpectrumAnalyzer.html\">    </head>\t<body>    Page Redirection To CM    </body></html>",
   "datamd5" : "8fe8a455271715061453ac81912ddce7",
   "datammh3" : 944027707,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "cipherkey.com"
   ],
   "forward" : "172.103.224.33",
   "geolocus" : {
      "asn" : "AS25668",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "CA",
      "countryname" : "Canada",
      "domain" : [
         "cipherkey.com",
         "cipherkey.net"
      ],
      "isineu" : "false",
      "latitude" : "56.130366",
      "location" : "56.130366,-106.346771",
      "longitude" : "-106.346771",
      "netname" : "CIPHERKEY",
      "organization" : "Cipherkey Exchange Corp.",
      "subnet" : "172.103.128.0/17"
   },
   "host" : [
      172
   ],
   "hostname" : [
      "172.103.224.33",
      "172.103.224.33.cable.tpia.cipherkey.com"
   ],
   "ip" : "172.103.224.33",
   "ipv6" : "false",
   "latitude" : "49.2286",
   "location" : "49.2286,-122.9317",
   "longitude" : "-122.9317",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "CIPHERKEY",
   "port" : 8082,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "172.103.224.33.cable.tpia.cipherkey.com"
   ],
   "seen_date" : "2024-11-21",
   "source" : "datascan::redirect::2",
   "status" : 200,
   "subdomains" : [
      "33.cable.tpia.cipherkey.com",
      "cable.tpia.cipherkey.com",
      "tpia.cipherkey.com",
      "103.224.33.cable.tpia.cipherkey.com",
      "224.33.cable.tpia.cipherkey.com"
   ],
   "subnet" : "172.103.128.0/17",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

Returning 10 result(s) out of 1,128 in 0.019 second(s)

38.23.134.14:8082 (tcp/http) - last seen on 2024-11-21 at 10:28:08 UTC

92.42.105.7:8082 (tcp/http) - last seen on 2024-11-21 at 10:27:11 UTC

103.166.160.171:8082 (tcp/http) - last seen on 2024-11-21 at 10:27:06 UTC

87.66.4.74:8082 (tcp/http) - last seen on 2024-11-21 at 10:27:06 UTC

43.251.236.31:8082 (tcp/http) - last seen on 2024-11-21 at 10:26:09 UTC

88.135.165.105:8082 (tcp/http) - last seen on 2024-11-21 at 10:24:07 UTC

85.153.141.71:8082 (tcp/http) - last seen on 2024-11-21 at 10:11:08 UTC

112.78.43.134:8082 (tcp/http) - last seen on 2024-11-21 at 10:09:07 UTC

166.180.64.176:8082 (tcp/http) - last seen on 2024-11-21 at 10:09:06 UTC

172.103.224.33:8082 (tcp/http) - last seen on 2024-11-21 at 10:09:04 UTC